diff --git a/.air.toml b/.air.toml index af182697fb..069a889243 100644 --- a/.air.toml +++ b/.air.toml @@ -2,28 +2,9 @@ root = "." tmp_dir = ".air" [build] -pre_cmd = ["killall -9 gitea 2>/dev/null || true"] # kill off potential zombie processes from previous runs -cmd = "make --no-print-directory backend" +cmd = "make backend" bin = "gitea" -delay = 2000 include_ext = ["go", "tmpl"] -include_file = ["main.go"] +exclude_dir = ["modules/git/tests", "services/gitdiff/testdata", "modules/avatar/testdata", "models/fixtures", "models/migrations/fixtures", "modules/migration/file_format_testdata", "modules/avatar/identicon/testdata"] include_dir = ["cmd", "models", "modules", "options", "routers", "services"] -exclude_dir = [ - "models/fixtures", - "models/migrations/fixtures", - "modules/avatar/identicon/testdata", - "modules/avatar/testdata", - "modules/git/tests", - "modules/migration/file_format_testdata", - "modules/markup/tests/repo/repo1_filepreview", - "routers/private/tests", - "services/gitdiff/testdata", - "services/migrations/testdata", - "services/webhook/sourcehut/testdata", -] exclude_regex = ["_test.go$", "_gen.go$"] -stop_on_error = true - -[log] -main_only = true diff --git a/.changelog.yml b/.changelog.yml new file mode 100644 index 0000000000..657dfa1c0e --- /dev/null +++ b/.changelog.yml @@ -0,0 +1,61 @@ +# The full repository name +repo: go-gitea/gitea + +# Service type (gitea or github) +service: github + +# Base URL for Gitea instance if using gitea service type (optional) +# Default: https://gitea.com +base-url: + +# Changelog groups and which labeled PRs to add to each group +groups: + - + name: BREAKING + labels: + - kind/breaking + - + name: SECURITY + labels: + - kind/security + - + name: FEATURES + labels: + - kind/feature + - + name: API + labels: + - kind/api + - + name: ENHANCEMENTS + labels: + - kind/enhancement + - kind/refactor + - kind/ui + - + name: BUGFIXES + labels: + - kind/bug + - + name: TESTING + labels: + - kind/testing + - + name: TRANSLATION + labels: + - kind/translation + - + name: BUILD + labels: + - kind/build + - kind/lint + - + name: DOCS + labels: + - kind/docs + - + name: MISC + default: true + +# regex indicating which labels to skip for the changelog +skip-labels: skip-changelog|backport\/.+ diff --git a/.deadcode-out b/.deadcode-out deleted file mode 100644 index a44599b6f1..0000000000 --- a/.deadcode-out +++ /dev/null @@ -1,303 +0,0 @@ -code.gitea.io/gitea/cmd - NoMainListener - -code.gitea.io/gitea/cmd/forgejo - ContextSetNoInit - ContextSetNoExit - ContextSetStderr - ContextGetStderr - ContextSetStdout - ContextSetStdin - -code.gitea.io/gitea/models - IsErrUpdateTaskNotExist - ErrUpdateTaskNotExist.Error - ErrUpdateTaskNotExist.Unwrap - IsErrSHANotFound - IsErrMergeDivergingFastForwardOnly - -code.gitea.io/gitea/models/actions - ScheduleList.GetUserIDs - ScheduleList.GetRepoIDs - ScheduleList.LoadTriggerUser - ScheduleList.LoadRepos - -code.gitea.io/gitea/models/asymkey - ErrGPGKeyAccessDenied.Error - ErrGPGKeyAccessDenied.Unwrap - HasDeployKey - -code.gitea.io/gitea/models/auth - GetSourceByName - WebAuthnCredentials - -code.gitea.io/gitea/models/db - TruncateBeans - InTransaction - DumpTables - -code.gitea.io/gitea/models/dbfs - file.renameTo - Create - Rename - -code.gitea.io/gitea/models/forgefed - GetFederationHost - -code.gitea.io/gitea/models/forgejo/semver - GetVersion - SetVersionString - SetVersion - -code.gitea.io/gitea/models/git - RemoveDeletedBranchByID - -code.gitea.io/gitea/models/issues - IsErrUnknownDependencyType - ErrNewIssueInsert.Error - IsErrIssueWasClosed - ChangeMilestoneStatus - -code.gitea.io/gitea/models/organization - GetTeamNamesByID - UpdateTeamUnits - SearchMembersOptions.ToConds - UsersInTeamsCount - -code.gitea.io/gitea/models/perm/access - GetRepoWriters - -code.gitea.io/gitea/models/project - UpdateColumnSorting - ChangeProjectStatus - -code.gitea.io/gitea/models/repo - DeleteAttachmentsByIssue - FindReposMapByIDs - IsErrTopicNotExist - ErrTopicNotExist.Error - ErrTopicNotExist.Unwrap - GetTopicByName - WatchRepoMode - -code.gitea.io/gitea/models/user - ErrUserInactive.Error - ErrUserInactive.Unwrap - IsErrExternalLoginUserAlreadyExist - IsErrExternalLoginUserNotExist - NewFederatedUser - IsErrUserSettingIsNotExist - GetUserAllSettings - DeleteUserSetting - GetUserEmailsByNames - GetUserNamesByIDs - -code.gitea.io/gitea/modules/activitypub - NewContext - Context.APClientFactory - -code.gitea.io/gitea/modules/assetfs - Bindata - -code.gitea.io/gitea/modules/auth/password/hash - DummyHasher.HashWithSaltBytes - NewDummyHasher - -code.gitea.io/gitea/modules/auth/password/pwn - WithHTTP - -code.gitea.io/gitea/modules/base - SetupGiteaRoot - -code.gitea.io/gitea/modules/cache - GetInt - WithNoCacheContext - RemoveContextData - -code.gitea.io/gitea/modules/charset - BreakWriter.Write - -code.gitea.io/gitea/modules/emoji - ReplaceCodes - -code.gitea.io/gitea/modules/eventsource - Event.String - -code.gitea.io/gitea/modules/forgefed - GetItemByType - JSONUnmarshalerFn - NotEmpty - ToRepository - OnRepository - -code.gitea.io/gitea/modules/git - AllowLFSFiltersArgs - AddChanges - AddChangesWithArgs - CommitChanges - CommitChangesWithArgs - SetUpdateHook - openRepositoryWithDefaultContext - IsTagExist - ToEntryMode - LimitedReaderCloser.Read - LimitedReaderCloser.Close - -code.gitea.io/gitea/modules/gitgraph - Parser.Reset - -code.gitea.io/gitea/modules/gitrepo - GetBranchCommitID - GetWikiDefaultBranch - -code.gitea.io/gitea/modules/graceful - Manager.TerminateContext - Manager.Err - Manager.Value - Manager.Deadline - -code.gitea.io/gitea/modules/hcaptcha - WithHTTP - -code.gitea.io/gitea/modules/hostmatcher - HostMatchList.AppendPattern - -code.gitea.io/gitea/modules/json - StdJSON.Marshal - StdJSON.Unmarshal - StdJSON.NewEncoder - StdJSON.NewDecoder - StdJSON.Indent - -code.gitea.io/gitea/modules/log - NewEventWriterBuffer - -code.gitea.io/gitea/modules/markup - GetRendererByType - RenderString - IsMarkupFile - -code.gitea.io/gitea/modules/markup/console - Render - RenderString - -code.gitea.io/gitea/modules/markup/markdown - IsDetails - IsSummary - IsTaskCheckBoxListItem - IsIcon - RenderRawString - -code.gitea.io/gitea/modules/markup/markdown/math - WithInlineDollarParser - WithBlockDollarParser - -code.gitea.io/gitea/modules/markup/mdstripper - stripRenderer.AddOptions - StripMarkdown - -code.gitea.io/gitea/modules/markup/orgmode - RenderString - -code.gitea.io/gitea/modules/private - ActionsRunnerRegister - -code.gitea.io/gitea/modules/process - Manager.ExecTimeout - -code.gitea.io/gitea/modules/queue - newBaseChannelSimple - newBaseChannelUnique - newBaseRedisSimple - newBaseRedisUnique - testStateRecorder.Records - testStateRecorder.Reset - newWorkerPoolQueueForTest - -code.gitea.io/gitea/modules/queue/lqinternal - QueueItemIDBytes - QueueItemKeyBytes - ListLevelQueueKeys - -code.gitea.io/gitea/modules/setting - NewConfigProviderFromData - GitConfigType.GetOption - InitLoggersForTest - -code.gitea.io/gitea/modules/storage - ErrInvalidConfiguration.Error - IsErrInvalidConfiguration - -code.gitea.io/gitea/modules/structs - ParseCreateHook - ParsePushHook - -code.gitea.io/gitea/modules/sync - StatusTable.Start - StatusTable.IsRunning - -code.gitea.io/gitea/modules/timeutil - GetExecutableModTime - MockSet - MockUnset - -code.gitea.io/gitea/modules/translation - MockLocale.Language - MockLocale.TrString - MockLocale.Tr - MockLocale.TrN - MockLocale.TrPluralString - MockLocale.TrSize - MockLocale.PrettyNumber - -code.gitea.io/gitea/modules/util - OptionalArg - -code.gitea.io/gitea/modules/util/filebuffer - CreateFromReader - -code.gitea.io/gitea/modules/validation - IsErrNotValid - -code.gitea.io/gitea/modules/web - RouteMock - RouteMockReset - -code.gitea.io/gitea/modules/web/middleware - DeleteLocaleCookie - -code.gitea.io/gitea/modules/zstd - NewWriter - Writer.Write - Writer.Close - -code.gitea.io/gitea/routers/web - NotFound - -code.gitea.io/gitea/routers/web/org - MustEnableProjects - -code.gitea.io/gitea/services/context - GetPrivateContext - -code.gitea.io/gitea/services/convert - ToSecret - -code.gitea.io/gitea/services/forms - DeadlineForm.Validate - -code.gitea.io/gitea/services/pull - IsCommitStatusContextSuccess - -code.gitea.io/gitea/services/repository - IsErrForkAlreadyExist - -code.gitea.io/gitea/services/repository/files - ContentType.String - GetFileResponseFromCommit - TemporaryUploadRepository.GetLastCommit - TemporaryUploadRepository.GetLastCommitByRef - -code.gitea.io/gitea/services/webhook - NewNotifier - diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json deleted file mode 100644 index 4549974afd..0000000000 --- a/.devcontainer/devcontainer.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "name": "Gitea DevContainer", - "image": "mcr.microsoft.com/devcontainers/go:1.23-bullseye", - "features": { - // installs nodejs into container - "ghcr.io/devcontainers/features/node:1": { - "version": "20" - }, - "ghcr.io/devcontainers/features/git-lfs:1.2.3": {}, - "ghcr.io/devcontainers-contrib/features/poetry:2": {}, - "ghcr.io/devcontainers/features/python:1": { - "version": "3.12" - }, - "ghcr.io/warrenbuckley/codespace-features/sqlite:1": {} - }, - "customizations": { - "vscode": { - "settings": {}, - // same extensions as Gitpod, should match /.gitpod.yml - "extensions": [ - "editorconfig.editorconfig", - "dbaeumer.vscode-eslint", - "golang.go", - "stylelint.vscode-stylelint", - "DavidAnson.vscode-markdownlint", - "Vue.volar", - "ms-azuretools.vscode-docker", - "vitest.explorer", - "cweijan.vscode-database-client2", - "GitHub.vscode-pull-request-github", - "Azurite.azurite" - ] - } - }, - "portsAttributes": { - "3000": { - "label": "Gitea Web", - "onAutoForward": "notify" - } - }, - "postCreateCommand": "make deps" -} diff --git a/.dockerignore b/.dockerignore deleted file mode 100644 index 5e7a893014..0000000000 --- a/.dockerignore +++ /dev/null @@ -1,115 +0,0 @@ -# Compiled Object files, Static and Dynamic libs (Shared Objects) -*.o -*.a -*.so - -# Folders -_obj -_test - -# IntelliJ -.idea -# Goland's output filename can not be set manually -/go_build_* - -# MS VSCode -.vscode -__debug_bin* - -# Architecture specific extensions/prefixes -*.[568vq] -[568vq].out - -*.cgo1.go -*.cgo2.c -_cgo_defun.c -_cgo_gotypes.go -_cgo_export.* - -_testmain.go - -*.exe -*.test -*.prof - -*coverage.out -coverage.all -coverage/ -cpu.out - -/modules/migration/bindata.go -/modules/migration/bindata.go.hash -/modules/options/bindata.go -/modules/options/bindata.go.hash -/modules/public/bindata.go -/modules/public/bindata.go.hash -/modules/templates/bindata.go -/modules/templates/bindata.go.hash - -*.db -*.log - -/gitea -/gitea-vet -/debug -/integrations.test - -/bin -/dist -/custom/* -!/custom/conf -/custom/conf/* -!/custom/conf/app.example.ini -/data -/indexers -/log -/tests/integration/gitea-integration-* -/tests/integration/indexers-* -/tests/e2e/gitea-e2e-* -/tests/e2e/indexers-* -/tests/e2e/reports -/tests/e2e/test-artifacts -/tests/e2e/test-snapshots -/tests/*.ini -/yarn.lock -/yarn-error.log -/npm-debug.log* -/public/assets/js -/public/assets/css -/public/assets/fonts -/public/assets/img/avatar -/vendor -/web_src/fomantic/node_modules -/web_src/fomantic/build/* -!/web_src/fomantic/build/semantic.js -!/web_src/fomantic/build/semantic.css -!/web_src/fomantic/build/themes -/web_src/fomantic/build/themes/* -!/web_src/fomantic/build/themes/default -/web_src/fomantic/build/themes/default/assets/* -!/web_src/fomantic/build/themes/default/assets/fonts -/web_src/fomantic/build/themes/default/assets/fonts/* -!/web_src/fomantic/build/themes/default/assets/fonts/icons.woff2 -!/web_src/fomantic/build/themes/default/assets/fonts/outline-icons.woff2 -/VERSION -/.air -/.go-licenses - -# Files and folders that were previously generated -/public/assets/img/webpack - -# Snapcraft -snap/.snapcraft/ -parts/ -stage/ -prime/ -*.snap -*.snap-build -*_source.tar.bz2 -.DS_Store - -# Make evidence files -/.make_evidence - -# Manpage -/man diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000000..072a43cf9a --- /dev/null +++ b/.drone.yml @@ -0,0 +1,1536 @@ +--- +kind: pipeline +type: docker +name: compliance + +platform: + os: linux + arch: amd64 + +trigger: + event: + - push + - tag + - pull_request + +volumes: + - name: deps + temp: {} + +steps: + - name: deps-frontend + image: node:18 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.19 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: lint-frontend + image: node:18 + commands: + - make lint-frontend + depends_on: [deps-frontend] + + - name: security-check + image: golang:1.19 + pull: always + commands: + - make security-check + depends_on: [deps-backend] + volumes: + - name: deps + path: /go + + - name: lint-backend + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + pull: always + commands: + - make lint-backend + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + GOSUMDB: sum.golang.org + TAGS: bindata sqlite sqlite_unlock_notify + depends_on: [deps-backend] + volumes: + - name: deps + path: /go + + - name: lint-backend-windows + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + commands: + - make golangci-lint-windows vet + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + GOSUMDB: sum.golang.org + TAGS: bindata sqlite sqlite_unlock_notify + GOOS: windows + GOARCH: amd64 + depends_on: [deps-backend] + volumes: + - name: deps + path: /go + + - name: lint-backend-gogit + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + commands: + - make lint-backend + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + GOSUMDB: sum.golang.org + TAGS: bindata gogit sqlite sqlite_unlock_notify + depends_on: [deps-backend] + volumes: + - name: deps + path: /go + + - name: checks-frontend + image: node:18 + commands: + - make checks-frontend + depends_on: [deps-frontend] + + - name: checks-backend + image: golang:1.19 + commands: + - make --always-make checks-backend # ensure the 'go-licenses' make target runs + depends_on: [deps-backend] + volumes: + - name: deps + path: /go + + - name: test-frontend + image: node:18 + commands: + - make test-frontend + depends_on: [lint-frontend] + + - name: build-frontend + image: node:18 + commands: + - make frontend + depends_on: [deps-frontend] + + - name: build-backend-no-gcc + image: golang:1.18 # this step is kept as the lowest version of golang that we support + pull: always + environment: + GO111MODULE: on + GOPROXY: https://goproxy.io + commands: + - go build -o gitea_no_gcc # test if build succeeds without the sqlite tag + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go + + - name: build-backend-arm64 + image: golang:1.19 + environment: + GO111MODULE: on + GOPROXY: https://goproxy.io + GOOS: linux + GOARCH: arm64 + TAGS: bindata gogit + commands: + - make backend # test cross compile + - rm ./gitea # clean + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go + + - name: build-backend-windows + image: golang:1.19 + environment: + GO111MODULE: on + GOPROXY: https://goproxy.io + GOOS: windows + GOARCH: amd64 + TAGS: bindata gogit + commands: + - go build -o gitea_windows + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go + + - name: build-backend-386 + image: golang:1.19 + environment: + GO111MODULE: on + GOPROXY: https://goproxy.io + GOOS: linux + GOARCH: 386 + commands: + - go build -o gitea_linux_386 # test if compatible with 32 bit + depends_on: [deps-backend, checks-backend] + volumes: + - name: deps + path: /go + +--- +kind: pipeline +type: docker +name: testing-amd64 + +platform: + os: linux + arch: amd64 + +depends_on: + - compliance + +trigger: + event: + - push + - tag + - pull_request + +volumes: + - name: deps + temp: {} + +services: + - name: mysql + image: mysql:5.7 + pull: always + environment: + MYSQL_ALLOW_EMPTY_PASSWORD: yes + MYSQL_DATABASE: test + + - name: mysql8 + image: mysql:8 + pull: always + environment: + MYSQL_ALLOW_EMPTY_PASSWORD: yes + MYSQL_DATABASE: testgitea + + - name: mssql + image: mcr.microsoft.com/mssql/server:latest + pull: always + environment: + ACCEPT_EULA: Y + MSSQL_PID: Standard + SA_PASSWORD: MwantsaSecurePassword1 + + - name: ldap + image: gitea/test-openldap:latest + pull: always + + - name: elasticsearch + image: elasticsearch:7.5.0 + pull: always + environment: + discovery.type: single-node + + - name: minio + image: minio/minio:RELEASE.2021-03-12T00-00-47Z + pull: always + commands: + - minio server /data + environment: + MINIO_ACCESS_KEY: 123456 + MINIO_SECRET_KEY: 12345678 + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + when: + event: + exclude: + - pull_request + + - name: deps-backend + image: golang:1.19 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: tag-pre-condition + image: drone/git + pull: always + commands: + - git update-ref refs/heads/tag_test ${DRONE_COMMIT_SHA} + + - name: prepare-test-env + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + pull: always + commands: + - ./build/test-env-prepare.sh + + - name: build + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - ./build/test-env-check.sh + - make backend + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + GOSUMDB: sum.golang.org + TAGS: bindata sqlite sqlite_unlock_notify + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go + + - name: unit-test + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - make unit-test-coverage test-check + environment: + GOPROXY: https://goproxy.io + TAGS: bindata sqlite sqlite_unlock_notify + RACE_ENABLED: true + GITHUB_READ_TOKEN: + from_secret: github_read_token + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go + + - name: unit-test-gogit + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - make unit-test-coverage test-check + environment: + GOPROXY: https://goproxy.io + TAGS: bindata gogit sqlite sqlite_unlock_notify + RACE_ENABLED: true + GITHUB_READ_TOKEN: + from_secret: github_read_token + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go + + - name: test-mysql + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - make test-mysql-migration integration-test-coverage + environment: + GOPROXY: https://goproxy.io + TAGS: bindata + RACE_ENABLED: true + TEST_LDAP: 1 + USE_REPO_TEST_DIR: 1 + TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200" + depends_on: [build] + volumes: + - name: deps + path: /go + + - name: test-mysql8 + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - timeout -s ABRT 50m make test-mysql8-migration test-mysql8 + environment: + GOPROXY: https://goproxy.io + TAGS: bindata + RACE_ENABLED: true + TEST_LDAP: 1 + USE_REPO_TEST_DIR: 1 + depends_on: [build] + volumes: + - name: deps + path: /go + + - name: test-mssql + image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - make test-mssql-migration test-mssql + environment: + GOPROXY: https://goproxy.io + TAGS: bindata + RACE_ENABLED: true + TEST_LDAP: 1 + USE_REPO_TEST_DIR: 1 + depends_on: [build] + volumes: + - name: deps + path: /go + + - name: generate-coverage + image: golang:1.19 + commands: + - make coverage + environment: + GOPROXY: https://goproxy.io + TAGS: bindata + depends_on: [unit-test, test-mysql] + when: + branch: + - main + event: + - push + - pull_request + + - name: coverage-codecov + image: woodpeckerci/plugin-codecov:next-alpine + pull: always + settings: + files: + - coverage.all + token: + from_secret: codecov_token + depends_on: [generate-coverage] + when: + branch: + - main + event: + - push + - pull_request + +--- +kind: pipeline +name: testing-arm64 + +platform: + os: linux + arch: arm64 + +depends_on: + - compliance + +trigger: + event: + - push + - tag + - pull_request + +volumes: + - name: deps + temp: {} + +services: + - name: pgsql + pull: default + image: postgres:10 + environment: + POSTGRES_DB: test + POSTGRES_PASSWORD: postgres + + - name: ldap + pull: default + image: gitea/test-openldap:latest + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + when: + event: + exclude: + - pull_request + + - name: deps-backend + image: golang:1.19 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: prepare-test-env + image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env + pull: always + commands: + - ./build/test-env-prepare.sh + + - name: build + image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - ./build/test-env-check.sh + - make backend + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + GOSUMDB: sum.golang.org + TAGS: bindata gogit sqlite sqlite_unlock_notify + depends_on: [deps-backend, prepare-test-env] + volumes: + - name: deps + path: /go + + - name: test-sqlite + image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - timeout -s ABRT 50m make test-sqlite-migration test-sqlite + environment: + GOPROXY: https://goproxy.io + TAGS: bindata gogit sqlite sqlite_unlock_notify + RACE_ENABLED: true + TEST_TAGS: gogit sqlite sqlite_unlock_notify + USE_REPO_TEST_DIR: 1 + depends_on: [build] + volumes: + - name: deps + path: /go + + - name: test-pgsql + image: gitea/test_env:linux-arm64 # https://gitea.com/gitea/test-env + user: gitea + commands: + - timeout -s ABRT 50m make test-pgsql-migration test-pgsql + environment: + GOPROXY: https://goproxy.io + TAGS: bindata gogit + RACE_ENABLED: true + TEST_TAGS: gogit + TEST_LDAP: 1 + USE_REPO_TEST_DIR: 1 + depends_on: [build] + volumes: + - name: deps + path: /go + +--- +kind: pipeline +type: docker +name: testing-e2e + +platform: + os: linux + arch: amd64 + +depends_on: + - compliance + +trigger: + event: + - pull_request + +volumes: + - name: deps + temp: {} + +services: + - name: pgsql + pull: default + image: postgres:10 + environment: + POSTGRES_DB: testgitea-e2e + POSTGRES_PASSWORD: postgres + POSTGRES_INITDB_ARGS: --encoding=UTF8 --lc-collate='en_US.UTF-8' --lc-ctype='en_US.UTF-8' + +steps: + - name: deps-frontend + image: node:18 + pull: always + commands: + - make deps-frontend + + - name: build-frontend + image: node:18 + commands: + - make frontend + depends_on: [deps-frontend] + + - name: deps-backend + image: golang:1.18 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + # TODO: We should probably build all dependencies into a test image + - name: test-e2e + image: mcr.microsoft.com/playwright:v1.27.0-focal + commands: + - curl -sLO https://go.dev/dl/go1.19.linux-amd64.tar.gz && tar -C /usr/local -xzf go1.19.linux-amd64.tar.gz + - groupadd --gid 1001 gitea && useradd -m --gid 1001 --uid 1001 gitea + - apt-get -qq update && apt-get -qqy install build-essential + - export TEST_PGSQL_SCHEMA='' + - ./build/test-env-prepare.sh + - su gitea bash -c "export PATH=$PATH:/usr/local/go/bin && timeout -s ABRT 40m make test-e2e-pgsql" + environment: + GOPROXY: https://goproxy.io + GOSUMDB: sum.golang.org + USE_REPO_TEST_DIR: 1 + TEST_PGSQL_DBNAME: 'testgitea-e2e' + DEBIAN_FRONTEND: noninteractive + depends_on: [build-frontend, deps-backend] + volumes: + - name: deps + path: /go + +--- +kind: pipeline +name: update_translations + +platform: + os: linux + arch: arm64 + +trigger: + branch: + - main + event: + - cron + cron: + - update_translations + +steps: + - name: download + image: jonasfranz/crowdin + pull: always + settings: + download: true + export_dir: options/locale/ + ignore_branch: true + project_identifier: gitea + environment: + CROWDIN_KEY: + from_secret: crowdin_key + + - name: update + image: alpine:3.13 + pull: always + commands: + - ./build/update-locales.sh + + - name: push + image: appleboy/drone-git-push + pull: always + settings: + author_email: "teabot@gitea.io" + author_name: GiteaBot + branch: main + commit: true + commit_message: "[skip ci] Updated translations via Crowdin" + remote: "git@github.com:go-gitea/gitea.git" + environment: + DRONE_COMMIT_AUTHOR_EMAIL: "teabot@gitea.io" + DRONE_COMMIT_AUTHOR: GiteaBot + GIT_PUSH_SSH_KEY: + from_secret: git_push_ssh_key + + - name: upload_translations + image: jonasfranz/crowdin + pull: always + settings: + files: + locale_en-US.ini: options/locale/locale_en-US.ini + ignore_branch: true + project_identifier: gitea + environment: + CROWDIN_KEY: + from_secret: crowdin_key + +--- +kind: pipeline +type: docker +name: update_gitignore_and_licenses + +platform: + os: linux + arch: arm64 + +trigger: + branch: + - main + event: + - cron + cron: + - update_gitignore_and_licenses + +steps: + - name: download + image: golang:1.19 + pull: always + commands: + - timeout -s ABRT 40m make generate-license generate-gitignore + + - name: push + image: appleboy/drone-git-push + pull: always + settings: + author_email: "teabot@gitea.io" + author_name: "GiteaBot" + branch: main + commit: true + commit_message: "[skip ci] Updated licenses and gitignores" + remote: "git@github.com:go-gitea/gitea.git" + environment: + DRONE_COMMIT_AUTHOR_EMAIL: "teabot@gitea.io" + DRONE_COMMIT_AUTHOR: "GiteaBot" + GIT_PUSH_SSH_KEY: + from_secret: git_push_ssh_key + +--- +kind: pipeline +type: docker +name: release-latest + +platform: + os: linux + arch: amd64 + +workspace: + base: /source + path: / + +trigger: + branch: + - main + - "release/*" + event: + - push + +depends_on: + - testing-amd64 + - testing-arm64 + +volumes: + - name: deps + temp: {} + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: deps-frontend + image: node:18 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.19 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: static + image: techknowlogick/xgo:go-1.19.x + pull: always + commands: + # Upgrade to node 18 once https://github.com/techknowlogick/xgo/issues/163 is resolved + - curl -sL https://deb.nodesource.com/setup_16.x | bash - && apt-get -qqy install nodejs + - export PATH=$PATH:$GOPATH/bin + - make release + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + TAGS: bindata sqlite sqlite_unlock_notify + DEBIAN_FRONTEND: noninteractive + volumes: + - name: deps + path: /go + + - name: gpg-sign + image: plugins/gpgsign:1 + pull: always + settings: + detach_sign: true + excludes: + - "dist/release/*.sha256" + files: + - "dist/release/*" + environment: + GPGSIGN_KEY: + from_secret: gpgsign_key + GPGSIGN_PASSPHRASE: + from_secret: gpgsign_passphrase + + - name: release-branch + image: woodpeckerci/plugin-s3:latest + pull: always + settings: + acl: + from_secret: aws_s3_acl + region: + from_secret: aws_s3_region + bucket: + from_secret: aws_s3_bucket + endpoint: + from_secret: aws_s3_endpoint + path_style: + from_secret: aws_s3_path_style + source: "dist/release/*" + strip_prefix: dist/release/ + target: "/gitea/${DRONE_BRANCH##release/v}" + environment: + AWS_ACCESS_KEY_ID: + from_secret: aws_access_key_id + AWS_SECRET_ACCESS_KEY: + from_secret: aws_secret_access_key + when: + branch: + - "release/*" + event: + - push + + - name: release-main + image: woodpeckerci/plugin-s3:latest + settings: + acl: + from_secret: aws_s3_acl + region: + from_secret: aws_s3_region + bucket: + from_secret: aws_s3_bucket + endpoint: + from_secret: aws_s3_endpoint + path_style: + from_secret: aws_s3_path_style + source: "dist/release/*" + strip_prefix: dist/release/ + target: /gitea/main + environment: + AWS_ACCESS_KEY_ID: + from_secret: aws_access_key_id + AWS_SECRET_ACCESS_KEY: + from_secret: aws_secret_access_key + when: + branch: + - main + event: + - push + +--- +kind: pipeline +name: release-version + +platform: + os: linux + arch: amd64 + +workspace: + base: /source + path: / + +trigger: + event: + - tag + +depends_on: + - testing-arm64 + - testing-amd64 + +volumes: + - name: deps + temp: {} + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: deps-frontend + image: node:18 + pull: always + commands: + - make deps-frontend + + - name: deps-backend + image: golang:1.19 + pull: always + commands: + - make deps-backend + volumes: + - name: deps + path: /go + + - name: static + image: techknowlogick/xgo:go-1.19.x + pull: always + commands: + # Upgrade to node 18 once https://github.com/techknowlogick/xgo/issues/163 is resolved + - curl -sL https://deb.nodesource.com/setup_16.x | bash - && apt-get -qqy install nodejs + - export PATH=$PATH:$GOPATH/bin + - make release + environment: + GOPROXY: https://goproxy.io # proxy.golang.org is blocked in China, this proxy is not + TAGS: bindata sqlite sqlite_unlock_notify + DEBIAN_FRONTEND: noninteractive + depends_on: [fetch-tags] + volumes: + - name: deps + path: /go + + - name: gpg-sign + image: plugins/gpgsign:1 + pull: always + settings: + detach_sign: true + excludes: + - "dist/release/*.sha256" + files: + - "dist/release/*" + environment: + GPGSIGN_KEY: + from_secret: gpgsign_key + GPGSIGN_PASSPHRASE: + from_secret: gpgsign_passphrase + depends_on: [static] + + - name: release-tag + image: woodpeckerci/plugin-s3:latest + pull: always + settings: + acl: + from_secret: aws_s3_acl + region: + from_secret: aws_s3_region + bucket: + from_secret: aws_s3_bucket + endpoint: + from_secret: aws_s3_endpoint + path_style: + from_secret: aws_s3_path_style + source: "dist/release/*" + strip_prefix: dist/release/ + target: "/gitea/${DRONE_TAG##v}" + environment: + AWS_ACCESS_KEY_ID: + from_secret: aws_access_key_id + AWS_SECRET_ACCESS_KEY: + from_secret: aws_secret_access_key + depends_on: [gpg-sign] + + - name: github + image: plugins/github-release:latest + pull: always + settings: + files: + - "dist/release/*" + file_exists: overwrite + environment: + GITHUB_TOKEN: + from_secret: github_token + depends_on: [gpg-sign] + +--- +kind: pipeline +type: docker +name: docs + +platform: + os: linux + arch: arm64 + +depends_on: + - compliance + +trigger: + event: + - push + - tag + - pull_request + +steps: + - name: build-docs + image: plugins/hugo:latest + pull: always + commands: + # https://github.com/drone-plugins/drone-hugo/issues/36 + - apk upgrade --no-cache libcurl && apk add --no-cache make bash curl + - cd docs + - make trans-copy clean build + + - name: publish-docs + image: techknowlogick/drone-netlify:latest + pull: always + settings: + path: docs/public/ + site_id: d2260bae-7861-4c02-8646-8f6440b12672 + environment: + NETLIFY_TOKEN: + from_secret: netlify_token + when: + branch: + - main + event: + - push + +--- +kind: pipeline +type: docker +name: docker-linux-amd64-release-version + +platform: + os: linux + arch: amd64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - "refs/tags/**" + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: true + auto_tag_suffix: linux-amd64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: true + auto_tag_suffix: linux-amd64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +type: docker +name: docker-linux-amd64-release + +platform: + os: linux + arch: amd64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - refs/heads/main + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: false + tags: dev-linux-amd64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: false + tags: dev-linux-amd64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +name: docker-linux-amd64-release-branch + +platform: + os: linux + arch: amd64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - "refs/heads/release/v*" + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: false + tags: ${DRONE_BRANCH##release/v}-dev-linux-amd64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: false + tags: ${DRONE_BRANCH##release/v}-dev-linux-amd64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +type: docker +name: docker-linux-arm64-dry-run + +platform: + os: linux + arch: arm64 + +depends_on: + - compliance + +trigger: + ref: + - "refs/pull/**" + +steps: + - name: dryrun + image: techknowlogick/drone-docker:latest + pull: always + settings: + dry_run: true + repo: gitea/gitea + tags: linux-arm64 + build_args: + - GOPROXY=https://goproxy.io + environment: + PLUGIN_MIRROR: + from_secret: plugin_mirror + when: + event: + - pull_request + +--- +kind: pipeline +type: docker +name: docker-linux-arm64-release-version + +platform: + os: linux + arch: arm64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - "refs/tags/**" + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: true + auto_tag_suffix: linux-arm64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: true + auto_tag_suffix: linux-arm64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +type: docker +name: docker-linux-arm64-release + +platform: + os: linux + arch: arm64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - refs/heads/main + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: false + tags: dev-linux-arm64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: false + tags: dev-linux-arm64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +name: docker-linux-arm64-release-branch + +platform: + os: linux + arch: arm64 + +depends_on: + - testing-amd64 + - testing-arm64 + +trigger: + ref: + - "refs/heads/release/v*" + event: + exclude: + - cron + +steps: + - name: fetch-tags + image: docker:git + pull: always + commands: + - git config --global --add safe.directory /drone/src + - git fetch --tags --force + + - name: publish + image: techknowlogick/drone-docker:latest + pull: always + settings: + auto_tag: false + tags: ${DRONE_BRANCH##release/v}-dev-linux-arm64 + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + + - name: publish-rootless + image: techknowlogick/drone-docker:latest + settings: + dockerfile: Dockerfile.rootless + auto_tag: false + tags: ${DRONE_BRANCH##release/v}-dev-linux-arm64-rootless + repo: gitea/gitea + build_args: + - GOPROXY=https://goproxy.io + password: + from_secret: docker_password + username: + from_secret: docker_username + when: + event: + exclude: + - pull_request + +--- +kind: pipeline +type: docker +name: docker-manifest-version + +platform: + os: linux + arch: amd64 + +steps: + - name: manifest-rootless + image: plugins/manifest + pull: always + settings: + auto_tag: true + ignore_missing: true + spec: docker/manifest.rootless.tmpl + password: + from_secret: docker_password + username: + from_secret: docker_username + + - name: manifest + image: plugins/manifest + settings: + auto_tag: true + ignore_missing: true + spec: docker/manifest.tmpl + password: + from_secret: docker_password + username: + from_secret: docker_username + +trigger: + ref: + - "refs/tags/**" + event: + exclude: + - cron + +depends_on: + - docker-linux-amd64-release-version + - docker-linux-arm64-release-version + +--- +kind: pipeline +type: docker +name: docker-manifest + +platform: + os: linux + arch: amd64 + +steps: + - name: manifest-rootless + pull: always + image: plugins/manifest + pull: always + settings: + auto_tag: false + ignore_missing: true + spec: docker/manifest.rootless.tmpl + password: + from_secret: docker_password + username: + from_secret: docker_username + + - name: manifest + image: plugins/manifest + settings: + auto_tag: false + ignore_missing: true + spec: docker/manifest.tmpl + password: + from_secret: docker_password + username: + from_secret: docker_username + +trigger: + ref: + - refs/heads/main + - "refs/heads/release/v*" + event: + exclude: + - cron + +depends_on: + - docker-linux-amd64-release + - docker-linux-arm64-release + - docker-linux-amd64-release-branch + - docker-linux-arm64-release-branch + +--- +kind: pipeline +type: docker +name: notifications + +platform: + os: linux + arch: arm64 + +clone: + disable: true + +trigger: + branch: + - main + - "release/*" + event: + - push + - tag + status: + - success + - failure + +depends_on: + - testing-amd64 + - testing-arm64 + - release-version + - release-latest + - docker-linux-amd64-release + - docker-linux-arm64-release + - docker-linux-amd64-release-version + - docker-linux-arm64-release-version + - docker-linux-amd64-release-branch + - docker-linux-arm64-release-branch + - docker-manifest + - docker-manifest-version + - docs + +steps: + - name: discord + image: appleboy/drone-discord:1.2.4 + pull: always + settings: + message: "{{#success build.status}} āœ… Build #{{build.number}} of `{{repo.name}}` succeeded.\n\nšŸ“ Commit by {{commit.author}} on `{{commit.branch}}`:\n``` {{commit.message}} ```\n\n🌐 {{ build.link }} {{else}} āŒ Build #{{build.number}} of `{{repo.name}}` failed.\n\nšŸ“ Commit by {{commit.author}} on `{{commit.branch}}`:\n``` {{commit.message}} ```\n\n🌐 {{ build.link }} {{/success}}\n" + webhook_id: + from_secret: discord_webhook_id + webhook_token: + from_secret: discord_webhook_token diff --git a/.editorconfig b/.editorconfig index 8e2234e64b..c0946ac997 100644 --- a/.editorconfig +++ b/.editorconfig @@ -9,7 +9,7 @@ charset = utf-8 trim_trailing_whitespace = true insert_final_newline = true -[{*.{go,tmpl,html},Makefile,go.mod}] +[*.{go,tmpl,html}] indent_style = tab [templates/custom/*.tmpl] @@ -21,8 +21,8 @@ indent_style = space [templates/user/auth/oidc_wellknown.tmpl] indent_style = space +[Makefile] +indent_style = tab + [*.svg] insert_final_newline = false - -[options/locale/locale_*.ini] -insert_final_newline = false diff --git a/.envrc.example b/.envrc.example deleted file mode 100644 index 3550a30f2d..0000000000 --- a/.envrc.example +++ /dev/null @@ -1 +0,0 @@ -use flake diff --git a/.eslintrc.yaml b/.eslintrc.yaml new file mode 100644 index 0000000000..4dafc8f492 --- /dev/null +++ b/.eslintrc.yaml @@ -0,0 +1,531 @@ +root: true +reportUnusedDisableDirectives: true + +ignorePatterns: + - /web_src/js/vendor + +parserOptions: + sourceType: module + ecmaVersion: latest + +plugins: + - eslint-plugin-unicorn + - eslint-plugin-import + - eslint-plugin-jquery + - eslint-plugin-sonarjs + +env: + es2022: true + node: true + +globals: + __webpack_public_path__: true + +overrides: + - files: ["web_src/**/*.js", "docs/**/*.js"] + env: + browser: true + node: false + - files: ["web_src/**/*worker.js"] + env: + worker: true + rules: + no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, status, statusbar, stop, toolbar, top] + - files: ["build/generate-images.js"] + rules: + import/no-unresolved: [0] + import/no-extraneous-dependencies: [0] + - files: ["*.config.js"] + rules: + import/no-unused-modules: [0] + +rules: + accessor-pairs: [2] + array-bracket-newline: [0] + array-bracket-spacing: [2, never] + array-callback-return: [2, {checkForEach: true}] + array-element-newline: [0] + arrow-body-style: [0] + arrow-parens: [2, always] + arrow-spacing: [2, {before: true, after: true}] + block-scoped-var: [2] + brace-style: [2, 1tbs, {allowSingleLine: true}] + camelcase: [0] + capitalized-comments: [0] + class-methods-use-this: [0] + comma-dangle: [2, only-multiline] + comma-spacing: [2, {before: false, after: true}] + comma-style: [2, last] + complexity: [0] + computed-property-spacing: [2, never] + consistent-return: [0] + consistent-this: [0] + constructor-super: [2] + curly: [0] + default-case-last: [2] + default-case: [0] + default-param-last: [0] + dot-location: [2, property] + dot-notation: [0] + eol-last: [2] + eqeqeq: [2] + for-direction: [2] + func-call-spacing: [2, never] + func-name-matching: [2] + func-names: [0] + func-style: [0] + function-call-argument-newline: [0] + function-paren-newline: [0] + generator-star-spacing: [0] + getter-return: [2] + grouped-accessor-pairs: [2] + guard-for-in: [0] + id-blacklist: [0] + id-length: [0] + id-match: [0] + implicit-arrow-linebreak: [0] + import/default: [0] + import/dynamic-import-chunkname: [0] + import/export: [2] + import/exports-last: [0] + import/extensions: [2, always, {ignorePackages: true}] + import/first: [2] + import/group-exports: [0] + import/max-dependencies: [0] + import/named: [2] + import/namespace: [0] + import/newline-after-import: [0] + import/no-absolute-path: [0] + import/no-amd: [0] + import/no-anonymous-default-export: [0] + import/no-commonjs: [0] + import/no-cycle: [2, {ignoreExternal: true, maxDepth: 1}] + import/no-default-export: [0] + import/no-deprecated: [0] + import/no-dynamic-require: [0] + import/no-extraneous-dependencies: [2] + import/no-import-module-exports: [0] + import/no-internal-modules: [0] + import/no-mutable-exports: [0] + import/no-named-as-default-member: [0] + import/no-named-as-default: [2] + import/no-named-default: [0] + import/no-named-export: [0] + import/no-namespace: [0] + import/no-nodejs-modules: [0] + import/no-relative-packages: [0] + import/no-relative-parent-imports: [0] + import/no-restricted-paths: [0] + import/no-self-import: [2] + import/no-unassigned-import: [0] + import/no-unresolved: [2, {commonjs: true, ignore: ["\\?.+$"]}] + import/no-unused-modules: [2, {unusedExports: true}] + import/no-useless-path-segments: [2, {commonjs: true}] + import/no-webpack-loader-syntax: [2] + import/order: [0] + import/prefer-default-export: [0] + import/unambiguous: [0] + indent: [2, 2, {SwitchCase: 1}] + init-declarations: [0] + jquery/no-ajax-events: [2] + jquery/no-ajax: [0] + jquery/no-animate: [2] + jquery/no-attr: [0] + jquery/no-bind: [2] + jquery/no-class: [0] + jquery/no-clone: [2] + jquery/no-closest: [0] + jquery/no-css: [0] + jquery/no-data: [0] + jquery/no-deferred: [2] + jquery/no-delegate: [2] + jquery/no-each: [0] + jquery/no-extend: [2] + jquery/no-fade: [0] + jquery/no-filter: [0] + jquery/no-find: [0] + jquery/no-global-eval: [2] + jquery/no-grep: [2] + jquery/no-has: [2] + jquery/no-hide: [0] + jquery/no-html: [0] + jquery/no-in-array: [2] + jquery/no-is-array: [2] + jquery/no-is-function: [2] + jquery/no-is: [0] + jquery/no-load: [2] + jquery/no-map: [0] + jquery/no-merge: [2] + jquery/no-param: [2] + jquery/no-parent: [0] + jquery/no-parents: [0] + jquery/no-parse-html: [2] + jquery/no-prop: [0] + jquery/no-proxy: [2] + jquery/no-ready: [0] + jquery/no-serialize: [2] + jquery/no-show: [0] + jquery/no-size: [2] + jquery/no-sizzle: [0] + jquery/no-slide: [0] + jquery/no-submit: [0] + jquery/no-text: [0] + jquery/no-toggle: [0] + jquery/no-trigger: [0] + jquery/no-trim: [2] + jquery/no-val: [0] + jquery/no-when: [2] + jquery/no-wrap: [2] + key-spacing: [2] + keyword-spacing: [2] + line-comment-position: [0] + linebreak-style: [2, unix] + lines-around-comment: [0] + lines-between-class-members: [0] + logical-assignment-operators: [0] + max-classes-per-file: [0] + max-depth: [0] + max-len: [0] + max-lines-per-function: [0] + max-lines: [0] + max-nested-callbacks: [0] + max-params: [0] + max-statements-per-line: [0] + max-statements: [0] + multiline-comment-style: [2, separate-lines] + multiline-ternary: [0] + new-cap: [0] + new-parens: [2] + newline-per-chained-call: [0] + no-alert: [0] + no-array-constructor: [2] + no-async-promise-executor: [2] + no-await-in-loop: [0] + no-bitwise: [0] + no-buffer-constructor: [0] + no-caller: [2] + no-case-declarations: [2] + no-class-assign: [2] + no-compare-neg-zero: [2] + no-cond-assign: [2, except-parens] + no-confusing-arrow: [0] + no-console: [1, {allow: [debug, info, warn, error]}] + no-const-assign: [2] + no-constant-binary-expression: [2] + no-constant-condition: [0] + no-constructor-return: [2] + no-continue: [0] + no-control-regex: [0] + no-debugger: [1] + no-delete-var: [2] + no-div-regex: [0] + no-dupe-args: [2] + no-dupe-class-members: [2] + no-dupe-else-if: [2] + no-dupe-keys: [2] + no-duplicate-case: [2] + no-duplicate-imports: [2] + no-else-return: [2] + no-empty-character-class: [2] + no-empty-function: [0] + no-empty-pattern: [2] + no-empty: [2, {allowEmptyCatch: true}] + no-eq-null: [2] + no-eval: [2] + no-ex-assign: [2] + no-extend-native: [2] + no-extra-bind: [2] + no-extra-boolean-cast: [2] + no-extra-label: [0] + no-extra-parens: [0] + no-extra-semi: [2] + no-fallthrough: [2] + no-floating-decimal: [0] + no-func-assign: [2] + no-global-assign: [2] + no-implicit-coercion: [2] + no-implicit-globals: [0] + no-implied-eval: [2] + no-import-assign: [2] + no-inline-comments: [0] + no-inner-declarations: [2] + no-invalid-regexp: [2] + no-invalid-this: [0] + no-irregular-whitespace: [2] + no-iterator: [2] + no-label-var: [2] + no-labels: [2] + no-lone-blocks: [2] + no-lonely-if: [0] + no-loop-func: [0] + no-loss-of-precision: [2] + no-magic-numbers: [0] + no-misleading-character-class: [2] + no-mixed-operators: [0] + no-mixed-spaces-and-tabs: [2] + no-multi-assign: [0] + no-multi-spaces: [2, {ignoreEOLComments: true, exceptions: {Property: true}}] + no-multi-str: [2] + no-negated-condition: [0] + no-nested-ternary: [0] + no-new-func: [2] + no-new-object: [2] + no-new-symbol: [2] + no-new-wrappers: [2] + no-new: [0] + no-nonoctal-decimal-escape: [2] + no-obj-calls: [2] + no-octal-escape: [2] + no-octal: [2] + no-param-reassign: [0] + no-plusplus: [0] + no-promise-executor-return: [0] + no-proto: [2] + no-prototype-builtins: [2] + no-redeclare: [2] + no-regex-spaces: [2] + no-restricted-exports: [0] + no-restricted-globals: [2, addEventListener, blur, close, closed, confirm, defaultStatus, defaultstatus, error, event, external, find, focus, frameElement, frames, history, innerHeight, innerWidth, isFinite, isNaN, length, location, locationbar, menubar, moveBy, moveTo, name, onblur, onerror, onfocus, onload, onresize, onunload, open, opener, opera, outerHeight, outerWidth, pageXOffset, pageYOffset, parent, print, removeEventListener, resizeBy, resizeTo, screen, screenLeft, screenTop, screenX, screenY, scroll, scrollbars, scrollBy, scrollTo, scrollX, scrollY, self, status, statusbar, stop, toolbar, top, __dirname, __filename] + no-restricted-imports: [0] + no-restricted-syntax: [2, WithStatement, ForInStatement, LabeledStatement] + no-return-assign: [0] + no-return-await: [0] + no-script-url: [2] + no-self-assign: [2, {props: true}] + no-self-compare: [2] + no-sequences: [2] + no-setter-return: [2] + no-shadow-restricted-names: [2] + no-shadow: [0] + no-sparse-arrays: [2] + no-tabs: [2] + no-template-curly-in-string: [2] + no-ternary: [0] + no-this-before-super: [2] + no-throw-literal: [2] + no-trailing-spaces: [2] + no-undef-init: [2] + no-undef: [2, {typeof: true}] + no-undefined: [0] + no-underscore-dangle: [0] + no-unexpected-multiline: [2] + no-unmodified-loop-condition: [2] + no-unneeded-ternary: [0] + no-unreachable-loop: [2] + no-unreachable: [2] + no-unsafe-finally: [2] + no-unsafe-negation: [2] + no-unused-expressions: [2] + no-unused-labels: [2] + no-unused-private-class-members: [2] + no-unused-vars: [2, {args: all, argsIgnorePattern: ^_, varsIgnorePattern: ^_, caughtErrorsIgnorePattern: ^_, destructuredArrayIgnorePattern: ^_, ignoreRestSiblings: false}] + no-use-before-define: [2, {functions: false, classes: true, variables: true, allowNamedExports: true}] + no-useless-backreference: [2] + no-useless-call: [2] + no-useless-catch: [2] + no-useless-computed-key: [2] + no-useless-concat: [2] + no-useless-constructor: [2] + no-useless-escape: [2] + no-useless-rename: [2] + no-useless-return: [2] + no-var: [2] + no-void: [2] + no-warning-comments: [0] + no-whitespace-before-property: [2] + no-with: [2] + nonblock-statement-body-position: [2] + object-curly-newline: [0] + object-curly-spacing: [2, never] + object-shorthand: [2, always] + one-var-declaration-per-line: [0] + one-var: [0] + operator-assignment: [2, always] + operator-linebreak: [2, after] + padded-blocks: [2, never] + padding-line-between-statements: [0] + prefer-arrow-callback: [2, {allowNamedFunctions: true, allowUnboundThis: true}] + prefer-const: [2, {destructuring: all, ignoreReadBeforeAssign: true}] + prefer-destructuring: [0] + prefer-exponentiation-operator: [2] + prefer-named-capture-group: [0] + prefer-numeric-literals: [2] + prefer-object-has-own: [0] + prefer-object-spread: [2] + prefer-promise-reject-errors: [2, {allowEmptyReject: false}] + prefer-regex-literals: [2] + prefer-rest-params: [2] + prefer-spread: [2] + prefer-template: [2] + quote-props: [0] + quotes: [2, single, {avoidEscape: true, allowTemplateLiterals: true}] + radix: [2, as-needed] + require-atomic-updates: [0] + require-await: [0] + require-unicode-regexp: [0] + require-yield: [2] + rest-spread-spacing: [2, never] + semi-spacing: [2, {before: false, after: true}] + semi-style: [2, last] + semi: [2, always, {omitLastInOneLineBlock: true}] + sonarjs/cognitive-complexity: [0] + sonarjs/elseif-without-else: [0] + sonarjs/max-switch-cases: [0] + sonarjs/no-all-duplicated-branches: [2] + sonarjs/no-collapsible-if: [0] + sonarjs/no-collection-size-mischeck: [2] + sonarjs/no-duplicate-string: [0] + sonarjs/no-duplicated-branches: [0] + sonarjs/no-element-overwrite: [2] + sonarjs/no-empty-collection: [2] + sonarjs/no-extra-arguments: [0] + sonarjs/no-gratuitous-expressions: [2] + sonarjs/no-identical-conditions: [2] + sonarjs/no-identical-expressions: [0] + sonarjs/no-identical-functions: [0] + sonarjs/no-ignored-return: [2] + sonarjs/no-inverted-boolean-check: [2] + sonarjs/no-nested-switch: [0] + sonarjs/no-nested-template-literals: [0] + sonarjs/no-one-iteration-loop: [2] + sonarjs/no-redundant-boolean: [2] + sonarjs/no-redundant-jump: [0] + sonarjs/no-same-line-conditional: [2] + sonarjs/no-small-switch: [0] + sonarjs/no-unused-collection: [2] + sonarjs/no-use-of-empty-return-value: [2] + sonarjs/no-useless-catch: [0] + sonarjs/non-existent-operator: [2] + sonarjs/prefer-immediate-return: [0] + sonarjs/prefer-object-literal: [0] + sonarjs/prefer-single-boolean-return: [0] + sonarjs/prefer-while: [2] + sort-imports: [0] + sort-keys: [0] + sort-vars: [0] + space-before-blocks: [2, always] + space-in-parens: [2, never] + space-infix-ops: [2] + space-unary-ops: [2] + spaced-comment: [2, always] + strict: [0] + switch-colon-spacing: [2] + symbol-description: [2] + template-curly-spacing: [2, never] + template-tag-spacing: [2, never] + unicode-bom: [2, never] + unicorn/better-regex: [0] + unicorn/catch-error-name: [0] + unicorn/consistent-destructuring: [2] + unicorn/consistent-function-scoping: [2] + unicorn/custom-error-definition: [0] + unicorn/empty-brace-spaces: [2] + unicorn/error-message: [0] + unicorn/escape-case: [0] + unicorn/expiring-todo-comments: [0] + unicorn/explicit-length-check: [0] + unicorn/filename-case: [0] + unicorn/import-index: [0] + unicorn/import-style: [0] + unicorn/new-for-builtins: [2] + unicorn/no-abusive-eslint-disable: [0] + unicorn/no-array-for-each: [2] + unicorn/no-array-instanceof: [0] + unicorn/no-array-method-this-argument: [2] + unicorn/no-array-push-push: [2] + unicorn/no-await-expression-member: [0] + unicorn/no-console-spaces: [0] + unicorn/no-document-cookie: [2] + unicorn/no-empty-file: [2] + unicorn/no-fn-reference-in-iterator: [0] + unicorn/no-for-loop: [0] + unicorn/no-hex-escape: [0] + unicorn/no-invalid-remove-event-listener: [2] + unicorn/no-keyword-prefix: [0] + unicorn/no-lonely-if: [2] + unicorn/no-nested-ternary: [0] + unicorn/no-new-array: [0] + unicorn/no-new-buffer: [0] + unicorn/no-null: [0] + unicorn/no-object-as-default-parameter: [0] + unicorn/no-process-exit: [0] + unicorn/no-reduce: [2] + unicorn/no-static-only-class: [2] + unicorn/no-thenable: [2] + unicorn/no-this-assignment: [2] + unicorn/no-unnecessary-await: [2] + unicorn/no-unreadable-array-destructuring: [0] + unicorn/no-unreadable-iife: [2] + unicorn/no-unsafe-regex: [0] + unicorn/no-unused-properties: [2] + unicorn/no-useless-fallback-in-spread: [2] + unicorn/no-useless-length-check: [2] + unicorn/no-useless-promise-resolve-reject: [2] + unicorn/no-useless-spread: [2] + unicorn/no-useless-switch-case: [2] + unicorn/no-useless-undefined: [0] + unicorn/no-zero-fractions: [2] + unicorn/number-literal-case: [0] + unicorn/numeric-separators-style: [0] + unicorn/prefer-add-event-listener: [2] + unicorn/prefer-array-find: [2] + unicorn/prefer-array-flat-map: [2] + unicorn/prefer-array-flat: [2] + unicorn/prefer-array-index-of: [2] + unicorn/prefer-array-some: [2] + unicorn/prefer-at: [0] + unicorn/prefer-code-point: [0] + unicorn/prefer-dataset: [2] + unicorn/prefer-date-now: [2] + unicorn/prefer-default-parameters: [0] + unicorn/prefer-event-key: [2] + unicorn/prefer-event-target: [2] + unicorn/prefer-export-from: [2] + unicorn/prefer-includes: [2] + unicorn/prefer-json-parse-buffer: [0] + unicorn/prefer-logical-operator-over-ternary: [2] + unicorn/prefer-math-trunc: [2] + unicorn/prefer-modern-dom-apis: [0] + unicorn/prefer-modern-math-apis: [2] + unicorn/prefer-module: [2] + unicorn/prefer-native-coercion-functions: [2] + unicorn/prefer-negative-index: [2] + unicorn/prefer-node-append: [0] + unicorn/prefer-node-protocol: [0] + unicorn/prefer-node-remove: [0] + unicorn/prefer-number-properties: [0] + unicorn/prefer-object-from-entries: [2] + unicorn/prefer-object-has-own: [0] + unicorn/prefer-optional-catch-binding: [2] + unicorn/prefer-prototype-methods: [0] + unicorn/prefer-query-selector: [0] + unicorn/prefer-reflect-apply: [0] + unicorn/prefer-regexp-test: [2] + unicorn/prefer-replace-all: [0] + unicorn/prefer-set-has: [0] + unicorn/prefer-spread: [0] + unicorn/prefer-starts-ends-with: [2] + unicorn/prefer-string-slice: [0] + unicorn/prefer-switch: [0] + unicorn/prefer-ternary: [0] + unicorn/prefer-text-content: [2] + unicorn/prefer-top-level-await: [0] + unicorn/prefer-trim-start-end: [2] + unicorn/prefer-type-error: [0] + unicorn/prevent-abbreviations: [0] + unicorn/relative-url-style: [2] + unicorn/require-array-join-separator: [2] + unicorn/require-number-to-fixed-digits-argument: [2] + unicorn/require-post-message-target-origin: [0] + unicorn/string-content: [0] + unicorn/switch-case-braces: [0] + unicorn/template-indent: [2] + unicorn/text-encoding-identifier-case: [0] + unicorn/throw-new-error: [2] + use-isnan: [2] + valid-typeof: [2, {requireStringLiterals: true}] + vars-on-top: [0] + wrap-iife: [2, inside] + wrap-regex: [0] + yield-star-spacing: [2, after] + yoda: [2, never] diff --git a/.forgejo/cascading-pr-end-to-end b/.forgejo/cascading-pr-end-to-end deleted file mode 100755 index 8013fde06a..0000000000 --- a/.forgejo/cascading-pr-end-to-end +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -set -ex - -end_to_end=$1 -end_to_end_pr=$2 -forgejo=$3 -forgejo_pr_or_ref=$4 - -cd $forgejo -full_version=$(make show-version-full) -minor_version=$(make show-version-minor) - -cd $end_to_end - -if ! test -f forgejo/sources/$minor_version; then - echo "FAIL: forgejo/sources/$minor_version does not exist in the end-to-end repository" - false -fi - -echo -n $minor_version >forgejo/build-from-sources -date >last-upgrade - -if test -f "$forgejo_pr_or_ref"; then - forgejo_pr=$forgejo_pr_or_ref - head_url=$(jq --raw-output .head.repo.html_url <$forgejo_pr) - test "$head_url" != null - branch=$(jq --raw-output .head.ref <$forgejo_pr) - test "$branch" != null - echo $head_url $branch $full_version >forgejo/sources/$minor_version -else - forgejo_ref=$forgejo_pr_or_ref - echo $GITHUB_SERVER_URL/$GITHUB_REPOSITORY ${forgejo_ref#refs/heads/} $full_version >forgejo/sources/$minor_version -fi diff --git a/.forgejo/cascading-release-end-to-end b/.forgejo/cascading-release-end-to-end deleted file mode 100755 index 9be0737b0f..0000000000 --- a/.forgejo/cascading-release-end-to-end +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -set -ex - -end_to_end=$1 -end_to_end_pr=$2 -forgejo=$3 -forgejo_ref=$4 - -cd $end_to_end -date >last-upgrade -organizations=lib/ORGANIZATIONS -if ! test -f $organizations; then - echo "$organizations file not found" - false -fi -# -# Inverse the order of lookup because the goal in the release built -# pipeline is to test the latest build, if available, instead of the -# stable version by the same version. -# -echo forgejo-integration forgejo-experimental forgejo >$organizations diff --git a/.forgejo/issue_template/bug-report-ui.yaml b/.forgejo/issue_template/bug-report-ui.yaml deleted file mode 100644 index 57d578b232..0000000000 --- a/.forgejo/issue_template/bug-report-ui.yaml +++ /dev/null @@ -1,57 +0,0 @@ -name: šŸ¦‹ Bug Report (web interface / frontend) -description: Something doesn't look quite as it should? Report it here! -title: "bug: " -labels: ["bug/new-report", "forgejo/ui"] -body: -- type: markdown - attributes: - value: | - **NOTE: If your issue is a security concern, please email (GPG: `A4676E79`) instead of opening a public issue.** -- type: markdown - attributes: - value: | - - Please speak English, as this is the language all maintainers can speak and write. - - Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way. - - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). - - Take a moment to [check that your issue hasn't been reported before](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78137). -- type: dropdown - id: can-reproduce - attributes: - label: Can you reproduce the bug on the Forgejo test instance? - description: | - Please try reproducing your issue at https://dev.next.forgejo.org. - It is running the latest development branch and will confirm the problem is not already fixed. - If you can reproduce it, provide a URL in the description. - options: - - "Yes" - - "No" - validations: - required: true -- type: textarea - id: description - attributes: - label: Description - description: | - Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above). - If you think this is a JavaScript error, include a copy of the JavaScript console. - validations: - required: true -- type: textarea - id: screenshots - attributes: - label: Screenshots - description: Please provide at least one screenshot showing the issue. - validations: - required: true -- type: input - id: forgejo-ver - attributes: - label: Forgejo Version - description: Forgejo version (or commit reference) your instance is running -- type: input - id: browser-ver - attributes: - label: Browser Version - description: The browser and version that you are using to access Forgejo - validations: - required: true diff --git a/.forgejo/issue_template/bug-report.yaml b/.forgejo/issue_template/bug-report.yaml deleted file mode 100644 index 6e9b116e60..0000000000 --- a/.forgejo/issue_template/bug-report.yaml +++ /dev/null @@ -1,72 +0,0 @@ -name: šŸ› Bug Report (server / backend) -description: Found something you weren't expecting? Report it here! -title: "bug: " -labels: bug/new-report -body: -- type: markdown - attributes: - value: | - **NOTE: If your issue is a security concern, please email (GPG: `A4676E79`) instead of opening a public issue.** -- type: markdown - attributes: - value: | - - Please speak English, as this is the language all maintainers can speak and write. - - Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way. - - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). - - Take a moment to [check that your issue hasn't been reported before](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78137). -- type: dropdown - id: can-reproduce - attributes: - label: Can you reproduce the bug on the Forgejo test instance? - description: | - Please try reproducing your issue at https://dev.next.forgejo.org. - It is running the latest development branch and will confirm the problem is not already fixed. - If you can reproduce it, provide a URL in the description. - options: - - "Yes" - - "No" - validations: - required: true -- type: textarea - id: description - attributes: - label: Description - description: | - Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above). - validations: - required: true -- type: input - id: forgejo-ver - attributes: - label: Forgejo Version - description: Forgejo version (or commit reference) of your instance -- type: textarea - id: run-info - attributes: - label: How are you running Forgejo? - description: | - Please include information on whether you built Forgejo yourself, used one of our downloads, or are using some other package. - Please also tell us how you are running Forgejo, e.g. if it is being run from a container, a command-line, systemd etc. - If you are using a package or systemd tell us what distribution you are using. - validations: - required: true -- type: textarea - id: logs - attributes: - label: Logs - description: | - It's really important to provide pertinent logs. You must give us `DEBUG` level logs. - Please read https://forgejo.org/docs/latest/admin/logging-documentation/. - In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of `app.ini`. - - Please copy and paste your logs here, with any sensitive information (e.g. API keys) removed/hidden. - You can wrap your logs in `
...
` tags so it doesn't take up too much space in the issue. -- type: dropdown - id: database - attributes: - label: Database - description: What database system are you running? - options: - - SQLite - - PostgreSQL - - MySQL diff --git a/.forgejo/issue_template/config.yml b/.forgejo/issue_template/config.yml deleted file mode 100644 index f2ea8d945a..0000000000 --- a/.forgejo/issue_template/config.yml +++ /dev/null @@ -1,16 +0,0 @@ -contact_links: - - name: šŸ”“ Security Reports - url: mailto:security@forgejo.org - about: "Please email (See https://forgejo.org/.well-known/security.txt)." - - name: šŸ’¬ Matrix Chat Room - url: https://matrix.to/#/#forgejo-chat:matrix.org - about: Please ask questions and discuss configuration or deployment problems here. - - name: šŸ’¬ Matrix Space - url: https://matrix.to/#/#forgejo:matrix.org - about: A collection of Matrix rooms relating to Forgejo in addition to the main chat room. - - name: šŸ“š Documentation - url: https://forgejo.org/docs/latest/ - about: Documentation about Forgejo. - - name: ā“ Frequently Asked Questions - url: https://forgejo.org/faq/ - about: Please check if your question is mentioned here. diff --git a/.forgejo/issue_template/feature-request.yaml b/.forgejo/issue_template/feature-request.yaml deleted file mode 100644 index 0996680cb4..0000000000 --- a/.forgejo/issue_template/feature-request.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: šŸ’” Feature Request -description: Got an idea for a feature that Forgejo doesn't have yet? Suggest it here! -title: "feat: " -labels: ["enhancement/feature"] -body: -- type: markdown - attributes: - value: | - - Please speak English, as this is the language all maintainers can speak and write. - - Be as clear and concise as possible. A very verbose request is harder to interpret in a concrete way. - - Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct). - - Please make sure you are using the latest release of Forgejo and take a moment to [check that your feature hasn't already been suggested](https://codeberg.org/forgejo/forgejo/issues?q=&type=all&labels=78139). -- type: textarea - id: needs-benefits - attributes: - label: Needs and benefits - description: As concisely as possible, describe the benefits your feature request will provide or the problems it will try to solve. - validations: - required: true -- type: textarea - id: description - attributes: - label: Feature Description - description: As concisely as possible, describe the feature you would like to see added or the changes you would like to see made to Forgejo. - validations: - required: true -- type: textarea - id: screenshots - attributes: - label: Screenshots - description: If you can, provide screenshots of an implementation on another site, e.g. GitHub. diff --git a/.forgejo/pull_request_template.md b/.forgejo/pull_request_template.md deleted file mode 100644 index d30af48446..0000000000 --- a/.forgejo/pull_request_template.md +++ /dev/null @@ -1,33 +0,0 @@ ---- - -name: "Pull Request Template" -about: "Template for all Pull Requests" -labels: - -- test/needed - ---- - -## Checklist - -The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). - -### Tests - -- I added test coverage for Go changes... - - [ ] in their respective `*_test.go` for unit tests. - - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. -- I added test coverage for JavaScript changes... - - [ ] in `web_src/js/*.test.js` if it can be unit tested. - - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). - -### Documentation - -- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. -- [ ] I did not document these changes and I do not expect someone else to do it. - -### Release notes - -- [ ] I do not want this change to show in the release notes. -- [ ] I want the title to show in the release notes with a link to this pull request. -- [ ] I want the content of the `release-notes/.md` to be be used for the release notes instead of the title. diff --git a/.forgejo/testdata/build-release/Dockerfile b/.forgejo/testdata/build-release/Dockerfile deleted file mode 100644 index d10564359e..0000000000 --- a/.forgejo/testdata/build-release/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM data.forgejo.org/oci/alpine:3.21 -ARG RELEASE_VERSION=unkown -LABEL maintainer="contact@forgejo.org" \ - org.opencontainers.image.version="${RELEASE_VERSION}" -RUN mkdir -p /app/gitea -RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$RELEASE_VERSION" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea diff --git a/.forgejo/testdata/build-release/Makefile b/.forgejo/testdata/build-release/Makefile deleted file mode 100644 index 406acd06d2..0000000000 --- a/.forgejo/testdata/build-release/Makefile +++ /dev/null @@ -1,5 +0,0 @@ -VERSION ?= $(shell cat VERSION 2>/dev/null) -sources-tarbal: - mkdir -p dist/release - echo $(VERSION) > VERSION - sources=forgejo-src-$(VERSION).tar.gz ; tar --transform 's|^./|forgejo-src-$(VERSION)/|' -czf dist/release/forgejo-src-$(VERSION).tar.gz . ; cd dist/release ; shasum -a 256 $$sources > $$sources.sha256 diff --git a/.forgejo/testdata/build-release/go.mod b/.forgejo/testdata/build-release/go.mod deleted file mode 100644 index 729cb6f831..0000000000 --- a/.forgejo/testdata/build-release/go.mod +++ /dev/null @@ -1,3 +0,0 @@ -module code.gitea.io/gitea - -go 1.23.3 diff --git a/.forgejo/testdata/build-release/modules/public/bindata.go b/.forgejo/testdata/build-release/modules/public/bindata.go deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/.forgejo/testdata/build-release/public/assets/css/placeholder b/.forgejo/testdata/build-release/public/assets/css/placeholder deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/.forgejo/testdata/build-release/public/assets/fonts/placeholder b/.forgejo/testdata/build-release/public/assets/fonts/placeholder deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/.forgejo/testdata/build-release/public/assets/js/placeholder b/.forgejo/testdata/build-release/public/assets/js/placeholder deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/.forgejo/workflows-composite/apt-install-from/action.yaml b/.forgejo/workflows-composite/apt-install-from/action.yaml deleted file mode 100644 index 615e7cb184..0000000000 --- a/.forgejo/workflows-composite/apt-install-from/action.yaml +++ /dev/null @@ -1,29 +0,0 @@ -inputs: - packages: - description: 'Packages to install' - required: true - release: - description: 'Release to install from' - default: testing - -runs: - using: "composite" - steps: - - name: setup apt package source - run: | - export DEBIAN_FRONTEND=noninteractive - echo "deb http://deb.debian.org/debian/ ${RELEASE} main" > "/etc/apt/sources.list.d/${RELEASE}.list" - env: - RELEASE: ${{inputs.release}} - - name: install packages - run: | - apt-get update -qq - apt-get -q install -qq -y ${PACKAGES} - env: - PACKAGES: ${{inputs.packages}} - - name: remove temporary package list to prevent using it in other steps - run: | - rm "/etc/apt/sources.list.d/${RELEASE}.list" - apt-get update -qq - env: - RELEASE: ${{inputs.release}} diff --git a/.forgejo/workflows-composite/build-backend/action.yaml b/.forgejo/workflows-composite/build-backend/action.yaml deleted file mode 100644 index ada372b834..0000000000 --- a/.forgejo/workflows-composite/build-backend/action.yaml +++ /dev/null @@ -1,15 +0,0 @@ -runs: - using: "composite" - steps: - - run: | - su forgejo -c 'make deps-backend' - - uses: actions/cache@v4 - id: cache-backend - with: - path: ${{github.workspace}}/gitea - key: backend-build-${{ github.sha }} - - if: steps.cache-backend.outputs.cache-hit != 'true' - run: | - su forgejo -c 'make backend' - env: - TAGS: bindata diff --git a/.forgejo/workflows-composite/setup-cache-go/action.yaml b/.forgejo/workflows-composite/setup-cache-go/action.yaml deleted file mode 100644 index 1b1d37bb6b..0000000000 --- a/.forgejo/workflows-composite/setup-cache-go/action.yaml +++ /dev/null @@ -1,60 +0,0 @@ -# SPDX-License-Identifier: MIT -name: 'Forgejo Actions to setup Go and cache dependencies' -author: 'Forgejo authors' -description: | - Wrap the setup-go with improved dependency caching. -inputs: - username: - description: 'User for which to manage the dependency cache' - default: root - -runs: - using: "composite" - steps: - - name: "Install zstd for faster caching" - run: | - apt-get update -qq - apt-get -q install -qq -y zstd - - - name: "Set up Go using setup-go" - uses: https://data.forgejo.org/actions/setup-go@v5 - id: go-version - with: - go-version-file: "go.mod" - # do not cache dependencies, we do this manually - cache: false - - - name: "Get go environment information" - id: go-environment - run: | - export GOROOT="$(go env GOROOT)" - echo "modcache=$(su ${RUN_AS_USER} -c '${GOROOT}/bin/go env GOMODCACHE')" >> "$GITHUB_OUTPUT" - echo "cache=$(su ${RUN_AS_USER} -c '${GOROOT}/bin/go env GOCACHE')" >> "$GITHUB_OUTPUT" - env: - RUN_AS_USER: ${{ inputs.username }} - GO_VERSION: ${{ steps.go-version.outputs.go-version }} - - - name: "Create cache folders with correct permissions (for non-root users)" - if: inputs.username != 'root' - # when the cache is restored, only the permissions of the last part are restored - # so assuming that /home/user exists and we are restoring /home/user/go/pkg/mod, - # both folders will have the correct permissions, but - # /home/user/go and /home/user/go/pkg might be owned by root - run: | - su ${RUN_AS_USER} -c 'mkdir -p "${MODCACHE_DIR}" "${CACHE_DIR}"' - env: - RUN_AS_USER: ${{ inputs.username }} - MODCACHE_DIR: ${{ steps.go-environment.outputs.modcache }} - CACHE_DIR: ${{ steps.go-environment.outputs.cache }} - - - name: "Restore Go dependencies from cache or mark for later caching" - id: cache-deps - uses: actions/cache@v4 - with: - key: setup-cache-go-deps-${{ runner.os }}-${{ inputs.username }}-${{ steps.go-version.outputs.go_version }}-${{ hashFiles('go.sum', 'go.mod') }} - restore-keys: | - setup-cache-go-deps-${{ runner.os }}-${{ inputs.username }}-${{ steps.go-version.outputs.go_version }}- - setup-cache-go-deps-${{ runner.os }}-${{ inputs.username }}- - path: | - ${{ steps.go-environment.outputs.modcache }} - ${{ steps.go-environment.outputs.cache }} diff --git a/.forgejo/workflows-composite/setup-env/action.yaml b/.forgejo/workflows-composite/setup-env/action.yaml deleted file mode 100644 index f19569a137..0000000000 --- a/.forgejo/workflows-composite/setup-env/action.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# TODO: -# - [ ] prepare a forgejo ci image with the necessary tools and forgejo user -runs: - using: "composite" - steps: - - name: setup user and permissions - run: | - git config --add safe.directory '*' - # ignore if the user already exists (like with the playwright image) - adduser --quiet --comment forgejo --disabled-password forgejo || true - chown -R forgejo:forgejo . - - - uses: ./.forgejo/workflows-composite/setup-cache-go - with: - username: forgejo - - - name: validate go version - run: | - set -ex - toolchain=$(grep -oP '(?<=toolchain ).+' go.mod) - version=$(go version | cut -d' ' -f3) - if dpkg --compare-versions ${version#go} lt ${toolchain#go}; then - echo "go version too low: $toolchain >= $version" - exit 1 - fi diff --git a/.forgejo/workflows/backport.yml b/.forgejo/workflows/backport.yml deleted file mode 100644 index 795557dfac..0000000000 --- a/.forgejo/workflows/backport.yml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright 2024 The Forgejo Authors -# SPDX-License-Identifier: MIT -# -# To modify this workflow: -# -# - change pull_request_target: to pull_request: -# so that it runs from a pull request instead of the default branch -# -# - push it to the wip-ci-backport branch on the forgejo repository -# otherwise it will not have access to the secrets required to push -# the PR -# -# - open a pull request targetting wip-ci-backport that includes a change -# that can be backported without conflict in v1.21 and set the -# `backport/v1.21` label. -# -# - once it works, open a pull request for the sake of keeping track -# of the change even if the PR won't run it because it will use -# whatever is in the default branch instead -# -# - after it is merged, double check it works by setting a -# `backport/v1.21` label on a merged pull request that can be backported -# without conflict. -# -name: issue-labels - -on: - pull_request_target: - types: - - closed - - labeled - -jobs: - backporting: - if: > - ( vars.ROLE == 'forgejo-coding' ) && ( - github.event.pull_request.merged - && - contains(toJSON(github.event.pull_request.labels), 'backport/v') - ) - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - name: event info - run: | - cat <<'EOF' - ${{ toJSON(github) }} - EOF - - uses: https://data.forgejo.org/actions/git-backporting@v4.8.4 - with: - target-branch-pattern: "^backport/(?(v.*))$" - strategy: ort - strategy-option: find-renames - cherry-pick-options: -x - auth: ${{ secrets.BACKPORT_TOKEN }} - pull-request: ${{ github.event.pull_request.url }} - auto-no-squash: true - enable-err-notification: true - git-user: forgejo-backport-action - git-email: forgejo-backport-action@noreply.codeberg.org diff --git a/.forgejo/workflows/build-release-integration.yml b/.forgejo/workflows/build-release-integration.yml deleted file mode 100644 index 6410915644..0000000000 --- a/.forgejo/workflows/build-release-integration.yml +++ /dev/null @@ -1,135 +0,0 @@ -name: Integration tests for the release process - -on: - push: - paths: - - Makefile - - Dockerfile - - Dockerfile.rootless - - docker/** - - .forgejo/workflows/build-release.yml - - .forgejo/workflows/build-release-integration.yml - branches-ignore: - - renovate/** - pull_request: - paths: - - Makefile - - Dockerfile - - Dockerfile.rootless - - docker/** - - .forgejo/workflows/build-release.yml - - .forgejo/workflows/build-release-integration.yml - -jobs: - release-simulation: - if: vars.ROLE == 'forgejo-coding' - runs-on: lxc-bookworm - steps: - - uses: actions/checkout@v4 - - - id: forgejo - uses: https://data.forgejo.org/actions/setup-forgejo@v2.0.4 - with: - user: root - password: admin1234 - image-version: 1.21 - lxc-ip-prefix: 10.0.9 - - - name: publish the forgejo release - shell: bash - run: | - set -x - - cat > /etc/docker/daemon.json < $binary$suffix - if test "$suffix" = .xz ; then - unxz --keep $binary$suffix - fi - chmod +x $binary - ./$binary --version | grep $version - curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256 - shasum -a 256 --check $binary$suffix.sha256 - rm $binary$suffix - done - done - - local sources=forgejo-src-$version.tar.gz - curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources - curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256 - shasum -a 256 --check $sources.sha256 - - docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version - docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless - } - - # - # Create a new project with a fake forgejo and the release workflow only - # - cp -a .forgejo/testdata/build-release/* $dir - mkdir -p $dir/.forgejo/workflows - cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows - cp $dir/Dockerfile $dir/Dockerfile.rootless - - forgejo-test-helper.sh push $dir $url root forgejo - - forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN - forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER - forgejo-curl.sh api_json -X PUT --data-raw '{"data":"true"}' $url/api/v1/repos/root/forgejo/actions/secrets/VERBOSE - - # - # Push a tag to trigger the release workflow and wait for it to complete - # - version=1.2.3 - sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main) - forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags - LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha - sanity_check $url $version - - # - # Push a commit to a branch that triggers the build of a test release - # - version=1.2-test - ( - git clone $url/root/forgejo /tmp/forgejo - cd /tmp/forgejo - date > DATE - git config user.email root@example.com - git config user.name username - git add . - git commit -m 'update' - git push $url/root/forgejo main:forgejo - ) - sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo forgejo) - LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha - sanity_check $url $version - - - name: full logs - if: always() - run: | - sed -e 's/^/[RUNNER LOGS] /' ${{ steps.forgejo.outputs.runner-logs }} - docker logs forgejo | sed -e 's/^/[FORGEJO LOGS]/' - sleep 5 # hack to avoid mixing outputs in Forgejo v1.21 diff --git a/.forgejo/workflows/build-release.yml b/.forgejo/workflows/build-release.yml deleted file mode 100644 index 9d88cb43dd..0000000000 --- a/.forgejo/workflows/build-release.yml +++ /dev/null @@ -1,237 +0,0 @@ -# -# See also https://forgejo.org/docs/next/contributor/release/#stable-release-process -# -# https://codeberg.org/forgejo-integration/forgejo -# -# Builds a release from a codeberg.org/forgejo-integration tag -# -# vars.ROLE: forgejo-integration -# -# secrets.DOER: forgejo-experimental-ci -# secrets.TOKEN: scope read:user, write:repository, write:package -# -# secrets.CASCADE_ORIGIN_TOKEN: scope read:user, write:repository, write:issue -# secrets.CASCADE_DESTINATION_TOKEN: scope read:user, write:repository, write:issue -# vars.CASCADE_DESTINATION_DOER: forgejo-ci -# -# vars.SKIP_END_TO_END: `true` or `false` -# It must be `false` (or absent) so https://code.forgejo.org/forgejo/end-to-end is run -# with the newly built release. -# It must be set to `true` when a release is missing, for instance because it was -# removed and failed to upload. -# -on: - push: - tags: 'v[0-9]+.[0-9]+.*' - branches: - - 'forgejo' - - 'v*/forgejo' - -jobs: - release: - runs-on: lxc-bookworm - # root is used for testing, allow it - if: vars.ROLE == 'forgejo-integration' || github.repository_owner == 'root' - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Sanitize the name of the repository - id: repository - run: | - repository="${{ github.repository }}" - echo "value=${repository##*/}" >> "$GITHUB_OUTPUT" - - - uses: https://data.forgejo.org/actions/setup-node@v4 - with: - node-version: 20 - - - uses: https://data.forgejo.org/actions/setup-go@v5 - with: - go-version-file: "go.mod" - - - name: version from ref - id: release-info - shell: bash - run: | - set -x - ref="${{ github.ref }}" - if [[ $ref =~ ^refs/heads/ ]] ; then - if test "$ref" = "refs/heads/forgejo" ; then - version=$(git tag -l --sort=version:refname --merged | grep -v -e '-test$' | tail -1 | sed -E -e 's/^(v[0-9]+\.[0-9]+).*/\1/')-test - else - version=${ref#refs/heads/} - version=${version%/forgejo}-test - fi - override=true - fi - if [[ $ref =~ ^refs/tags/ ]] ; then - version=${ref#refs/tags/} - override=false - fi - if test -z "$version" ; then - echo failed to figure out the release version from the reference=$ref - exit 1 - fi - version=${version#v} - git describe --exclude '*-test' --tags --always - echo "sha=${{ github.sha }}" >> "$GITHUB_OUTPUT" - echo "version=$version" >> "$GITHUB_OUTPUT" - echo "override=$override" >> "$GITHUB_OUTPUT" - - - name: release notes - id: release-notes - run: | - anchor=${{ steps.release-info.outputs.version }} - anchor=${anchor//./-} - cat >> "$GITHUB_OUTPUT" < 2.0.1 - # css-loader: 6.8.1 => 6.8.1 - # esbuild-loader: 3.0.1 => 3.0.1 - # license-checker-webpack-plugin: 0.2.1 => 0.2.1 - # monaco-editor-webpack-plugin: 7.0.1 => 7.0.1 - # vue-loader: 17.2.2 => 17.2.2 - # webpack: 5.87.0 => 5.87.0 - # webpack-cli: 5.1.4 => 5.1.4 - # - chown -R $(id -u) . - make VERSION=$version TAGS=bindata sources-tarbal - mv dist/release release - - ( - tmp=$(mktemp -d) - tar --directory $tmp -zxvf release/*$version*.tar.gz - cd $tmp/* - # - # Verify `make frontend` files are available - # - test -d public/assets/css - test -d public/assets/fonts - test -d public/assets/js - # - # Verify `make generate` files are available - # - test -f modules/public/bindata.go - # - # Sanity check to verify that the source tarbal knows the - # version and is able to rebuild itself from it. - # - # When in sources the version is determined with git. - # When in the tarbal the version is determined from a VERSION file. - # - make sources-tarbal - tarbal=$(echo dist/release/*$version*.tar.gz) - if ! test -f $tarbal ; then - echo $tarbal does not exist - find dist release - exit 1 - fi - ) - - - name: build container & release - if: ${{ secrets.TOKEN != '' }} - uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.1 - with: - forgejo: "${{ env.GITHUB_SERVER_URL }}" - owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" - repository: "${{ steps.repository.outputs.value }}" - doer: "${{ secrets.DOER }}" - release-version: "${{ steps.release-info.outputs.version }}" - sha: "${{ steps.release-info.outputs.sha }}" - token: "${{ secrets.TOKEN }}" - platforms: linux/amd64,linux/arm64,linux/arm/v6 - release-notes: "${{ steps.release-notes.outputs.value }}" - binary-name: forgejo - binary-path: /app/gitea/gitea - override: "${{ steps.release-info.outputs.override }}" - verify-labels: "maintainer=contact@forgejo.org,org.opencontainers.image.version=${{ steps.release-info.outputs.version }}" - verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }} - - - name: build rootless container - if: ${{ secrets.TOKEN != '' }} - uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.1 - with: - forgejo: "${{ env.GITHUB_SERVER_URL }}" - owner: "${{ env.GITHUB_REPOSITORY_OWNER }}" - repository: "${{ steps.repository.outputs.value }}" - doer: "${{ secrets.DOER }}" - release-version: "${{ steps.release-info.outputs.version }}" - sha: "${{ steps.release-info.outputs.sha }}" - token: "${{ secrets.TOKEN }}" - platforms: linux/amd64,linux/arm64,linux/arm/v6 - suffix: -rootless - dockerfile: Dockerfile.rootless - override: "${{ steps.release-info.outputs.override }}" - verify-labels: "maintainer=contact@forgejo.org,org.opencontainers.image.version=${{ steps.release-info.outputs.version }}" - verbose: ${{ vars.VERBOSE || secrets.VERBOSE || 'false' }} - - - name: end-to-end tests - if: ${{ secrets.TOKEN != '' && vars.ROLE == 'forgejo-integration' && vars.SKIP_END_TO_END != 'true' }} - uses: https://data.forgejo.org/actions/cascading-pr@v2.2.0 - with: - origin-url: ${{ env.GITHUB_SERVER_URL }} - origin-repo: ${{ github.repository }} - origin-token: ${{ secrets.CASCADE_ORIGIN_TOKEN }} - origin-ref: refs/heads/forgejo - destination-url: https://code.forgejo.org - destination-fork-repo: ${{ vars.CASCADE_DESTINATION_DOER }}/end-to-end - destination-repo: forgejo/end-to-end - destination-branch: main - destination-token: ${{ secrets.CASCADE_DESTINATION_TOKEN }} - update: .forgejo/cascading-release-end-to-end - - - name: copy to experimental - if: vars.ROLE == 'forgejo-integration' && secrets.TOKEN != '' - run: | - if test "${{ vars.VERBOSE }}" = true ; then - set -x - fi - tag=v${{ steps.release-info.outputs.version }} - url=https://any:${{ secrets.TOKEN }}@codeberg.org - if test "${{ steps.release-info.outputs.override }}" = "true" ; then - curl -sS -X DELETE $url/api/v1/repos/forgejo-experimental/forgejo/releases/tags/$tag > /dev/null - curl -sS -X DELETE $url/api/v1/repos/forgejo-experimental/forgejo/tags/$tag > /dev/null - fi - # actions/checkout@v3 sets http.https://codeberg.org/.extraheader with the automatic token. - # Get rid of it so it does not prevent using the token that has write permissions - git config --local --unset http.https://codeberg.org/.extraheader - if test -f .git/shallow ; then - echo "unexptected .git/shallow file is present" - echo "it suggests a checkout --depth X was used which may prevent pushing the commit" - echo "it happens when actions/checkout is called without depth: 0" - fi - git push $url/forgejo-experimental/forgejo ${{ steps.release-info.outputs.sha }}:refs/tags/$tag diff --git a/.forgejo/workflows/cascade-setup-end-to-end.yml b/.forgejo/workflows/cascade-setup-end-to-end.yml deleted file mode 100644 index 710cd27ba4..0000000000 --- a/.forgejo/workflows/cascade-setup-end-to-end.yml +++ /dev/null @@ -1,57 +0,0 @@ -# Copyright 2024 The Forgejo Authors -# SPDX-License-Identifier: MIT -# -# To modify this workflow: -# -# - push it to the wip-ci-end-to-end branch on the forgejo repository -# otherwise it will not have access to the secrets required to push -# the cascading PR -# -# - once it works, open a pull request for the sake of keeping track -# of the change even if the PR won't run it because it will use -# whatever is in the default branch instead -# -# - after it is merged, double check it works by setting the -# run-end-to-end-test on a pull request (any pull request will do) -# -name: issue-labels - -on: - push: - branches: - - 'wip-ci-end-to-end' - pull_request_target: - types: - - labeled - -jobs: - cascade: - if: > - vars.ROLE == 'forgejo-coding' && ( - github.event_name == 'push' || - ( - github.event.action == 'label_updated' && github.event.label.name == 'run-end-to-end-tests' - ) - ) - runs-on: docker - container: - image: data.forgejo.org/oci/node:20-bookworm - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: '0' - show-progress: 'false' - - uses: https://code.forgejo.org/actions/cascading-pr@v2.2.0 - with: - origin-url: ${{ env.GITHUB_SERVER_URL }} - origin-repo: ${{ github.repository }} - origin-token: ${{ secrets.END_TO_END_CASCADING_PR_ORIGIN }} - origin-pr: ${{ github.event.pull_request.number }} - origin-ref: ${{ github.event_name == 'push' && github.event.ref || '' }} - destination-url: https://code.forgejo.org - destination-fork-repo: cascading-pr/end-to-end - destination-repo: forgejo/end-to-end - destination-branch: main - destination-token: ${{ secrets.END_TO_END_CASCADING_PR_DESTINATION }} - close-merge: true - update: .forgejo/cascading-pr-end-to-end diff --git a/.forgejo/workflows/forgejo-integration-cleanup.yml b/.forgejo/workflows/forgejo-integration-cleanup.yml deleted file mode 100644 index 9cef5fac68..0000000000 --- a/.forgejo/workflows/forgejo-integration-cleanup.yml +++ /dev/null @@ -1,39 +0,0 @@ -on: - workflow_dispatch: - - schedule: - - cron: '@daily' - -jobs: - integration-cleanup: - if: vars.ROLE == 'forgejo-integration' - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - - name: apt install curl jq - run: | - export DEBIAN_FRONTEND=noninteractive - apt-get update -qq - apt-get -q install -qq -y curl jq - - - name: remove old releases and tags - run: | - url=https://any:${{ secrets.TOKEN }}@codeberg.org - curl -sS "$url/api/v1/repos/forgejo-integration/forgejo/releases" | jq -r '.[] | "\(.published_at) \(.tag_name)"' | sort | while read published_at version ; do - if echo $version | grep -e '-test$' >/dev/null; then - old="18 months" - else - old="1 day" - fi - too_old=$(env -i date --date="- $old" +%F) - too_old_seconds=$(env -i date --date="- $old" +%s) - published_at_seconds=$(env -i date --date="$published_at" +%s) - if test $published_at_seconds -le $too_old_seconds ; then - echo "$version was published more than $old ago ($published_at <= $too_old) and will be removed" - curl -X DELETE -sS "$url/api/v1/repos/forgejo-integration/forgejo/releases/tags/$version" - else - echo "$version was published less than $old ago" - fi - done diff --git a/.forgejo/workflows/merge-requirements.yml b/.forgejo/workflows/merge-requirements.yml deleted file mode 100644 index d5270321ad..0000000000 --- a/.forgejo/workflows/merge-requirements.yml +++ /dev/null @@ -1,45 +0,0 @@ -# Copyright 2024 The Forgejo Authors -# SPDX-License-Identifier: MIT - -name: requirements - -on: - pull_request: - types: - - labeled - - edited - - opened - - synchronize - -jobs: - merge-conditions: - if: vars.ROLE == 'forgejo-coding' - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - name: Debug output - run: | - cat <<'EOF' - ${{ toJSON(github) }} - EOF - - name: Missing test label - if: > - !( - contains(toJSON(github.event.pull_request.labels), 'test/present') - || contains(toJSON(github.event.pull_request.labels), 'test/not-needed') - || contains(toJSON(github.event.pull_request.labels), 'test/manual') - ) - run: | - echo "Test label must be set to either 'present', 'not-needed' or 'manual'." - exit 1 - - name: Missing manual test instructions - if: > - ( - contains(toJSON(github.event.pull_request.labels), 'test/manual') - && !contains(toJSON(github.event.pull_request.body), '# Test') - ) - run: | - echo "Manual test label is set. The PR description needs to contain test steps introduced by a heading like:" - echo "# Testing" - exit 1 diff --git a/.forgejo/workflows/milestone.yml b/.forgejo/workflows/milestone.yml deleted file mode 100644 index 9a51c515d0..0000000000 --- a/.forgejo/workflows/milestone.yml +++ /dev/null @@ -1,24 +0,0 @@ -# Copyright 2024 The Forgejo Authors -# SPDX-License-Identifier: MIT -# -name: milestone - -on: - pull_request_target: - types: - - closed - -jobs: - set: - if: vars.ROLE == 'forgejo-coding' && github.event.pull_request.merged - runs-on: docker - container: - image: 'data.forgejo.org/oci/ci:1' - steps: - - uses: https://data.forgejo.org/forgejo/set-milestone@v1.0.0 - with: - forgejo: https://codeberg.org - repository: forgejo/forgejo - token: ${{ secrets.SET_MILESTONE_TOKEN }} - pr-number: ${{ github.event.pull_request.number }} - verbose: ${{ vars.SET_MILESTONE_VERBOSE }} diff --git a/.forgejo/workflows/mirror.yml b/.forgejo/workflows/mirror.yml deleted file mode 100644 index 888f7ec07d..0000000000 --- a/.forgejo/workflows/mirror.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: mirror - -on: - workflow_dispatch: - - schedule: - - cron: '@daily' - -jobs: - mirror: - if: ${{ secrets.MIRROR_TOKEN != '' }} - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - name: git push {v*/,}forgejo - run: | - git init --bare . - git remote add origin ${{ env.GITHUB_SERVER_URL }}/${{ env.GITHUB_REPOSITORY }} - git fetch origin refs/heads/forgejo:refs/mirror/forgejo - git ls-remote origin refs/heads/v*/forgejo | while read sha full_ref ; do - ref=${full_ref#refs/heads/} - echo git fetch origin $full_ref:refs/mirror/$ref - git fetch origin $full_ref:refs/mirror/$ref - done - echo git push --force https://${{ vars.MIRROR_DESTINATION }} refs/mirror/*:refs/heads/* - git push --force https://any:${{ secrets.MIRROR_TOKEN }}@${{ vars.MIRROR_DESTINATION }} refs/mirror/*:refs/heads/* diff --git a/.forgejo/workflows/publish-release.yml b/.forgejo/workflows/publish-release.yml deleted file mode 100644 index 0e75912a3a..0000000000 --- a/.forgejo/workflows/publish-release.yml +++ /dev/null @@ -1,86 +0,0 @@ -# SPDX-License-Identifier: MIT -# -# See also https://forgejo.org/docs/next/contributor/release/#stable-release-process -# -# https://codeberg.org/forgejo-experimental/forgejo -# -# Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental -# -# vars.ROLE: forgejo-experimental -# vars.FORGEJO: https://codeberg.org -# vars.FROM_OWNER: forgejo-integration -# vars.TO_OWNER: forgejo-experimental -# vars.REPO: forgejo -# vars.DOER: forgejo-experimental-ci -# secrets.TOKEN: -# -# http://private.forgejo.org/forgejo/forgejo -# -# Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo -# -# vars.ROLE: forgejo-release -# vars.FORGEJO: https://codeberg.org -# vars.FROM_OWNER: forgejo-integration -# vars.TO_OWNER: forgejo -# vars.REPO: forgejo -# vars.DOER: release-team -# secrets.TOKEN: -# secrets.GPG_PRIVATE_KEY: -# secrets.GPG_PASSPHRASE: -# -name: Pubish release - -on: - push: - tags: 'v*' - -jobs: - publish: - runs-on: lxc-bookworm - if: vars.DOER != '' && vars.FORGEJO != '' && vars.TO_OWNER != '' && vars.FROM_OWNER != '' && secrets.TOKEN != '' - steps: - - uses: actions/checkout@v4 - - - name: copy & sign - uses: https://data.forgejo.org/forgejo/forgejo-build-publish/publish@v5.3.1 - with: - from-forgejo: ${{ vars.FORGEJO }} - to-forgejo: ${{ vars.FORGEJO }} - from-owner: ${{ vars.FROM_OWNER }} - to-owner: ${{ vars.TO_OWNER }} - repo: ${{ vars.REPO }} - release-notes: "See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/{VERSION}.md" - ref-name: ${{ github.ref_name }} - sha: ${{ github.sha }} - from-token: ${{ secrets.TOKEN }} - to-doer: ${{ vars.DOER }} - to-token: ${{ secrets.TOKEN }} - gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} - gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} - verbose: ${{ vars.VERBOSE }} - - - name: get trigger mirror issue - id: mirror - uses: https://data.forgejo.org/infrastructure/issue-action/get@v1.3.0 - with: - forgejo: https://code.forgejo.org - repository: forgejo/forgejo - labels: mirror-trigger - - - name: trigger the mirror - uses: https://data.forgejo.org/infrastructure/issue-action/set@v1.3.0 - with: - forgejo: https://code.forgejo.org - repository: forgejo/forgejo - token: ${{ secrets.LABEL_ISSUE_FORGEJO_MIRROR_TOKEN }} - numbers: ${{ steps.mirror.outputs.numbers }} - label-wait-if-exists: 3600 - label: trigger - - - name: upgrade v*.next.forgejo.org - uses: https://data.forgejo.org/infrastructure/next-digest@v1.1.0 - with: - url: https://placeholder:${{ secrets.TOKEN_NEXT_DIGEST }}@code.forgejo.org/infrastructure/next-digest - ref_name: '${{ github.ref_name }}' - image: 'codeberg.org/forgejo-experimental/forgejo' - tag_suffix: '-rootless' diff --git a/.forgejo/workflows/release-notes-assistant-milestones.yml b/.forgejo/workflows/release-notes-assistant-milestones.yml deleted file mode 100644 index 50b267ec14..0000000000 --- a/.forgejo/workflows/release-notes-assistant-milestones.yml +++ /dev/null @@ -1,33 +0,0 @@ -on: - workflow_dispatch: - - schedule: - - cron: '@daily' - -jobs: - release-notes: - if: vars.ROLE == 'forgejo-coding' - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - - uses: https://data.forgejo.org/actions/setup-go@v5 - with: - go-version-file: "go.mod" - cache: false - - - name: apt install jq - run: | - export DEBIAN_FRONTEND=noninteractive - apt-get update -qq - apt-get -q install -y -qq jq - - - name: update open milestones - run: | - set -x - curl -sS $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/milestones?state=open | jq -r '.[] | .title' | while read forgejo version ; do - milestone="$forgejo $version" - go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone" --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version - done diff --git a/.forgejo/workflows/release-notes-assistant.yml b/.forgejo/workflows/release-notes-assistant.yml deleted file mode 100644 index 7217bf4d2b..0000000000 --- a/.forgejo/workflows/release-notes-assistant.yml +++ /dev/null @@ -1,41 +0,0 @@ -name: issue-labels - -on: - pull_request_target: - types: - - edited - - synchronize - - labeled - -jobs: - release-notes: - if: ( vars.ROLE == 'forgejo-coding' ) && contains(github.event.pull_request.labels.*.name, 'worth a release-note') - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - - name: event - run: | - cat <<'EOF' - ${{ toJSON(github.event.pull_request.labels.*.name) }} - EOF - cat <<'EOF' - ${{ toJSON(github.event) }} - EOF - - - uses: https://data.forgejo.org/actions/setup-go@v5 - with: - go-version-file: "go.mod" - cache: false - - - name: apt install jq - run: | - export DEBIAN_FRONTEND=noninteractive - apt-get update -qq - apt-get -q install -y -qq jq - - - name: release-notes-assistant preview - run: | - go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage pr --storage-location ${{ github.event.pull_request.number }} --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} preview ${{ github.event.pull_request.number }} diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml deleted file mode 100644 index 632fb82c19..0000000000 --- a/.forgejo/workflows/renovate.yml +++ /dev/null @@ -1,71 +0,0 @@ -# -# Runs every 2 hours, but Renovate is limited to create new PR before 4am. -# See renovate.json for more settings. -# Automerge is enabled for Renovate PR's but need to be approved before. -# -name: renovate - -on: - push: - branches: - - renovate/** # self-test updates - paths: - - .forgejo/workflows/renovate.yml - schedule: - - cron: '0 0/2 * * *' - workflow_dispatch: - -env: - RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }} - RENOVATE_REPOSITORIES: ${{ github.repository }} - -jobs: - renovate: - if: vars.ROLE == 'forgejo-coding' && secrets.RENOVATE_TOKEN != '' - - runs-on: docker - container: - image: data.forgejo.org/renovate/renovate:39.106.0 - - steps: - - name: Load renovate repo cache - uses: https://data.forgejo.org/actions/cache/restore@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 - with: - path: | - .tmp/cache/renovate/repository - .tmp/cache/renovate/renovate-cache-sqlite - .tmp/osv - key: repo-cache-${{ github.run_id }} - restore-keys: | - repo-cache- - - - name: Run renovate - run: renovate - env: - GITHUB_COM_TOKEN: ${{ secrets.RENOVATE_GITHUB_COM_TOKEN }} - LOG_LEVEL: debug - RENOVATE_BASE_DIR: ${{ github.workspace }}/.tmp - RENOVATE_ENDPOINT: ${{ github.server_url }} - RENOVATE_PLATFORM: gitea - RENOVATE_REPOSITORY_CACHE: 'enabled' - RENOVATE_TOKEN: ${{ secrets.RENOVATE_TOKEN }} - RENOVATE_GIT_AUTHOR: 'Renovate Bot ' - - RENOVATE_X_SQLITE_PACKAGE_CACHE: true - - GIT_AUTHOR_NAME: 'Renovate Bot' - GIT_AUTHOR_EMAIL: 'forgejo-renovate-action@forgejo.org' - GIT_COMMITTER_NAME: 'Renovate Bot' - GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org' - - OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv - - - name: Save renovate repo cache - if: always() && env.RENOVATE_DRY_RUN != 'full' - uses: https://data.forgejo.org/actions/cache/save@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 - with: - path: | - .tmp/cache/renovate/repository - .tmp/cache/renovate/renovate-cache-sqlite - .tmp/osv - key: repo-cache-${{ github.run_id }} diff --git a/.forgejo/workflows/testing.yml b/.forgejo/workflows/testing.yml deleted file mode 100644 index eb3163d3ae..0000000000 --- a/.forgejo/workflows/testing.yml +++ /dev/null @@ -1,287 +0,0 @@ -name: testing - -on: - pull_request: - push: - branches: - - 'forgejo*' - - 'v*/forgejo*' - workflow_dispatch: - -jobs: - backend-checks: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - steps: - - name: event info - run: | - cat <<'EOF' - ${{ toJSON(github) }} - EOF - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - run: su forgejo -c 'make deps-backend deps-tools' - - run: su forgejo -c 'make --always-make -j$(nproc) lint-backend tidy-check swagger-check fmt-check swagger-validate' # ensure the "go-licenses" make target runs - - uses: ./.forgejo/workflows-composite/build-backend - frontend-checks: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - run: make deps-frontend - - run: make lint-frontend - - run: make checks-frontend - - run: make test-frontend-coverage - - run: make frontend - - name: Install zstd for cache saving - # works around https://github.com/actions/cache/issues/1169, because the - # consuming job has zstd and doesn't restore the cache otherwise - run: | - apt-get update -qq - apt-get -q install -qq -y zstd - - name: "Cache frontend build for playwright testing" - uses: actions/cache/save@v4 - with: - path: ${{github.workspace}}/public/assets - key: frontend-build-${{ github.sha }} - test-unit: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks] - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - services: - elasticsearch: - image: data.forgejo.org/oci/bitnami/elasticsearch:7 - options: --tmpfs /bitnami/elasticsearch/data - env: - discovery.type: single-node - ES_JAVA_OPTS: "-Xms512m -Xmx512m" - minio: - image: data.forgejo.org/oci/bitnami/minio:2024.8.17 - options: >- - --hostname gitea.minio --tmpfs /bitnami/minio/data:noatime - env: - MINIO_DOMAIN: minio - MINIO_ROOT_USER: 123456 - MINIO_ROOT_PASSWORD: 12345678 - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - name: install git >= 2.42 - uses: ./.forgejo/workflows-composite/apt-install-from - with: - packages: git - - name: test release-notes-assistant.sh - run: | - apt-get -q install -qq -y jq - ./release-notes-assistant.sh test_main - - uses: ./.forgejo/workflows-composite/build-backend - - run: | - su forgejo -c 'make test-backend test-check' - timeout-minutes: 120 - env: - RACE_ENABLED: 'true' - TAGS: bindata - TEST_ELASTICSEARCH_URL: http://elasticsearch:9200 - test-e2e: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks] - container: - image: 'data.forgejo.org/oci/playwright:latest' - options: --tmpfs /tmp:exec,noatime - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - with: - fetch-depth: 20 - - uses: ./.forgejo/workflows-composite/setup-env - - name: "Restore frontend build" - uses: actions/cache/restore@v4 - id: cache-frontend - with: - path: ${{github.workspace}}/public/assets - key: frontend-build-${{ github.sha }} - - name: "Build frontend (if not cached)" - if: steps.cache-frontend.outputs.cache-hit != 'true' - run: | - su forgejo -c 'make deps-frontend frontend' - - uses: ./.forgejo/workflows-composite/build-backend - - name: Get changed files - id: changed-files - uses: https://data.forgejo.org/tj-actions/changed-files@v45 - with: - separator: '\n' - - run: | - su forgejo -c 'make generate test-e2e-sqlite' - timeout-minutes: 120 - env: - USE_REPO_TEST_DIR: 1 - PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 - CHANGED_FILES: ${{steps.changed-files.outputs.all_changed_files}} - - name: Upload test artifacts on failure - if: failure() - uses: https://data.forgejo.org/forgejo/upload-artifact@v4 - with: - name: test-artifacts.zip - path: tests/e2e/test-artifacts/ - retention-days: 3 - test-remote-cacher: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks, test-unit] - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - name: ${{ format('test-remote-cacher ({0})', matrix.cacher.name) }} - strategy: - matrix: - cacher: - - name: redis - image: data.forgejo.org/oci/bitnami/redis:7.2 - options: --tmpfs /bitnami/redis/data:noatime - - name: redict - image: registry.redict.io/redict:7.3.0-scratch - options: --tmpfs /data:noatime - - name: valkey - image: data.forgejo.org/oci/bitnami/valkey:7.2 - options: --tmpfs /bitnami/redis/data:noatime - - name: garnet - image: ghcr.io/microsoft/garnet-alpine:1.0.14 - options: --tmpfs /data:noatime - services: - cacher: - image: ${{ matrix.cacher.image }} - options: ${{ matrix.cacher.options }} - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - name: install git >= 2.42 - uses: ./.forgejo/workflows-composite/apt-install-from - with: - packages: git - - uses: ./.forgejo/workflows-composite/build-backend - - run: | - su forgejo -c 'make test-remote-cacher test-check' - timeout-minutes: 120 - env: - RACE_ENABLED: 'true' - TAGS: bindata - TEST_REDIS_SERVER: cacher:${{ matrix.cacher.port }} - test-mysql: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks] - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - services: - mysql: - image: 'data.forgejo.org/oci/bitnami/mysql:8.4' - env: - ALLOW_EMPTY_PASSWORD: yes - MYSQL_DATABASE: testgitea - # - # See also https://codeberg.org/forgejo/forgejo/issues/976 - # - MYSQL_EXTRA_FLAGS: --innodb-adaptive-flushing=OFF --innodb-buffer-pool-size=4G --innodb-log-buffer-size=128M --innodb-flush-log-at-trx-commit=0 --innodb-flush-log-at-timeout=30 --innodb-flush-method=nosync --innodb-fsync-threshold=1000000000 --disable-log-bin - options: --tmpfs /bitnami/mysql/data:noatime - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - name: install dependencies & git >= 2.42 - uses: ./.forgejo/workflows-composite/apt-install-from - with: - packages: git git-lfs - - uses: ./.forgejo/workflows-composite/build-backend - - run: | - su forgejo -c 'make test-mysql-migration test-mysql' - timeout-minutes: 120 - env: - USE_REPO_TEST_DIR: 1 - test-pgsql: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks] - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - services: - minio: - image: data.forgejo.org/oci/bitnami/minio:2024.8.17 - env: - MINIO_ROOT_USER: 123456 - MINIO_ROOT_PASSWORD: 12345678 - options: --tmpfs /bitnami/minio/data - ldap: - image: data.forgejo.org/oci/test-openldap:latest - pgsql: - image: data.forgejo.org/oci/bitnami/postgresql:15 - env: - POSTGRESQL_DATABASE: test - POSTGRESQL_PASSWORD: postgres - POSTGRESQL_FSYNC: off - POSTGRESQL_EXTRA_FLAGS: -c full_page_writes=off - options: --tmpfs /bitnami/postgresql - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - name: install dependencies & git >= 2.42 - uses: ./.forgejo/workflows-composite/apt-install-from - with: - packages: git git-lfs - - uses: ./.forgejo/workflows-composite/build-backend - - run: | - su forgejo -c 'make test-pgsql-migration test-pgsql' - timeout-minutes: 120 - env: - RACE_ENABLED: true - USE_REPO_TEST_DIR: 1 - TEST_LDAP: 1 - test-sqlite: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: [backend-checks, frontend-checks] - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - name: install dependencies & git >= 2.42 - uses: ./.forgejo/workflows-composite/apt-install-from - with: - packages: git git-lfs - - uses: ./.forgejo/workflows-composite/build-backend - - run: | - su forgejo -c 'make test-sqlite-migration test-sqlite' - timeout-minutes: 120 - env: - TAGS: sqlite sqlite_unlock_notify - RACE_ENABLED: true - TEST_TAGS: sqlite sqlite_unlock_notify - USE_REPO_TEST_DIR: 1 - security-check: - if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing' - runs-on: docker - needs: - - test-sqlite - - test-pgsql - - test-mysql - - test-remote-cacher - - test-unit - container: - image: 'data.forgejo.org/oci/node:20-bookworm' - options: --tmpfs /tmp:exec,noatime - steps: - - uses: https://data.forgejo.org/actions/checkout@v4 - - uses: ./.forgejo/workflows-composite/setup-env - - run: su forgejo -c 'make deps-backend deps-tools' - - run: su forgejo -c 'make security-check' diff --git a/.gitattributes b/.gitattributes index 4e748c071a..34482b9e8c 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,11 +1,8 @@ * text=auto eol=lf -*.tmpl linguist-language=go-html-template -*.pb.go linguist-generated +*.tmpl linguist-language=Handlebars /assets/*.json linguist-generated -/public/assets/img/svg/*.svg linguist-generated -/templates/swagger/v1_json.tmpl linguist-generated +/public/vendor/** -text -eol linguist-vendored /vendor/** -text -eol linguist-vendored /web_src/fomantic/build/** linguist-generated -/web_src/fomantic/_site/globals/site.variables linguist-language=Less /web_src/js/vendor/** -text -eol linguist-vendored Dockerfile.* linguist-language=Dockerfile diff --git a/.gitea/ISSUE_TEMPLATE/bug-report.md b/.gitea/ISSUE_TEMPLATE/bug-report.md new file mode 100644 index 0000000000..138df035b9 --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/bug-report.md @@ -0,0 +1,53 @@ +--- +name: "Bug Report" +about: "Found something you weren't expecting? Report it here!" +title: "[BUG] " +--- + + +- Forgejo version (or commit ref): +- Git version: +- Operating system: +- Database (use `[x]`): + - [ ] PostgreSQL + - [ ] MySQL + - [ ] MSSQL + - [ ] SQLite +- How are you running Forgejo? + + +## Description + + +## Logs + + +## Screenshots + diff --git a/.gitea/ISSUE_TEMPLATE/feature-request.md b/.gitea/ISSUE_TEMPLATE/feature-request.md new file mode 100644 index 0000000000..3708f2514e --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/feature-request.md @@ -0,0 +1,24 @@ +--- +name: "Feature Request" +about: "Got an idea for a feature that Forgejo doesn't have yet? Submit it here!" +title: "[FEAT] " +--- + + +## Needs and benefits + + +## Feature Description + + +## Screenshots + diff --git a/.gitea/pull_request_template.md b/.gitea/pull_request_template.md new file mode 100644 index 0000000000..a94ec46201 --- /dev/null +++ b/.gitea/pull_request_template.md @@ -0,0 +1,4 @@ + diff --git a/.gitignore b/.gitignore index 79a4108dab..6ec3c3faed 100644 --- a/.gitignore +++ b/.gitignore @@ -14,11 +14,14 @@ _test .idea # Goland's output filename can not be set manually /go_build_* -/gitea_* # MS VSCode .vscode -__debug_bin* +__debug_bin + +# Architecture specific extensions/prefixes +*.[568vq] +[568vq].out *.cgo1.go *.cgo2.c @@ -28,16 +31,12 @@ _cgo_export.* _testmain.go -# folder for project related local files -/local/ - *.exe *.test *.prof *coverage.out coverage.all -coverage/ cpu.out /modules/migration/bindata.go @@ -51,7 +50,6 @@ cpu.out *.db *.log -*.log.*.gz /gitea /gitea-vet @@ -61,11 +59,13 @@ cpu.out /bin /dist /custom/* +!/custom/conf +/custom/conf/* !/custom/conf/app.example.ini /data /indexers /log -/public/assets/img/avatar +/public/img/avatar /tests/integration/gitea-integration-* /tests/integration/indexers-* /tests/e2e/gitea-e2e-* @@ -73,18 +73,16 @@ cpu.out /tests/e2e/reports /tests/e2e/test-artifacts /tests/e2e/test-snapshots -/tests/e2e/.auth /tests/*.ini -/tests/**/*.git/**/*.sample /node_modules -/.venv /yarn.lock /yarn-error.log /npm-debug.log* -/public/assets/js -/public/assets/css -/public/assets/fonts -/public/assets/licenses.txt +/public/js +/public/serviceworker.js +/public/css +/public/fonts +/public/img/webpack /vendor /web_src/fomantic/node_modules /web_src/fomantic/build/* @@ -101,13 +99,8 @@ cpu.out /VERSION /.air /.go-licenses -/.cur-deadcode-out - -# Files and folders that were previously generated -/public/assets/img/webpack # Snapcraft -/gitea_a*.txt snap/.snapcraft/ parts/ stage/ @@ -117,14 +110,11 @@ prime/ *_source.tar.bz2 .DS_Store -# Direnv configuration -/.envrc - -# nix-direnv generated files -.direnv/ - # Make evidence files /.make_evidence # Manpage /man + +# Generated merged Forgejo+Gitea language files +/options/locale/locale_* diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/.gitpod.yml b/.gitpod.yml index 8671edc47c..0b6ad1f30e 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -7,31 +7,21 @@ tasks: command: | gp sync-done setup exit 0 - - name: Run backend - command: | - gp sync-await setup - - # Get the URL and extract the domain - url=$(gp url 3000) - domain=$(echo $url | awk -F[/:] '{print $4}') - - if [ -f custom/conf/app.ini ]; then - sed -i "s|^ROOT_URL =.*|ROOT_URL = ${url}/|" custom/conf/app.ini - sed -i "s|^DOMAIN =.*|DOMAIN = ${domain}|" custom/conf/app.ini - sed -i "s|^SSH_DOMAIN =.*|SSH_DOMAIN = ${domain}|" custom/conf/app.ini - sed -i "s|^NO_REPLY_ADDRESS =.*|SSH_DOMAIN = noreply.${domain}|" custom/conf/app.ini - else - mkdir -p custom/conf/ - echo -e "[server]\nROOT_URL = ${url}/" > custom/conf/app.ini - echo -e "\n[database]\nDB_TYPE = sqlite3\nPATH = $GITPOD_REPO_ROOT/data/gitea.db" >> custom/conf/app.ini - fi - export TAGS="sqlite sqlite_unlock_notify" - make watch-backend - name: Run frontend command: | gp sync-await setup make watch-frontend - openMode: split-right + - name: Run backend + command: | + gp sync-await setup + mkdir -p custom/conf/ + echo -e "[server]\nROOT_URL=$(gp url 3000)/" > custom/conf/app.ini + echo -e "\n[database]\nDB_TYPE = sqlite3\nPATH = $GITPOD_REPO_ROOT/data/gitea.db" >> custom/conf/app.ini + export TAGS="sqlite sqlite_unlock_notify" + make watch-backend + - name: Run docs + before: sudo bash -c "$(grep 'https://github.com/gohugoio/hugo/releases/download' Makefile | tr -d '\')" # install hugo + command: cd docs && make clean update && hugo server -D -F --baseUrl $(gp url 1313) --liveReloadPort=443 --appendPort=false --bind=0.0.0.0 vscode: extensions: @@ -40,12 +30,13 @@ vscode: - golang.go - stylelint.vscode-stylelint - DavidAnson.vscode-markdownlint - - Vue.volar + - johnsoncodehk.volar - ms-azuretools.vscode-docker - - vitest.explorer - - cweijan.vscode-database-client2 - - GitHub.vscode-pull-request-github + - zixuanchen.vitest-explorer + - alexcvzz.vscode-sqlite ports: - name: Gitea port: 3000 + - name: Docs + port: 1313 diff --git a/.golangci.yml b/.golangci.yml index 0678b90bfc..d252b20235 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,39 +1,39 @@ linters: + enable: + - gosimple + - deadcode + - typecheck + - govet + - errcheck + - staticcheck + - unused + - structcheck + - varcheck + - dupl + #- gocyclo # The cyclomatic complexety of a lot of functions is too high, we should refactor those another time. + - gofmt + - gocritic + - bidichk + - ineffassign + - revive + - gofumpt + - depguard + - nakedret + - unconvert + - wastedassign + - nolintlint + - stylecheck enable-all: false disable-all: true fast: false - enable: - - bidichk - - depguard - - dupl - - errcheck - - forbidigo - - gocritic - - gofmt - - gofumpt - - gosimple - - govet - - ineffassign - - nakedret - - nolintlint - - revive - - staticcheck - - stylecheck - - tenv - - testifylint - - typecheck - - unconvert - - unused - - unparam - - wastedassign run: + go: 1.19 timeout: 10m - -output: - sort-results: true - sort-order: [file] - show-stats: true + skip-dirs: + - node_modules + - public + - web_src linters-settings: stylecheck: @@ -43,75 +43,52 @@ linters-settings: gocritic: disabled-checks: - ifElseChain + - singleCaseSwitch # Every time this occurred in the code, there was no other way. revive: - severity: error + ignore-generated-header: false + severity: warning + confidence: 0.8 + errorCode: 1 + warningCode: 1 rules: - - name: atomic - - name: bare-return - name: blank-imports - - name: constant-logical-expr - name: context-as-argument - name: context-keys-type - name: dot-imports - - name: duplicated-imports - - name: empty-lines - - name: error-naming - name: error-return - name: error-strings - - name: errorf + - name: error-naming - name: exported - - name: identical-branches - name: if-return - name: increment-decrement - - name: indent-error-flow - - name: modifies-value-receiver + - name: var-naming + - name: var-declaration - name: package-comments - name: range - name: receiver-naming - - name: redefines-builtin-id - - name: string-of-int - - name: superfluous-else - name: time-naming - - name: unconditional-recursion - name: unexported-return - - name: unreachable-code - - name: var-declaration - - name: var-naming - - name: redefines-builtin-id - disabled: true + - name: indent-error-flow + - name: errorf + - name: duplicated-imports + - name: modifies-value-receiver gofumpt: extra-rules: true + lang-version: "1.19" depguard: - rules: - main: - deny: - - pkg: encoding/json - desc: use gitea's modules/json instead of encoding/json - - pkg: github.com/unknwon/com - desc: use gitea's util and replacements - - pkg: io/ioutil - desc: use os or io instead - - pkg: golang.org/x/exp - desc: it's experimental and unreliable - - pkg: code.gitea.io/gitea/modules/git/internal - desc: do not use the internal package, use AddXxx function instead - - pkg: gopkg.in/ini.v1 - desc: do not use the ini package, use gitea's config system instead - - pkg: github.com/minio/sha256-simd - desc: use crypto/sha256 instead, see https://codeberg.org/forgejo/forgejo/pulls/1528 - testifylint: - disable: - - go-require + # TODO: use depguard to replace import checks in gitea-vet + list-type: denylist + # Check the list against standard lib. + include-go-root: true + packages-with-error-message: + - encoding/json: "use gitea's modules/json instead of encoding/json" + - github.com/unknwon/com: "use gitea's util and replacements" issues: max-issues-per-linter: 0 max-same-issues: 0 - exclude-dirs: [node_modules, public, web_src] - exclude-case-sensitive: true exclude-rules: - - path: models/db/sql_postgres_with_schema.go - linters: - - nolintlint + # Exclude some linters from running on tests files. - path: _test\.go linters: - gocyclo @@ -126,25 +103,76 @@ issues: - errcheck - dupl - gosec - - path: cmd - linters: - - forbidigo - - text: "webhook" - linters: + - linters: - dupl - - text: "`ID' should not be capitalized" + text: "webhook" + - linters: + - gocritic + text: "`ID' should not be capitalized" + - path: modules/templates/helper.go linters: - gocritic - - text: "swagger" - linters: + - linters: - unused - deadcode - - text: "argument x is overwritten before first use" + text: "swagger" + - path: contrib/pr/checkout.go + linters: + - errcheck + - path: models/issue.go + linters: + - errcheck + - path: models/migrations/ + linters: + - errcheck + - path: modules/log/ + linters: + - errcheck + - path: routers/api/v1/repo/issue_subscription.go + linters: + - dupl + - path: routers/repo/view.go + linters: + - dupl + - path: models/migrations/ + linters: + - unused + - linters: + - staticcheck + text: "argument x is overwritten before first use" + - path: modules/httplib/httplib.go linters: - staticcheck + # Enabling this would require refactoring the methods and how they are called. + - path: models/issue_comment_list.go + linters: + - dupl + - path: models/update.go + linters: + - unused + - path: cmd/dump.go + linters: + - dupl + - path: services/webhook/webhook.go + linters: + - structcheck - text: "commentFormatting: put a space between `//` and comment text" linters: - gocritic - text: "exitAfterDefer:" linters: - gocritic + - path: modules/graceful/manager_windows.go + linters: + - staticcheck + text: "svc.IsAnInteractiveSession is deprecated: Use IsWindowsService instead." + - path: models/user/openid.go + linters: + - golint + - path: models/user/badge.go + linters: + - revive + text: "exported: type name will be used as user.UserBadge by other packages, and that stutters; consider calling this Badge" + - path: models/db/sql_postgres_with_schema.go + linters: + - nolintlint diff --git a/.ignore b/.ignore index 5b96dabd38..7836ba8bce 100644 --- a/.ignore +++ b/.ignore @@ -1,11 +1,8 @@ *.min.css *.min.js -/assets/*.json /modules/options/bindata.go /modules/public/bindata.go /modules/templates/bindata.go -/options/gitignore -/options/license -/public/assets +/public/vendor/plugins /vendor node_modules diff --git a/.lgtm b/.lgtm new file mode 100644 index 0000000000..d39781b0bb --- /dev/null +++ b/.lgtm @@ -0,0 +1,3 @@ +pattern = "(?)LGTM" +self_approval_off = true +ignore_maintainers_file = true diff --git a/.mailmap b/.mailmap deleted file mode 100644 index 88ff1591a4..0000000000 --- a/.mailmap +++ /dev/null @@ -1,2 +0,0 @@ -Unknwon -Unknwon ę— é—» diff --git a/.markdownlint.yaml b/.markdownlint.yaml index f740d1a4d6..7ccdd53e89 100644 --- a/.markdownlint.yaml +++ b/.markdownlint.yaml @@ -1,12 +1,13 @@ commands-show-output: false fenced-code-language: false first-line-h1: false -heading-increment: false +header-increment: false line-length: {code_blocks: false, tables: false, stern: true, line_length: -1} no-alt-text: false no-bare-urls: false no-blanks-blockquote: false -no-emphasis-as-heading: false +no-duplicate-header: {allow_different_nesting: true} +no-emphasis-as-header: false no-empty-links: false no-hard-tabs: {code_blocks: false} no-inline-html: false diff --git a/.npmrc b/.npmrc index d9207e7f82..8dcb4185bd 100644 --- a/.npmrc +++ b/.npmrc @@ -3,4 +3,3 @@ fund=false update-notifier=false package-lock=true save-exact=true -lockfile-version=3 diff --git a/.release-notes-assistant.yaml b/.release-notes-assistant.yaml deleted file mode 100644 index b3e5a8e665..0000000000 --- a/.release-notes-assistant.yaml +++ /dev/null @@ -1,27 +0,0 @@ -categorize: './release-notes-assistant.sh' -branch-development: 'forgejo' -branch-pattern: 'v*/forgejo' -branch-find-version: 'v(?P\d+\.\d+)/forgejo' -branch-to-version: '${version}.0' -branch-from-version: 'v%[1]d.%[2]d/forgejo' -tag-from-version: 'v%[1]d.%[2]d.%[3]d' -branch-known: - - 'v7.0/forgejo' -cleanup-line: 'sed -Ee "s/^(feat|fix):\s*//g" -e "s/^\[WIP\] //" -e "s/^WIP: //" -e "s;\[(UI|BUG|FEAT|v.*?/forgejo)\]\s*;;g"' -render-header: | - - ## Release notes -comment: | -
- Where does that come from? - The following is a preview of the release notes for this pull request, as they will appear in the upcoming release. They are derived from the content of the `%[2]s/%[3]s.md` file, if it exists, or the title of the pull request. They were also added at the bottom of the description of this pull request for easier reference. - - This message and the release notes originate from a call to the [release-notes-assistant](https://code.forgejo.org/forgejo/release-notes-assistant). - - ```diff - %[4]s - ``` - -
- - %[1]s diff --git a/.stylelintrc.yaml b/.stylelintrc.yaml new file mode 100644 index 0000000000..9bad55d371 --- /dev/null +++ b/.stylelintrc.yaml @@ -0,0 +1,32 @@ +extends: stylelint-config-standard + +overrides: + - files: ["**/*.less"] + customSyntax: postcss-less + +rules: + alpha-value-notation: null + at-rule-empty-line-before: null + block-closing-brace-empty-line-before: null + color-function-notation: null + color-hex-length: null + comment-empty-line-before: null + declaration-block-no-redundant-longhand-properties: null + declaration-block-single-line-max-declarations: null + declaration-empty-line-before: null + function-no-unknown: null + hue-degree-notation: null + indentation: 2 + max-line-length: null + no-descending-specificity: null + no-invalid-position-at-import-rule: null + number-leading-zero: never + number-max-precision: null + property-no-vendor-prefix: null + rule-empty-line-before: null + selector-class-pattern: null + selector-id-pattern: null + selector-pseudo-element-colon-notation: double + shorthand-property-no-redundant-values: true + string-quotes: null + value-no-vendor-prefix: null diff --git a/.woodpecker/compliance.yml b/.woodpecker/compliance.yml new file mode 100644 index 0000000000..4a84dd8a62 --- /dev/null +++ b/.woodpecker/compliance.yml @@ -0,0 +1,75 @@ +platform: linux/amd64 + +when: + event: [ push, pull_request, manual ] + branch: + exclude: [ soft-fork/*/*, soft-fork/*/*/* ] + +variables: + - &golang_image 'golang:1.20' + - &test_image 'codeberg.org/forgejo/test_env:1.18' + - &goproxy_override '' + - &goproxy_setup |- + if [ -n "$${GOPROXY_OVERRIDE:-}" ]; then + export GOPROXY="$${GOPROXY_OVERRIDE}"; + echo "Using goproxy from goproxy_override \"$${GOPROXY}\""; + elif [ -n "$${GOPROXY_DEFAULT:-}" ]; then + export GOPROXY="$${GOPROXY_DEFAULT}"; + echo "Using goproxy from goproxy_default (secret) not displaying"; + else + export GOPROXY="https://proxy.golang.org,direct"; + echo "No goproxy overrides or defaults given, using \"$${GOPROXY}\""; + fi + +workspace: + base: /go + path: src/codeberg/gitea + +pipeline: + deps-backend: + image: *golang_image + pull: true + environment: + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + commands: + - *goproxy_setup + - make deps-backend + + security-check: + image: *golang_image + group: checks + pull: true + environment: + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + commands: + - *goproxy_setup + - make security-check + + lint-backend: + image: *test_image + pull: true + group: checks + environment: + GOPROXY_OVERRIDE: *goproxy_override + TAGS: 'bindata sqlite sqlite_unlock_notify' + GOSUMDB: 'sum.golang.org' + secrets: + - goproxy_default + commands: + - *goproxy_setup + - make lint-backend + + checks-backend: + image: *test_image + group: checks + environment: + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + commands: + - *goproxy_setup + - make --always-make checks-backend diff --git a/.woodpecker/testing-amd64.yml b/.woodpecker/testing-amd64.yml new file mode 100644 index 0000000000..c321a4bd78 --- /dev/null +++ b/.woodpecker/testing-amd64.yml @@ -0,0 +1,149 @@ +platform: linux/amd64 + +when: + event: [ push, pull_request, manual ] + branch: + exclude: [ soft-fork/*/*, soft-fork/*/*/* ] + +depends_on: +- compliance + +variables: + - &golang_image 'golang:1.20' + - &test_image 'codeberg.org/forgejo/test_env:1.18' + - &mysql_image 'mysql:8' + - &pgsql_image 'postgres:10' + - &goproxy_override '' + - &goproxy_setup |- + if [ -n "$${GOPROXY_OVERRIDE:-}" ]; then + export GOPROXY="$${GOPROXY_OVERRIDE}"; + echo "Using goproxy from goproxy_override \"$${GOPROXY}\""; + elif [ -n "$${GOPROXY_DEFAULT:-}" ]; then + export GOPROXY="$${GOPROXY_DEFAULT}"; + echo "Using goproxy from goproxy_default (secret) not displaying"; + else + export GOPROXY="https://proxy.golang.org,direct"; + echo "No goproxy overrides or defaults given, using \"$${GOPROXY}\""; + fi + +services: + mysql8: + image: *mysql_image + pull: true + environment: + MYSQL_ALLOW_EMPTY_PASSWORD: yes + MYSQL_DATABASE: testgitea + + pgsql: + image: *pgsql_image + pull: true + environment: + POSTGRES_DB: test + POSTGRES_PASSWORD: postgres + +workspace: + base: /go + path: src/codeberg/gitea + +pipeline: + git-safe: + image: *golang_image + pull: true + commands: + - git config --add safe.directory '*' + + deps-backend: + image: *golang_image + pull: true + environment: + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + commands: + - *goproxy_setup + - make deps-backend + + tag-pre-condition: + image: *golang_image + pull: true + commands: + - git update-ref refs/heads/tag_test ${CI_COMMIT_SHA} + + prepare-test-env: + image: *test_image + pull: true + commands: + - ./build/test-env-prepare.sh + + environment-to-ini: + image: *golang_image + environment: + GOPROXY_OVERRIDE: *goproxy_override + commands: + - *goproxy_setup + - go test contrib/environment-to-ini/environment-to-ini.go contrib/environment-to-ini/environment-to-ini_test.go + + build: + image: *test_image + environment: + GOSUMDB: sum.golang.org + TAGS: bindata sqlite sqlite_unlock_notify + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + commands: + - *goproxy_setup + - su gitea -c './build/test-env-check.sh' + - su gitea -c 'make backend' + + unit-test: + image: *test_image + environment: + TAGS: 'bindata sqlite sqlite_unlock_notify' + RACE_ENABLED: 'true' + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - github_read_token + - goproxy_default + commands: + - *goproxy_setup + - su gitea -c 'make unit-test-coverage test-check' + + test-mysql8: + group: integration + image: *test_image + commands: + - *goproxy_setup + - su gitea -c 'timeout -s ABRT 50m make test-mysql8-migration test-mysql8' + environment: + TAGS: 'bindata' + RACE_ENABLED: 'true' + USE_REPO_TEST_DIR: '1' + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + + test-pgsql: + group: integration + image: *test_image + commands: + - *goproxy_setup + - su gitea -c 'timeout -s ABRT 50m make test-pgsql-migration test-pgsql' + environment: + TAGS: 'bindata' + RACE_ENABLED: 'true' + USE_REPO_TEST_DIR: '1' + GOPROXY_OVERRIDE: *goproxy_override + secrets: + - goproxy_default + + test-sqlite: + group: integration + image: *test_image + environment: + - USE_REPO_TEST_DIR=1 + - GOPROXY=off + - TAGS=bindata gogit sqlite sqlite_unlock_notify + - TEST_TAGS=bindata gogit sqlite sqlite_unlock_notify + commands: + - su gitea -c 'timeout -s ABRT 120m make test-sqlite-migration test-sqlite' diff --git a/.yamllint.yaml b/.yamllint.yaml deleted file mode 100644 index 5a1e1e8751..0000000000 --- a/.yamllint.yaml +++ /dev/null @@ -1,44 +0,0 @@ -extends: default - -rules: - braces: - min-spaces-inside: 0 - max-spaces-inside: 1 - min-spaces-inside-empty: 0 - max-spaces-inside-empty: 0 - - brackets: - min-spaces-inside: 0 - max-spaces-inside: 1 - min-spaces-inside-empty: 0 - max-spaces-inside-empty: 0 - - comments: - require-starting-space: true - ignore-shebangs: true - min-spaces-from-content: 1 - - comments-indentation: - level: error - - document-start: - level: error - present: false - - document-end: - present: false - - empty-lines: - max: 1 - - indentation: - spaces: 2 - - line-length: disable - - truthy: - allowed-values: ["true", "false", "on", "off"] - -ignore: | - .venv - node_modules diff --git a/BSDmakefile b/BSDmakefile index 79696eadcf..2b4cae678b 100644 --- a/BSDmakefile +++ b/BSDmakefile @@ -1,7 +1,6 @@ # GNU makefile proxy script for BSD make -# # Written and maintained by Mahmoud Al-Qudsi -# Copyright NeoSmart Technologies 2014-2019 +# Copyright NeoSmart Technologies 2014-2018 # Obtain updates from # # Redistribution and use in source and binary forms, with or without @@ -27,32 +26,26 @@ JARG = GMAKE = "gmake" -# When gmake is called from another make instance, -w is automatically added -# which causes extraneous messages about directory changes to be emitted. -# Running with --no-print-directory silences these messages. +#When gmake is called from another make instance, -w is automatically added +#which causes extraneous messages about directory changes to be emitted. +#--no-print-directory silences these messages. GARGS = "--no-print-directory" .if "$(.MAKE.JOBS)" != "" - JARG = -j$(.MAKE.JOBS) +JARG = -j$(.MAKE.JOBS) .endif -# bmake prefers out-of-source builds and tries to cd into ./obj (among others) -# where possible. GNU Make doesn't, so override that value. +#by default bmake will cd into ./obj first .OBJDIR: ./ -# The GNU convention is to use the lowercased `prefix` variable/macro to -# specify the installation directory. Humor them. -GPREFIX = -.if defined(PREFIX) && ! defined(prefix) - GPREFIX = 'prefix = "$(PREFIX)"' -.endif - -.BEGIN: .SILENT - which $(GMAKE) || (printf "Error: GNU Make is required!\n\n" 1>&2 && false) - .PHONY: FRC $(.TARGETS): FRC - $(GMAKE) $(GPREFIX) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG) + $(GMAKE) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG) .DONE .DEFAULT: .SILENT - $(GMAKE) $(GPREFIX) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG) + $(GMAKE) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG) + +.ERROR: .SILENT + if ! which $(GMAKE) > /dev/null; then \ + echo "GNU Make is required!"; \ + fi diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000000..358a0e3749 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,6576 @@ +# Changelog + +This changelog goes through all the changes that have been made in each release +without substantial changes to our git log; to see the highlights of what has +been added to each release, please refer to the [blog](https://blog.gitea.io). + +## [1.18.5](https://github.com/go-gitea/gitea/releases/tag/v1.18.5) - 2023-02-21 + +* ENHANCEMENTS + * Hide 2FA status from other members in organization members list (#22999) (#23023) +* BUGFIXES + * Add force_merge to merge request and fix checking mergable (#23010) (#23032) + * Use `--message=%s` for git commit message (#23028) (#23029) + * Render access log template as text instead of HTML (#23013) (#23025) + * Fix the Manually Merged form (#23015) (#23017) + * Use beforeCommit instead of baseCommit (#22949) (#22996) + * Display attachments of review comment when comment content is blank (#23035) (#23046) + * Return empty url for submodule tree entries (#23043) (#23048) + +## [1.18.4](https://github.com/go-gitea/gitea/releases/tag/1.18.4) - 2023-02-20 + +* SECURITY + * Provide the ability to set password hash algorithm parameters (#22942) (#22943) + * Add command to bulk set must-change-password (#22823) (#22928) +* ENHANCEMENTS + * Use import of OCI structs (#22765) (#22805) + * Fix color of tertiary button on dark theme (#22739) (#22744) + * Link issue and pull requests status change in UI notifications directly to their event in the timelined view. (#22627) (#22642) +* BUGFIXES + * Notify on container image create (#22806) (#22965) + * Fix blame view missing lines (#22826) (#22929) + * Fix incorrect role labels for migrated issues and comments (#22914) (#22923) + * Fix PR file tree folders no longer collapsing (#22864) (#22872) + * Escape filename when assemble URL (#22850) (#22871) + * Fix isAllowed of escapeStreamer (#22814) (#22837) + * Load issue before accessing index in merge message (#22822) (#22830) + * Improve trace logging for pulls and processes (#22633) (#22812) + * Fix restore repo bug, clarify the problem of ForeignIndex (#22776) (#22794) + * Add default user visibility to cli command "admin user create" (#22750) (#22760) + * Escape path for the file list (#22741) (#22757) + * Fix bugs with WebAuthn preventing sign in and registration. (#22651) (#22721) + * Add missing close bracket in imagediff (#22710) (#22712) + * Move code comments to a standalone file and fix the bug when adding a reply to an outdated review appears to not post(#20821) (#22707) + * Fix line spacing for plaintext previews (#22699) (#22701) + * Fix wrong hint when deleting a branch successfully from pull request UI (#22673) (#22698) + * Fix README TOC links (#22577) (#22677) + * Fix missing message in git hook when pull requests disabled on fork (#22625) (#22658) + * Improve checkIfPRContentChanged (#22611) (#22644) + * Prevent duplicate labels when importing more than 99 (#22591) (#22598) + * Don't return duplicated users who can create org repo (#22560) (#22562) +* BUILD + * Upgrade golangcilint to v1.51.0 (#22764) +* MISC + * Use proxy for pull mirror (#22771) (#22772) + * Use `--index-url` in PyPi description (#22620) (#22636) + +## [1.18.3](https://github.com/go-gitea/gitea/releases/tag/v1.18.3) - 2023-01-23 + +* SECURITY + * Prevent multiple `To` recipients (#22566) (#22569) +* BUGFIXES + * Truncate commit summary on repo files table. (#22551) (#22552) + * Mute all links in issue timeline (#22534) + +## [1.18.2](https://github.com/go-gitea/gitea/releases/tag/v1.18.2) - 2023-01-19 + +* BUGFIXES + * When updating by rebase we need to set the environment for head repo (#22535) (#22536) + * Fix issue not auto-closing when it includes a reference to a branch (#22514) (#22521) + * Fix invalid issue branch reference if not specified in template (#22513) (#22520) + * Fix 500 error viewing pull request when fork has pull requests disabled (#22512) (#22515) + * Reliable selection of admin user (#22509) (#22511) + * Set disable_gravatar/enable_federated_avatar when offline mode is true (#22479) (#22496) +* BUILD + * cgo cross-compile for freebsd (#22397) (#22519) + +## [1.18.1](https://github.com/go-gitea/gitea/releases/tag/v1.18.1) - 2023-01-17 + +* API + * Add `sync_on_commit` option for push mirrors api (#22271) (#22292) +* BUGFIXES + * Update `github.com/zeripath/zapx/v15` (#22485) + * Fix pull request API field `closed_at` always being `null` (#22482) (#22483) + * Fix container blob mount (#22226) (#22476) + * Fix error when calculating repository size (#22392) (#22474) + * Fix Operator does not exist bug on explore page with ONLY_SHOW_RELEVANT_REPOS (#22454) (#22472) + * Fix environments for KaTeX and error reporting (#22453) (#22473) + * Remove the netgo tag for Windows build (#22467) (#22468) + * Fix migration from GitBucket (#22477) (#22465) + * Prevent panic on looking at api "git" endpoints for empty repos (#22457) (#22458) + * Fix PR status layout on mobile (#21547) (#22441) + * Fix wechatwork webhook sends empty content in PR review (#21762) (#22440) + * Remove duplicate "Actions" label in mobile view (#21974) (#22439) + * Fix leaving organization bug on user settings -> orgs (#21983) (#22438) + * Fixed colour transparency regex matching in project board sorting (#22092) (#22437) + * Correctly handle select on multiple channels in Queues (#22146) (#22428) + * Prepend refs/heads/ to issue template refs (#20461) (#22427) + * Restore function to "Show more" buttons (#22399) (#22426) + * Continue GCing other repos on error in one repo (#22422) (#22425) + * Allow HOST has no port (#22280) (#22409) + * Fix omit avatar_url in discord payload when empty (#22393) (#22394) + * Don't display stop watch top bar icon when disabled and hidden when click other place (#22374) (#22387) + * Don't lookup mail server when using sendmail (#22300) (#22383) + * Fix gravatar disable bug (#22337) + * Fix update settings table on install (#22326) (#22327) + * Fix sitemap (#22272) (#22320) + * Fix code search title translation (#22285) (#22316) + * Fix due date rendering the wrong date in issue (#22302) (#22306) + * Fix get system setting bug when enabled redis cache (#22298) + * Fix bug of DisableGravatar default value (#22297) + * Fix key signature error page (#22229) (#22230) +* TESTING + * Remove test session cache to reduce possible concurrent problem (#22199) (#22429) +* MISC + * Restore previous official review when an official review is deleted (#22449) (#22460) + * Log STDERR of external renderer when it fails (#22442) (#22444) + +## [1.18.0](https://github.com/go-gitea/gitea/releases/tag/1.18.0) - 2022-12-22 + +* SECURITY + * Remove ReverseProxy authentication from the API (#22219) (#22251) + * Support Go Vulnerability Management (#21139) + * Forbid HTML string tooltips (#20935) +* BREAKING + * Rework mailer settings (#18982) + * Remove U2F support (#20141) + * Refactor `i18n` to `locale` (#20153) + * Enable contenthash in filename for dynamic assets (#20813) +* FEATURES + * Add color previews in markdown (#21474) + * Allow package version sorting (#21453) + * Add support for Chocolatey/NuGet v2 API (#21393) + * Add API endpoint to get changed files of a PR (#21177) + * Add filetree on left of diff view (#21012) + * Support Issue forms and PR forms (#20987) + * Add support for Vagrant packages (#20930) + * Add support for `npm unpublish` (#20688) + * Add badge capabilities to users (#20607) + * Add issue filter for Author (#20578) + * Add KaTeX rendering to Markdown. (#20571) + * Add support for Pub packages (#20560) + * Support localized README (#20508) + * Add support mCaptcha as captcha provider (#20458) + * Add team member invite by email (#20307) + * Added email notification option to receive all own messages (#20179) + * Switch Unicode Escaping to a VSCode-like system (#19990) + * Add user/organization code search (#19977) + * Only show relevant repositories on explore page (#19361) + * User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133) + * Add sitemap support (#18407) + * Allow creation of OAuth2 applications for orgs (#18084) + * Add system setting table with cache and also add cache supports for user setting (#18058) + * Add pages to view watched repos and subscribed issues/PRs (#17156) + * Support Proxy protocol (#12527) + * Implement sync push mirror on commit (#19411) +* API + * Allow empty assignees on pull request edit (#22150) (#22214) + * Make external issue tracker regexp configurable via API (#21338) + * Add name field for org api (#21270) + * Show teams with no members if user is admin (#21204) + * Add latest commit's SHA to content response (#20398) + * Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079) + * Add new endpoints for push mirrors management (#19841) +* ENHANCEMENTS + * Add setting to disable the git apply step in test patch (#22130) (#22170) + * Multiple improvements for comment edit diff (#21990) (#22007) + * Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21928) + * Fix flex layout for repo list icons (#21896) (#21920) + * Fix vertical align of committer avatar rendered by email address (#21884) (#21918) + * Fix setting HTTP headers after write (#21833) (#21877) + * Color and Style enhancements (#21784, #21799) (#21868) + * Ignore line anchor links with leading zeroes (#21728) (#21776) + * Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738) + * Use CSS color-scheme instead of invert (#21616) (#21623) + * Respect user's locale when rendering the date range in the repo activity page (#21410) + * Change `commits-table` column width (#21564) + * Refactor git command arguments and make all arguments to be safe to be used (#21535) + * CSS color enhancements (#21534) + * Add link to user profile in markdown mention only if user exists (#21533, #21554) + * Add option to skip index dirs (#21501) + * Diff file tree tweaks (#21446) + * Localize all timestamps (#21440) + * Add `code` highlighting in issue titles (#21432) + * Use Name instead of DisplayName in LFS Lock (#21415) + * Consolidate more CSS colors into variables (#21402) + * Redirect to new repository owner (#21398) + * Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396) + * Use weighted algorithm for string matching when finding files in repo (#21370) + * Show private data in feeds (#21369) + * Refactor parseTreeEntries, speed up tree list (#21368) + * Add GET and DELETE endpoints for Docker blob uploads (#21367) + * Add nicer error handling on template compile errors (#21350) + * Add `stat` to `ToCommit` function for speed (#21337) + * Support instance-wide OAuth2 applications (#21335) + * Record OAuth client type at registration (#21316) + * Add new CSS variables --color-accent and --color-small-accent (#21305) + * Improve error descriptions for unauthorized_client (#21292) + * Case-insensitive "find files in repo" (#21269) + * Consolidate more CSS rules, fix inline code on arc-green (#21260) + * Log real ip of requests from ssh (#21216) + * Save files in local storage as group readable (#21198) + * Enable fluid page layout on medium size viewports (#21178) + * File header tweaks (#21175) + * Added missing headers on user packages page (#21172) + * Display image digest for container packages (#21170) + * Skip dirty check for team forms (#21154) + * Keep path when creating a new branch (#21153) + * Remove fomantic image module (#21145) + * Make labels clickable in the comments section. (#21137) + * Sort branches and tags by date descending (#21136) + * Better repo API unit checks (#21130) + * Improve commit status icons (#21124) + * Limit length of repo description and repo url input fields (#21119) + * Show .editorconfig errors in frontend (#21088) + * Allow poster to choose reviewers (#21084) + * Remove black labels and CSS cleanup (#21003) + * Make e-mail sanity check more precise (#20991) + * Use native inputs in whitespace dropdown (#20980) + * Enhance package date display (#20928) + * Display total blob size of a package version (#20927) + * Show language name on hover (#20923) + * Show instructions for all generic package files (#20917) + * Refactor AssertExistsAndLoadBean to use generics (#20797) + * Move the official website link at the footer of gitea (#20777) + * Add support for full name in reverse proxy auth (#20776) + * Remove useless JS operation for relative time tooltips (#20756) + * Replace some icons with SVG (#20741) + * Change commit status icons to SVG (#20736) + * Improve single repo action for issue and pull requests (#20730) + * Allow multiple files in generic packages (#20661) + * Add option to create new issue from /issues page (#20650) + * Background color of private list-items updated (#20630) + * Added search input field to issue filter (#20623) + * Increase default item listing size `ISSUE_PAGING_NUM` to 20 (#20547) + * Modify milestone search keywords to be case insensitive again (#20513) + * Show hint to link package to repo when viewing empty repo package list (#20504) + * Add Tar ZSTD support (#20493) + * Make code review checkboxes clickable (#20481) + * Add "X-Gitea-Object-Type" header for GET `/raw/` & `/media/` API (#20438) + * Display project in issue list (#20434) + * Prepend commit message to template content when opening a new PR (#20429) + * Replace fomantic popup module with tippy.js (#20428) + * Allow to specify colors for text in markup (#20363) + * Allow access to the Public Organization Member lists with minimal permissions (#20330) + * Use default values when provided values are empty (#20318) + * Vertical align navbar avatar at middle (#20302) + * Delete cancel button in repo creation page (#21381) + * Include login_name in adminCreateUser response (#20283) + * fix: icon margin in user/settings/repos (#20281) + * Remove blue text on migrate page (#20273) + * Modify milestone search keywords to be case insensitive (#20266) + * Move some files into models' sub packages (#20262) + * Add tooltip to repo icons in explore page (#20241) + * Remove deprecated licenses (#20222) + * Webhook for Wiki changes (#20219) + * Share HTML template renderers and create a watcher framework (#20218) + * Allow enable LDAP source and disable user sync via CLI (#20206) + * Adds a checkbox to select all issues/PRs (#20177) + * Refactor `i18n` to `locale` (#20153) + * Disable status checks in template if none found (#20088) + * Allow manager logging to set SQL (#20064) + * Add order by for assignee no sort issue (#20053) + * Take a stab at porting existing components to Vue3 (#20044) + * Add doctor command to write commit-graphs (#20007) + * Add support for authentication based on reverse proxy email (#19949) + * Enable spellcheck for EasyMDE, use contenteditable mode (#19776) + * Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663) + * Rework mailer settings (#18982) + * Add option to purge users (#18064) + * Add author search input (#21246) + * Make rss/atom identifier globally unique (#21550) +* BUGFIXES + * Auth interface return error when verify failure (#22119) (#22259) + * Use complete SHA to create and query commit status (#22244) (#22257) + * Update bleve and zapx to fix unaligned atomic (#22031) (#22218) + * Prevent panic in doctor command when running default checks (#21791) (#21807) + * Load GitRepo in API before deleting issue (#21720) (#21796) + * Ignore line anchor links with leading zeroes (#21728) (#21776) + * Set last login when activating account (#21731) (#21755) + * Fix UI language switching bug (#21597) (#21749) + * Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738) + * Allow local package identifiers for PyPI packages (#21690) (#21727) + * Deal with markdown template without metadata (#21639) (#21654) + * Fix opaque background on mermaid diagrams (#21642) (#21652) + * Fix repository adoption on Windows (#21646) (#21650) + * Sync git hooks when config file path changed (#21619) (#21626) + * Fix 500 on PR files API (#21602) (#21607) + * Fix `Timestamp.IsZero` (#21593) (#21603) + * Fix viewing user subscriptions (#21482) + * Fix mermaid-related bugs (#21431) + * Fix branch dropdown shifting on page load (#21428) + * Fix default theme-auto selector when nologin (#21346) + * Fix and improve incorrect error messages (#21342) + * Fix formatted link for PR review notifications to matrix (#21319) + * Center-aligning content of WebAuthN page (#21127) + * Remove follow from commits by file (#20765) + * Fix commit status popup (#20737) + * Fix init mail render logic (#20704) + * Use correct page size for link header pagination (#20546) + * Preserve unix socket file (#20499) + * Use tippy.js for context popup (#20393) + * Add missing parameter for error in log message (#20144) + * Do not allow organisation owners add themselves as collaborator (#20043) + * Rework file highlight rendering and fix yaml copy-paste (#19967) + * Improve code diff highlight, fix incorrect rendered diff result (#19958) +* TESTING + * Improve OAuth integration tests (#21390) + * Add playwright tests (#20123) +* BUILD + * Switch to building with go1.19 (#20695) + * Update JS dependencies, adjust eslint (#20659) + * Add more linters to improve code readability (#19989) + +## [1.17.4](https://github.com/go-gitea/gitea/releases/tag/1.17.4) - 2022-12-21 + +* SECURITY + * Do not allow Ghost access to limited visible user/org (#21849) (#21875) + * Fix package access for admins and inactive users (#21580) (#21592) +* ENHANCEMENTS + * Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21927) + * Fix vertical align of committer avatar rendered by email address (#21884) (#21919) + * Fix setting HTTP headers after write (#21833) (#21874) + * Ignore line anchor links with leading zeroes (#21728) (#21777) + * Enable Monaco automaticLayout (#21516) +* BUGFIXES + * Do not list active repositories as unadopted (#22034) (#22167) + * Correctly handle moved files in apply patch (#22118) (#22136) + * Fix condition for is_internal (#22095) (#22131) + * Fix permission check on issue/pull lock (#22114) + * Fix sorting admin user list by last login (#22081) (#22106) + * Workaround for container registry push/pull errors (#21862) (#22069) + * Fix issue/PR numbers (#22037) (#22045) + * Handle empty author names (#21902) (#22028) + * Fix ListBranches to handle empty case (#21921) (#22025) + * Fix enabling partial clones on 1.17 (#21809) + * Prevent panic in doctor command when running default checks (#21791) (#21808) + * Upgrade golang.org/x/crypto (#21792) (#21794) + * Init git module before database migration (#21764) (#21766) + * Set last login when activating account (#21731) (#21754) + * Add HEAD fix to gitea doctor (#21352) (#21751) + * Fix UI language switching bug (#21597) (#21748) + * Remove semver compatible flag and change pypi to an array of test cases (#21708) (#21729) + * Allow local package identifiers for PyPI packages (#21690) (#21726) + * Fix repository adoption on Windows (#21646) (#21651) + * Sync git hooks when config file path changed (#21619) (#21625) + * Added check for disabled Packages (#21540) (#21614) + * Fix `Timestamp.IsZero` (#21593) (#21604) + * Fix issues count bug (#21600) + * Support binary deploy in npm packages (#21589) + * Update milestone counters when issue is deleted (#21459) (#21586) + * SessionUser protection against nil pointer dereference (#21581) + * Case-insensitive NuGet symbol file GUID (#21409) (#21575) + * Suppress `ExternalLoginUserNotExist` error (#21504) (#21572) + * Prevent Authorization header for presigned LFS urls (#21531) (#21569) + * Update binding to fix bugs (#21560) + * Fix generating compare link (#21519) (#21530) + * Ignore error when retrieving changed PR review files (#21487) (#21524) + * Fix incorrect notification commit url (#21479) (#21483) + * Display total commit count in hook message (#21400) (#21481) + * Enforce grouped NuGet search results (#21442) (#21480) + * Return 404 when user is not found on avatar (#21476) (#21477) + * Normalize NuGet package version on upload (#22186) (#22201) +* MISC + * Check for zero time instant in TimeStamp.IsZero() (#22171) (#22173) + * Fix warn in database structs sync (#22111) + * Allow for resolution of NPM registry paths that match upstream (#21568) (#21723) + +## [1.17.3](https://github.com/go-gitea/gitea/releases/tag/v1.17.3) - 2022-10-15 + +* SECURITY + * Sanitize and Escape refs in git backend (#21464) (#21463) + * Bump `golang.org/x/text` (#21412) (#21413) + * Update bluemonday (#21281) (#21287) +* ENHANCEMENTS + * Fix empty container layer history and UI (#21251) (#21278) + * Use en-US as fallback when using other default language (#21200) (#21256) + * Make the vscode clone link respect transport protocol (#20557) (#21128) +* BUGFIXES + * Do DB update after merge in hammer context (#21401) (#21416) + * Add Num{Issues,Pulls} stats checks (#21404) (#21414) + * Stop logging CheckPath returns error: context canceled (#21064) (#21405) + * Parse OAuth Authorization header when request omits client secret (#21351) (#21374) + * Ignore port for loopback redirect URIs (#21293) (#21373) + * Set SemverCompatible to false for Conan packages (#21275) (#21366) + * Tag list should include draft releases with existing tags (#21263) (#21365) + * Fix linked account translation (#21331) (#21334) + * Make NuGet service index publicly accessible (#21242) (#21277) + * Foreign ID conflicts if ID is 0 for each item (#21271) (#21272) + * Use absolute links in feeds (#21229) (#21265) + * Prevent invalid behavior for file reviewing when loading more files (#21230) (#21234) + * Respect `REQUIRE_SIGNIN_VIEW` for packages (#20873) (#21232) + * Treat git object mode 40755 as directory (#21195) (#21218) + * Allow uppercase ASCII alphabet in PyPI package names (#21095) (#21217) + * Fix limited user cannot view himself's profile (#21212) + * Fix template bug of admin monitor (#21209) + * Fix reaction of issues (#21185) (#21196) + * Fix CSV diff for added/deleted files (#21189) (#21193) + * Fix pagination limit parameter problem (#21111) +* TESTING + * Fix missing m.Run() in TestMain (#21341) +* BUILD + * Use Go 1.19 fmt for Gitea 1.17, sync emoji data (#21239) + +## [1.17.2](https://github.com/go-gitea/gitea/releases/tag/v1.17.2) - 2022-09-06 + +* SECURITY + * Double check CloneURL is acceptable (#20869) (#20892) + * Add more checks in migration code (#21011) (#21050) +* ENHANCEMENTS + * Fix hard-coded timeout and error panic in API archive download endpoint (#20925) (#21051) + * Improve arc-green code theme (#21039) (#21042) + * Enable contenthash in filename for dynamic assets (#20813) (#20932) + * Don't open new page for ext wiki on same repository (#20725) (#20910) + * Disable doctor logging on panic (#20847) (#20898) + * Remove calls to load Mirrors in user.Dashboard (#20855) (#20897) + * Update codemirror to 5.65.8 (#20875) + * Rework repo buttons (#20602, #20718) (#20719) +* BUGFIXES + * Ensure delete user deletes all comments (#21067) (#21068) + * Delete unreferenced packages when deleting a package version (#20977) (#21060) + * Redirect if user does not exist on admin pages (#20981) (#21059) + * Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (#20902) (#21058) + * Fix 500 on time in timeline API (#21052) (#21057) + * Fill the specified ref in webhook test payload (#20961) (#21055) + * Add another index for Action table on postgres (#21033) (#21054) + * Fix broken insecureskipverify handling in redis connection uris (#20967) (#21053) + * Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (#21017) (#21044) + * Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037) + * Fix modified due date message (#20388) (#21032) + * Fix missed sort bug (#21006) + * Fix input.value attr for RequiredClaimName/Value (#20946) (#21001) + * Change review buttons to icons to make space for text (#20934) (#20978) + * Fix download archiver of a commit (#20962) (#20971) + * Return 404 NotFound if requested attachment does not exist (#20886) (#20941) + * Set no-tags in git fetch on compare (#20893) (#20936) + * Allow multiple metadata files for Maven packages (#20674) (#20916) + * Increase Content field size of gpg_key and public_key to MEDIUMTEXT (#20896) (#20911) + * Fix mirror address setting not working (#20850) (#20904) + * Fix push mirror address backend get error Address cause setting page display error (#20593) (#20901) + * Fix panic when an invalid oauth2 name is passed (#20820) (#20900) + * In PushMirrorsIterate and MirrorsIterate if limit is negative do not set it (#20837) (#20899) + * Ensure that graceful start-up is informed of unused SSH listener (#20877) (#20888) + * Pad GPG Key ID with preceding zeroes (#20878) (#20885) + * Fix SQL Query for `SearchTeam` (#20844) (#20872) + * Fix the mode of custom dir to 0700 in docker-rootless (#20861) (#20867) + * Fix UI mis-align for PR commit history (#20845) (#20859) + +## [1.17.1](https://github.com/go-gitea/gitea/releases/tag/1.17.1) - 2022-08-17 + +* SECURITY + * Correctly escape within tribute.js (#20831) (#20832) +* ENHANCEMENTS + * Add support for NuGet API keys (#20721) (#20734) + * Display project in issue list (#20583) + * Add disable download source configuration (#20548) (#20579) + * Add username check to doctor (#20140) (#20671) + * Enable Wire 2 for Internal SSH Server (#20616) (#20617) +* BUGFIXES + * Use the total issue count for UI (#20785) (#20827) + * Add proxy host into allow list (#20798) (#20819) + * Add missing translation for queue flush workers (#20791) (#20792) + * Improve comment header for mobile (#20781) (#20789) + * Fix git.Init for doctor sub-command (#20782) (#20783) + * Check webhooks slice length before calling xorm (#20642) (#20768) + * Remove manual rollback for failed generated repositories (#20639) (#20762) + * Use correct field name in npm template (#20675) (#20760) + * Keep download count on Container tag overwrite (#20728) (#20735) + * Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707) + * Use request timeout for git service rpc (#20689) (#20693) + * Send correct NuGet status codes (#20647) (#20677) + * Use correct context to get package content (#20673) (#20676) + * Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663) + * Add default commit messages to PR for squash merge (#20618) (#20645) + * Fix package upload for files >32mb (#20622) (#20635) + * Fix the new-line copy-paste for rendered code (#20612) + * Clean up and fix clone button script (#20415 & #20600) (#20599) + * Fix default merge style (#20564) (#20565) + * Add repository condition for issue count (#20454) (#20496) + * Make branch icon stand out more (#20726) (#20774) + * Fix loading button with invalid form (#20754) (#20759) + * Fix SecToTime edge-cases (#20610) (#20611) + * Executable check always returns true for windows (#20637) (#20835) + * Check issue labels slice length before calling xorm Insert (#20655) (#20836) + * Fix owners cannot create organization repos bug (#20841) (#20854) + * Prevent 500 is head repo does not have PullRequest unit in IsUserAllowedToUpdate (#20839) (#20848) + +## [1.17.0](https://github.com/go-gitea/gitea/releases/tag/v1.17.0) - 2022-07-30 + +* BREAKING + * Require go1.18 for Gitea 1.17 (#19918) + * Make AppDataPath absolute against the AppWorkPath if it is not (#19815) + * Nuke the incorrect permission report on /api/v1/notifications (#19761) + * Refactor git module, make Gitea use internal git config (#19732) + * Remove `RequireHighlightJS` field, update plantuml example. (#19615) + * Increase minimal required git version to 2.0 (#19577) + * Add a directory prefix `gitea-src-VERSION` to release-tar-file (#19396) + * Use "main" as default branch name (#19354) + * Make cron task no notice on success (#19221) + * Add pam account authorization check (#19040) + * Show messages for users if the ROOT_URL is wrong, show JavaScript errors (#18971) + * Refactor mirror code & fix StartToMirror (#18904) + * Remove deprecated SSH ciphers from default (#18697) + * Add the possibility to allow the user to have a favicon which differs from the main logo (#18542) + * Update reserved usernames list (#18438) + * Support custom ACME provider (#18340) + * Change initial TrustModel to committer (#18335) + * Update HTTP status codes (#18063) + * Upgrade Alpine from 3.13 to 3.15 (#18050) + * Restrict email address validation (#17688) + * Refactor Router Logger (#17308) +* SECURITY + * Use git.HOME_PATH for Git HOME directory (#20114) (#20293) + * Add write check for creating Commit Statuses (#20332) (#20333) + * Remove deprecated SSH ciphers from default (#18697) +* FEDERATION + * Return statistic information for nodeinfo (#19561) + * Add Webfinger endpoint (#19462) + * Store the foreign ID of issues during migration (#18446) +* FEATURES + * Automatically render wiki TOC (#19873) + * Adding button to link accounts from user settings (#19792) + * Allow set default merge style while creating repo (#19751) + * Auto merge pull requests when all checks succeeded (#9307 & #19648) + * Improve reviewing PR UX (#19612) + * Add support for rendering console output with colors (#19497) + * Add Helm Chart registry (#19406) + * Add Goroutine stack inspector to admin/monitor (#19207) + * RSS/Atom support for Orgs & Repos (#17714 & #19055) + * Add button for issue deletion (#19032) + * Allow to mark files in a PR as viewed (#19007) + * Add Index to comment for migrations and mirroring (#18806) + * Add health check endpoint (#18465) + * Add packagist webhook (#18224) + * Add "Allow edits from maintainer" feature (#18002) + * Add apply-patch, basic revert and cherry-pick functionality (#17902) + * Add Package Registry (#16510) + * Add LDAP group sync to Teams (#16299) + * Pause queues (#15928) + * Added auto-save whitespace behavior if it changed manually (#15566) + * Find files in repo (#15028) + * Provide configuration to allow camo-media proxying (#12802) +* API + * Add endpoint to serve blob or LFS file content (#19689) + * Add endpoint to check if team has repo access (#19540) + * More commit info (#19252) + * Allow to create file on empty repo (#19224) + * Allow removing issues (#18879) + * Add endpoint to query collaborators permission for a repository (#18761) + * Return primary language and repository language stats API URL (#18396) + * Implement http signatures support for the API (#17565) +* ENHANCEMENTS + * Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269) + * Adjust max-widths for the repository file table (#20243) (#20247) + * Display full name (#20171) (#20246) + * Add dbconsistency checks for Stopwatches (#20010) + * Add fetch.writeCommitGraph to gitconfig (#20006) + * Add fgprof pprof profiler (#20005) + * Move agit dependency (#19998) + * Empty log queue on flush and close (#19994) + * Remove tab/TabName usage where it's not needed (#19973) + * Improve file header on mobile (#19945) + * Move issues related files into models/issues (#19931) + * Add breaking email restrictions checker in doctor (#19903) + * Improve UX on modal for deleting an access token (#19894) + * Add alt text to logo (#19892) + * Move some code into models/git (#19879) + * Remove customized (unmaintained) dropdown, improve aria a11y for dropdown (#19861) + * Make user profile image show full image on mobile (#19840) + * Replace blue button and label classes with primary (#19763) + * Remove fomantic progress module (#19760) + * Allows repo search to match against "owner/repo" pattern strings (#19754) + * Move org functions (#19753) + * Move almost all functions' parameter db.Engine to context.Context (#19748) + * Show source/target branches on PR's list (#19747) + * Use http.StatusTemporaryRedirect(307) when serve avatar directly (#19739) + * Add doctor orphan check for orphaned pull requests without an existing base repo (#19731) + * Make Ctrl+Enter (quick submit) work for issue comment and wiki editor (#19729) + * Update go-chi/cache to utilize Ping() (#19719) + * Improve commit list/view on mobile (#19712) + * Move some repository related code into sub package (#19711) + * Use a better OlderThan for DeleteInactiveUsers (#19693) + * Introduce eslint-plugin-jquery (#19690) + * Tidy up `` template (#19678) + * Calculate filename hash only once (#19654) + * Simplify `IsVendor` (#19626) + * Add "Reference" section to Issue view sidebar (#19609) + * Only set CanColorStdout / CanColorStderr to true if the stdout/stderr is a terminal (#19581) + * Use for a repo action one database transaction (#19576) + * Simplify loops to copy (#19569) + * Added X-Mailer header to outgoing emails (#19562) + * use middleware to open gitRepo (#19559) + * Mute link in diff header (#19556) + * Improve UI on mobile (#19546) + * Fix Pull Request comment filename word breaks (#19535) + * Permalink files In PR diff (#19534) + * PullService lock via pullID (#19520) + * Make repository file list useable on mobile (#19515) + * more context for models (#19511) + * Refactor readme file renderer (#19502) + * By default force vertical tabs on mobile (#19486) + * Github style following followers (#19482) + * Improve action table indices (#19472) + * Use horizontal tabs for repo header on mobile (#19468) + * pass gitRepo down since its used for main repo and wiki (#19461) + * Admin should not delete himself (#19423) + * Use queue instead of memory queue in webhook send service (#19390) + * Simplify the code to get issue count (#19380) + * Add commit status popup to issuelist (#19375) + * Add RSS Feed buttons to Repo, User and Org pages (#19370) + * Add logic to switch between source/rendered on Markdown (#19356) + * Move some helper files out of models (#19355) + * Move access and repo permission to models/perm/access (#19350) + * Disallow selecting the text of buttons (#19330) + * Allow custom redirect for landing page (#19324) + * Remove dependent on session auth for api/v1 routers (#19321) + * Never use /api/v1 from Gitea UI Pages (#19318) + * Remove legacy unmaintained packages, refactor to support change default locale (#19308) + * Move milestone to models/issues/ (#19278) + * Configure OpenSSH log level via Environment in Docker (#19274) + * Move reaction to models/issues/ (#19264) + * Make git.OpenRepository accept Context (#19260) + * Move some issue methods as functions (#19255) + * Show last cron messages on monitor page (#19223) + * New cron task: delete old system notices (#19219) + * Add Redis Sentinel Authentication Support (#19213) + * Add auto logging of goroutine pid label (#19212) + * Set OpenGraph title to DisplayName in profile pages (#19206) + * Add pprof labels in processes and for lifecycles (#19202) + * Let web and API routes have different auth methods group (#19168) + * Move init repository related functions to modules (#19159) + * Feeds: render markdown to html (#19058) + * Allow users to self-request a PR review (#19030) + * Allow render HTML with css/js external links (#19017) + * Fix script compatiable with OpenWrt (#19000) + * Support ignore all santize for external renderer (#18984) + * Add note to GPG key response if user has no keys (#18961) + * Improve Stopwatch behavior (#18930) + * Improve mirror iterator (#18928) + * Uncapitalize errors (#18915) + * Prevent Stats Indexer reporting error if repo dir missing (#18870) + * Refactor SecToTime() function (#18863) + * Replace deprecated String.prototype.substr() with String.prototype.slice() (#18796) + * Move deletebeans into models/db (#18781) + * Fix display time of milestones (#18753) + * Add config option to disable "Update branch by rebase" (#18745) + * Display template path of current page in dev mode (#18717) + * Add number in queue status to monitor page (#18712) + * Change git.cmd to RunWithContext (#18693) + * Refactor i18n, use Locale to provide i18n/translation related functions (#18648) + * Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552) + * Move organization related structs into sub package (#18518) + * Warn at startup if the provided `SCRIPT_TYPE` is not on the PATH (#18467) + * Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) + * Use explicit jQuery import, remove unused eslint globals (#18435) + * Allow to filter repositories by language in explore, user and organization repositories lists (#18430) + * Use base32 for 2FA scratch token (#18384) + * Unexport var git.GlobalCommandArgs (#18376) + * Don't underline commit status icon on hover (#18372) + * Always use git command but not os.Command (#18363) + * Switch to non-deprecation setting (#18358) + * Set the LastModified header for raw files (#18356) + * Refactor jwt.StandardClaims to RegisteredClaims (#18344) + * Enable deprecation error for v1.17.0 (#18341) + * Refactor httplib (#18338) + * Limit max-height of CodeMirror editors for issue comment and wiki (#18271) + * Validate migration files (#18203) + * Format with gofumpt (#18184) + * Allow custom default merge message with .gitea/default_merge_message/_TEMPLATE.md (#18177) + * Prettify number of issues (#17760) + * Add a "admin user generate-access-token" subcommand (#17722) + * Custom regexp external issues (#17624) + * Add smtp password to install page (#17564) + * Add config options to hide issue events (#17414) + * Prevent double click new issue/pull/comment button (#16157) + * Show issue assignee on project board (#15232) +* BUGFIXES + * WebAuthn CredentialID field needs to be increased in size (#20530) (#20555) + * Ensure that all unmerged files are merged when conflict checking (#20528) (#20536) + * Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529) + * Add labels to two buttons that were missing them (#20419) (#20524) + * Fix ROOT_URL detection for URLs without trailing slash (#20502) (#20503) + * Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407) + * Allow RSA 2047 bit keys (#20272) (#20396) + * Add missing return for when topic isn't found (#20351) (#20395) + * Fix commit status icon when in subdirectory (#20285) (#20385) + * Initialize cron last (#20373) (#20384) + * Set target on create release with existing tag (#20381) (#20382) + * Update xorm.io/xorm to fix a interpreting db column sizes issue on 32bit systems (#20371) (#20372) + * Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370) + * Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361) + * Correctly handle draft releases without a tag (#20314) (#20335) + * Prevent "empty" scrollbars on Firefox (#20294) (#20308) + * Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306) + * Bump goldmark to v1.4.13 (#20300) (#20301) + * Do not create empty ".ssh" directory when loading config (#20289) (#20298) + * Fix NPE when using non-numeric (#20277) (#20278) + * Store read access in access for team repositories (#20275) (#20276) + * EscapeFilter the group dn membership (#20200) (#20254) + * Only show Followers that current user can access (#20220) (#20252) + * Update Bluemonday to v1.0.19 (#20199) (#20209) + * Refix indices on actions table (#20158) (#20198) + * Check if project has the same repository id with issue when assign project to issue (#20133) (#20188) + * Fix remove file on initial comment (#20127) (#20128) + * Catch the error before the response is processed by goth (#20000) (#20102) + * Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099) + * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) + * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) + * Return 404 when tag is broken (#20017) (#20024) + * Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041) + * Respond with a 401 on git push when password isn't changed yet (#20026) (#20027) + * Return 404 when tag is broken (#20017) (#20024) + * Write Commit-Graphs in RepositoryDumper (#20004) + * Use DisplayName() instead of FullName in Oauth Provider (#19991) + * Don't buffer doctor logger (#19982) + * Always try to fetch repo for mirrors (#19975) + * Uppercase first languages letters (#19965) + * Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953) + * Ensure minimum mirror interval is reported on settings page (#19895) + * Exclude Archived repos from Dashboard Milestones (#19882) + * gitconfig: set safe.directory = * (#19870) + * Prevent NPE on update mirror settings (#19864) + * Only return valid stopwatches to the EventSource (#19863) + * Prevent NPE whilst migrating if there is a team request review (#19855) + * Fix inconsistency in doctor output (#19836) + * Fix release tag for webhook (#19830) + * Add title attribute to dependencies in sidebar (#19807) + * Estimate Action Count in Statistics (#19775) + * Do not update user stars numbers unless fix is specified (#19750) + * Improved ref comment link when origin is body/title (#19741) + * Fix nodeinfo caching and prevent NPE if cache non-existent (#19721) + * Fix duplicate entry error when add team member (#19702) + * Fix sending empty notifications (#19589) + * Update image URL for Discord webhook (#19536) + * Don't let repo clone URL overflow (#19517) + * Allow commit status popup on /pulls page (#19507) + * Fix two UI bugs: JS error in imagediff.js, 500 error in diff/compare.tmpl (#19494) + * Fix logging of Transfer API (#19456) + * Fix panic in teams API when requesting members (#19360) + * Refactor CSRF protection modules, make sure CSRF tokens can be up-to-date. (#19337) + * An attempt to sync a non-mirror repo must give 400 (Bad Request) (#19300) + * Move checks for pulls before merge into own function (#19271) + * Fix `contrib/upgrade.sh` (#19222) + * Set the default branch for repositories generated from templates (#19136) + * Fix EasyMDE error when input Enter (#19004) + * Don't clean up hardcoded `tmp` (#18983) + * Delete related notifications on issue deletion too (#18953) + * Fix trace log to show value instead of pointers (#18926) + * Fix behavior or checkbox submission. (#18851) + * Add `ContextUser` (#18798) + * Fix some mirror bugs (#18649) + * Quote MAKE to prevent path expansion with space error (#18622) + * Preserve users if restoring a repository on the same Gitea instance (#18604) + * Fix non-ASCII search on database (#18437) + * Automatically pause queue if index service is unavailable (#15066) +* TESTING + * Allow postgres integration tests to run over unix pipe (#19875) + * Prevent intermittent NPE in queue tests (#19301) + * Add test for importing pull requests in gitea uploader for migrations (#18752) + * Remove redundant comparison in repo dump/restore (#18660) + * More repo dump/restore tests, including pull requests (#18621) + * Add test coverage for original author conversion during migrations (#18506) +* TRANSLATION + * Update issue_no_dependencies description (#19112) + * Refactor webhooks i18n (#18380) +* BUILD + * Use alpine 3.16 (#19797) + * Require node 14.0 (#19451) +* DOCS + * Update documents (git/fomantic/db, etc) (#19868) + * Update the ROOT documentation and error messages (#19832) + * Update document to use FHS `/usr/local/bin/gitea` instead of `/app/...` for Docker (#19794) + * Update documentation to disable duration settings with -1 instead of 0 (#19647) + * Add warning to set SENDMAIL_ARGS to -- (#19102) + * Update nginx reverse proxy docs (#18922) + * Add example to render html files (#18736) + * Make SSH passtrough documentation better (#18687) + * Changelog 1.16.0 & 1.15.11 (#18468 & #18455) (#18470) + * Update the SSH passthrough documentation (#18366) + * Add `contrib/upgrade.sh` (#18286) +* MISC + * Fix aria for logo (#19955) + * In code search, get code unit accessible repos in one (main) query (#19764) + * Add tooltip to pending PR comments (#19662) + * Improve sync performance for pull-mirrors (#19125) + * Improve dashboard's repo list performance (#18963) + * Avoid database lookups for `DescriptionHTML` (#18924) + * Remove CodeMirror dependencies (#18911) + * Disable unnecessary mirroring elements (#18527) + * Disable unnecessary OpenID/OAuth2 elements (#18491) + * Disable unnecessary GitHooks elements (#18485) + * Change some logging levels (#18421) + * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18385) + * Use correct translation key for errors (#18342) + +## [1.16.9](https://github.com/go-gitea/gitea/releases/tag/v1.16.9) - 2022-07-12 + +* SECURITY + * Add write check for creating Commit status (#20332) (#20334) + * Check for permission when fetching user controlled issues (#20133) (#20196) +* BUGFIXES + * Hide notify mail setting ui if not enabled (#20138) (#20337) + * Add write check for creating Commit status (#20332) (#20334) + * Only show Followers that current user can access (#20220) (#20253) + * Release page show all tags in compare dropdown (#20070) (#20071) + * Fix permission check for delete tag (#19985) (#20001) + * Only log non ErrNotExist errors in git.GetNote (#19884) (#19905) + * Use exact search instead of fuzzy search for branch filter dropdown (#19885) (#19893) + * Set Setpgid on child git processes (#19865) (#19881) + * Import git from alpine 3.16 repository as 2.30.4 is needed for `safe.directory = '*'` to work but alpine 3.13 has 2.30.3 (#19876) + * Ensure responses are context.ResponseWriters (#19843) (#19859) + * Fix incorrect usage of `Count` function (#19850) + * Fix raw endpoint PDF file headers (#19825) (#19826) + * Make WIP prefixes case insensitive, e.g. allow `Draft` as a WIP prefix (#19780) (#19811) + * Don't return 500 on NotificationUnreadCount (#19802) + * Prevent NPE when cache service is disabled (#19703) (#19783) + * Detect truncated utf-8 characters at the end of content as still representing utf-8 (#19773) (#19774) + * Fix doctor pq: syntax error at or near "." quote user table name (#19765) (#19770) + * Fix bug with assigneees (#19757) + +## [1.16.8](https://github.com/go-gitea/gitea/releases/tag/v1.16.8) - 2022-05-16 + +* ENHANCEMENTS + * Add doctor check/fix for bogus action rows (#19656) (#19669) + * Make .cs highlighting legible on dark themes. (#19604) (#19605) +* BUGFIXES + * Fix oauth setting list bug (#19681) + * Delete user related oauth stuff on user deletion too (#19677) (#19680) + * Fix new release from tags list UI (#19670) (#19673) + * Prevent NPE when checking repo units if the user is nil (#19625) (#19630) + * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629) + * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607) + * Avoid MoreThanOne error when creating a branch whose name conflicts with other ref names (#19557) (#19591) + * Fix sending empty notifications (#19589) (#19590) + * Ignore DNS error when doing migration allow/block check (#19566) (#19567) + * Fix issue overview for teams (#19652) (#19653) + +## [1.16.7](https://github.com/go-gitea/gitea/releases/tag/v1.16.7) - 2022-05-02 + +* SECURITY + * Escape git fetch remote (#19487) (#19490) +* BUGFIXES + * Don't overwrite err with nil (#19572) (#19574) + * On Migrations, only write commit-graph if wiki clone was successful (#19563) (#19568) + * Respect DefaultUserIsRestricted system default when creating new user (#19310) (#19560) + * Don't error when branch's commit doesn't exist (#19547) (#19548) + * Support `hostname:port` to pass host matcher's check (#19543) (#19544) + * Prevent intermittent race in attribute reader close (#19537) (#19539) + * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532) + * Prevent dangling archiver goroutine (#19516) (#19526) + * Fix migrate release from github (#19510) (#19523) + * When view _Siderbar or _Footer, just display once (#19501) (#19522) + * Fix blame page select range error and some typos (#19503) + * Fix name of doctor fix "authorized-keys" in hints (#19464) (#19484) + * User specific repoID or xorm builder conditions for issue search (#19475) (#19476) + * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466) + * RepoAssignment ensure to close before overwrite (#19449) (#19460) + * Set correct PR status on 3way on conflict checking (#19457) (#19458) + * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446) + +## [1.16.6](https://github.com/go-gitea/gitea/releases/tag/v1.16.6) - 2022-04-20 + +* ENHANCEMENTS + * Only request write when necessary (#18657) (#19422) + * Disable service worker by default (#18914) (#19342) +* BUGFIXES + * When dumping trim the standard suffices instead of a random suffix (#19440) (#19447) + * Fix DELETE request for non-existent public key (#19443) (#19444) + * Don't panic on ErrEmailInvalid (#19441) (#19442) + * Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438) + * Warn on SSH connection for incorrect configuration (#19317) (#19437) + * Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436) + * When updating mirror repo intervals by API reschedule next update too (#19429) (#19433) + * Fix nil error when some pages are rendered outside request context (#19427) (#19428) + * Fix double blob-hunk on diff page (#19404) (#19405) + * Don't allow merging PR's which are being conflict checked (#19357) (#19358) + * Fix middleware function's placements (#19377) (#19378) + * Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338) + * Restore user autoregistration with email addresses (#19261) (#19312) + * Move checks for pulls before merge into own function (#19271) (#19277) + * Granular webhook events in editHook (#19251) (#19257) + * Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248) + * Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236) + * Touch mirrors on even on fail to update (#19217) (#19233) + * Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231) + * Fix clone url JS error for the empty repo page (#19209) + * Bump goldmark to v1.4.11 (#19201) (#19203) +* TESTING + * Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228) +* BUILD + * Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319) +* MISC + * Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289) + * Check go and nodejs version by go.mod and package.json (#19197) (#19254) + +## [1.16.5](https://github.com/go-gitea/gitea/releases/tag/v1.16.5) - 2022-03-23 + +* BREAKING + * Bump to build with go1.18 (#19120 et al) (#19127) +* SECURITY + * Prevent redirect to Host (2) (#19175) (#19186) + * Try to prevent autolinking of displaynames by email readers (#19169) (#19183) + * Clean paths when looking in Storage (#19124) (#19179) + * Do not send notification emails to inactive users (#19131) (#19139) + * Do not send activation email if manual confirm is set (#19119) (#19122) +* ENHANCEMENTS + * Use the new/choose link for New Issue on project page (#19172) (#19176) +* BUGFIXES + * Fix showing issues in your repositories (#18916) (#19191) + * Fix compare link in active feeds for new branch (#19149) (#19185) + * Redirect .wiki/* ui link to /wiki (#18831) (#19184) + * Ensure deploy keys with write access can push (#19010) (#19182) + * Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177) + * Cleanup protected branches when deleting users & teams (#19158) (#19174) + * Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160) + * Fix NPE /repos/issues/search when not signed in (#19154) (#19155) + * Use custom favicon when viewing static files if it exists (#19130) (#19152) + * Fix the editor height in review box (#19003) (#19147) + * Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146) + * Fix wrong scopes caused by empty scope input (#19029) (#19145) + * Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141) + * Handle email address not exist (#19089) (#19121) +* MISC + * Update json-iterator to allow compilation with go1.18 (#18644) (#19100) + * Update golang.org/x/crypto (#19097) (#19098) + +## [1.16.4](https://github.com/go-gitea/gitea/releases/tag/v1.16.4) - 2022-03-14 + +* SECURITY + * Restrict email address validation (#17688) (#19085) + * Fix lfs bug (#19072) (#19080) +* ENHANCEMENTS + * Improve SyncMirrors logging (#19045) (#19050) +* BUGFIXES + * Refactor mirror code & fix `StartToMirror` (#18904) (#19075) + * Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060) + * Prevent 500 when there is an error during new auth source post (#19041) (#19059) + * If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056) + * Fix flag validation (#19046) (#19051) + * Add pam account authorization check (#19040) (#19047) + * Ignore missing comment for user notifications (#18954) (#19043) + * Set `rel="nofollow noindex"` on new issue links (#19023) (#19042) + * Upgrading binding package (#19034) (#19035) + * Don't show context cancelled errors in attribute reader (#19006) (#19027) + * Fix update hint bug (#18996) (#19002) +* MISC + * Fix potential assignee query for repo (#18994) (#18999) + +## [1.16.3](https://github.com/go-gitea/gitea/releases/tag/v1.16.3) - 2022-03-02 + +* SECURITY + * Git backend ignore replace objects (#18979) (#18980) +* ENHANCEMENTS + * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938) +* BUGFIXES + * Set max text height to prevent overflow (#18862) (#18977) + * Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974) + * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964) + * Send 404 on `/{org}.gpg` (#18959) (#18962) + * Fix admin user list pagination (#18957) (#18960) + * Fix lfs management setting (#18947) (#18946) + * Fix login with email panic when email is not exist (#18942) + * Update go-org to v1.6.1 (#18932) (#18933) + * Fix `` html in translation (#18929) (#18931) + * Fix page and missing return on unadopted repos API (#18848) (#18927) + * Allow adminstrator teams members to see other teams (#18918) (#18919) + * Don't treat BOM escape sequence as hidden character. (#18909) (#18910) + * Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908) + * Fix redirect when using lowercase repo name (#18775) (#18902) + * Fix migration v210 (#18893) (#18892) + * Fix team management UI (#18887) (18886) + * BeforeSourcePath should point to base commit (#18880) (#18799) +* TRANSLATION + * Backport locales from master (#18944) +* MISC + * Don't update email for organisation (#18905) (#18906) + +## [1.16.2](https://github.com/go-gitea/gitea/releases/tag/v1.16.2) - 2022-02-24 + +* ENHANCEMENTS + * Show fullname on issue edits and gpg/ssh signing info (#18828) + * Immediately Hammer if second kill is sent (#18823) (#18826) + * Allow mermaid render error to wrap (#18791) +* BUGFIXES + * Fix ldap user sync missed email in email_address table (#18786) (#18876) + * Update assignees check to include any writing team and change org sidebar (#18680) (#18873) + * Don't report signal: killed errors in serviceRPC (#18850) (#18865) + * Fix bug where certain LDAP settings were reverted (#18859) + * Update go-org to 1.6.0 (#18824) (#18839) + * Fix login with email for ldap users (#18800) (#18836) + * Fix bug for get user by email (#18834) + * Fix panic in EscapeReader (#18820) (#18821) + * Fix ldap loginname (#18789) (#18804) + * Remove redundant call to UpdateRepoStats during migration (#18591) (#18794) + * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788) + * Fix template bug of LFS lock (#18784) (#18787) + * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771) + * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765) + * Fix a broken link in commits_list_small.tmpl (#18763) (#18764) + * Increase the size of the webauthn_credential credential_id field (#18739) (#18756) + * Prevent dangling GetAttribute calls (#18754) (#18755) + * Fix isempty detection of git repository (#18746) (#18750) + * Fix source code line highlighting on external tracker (#18729) (#18740) + * Prevent double encoding of branch names in delete branch (#18714) (#18738) + * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737) + * Fix forked repositories missed tags (#18719) (#18735) + * Fix release typo (#18728) (#18731) + * Separate the details links of commit-statuses in headers (#18661) (#18730) + * Update object repo with the migrated repository (#18684) (#18726) + * Fix bug for version update hint (#18701) (#18705) + * Fix issue with docker-rootless shimming script (#18690) (#18699) + * Let `MinUnitAccessMode` return correct perm (#18675) (#18689) + * Prevent security failure due to bad APP_ID (#18678) (#18682) + * Restart zero worker if there is still work to do (#18658) (#18672) + * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645) +* TESTING + * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767) +* BUILD + * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741) +* MISC + * Put buttons back in org dashboard (#18817) (#18825) + * Various Mermaid improvements (#18776) (#18780) + * C preprocessor colors improvement (#18671) (#18696) + * Fix the missing i18n key for update checker (#18646) (#18665) + +## [1.16.1](https://github.com/go-gitea/gitea/releases/tag/v1.16.1) - 2022-02-06 + +* SECURITY + * Update JS dependencies, fix lint (#18389) (#18540) +* ENHANCEMENTS + * Add dropdown icon to label set template dropdown (#18564) (#18571) +* BUGFIXES + * comments on migrated issues/prs must link to the comment ID (#18630) (#18637) + * Stop logging an error when notes are not found (#18626) (#18635) + * Ensure that blob-excerpt links work for wiki (#18587) (#18624) + * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620) + * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606) + * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588) + * Prevent panic on prohibited user login with oauth2 (#18562) (#18563) + * Collaborator trust model should trust collaborators (#18539) (#18557) + * Detect conflicts with 3way merge (#18536) (#18537) + * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535) + * Add `GetUserTeams` (#18499) (#18531) + * Fix review excerpt (#18502) (#18530) + * Fix for AvatarURL database type (#18487) (#18529) + * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505) + * Fix OAuth Source Edit Page (#18495) (#18503) + * Use "read" value for General Access (#18496) (#18500) + * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473) +* BUILD + * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569) +* DOCS + * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534) + +## [1.16.0](https://github.com/go-gitea/gitea/releases/tag/v1.16.0) - 2022-01-30 + +* BREAKING + * Remove golang vendored directory (#18277) + * Paginate releases page & set default page size to 10 (#16857) + * Use shadowing script for docker (#17846) + * Only allow webhook to send requests to allowed hosts (#17482) +* SECURITY + * Disable content sniffing on `PlainTextBytes` (#18359) (#18365) + * Only view milestones from current repo (#18414) (#18417) + * Sanitize user-input on file name (#17666) + * Use `hostmatcher` to replace `matchlist` to improve blocking of bad hosts in Webhooks (#17605) +* FEATURES + * Add/update SMTP auth providers via cli (#18197) + * Support webauthn (#17957) + * Team permission allow different unit has different permission (#17811) + * Implement Well-Known URL for password change (#17777) + * Add support for ssh commit signing (#17743) + * Allow Loading of Diffs that are too large (#17739) + * Add copy button to markdown code blocks (#17638) + * Add .gitattribute assisted language detection to blame, diff and render (#17590) + * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568) + * Add Reindex buttons to repository settings page (#17494) + * Make SSL cipher suite configurable (#17440) + * Add groups scope/claim to OIDC/OAuth2 Provider (#17367) + * Add simple update checker to Gitea (#17212) + * Migrated Repository will show modifications when possible (#17191) + * Create pub/priv keypair for federation (#17071) + * Make LDAP be able to skip local 2FA (#16954) + * Add nodeinfo endpoint for federation purposes (#16953) + * Save and view issue/comment content history (#16909) + * Use git attributes to determine generated and vendored status for language stats and diffs (#16773) + * Add migrate from Codebase (#16768) + * Add migration from GitBucket (#16767) + * Add OAuth2 introspection endpoint (#16752) + * Add proxy settings and support for migration and webhook (#16704) + * Add microsoft oauth2 providers (#16544) + * Send registration email on user autoregistration (#16523) + * Defer Last Commit Info (#16467) + * Support unprotected file patterns (#16395) + * Add migrate from OneDev (#16356) + * Add option to update pull request by `rebase` (#16125) + * Add RSS/Atom feed support for user actions (#16002) + * Add support for corporate WeChat webhooks (#15910) + * Add a simple way to rename branch like gh (#15870) + * Add bundle download for repository (#14538) + * Add agit flow support in gitea (#14295) +* API + * Add MirrorUpdated field to Repository API type (#18267) + * Adjust Fork API to allow setting a custom repository name (#18066) + * Add API to manage repo tranfers (#17963) + * Add API to get file commit history (#17652) + * Add API to get issue/pull comments and events (timeline) (#17403) + * Add API to get/edit wiki (#17278) + * Add API for get user org permissions (#17232) + * Add HTML urls to notification API (#17178) + * Add API to get commit diff/patch (#17095) + * Respond with updated notifications in API (#17064) + * Add API to fetch git notes (#16649) + * Generalize list header for API (#16551) + * Add API Token Cache (#16547) + * Allow Token API calls be authorized using the reverse-proxy header (#15119) +* ENHANCEMENTS + * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319) + * Return nicer error if trying to pull from non-existent user (#18288) + * Show pull link for agit pull request also (#18235) + * Enable partial clone by default (#18195) + * Added replay of webhooks (#18191) + * Show OAuth callback error message (#18185) + * Increase Salt randomness (#18179) + * Add MP4 as default allowed attachment type (#18170) + * Include folders into size cost (#18158) + * Remove `/email2user` endpoint (#18127) + * Handle invalid issues (#18111) + * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069) + * Support open compare page directly (#17975) + * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954) + * Clean legacy SimpleMDE code (#17926) + * Refactor install page (db type) (#17919) + * Improve interface when comparing a branch which has created a pull request (#17911) + * Allow default branch to be inferred on compare page (#17908) + * Display issue/comment role even if repo archived (#17907) + * Always set a message-id on mails (#17900) + * Change `` elements to underline on hover (#17898) + * Render issue references in file table (#17897) + * Handle relative unix socket paths (#17836) + * Move accessmode into models/perm (#17828) + * Fix some org style problems (#17807) + * Add List-Unsubscribe header (#17804) + * Create menus for organization pages (#17802) + * Switch archive URL code back to href attributes (#17796) + * Refactor "refs/*" string usage by using constants (#17784) + * Allow forks to org if you can create repos (#17783) + * Improve install code to avoid low-level mistakes. (#17779) + * Improve ellipsis buttons (#17773) + * Add restrict and no-user-rc to authorized_keys (#17772) + * Add copy Commit ID button in commits list (#17759) + * Make `bind` error more readable (#17750) + * Fix navbar on project view (#17749) + * More pleasantly handle broken or missing git repositories (#17747) + * Use `*PushUpdateOptions` as receiver (#17724) + * Remove unused `user` paramater (#17723) + * Better builtin avatar generator (#17707) + * Cleanup and use global style on popups (#17674) + * Move user/org deletion to services (#17673) + * Added comment for changing issue ref (#17672) + * Allow admins to change user avatars (#17661) + * Only set `data-path` once for each file in diff pages (#17657) + * Add icon to vscode clone link (#17641) + * Add download button for file viewer (#17640) + * Add pagination to fork list (#17639) + * Use a standalone struct name for Organization (#17632) + * Minor readability patch. (#17627) + * Add context support for GetUserByID (#17602) + * Move merge-section to `> .content` (#17582) + * Remove NewSession method from db.Engine interface (#17577) + * Move unit into models/unit/ (#17576) + * Restrict GetDeletedBranchByID to the repositories deleted branches (#17570) + * Refactor commentTags functionality (#17558) + * Make Repo Code Indexer an Unique Queue (#17515) + * Simplify Gothic to use our session store instead of creating a different store (#17507) + * Add settings to allow different SMTP envelope from address (#17479) + * Properly determine CSV delimiter (#17459) + * Hide label comments if labels were added and removed immediately (#17455) + * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438) + * Add appearance section in settings (#17433) + * Move key forms before list and add cancel button (#17432) + * When copying executables to the docker chmod them (#17423) + * Remove deprecated `extendDefaultPlugins` method of svgo (#17399) + * Fix the click behavior for and with [data-href] (#17388) + * Refactor update checker to use AppState (#17387) + * Improve async/await usage, and sort init calls in `index.js` (#17386) + * Use a variable but a function for IsProd because of a slight performance increment (#17368) + * Frontend refactor, PascalCase to camelCase, remove unused code (#17365) + * Hide command line merge instructions when user can't push (#17339) + * Move session to models/login (#17338) + * Sync gitea app path for git hooks and authorized keys when starting (#17335) + * Make the Mirror Queue a queue (#17326) + * Add "Copy branch name" button to pull request page (#17323) + * Fix repository summary on mobile (#17322) + * Split `index.js` to separate files (#17315) + * Show direct match on top for user search (#17303) + * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301) + * Upgrade chi to v5 (#17298) + * Disable form autofill (#17291) + * Improve behavior of "Fork" button (#17288) + * Open markdown image links in new window (#17287) + * Add hints for special Wiki pages (#17283) + * Move add deploy key form before the list and add a cancel button (#17228) + * Allow adding multiple issues to a project (#17226) + * Add metrics to get issues by repository (#17225) + * Add specific event type to header (#17222) + * Redirect on project after issue created (#17211) + * Reference in new issue modal: dont pre-populate issue title (#17208) + * Always set a unique Message-ID header (#17206) + * Add projects and project boards in exposed metrics (#17202) + * Add metrics to get issues by label (#17201) + * Add protection to disable Gitea when run as root (#17168) + * Don't return binary file changes in raw PR diffs by default (#17158) + * Support sorting for project board issuses (#17152) + * Force color-adjust for markdown checkboxes (#17146) + * Add option to copy line permalink (#17145) + * Move twofactor to models/login (#17143) + * Multiple tokens support for migrating from github (#17134) + * Unify issue and PR subtitles (#17133) + * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125) + * Fix problem when database id is not increment as expected (#17124) + * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123) + * Re-allow clipboard copy on non-https sites (#17118) + * DBContext is just a Context (#17100) + * Move login related structs and functions to models/login (#17093) + * Add SkipLocal2FA option to pam and smtp sources (#17078) + * Move db related basic functions to models/db (#17075) + * Fixes username tagging in "Reference in new issue" (#17074) + * Use light/dark theme based on system preference (#17051) + * Always emit the configuration path (#17036) + * Add `AbsoluteListOptions` (#17028) + * Use common sessioner for API and Web (#17027) + * Fix overflow label in small view (#17020) + * Report the associated filter if there is an error in LDAP (#17014) + * Add "new issue" btn on project (#17001) + * Add doctor dbconsistency check for release and attachment (#16978) + * Disable Fomantic's CSS tooltips (#16974) + * Add Cache-Control to avatar redirects (#16973) + * Make mirror feature more configurable (#16957) + * Add skip and limit to git.GetTags (#16897) + * Remove ParseQueueConnStr as it is unused (#16878) + * Remove unused Fomantic sidebar module (#16853) + * Allow LDAP Sources to provide Avatars (#16851) + * Remove Dashboard/Home button from the navbar (#16844) + * Use conditions but not repo ids as query condition (#16839) + * Add user settings key/value DB table (#16834) + * Add buttons to allow loading of incomplete diffs (#16829) + * Add information for migrate failure (#16803) + * Add EdDSA JWT signing algorithm (#16786) + * Add user status filter to admin user management page (#16770) + * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766) + * Do not use thin scrollbars on Firefox (#16738) + * Download LFS in git and web workflow from minio/s3 directly (SERVE_DIRECT) (#16731) + * Compute proper foreground color for labels (#16729) + * Add edit button to wiki sidebar and footer (#16719) + * Fix migration svg color (#16715) + * Add link to vscode to repo header (#16664) + * Add filter by owner and team to issue/pulls search endpoint (#16662) + * Kanban colored boards (#16647) + * Allow setting X-FRAME-OPTIONS (#16643) + * Separate open and closed issue in metrics (#16637) + * Support direct comparison (git diff a..b) as well merge comparison (a…b) (#16635) + * Add setting to OAuth handlers to skip local 2FA authentication (#16594) + * Make PR merge options more intuitive (#16582) + * Show correct text when comparing commits on empty pull request (#16569) + * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556) + * Add an abstract json layout to make it's easier to change json library (#16528) + * Make Mermaid.js limit configurable (#16519) + * Improve 2FA autofill (#16473) + * Add modals to Organization and Team remove/leave (#16471) + * Show tag name on dashboard items list (#16466) + * Change default cron schedules from @every 24h to @midnight (#16431) + * Prevent double sanitize (#16386) + * Replace `list.List` with slices (#16311) + * Add configuration option to restrict users by default (#16256) + * Move login out of models (#16199) + * Support pagination of organizations on user settings pages (#16083) + * Switch migration icon to svg (#15954) + * Add left padding for chunk header of split diff view (#13397) + * Allow U2F 2FA without TOTP (#11573) +* BUGFIXES + * GitLab reviews may not have the updated_at field set (#18450) (#18461) + * Fix detection of no commits when the default branch is not master (#18422) (#18423) + * Fix broken oauth2 authentication source edit page (#18412) (#18419) + * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403) (#18404) + * Fix restore without topic failure (#18387) (#18400) + * Fix commit's time (#18375) (#18392) + * Fix partial cloning a repo (#18373) (#18377) + * Stop trimming preceding and suffixing spaces from editor filenames (#18334) + * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18386) + * Fix mime-type detection for HTTP server (#18370) (#18371) + * Stop trimming preceding and suffixing spaces from editor filenames (#18334) + * Restore propagation of ErrDependenciesLeft (#18325) + * Fix PR comments UI (#18323) + * Use indirect comparison when showing pull requests (#18313) + * Replace satori/go.uuid with gofrs/uuid (#18311) + * Fix commit links on compare page (#18310) + * Don't show double error response in git hook (#18292) + * Handle missing default branch better in owner/repo/branches page (#18290) + * Fix CheckRepoStats and reuse it during migration (#18264) + * Prevent underline hover on cards (#18259) + * Don't delete branch if other PRs with this branch are open (#18164) + * Require codereview to have content (#18156) + * Allow admin to associate missing LFS objects for repositories (#18143) + * When attempting to subscribe other user to issue report why access denied (#18091) + * Add option to convert CRLF to LF line endings for sendmail (#18075) + * Only create pprof files for gitea serv if explicitly asked for (#18068) + * Abort merge if head has been updated before pressing merge (#18032) + * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004) + * Use JSON module instead of stdlib json (#18003) + * Fixed issue merged/closed wording (#17973) + * Return nicer error for ForcePrivate (#17971) + * Fix overflow in commit graph (#17947) + * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941) + * Use disable_form_autofill on Codebase and Gitbucket (#17936) + * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928) + * Fix markdown URL parsing (#17924) + * Apply CSS Variables to all message elements (#17920) + * Improve checkBranchName (#17901) + * Update chi/middleware to chi/v5/middleware (#17888) + * Fix position of label color picker colors (#17866) + * Fix ListUnadoptedRepositories incorrect total count (#17865) + * Remove whitespace inside rendered code `` (#17859) + * Make Co-committed-by and co-authored-by trailers optional (#17848) + * Fix value of User.IsRestricted when oauth2 user registration (#17839) + * Use new OneDev /milestones endpoint (#17782) + * Prevent deadlock in TestPersistableChannelQueue (#17717) + * Simplify code for writing SHA to name-rev (#17696) + * Fix database deadlock when update issue labels (#17649) + * Add warning for BIDI characters in page renders and in diffs (#17562) + * Fix ipv6 parsing for builtin ssh server (#17561) + * Multiple Escaping Improvements (#17551) + * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442) + * Show client-side error if wiki page is empty (#17415) + * Fix context popup error (#17398) + * Stop sanitizing full name in API (#17396) + * Fix issue close/comment buttons on mobile (#17317) + * Fix navbar UI (#17235) + * Fix problem when database id is not increment as expected (#17229) + * Open the DingTalk link in browser (#17084) + * Remove heads pointing to missing old refs (#17076) + * Fix commit status index problem (#17061) + * Handle broken references in mirror sync (#17013) + * Fix for create repo page layout (#17012) + * Improve LDAP synchronization efficiency (#16994) + * Add repo_id for attachment (#16958) + * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705) + * Remove duplicate csv import in modules/csv/csv.go (#16631) + * Improve SMTP authentication and Fix user creation bugs (#16612) + * Fixed emoji alias not parsed in links (#16221) + * Calculate label URL on API (#16186) +* TRANSLATION + * Fix mispelling of starred as stared (#17465) + * Re-separate the color translation strings (#17390) + * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998) +* BUILD + * Add lockfile-check (#18285) + * Don't store assets modified time into generated files (#18193) +* MISC + * Update JS dependencies (#17611) + +## [1.15.11](https://github.com/go-gitea/gitea/releases/tag/v1.15.11) - 2022-01-29 + +* SECURITY + * Only view milestones from current repo (#18414) (#18418) +* BUGFIXES + * Fix broken when no commits and default branch is not master (#18422) (#18424) + * Fix commit's time (#18375) (#18409) + * Fix restore without topic failure (#18387) (#18401) + * Fix mermaid import in 1.15 (it uses ESModule now) (#18382) + * Update to go/text 0.3.7 (#18336) +* MISC + * Upgrade EasyMDE to 2.16.1 (#18278) (#18279) + +## [1.15.10](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) - 2022-01-14 + +* BUGFIXES + * Fix inconsistent PR comment counts (#18260) (#18261) + * Fix release link broken (#18252) (#18253) + * Fix update user from site administration page bug (#18250) (#18251) + * Set HeadCommit when creating tags (#18116) (#18173) + * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152) + * Fix purple color in suggested label colors (#18241) (#18242) +* SECURITY + * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206) + +## [1.15.9](https://github.com/go-gitea/gitea/releases/tag/v1.15.9) - 2021-12-30 + +* BUGFIXES + * Fix wrong redirect on org labels (#18128) (#18134) + * Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095) + * Revert "Fix delete u2f keys bug (#18042)" (#18107) + * Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104) + * Prevent NPE if gitea uploader fails to open url (#18080) (#18101) + * Reset locale on login (#17734) (#18100) + * Correctly handle failed migrations (#17575) (#18099) + * Instead of using routerCtx just escape the url before routing (#18086) (#18098) + * Quote references to the user table in consistency checks (#18072) (#18073) + * Add NotFound handler (#18062) (#18067) + * Ensure that git repository is closed before transfer (#18049) (#18057) + * Use common sessioner for API and web routes (#18114) +* TRANSLATION + * Fix code search result hint on zh-CN (#18053) + +## [1.15.8](https://github.com/go-gitea/gitea/releases/tag/v1.15.8) - 2021-12-20 + +* BUGFIXES + * Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046) + * Fix delete u2f keys bug (#18040) (#18042) + * Reset Session ID on login (#18018) (#18041) + * Prevent off-by-one error on comments on newly appended lines (#18029) (#18035) + * Stop printing 03d after escaped characters in logs (#18030) (#18034) + * Reset locale on login (#18023) (#18025) + * Fix reset password email template (#17025) (#18022) + * Fix outType on gitea dump (#18000) (#18016) + * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015) + * Fix rename notification bug (#18011) + * Prevent double decoding of % in url params (#17997) (#18001) + * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992) + * Prevent deadlock in create issue (#17970) (#17982) +* TESTING + * Use non-expiring key. (#17984) (#17985) + +## [1.15.7](https://github.com/go-gitea/gitea/releases/tag/v1.15.7) - 2021-12-01 + +* ENHANCEMENTS + * Only allow webhook to send requests to allowed hosts (#17482) (#17510) + * Fix login redirection links (#17451) (#17473) +* BUGFIXES + * Fix database inconsistent when admin change user email (#17549) (#17840) + * Use correct user on releases (#17806) (#17818) + * Fix commit count in tag view (#17698) (#17790) + * Fix close issue but time watcher still running (#17643) (#17761) + * Fix Migrate Description (#17692) (#17727) + * Fix bug when project board get open issue number (#17703) (#17726) + * Return 400 but not 500 when request archive with wrong format (#17691) (#17700) + * Fix bug when read mysql database max lifetime (#17682) (#17690) + * Fix database deadlock when update issue labels (#17649) (#17665) + * Fix bug on detect issue/comment writer (#17592) + * Remove appSubUrl from pasted images (#17572) (#17588) + * Make `ParsePatch` more robust (#17573) (#17580) + * Fix stats upon searching issues (#17566) (#17578) + * Escape issue titles in comments list (#17555) (#17556) + * Fix zero created time bug on commit api (#17546) (#17547) + * Fix database keyword quote problem on migration v161 (#17522) (#17523) + * Fix email with + when active (#17518) (#17520) + * Stop double encoding blame commit messages (#17498) (#17500) + * Quote the table name in CountOrphanedObjects (#17487) (#17488) + * Run Migrate in Install rather than just SyncTables (#17475) (#17486) +* BUILD + * Fix golangci-lint warnings (#17598 et al) (#17668) +* MISC + * Preserve color when inverting emojis (#17797) (#17799) + +## [1.15.6](https://github.com/go-gitea/gitea/releases/tag/v1.15.6) - 2021-10-28 + +* BUGFIXES + * Prevent panic in serv.go with Deploy Keys (#17434) (#17435) + * Fix CSV render error (#17406) (#17431) + * Read expected buffer size (#17409) (#17430) + * Ensure that restricted users can access repos for which they are members (#17460) (#17464) + * Make commit-statuses popup show correctly (#17447) (#17466) +* TESTING + * Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463) + +## [1.15.5](https://github.com/go-gitea/gitea/releases/tag/v1.15.5) - 2021-10-21 + +* SECURITY + * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) + * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) +* BUGFIXES + * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) + * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) + * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) + * Ensure popup text is aligned left (backport for 1.15) (#17343) + * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) + * Disable core.protectNTFS (#17300) (#17302) + * Use pointer for wrappedConn methods (#17295) (#17296) + * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) + * Handle duplicate keys on GPG key ring (#17242) (#17284) + * Fix SVG side by side comparison link (#17375) (#17391) + +## [1.15.4](https://github.com/go-gitea/gitea/releases/tag/v1.15.4) - 2021-10-08 + +* BUGFIXES + * Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272) + * Don't allow merged PRs to be reopened (#17192) (#17271) + * Fix incorrect repository count on organization tab of dashboard (#17256) (#17266) + * Fix unwanted team review request deletion (#17257) (#17264) + * Fix broken Activities link in team dashboard (#17255) (#17258) + * API pull's head/base have correct permission(#17214) (#17245) + * Fix strange behavior of DownloadPullDiffOrPatch in incorrect index (#17223) (#17227) + * Upgrade xorm to v1.2.5 (#17177) (#17188) + * Fix missing repo link in issue/pull assigned emails (#17183) (#17184) + * Fix bug of get context user (#17169) (#17172) + * Nicely handle missing user in collaborations (#17049) (#17166) + * Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164) + * Fix wrong i18n keys (#17150) (#17153) + * Fix Archive Creation: correct transaction ending (#17151) + * Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141) + * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) +* ENHANCEMENT + * Check user instead of organization when creating a repo from a template via API (#16346) (#17195) +* TRANSLATION + * v1.15 fix Sprintf format 'verbs' in locale files (#17187) + +## [1.15.3](https://github.com/go-gitea/gitea/releases/tag/v1.15.3) - 2021-09-19 + +* ENHANCEMENTS + * Add fluid to ui container class to remove margin (#16396) (#16976) + * Add caller to cat-file batch calls (#17082) (#17089) +* BUGFIXES + * Render full plain readme. (#17083) (#17090) + * Upgrade xorm to v1.2.4 (#17059) + * Fix bug of migrate comments which only fetch one page (#17055) (#17058) + * Do not show issue context popup on external issues (#17050) (#17054) + * Decrement Fork Num when converting from Fork (#17035) (#17046) + * Correctly rollback in ForkRepository (#17034) (#17045) + * Fix missing close in WalkGitLog (#17008) (#17009) + * Add prefix to SVG id/class attributes (#16997) (#17000) + * Fix bug of migrated repository not index (#16991) (#16996) + * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990) + * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) + * Fix issue with issue default mail template (#16956) (#16975) + * Ensure that rebase conflicts are handled in updates (#16952) (#16960) + * Prevent panic on diff generation (#16950) (#16951) + +## [1.15.2](https://github.com/go-gitea/gitea/releases/tag/v1.15.2) - 2021-09-03 + +* BUGFIXES + * Add unique constraint back into issue_index (#16938) + * Close storage objects before cleaning (#16934) (#16942) + +## [1.15.1](https://github.com/go-gitea/gitea/releases/tag/v1.15.1) - 2021-09-02 + +* BUGFIXES + * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923) + * Prevent leave changes dialogs due to autofill fields (#16912) (#16920) + * Ignore review comment when ref commit is missed (#16905) (#16919) + * Fix wrong attachment removal (#16915) (#16917) + * Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913) + * Correctly return the number of Repositories for Organizations (#16807) (#16911) + * Test if LFS object is accessible (#16865) (#16904) + * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900) + * Fix dump and restore respository (#16698) (#16898) + * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895) + * Fix wiki raw commit diff/patch view (#16891) (#16892) + * Ensure wiki repos are all closed (#16886) (#16888) + * List limited and private orgs if authenticated on API (#16866) (#16879) + * Simplify split diff view generation and remove JS dependency (#16775) (#16863) + * Ensure that the default visibility is set on the user create page (#16845) (#16862) + * In Render tolerate not being passed a context (#16842) (#16858) + * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) + * Report the correct number of pushes on the feeds (#16811) (#16822) + * Add primary_key to issue_index (#16813) (#16820) + * Prevent NPE on empty commit (#16812) (#16819) + * Fix branch pagination error (#16805) (#16816) + * Add missing return to handleSettingRemoteAddrError (#16794) (#16795) + * Remove spurious / from issues.opened_by (#16793) + * Ensure that template compilation panics are sent to the logs (#16788) (#16792) + * Update caddyserver/certmagic (#16789) (#16790) + +## [1.15.0](https://github.com/go-gitea/gitea/releases/tag/v1.15.0) - 2021-08-21 + +* BREAKING + * Make app.ini permissions more restrictive (#16266) + * Refactor Webhook + Add X-Hub-Signature (#16176) + * Add asymmetric JWT signing (#16010) + * Clean-up the settings hierarchy for issue_indexer queue (#16001) + * Change default queue settings to be low go-routines (#15964) + * Improve assets handler middleware (#15961) + * Rename StaticUrlPrefix to AssetUrlPrefix (#15779) + * Use a generic markup class to display externally rendered files and diffs (#15735) + * Add frontend testing, require node 12 (#15315) + * Move (custom) assets into subpath `/assets` (#15219) + * Use level config in log section when sub log section not set level (#15176) + * Links in markdown should be absolute to the repository not the server (#15088) + * Upgrade to the latest version of golang-jwt (#16590) (#16606) + * Set minimum supported version of go to 1.16 (#16710) +* SECURITY + * Encrypt LDAP bind password in db with SECRET_KEY (#15547) + * Remove random password in Dockerfiles (#15362) + * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) + * Correctly create of git-daemon-export-ok files (#16508) (#16514) + * Don't show private user's repo in explore view (#16550) (#16554) + * Update node tar dependency to 6.1.6 (#16622) (#16623) +* FEATURES + * Update Go-Git to take advantage of LargeObjectThreshold (#16316) + * Support custom mime type mapping for text files (#16304) + * Link to previous blames in file blame page (#16259) + * Add LRU mem cache implementation (#16226) + * Localize Email Templates (#16200) + * Make command in authorized keys a template (#16003) + * Add possibility to make branch in branch page (#15960) + * Add email headers (#15939) + * Make tasklist checkboxes clickable (#15791) + * Add selecting tags on the compare page (#15723) + * Add cron job to delete old actions from database (#15688) + * On open repository open common cat file batch and batch-check (#15667) + * Add tag protection (#15629) + * Add push to remote mirror repository (#15157) + * Add Image Diff for SVG files (#14867) + * Add dashboard milestone search and repo milestone search by name. (#14866) + * Add LFS Migration and Mirror (#14726) + * Improve notifications for WIP draft PR's (#14663) + * Disable Stars config option (#14653) + * GPG Key Ownership verification with Signed Token (#14054) + * OAuth2 auto-register (#5123) +* API + * Return updated repository when changing repository using API (#16420) + * Let branch/tag name be a valid ref to get CI status (#16400) + * Add endpoint to get commits of PR (#16300) + * Allow COMMENT reviews to not specify a body (#16229) + * Add subject-type filter to list notification API endpoints (#16177) + * ListReleases add filter for draft and pre-releases (#16175) + * ListIssues add more filters (#16174) + * Issue Search Add filter for MilestoneNames (#16173) + * GET / SET User Settings (#16169) + * Expose repo.GetReviewers() & repo.GetAssignees() (#16168) + * User expose counters (#16167) + * Add repoGetTag (#16166) + * Add repoCreateTag (#16165) + * Creating a repo from a template repo via API (#15958) + * Add Active and ProhibitLogin to API (#15689) + * Add Location, Website and Description to API (#15675) + * Expose resolver via API (#15167) + * Swagger AccessToken fixes (#16574) (#16597) + * Set AllowedHeaders on API CORS handler (#16524) (#16618) +* ENHANCEMENTS + * Support HTTP/2 in Let's Encrypt (#16371) + * Introduce NotifySubjectType (#16320) + * Add forge emojies (#16296) + * Implemented head_commit for webhooks (#16282) + * Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278) + * Add previous/next buttons to review comments (#16273) + * Review comments: break-word for long file names (#16272) + * Add configuration to restrict allowed user visibility modes (#16271) + * Add scroll-margin-top to account for sticky header (#16269) + * Add --quiet and --verbose to gitea web to control initial logging (#16260) + * Use gitea logging module for git module (#16243) + * Add tests for all webhooks (#16214) + * Add button to delete undeleted repositories from failed migrations (#16197) + * Speed up git diff highlight generation (#16180) + * Add OpenID claims "profile" and "email". (#16141) + * Reintroduce squash merge default comment as a config setting (#16134) + * Add sanitizer rules per renderer (#16110) + * Improve performance of dashboard list orgs (#16099) + * Refactor assert statements in tests (#16089) + * Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086) + * Remove unnecessary goroutine (#16080) + * Add attachments for PR reviews (#16075) + * Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070) + * Add Visible modes function from Organisation to Users too (#16069) + * Add checkbox to delete pull branch after successful merge (#16049) + * Make commit info cancelable (#16032) + * Make modules/context.Context a context.Context (#16031) + * Unified custom config creation (#16012) + * Make sshd_config more flexible regarding connections (#16009) + * Append to existing trailers in generated squash commit message (#15980) + * Always store primary email address into email_address table and also the state (#15956) + * Load issue/PR context popup data only when needed (#15955) + * Remove remaining fontawesome usage in templates (#15952) + * Remove fomantic accordion module (#15951) + * Small refactoring of modules/private (#15947) + * Double the avatar size factor (#15941) + * Add curl to rootless docker image (#15908) + * Replace clipboard.js with async clipboard api (#15899) + * Allow custom highlight mapping beyond file extensions (#15808) + * Add trace logging to SSO methods (#15803) + * Refactor routers directory (#15800) + * Allow only internal registration (#15795) + * Add a new internal hook to save ssh log (#15787) + * Respect default merge message syntax when parsing item references (#15772) + * OAuth2 login: Set account link to "login" as default behavior (#15768) + * Use single shared random string generation function (#15741) + * Hold the event source when there are no listeners (#15725) + * Code comments improvements (#15722) + * Provide OIDC compliant user info endpoint (#15721) + * Fix webkit calendar icon color on arc-green (#15713) + * Improve Light Chroma style (#15699) + * Only use boost workers for leveldb shadow queues (#15696) + * Add compare tag dropdown to releases page (#15695) + * Add caret styling CSS (#15651) + * Remove x-ua-compatible meta tag (#15640) + * Refactor of link creation (#15619) + * Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) + * Rewrite of the LFS server (#15523) + * Display more repository type on admin repository management (#15440) + * Remove usage of some JS globals (#15378) + * SHA in merged commit comment should be rendered ui sha (#15376) + * Add well-known config for OIDC (#15355) + * Use route rather than use thus reducing the number of stack frames (#15301) + * Code Formats, Nits & Unused Func/Var deletions (#15286) + * Let package git depend on setting but not opposite (#15241) + * Fixed sanitize errors (#15240) + * response simple text message for not html request when 404 (#15229) + * Remove file-loader dependency (#15196) + * Refactor renders (#15175) + * Add mimetype mapping settings (#15133) + * Add Status Updates whilst Gitea migrations are occurring (#15076) + * Reload locales in initialisation if needed by utilizing i18n.Reset (#15073) + * Counterwork seemingly unclickable repo button labels (#15064) + * Add DefaultMergeStyle option to repository (#14789) + * Added support for gopher URLs. (#14749) + * Rework repository archive (#14723) + * Add links to toggle WIP status (#14677) + * Add Tabular Diff for CSV files (#14661) + * Use milestone deadline when sorting issues (#14551) +* BUGFIXES + * Fix invalid params and typo of email templates (#16394) + * Fix activation of primary email addresses (#16385) + * Fix calculation for finalPage in repo-search component (#16382) + * Specify user in rootless container numerically (#16361) + * Detect encoding changes while parsing diff (#16330) + * Fix U2F error reasons always hidden (#16327) + * Prevent zombie processes (#16314) + * Escape reference to `user` table in models.SearchEmails (#16313) + * Fix default push instructions on empty repos (#16302) + * Fix modified files list in webhooks when there is a space (#16288) + * Fix webhook commits wrong hash on HEAD reset (#16283) + * Fuzzer finds an NPE due to incorrect URLPrefix (#16249) + * Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238) + * Do not show No match found for tribute (#16231) + * Fix "Copy Link" for pull requests (#16230) + * Fix diff expansion is missing final line in a file (#16222) + * Fix private repo permission problem (#16142) + * Fix not able to update local created non-urlencoded wiki pages (#16139) + * More efficiently parse shas for shaPostProcessor (#16101) + * Fix `doctor --run check-db-consistency --fix` with label fix (#16094) + * Prevent webhook action buttons from shifting (#16087) + * Change default TMPDIR path in rootless containers (#16077) + * Fix typo and add TODO notice (#16064) + * Use git log name-status in get last commit (#16059) + * Fix 500 Error with branch and tag sharing the same name (#16040) + * Fix get tag when migration (#16014) + * Add custom emoji support (#16004) + * Use filepath.ToSlash and Join in indexer defaults and queues (#15971) + * Add permission check for ``GenerateRepository`` (#15946) + * Ensure settings for Service and Mailer are read on the install page (#15943) + * Fix layout of milestone view (#15927) + * Unregister non-matching serviceworkers (#15834) + * Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693) + * Attachment support repository route (#15580) + * Fix missing icons and colorpicker when mounted on suburl (#15501) + * Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304) + * Prevent double-login for Git HTTP and LFS and simplify login (#15303) + * Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278) + * Fix heatmap activity (#15252) + * Remove vendored copy of fomantic-dropdown (#15193) + * Update repository size on cron gc task (#15177) + * Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153) + * Add code block highlight to orgmode back (#14222) + * Remove User.GetOrganizations() (#14032) + * Restore Accessibility for Dropdown (#16576) (#16617) + * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) + * Fix table alignment in markdown (#16596) (#16602) + * Fix 500 on first wiki page (#16586) (#16598) + * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) + * Upgrade levelqueue to v0.4.0 (#16560) (#16561) + * Handle too long PR titles correctly (#16517) (#16549) + * Fix data race in bleve indexer (#16474) (#16509) + * Restore CORS on git smart http protocol (#16496) (#16506) + * Fix race in log (#16490) (#16505) + * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) + * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) + * Update notification table with only latest data (#16445) (#16469) + * Fix crash following ldap authentication update (#16447) (#16448) + * Fix direct creation of external users on admin page (partial #16612) (#16613) + * Prevent 500 on draft releases without tag (#16634) (#16636) + * Restore creation of git-daemon-export-ok files (#16508) (#16514) + * Fix data race in bleve indexer (#16474) (#16509) + * Restore CORS on git smart http protocol (#16496) (#16506) + * Fix race in log (#16490) (#16505) + * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) + * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) + * Update notification table with only latest data (#16445) (#16469) + * Fix crash following ldap authentication update (#16447) (#16448) + * Restore compatibility with SQLServer 2008 R2 in migrations (#16638) + * Fix direct creation of external users on admin page (#16613) + * Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659) + * Fix NPE in fuzzer (#16680) (#16682) + * Set issue_index when finishing migration (#16685) (#16687) + * Skip patch download when no patch file exists (#16356) (#16681) + * Ensure empty lines are copiable and final new line too (#16678) (#16692) + * Fix wrong user in OpenID response (#16736) (#16741) + * Do not use thin scrollbars on Firefox (#16738) (#16745) + * Recreate Tables should Recreate indexes on MySQL (#16718) (#16739) + * Keep attachments on tasklist update (#16750) (#16757) +* TESTING + * Bump `postgres` and `mysql` versions (#15710) + * Add tests for clone from wiki (#15513) + * Fix Benchmark tests, remove a broken one & add two new (#15250) + * Create Proper Migration tests (#15116) +* TRANSLATION + * Use a special name for update default branch on repository setting (#15893) + * Fix mirror_lfs source string in en-US locale (#15369) +* BUILD + * Upgrade xorm to v1.1.1 (#16339) + * Disable legal comments in esbuild (#15929) + * Switch to Node 16 to build fronted (#15804) + * Use esbuild to minify CSS (#15756) + * Use binary version of revive linter (#15739) + * Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465) + * Stop packaging node_modules in release tarballs (#15273) + * Introduce esbuild on webpack (#14578) +* DOCS + * Update queue workers documentation (#15999) + * Comment out app.example.ini (#15807) + * Improve logo customization docs (#15754) + * Add some response status on api docs (#15399) + * Rework Token API comments (#15162) + * Add better errors for disabled account recovery (#15117) +* MISC + * Remove utf8 option from installation page (#16126) + * Use Wants= over Requires= in systemd file (#15897) + +## [1.14.7](https://github.com/go-gitea/gitea/releases/tag/v1.14.7) - 2021-09-02 + +* BUGFIXES + * Add missing gitRepo close at GetDiffRangeWithWhitespaceBehavior (Partial #16894) (#16896) + * Fix wiki raw commit diff/patch view (#16891) (#16893) + * Ensure wiki repos are all closed (#16886) (#16889) + * Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16849) + * Recreate Tables should Recreate indexes on MySQL (#16718) (#16740) + +## [1.14.6](https://github.com/go-gitea/gitea/releases/tag/v1.14.6) - 2021-08-04 + +* SECURITY + * Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540) + * Switch to maintained JWT lib (#16532) (#16535) + * Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607) +* BUGFIXES + * Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495) + * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481) + +## [1.14.5](https://github.com/go-gitea/gitea/releases/tag/v1.14.5) - 2021-07-16 + +* SECURITY + * Hide mirror passwords on repo settings page (#16022) (#16355) + * Update bluemonday to v1.0.15 (#16379) (#16380) +* BUGFIXES + * Retry rename on lock induced failures (#16435) (#16439) + * Validate issue index before querying DB (#16406) (#16410) + * Fix crash following ldap authentication update (#16447) (#16449) +* ENHANCEMENTS + * Redirect on bad CSRF instead of presenting bad page (#14937) (#16378) + +## [1.14.4](https://github.com/go-gitea/gitea/releases/tag/v1.14.4) - 2021-07-06 + +* BUGFIXES + * Fix relative links in postprocessed images (#16334) (#16340) + * Fix list_options GetStartEnd (#16303) (#16305) + * Fix API to use author for commits instead of committer (#16276) (#16277) + * Handle misencoding of login_source cfg in mssql (#16268) (#16275) + * Fixed issues not updated by commits (#16254) (#16261) + * Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255) + * Use html.Parse rather than html.ParseFragment (#16223) (#16225) + * Fix milestone counters on new issue (#16183) (#16224) + * reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219) + +## [1.14.3](https://github.com/go-gitea/gitea/releases/tag/v1.14.3) - 2021-06-18 + +* SECURITY + * Encrypt migration credentials at rest (#15895) (#16187) + * Only check access tokens if they are likely to be tokens (#16164) (#16171) + * Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039) + * Fix setting of SameSite on cookies (#15989) (#15991) +* API + * Repository object only count releases as releases (#16184) (#16190) + * EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190) + * Fix overly strict edit pr permissions (#15900) (#16081) +* BUGFIXES + * Run processors on whole of text (#16155) (#16185) + * Class `issue-keyword` is being incorrectly stripped off spans (#16163) (#16172) + * Fix language switch for install page (#16043) (#16128) + * Fix bug on getIssueIDsByRepoID (#16119) (#16124) + * Set self-adjusting deadline for connection writing (#16068) (#16123) + * Fix http path bug (#16117) (#16120) + * Fix data URI scramble (#16098) (#16118) + * Merge all deleteBranch as one function and also fix bug when delete branch don't close related PRs (#16067) (#16097) + * git migration: don't prompt interactively for clone credentials (#15902) (#16082) + * Fix case change in ownernames (#16045) (#16050) + * Don't manipulate input params in email notification (#16011) (#16033) + * Remove branch URL before IssueRefURL (#15968) (#15970) + * Fix layout of milestone view (#15927) (#15940) + * GitHub Migration, migrate draft releases too (#15884) (#15888) + * Close the gitrepo when deleting the repository (#15876) (#15887) + * Upgrade xorm to v1.1.0 (#15869) (#15885) + * Fix blame row height alignment (#15863) (#15883) + * Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882) + * Backport Fix LFS commit finder not working (#15856) (#15874) + * Stop calling WriteHeader in Write (#15862) (#15873) + * Add timeout to writing to responses (#15831) (#15872) + * Return go-get info on subdirs (#15642) (#15871) + * Restore PAM user autocreation functionality (#15825) (#15867) + * Fix truncate utf8 string (#15828) (#15854) + * Fix bound address/port for caddy's certmagic library (#15758) (#15848) + * Upgrade unrolled/render to v1.1.1 (#15845) (#15846) + * Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840) + * Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839) + * Set autocomplete off on branches selector (#15809) (#15833) + * Add missing error to Doctor log (#15813) (#15824) + * Move restore repo to internal router and invoke from command to avoid open the same db file or queues files (#15790) (#15816) +* ENHANCEMENTS + * Removable media support to snap package (#16136) (#16138) + * Move sans-serif fallback font higher than emoji fonts (#15855) (#15892) +* DOCKER + * Only write config in environment-to-ini if there are changes (#15861) (#15868) + * Only offer hostcertificates if they exist (#15849) (#15853) + +## [1.14.2](https://github.com/go-gitea/gitea/releases/tag/v1.14.2) - 2021-05-09 + +* API + * Make change repo settings work on empty repos (#15778) (#15789) + * Add pull "merged" notification subject status to API (#15344) (#15654) +* BUGFIXES + * Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798) + * Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775) + * Set GIT_DIR correctly if it is not set (#15751) (#15769) + * Fix bug where repositories appear unadopted (#15757) (#15767) + * Not show `ref-in-new-issue` pop when issue was disabled (#15761) (#15765) + * Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762) + * Fix setting version table in dump (#15753) (#15759) + * Fix close button change on delete in simplemde area (#15737) (#15747) + * Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746) + * Fix some ui bug about draft release (#15137) (#15745) + * Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715) + * Move tooltip down to allow selection of Remove File on error (#15672) (#15714) + * Fix setting redis db path (#15698) (#15708) + * Fix DB session cleanup (#15697) (#15700) + * Fixed several activation bugs (#15473) (#15685) + * Delete references if repository gets deleted (#15681) (#15684) + * Fix orphaned objects deletion bug (#15657) (#15683) + * Delete protected branch if repository gets removed (#15658) (#15676) + * Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652) + * Not update updated uinx for `git gc` (#15637) (#15641) + * Fix commit graph author link (#15627) (#15630) + * Fix webhook timeout bug (#15613) (#15621) + * Resolve panic on failed interface conversion in migration v156 (#15604) (#15610) + * Fix missing storage init (#15589) (#15598) + * If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594) + * Fix lfs management find (#15537) (#15578) + * Fix NPE on view commit with notes (#15561) (#15573) + * Fix bug on commit graph (#15517) (#15530) + * Send size to /avatars if requested (#15459) (#15528) + * Prevent migration 156 failure if tag commit missing (#15519) (#15527) +* ENHANCEMENTS + * Display conflict-free merge messages for pull requests (#15773) (#15796) + * Exponential Backoff for ByteFIFO (#15724) (#15793) + * Issue list alignment tweaks (#15483) (#15766) + * Implement delete release attachments and update release attachments' name (#14130) (#15666) + * Add placeholder text to deploy key textarea (#15575) (#15576) + * Project board improvements (#15429) (#15560) + * Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365) +* MISC + * Fix webkit calendar icon color on arc-green (#15713) (#15728) + * Performance improvement for last commit cache and show-ref (#15455) (#15701) + * Bump unrolled/render to v1.1.0 (#15581) (#15608) + * Add ETag header (#15370) (#15552) + +## [1.14.1](https://github.com/go-gitea/gitea/releases/tag/v1.14.1) - 2021-04-15 + +* BUGFIXES + * Fix bug clone wiki (#15499) (#15502) + * Github Migration ignore rate limit, if not enabled (#15490) (#15495) + * Use subdir for URL (#15446) (#15493) + * Query the DB for the hash before inserting in to email_hash (#15457) (#15491) + * Ensure review dismissal only dismisses the correct review (#15477) (#15489) + * Use index of the supported tags to choose user lang (#15452) (#15488) + * Fix wrong file link in code search page (#15466) (#15486) + * Quick template fix for built-in SSH server in admin config (#15464) (#15481) + * Prevent superfluous response.WriteHeader (#15456) (#15476) + * Fix ambiguous argument error on tags (#15432) (#15474) + * Add created_unix instead of expiry to migration (#15458) (#15463) + * Fix repository search (#15428) (#15442) + * Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439) + * Fix wiki clone urls (#15430) (#15431) + * Fix dingtalk icon url at webhook (#15417) (#15426) + * Standardise icon on projects PR page (#15387) (#15408) +* ENHANCEMENTS + * Add option to skip LFS/attachment files for `dump` (#15407) (#15492) + * Clone panel fixes (#15436) + * Use semantic dropdown for code search query type (#15276) (#15364) +* BUILD + * Build go-git variants for windows (#15482) (#15487) + * Lock down build-images dependencies (Partial #15479) (#15480) +* MISC + * Performance improvement for list pull requests (#15447) (#15500) + * Fix potential copy lfs records failure when fork a repository (#15441) (#15485) + +## [1.14.0](https://github.com/go-gitea/gitea/releases/tag/v1.14.0) - 2021-04-11 + +* SECURITY + * Respect approved email domain list for externally validated user registration (#15014) + * Add reverse proxy configuration support for remote IP address detection (#14959) + * Ensure validation occurs on clone addresses too (#14994) + * Fix several render issues highlighted during fuzzing (#14986) +* BREAKING + * Fix double 'push tag' action feed (#15078) (#15083) + * Remove possible resource leak (#15067) (#15082) + * Handle unauthorized user events gracefully (#15071) (#15074) + * Restore Access.log following migration to Chi framework (Stops access logging of /api/internal routes) (#14475) + * Migrate from Macaron to Chi framework (#14293) + * Deprecate building for mips (#14174) + * Consolidate Logos and update README header (#14136) + * Inline manifest.json (#14038) + * Store repository data in data path if not previously set (#13991) + * Rename "gitea" png to "logo" (#13974) + * Standardise logging of failed authentication attempts in internal SSH (#13962) + * Add markdown support in organization description (#13549) + * Improve users management through the CLI (#6001) (#10492) +* FEATURES + * Create a new issue with reference to lines of code from file view (#14863) + * Repository transfer has to be confirmed, if user can not create repo for new owner (#14792) + * Allow blocking some email domains from registering an account (#14667) + * Create a new issue based on reference to an issue comment (#14366) + * Add support to migrate from gogs (#14342) + * Add pager to the branches page (#14202) + * Minimal OpenID Connect implementation (#14139) + * Display current stopwatch in navbar (#14122) + * Display SVG files as images instead of text (#14101) + * Disable SSH key deletion of externally managed Keys (#13985) + * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462) + * Add support for Mastodon OAuth2 provider (#13293) + * Add gitea sendmail command (#13079) + * Create DB session provider(based on xorm) (#13031) + * Add dismiss review feature (#12674) + * Make manual merge autodetection optional and add manual merge as merge method (#12543) + * Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) + * Create Rootless Docker image (#10154) +* API + * Speedup issue search (#15179) (#15192) + * Get pull, return head branch sha, even if deleted (#14931) + * Export LFS & TimeTracking function status (#14753) + * Show Gitea version in swagger (#14654) + * Fix PATCH /repos/{owner}/{repo} panic (#14637) + * Add Restricted Field to User (#14630) + * Add support for ref parameter to get raw file API (#14602) + * Add affected files of commits to commit struct (#14579) + * Fix CJK fonts again and misc. font issues (#14575) + * Add delete release by tag & delete tag (#14563) & (#13358) + * Add pagination to ListBranches (#14524) + * Add signoff option in commit form (#14516) + * GetRelease by tag only return release (#14397) + * Add MirrorInterval to the API (#14163) + * Make BasicAuth Prefix case insensitive (#14106) + * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081) + * Add ref to create/edit issue options & deprecated assignee (#13992) + * Add Ref to Issue (#13946) + * Expose default theme in meta and API (#13809) + * Send error message when CSRF token is missing (#13676) + * List, Check, Add & delete endpoints for repository teams (#13630) + * Admin EditUser: Make FullName, Email, Website & Location optional (#13562) + * Add more filters to issues search (#13514) + * Add review request api (#11355) +* BUGFIXES + * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396) + * Always set the merge base used to merge the commit (#15352) (#15385) + * Upgrade to bluemonday 1.0.7 (#15379) (#15380) + * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377) + * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361) + * Show diff on rename with diff changes (#15338) (#15339) + * Fix handling of logout event (#15323) (#15337) + * Fix CanCreateRepo check (#15311) (#15321) + * Fix xorm log stack level (#15285) (#15316) + * Fix bug in Wrap (#15302) (#15309) + * Drop the event source if we are unauthorized (#15275) (#15280) + * Backport Fix graph pagination (#15225) (#15249) + * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200) + * should run RetrieveRepoMetas() for empty pr (#15187) (#15190) + * Move setting to enable closing issue via commit in non default branch to repo settings (#14965) + * Show correct issues for team dashboard (#14952) + * Ensure that new pull request button works on forked forks owned by owner of the root and reduce ambiguity (#14932) + * Only allow issue labels from owner repository or organization (#14928) + * Fix alignment of People and Teams right arrow on org homepage (#14924) + * Fix overdue marking of closed issues and milestones (#14923) + * Prevent panic when empty MilestoneID in repo/issue/list (#14911) + * Fix migration context data (#14910) + * Handle URLs with trailing slash (#14852) + * Add CORS config on to /login/oauth/access_token endpoint (#14850) + * Make searching issues by keyword case insensitive on DB (#14848) + * Prevent use of double sub-path and incorrect asset path in manifest (#14827) + * Fix link account ui (#14763) + * Fix preview status switch button on wiki editor (#14742) + * Fix github download on migration (#14703) + * Fix svg spacing (#14638) + * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623) + * Truncated organizations name (#14615) + * Exclude the current dump file from the dump (#14606) + * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604) + * Ensure memcache caching works when TTL greater than 30 days (#14592) + * Remove NULs byte arrays passed to PostProcess (#14587) + * Restore detection of branches are equal on compare page (#14586) + * Fix incorrect key name so registerManualConfirm works (#14455) + * Fix close/reopen with comment (#14436) + * Allow passcode invalid error to appear (#14371) + * Escape branch names in compare url (#14364) + * Label and milestone webhooks on issue/pull creation (#14363) + * Handle NotifyCreateRef as create branch in feeds (#14245) + * Prevent clipping input text in Chrome + Segoe UI Font (#14179) + * Fix UI on edit auth source page (#14137) + * Fix git.parseTagData (#14105) + * Refactor get tag to remove unnecessary steps (#14058) + * Fix integrations test error with space in CURDIR path (#14056) + * Dropdown triangle fixes (#14028) + * Fix label of --id in admin delete user (#14005) + * Cause NotifyMigrateRepository to emit a repo create webhook (#14004) + * Update HEAD to match defaultBranch in template generation (#13948) + * Fix action avatar loading (#13909) + * Fix issue participants (#13893) + * Fix avatar template error (#13833) + * Fix review request notification email links when external issue tracker is enabled (#13723) + * Fix blame line alignment (#13542) + * Include OriginalAuthor in Reaction constraint (#13505) + * Comments on review should have the same sha (#13448) + * Fix whitespace rendering in diff (#13415) + * Fixed git args duplication (#13411) + * Fix bug on release publisherid migrations (#13410) + * Fix --port setting (#13288) + * Keep database transactions not too big (#13254) + * Git version check, ignore pre-releases constraints (#13234) + * Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) + * Update Mirror IsEmpty status on synchronize (#13185) + * Use GO variable in go-check target (#13146) (#13147) +* ENHANCEMENTS + * UI style improvements + * Dropzone styling improvements (#15291) (#15374) + * Add size to Save function (#15264) (#15270) + * Monaco improvements (#15333) (#15345) + * Support .mailmap in code activity stats (#15009) + * Sort release attachments by name (#15008) + * Add ui.explore settings to control view of explore pages (#14094) + * Make internal SSH server host key path configurable (#14918) + * Hide resync all ssh principals when using internal ssh server (#14904) + * Add SameSite setting for cookies (#14900) + * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781) + * Add environment-to-ini to docker image (#14762) + * Add preview support for wiki editor when disable simpleMDE (#14757) + * Add easyMDE(simpleMDE) support for release content editor (#14744) + * Organization removal confirmation using name not password (#14738) + * Make branch names in PR description clickable (#14716) + * Add Password Algorithm option to install page (#14701) + * Add fullTextSearch to dropdowns by default (#14694) + * Fix truncated organization names (#14655) + * Whitespace in commits (#14650) + * Sort / move project boards (#14634) + * Make fileheader sticky in diffs (#14616) + * Add helper descriptions on new repo page (#14591) + * Move the stopwatches to the eventsource stream (#14588) + * Add Content-Length header to HEAD requests (#14542) + * Add Image Diff options in Diff view (#14450) + * Improve Description in new/ edit Project template (#14429) + * Allow ssh-keygen on Windows to detect ssh key type (#14413) + * Display error if twofaSecret cannot be retrieved (#14372) + * Sort issue search results by revelance (#14353) + * Implement ghost comment mitigation (#14349) + * Upgrade blevesearch dependency to v2.0.1 (#14346) + * Add edit, delete and reaction support to code review comments on issue page (#14339) + * Merge default and system webhooks under one menu (#14244) + * Add option for administrator to reset user 2FA (#14243) + * Add option to change username to the admin panel (#14229) + * Check for 'main' as potential default branch name (#14193) + * Project: show referenced PRs in issue cards (#14183) + * Use caddy's certmagic library for extensible/robust ACME handling (#14177) + * CLI support for OAuth sources custom icons (#14166) + * Custom icons for OAuth sources (#14161) + * Team dashboards (#14159) + * KanBan: be able to set default board (#14147) + * Disable Fomantic's custom scrollbars (#14109) + * Add UI to delete tracked times (#14100) + * Rework heatmap permissions (#14080) + * Issue and pull request filters on organization dashboard (#14072) + * Fix webhook list styling (#14001) + * Show dropdown with all statuses for commit (#13977) + * Show status check for merged PRs (#13975) + * Diff stat improvements (#13954) + * Report permissions denied in internal SSH (#13953) + * Markdown task list improvements (#13952) + * Heatmap days clickable (#13935) + * chore: use octicon-mirror for feeds display (#13928) + * Move diff split code into own template file (#13919) + * Markdown: Enable wrapping in code blocks and a color tweak (#13894) + * Do not reload page after adding comments in Pull Request reviews (#13877) + * Add pull request manually merge instruction (#13840) + * add thumbnail preview section to issue attachments (#13826) + * Move Repo APIFormat to convert package (#13787) + * Move notification APIFormat (#13783) + * Swap swagger-ui with swagger-ui-dist (#13777) + * User Settings: Ignore empty language codes & validate (#13755) + * Improve migrate page and add card CSS (#13751) + * Add block on official review requests branch protection (#13705) + * Add review requested filter on pull request overview (#13701) + * Use chronological commit order in default squash message (#13696) + * Clickable links in pull request (and issue) titles (#13695) + * Support shortened commit SHAs in URLs (#13686) + * Use native git variants by default with go-git variants as build tag (#13673) + * Don't render dropdown when only 1 merge style is available (#13670) + * Move webhook type from int to string (#13664) + * Direct avatar rendering (#13649) + * Verify password for local-account activation (#13631) + * Prevent clone protocol button flash on page load (#13626) + * Remove fetch request from heatmap (#13623) + * Refactor combine label comments with tests (#13619) + * Move metrics from macaron to chi (#13601) + * Issue and Pulls lists rework (#13594) + * HTTP cache rework and enable caching for storage assets (#13569) + * Use mount but not register for chi routes (#13555) + * Use monaco for the git hook editor (#13552) + * Make heatmap colors more distinct (#13533) + * Lazy-load issue reviewers and assignees avatars (#13526) + * Change search and filter icons to SVG (#13473) + * Create tag on ui (#13467) + * updateSize when create a repo with init commit (#13441) + * Added title and action buttons to Project view page (#13437) + * Override fomantic monospace fonts and set size (#13435) + * Rework focused comment styling (#13434) + * Tags cleanup (#13428) + * Various style tweaks (#13418) + * Refactor push update (#13381) + * Comment box tweaks and SVG dropdown triangles (#13376) + * Various style fixes (#13372) + * Change repo home page icons to SVG (#13364) + * Use CSS Vars for primary color (#13361) + * Refactor image paste code (#13354) + * Switch from SimpleMDE to EasyMDE (#13333) + * Group Label Changed Comments in timeline (#13304) + * Make the logger an interface (#13294) + * Fix PR/Issue titles on mobile (#13292) + * Rearrange the order of the merged by etc. in locale (#13284) + * Replace footer and modal icons with SVG (#13245) + * Issues overview should not show issues from archived repos (#13220) + * Show stale label for stale code comment which is marked as resolved (#13213) + * Use CSS Variables for fonts, remove postcss-loader (#13204) + * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) + * Move install pages out of main macaron routes (#13195) + * Update outdated label to use Fomantic UI style (#13181) + * Added option to disable webhooks (#13176) + * Change order of possible-owner organizations to alphabetical (#13160) + * Log IP on SSH authentication failure for Built-in SSH server (#13150) + * Added option to disable migrations (#13114) + * New "Add Mirror" Button in the Organization view (#13105) + * Manually approve new registration (#13083) + * Cron job to cleanup hook_task table (#13080) + * Use the headline comment of pull-request as the squash commit's message (#13071) + * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) + * Slightly simplify the queue settings code to help reduce the risk of problems (#12976) + * Add precise search type for Elastic Search (#12869) + * Move APIFormat functions into convert package (#12856) + * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links, Show only certain branches, (#12766) + * Add TrN for repository limit (#12492) + * Refactor doctor (#12264) + * Add the tag list page to the release page (#12096) + * Redirect on changed user and org name (#11649) + * load U2F js only on pages which need it (#11585) + * Make archival asynchronous (#11296) + * Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420) + * Improve vfsgen to not unzip bindata files but send to browser directly (#7109) + * Enhance release list (#6025) +* DOCS + * Swagger show models by default (#14880) + * Add missing repo.projects unit into swagger (#14876) + * Update docs and comments to remove macaron (#14491) + * Issue template addition: Are you using Gitea behind CloudFlare? (#14098) + * Generate man pages (#13901) + * Reformat/fine-tune docs (#13897) + * Added Table of Contents to long documentation pages (#13890) + * Add docs command (#13429) + * Update external-renderers.en-us.md (#13165) +* MISC + * Add builds for apple M1 (darwin arm64) (#14951) + * Migrate to use jsoniter instead of encoding/json (#14841) + * Reduce make verbosity (#13803) + * Add git command error directory on log (#13194) + +## [1.13.7](https://github.com/go-gitea/gitea/releases/tag/v1.13.7) - 2021-04-07 + +* SECURITY + * Update to bluemonday-1.0.6 (#15294) (#15298) + * Clusterfuzz found another way (#15160) (#15169) +* API + * Fix wrong user returned in API (#15139) (#15150) +* BUGFIXES + * Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317) + * Speed up `enry.IsVendor` (#15213) (#15246) + * Response 404 for diff/patch of a commit that not exist (#15221) (#15238) + * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15201) +* MISC + * Add size to Save function (#15264) (#15271) + +## [1.13.6](https://github.com/go-gitea/gitea/releases/tag/v1.13.6) - 2021-03-23 + +* SECURITY + * Fix bug on avatar middleware (#15124) (#15125) + * Fix another clusterfuzz identified issue (#15096) (#15114) +* API + * Fix nil exeption for get pull reviews API #15104 (#15106) +* BUGFIXES + * Fix markdown rendering in milestone content (#15056) (#15092) + +## [1.13.5](https://github.com/go-gitea/gitea/releases/tag/v1.13.5) - 2021-03-21 + +* SECURITY + * Update to goldmark 1.3.3 (#15059) (#15061) + * Another clusterfuzz spotted issue (#15032) (#15034) +* API + * Fix set milestone on PR creation (#14981) (#15001) + * Prevent panic when editing forked repos by API (#14960) (#14963) +* BUGFIXES + * Fix bug when upload on web (#15042) (#15055) + * Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051) + * Fix postgres ID sequences broken by recreate-table (#15015) (#15029) + * Fix several render issues (#14986) (#15013) + * Make sure sibling images get a link too (#14979) (#14995) + * Fix Anchor jumping with escaped query components (#14969) (#14977) + * Fix release mail html template (#14976) + * Fix excluding more than two labels on issues list (#14962) (#14973) + * Don't mark each comment poster as OP (#14971) (#14972) + * Add "captcha" to list of reserved usernames (#14930) + * Re-enable import local paths after reversion from #13610 (#14925) (#14927) + +## [1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4) - 2021-03-07 + +* SECURITY + * Fix issue popups (#14898) (#14899) +* BUGFIXES + * Fix race in LFS ContentStore.Put(...) (#14895) (#14913) + * Fix a couple of issues with a feeds (#14897) (#14903) + * When transfering repository and database transaction failed, rollback the renames (#14864) (#14902) + * Fix race in local storage (#14888) (#14901) + * Fix 500 on pull view page if user is not loged in (#14885) (#14886) +* DOCS + * Fix how lfs data path is set (#14855) (#14884) + +## [1.13.3](https://github.com/go-gitea/gitea/releases/tag/v1.13.3) - 2021-03-04 + +* BREAKING + * Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675) +* BUGFIXES + * Fix paging of file commit logs (#14831) (#14879) + * Print useful error if SQLite is used in settings but not supported (#14476) (#14874) + * Fix display since time round (#14226) (#14873) + * When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842) + * Set HCaptchaSiteKey on Link Account pages (#14834) (#14839) + * Fix a couple of CommentAsPatch issues. (#14804) (#14820) + * Disable broken OAuth2 providers at startup (#14802) (#14811) + * Repo Transfer permission checks (#14792) (#14794) + * Fix double alert in oauth2 application edit view (#14764) (#14768) + * Fix broken spans in diffs (#14678) (#14683) + * Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676) + * HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649) + * Do not assume all 40 char strings are SHA1s (#14624) (#14648) + * Allow org labels to be set with issue templates (#14593) (#14647) + * Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607) + * Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573) + * Fix GPG key deletion during account deletion (#14561) (#14569) + +## [1.13.2](https://github.com/go-gitea/gitea/releases/tag/v1.13.2) - 2021-01-31 + +* SECURITY + * Prevent panic on fuzzer provided string (#14405) (#14409) + * Add secure/httpOnly attributes to the lang cookie (#14279) (#14280) +* API + * If release publisher is deleted use ghost user (#14375) +* BUGFIXES + * Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530) + * Set the name Mapper in migrations (#14526) (#14529) + * Fix wiki preview (#14515) + * Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497) + * ChangeUserName: rename user files back on DB issue (#14447) + * Fix lfs preview bug (#14428) (#14433) + * Ensure timeout error is shown on u2f timeout (#14417) (#14431) + * Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425) + * Use path not filepath in routers/editor (#14390) (#14396) + * Check if label template exist first (#14384) (#14389) + * Fix migration v141 (#14387) (#14388) + * Use Request.URL.RequestURI() for fcgi (#14347) + * Use ServerError provided by Context (#14333) (#14345) + * Fix edit-label form init (#14337) + * Fix mailIssueCommentBatch for pull request (#14252) (#14296) + * Render links for commit hashes followed by comma (#14224) (#14227) + * Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221) + * Fix avatar bugs (#14217) (#14220) + * Ensure that schema search path is set with every connection on postgres (#14131) (#14216) + * Fix dashboard issues labels filter bug (#14210) (#14214) + * When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213) + * Fix branch selector on new issue page (#14194) (#14207) + * Check for notExist on profile repository page (#14197) (#14203) + +## [1.13.1](https://github.com/go-gitea/gitea/releases/tag/v1.13.1) - 2020-12-29 + +* SECURITY + * Hide private participation in Orgs (#13994) (#14031) + * Fix escaping issue in diff (#14153) (#14154) +* BUGFIXES + * Fix bug of link query order on markdown render (#14156) (#14171) + * Drop long repo topics during migration (#14152) (#14155) + * Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143) + * Fix storage config implementation (#14091) (#14095) + * Fix panic in BasicAuthDecode (#14046) (#14048) + * Always wait for the cmd to finish (#14006) (#14039) + * Don't use simpleMDE editor on mobile devices for 1.13 (#14029) + * Fix incorrect review comment diffs (#14002) (#14011) + * Trim the branch prefix from action.GetBranch (#13981) (#13986) + * Ensure template renderer is available before storage handler (#13164) (#13982) + * Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967) + * Enforce setting HEAD in wiki to master (#13950) (#13961) + * Fix feishu webhook caused by API changed (#13938) + * Fix Quote Reply button on review diff (#13830) (#13898) + * Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896) + * Fix mermaid chart size (#13865) + * Fix branch/tag notifications in mirror sync (#13855) (#13862) + * Fix crash in short link processor (#13839) (#13841) + * Update font stack to bootstrap's latest (#13834) (#13837) + * Make sure email recipients can see issue (#13820) (#13827) + * Reply button is not removed when deleting a code review comment (#13824) + * When reinitialising DBConfig reset the database use flags (#13796) (#13811) +* ENHANCEMENTS + * Add emoji in label to project boards (#13978) (#14021) + * Send webhook when tag is removed via Web UI (#14015) (#14019) + * Use Process Manager to create own Context (#13792) (#13793) +* API + * GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047) + * Return original URL of Repositories (#13885) (#13886) + +## [1.13.0](https://github.com/go-gitea/gitea/releases/tag/v1.13.0) - 2020-12-01 + +* SECURITY + * Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776) + * Prevent git operations for inactive users (#13527) (#13536) + * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524) + * Mitigate Security vulnerability in the git hook feature (#13058) + * Disable DSA ssh keys by default (#13056) + * Set TLS minimum version to 1.2 (#12689) + * Use argon as default password hash algorithm (#12688) +* BREAKING + * Set RUN_MODE prod by default (#13765) (#13767) + * Don't replace underscores in auto-generated IDs in goldmark (#12805) + * Add Primary Key to Topic and RepoTopic tables (#12639) + * Disable password complexity check default (#12557) + * Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500) + * Add extension Support to Attachments (allow all types for releases) (#12465) + * Remove IE11 Support (#11470) +* FEATURES + * Adopt repositories (#12920) + * Check passwords against HaveIBeenPwned (#12716) + * Gitea 2 Gitea migration (#12657) + * Support storing Avatars in minio (#12516) + * Allow addition of gpg keyring with multiple keys (#12487) + * Add email notify for new release (#12463) + * Add Access-Control-Expose-Headers (#12446) + * UserProfile Page: Render Description (#12415) + * Add command to recreate tables (#12407) + * Add mermaid JS renderer (#12334) + * Add ssh certificate support (#12281) + * Add spent time to referenced issue in commit message (#12220) + * Initial support for push options (#12169) + * Provide option to unlink a fork (#11858) + * Show exact tag for commit on diff view (#11846) + * Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777) + * Issue templates directory (#11450) + * Add a storage layer for attachments (#11387) + * Add hide activity option (#11353) + * Add push commits history comment on PR time-line (#11167) + * Support elastic search for code search (#10273) + * Kanban board (#8346) +* API + * If User is Admin, show 500 error message on PROD mode too (#13115) + * Add Timestamp to Tag list API (#13026) + * Return sample message for login error in api context (#12994) + * Add IsTemplate option in create repo ui and api (#12942) + * GetReleaseByID return 404 if not found (#12933) + * Get release by tags endpoint (#12932) + * NotificationSubject show Issue/Pull State (#12901) + * Expose its limitation settings (#12714) + * Add Created & Updated to Milestone (#12662) + * Milestone endpoints accept names too (#12649) + * Expose Attachment Settings in the API (#12514) + * Add Issue and Repo info to StopWatch (#12458) + * Add cron running API (#12421) + * Add Update Pull HeadBranch Function (#12419) + * Add TOTP header to Swagger Documentation (#12402) + * Delete Token accept names too (#12366) + * Add name filter for GetMilestoneList (#12336) + * Fixed count of filtered issues when api request. (#12275) + * Do not override API issue pagination with UI settings (#12068) + * Expose useful General Repo settings settings (#11758) + * Return error when trying to create Mirrors but Mirrors are globally disabled (#11757) + * Provide diff and patch API endpoints (#11751) + * Allow to create closed milestones (#11745) + * Add language Statistics endpoint (#11737) + * Add Endpoint to get GetGeneralUI Settings (#11735) & (#11854) + * Issue/Pull expose IsLocked Property on API (#11708) + * Add endpoint for Branch Creation (#11607) + * Add pagination headers on endpoints that support total count from database (#11145) +* BUGFIXES + * Fix bogus http requests on diffs (#13760) (#13761) + * Show 'owner' tag for real owner (#13689) (#13743) + * Validate email before inserting/updating (#13475) (#13666) + * Fix issue/pull request list assignee filter (#13647) (#13651) + * Gitlab migration support for subdirectories (#13563) (#13591) + * Fix logic for preferred license setting (#13550) (#13557) + * Add missed sync branch/tag webhook (#13538) (#13556) + * Migration won't fail on non-migrated reactions (#13507) + * Fix Italian language file parsing error (#13156) + * Show outdated comments in pull request (#13148) (#13162) + * Fix parsing of pre-release git version (#13169) (#13172) + * Fix diff skipping lines (#13154) (#13155) + * When handling errors in storageHandler check underlying error (#13178) (#13193) + * Fix size and clickable area on file table back link (#13205) (#13207) + * Add better error checking for inline html diff code (#13251) + * Fix initial commit page & binary munching problem (#13249) (#13258) + * Fix migrations from remote Gitea instances when configuration not set (#13229) (#13273) + * Store task errors following migrations and display them (#13246) (#13287) + * Fix bug isEnd detection on getIssues/getPullRequests (#13299) (#13301) + * When the git ref is unable to be found return broken pr (#13218) (#13303) + * Ensure topics added using the API are added to the repository (#13285) (#13302) + * Fix avatar autogeneration (#13233) (#13282) + * Add migrated pulls to pull request task queue (#13331) (#13334) + * Issue comment reactions should also check pull type on API (#13349) (#13350) + * Fix links to repositories in /user/setting/repos (#13360) (#13362) + * Remove obsolete change of email on profile page (#13341) (#13347) + * Fix scrolling to resolved comment anchors (#13343) (#13371) + * Storage configuration support `[storage]` (#13314) (#13379) + * When creating line diffs do not split within an html entity (#13357) (#13375) (#13425) (#13427) + * Fix reactions on code comments (#13390) (#13401) + * Add missing full names when DEFAULT_SHOW_FULL_NAME is enabled (#13424) + * Replies to outdated code comments should also be outdated (#13217) (#13433) + * Fix panic bug in handling multiple references in commit (#13486) (#13487) + * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13491) + * Show original author's reviews on pull summary box (#13127) + * Update golangci-lint to version 1.31.0 (#13102) + * Fix line break for MS teams webhook (#13081) + * Fix Issue & Pull Request comment headers on mobile (#13039) + * Avoid setting the CONN_STR in queues unless it is meant to be set (#13025) + * Remove code-view class from diff view (#13011) + * Fix the color of PR comment hyperlinks. (#13009) + * (Re)Load issue labels when changing them (#13007) + * Fix Media links in org files not liked to media files (#12997) + * Always return a list from GetCommitsFromIDs (#12981) + * Only set the user password if the password field would have been shown (#12980) + * Fix admin/config page (#12979) + * Changed width of commit signature avatar (#12961) + * Completely quote AppPath and CustomConf paths (#12955) + * Fix handling of migration errors (#12928) + * Fix anonymous GL migration (#12862) + * Fix git open close bug (#12834) + * Fix markdown meta parsing (#12817) + * Add default storage configurations (#12813) + * Show PR settings on empty repos (#12808) + * Disable watch and star if not signed in (#12807) + * Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804) + * Set opengraph attributes on org pages (#12803) + * Return error when creating gitlabdownloader failed (#12790) + * Add migration for password algorithm change (#12784) + * Compare SSH_DOMAIN when parsing submodule URLs (#12753) + * Fix editor.commit_empty_file_text locale string (#12744) + * Fix wrong poster message for code comment on Pull view (#11721) + * Escape failed highlighted files (#12685) + * Ensure that all migration requests are cancellable (#12669) + * Ensure RepoPath is lowercased in gitea serv (#12668) + * Do not disable commit changes button on repost (#12644) + * Dark theme for line numbers in blame view (#12632) + * Fix message when deleting last owner from an organization (#12628) + * Use shellquote to unpack arguments to gitea serv (#12624) + * Fix signing.wont_sign.%!s() if Require Signing commits but not signed in. (#12581) + * Set utf8mb4 as the default charset on MySQL if CHARSET is unset (#12563) + * Set context for running CreateArchive to that of the request (#12555) + * Prevent redirect back to /user/events (#12462) + * Re-attempt to delete temporary upload if the file is locked by another process (#12447) + * Mirror System Notice reports are too frequent (#12438) + * Do not show arrows on comment diffs on pull comment pages (#12434) + * Fix milestone links (#12405) + * Increase size of the language column in language_stat (#12396) + * Use transaction in V102 migration (#12395) + * Only use --exclude on name-rev with git >= 2.13 (#12347) + * Add action feed for new release (#12324) + * Set NoAutoTime when updating is_archived (#12266) + * Support Force-update in Mirror and improve Tracing in mirror (#12242) + * Avoid sending "0 new commits" webhooks (#12212) + * Fix U2F button icon (#12167) + * models/repo_sign.go: break out of loops (#12159) + * Ensure that git commit tree continues properly over the page (#12142) + * Rewrite GitGraph.js (#12137) + * Fix repo API listing stability (#12057) + * Add team support for review request (#12039) + * Fix 500 error on repos with no tags (#11870) + * Fix nil pointer in default issue mail template (#11862) + * Fix commit search in all branches (#11849) + * Don't consider tag refs as valid for branch name (#11847) + * Don't add same line code comment box twice (#11837) + * Fix visibility of forked public repos from private orgs (#11717) + * Fix chardet test and add ordering option (#11621) + * Fix number of files, total additions, and deletions on Diff pages (#11614) + * Properly handle and return empty string for dangling commits in GetBranchName (#11587) + * Include query in sign in redirect (#11579) + * Fix Enter not working in SimpleMDE (#11564) + * Fix bug about can't skip commits base on base branch (#11555) +* ENHANCEMENTS + * Only Return JSON for responses (#13511) (#13565) + * Use existing analyzer module for language detection for highlighting (#13522) (#13551) + * Return the full rejection message and errors in flash errors (#13221) (#13237) + * Remove PAM from auth dropdown when unavailable (#13276) (#13281) + * Add HostCertificate to sshd_config in Docker image (#13143) + * Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) + * Improve error feedback for duplicate deploy keys (#13112) + * Set appropriate `autocomplete` attributes on password fields (#13078) + * Adding visual cue for "Limited" & "Private" organizations. (#13040) + * Fix Pull Request merge buttons on mobile (#13035) + * Gitea serv, hooks, manager and the like should always display Fatals (#13032) + * CSS tweaks to warning/error segments and misc fixes (#13024) + * Fix formatting of branches ahead-behind on narrow windows (#12989) + * Add config option to make create-on-push repositories public by default (#12936) + * Disable migration items when mirror is selected (#12918) + * Add the checkbox quick button to the comment tool bar also (#12885) + * Support GH enterprise (#12863) + * Simplify CheckUnitUser logic (#12854) + * Fix background of signed-commits on arc-green of timeline commits (#12837) + * Move git update-server-info to hooks (#12826) + * Add ui style for "Open a blank issue" button (#12824) + * Use a simple format for the big number on ui (#12822) + * Make SVG size argument optional (#12814) + * Add placeholder text for bio profile text form (#12792) + * Set language via AJAX (#12785) + * Show git-pull-request icon for closed pull request (#12742) + * Migrate version parsing library to hashicorp/go-version (#12719) + * Only use async pre-empt hack if go < 1.15 (#12718) + * Inform user about meaning of an hourglass on reviews (#12713) + * Add a migrate service type switch page (#12697) + * Migrations: Gitlab Add Reactions Support for Issues & MergeRequests (#12695) + * Remove duplicate logic in initListSubmits (#12660) + * Set avatar image dimensions (#12654) + * Rename models.ProtectedBranchRepoID/PRID to models.EnvRepoID/PRID and ensure EnvPusherEmail is set (#12646) + * Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752) + * Add postgres schema to the search_path on database connection (#12634) + * Git migration UX improvements (#12619) + * Add link to home page on swagger ui (#12601) + * hCaptcha Support (#12594) + * OpenGraph: use repo avatar if exist (#12586) + * Reaction picker display improvements (#12576) + * Fix emoji replacements, make emoji images consistent (#12567) + * Increase clickable area on files table links (#12553) + * Set z-index for sticky diff box lower (#12537) + * Report error if API merge is not allowed (#12528) + * LFS support to be stored on minio (#12518) + * Show 2FA info on Admin Pannel: Users List (#12515) + * Milestone Issue/Pull List: Add octicons type (#12499) + * Make dashboard newsfeed list length a configurable item (#12469) + * Add placeholder text for send testing email button in admin/config (#12452) + * Add SVG favicon (#12437) + * In issue comments, put issue participants also in completion list when hitting @ (#12433) + * Collapse Swagger UI tags by default (#12428) + * Detect full references to issues and pulls in commit messages (#12399) + * Allow common redis and leveldb connections (#12385) + * Don't use legacy method to send Matrix Webhook (#12348) + * Remove padding/border-radius on image diffs (#12346) + * Render the git graph on the server (#12333) + * Fix clone panel in wiki position not always align right (#12326) + * Rework 'make generate-images' (#12316) + * Refactor webhook payload convertion (#12310) + * Move jquery-minicolors to npm/webpack (#12305) + * Support use nvarchar for all varchar columns when using mssql (#12269) + * Update Octicons to v10 (#12240) + * Disable search box autofocus (#12229) + * Replace code fold icons with octicons (#12222) + * Ensure syntax highlighting is the same inside diffs (#12205) + * Auto-init repo on license, .gitignore select (#12202) + * Default to showing closed Issues/PR list when there are only closed issues/PRs (#12200) + * Enable cloning via Git Wire Protocol v2 over HTTP (#12170) + * Direct SVG rendering (#12157) + * Improve arc-green code colors (#12111) + * Allow admin to merge pr with protected file changes (#12078) + * Show description on individual milestone view (#12055) + * Update the wiki repository remote origin while update the mirror repository's Clone From URL (#12053) + * Server-side syntax highlighting for all code (#12047) + * Use Fomantic's fluid padded for blame full width (#12023) + * Use custom SVGs for commit signing lock icon (#12017) + * Make tabs smaller (#12003) + * Fix sticky diff stats container (#12002) + * Move fomantic and jQuery to main webpack bundle (#11997) + * Use enry language type to detect special languages (#11974) + * Use only first line of commit when creating referenced comment (#11960) + * Rename custom/conf/app.ini.sample to custom/conf/app.example.ini for better syntax light on editor (#11926) + * Fix double divider on issue sidebar (#11919) + * Shorten markdown heading anchors links (#11903) + * Add org avatar on top of internal repo icon (#11895) + * Use label to describe repository type (#11891) + * Make repository size unclickable on repo summary bar (#11887) + * Rework blame template and styling (#11885) + * Fix icon alignment for show/hide outdated link on resolved conversation (#11881) + * Vertically align review icons on repository sidebar (#11880) + * Better align items using flex within review request box (#11879) + * Only write to global gitconfig if necessary (#11876) + * Disable all typographic replacements in markdown renderer (#11871) + * Improve label edit buttons labels (#11841) + * Use crispEdges rendering for octicon-internal-repo (#11801) + * Show update branch item in merge box when it's necessary (#11761) + * Add compare link to releases (#11752) + * Allow site admin to disable mirrors (#11740) + * Export monaco editor on window.codeEditors (#11739) + * Add configurable Trust Models (#11712) + * Show full GPG commit status on PR commit history (#11702) + * Fix align issues and decrease avatar size on PR timeline (#11689) + * Replace jquery-datetimepicker with native date input (#11684) + * Change Style of Tags on Comments (#11668) + * Fix missing styling for shabox on PR commit history (#11625) + * Apply padding to approval icons on PR list (#11622) + * Fix message wrapping on PR commit list (#11616) + * Right-align status icon on pull request commit history (#11594) + * Add missing padding for multi-commit list on PR view (#11593) + * Do not show avatar for "{{user}} added X commits" (#11591) + * Fix styling and padding for commit list on PR view (#11588) + * Style code review comment for arc-green (#11572) + * Use default commit message for wiki edits (#11550) + * Add internal-repo octicon for public repos of private org (#11529) + * Fix dropzone color on arc-green (#11514) + * Insert ui divider directly in templates instead of from inside heatmap vue component (#11508) + * Move tributejs to npm/webpack (#11497) + * Fix text-transform on wiki revisions page (#11486) + * Do not show lock icon on repo list for public repos in private org (#11445) + * Include LFS when calculating repo size (#11060) + * Add check for LDAP group membership (#10869) + * When starting new stopwatch stop previous if it is still running (#10533) + * Add queue for code indexer (#10332) + * Move all push update operations to a queue (#10133) + * Cache last commit when pushing for big repository (#10109) + * Change/remove a branch of an open issue (#9080) + * Sortable Tables Header By Click (#7980) +* TESTING + * Use community codecov drone plugin (#12468) + * Add more tests for diff highlighting (#12467) + * Don't put integration test data outside of test folder (#11746) + * Add debug option to hooks (#11624) + * Log slow tests (#11487) +* TRANSLATION + * Translate two small lables on commit statuse list (#12821) + * Make issues.force_push_codes message shorter (#11575) +* BUILD + * Bump min required golang to 1.13 (#12717) + * Add 'make watch' (#12636) + * Extract Swagger CSS to its own file (#12616) + * Update eslint config (#12609) + * Avoid unnecessary system-ui expansion (#12522) + * Make the default PID file compile-time settable (#12485) + * Add 'watch-backend' (#12330) + * Detect version of sed in Makefile (#12319) + * Update gitea-vet to v0.2.1 (#12282) + * Add logic to build stable and edge builds for gitea snap (#12052) + * Fix missing CGO_EXTRA_FLAGS build arg for docker (#11782) + * Alpine 3.12 (#11720) + * Enable stylelint's shorthand-property-no-redundant-values (#11436) +* DOCS + * Change default log configuration (#13088) + * Add automatic JS license generation (#11810) + * Remove page size limit comment from swagger (#11806) + * Narrow down Edge version in browser support docs (#11640) + +## [1.12.5](https://github.com/go-gitea/gitea/releases/tag/v1.12.5) - 2020-10-01 + +* BUGFIXES + * Allow U2F with default settings for gitea in subpath (#12990) (#13001) + * Prevent empty div when editing comment (#12404) (#12991) + * On mirror update also update address in DB (#12964) (#12967) + * Allow extended config on cron settings (#12939) (#12943) + * Open transaction when adding Avatar email-hash pairs to the DB (#12577) (#12940) + * Fix internal server error from ListUserOrgs API (#12910) (#12915) + * Update only the repository columns that need updating (#12900) (#12912) + * Fix panic when adding long comment (#12892) (#12894) + * Add size limit for content of comment on action ui (#12881) (#12890) + * Convert User expose ID each time (#12855) (#12883) + * Support slashes in release tags (#12864) (#12882) + * Add missing information to CreateRepo API endpoint (#12848) (#12867) + * On Migration respect old DefaultBranch (#12843) (#12858) + * Fix notifications page links (#12838) (#12853) + * Stop cloning unnecessarily on PR update (#12839) (#12852) + * Escape more things that are passed through str2html (#12622) (#12850) + * Remove double escape on labels addition in comments (#12809) (#12810) + * Fix "only mail on mention" bug (#12775) (#12789) + * Fix yet another bug with diff file names (#12771) (#12776) + * RepoInit Respect AlternateDefaultBranch (#12746) (#12751) + * Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750) +* ENHANCEMENTS + * gitea dump: include version & Check InstallLock (#12760) (#12762) + +## [1.12.4](https://github.com/go-gitea/gitea/releases/tag/v1.12.4) - 2020-09-02 + +* SECURITY + * Escape provider name in oauth2 provider redirect (#12648) (#12650) + * Escape Email on password reset page (#12610) (#12612) + * When reading expired sessions - expire them (#12686) (#12690) +* ENHANCEMENTS + * StaticRootPath configurable at compile time (#12371) (#12652) +* BUGFIXES + * Fix to show an issue that is related to a deleted issue (#12651) (#12692) + * Expire time acknowledged for cache (#12605) (#12611) + * Fix diff path unquoting (#12554) (#12575) + * Improve HTML escaping helper (#12562) + * models: break out of loop (#12386) (#12561) + * Default empty merger list to those with write permissions (#12535) (#12560) + * Skip SSPI authentication attempts for /api/internal (#12556) (#12559) + * Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550) + * Remove hardcoded ES indexername (#12521) (#12526) + * Fix bug preventing transfer to private organization (#12497) (#12501) + * Keys should not verify revoked email addresses (#12486) (#12495) + * Do not add prefix on http/https submodule links (#12477) (#12479) + * Fix ignored login on compare (#12476) (#12478) + * Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422) + * Upgrade google/go-github to v32.1.0 (#12361) (#12390) + * Render emoji's of Commit message on feed-page (#12373) + * Fix handling of diff on unrelated branches when Git 2.28 used (#12370) + +## [1.12.3](https://github.com/go-gitea/gitea/releases/tag/v1.12.3) - 2020-07-28 + +* BUGFIXES + * Don't change creation date when updating Release (#12343) (#12351) + * Show 404 page when release not found (#12328) (#12332) + * Fix emoji detection in certain cases (#12320) (#12327) + * Reduce emoji size (#12317) (#12327) + * Fix double-indirection bug in logging IDs (#12294) (#12308) + * Link to pull list page on sidebar when view pr (#12256) (#12263) + * Extend Notifications API and return pinned notifications by default (#12164) (#12232) + +## [1.12.2](https://github.com/go-gitea/gitea/releases/tag/v1.12.2) - 2020-07-11 + +* BUGFIXES + * When deleting repository decrese user repository count in cache (#11954) (#12188) + * Return full commit message instead of summary in commits API (#12186) (#12187) + * Properly set HEAD when a repo is created with a default branch that is not named 'master' (#12135) (#12182) + * Ensure GPG Subkeys are verified (#12155) (#12168) + * Fix failing to cache last commit with key being to long (#12151) (#12161) + * Multiple small admin dashboard fixes (#12153) (#12156) + * Remove spurious logging of " Delete all repository archives" at startup (#12139) (#12148) + * Fix repository setup instructions when default branch is not named 'master' (#12122) (#12147) + * Move EventSource to SharedWorker (#12095) (#12130) + * Fix ui bug in wiki commit page (#12089) (#12125) + * Fix gitgraph branch continues after merge (#12044) (#12105) + * Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104) + * Ensure BlameReaders close at end of request (#12102) (#12103) + * Fix panic when adding review comment (#12058) +* ENHANCEMENTS + * Disable dropzone's timeout for file uploads (#12024) (#12032) + +## [1.12.1](https://github.com/go-gitea/gitea/releases/tag/v1.12.1) - 2020-06-21 + +* BUGFIXES + * Handle multiple merges in gitgraph.js (#11996) (#12000) + * Add serviceworker.js to KnownPublicEntries (#11992) (#11994) + * For language detection do not try to analyze big files by content (#11971) (#11975) +* ENHANCEMENTS + * Fix scrollable header on dropdowns (#11893) (#11965) + +## [1.11.8](https://github.com/go-gitea/gitea/releases/tag/v1.11.8) - 2020-06-21 + +* BUGFIXES + * Really fix __webpack_public_path__ for 1.11 (#11961) + +## [1.12.0](https://github.com/go-gitea/gitea/releases/tag/v1.12.0) - 2020-06-17 + +* BREAKING + * When using API CreateRelease set created_unix to the tag commit time (#11218) + * Enable ENABLE_HARD_LINE_BREAK by default for rendering markdown (#11162) + * Fix sanitizer config - multiple rules (#11133) + * Remove check on username when using AccessToken authentication for the API (#11015) + * Return 404 from Contents API when items don't exist (#10323) + * Notification API should always return a JSON object with the current count of notifications (#10059) + * Remove migration support from versions earlier than 1.6.0 (#10026) +* SECURITY + * Use -1 to disable key algorithm type in ssh.minimum_key_sizes (#11635) (#11662) +* FEATURES + * Improve config logging when WrappedQueue times out (#11174) + * Add branch delete to API (#11112) + * Use markdown frontmatter to provide Table of contents, language and frontmatter rendering (#11047) + * Add a way to mark Conversation (code comment) resolved (#11037) + * Handle yaml frontmatter in markdown (#11016) + * Cache PullRequest Divergence (#10914) + * Make `gitea admin auth list` formatting configurable (#10844) + * Add Matrix webhook (#10831) + * Add Organization Wide Labels (#10814) + * Allow to set protected file patterns for files that can not be changed under no conditions (#10806) + * Option to set default branch at repository creation (#10803) + * Add request review from specific reviewers feature in pull request (#10756) + * Add NextCloud oauth (#10562) + * System-wide webhooks (#10546) + * Relax sanitization as per https://github.com/jch/html-pipeline (#10527) + * Use media links for img in post-process (#10515) + * Add API endpoints to manage OAuth2 Application (list/create/delete) (#10437) + * Render READMEs in docs/ .gitea or .github from root (#10361) + * Add feishu webhook support (#10229) + * Cache last commit to accelerate the repository directory page visit (#10069) + * Implement basic app.ini and path checks to doctor cmd (#10064) + * Make WorkerPools and Queues flushable (#10001) + * Implement "embedded" command to extract static resources (#9982) + * Add API endpoint for repo transfer (#9947) + * Make archive prefixing configurable with a global setting (#9943) + * Add Unique Queue infrastructure and move TestPullRequests to this (#9856) + * Issue/PR Context Popups (#9822) + * Add "Update Branch" button to Pull Requests (#9784) + * Add require signed commit for protected branch (#9708) + * Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) + * Add API notification endpoints (#9488) + * Issue search support elasticsearch (#9428) + * Add API branch protection endpoint (#9311) + * Add a new command doctor to check if some wrong configurations on gitea instance (#9095) + * Add support for migrating from Gitlab (#9084) + * Add support for database schema in PostgreSQL (#8819) + * Add setting to set default and global disabled repository units. (#8788) + * Language statistics bar for repositories (#8037) + * Restricted users (#6274) +* BUGFIXES + * Fix commenting on non-utf8 encoded files (#11916) (#11950) + * Use google/uuid to instead satori/go.uuid (#11943) (#11946) + * Align show/hide outdated button on code review block (#11932) (#11944) + * Update to go-git v5.1.0 (#11936) (#11941) + * Use ID or Where to instead directly use Get when load object from database (#11925) (#11934) + * Update CommitsAhead CommitsBehind on Pull BaseBranch Change too (#11912) (#11915) + * Invalidate comments when file is shortened (#11882) (#11884) + * Rework api/user/repos for pagination (#11827) (#11877) + * Handle more pathological branch and tag names (#11843) (#11863) + * Add doctor check to set IsArchived false if it is null (partial #11853) (#11859) + * Prevent panic on empty HOST for mysql (#11850) (#11856) + * Use DEFAULT_PAGING_NUM instead of MAX_RESPONSE_ITEMS in ListOptions (#11831) (#11836) + * Fix reply octicon (#11821) (#11822) + * Honor DEFAULT_PAGING_NUM for API (#11805) (#11813) + * Ensure rejected push to refs/pull/index/head fails nicely (#11724) (#11809) + * In File Create/Update API return 404 if Branch does not exist (#11791) (#11795) + * Fix doer of rename repo (#11789) (#11794) + * Initialize SimpleMDE when making a code comment (#11749) (#11785) + * Fix timezone on issue deadline (#11697) (#11784) + * Fix to allow comment poster to edit or delete his own comments (#11671) (#11774) + * Show full 500 error in API when Gitea in dev mode (#11641) (#11753) + * Add missing templates for Matrix system webhooks (#11729) (#11748) + * Fix verification of subkeys of default gpg key (#11713) (#11747) + * Fix styling for commiter on diff view (#11715) (#11744) + * Properly truncate system notices (#11714) (#11742) + * Handle expected errors in FileCreate & FileUpdate API (#11643) (#11718) + * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11682) + * Doctor check & fix db consistency (#11111) (#11676) + * Exclude generated files from language statistics (#11653) (#11670) + * Return json on 500 error from API (#11574) (#11659) + * When must change password only show Signout (#11600) (#11637) + * Backport various styling fixes (#11619) + * Fix wrong milestone in webhook message (#11596) (#11611) + * Fix serviceworker output file and misc improvements (#11562) (#11610) + * When initialising repositories ensure that the user doing the creation is the initializer (#11601) (#11608) + * Prevent empty query parameter being set on dashboard (#11561) (#11604) + * Fix images in wiki edit preview (#11546) (#11602) + * Prevent (caught) panic on login (#11590) (#11597) + * Prevent transferring repos to invisible orgs (#11517) (#11549) + * Move serviceworker to workbox and fix SSE interference (#11538) (#11547) + * API PullReviewComment HTMLPullURL should return the HTMLURL (#11501) (#11533) + * Fix repo-list private and total count bugs (#11500) (#11532) + * Fix form action template substitutions on admin pages (backport #11519) (#11531) + * Fix a bug where the reaction emoji doesn't disappear. (#11489) (#11530) + * TrimSpace when reading InternalToken from a file (#11502) (#11524) + * Fix selected line color in arc-green (#11492) (#11520) + * Make localstorage read ssh or https correctly (#11483) (#11490) + * Check branch protection on IsUserAllowedToUpdate (#11448) + * Fix margin on attached segment headers when they are separated by other element (#11425) + * Fix webhook template when validation errors occur (#11421) + * Fix NPE in template due to missing signing key on commit page (#11392) + * Restore active background to Register button on Register page (#11390) + * Fix hook failure due to relative LFS_CONTENT_PATH (#11362) + * Correctly set the organization num repos (#11339) + * Prevent 500 with badly formed task list (#11328) + * Allow compare page to look up base, head, own-fork, forkbase-of-head (#11327) + * Handle panics that percolate up to the graceful module (#11291) + * Don't allow registration via the web form, when AllowOnlyExternalRegistration is True (#11248) + * Patch fomantic-ui to workaround build issue (#11244) + * Prevent panic during wrappedConn close at hammertime (#11219) + * On logout force redirect to start page (#11202) + * Fix creation of Organization repos by Users with max created personal repos (#11183) + * Add option to increase provided OAuth2 token maximum size (#11180) + * Log the indexer path on failure (#11172) + * Ensure that relative paths in edit preview work (#11143) + * Make API EditIssue and EditPullRequest issue notifications (#11123) + * Send 404 immediately for known public requests (#11117) + * Remove nil inserts in models (#11096) + * Add GetReviews() to RetryDownloader (#11093) + * Remove nonexistent serviceworker entries (#11091) + * Simplify and fix GetApprovalCounts (#11086) + * Fix wiki revision template and simplify some tmpl conditions (#11080) + * Make branch parameter optional for /api/v1/repos/{owner}/{repo}/contents/{filepath} (#11067) + * Align review-item svg octicons (#11065) + * Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997) + * Users should not be able to prohibit their own login (#10970) + * Fix scrollbar issues in dropdowns (#10897) + * Change the order of issues.closed_by to list opening user first (#10876) + * Allow site admin to check /api/v1/orgs endpoints (#10867) + * Avoid logging []byte in queue failures - convert to string first (#10865) + * Use ErrKeyUnableToVerify if fail to calc fingerprint in ssh-keygen (#10863) + * Fix assignees double load bug (#10856) + * Handle push rejection in branch and upload (#10854) + * In authorized_keys use double-quote for windows compatibility (#10841) + * Fix milestone template (#10824) + * log.Fatal on failure to listen to SSH port (#10795) + * Fix forked repo has no icon and language stat. (#10791) + * Fix tag/release deletion (#10663) + * Fix webhook migration (#10641) + * Migration for deleting orphaned dependencies (#10617) + * Add migration to fix the old broken merge-bases (#10604) + * Update templates for Go 1.14 (#10596) + * Remove unnecessary parentheses in wiki/view template (#10583) + * Change default value of DefaultCommandExecutionTimeout to match docs (#10581) + * Handle panic in indexer initialisation better (#10534) + * Set correct content_type value for Gogs/Gitea webhooks (#9504) (#10456) + * Fixed wrong AppSubUrl in multiple templates (#10447) + * Fix profile page CSS (#10406) + * Inject SVG sprite via ajax (#10320) + * Fix migration information update bug when linked github account (#10310) + * Allow admin to check org membership by API for other users (#10201) + * Fix topics dropdown (#10167) + * Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134) + * Fix IsErrPullClosed (#10093) + * Accept punctuation after simple+cross repository issue references (#10091) + * On merge of already closed PR redirect back to the pulls page (#10010) + * Fix crowdin update script (#9969) + * Fix pull view when head repository or head branch missed and close related pull requests when delete head repository or head branch (#9927) + * Add option to prevent LDAP from deactivating everything on empty search (#9879) + * Fix admin handling at merge of PR (#9749) + * err_admin_name_pattern_not_allowed String Clarification (#9731) + * Fix wrong original git service type on a migrated repository (#9693) + * Fix ref links in issue overviews for tags (#8742) +* ENHANCEMENTS + * Fix search form button overlap (#11840) (#11864) + * Make tabular menu styling consistent for arc-green (#11570) (#11798) + * Add option to API to update PullRequest base branch (#11666) (#11796) + * Increase maximum SQLite variables count to 32766 (#11696) (#11783) + * Update emoji dataset with skin tone variants (#11678) (#11763) + * Add logging to long migrations (#11647) (#11691) + * Change language statistics to save size instead of percentage (#11681) (#11690) + * Allow different HardBreaks settings for documents and comments (#11515) (#11599) + * Fix alignment for commits on dashboard (#11595) (#11680) + * Default MSSQL port 0 to allow automatic detection by default (#11642) (#11673) + * Handle expected errors in AddGPGkey API (#11644) (#11661) + * Close EventSource before unloading the page (#11539) (#11557) + * Ensure emoji render with regular font-weight (#11541) (#11545) + * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11542) + * Tweak reaction buttons (#11516) + * Use more toned colors for selected line (#11493) (#11511) + * Increase width for authors on commit view (#11441) + * Hide archived repos by default in repo-list (#11440) + * Better styling for code review comment textarea (#11428) + * Support view individual commit for wiki pages (#11415) + * Fix yellow background on active elements in code review (#11414) + * Better styling for code review comment form (#11413) + * Change install description on homepage (#11395) + * Ensure search action button is coalesced to adjacent input (#11385) + * Switch code editor to Monaco (#11366) + * Add paging and archive/private repository filtering to dashboard list (#11321) + * Changed image of openid-connect logo for better look on arc-green theme (#11312) + * Load Repo Topics on blame view too (#11307) + * Change the style in admin notice content view from `

` to `

` (#11301)
+  * Allow log.xxx.default to set logging settings for the default logger only (#11292)
+  * Automatically attempt auto recovery of broken disk queues (Update lunny/levelqueue to 0.3.0) (#11285)
+  * Make sendmail a Process and have default timeout (#11256)
+  * Check value of skip-repository flag in dump command (#11254)
+  * Fix submit review form (#11252)
+  * Allow unauthenticated users to compare (#11240)
+  * Add EventSource support (#11235)
+  * Refactor Milestone related (#11225)
+  * Add pull review API endpoints (#11224)
+  * Add a 'this' to issue close/reopened messages (#11204)
+  * When migrating from Gitlab map Approvals to approving Reviews (#11147)
+  * Improve representation of attachments in issues (#11141)
+  * Protect default branch against deletion (#11115)
+  * Add X-Total-Count on /repos/{owner]/{repo}/pulls API endpoint (#11113)
+  * Fix status label on branches list vertical alignment (#11109)
+  * Add single release page and latest redirect (#11102)
+  * Add missing commit states to PR checks template (#11085)
+  * Change icon on title for merged PR to git-merge (#11064)
+  * Add MergePull comment type instead of close for merge PR (#11058)
+  * Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055)
+  * Consolidate author name across timeline (#11053)
+  * Refactor UpdateOAuth2Application (#11034)
+  * Support unicode emojis and remove emojify.js (#11032)
+  * Add git hook "warning" to admin panel (#11030)
+  * Add flash notify for email preference setting success (#11027)
+  * Remove package code.gitea.io/gitea/modules/git import out of models (#11025)
+  * Match arc-green code tag color to code blocks (#11023)
+  * Move syntax highlighting to web worker (#11017)
+  * Prevent merge of outdated PRs on protected branches (#11012)
+  * Add Get/Update for api/v1/user/applications/oauth2 (#11008)
+  * Upgrade to most recent bluemonday (#11007)
+  * Tweak code tags in markdown (#11000)
+  * Reject duplicate AccessToken names (#10994)
+  * Fix Ctrl-Enter shortcut for issues (#10986)
+  * Provide `OwnerName` field for README template (#10981)
+  * Prettify Timeline (#10972)
+  * Add issue subscription check to API (#10967)
+  * Use AJAX for notifications table (#10961)
+  * Adjust label padding (#10957)
+  * Avoiding directory execution on hook (#10954) (#10955)
+  * Migrate ActivityHeatmap to Vue SFC (#10953)
+  * Change merge strategy: do not check write access if user in merge white list (#10951)
+  * Enable GO111MODULE=on globally in Makefile (#10939)
+  * API endpoint to get single commit via SHA and Ref (#10915)
+  * Add accordion to release list and hide non-latest (#10910)
+  * Split dashboard elements into separate template files (#10885)
+  * Add more message on sidebar menus (#10872)
+  * Set MySQL rowtype to dynamic for new tables (#10833)
+  * Completely fix task-list checkbox styling (#10798)
+  * Hide gear icon for user who can't use them on sidebar (#10750)
+  * Refactor Cron and merge dashboard tasks (#10745)
+  * Change review status icons on pr view style to github style (#10737)
+  * Make pagination optional for API list notification endpoints (#10714)
+  * Fix tab indentation in code view (#10671)
+  * Fix task-list checkbox styling (#10668)
+  * Multiple LFS improvements (#10667)
+  * Make PR message on pushes configurable (#10664)
+  * Move dropzone.js to npm/webpack (#10645)
+  * Ensure Update button is enabled even when CI has failed (#10640)
+  * Add restricted user filter to LDAP authentication (#10600)
+  * Add Yandex OAuth2 provider (#8335) (#10564)
+  * Make avatar lookup occur at image request (#10540)
+  * Prevent accidential selection of language stats bar (#10537)
+  * Add fluid-icon (#10491)
+  * Inform participants on UI too (#10473)
+  * Build with go 1.14 (and raise minimum go version to 1.12) (#10467)
+  * Add max-file-size to LFS (#10463)
+  * Enable paggination for ListRepoTags API (#10454)
+  * Update JS dependencies (#10450)
+  * Show the username as a fallback on feeds if full name is blank (#10438)
+  * Various dark theme fixes (#10416)
+  * Display pull request head branch even the branch deleted or repository deleted (#10413)
+  * Prevent Firefox from using apple-touch-icon (#10402)
+  * Fix input[type=file] on dark theme (#10382)
+  * Improve mobile review-box sizing (#10297)
+  * Notification: queue ui.go notification-service (#10281)
+  * Add detected file language to code search (#10256)
+  * Index code and stats only for non-empty repositories (#10251)
+  * Add Approval Counts to pulls list (#10238)
+  * Limit label list height on edit issue page (#10216)
+  * Improve 404 error message (#10214)
+  * Tweak locale to respect singular conflicting file message in PR list (#10177)
+  * Fix commit view (#10169)
+  * Reorganize frontend files and tooling (#10168)
+  * Allow emoji on popup label (#10166)
+  * ListIssues add filter for milestones API (#10148)
+  * Show if a PR has conflicting files on the PR lists (#10130)
+  * Fix inconsistent label color format in API (#10129)
+  * Show download count info in release list (#10124)
+  * Add Octicon SVG spritemap (#10107)
+  * Update aria-fixed semantic-dropdown to fomantic master (#10096)
+  * Fix apple-touch-icon, regenerate images (#10065)(#10006)
+  * Style blockquote for default issue mail template (#10024)
+  * More expansions in template repositories (#10021)
+  * Allow list collaborators for users with Read access to repo (#9995)
+  * Add explicit dimensions to navbar avatar (#9986)
+  * Remove loadCSS and preload woff2 icon fonts (#9976)
+  * Fix commit view JS features, reimplement folding (#9968)
+  * Fix review avatar image (#9962)
+  * Improve notification pager (#9821)
+  * Move jquery and jquery-migrate to npm/webpack (#9813)
+  * Change font to Roboto to support more charsets (#9803)
+  * Move mailer to use a queue (#9789)
+  * Issue search on my related repositories (#9758)
+  * Add "before" query to ListIssueComments and ListRepoIssueComments API (#9685)
+  * Move tracked time api convert to convert package (#9665)
+  * Improve PR info in default merge message (#9635)
+  * Granular webhook events (#9626)
+  * Add Reviewed-on in commit message (#9623)
+  * Add top author stats to activity page (#9615)
+  * Allow repo admin to merge PR regardless of review status (#9611)
+  * Migrate reactions when migrating repository from github (#9599)
+  * API orgEditTeam make Fields optional (#9556)
+  * Move create/fork repository from models to modules/repository (#9489)
+  * Migrate reviews when migrating repository from github (#9463)
+  * Times API add filters (#9373)
+  * Move push commits from models to modules/repository (#9370)
+  * Add API endpoint to check notifications [Extend #9488] (#9595)
+  * Add GET /orgs API endpoint (#9560)
+  * API add/generalize pagination (#9452)
+  * Make create org repo API call same as github (#9186)
+* BUILD
+  * Turn off go modules for xgo and gxz (#10963)
+  * Add gitea-vet (#10948)
+  * Rename scripts to build and add revive command as a new build tool command (#10942)
+  * Add 'make lint', restructure 'compliance' pipeline (#10861)
+  * Move JS build dependencies to 'dependencies' (#10763)
+  * Use whitelist to find go files, run find only once (#10594)
+  * Move vue and vue-calendar-heatmap to npm/webpack (#10188)
+  * Move jquery.are-you-sure to npm/webpack (#10063)
+  * Move highlight.js to npm/webpack (#10011)
+  * Generate Bindata if TAGS="bindata" and not up-to-date (#10004)
+  * Move CSS build to webpack (#9983)
+  * Move fomantic target, update 'make help' (#9945)
+  * Add css extraction and minification to webpack (#9944)
+  * Misc webpack tweaks (#9924)
+  * Make node_modules a order-only prerequisite (#9923)
+  * Update documentation for the go module era (#9751)
+  * Move swagger-ui to webpack/npm and update it to 3.24.3 (#9714)
+  * Use npm to manage fomantic and only build needed components (#9561)
+* MISC
+  * Add gnupg to Dockerfile (#11365)
+  * Update snapcraft.yaml for core18 and latest features (#11300)
+  * Update JS dependencies, min Node.js version 10.13 (#11246)
+  * Change default charset for MySQL on install to utf8mb4 (#10989)
+  * Return issue subscription status from API subscribe (#10966)
+  * Fix queue log param (#10733)
+  * Add warning when using relative path to app.ini (#10104)
+
+## [1.11.7](https://github.com/go-gitea/gitea/releases/tag/v1.11.7) - 2020-06-18
+
+* BUGFIXES
+  * Use ID or Where to instead directly use Get when load object from database (#11925) (#11935)
+  * Fix __webpack_public_path__ for 1.11 (#11907)
+  * Fix verification of subkeys of default gpg key (#11713) (#11902)
+  * Remove unnecessary parentheses in wiki/view template (#11781)
+  * Doctor fix xorm.Count nil on sqlite error (#11741)
+
+## [1.11.6](https://github.com/go-gitea/gitea/releases/tag/v1.11.6) - 2020-05-30
+
+* SECURITY
+  * Fix missing authorization check on pull for public repos of private/limited org (#11656) (#11683)
+  * Use session for retrieving org teams (#11438) (#11439)
+* BUGFIXES
+  * Return json on 500 error from API (#11574) (#11660)
+  * Fix wrong milestone in webhook message (#11596) (#11612)
+  * Prevent (caught) panic on login (#11590) (#11598)
+  * Fix commit page js error (#11527)
+  * Use media links for img in post-process (#10515) (#11504)
+  * Ensure public repositories in private organizations are visible and fix admin organizations list (#11465) (#11475)
+  * Set correct Content-Type value for Gogs/Gitea webhooks (#9504) (#10456) (#11461)
+  * Allow all members of private orgs to see public repos (#11442) (#11459)
+  * Whenever the ctx.Session is updated, release it to save it before sending the redirect (#11456) (#11457)
+  * Forcibly clean and destroy the session on logout (#11447) (#11451)
+  * Fix /api/v1/orgs/* endpoints by changing parameter to :org from :orgname (#11381)
+  * Add tracked time fix to doctor (part of #11111) (#11138)
+  * Fix webpack chunk loading with STATIC_URL_PREFIX (#11526) (#11544)
+  * Remove unnecessary parentheses in wiki/revision.tmpl to allow 1.11 to build on go1.14  (#11481)
+
+## [1.11.5](https://github.com/go-gitea/gitea/releases/tag/v1.11.5) - 2020-05-09
+
+* BUGFIXES
+  * Prevent timer leaks in Workerpool and others (#11333) (#11340)
+  * Fix tracked time issues (#11349) (#11354)
+  * Add NotifySyncPushCommits to indexer notifier (#11309) (#11338)
+  * Allow X in addition to x in tasks (#10979) (#11335)
+  * When delete tracked time through the API return 404 not 500 (#11319) (#11326)
+  * Prevent duplicate records in organizations list when creating a repository (#11303) (#11325)
+  * Manage port in submodule refurl (#11305) (#11323)
+  * api.Context.NotFound(...) should tolerate nil (#11288) (#11306)
+  * Show pull request selection even when unrelated branches (#11239) (#11283)
+  * Repo: milestone: make /milestone/:id endpoint accessible (#11264) (#11282)
+  * Fix GetContents(): Dont't ignore Executables (#11192) (#11209)
+  * Fix submodule paths when AppSubUrl is not root (#11098) (#11176)
+  * Prevent clones and pushes to disabled wiki (#11131) (#11134)
+  * Remove errant third closing curly-bracket from account.tmpl and send account ID in account.tmpl (#11130)
+  * On Repo Deletion: Delete related TrackedTimes too (#11110) (#11125)
+  * Refresh codemirror on show pull comment tab (#11100) (#11122)
+  * Fix merge dialog on protected branch with missing required statuses (#11074) (#11084)
+  * Load pr Issue Poster on API too (#11033) (#11039)
+  * Fix release counter on API repository info (#10968) (#10996)
+  * Generate Diff and Patch direct from Pull head (#10936) (#10938)
+  * Fix rebase conflict detection in git 2.26 (#10929) (#10930)
+* ENHANCEMENT
+  * Fix 404 and 500 image size in small size screen (#11043) (#11049)
+  * Multiple Gitea Doctor improvements (#10943) (#10990) (#10064) (#9095) (#10991)
+
+## [1.11.4](https://github.com/go-gitea/gitea/releases/tag/v1.11.4) - 2020-04-01
+
+* BUGFIXES
+  * Only update merge_base if not already merged (#10909)
+  * Fix milestones too many SQL variables bug (#10880) (#10904)
+  * Protect against NPEs in notifications list (#10879) (#10883)
+  * Convert plumbing.ErrObjectNotFound to git.ErrNotExist in getCommit (#10862) (#10868)
+  * Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in GetRefCommitID (#10676) (#10797)
+  * Account for empty lines in receive-hook message (#10773) (#10784)
+  * Fix bug on branch API (#10767) (#10775)
+  * Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
+  * Fix hiding of fields in authorization source page (#10734) (#10752)
+  * Prevent default for linkAction (#10742) (#10743)
+
+## [1.11.3](https://github.com/go-gitea/gitea/releases/tag/v1.11.3) - 2020-03-10
+
+* BUGFIXES
+  * Prevent panic in stopwatch (#10670) (#10673)
+  * Fix bug on pull view when required status check no ci result (#10648) (#10651)
+  * Build explicitly with Go 1.13 (#10684)
+
+## [1.11.2](https://github.com/go-gitea/gitea/releases/tag/v1.11.2) - 2020-03-06
+
+* BREAKING
+  * Various fixes in login sources (#10428) (#10429)
+* SECURITY
+  * Ensure only own addresses are updated (#10397) (#10399)
+  * Logout POST action (#10582) (#10585)
+  * Org action fixes and form cleanup (#10512) (#10514)
+  * Change action GETs to POST (#10462) (#10464)
+  * Fix admin notices (#10480) (#10483)
+  * Change admin dashboard to POST (#10465) (#10466)
+  * Update markbates/goth (#10444) (#10445)
+  * Update crypto vendors (#10385) (#10398)
+* BUGFIXES
+  * Allow users with write permissions to modify issue descriptions and comments. (#10623) (#10626)
+  * Handle deleted base branch in PR (#10618) (#10619)
+  * Delete dependencies when deleting a repository (#10608) (#10616)
+  * Ensure executable bit is kept on the web editor (#10607) (#10614)
+  * Update mergebase in pr checker (#10586) (#10605)
+  * Fix release attachments being deleted while upgrading (#10572) (#10573)
+  * Fix redirection path if Slack webhook channel is invalid (#10566)
+  * Fix head.tmpl og:image picture location (#10531) (#10556)
+  * Fix 404 after activating secondary email (#10547) (#10553)
+  * Show Signer in commit lists and add basic trust (#10425 & #10511) (#10524)
+  * Fix potential bugs (#10513) (#10518)
+  * Use \[:space:\] instead of \\s (#10508) (#10509)
+  * Avoid mailing users that have explicitly unwatched an issue (#10475) (#10500)
+  * Handle push rejection message in Merge & Web Editor (#10373) (#10497)
+  * Fix SQLite concurrency problems by using BEGIN IMMEDIATE (#10368) (#10493)
+  * Fix double PR notification from API (#10482) (#10486)
+  * Show the username as a fallback on feeds if full name is blank (#10461)
+  * Trigger webhooks on issue label-change via API too (#10421) (#10439)
+  * Fix git reference type in webhooks (#10427) (#10432)
+  * Prevent panic on merge to PR (#10403) (#10408)
+  * Fix wrong num closed issues on repository when close issue via commit… (#10364) (#10380)
+  * Reading pull attachments should depend on read UnitTypePullRequests (#10346) (#10354)
+  * Set max-width on review-box comment box (#10348) (#10353)
+  * Prevent nil pointer in GetPullRequestCommitStatusState (#10342) (#10344)
+  * Fix protected branch status check settings (#10341) (#10343)
+  * Truncate long commit message header (#10301) (#10319)
+  * Set the initial commit status to Success otherwise it will always be Pending (#10317) (#10318)
+  * Don't manually replace whitespace during render (#10291) (#10315)
+* ENHANCEMENT
+  * Admin page for managing user e-mail activation (#10557) (#10579)
+
+## [1.11.1](https://github.com/go-gitea/gitea/releases/tag/v1.11.1) - 2020-02-15
+
+* BUGFIXES
+  * Repo name added to automatically generated commit message when merging (#9997) (#10285)
+  * Fix Workerpool deadlock (#10283) (#10284)
+  * Divide GetIssueStats query in smaller chunks (#10176) (#10282)
+  * Fix reply on code review (#10257)
+  * Stop hanging issue indexer initialisation from preventing shutdown (#10243) (#10249)
+  * Fix filter label emoji width (#10241) (#10244)
+  * Fix issue sidebar menus having an infinite height (#10239) (#10240)
+  * Fix commit between two commits calculation if there is only last commit (#10225) (#10226)
+  * Only check for conflicts/merging if the PR has not been merged in the interim (#10132) (#10206)
+  * Blacklist manifest.json & milestones user (#10292) (#10293)
+
+## [1.11.0](https://github.com/go-gitea/gitea/releases/tag/v1.11.0) - 2020-02-10
+
+* BREAKING
+  * Fix followers and following tabs in profile (#10202) (#10203)
+  * Make CertFile and KeyFile relative to CustomPath (#9868) (#9874)
+  * Remove unused endpoints (#9538)
+  * Prefix all user-generated IDs in markup (#9477)
+  * Enforce Gitea environment for pushes (#8982)
+  * Hide some user information via API if user have not enough permissions (#8655)
+  * Move startpage/homepage translation to crowdin (#8596)
+* SECURITY
+  * Never allow an empty password to validate (#9682) (#9683)
+  * Prevent redirect to Host (#9678) (#9679)
+  * Swagger hide search field (#9554)
+  * Add "search" to reserved usernames (#9063)
+  * Switch to fomantic-ui (#9374)
+  * Only serve attachments when linked to issue/release and if accessible by user (#9340)
+* FEATURES
+  * Webhooks should only show sender if it makes sense (#9601)
+  * Provide Default messages for merges (#9393)
+  * Add description to labels on create issue (#9392)
+  * Graceful Queues: Issue Indexing and Tasks (#9363)
+  * Default NO_REPLY_ADDRESS to DOMAIN (#9325)
+  * Allow FCGI over unix sockets (#9298)
+  * Graceful: Xorm, RepoIndexer, Cron and Others (#9282)
+  * Add API for Reactions (#9220)
+  * Graceful: Cancel Process on monitor pages & HammerTime (#9213)
+  * Graceful: Allow graceful restart for unix sockets (#9113)
+  * Graceful: Allow graceful restart for fcgi (#9112)
+  * Sign protected branches (#8993)
+  * Add Graceful shutdown for Windows and hooks for shutdown of goroutines (#8964)
+  * Add Gitea icon to Emojis (#8950)
+  * Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924)
+  * Allow Custom Reactions (#8886)
+  * Close/reopen issues by keywords in titles and comments (#8866)
+  * Allow incompletely specified Time Formats (#8816)
+  * Prevent upload (overwrite) of lfs locked file (#8769)
+  * Template Repositories (#8768)
+  * Add /milestones endpoint (#8733)
+  * Make repository management section handle lfs locks (#8726)
+  * Respect LFS File Lock on UI (#8719)
+  * Add team option to grant rights for all organization repositories (#8688)
+  * Enabling and disabling the commit button to prevent empty commits (web editor) (#8590)
+  * Add setting to disable BASIC authentication (#8586)
+  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528)
+  * Allow Protected Branches to Whitelist Deploy Keys (#8483)
+  * Push to create repo (#8419)
+  * Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
+  * Add basic repository lfs management (#7199)
+* BUGFIXES
+  * Fix code-expansion arc-green theme bug (#10180) (#10185)
+  * Prevent double wait-group decrement (#10170) (#10175)
+  * Allow emoji on review head comments (#10159) (#10174)
+  * Fix issue/pull link (#10158) (#10173)
+  * Fix push-create SSH bugs (#10145) (#10151)
+  * Prevent DeleteUser API abuse (#10125) (#10128)
+  * Fix issues/pulls dashboard paging error (#10114) (#10115)
+  * Add button to revert SimpleMDE to plain textarea (#10099) (#10102)
+  * Fix branch page pull request title and link error (#10092) (#10097)
+  * Fix PR API: Only try to get HeadBranch if HeadRepo exist (#10029) (#10088)
+  * Update topics repo count when deleting repository (#10051) (#10081)
+  * Show pull icon on pull requests (#10061) (#10062)
+  * Fix milestone API state parameter unhandled (#10049) (#10052)
+  * Move to using a temporary repo for pushing new PRs (#10009) (#10042)
+  * Fix wiki raw view on sub path (#10002) (#10040)
+  * Ensure that feeds are appropriately restricted (#10018) (#10019)
+  * Sanitize credentials in mirror form (#9975) (#9991)
+  * Close related pull requests when deleting head repository or head branch (#9927) (#9974)
+  * Switch to use -f instead of -F for sendmail (#9961) (#9970)
+  * Fix file rename/copy not supported by indexer (#9965) (#9967)
+  * Fix repo indexer not updating upon push (#9957) (#9963)
+  * Don't convert ellipsis in markdown (#9905) (#9937)
+  * Fixed repo link in generated comment for cross repository dependency (#9863) (#9935)
+  * Check if diff actually contains sections when rendering (#9926) (#9933)
+  * Fix wrong hint when status checking is running on pull request view (#9886) (#9928)
+  * Fix RocketChat (#9908) (#9921)
+  * Do not try to recreate ldap user if they are already created (#9900) (#9919)
+  * Create terminated channel in queue_redis (#9910) (#9911)
+  * Prevent empty LDAP search result from deactivating all users (#9879) (#9896)
+  * Fix wrong permissions check when issues/prs shared operations (#9885) (#9889)
+  * Check user != nil before checking values (#9881) (#9883)
+  * Allow hyphen in language name (#9873) (#9880)
+  * Ensure that 2fa is checked on reset-password (#9857) (#9876)
+  * Fix issues/pulls dependencies problems (#9842) (#9864)
+  * Fix markdown anchor links (#9673) (#9840)
+  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9837)
+  * Fix download file wrong content-type (#9825) (#9834)
+  * Fix wrong poster identity on a migrated pull request when submit review (#9827) (#9830)
+  * Fix database dump when log directory is missing (#9818) (#9819)
+  * Fix compare (#9808) (#9814)
+  * Fix push-to-create (#9772) (#9797)
+  * Fix missing msteam webhook on organization (#9781) (#9794)
+  * Fix missing unlock in uniquequeue (#9790) (#9791)
+  * Fix add team on collaborator page when same name as organization (#9778)
+  * DeleteRepoFile incorrectly handles Delete to new branch (#9769) (#9775)
+  * Fix milestones page (#9771)
+  * Fix SimpleMDE quote reply (#9757) (#9768)
+  * Fix missing updated time on migrated issues and comments (#9744) (#9764)
+  * Move Errored PRs out of StatusChecking (#9675) (#9726)
+  * Make hook status printing configurable with delay (#9641) (#9725)
+  * ​Fix /repos​/issues​/search (#9698) (#9724)
+  * Silence fomantic error regarding tabs (#9713) (#9718)
+  * Remove unused lock (#9709) (#9710)
+  * Remove q.lock.Unlock() in setInternal to prevent panic (#9705) (#9706)
+  * Load milestone in API PR list (#9671) (#9700)
+  * Don't attempt to close issue if already closed (#9696) (#9699)
+  * Remove google font call (#9668) (#9681)
+  * Eliminate horizontal scroll caused by footer (#9674)
+  * Fix nil reference in repo generation (#9660) (#9666)
+  * Add HTML URL to API Issues (#9654) (#9661)
+  * Add PR review webhook to Telegram (#9653) (#9655)
+  * Use filepath.IsAbs instead of path.IsAbs (#9651) (#9652)
+  * Disable remove button on repository teams when have access to all (#9640)
+  * Clean up old references on branch delete (#9614)
+  * Hide public repos owned by private orgs (#9609)
+  * Fix access issues on milestone and issue overview pages. (#9603)
+  * Fix error logged when repos qs is empty (#9591)
+  * Dont trigger notification twice on issue assignee change (#9582)
+  * Fix mirror pushed commit actions (#9572)
+  * Allow only specific columns to be updated on issue via API (#9189) (#9539)
+  * Fix default avatar for ghost user (#9536)
+  * Fix download of release attachments with same name (#9529)
+  * Resolve deprecated INI conversion (#9525)
+  * Ignore empty avatars during database migration (#9520)
+  * Fix deleted branch isn't removed when push the branch again (#9516)
+  * Fix repository issues pagination bug when there are more than one label filter (#9512)
+  * Fix SetExpr failed (#9506)
+  * Remove obsolete file private/push_update.go (#9503)
+  * When recreating hooks, delete them first so they are recreated with the umask (#9502)
+  * Properly enforce gitea environment for pushes (#9501)
+  * Fix datarace on repo indexer queue (#9490)
+  * Add call to load repo prior to redirect in add/remove dependency code (#9484)
+  * Wrap the code indexer (#9476)
+  * Use Req.URL.RequestURI() to cope with FCGI urls (#9473)
+  * Set default ssh.minimum_key_sizes (#9466)
+  * Fixed issue with paging in /repos/{owner}/{repo}/git/trees/{sha} api (#9459)
+  * Fix wrong notification on merge (#9450)
+  * Issue with Migration rule v111 (#9449)
+  * Trigger webhook when deleting a branch after merging a PR (#9424)
+  * Add migration to sanitize repository original_url (#9423)
+  * Use OriginalURL instead of CloneAddr in migration logging (#9418)
+  * Push update after branch is restored (#9416)
+  * Fix wrong migration (#9381)
+  * Fix show repositories filter (#9234) (#9379)
+  * Fix Slack webhook payload title generation to work with Mattermost (#9378)
+  * Fix double webhook for new PR (#9375)
+  * AuthorizedKeysCommand should not query db directly (#9371)
+  * Fix missed change to GetManager() (#9361)
+  * Fix cache problem on dashboard (#9358)
+  * RepoIndexer: DefaultBranch needs to be prefixed by BranchPrefix (#9356)
+  * Fix protected branch using IssueID (#9348)
+  * Fix nondeterministic behavior (#9341)
+  * Fix PR/issue redirects when having external tracker (#9339)
+  * Remove release attachments which repository has been deleted (#9334)
+  * Fix issue indexer not triggered when migrating a repository (#9332)
+  * Add SyncTags to uploader interface (#9326)
+  * Fix bug that release attachment files not deleted when deleting repository (#9322)
+  * Only sync tags after all migration release batches are completed (#9319)
+  * File Edit: Author/Committer interchanged (#9297)
+  * prebuild CSS/JS before xgo release binaries (#9293)
+  * Log: Ensure FLAGS=none shows no flags (#9287)
+  * Make Diff Detail on Pull Request Changed File UI always on Top (#9280)
+  * Switch CSS minifier to cssnano (#9260)
+  * Fix latest docker image haven't include static files. (#9252)
+  * Don't link wiki revision to commit (#9244)
+  * Change review content column to type text in db (#9229)
+  * Fixed topic regex pattern and added search by topic links after save (#9219)
+  * Add language to user API responce (#9215)
+  * Correct tooltip message blocked by dependencies (#9211)
+  * Add SimpleMDE and Fix Image Paste for Issue/Comment Editor (#9197)
+  * Fix panic when diff (#9187)
+  * Fix #9151 - smtp logger configuration sendTos should be an array (#9154)
+  * Fix max length check and limit in multiple repo forms (#9148)
+  * Always Show Password Field on Link Account Sign-in Page (#9147)
+  * Properly fix displaying virtual session provider in admin panel (#9137)
+  * Fix race condition on indexer (#9136)
+  * Fix team links in HTML rendering (#9127)
+  * Fix race condition in ReplaceSanitizer (#9123)
+  * Fix what information is shown about user in API (#9115)
+  * Fix nil context user for template repositories (#9099)
+  * Hide given credentials for migrated repos. (#9097)
+  * Fix reCAPTCHA API URL (#9083)
+  * Fix password checks on admin create/edit user (#9076)
+  * Update golang.org/x/crypto vendor to use acme v2 (#9056)
+  * Ensure Written is set in GZIP ProxyResponseWriter (#9018)
+  * Fix wrong system notice when repository is empty (#9010)
+  * Fix broken link to branch from issue list (#9003)
+  * Fix bug when pack js (#8992)
+  * New review approvals shouldn't require a message (#8991)
+  * Shadow password correctly for session config (#8984)
+  * Don't send notification on pending reviews (#8943)
+  * Fix Notify Create Ref Error on tag creation (#8936)
+  * Convert EOL to UNIX-style to render MD properly (#8925)
+  * Migrate temp_repo.go to use git.NewCommand  (#8918)
+  * Fix issue with user.fullname (#8902)
+  * Add Close() method to gogitRepository (#8901)
+  * Enable punctuations ending mentions (#8889)
+  * Fix password complexity check on registration (#8887)
+  * Fix require external registration password (#8885)
+  * Fix edit content button on migrated issue content (#8877)
+  * Fix permission checks for close/reopen from commit (#8875)
+  * Fix API Bug (fail on empty assignees) (#8873)
+  * Stop using git count-objects and use raw directory size for repository (#8848)
+  * Fix count for commit graph last page (#8843)
+  * Fix to close opened io resources as soon as not needed (#8839)
+  * Improve notification (#8835)
+  * Fix new user form for non-local users (#8826)
+  * Fix: remove duplicated signed commit icons (#8820)
+  * Fix (open/closed) issue count when label excluded (#8815)
+  * Fix SSH2 conditional in key parsing code (#8806)
+  * Fix 500 when edit hook (#8782)
+  * On windows set core.longpaths true (#8776)
+  * Fix commit expand button to not go to commit link (#8745)
+  * Avoid re-issuing redundant cross-references. (#8734)
+  * Fix milestone close timestamp function (#8728)
+  * Move webhook codes from service to webhook notification (#8712)
+  * Show zero lines on the line counter if the file empty (#8700)
+  * Fix deadline on update issue or PR via API (#8696)
+  * make call createMilestoneComment on newIssue func (#8678)
+  * Send tag create and push webhook when release created on UI (#8671)
+  * Prevent chrome download page as html with alt + click (#8669)
+  * Fix 500 when getting user as unauthenticated user (#8653)
+  * Graceful fixes (#8645)
+  * Add SubURL to redirect path (#8632) (#8634)
+  * Fix extra columns from `label` table (#8633)
+  * Add SubURL to redirect path for transferred/renamed repos (#8632)
+  * Fix bug when migrate from API (#8631)
+  * Allow to merge if file path contains " or \ (#8629)
+  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609)
+  * Ensure default gpg settings not nil and found commits have reference to repo (#8604)
+  * Set webhook Content-Type for application/x-www-form-urlencoded (#8599)
+  * Fix #8582 by handling empty repos (#8587)
+  * Fix of the diff statistics view on pull request's (#8581)
+  * Fix bug on pull requests when transfer head repository (#8564)
+  * Fix template error on account page (#8562)
+  * Allow externalID to be UUID (#8551)
+  * Fix ignored error on editorconfig api (#8550)
+  * Fix user avatar name (#8547)
+  * Ensure that GitRepo is set on Empty repositories (#8539)
+  * Add missed close in ServeBlobLFS (#8527)
+  * Fix migrate mirror 500 bug (#8526)
+  * Fix password complexity regex for special characters (on master) (#8525)
+* ENHANCEMENTS
+  * Explicitly refer to PR in squash-merge commit message in case of external tracker (#9844) (#9855)
+  * Add a /user/login landing page option (#9622)
+  * Some more e-mail notification fixes (#9596)
+  * Add branch protection option to block merge on requested changes. (#9592)
+  * Add footer extra links template (#9576)
+  * Fix for a wrong URL in activity page of repository.  (#9571)
+  * Update default issue template (#9568)
+  * Change markdown rendering from blackfriday to goldmark  (#9533)
+  * Extend file create api with dates (#9464)
+  * Add ActionCommentPull action (#9456)
+  * Response for context on retry database connection (#9444)
+  * Refactor webhooks to reduce code duplication (#9422)
+  * update couchbase deps for new license (#9419)
+  * Add .ignore file for search tools (#9417)
+  * Remove unsued struct (#9405)
+  * Hide not allowed Reactions (#9387)
+  * Remove text from action-only webhooks (#9377)
+  * Move PushToBaseRepo from models to services/pull (#9352)
+  * Site admin could view org's members (#9346)
+  * Sleep longer if request speed is over github limitation (#9335)
+  * Refactor comment (#9330)
+  * Refactor code indexer (#9313)
+  * Remove SavePatch and generate patches on the fly (#9302)
+  * Move some pull request functions from models to services (#9266)
+  * Update JS dependencies (#9255)
+  * Show label list on label set (#9251)
+  * Redirect issue if repo has configured external tracker. (#9247)
+  * Allow kbd tags (#9245)
+  * Remove unused comment actions (#9222)
+  * Fixed errors logging in dump.go (#9218)
+  * Expose release counter to repo API response (#9214)
+  * Make consistent links to repository in the Slack/Mattermost notificiations (#9205)
+  * Expose pull request counter to repo API response (#9202)
+  * Extend TrackedTimes API (#9200)
+  * Extend StopWatch API (#9196)
+  * Move code indexer related code to a new package (#9191)
+  * Docker: ask s6 to stop all service when gitea stop (#9171)
+  * Variable expansion in repository templates (#9163)
+  * Add avatar and issue labels to template repositories (#9149)
+  * Show single review comments in the PR conversation tab (#9143)
+  * Extract createComment (#9125)
+  * Move PushUpdateOptions from models to repofiles (#9124)
+  * Alternate syntax for cross references (#9116)
+  * Add USE_SERVICE_WORKER setting (#9110)
+  * Only show part of members on orgnization dashboard and add paging for orgnization members page (#9092)
+  * Explore page: Add topic param to pagination (#9077) (#9078)
+  * Markdown: Sanitizier Configuration (#9075)
+  * Add password requirement info on error (#9074)
+  * Allow authors to use act keywords in PR content (#9059)
+  * Move modules/gzip to gitea.com/macaron/gzip (#9058)
+  * Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055)
+  * Context menus for comments, add quote reply (#9043)
+  * Update branch API endpoint to show effective branch protection. (#9031)
+  * Move git graph from models to modules/graph (#9027)
+  * Move merge actions to notification (#9024)
+  * Move mirror sync actions to notification (#9022)
+  * Add retry for migration http/https requests (#9019)
+  * Rewrite delivery of issue and comment mails (#9009)
+  * Add review comments to mail notifications (#8996)
+  * Refactor pull request review (#8954)
+  * Githook highlighter (#8932)
+  * Add git hooks and webhooks to template repositories; move to services (#8926)
+  * Only view branch or tag if it match refType requested. (#8899)
+  * Drop Admin attribute based on LDAP when login (continue #1743) (#8849)
+  * Add additional periods to activity page (#8829)
+  * Update go-org to optimize code (#8824)
+  * Move some actions to notification/action (#8779)
+  * Webhook support custom proxy (#8760)
+  * Fix API deadline removal (#8759)
+  * Mark review comment as invalidated when file is deleted (#8751)
+  * Move pull list code to a separate file (#8748)
+  * Move webhook to a standalone package under modules (#8747)
+  * Multi repo select on issue page (#8741)
+  * apply exclude label on milestone issue list (#8739)
+  * Move issue notifications and assignee man (#8713)
+  * Move issue change content from models to service (#8711)
+  * Move issue change status from models to service (#8691)
+  * Move more issue assignee code from models to issue service (#8690)
+  * Create PR on Current Repository by Default (#8670)
+  * Improve Open Graph Protocol (#8637)
+  * Batch hook pre- and post-receive calls (#8602)
+  * Improve webhooks (#8583)
+  * Move transfer repository and rename repository on a service package and start action notification (#8573)
+  * Implement/Fix PR review webhooks (#8570)
+  * Rewrite markdown rendering to blackfriday v2 and rewrite orgmode rendering to go-org (#8560)
+  * Move some repositories' operations to a standalone service package (#8557)
+  * Allow more than 255 characters for tokens in external_login_user table (#8554)
+  * Move issue label operations to issue service package (#8553)
+  * Adjust error reporting from merge failures and use LC_ALL=C for git (#8548)
+  * Mail assignee when issue/pull request is assigned (#8546)
+  * Allow committing / adding empty files using the web ui (#8420) (#8532)
+  * Move sync mirror actions to mirror service package (#8518)
+  * Remove arrows on numeric inputs (#8516)
+  * Support inline rendering of CUSTOM_URL_SCHEMES (#8496)
+  * Recalculate repository access only for specific user (#8481)
+  * Add download button for rull request diff- and patch-file (#8470)
+  * Add single sign-on support via SSPI on Windows (#8463)
+  * Move change issue title from models to issue service package (#8456)
+  * Add included tag on  branch view (#8449)
+  * Make static resouces web browser cache time customized on app.ini (#8442)
+  * Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426)
+  * Add pagination to commit graph page (#8360)
+  * Use templates for issue e-mail subject and body (#8329)
+  * Move clearlabels from models to issue service (#8326)
+  * Move AddTestPullRequestTask to pull service package from models (#8324)
+  * Team permission to create repository in organization (#8312)
+  * Allows external rendering of other filetypes (#8300)
+  * Add 'Alt + click' feature to exclude labels (#8199)
+  * Configurable close and reopen keywords for PRs (#8120)
+  * Configurable URL for static resources (#7911)
+  * Unifies commit list in repository commit table and wiki revision page (#7907)
+  * Allow cross-repository dependencies on issues (#7901)
+  * Auto-subscribe user to repository when they commit/tag to it (#7657)
+  * Restore Graceful Restarting & Socket Activation (#7274)
+  * wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241)
+  * Change target branch for pull request (#6488)
+  * Display PR commits and diffs using base repo rather than forked (#3648)
+* TESTING
+  * Add debug option to serv to help debug problems (#9492)
+  * Fix the intermittent TestGPGGit failures (#9360)
+  * Testing: Update postgres sequences (#9304)
+  * Missed defer prepareTestEnv (#9285)
+  * Fix "data race" in testlogger (#9159)
+  * Yet another attempt to fix the intermittent failure of gpg git test (#9146)
+  * integrations: Fix Dropped Test Errors (#9040)
+  * services/mirror: fix dropped test errors (#9007)
+  * Fix intermittent GPG Git test failure (#8968)
+  * Update Github Migration Tests (#8893) (#8938)
+  * Update heatmap fixtures to restore tests (#8615)
+* TRANSLATION
+  * Fix Korean locales (#9761) (#9780)
+  * Fix placeholders in the error message (#9060)
+  * Fix spelling of admin.users.max_repo_creation (#8934)
+  * Improve german translation of homepage (#8549)
+* BUILD
+  * Fix webpack polyfills (#9735) (#9738)
+  * Update gitea.com/macaron to 1.4.0 (#9608)
+  * Upgrade lato fonts to v16. (#9498)
+  * Update alpine to 3.11 (#9440)
+  * Upgrade blevesearch (#9177)
+  * Remove built js/css files from git (#9114)
+  * Move semantic.dropdown.custom.js to webpack (#9064)
+  * Check compiled files during build (#9042)
+  * Enable lazy-loading of gitgraph.js (#9036)
+  * Pack web_src/js/draw.js to public/js/index.js (#8975)
+  * Modernize js and use babel (#8973)
+  * Move index.js to web_src and use webpack to pack them (#8598)
+  * Restrict modules/graceful to non-windows build and shim IsChild (#8537)
+  * Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#8501)
+* DOCS
+  * Swagger info corrections (#9441) (#9558)
+  * Add ALLOW_ONLY_EXTERNAL_REGISTRATION to config cheat sheet (#8986)
+  * Rephrase comment about RuntimeDirectory option in systemd config (#8912)
+  * Explicitly indicate the socket unit to use the service unit "gitea.service" (#8804)
+  * Adjust the must-change-password help (#8755)
+  * Add notice to docs for migrating from more recent versions of Gogs (#8724)
+  * Add explicit info about customization of homepage (#8694)
+  * Change external asciidoctor tool to embedded mode (#8677)
+  * Add Docker fail2ban configuration (#8642)
+  * Correct some outdated statements in the contributing guidelines (#8612)
+  * Basic Design guidelines (describing different parts of the code) (#8601)
+  * Display Gitea logo in Readme (#8592)
+  * Fix building from source docs to ref AppWorkPath (#8567)
+  * Update the provided gitea.service to mention socket activation (#8531)
+  * Doc added how to setup email (#8520)
+* MISC
+  * Backport Locales [2020-01-14] (#9773)
+  * Add translatable Powered by Gitea text in footer (#9600)
+  * Add contrib/environment-to-ini (#9519)
+  * Remove unnecessary loading of settings in update hook (#9496)
+  * Update gitignore list (#9437)
+  * Update license list (#9436)
+  * Fix background reactions in the arc-green theme (#9421)
+  * Update and fix chardet import (#9351)
+  * Ensure LF on checkouts and in editors (#9259)
+  * Fixed topics margin (#9248)
+  * Add comment to exported function WindowsServiceName (make revive) (#9241)
+  * Remove empty lines on issues/pulls page (#9232)
+  * Fix Add Comment Button's "+" Position (#9140)
+  * Add first issue comment hashtag (#9052)
+  * Change some label colors (#9051)
+  * Fix double scroll in branch dropdown (#9048)
+  * Add comment highlight when target from url (#9047)
+  * Update display of reactions to issues and comments (#9038)
+  * Button tooltip formatting under Branches (#9034)
+  * Allow setting default branch via API (#9030)
+  * Update dashboard context for PR reviews (#8995)
+  * Show repository size in repo home page and settings (#8940)
+  * Allow to add and remove all repositories to/from team. (#8867)
+  * Show due date in dashboard issues list (#8860)
+  * Theme arc-green: reverse heatmap colors (#8840)
+  * Project files table style update (#8757)
+  * gitignore debugging file from vscode (#8740)
+  * Add API for Issue set Subscription (#8729)
+  * Make 100% width search bar (#8710)
+  * Update color theme for heatmap (#8709)
+  * Add margin to title_wip_desc (#8705)
+  * Improve visibility of "Pending" indicator (#8685)
+  * Improve accessibility of dropdown menus (#8638)
+  * Make /users/{username}/repos list private repos the current user has access to (#8621)
+  * Prevent .code-view from overriding font on icon fonts (#8614)
+  * Add id references on all issue events to allow internal linking (#8608)
+  * Upgrade xorm to v0.8.0 (#8536)
+  * Upgrade gopkg.in/ini.v1 (#8500)
+  * Update CodeMirror to version 5.49.0 (#8381)
+  * Wiki editor: enable side-by-side button (#7242)
+
+## [1.10.6](https://github.com/go-gitea/gitea/releases/tag/v1.10.6) - 2020-03-10
+
+This is a re-tag version of v1.10.5 and also explicitly built with Go 1.13.
+
+WARNING: v1.10.5 is incorrectly tagged targeting 1.12-dev and should __not__ be used.
+
+## [1.10.5](https://github.com/go-gitea/gitea/releases/tag/v1.10.5) - 2020-03-06
+
+* BUGFIXES
+  * Fix release attachments being deleted while upgrading (#10572) (#10574)
+
+## [1.10.4](https://github.com/go-gitea/gitea/releases/tag/v1.10.4) - 2020-02-16
+
+* FEATURE
+  * Prevent empty LDAP search from deactivating all users (#9879) (#9890)
+* BUGFIXES
+  * Fix reply on code review (#10261) (#10227)
+  * Fix branch page pull request title and link error (#10092) (#10098)
+  * Fix milestone API state parameter unhandled (#10049) (#10053)
+  * Fix wiki raw view on sub path (#10002) (#10041)
+  * Fix RocketChat Webhook (#9908) (#9921) (#9925)
+  * Fix bug about wrong dependencies permissions check and other wrong permissions check (#9884) (Partial backport #9842)
+  * Ensure that 2fa is checked on reset-password (#9857) (#9877)
+
+## [1.10.3](https://github.com/go-gitea/gitea/releases/tag/v1.10.3) - 2020-01-17
+
+* SECURITY
+  * Hide credentials when submitting migration (#9102) (#9704)
+  * Never allow an empty password to validate (#9682) (#9684)
+  * Prevent redirect to Host (#9678) (#9680)
+  * Hide public repos owned by private orgs (#9609) (#9616)
+* BUGFIXES
+  * Allow assignee on Pull Creation when Issue Unit is deactivated (#9836) (#9838)
+  * Fix download file wrong content-type (#9825) (#9835)
+  * Fix wrong identify poster on a migrated pull request when submit review (#9827) (#9831)
+  * Fix dump non-exist log directory (#9818) (#9820)
+  * Fix compare (#9808) (#9815)
+  * Fix missing msteam webhook on organization (#9781) (#9795)
+  * Fix add team on collaborator page when same name as organization (#9783)
+  * Fix cache problem on dashboard (#9358) (#9703)
+  * Send tag create and push webhook when release created on UI (#8671) (#9702)
+  * Branches not at ref commit ID should not be listed as Merged (#9614) (#9639)
+
+## [1.10.2](https://github.com/go-gitea/gitea/releases/tag/v1.10.2) - 2020-01-02
+
+* BUGFIXES
+  * Allow only specific Columns to be updated on Issue via API (#9539) (#9580)
+  * Add ErrReactionAlreadyExist error (#9550) (#9564)
+  * Fix bug when migrate from API (#8631) (#9563)
+  * Use default avatar for ghost user (#9536) (#9537)
+  * Fix repository issues pagination bug when there are more than one label filter (#9512) (#9528)
+  * Fix deleted branch not removed when push the branch again (#9516) (#9524)
+  * Fix missing repository status when migrating repository via API (#9511)
+  * Trigger webhook when deleting a branch after merging a PR (#9510)
+  * Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API endpoint (#9482)
+  * Fix NewCommitStatus (#9434) (#9435)
+  * Use OriginalURL instead of CloneAddr in migration logging (#9418) (#9420)
+  * Fix Slack webhook payload title generation to work with Mattermost (#9404)
+  * DefaultBranch needs to be prefixed by BranchPrefix (#9356) (#9359)
+  * Fix issue indexer not triggered when migrating a repository (#9333)
+  * Fix bug that release attachment files not deleted when deleting repository (#9322) (#9329)
+  * Fix migration releases (#9319) (#9326) (#9328)
+  * Fix File Edit: Author/Committer interchanged (#9297) (#9300)
+
+## [1.10.1](https://github.com/go-gitea/gitea/releases/tag/v1.10.1) - 2019-12-05
+
+* BUGFIXES
+  * Fix max length check and limit in multiple repo forms (#9148) (#9204)
+  * Properly fix displaying virtual session provider in admin panel (#9137) (#9203)
+  * Upgrade levelqueue to 0.1.0 (#9192) (#9199)
+  * Fix panic when diff (#9187) (#9193)
+  * Smtp logger configuration sendTos should be an array (#9154) (#9157)
+  * Always Show Password Field on Link Account Sign-in Page (#9150)
+  * Create PR on Current Repository by Default (#8670) (#9141)
+  * Fix race on indexer (#9136) (#9139)
+  * Fix reCAPTCHA URL (#9119)
+  * Hide migrated credentials (#9098)
+  * Update golang.org/x/crypto vendor to use acme v2 (#9056) (#9085)
+  * Fix password checks on admin create/edit user (#9076) (#9081)
+  * Fix add search as a reserved username (#9063) (#9065)
+  * Fix permission checks for close/reopen from commit (#8875) (#9033)
+  * Ensure Written is set in GZIP ProxyResponseWriter (#9018) (#9025)
+  * Fix broken link to branch from issue list (#9003) (#9021)
+  * Fix wrong system notice when repository is empty (#9020)
+  * Shadow password correctly for session config (#8984) (#9002)
+
+## [1.10.0](https://github.com/go-gitea/gitea/releases/tag/v1.10.0) - 2019-11-13
+
+* BREAKING
+  * Fix deadline on update issue or PR via API (#8698)
+  * Hide some user information via API if user doesn't have enough permission (#8655) (#8657)
+  * Remove legacy handling of drone token (#8191)
+  * Change repo search to use exact match for topic search. (#7941)
+  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742)
+  * Implement the ability to change the ssh port to match what is in the gitea config (#7286)
+* SECURITY
+  * Fix issue with user.fullname (#8903)
+  * Ignore mentions for users with no access (#8395)
+  * Be more strict with git arguments (#7715)
+  * Extract the username and password from the mirror url (#7651)
+  * reserve .well-known username (#7637)
+* FEATURES
+  * Org/Members: display 2FA members states + optimize sql requests (#7621)
+  * SetDefaultBranch on pushing to empty repository (#7610)
+  * Adds side-by-side diff for images (#6784)
+  * API method to list all commits of a repository (#6408)
+  * Password Complexity Checks  (#6230)
+  * Add option to initialize repository with labels (#6061)
+  * Add additional password hash algorithms (#6023)
+* BUGFIXES
+  * Allow to merge if file path contains " or \ (#8629) (#8771)
+  * On windows set core.longpaths true (#8776) (#8786)
+  * Fix 500 when edit hook (#8782) (#8789)
+  * Fix Checkbox at RepoSettings Protected Branch (#8799) (#8801)
+  * Fix SSH2 conditional in key parsing code (#8806) (#8810)
+  * Fix commit expand button to not go to commit link (#8745) (#8825)
+  * Fix new user form for non-local users (#8826) (#8828)
+  * Fix to close opened io resources as soon as not needed (#8839) (#8846)
+  * Fix edit content button on migrated issue content (#8877) (#8884)
+  * Fix require external registration password (#8885) (#8890)
+  * Fix password complexity check on registration (#8887) (#8888)
+  * Update Github Migration Tests (#8896) (#8938) (#8945)
+  * Enable punctuations ending mentions (#8889) (#8894)
+  * Add Close() method to gogitRepository (#8901) (#8956)
+  * Hotfix for review actions and notifications (#8965)
+  * Expose db.SetMaxOpenConns and allow non MySQL dbs to set conn pool params (#8528) (#8618)
+  * Fix milestone close timestamp (#8728) (#8730)
+  * Fix 500 when getting user as unauthenticated user (#8653) (#8663)
+  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8681)
+  * Use AppSubUrl for more redirections (#8647) (#8651)
+  * Add SubURL to redirect path (#8632) (#8634)
+  * Fix template error on account page (#8562) (#8622)
+  * Allow externalID to be UUID (#8551) (#8624)
+  * Prevent removal of non-empty emoji panel following selection of duplicate (#8609) (#8623)
+  * Update heatmap fixtures to restore tests (#8615) (#8616)
+  * Ensure that diff stats can scroll independently of the diff (#8581) (#8621)
+  * Webhook: set Content-Type for application/x-www-form-urlencoded (#8600)
+  * Fix #8582 by handling empty repos (#8587) (#8594)
+  * Fix bug on pull requests when transfer head repository (#8564) (#8569)
+  * Add missed close in ServeBlobLFS (#8527) (#8542)
+  * Ensure that GitRepo is set on Empty repositories (#8539) (#8541)
+  * Fix migrate mirror 500 bug (#8526) (#8530)
+  * Fix password complexity regex for special characters (#8524)
+  * Prevent .code-view from overriding font on icon fonts (#8614) (#8627)
+  * Allow more than 255 characters for tokens in external_login_user table (#8554)
+  * Fix errors in create org UI regarding team access permission (#8506)
+  * Fix bug on FindExternalUsersByProvider (#8504)
+  * Create .ssh dir as necessary (#8486)
+  * IsBranchExist: return false if provided name is empty (#8485)
+  * Making openssh listen on SSH_LISTEN_PORT not SSH_PORT (#8477)
+  * Add check for empty set when dropping indexes during migration (#8471)
+  * LFS files are relative to LFS content path, ensure that when deleting they are made relative to this (#8455)
+  * Ensure Request Body Readers are closed in LFS server (#8454)
+  * Fix template bug on mirror repository setting page (#8438)
+  * Fix migration v96 to keep issue attachments (#8435)
+  * Update strk.kbt.io/projects/go/libravatar to latest (#8429)
+  * Singular form for files that has only one line (#8416)
+  * Check for either escaped or unescaped wiki filenames (#8408)
+  * Allow users with explicit read access to give approvals (#8382)
+  * Fix editor commit to new branch if PR disabled (#8375)
+  * readd .markdown class to all markup renderers (#8357)
+  * Upgrade xorm to v0.7.9 to fix some bugs (#8354)
+  * Fix column name ambiguity in GetUserIssueStats() (#8347)
+  * Change general form binding to gogs form (#8334)
+  * Fix pull request commit status in user dashboard list (#8321)
+  * Fix repo_admin_change_team_access always checked in org settings (#8319)
+  * Update to github.com/lafriks/xormstore@v1.3.0 (#8317)
+  * Show correct commit status in PR list (#8316)
+  * Bugfix for image compare and minor improvements to image compare (#8289)
+  * Update xorm (#8286)
+  * Fix API for edit and delete release attachment (#8285)
+  * Fix nil object access in some conditions when parsing cross references (#8281)
+  * Fix label count (#8267)
+  * Only show teams access for organization repositories on collaboration setting page (#8265)
+  * Test more reserved usernames (#8263)
+  * Rewrite reference processing code in preparation for opening/closing from comment references (#8261)
+  * Fix assets key on release webhook (#8253)
+  * Allow registration when button is hidden (#8237)
+  * Fix release API URL generation (#8234)
+  * Fix milestone num_issues (#8221)
+  * MS Teams webhook misses commit messages (#8209)
+  * Fix data race (#8204)
+  * Fix team user api (#8172)
+  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8161)
+  * Make show private icon when repo avatar set (#8144)
+  * Add reviewers as participants (#8121)
+  * Fix Go 1.13 private repository go get issue (#8112)
+  * feat: highlight issue references with : (#8101)
+  * Make AllowedUsers configurable in sshd_config (#8094)
+  * Strict name matching for Repository.GetTagID() (#8074)
+  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8066)
+  * Add change title notification for issues (#8061)
+  * [ssh] fix the config specification in the authorized_keys template (#8031)
+  * Fix reading git notes from nested trees (#8026)
+  * Fixes synchronize tags to releases for repository - makes sure we are only getting tag refs (#7990)
+  * Fix adding default Telegram webhook (#7972)
+  * Run CORS handler first for /api routes (#7967)
+  * Abort synchronization from LDAP source if there is some error. (#7960)
+  * Fix wrong sender when send slack webhook (#7918)
+  * Fix bug when migrating a private repository (#7917)
+  * Evaluate emojis in commit messages in list view (#7906)
+  * Fix upload file type check (#7890)
+  * lfs/lock: round locked_at timestamp to second (#7872)
+  * fix non existent milestone with 500 error instead of 404 (#7867)
+  * gpg/bugfix: Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7846)
+  * Fix duplicate call of webhook (#7821)
+  * Enable switching to a different source branch when PR already exists (#7819)
+  * Convert files to utf-8 for indexing (#7814)
+  * Do not fetch all refs in pull-request compare (#7797)
+  * Fix multiple bugs with statuses endpoints at API (#7785)
+  * Restore functionality for early gits (#7775)
+  * Fix Slack webhook fork message (#7774)
+  * Rewrite existing repo units if setting is not included in api body (#7763)
+  * Fix rename failed when rewrite public keys (#7761)
+  * Fix approvals counting (#7757)
+  * Add migration step to remove old repo_indexer_status orphaned records (#7746)
+  * Fix repo_index_status lingering when deleting a repository (#7734)
+  * Remove camel case tokenization from repo indexer (#7733)
+  * Fix milestone completness calculation when migrating (#7725)
+  * Regression: Include "executable" files in the index, as they are not necessarily … (#7718)
+  * Fixes indexed repos keeping outdated indexes when files grow too large (#7712)
+  * Skip non-regular files (e.g. submodules) on repo indexing (#7711)
+  * Fix dropTableColumns sqlite implementation (#7710)
+  * Update gopkg.in/src-d/go-git.v4 to v4.13.1 (#7705)
+  * improve branches list performance and fix protected branch icon when no-login (#7695)
+  * Correct wrong datetime format for git (#7689)
+  * Move add to hook queue for created repo to outside xorm session. (#7675)
+  * sugestion to use range .Branches (#7674)
+  * Fix bug on migrating milestone from github (#7665)
+  * hide delete/restore button on archived repos (#7658)
+  * css: use flex to fix floating paginate (#7656)
+  * Fix syntax highlight initialization (#7617)
+  * Fix panic on push at - Merging pull request causes 500 error (#7615)
+  * Make PKCS8, PEM and SSH2 keys work (#7600)
+  * Fix mistake in arc-green.less split-diff css code. (#7587)
+  * Handle ErrUserProhibitLogin in http git (#7586)
+  * Fix bug create/edit wiki pages when code master branch protected (#7580)
+  * Fixes Malformed URLs in API git/commits response (#7565)
+  * Fix file header overflow in file and blame views (#7562)
+  * Improve SSH key parser to handle newlines in keys (#7522)
+  * Fix empty commits now showing in repo overview (#7521)
+  * Fix repository's pull request count error (#7518)
+  * Fix markdown invoke sequence (#7513)
+  * Remove duplicated webhook trigger (#7511)
+  * Update User.NumRepos atomically in createRepository (#7493)
+  * Fix settings page of repo you aren't admin print error - Settings pages giving UnitType error message (#7482)
+  * Fix redirection after file edit - Handles all redirects for Web UI File CRUD (#7478)
+  * cmd/serv: actually exit after fatal errors (#7458)
+  * Fix an issue with some pages throwing 'not defined' js exceptions (#7450)
+  * fix Dropzone.js integration (#7445)
+  * Fix regex for issues in commit messages (#7444)
+  * Diff: Fix indentation on unhighlighted code (#7435)
+  * Only show "New Pull Request" button if repo allows pulls (#7426)
+  * Upgrade macaron/captcha to fix random error problem (#7407)
+  * create class for inline positioned lists (#7393)
+  * Fetch refs for successful testing for tag (#7388)
+  * add missing template variable on organisation settings (#7385)
+  * fix post parameter - on issue list - unset assignee (#7380)
+  * fix/define autochecked checkboxes on issue list in firefox (#7320)
+  * only return head: null if source branch was deleted (#6705)
+* ENHANCEMENTS
+  * Add nofollow to sign in links (#8509)
+  * vendor: update mvdan.cc/xurls/v2 to v2.1.0 (#8495)
+  * Update milestone issues numbers when save milestone and other code improvements (#8411)
+  * Add extra user information when migrating release (#8331)
+  * Require overall success if no context is given for status check (#8318)
+  * Transaction-aware retry create issue to cope with duplicate keys (#8307)
+  * Change link on issue milestone (#8246)
+  * Alwaywas return local url for users avatar (#8245)
+  * Move some milestone functions to a standalone package (#8213)
+  * Move create issue comment to comments package (#8212)
+  * Disable max height property of comment textarea (#8203)
+  * Add 'Mentioning you' group to /issues page (#8201)
+  * oauth2 with remote Gitea (#8149)
+  * Reference issues from pull requests and other issues (#8137)
+  * Fix webhooks to use proxy from environment (#8116)
+  * Add merged commit id on pull view when it's merged (#8062)
+  * Add teams to repo on collaboration page. (#8045)
+  * Update swagger to 0.20.1  (#8010)
+  * Make link last commit massages in repository home page and commit tables (#8006)
+  * Add API endpoint for accessing repo topics (#7963)
+  * Include description in repository search (#7942)
+  * Use gitea forked macaron (#7933)
+  * Fix pull creation with empty changes (#7920)
+  * Allow token as authorization for accessing attachments (#7909)
+  * Retry create issue to cope with duplicate keys (#7898)
+  * Move git diff codes from models to services/gitdiff (#7889)
+  * migrate gplus to google oauth2 provider (#7885)
+  * Remove unique filter from repo indexer analyzer. (#7878)
+  * Detect delimiter in CSV rendering (#7869)
+  * Import topics during migration (#7851)
+  * Move CreateReview to modules/pull (#7841)
+  * vendor: update pdf.js to v2.1.266 (#7834)
+  * Support SSH_LISTEN_PORT env var in docker app.ini template (#7829)
+  * Add Ability for User to Customize Email Notification Frequency (#7813)
+  * Move database settings from models to setting (#7806)
+  * Display ui time with customize time location (#7792)
+  * Implement webhook branch filter (#7791)
+  * Restrict repository indexing by glob match (#7767)
+  * Api: advanced settings for repository (external wiki, issue tracker etc.) (#7756)
+  * Update migrated repositories' issues/comments/prs poster id if user has a github external user saved (#7751)
+  * deps: Upgrade gopkg.in/editorconfig/editorconfig-core-go.v1 (#7749)
+  * Apply emoji on commit graph page (#7743)
+  * Add a lot of extension to language mappings for syntax highlights (#7741)
+  * Add SQL execution on log and indexes on table repository and comment (#7740)
+  * Set DB connection error level to error (#7724)
+  * Check commit message hashes before making links (#7713)
+  * remove unnecessary fmt on generate bindata (#7706)
+  * Fix specific highlighting (CMakeLists.txt ...) (#7686)
+  * Add file status on API (#7671)
+  * Add support for DEFAULT_ORG_MEMBER_VISIBLE (#7669)
+  * Provide links in commit summaries in commits table/view list (#7659)
+  * Change length of some repository's columns (#7652)
+  * Move commit repo action from models to repofiles package (#7645)
+  * fix wrong email when use gitea as OAuth2 provider (#7640)
+  * [Branch View] add download button (#7604)
+  * Update to xorm@v0.7.4 (#7596)
+  * use 403 instead of 401 for ErrUserProhibitLogin (#7591)
+  * Removed unnecessary conversions (#7557)
+  * Un-lambda base.FileSize (#7556)
+  * Added missing error checks in tests (#7554)
+  * Move create release from models to a standalone package (#7539)
+  * Make default branch name link to default branch (#7519)
+  * Added total count of contributions to heatmap (#7517)
+  * Move mirror to a standalone package from models (#7486)
+  * Move models.PushUpdate to repofiles.PushUpdate (#7485)
+  * Include thread related headers in issue/coment mail (#7484)
+  * Refuse merge until all required status checks success (#7481)
+  * convert all js var to let/const (#7464)
+  * Only create branches for opened pull requestes when migrating from github (#7463)
+  * jQuery 3 (#7425)
+  * Add notification placeholder (#7409)
+  * Search Commits via Commit Hash (#7400)
+  * Move status table to cron package (#7370)
+  * wiki - page revisions list  (#7369)
+  * Display original author and URL information when showing migrated issues/comments (#7352)
+  * Refactor filetype is not allowed errors (#7309)
+  * switch to use gliderlabs/ssh for builtin server (#7250)
+  * Remove settting dependency on modules/session (#7237)
+  * Move all mail related codes from models to services/mailer (#7200)
+  * Support git.PATH entry in app.ini (#6772)
+  * Support setting cookie domain (#6288)
+  * Move migrating repository from frontend to backend (#6200)
+  * Delete releases attachments if release is deleted (#6068)
+* TRANSLATION
+  * Latvian translation for home page (#8468)
+  * Add home template italian translation (#8352)
+  * fix misprint (#7452)
+* BUILD
+  * use go 1.13 (#8088)
+* MISC
+  * add file line count info on UI (#8396)
+  * Make issues page left menu 100% width and add reponame as title attribute (#8359)
+  * [arc-green] white on hover for active menu items (#8344)
+  * Move ref (branch or tag) location on issue list page (#8157)
+  * apply emoji on dashboard issue list labels (#8156)
+  * 1148: Take up the full width when viewing the diff in split view. (#8114)
+  * Display description of 'make this repo private' as help text, not as tooltip (#8097)
+  * Fixes deformed emoji in pull request reviews (#8047)
+  * Add strike to old header on comment (#8046)
+  * Add tooltip for the visibility checkbox in /repo/create (#8025)
+  * Update github.com/lafriks/xormstore and tidy up mod.go (#8020)
+  * keep blame view buttons sequence consistent with normal view when view a file (#8007)
+  * Use "Pull Request" instead of "Merge Request" (#8003)
+  * Move line number to :before attr to hide from search on browser (#8002)
+  * Changed black color to white for (read) number label on issue list page (#8000)
+  * [Branch View] show "New Pull Request" Button only if posible (#7977)
+  * Fix hook problem by only setting the git environment variables if we are passed them (#7854)
+  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800)
+  * Fix global search result CSS, misc CSS tweaks (#7789)
+  * Tweak label border CSS (#7739)
+  * Fix create menu item widths (#7708)
+  * [Branch View] Delete duplicate protection symbol (#7624)
+  * [Branch View] Delete Table Header (#7622)
+  * [Branch View] icons to buttons (#7602)
+  * update js dependencies (#7462)
+  * Add Extra Info to Branches Page (#7461)
+  * Bump lodash from 4.17.11 to 4.17.14 (#7459)
+  * wiki history improvements (#7391)
+  * ui fixes - compare view and archieved repo issues (#7345)
+  * dark theme scrollbars (#7269)
+  * wiki - editor - add buttons 'inline code', 'empty checkbox', 'checked checkbox' (#7243)
+  * Fix Statuses API only shows first 10 statuses: Add paging and extend API GetCommitStatuses (#7141)
+
+## [1.9.6](https://github.com/go-gitea/gitea/releases/tag/v1.9.6) - 2019-11-13
+
+* BUGFIXES
+  * Allow to merge if file path contains " or \ (#8629) (#8772)
+  * Fix 500 when edit hook (#8782) (#8790)
+  * Fix issue with user.fullname (#8904)
+  * Update Github Migration Test (#8897) (#8946)
+  * Add Close() method to gogitRepository (#8901) (#8958)
+
+## [1.9.5](https://github.com/go-gitea/gitea/releases/tag/v1.9.5) - 2019-10-30
+
+* BREAKING
+  * Hide some user information via API if user doesn't have enough permission (#8655) (#8658)
+* BUGFIXES
+  * Fix milestone close timestamp (#8728) (#8731)
+  * Fix deadline on update issue or PR via API (#8699)
+  * Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
+  * Fix 500 when getting user as unauthenticated user (#8653) (#8662)
+  * Use AppSubUrl for more redirections (#8647) (#8652)
+  * Add SubURL to redirect path (#8632) (#8634) (#8640)
+  * Fix #8582 by handling empty repos (#8587) (#8593)
+  * Fix bug on pull requests when transfer head repository (#8571)
+  * Add missed close in ServeBlobLFS (#8527) (#8543)
+  * Return false if provided branch name is empty for IsBranchExist (#8485) (#8492)
+  * Create .ssh dir as necessary (#8369) (#8486) (#8489)
+  * Restore functionality for early gits (#7775) (#8476)
+  * Add check for empty set when dropping indexes during migration (#8475)
+  * Ensure Request Body Readers are closed in LFS server (#8454) (#8459)
+  * Ensure that LFS files are relative to the LFS content path (#8455) (#8458)
+* SECURITY
+  * Ignore mentions for users with no access (#8395) (#8484)
+* TESTING
+  * Update heatmap fixtures to restore tests (#8615) (#8617)
+
+## [1.9.4](https://github.com/go-gitea/gitea/releases/tag/v1.9.4) - 2019-10-08
+
+* BUGFIXES
+  * Highlight issue references (#8101) (#8404)
+  * Fix bug when migrating a private repository #7917 (#8403)
+  * Change general form binding to gogs form (#8334) (#8402)
+  * Fix editor commit to new branch if PR disabled (#8375) (#8401)
+  * Fix milestone num_issues (#8221) (#8400)
+  * Allow users with explicit read access to give approvals (#8398)
+  * Fix commit status in PR #8316 and PR #8321 (#8339)
+  * Fix API for edit and delete release attachment (#8290)
+  * Fix assets on release webhook (#8283)
+  * Fix release API URL generation (#8239)
+  * Allow registration when button is hidden (#8238)
+  * MS Teams webhook misses commit messages (backport v1.9) (#8225)
+  * Fix data race (#8206)
+  * Fix pull merge 500 error caused by git-fetch breaking behaviors (#8194)
+  * Fix the SSH config specification in the authorized_keys template (#8193)
+  * Fix reading git notes from nested trees (#8189)
+  * Fix team user api (#8172) (#8188)
+  * Add reviewers as participants (#8124)
+* BUILD
+  * Use vendored go-swagger (#8087) (#8165)
+  * Fix version-validation for GO 1.13 (go-macaron/cors) (#8389)
+* MISC
+  * Make show private icon when repo avatar set (#8144) (#8175)
+
+## [1.9.3](https://github.com/go-gitea/gitea/releases/tag/v1.9.3) - 2019-09-06
+
+* BUGFIXES
+  * Fix go get from a private repository with Go 1.13 (#8100)
+  * Strict name matching for Repository.GetTagID() (#8082)
+  * Avoid ambiguity of branch/directory names for the git-diff-tree command (#8070)
+  * Add change title notification for issues (#8064)
+  * Run CORS handler first for /api routes (#7967) (#8053)
+  * Evaluate emojis in commit messages in list view (#8044)
+  * Fix failed to synchronize tags to releases for repository (#7990) (#7994)
+  * Fix adding default Telegram webhook (#7972) (#7992)
+  * Abort synchronization from LDAP source if there is some error (#7965)
+  * Fix deformed emoji in commit message (#8071)
+* ENHANCEMENTS
+  * Keep blame view buttons sequence consistent with normal view when viewing a file (#8007) (#8009)
+
+## [1.9.2](https://github.com/go-gitea/gitea/releases/tag/v1.9.2) - 2019-08-22
+
+* BUGFIXES
+  * Fix wrong sender when send slack webhook (#7918) (#7924)
+  * Upload support text/plain; charset=utf8 (#7899)
+  * Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
+  * Fix non existent milestone with 500 error (#7867) (#7873)
+* SECURITY
+  * Fix No PGP signature on 1.9.1 tag (#7874)
+  * Release built with go 1.12.9 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
+* ENHANCEMENTS
+  * Fix pull creation with empty changes (#7920) (#7926)
+* BUILD
+  * Drone/docker: prepare multi-arch release + provide arm64 image (#7571) (#7884)
+
+## [1.9.1](https://github.com/go-gitea/gitea/releases/tag/v1.9.1) - 2019-08-14
+
+* BREAKING
+  * Add pagination for admin api get orgs and fix only list public orgs bug (#7742) (#7752)
+* SECURITY
+  * Be more strict with git arguments (#7715) (#7762)
+  * Release built with go 1.12.8 to fix security fixes in golang std lib, ref: https://groups.google.com/forum/#!topic/golang-nuts/fCQWxqxP8aA
+* BUGFIXES
+  * Fix local runs of ssh-requiring integration tests (#7855) (#7857)
+  * Fix hook problem (#7856) (#7754)
+  * Use .ExpiredUnix.IsZero to display green color of forever valid gpg key (#7850) (#7846)
+  * Do not fetch all refs (#7797) (#7837)
+  * Fix duplicate call of webhook (#7824) (#7821)
+  * Enable switching to a different source branch when PR already exists (#7823)
+  * Rewrite existing repo units if setting is not included in api body (#7811)
+  * Prevent Commit Status and Message From Overflowing On Branch Page (#7800) (#7808)
+  * API: fix multiple bugs with statuses endpoints (Backport #7785) (#7807)
+  * Fix Slack webhook fork message (1.9 release backport) (#7783)
+  * Fix approvals counting (#7757) (#7777)
+  * Fix rename failed when rewrite public keys (#7761) (#7769)
+  * Fix dropTableColumns sqlite implementation (#7710) (#7765)
+  * Fix repo_index_status lingering when deleting a repository (#7738)
+  * Fix milestone completness calculation when migrating (#7725) (#7732)
+  * Fixes indexed repos keeping outdated indexes when files grow too large (#7731)
+  * Skip non-regular files (e.g. submodules) on repo indexing (#7717)
+  * Improve branches list performance and fix protected branch icon when no-login (#7695) (#7704)
+  * Correct wrong datetime format for git (#7689) (#7690)
+
+## [1.9.0](https://github.com/go-gitea/gitea/releases/tag/v1.9.0) - 2019-07-30
+
+* BREAKING
+  * Better logging (#6038) (#6095)
+* SECURITY
+  * Shadow the password on cache and session config on admin panel (#7300)
+  * Fix markdown invoke sequence (#7513) (#7560)
+  * Reserve .well-known username (#7638)
+  * Do not leak secrets via timing side channel (#7364)
+  * Ensure that decryption of cookie actually suceeds (#7363)
+* FEATURES
+  * Content API for Creating, Updating, Deleting Files (#6314)
+  * Enable tls-alpn-01: Use certmanager provided TLSConfig for LetsEncrypt (#7229)
+  * Add command to convert mysql database from utf8 to utf8mb4 (#7144)
+  * Fixes #2738 - Adds the /git/tags API endpoint (#7138)
+  * Compare branches, commits and tags with each other (#6991)
+  * Show Pull Request button or status of latest PR in branch list (#6990)
+  * Repository avatars (#6986)
+  * Show git-notes (#6984)
+  * Add commit statuses reports on pull request view (#6845)
+  * Number of commits ahead/behind in branch overview (#6695)
+  * Add CLI commands to manage LDAP authentication source (#6681)
+  * Add support for MS Teams webhooks (#6632)
+  * OAuth2 Grant UI (#6625)
+  * Add SUBJECT_PREFIX mailer config option (#6605)
+  * Include custom configuration file in dump (#6516)
+  * Add API for manipulating Git hooks (#6436)
+  * Improve migrations to support migrating milestones/labels/issues/comments/pullrequests (#6290)
+  * Add option to blame files (#5721)
+  * Implement Default Webhooks (#4299)
+  * Telegram webhook (#4227)
+* BUGFIXES
+  * Send webhook after commit when creating issue with assignees (#7681) (#7684)
+  * Upgrade macaron/captcha to fix random error problem (#7407) (#7683)
+  * Move add to hook queue for created repo to outside xorm session. (#7682) (#7675)
+  * Show protection symbol if needed on default branch (#7660) (#7668)
+  * Hide delete/restore button on archived repos (#7660)
+  * Fix bug on migrating milestone from github (#7665) (#7666)
+  * Use flex to fix floating paginate (#7656) (#7662)
+  * Change length of some repository's columns (#7652) (#7655)
+  * Fix wrong email when use gitea as OAuth2 provider (#7640) (#7647)
+  * Fix syntax highlight initialization (#7617) (#7626)
+  * Fix bug create/edit wiki pages when code master branch protected (#7580) (#7623)
+  * Fix panic on push at #7611 (#7615) (#7618)
+  * Handle ErrUserProhibitLogin in http git (#7586, #7591) (#7590)
+  * Fix color of split-diff view in dark theme (#7587) (#7589)
+  * Fix file header overflow in file and blame views (#7562) (#7579)
+  * Malformed URLs in API git/commits response (#7565) (#7567)
+  * Fix empty commits now showing in repo overview (#7521) (#7563)
+  * Fix repository's pull request count error (#7518) (#7524)
+  * Remove duplicated webhook trigger (#7511) (#7516)
+  * Handles all redirects for Web UI File CRUD (#7478) (#7507)
+  * Fix regex for issues in commit messages (#7444) (#7466)
+  * cmd/serv: actually exit after fatal errors (#7458) (#7460)
+  * Fix an issue with some pages throwing 'not defined' js exceptions #7450 (#7453)
+  * Fix Dropzone.js integration (#7445) (#7448)
+  * Create class for inline positioned lists (#7439) (#7393)
+  * Diff: Fix indentation on unhighlighted code (#7435) (#7443)
+  * jQuery 3 (#7442) (#7425)
+  * Only show "New Pull Request" button if repo allows pulls (#7426) (#7432)
+  * Fix vendor references (#7394) (#7396)
+  * Only return head: null if source branch was deleted (#6705) (#7376)
+  * Add missing template variable on organisation settings (#7386) (#7385)
+  * Fix post parameter on issue list which had unset assignee (#7380) (#7383)
+  * Fix migration tests due to issue 7 being resolved (#7375) (#7381)
+  * Correctly adjust mirror url (#6593)
+  * Handle early git version's lack of get-url (#7065)
+  * Fix icon position in issue view (#7354)
+  * Cut timeline length with last element on issue view (#7355)
+  * Fix mirror repository webhooks (#7366)
+  * Fix api route for hooks (#7346)
+  * Fix bug conflict between SyncReleasesWithTags and InsertReleases (#7337)
+  * Fix pull view ui merge section (#7335)
+  * Fix 7303 - remove unnessesary buttons on archived repos (#7326)
+  * Fix topic bar to allow prefixes (#7325)
+  * Fixes #7152 - Allow create/update/delete message to be empty, use default message (#7324)
+  * Fixes #7238 - Annotated tag commit ID incorrect (#7321)
+  * Dark theme fixes (#7319)
+  * Gitea own dark codemirror theme (#7317)
+  * Fixes #7292 - API File Contents bug (#7301)
+  * Fix API link header (#7298)
+  * Fix extra newlines when copying from diff in Firefox (#7288)
+  * Make diff line-marker non-selectable (#7279)
+  * Fix Submodule dection in subdir (#7275)
+  * Fix error log when loading issues caused by a xorm bug (#7271)
+  * Add .fa icon margin like .octicon (#7258)
+  * Fix hljs unintenionally highlighting commit links (#7244)
+  * Only check and config git on web subcommand but not others (#7236)
+  * Fix migration panic when Head.User is not exist (#7226)
+  * Only warn on errors in deleting LFS orphaned files during repo deletion (#7213)
+  * Fix duplicated file on pull request conflicted files (#7211)
+  * Allow colon between fixing word and issue (#7207)
+  * Fix overflow issues in repo (#7190)
+  * API error cleanup (#7186)
+  * Add error for fork already existing (#7185)
+  * Fixes diff on merged pull requests (#7171)
+  * If milestone id is zero don't get it from database (#7169)
+  * Fix pusher name via ssh push (#7167)
+  * Fix database lock when use random repository fallback image (#7166)
+  * Various fixes for issue mail notifications (#7165)
+  * Allow archived repos to be (un)starred and (un)watched (#7163)
+  * Fix GCArgs load from ini (#7156)
+  * Detect noreply email address as user (#7133)
+  * Avoid arbitrary format strings upon calling fail() function (#7112)
+  * Validate External Tracker URL Format (#7089)
+  * Repository avatar fallback configuration (#7087)
+  * Fix #732: Add LFS objects to base repository on merging  (#7082)
+  * Install page - Handle invalid administrator username better (#7060)
+  * Workaround for posting single comments in split diff view (#7052)
+  * Fix possbile mysql invalid connnection error (#7051)
+  * Fix charset was not saved after installation finished (#7048)
+  * Handle insecure and ports in go get (#7041)
+  * Avoid bad database state after failed migration (#7040)
+  * Fix wrong init dependency on markup extensions (#7038)
+  * Fix default for allowing new organization creation for new users (#7017)
+  * Fix content download and /verify LFS handler expecting wrong content-type (#7015)
+  * Fix missing repo description when migrating (#7000)
+  * Fix LFS Locks over SSH (#6999)
+  * Do not attempt to return blob on submodule (#6996)
+  * Fix U2F for Chrome >= 74 (#6980)
+  * Fix index produces problem when issues/pulls deleted (#6973)
+  * Allow collaborators to view repo owned by private org (#6965)
+  * Stop running hooks on pr merge (#6963)
+  * Run hooks on merge/edit and cope with protected branches (#6961)
+  * Webhook Logs show proper HTTP Method, and allow change HTTP method in form (#6953)
+  * Stop colorizing log files by default (#6949)
+  * Rotate serv.log, http.log and hook logs and stop stacktracing in these (#6935)
+  * Fix plain text overflow line wrap (#6915)
+  * Fix input size for dependency select (#6913)
+  * Change drone token name to let users know to use oauth2 (#6912)
+  * Fix syntax highlight in blame view #6895 (#6909)
+  * Use AppURL for Oauth user link (#6894)
+  * Fixes #6881 - API users search fix (#6882)
+  * Fix 404 when send pull request some situation  (#6871)
+  * Enforce osusergo build tag for releases (#6862)
+  * Fix 500 when reviewer is deleted with integration tests (#6856)
+  * Fix v85.go (#6851)
+  * Make dropTableColumns drop columns on sqlite and constraints on all (#6849)
+  * Fix double-generation of scratch token (#6832) (#6833)
+  * When mirroring we should set the remote to mirror (#6824)
+  * Fix the v78 migration "Drop is_bare" on MSSQL #6707 (#6823)
+  * Change verbose flag in dump command to avoid colliding with global version flag (#6822)
+  * Fix #6813: Allow git.GetTree to take both commit and tree names (#6816)
+  * Remove `seen` map from `getLastCommitForPaths` (#6807)
+  * Show scrollbar only when needed (#6802)
+  * Restore IsWindows variable assignment (#6722) (#6790)
+  * Service worker js is a missing comma (#6788)
+  * Fix team edit API panic (#6780)
+  * Set user search base field optional in LDAP (simple auth) edit page (#6779)
+  * Ignore already existing public keys after ldap sync (#6766)
+  * Fix pulls broken when fork repository deleted (#6754)
+  * Fix missing return (#6751)
+  * Fix new team 500 (#6749)
+  * OAuth2 token can be used in basic auth (#6747)
+  * Fix org visibility bug when git cloning (#6743)
+  * Fix bug when sort repos on org home page login with non-admin (#6741)
+  * Stricter domain name pattern in email regex (#6739)
+  * Fix admin template error (#6737)
+  * Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736)
+  * UI: Detect and restore encoding and BOM in content  (#6727)
+  * Load issue attributes when editing an issue with API (#6723)
+  * Fix team members API (#6714)
+  * Unfortunately MemProvider Init does not actually Init properly (#6692)
+  * Fix partial reversion of #6657 caused by #6314 (#6685)
+  * Prevent creating empty sessions (#6677)
+  * Fixes #6659 - Swagger schemes selection default to page's protocol (#6660)
+  * Update highlight.js to 9.15.6 (#6658)
+  * Properly escape on the redirect from the web editor (#6657)
+  * Fix #6655 - Don't EscapePound .Link as it is already escaped (#6656)
+  * Use ctx.metas for SHA hash links (#6645)
+  * Fix wrong GPG expire date (#6643)
+  * upgrade version of lib/pq to v1.1.0 (#6640)
+  * Fix forking an empty repository (#6637)
+  * Fix issuer of OTP URI should be URI-encoded. (#6634)
+  * Return a UserList from /api/v1/admin/users (#6629)
+  * Add json tags for oauth2 form (#6627)
+  * Remove extra slash from twitter card (#6619)
+  * remove bash requirement in makefile (#6617)
+  * Fix Open Graph og:image link (#6612)
+  * Fix cross-compile builds (#6609)
+  * Change commit summary to full message in API (#6591)
+  * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579)
+  * Prevent server 500 on compare branches with no common history (#6555)
+  * Properly escape release attachment URL (#6512)
+  * Delete local branch when repo branch is deleted (#6497)
+  * Fix bug when user login and want to resend register confirmation email (#6482)
+  * Fix upload attachments (#6481)
+  * Avoid multi-clicks in oauth2 login (#6467)
+  * Hacky fix for alignment of the create-organization dialog (#6455)
+  * Change order that PostProcess Processors are run (#6445)
+  * Clean up ref name rules (#6437)
+  * Fix Hook & HookList in Swagger (#6432)
+  * Fixed unitTypeCode not being used in accessLevelUnit (#6419)
+  * Display correct error for invalid mirror interval (#6414)
+  * Don't Unescape redirect_to cookie value (#6399)
+  * Fix dump table name error and add some test for dump database (#6394)
+  * Fix migrations 82 to ignore unsynced tags between database and git data and missing is_archived on repository table (#6387)
+  * Make sure units of a team are returned (#6379)
+  * Fix bug manifest.json will not request with cookie so that session will created every request (#6372)
+  * Disable benchmarking during tag events on DroneIO (#6365)
+  * Comments list performance optimization (#5305)
+* ENHANCEMENTS
+  * Update Drone docker generation to standard format (#7480) (#7496) (#7504)
+  * Add API Endpoint for Repo Edit (#7006)
+  * Add state param to milestone listing API (#7131)
+  * Make captcha and password optional for external accounts (#6606)
+  * Detect migrating batch size (#7353)
+  * Fix 7255 - wrap long texts on user profile info (#7333)
+  * Use commit graph files for listing pages (#7314)
+  * Add git command line commitgraph support global default true when git version >= 2.18 (#7313)
+  * Add LFS_START_SERVER option to control git-lfs support (#7281)
+  * Dark theme markdown fixes (#7260)
+  * Update go-git to v4.12.0 (#7249)
+  * Show lfs config on admin panel (#7220)
+  * Disable same user check for internal SSH (#7215)
+  * Add LastLogin to the User API (#7196)
+  * Add missing description of label on API (#7159)
+  * Use go method to calculate ssh key fingerprint (#7128)
+  * Enable Rust highlighting (#7125)
+  * Refactor submodule URL parsing (#7100)
+  * Change issue mail title. (#7064)
+  * Use batch insert on migrating repository to make the process faster (#7050)
+  * Improve github downloader on migrations (#7049)
+  * When git version >= 2.18, git command could run with git wire protocol version 2 param if enabled (#7047)
+  * Fix Erlang and Elixir highlight mappings (#7044)
+  * API Org Visibility (#7028)
+  * Improve handling of non-square avatars (#7025)
+  * Bugfix: Align comment label and actions to the right (#7024)
+  * Change UpdateRepoIndex api to include watchers (#7012)
+  * Move serv hook functionality & drop GitLogger (#6993)
+  * Add support of utf8mb4 for mysql (#6992)
+  * Make webhook http connections resuable (#6976)
+  * Move xorm logger bridge from log to models so that log module could be a standalone package (#6944)
+  * Refactor models.NewRepoContext to extract git related codes to modules/git (#6941)
+  * Remove macaron dependent on models (#6940)
+  * Add less linter via npx (#6936)
+  * Remove macaron dependent on modules/log (#6933)
+  * Remove macaron dependent on models/mail.go (#6931)
+  * Clean less files (#6921)
+  * Fix code overflow (#6914)
+  * Style orgs list in user profile (#6911)
+  * Improve description of branch protection (fix #6886) (#6906)
+  * Move sdk structs to modules/structs (#6905)
+  * update sdk to latest (#6903)
+  * Escape the commit message on issues update and title in telegram hook (#6901)
+  * SearchRepositoryByName improvements and unification (#6897)
+  * Change the color of issues/pulls list, merged is purple and closed is red (#6874)
+  * Refactor table width to have more info shown in file list (#6867)
+  * Monitor all git commands; move blame to git package and replace git as a variable (#6864)
+  * Fix config ui error about cache ttl (#6861)
+  * Improve localization of git activity stats (#6848)
+  * Generate access token in admin cli (#6847)
+  * Update github.com/urfave/cli to version 1.2.0 (#6838)
+  * Rename LFS_JWT_SECRET cli option to include OAUTH2 as well (#6826)
+  * internal/ssh: ignore env command totally (#6825)
+  * Allow Recaptcha service url to be configured (#6820)
+  * update github.com/mcuadros/go-version to v0.0.0-20190308113854-92cdf37c5b75 (#6815)
+  * Use modules/git for git commands (#6775)
+  * Add GET requests to webhook (#6771)
+  * Move PushUpdate dependency from models to repofiles (#6763)
+  * Tweak tab text and icon colors (#6760)
+  * Ignore non-standard refs in git push (#6758)
+  * Disable web preview for telegram webhook (#6719)
+  * Show full name if DEFAULT_SHOW_FULL_NAME setting enabled (#6710)
+  * Reorder file actions (#6706)
+  * README WordPress the code is overflowing #6679 (#6696)
+  * Improve issue reference on commit (#6694)
+  * Handle redirects for git clone commands (#6688)
+  * Fix one performance/correctness regression in #6478 found on Rails repository. (#6686)
+  * API OTP Context (#6674)
+  * Remove local clones & make hooks run on merge/edit/upload (#6672)
+  * Bump github.com/stretchr/testify from 1.2.2 to 1.3.0 (#6663)
+  * Bump gopkg.in/src-d/go-git.v4 from 4.8.0 to 4.10.0 (#6662)
+  * Fix dropdown icon padding (#6651)
+  * Add more title attributes on shortened names (#6647)
+  * Update UI for topics labels on projects (#6639)
+  * Trace Logging on Permission Denied & ColorFormat (#6618)
+  * Add .gpg url (match github behaviour) (#6610)
+  * Support for custom GITEA_CUSTOM env var in docker(#6608)
+  * Show "delete branch" button on closed pull requests (#6570) (#6601)
+  * Add option to disable refresh token invalidation (#6584)
+  * Fix new repo dropdown alignment (#6583)
+  * Fix mail notification when close/reopen issue (#6581)
+  * Pre-calculate the absolute path of git (#6575)
+  * Minor CSS cleanup for the navbar (#6553)
+  * Render SHA1 links as code blocks (#6546)
+  * Add username flag in create-user command (#6534)
+  * Unifies pagination template usage (#6531) (#6533)
+  * Fixes pagination width on mobile view (#5711) (#6532)
+  * Improve SHA1 link detection (#6526)
+  * Fixes #6446 - Sort team members and team's repositories (#6525)
+  * Use stricter boundaries for auto-link detection (#6522)
+  * Use regular line-height on frontpage entries (#6518)
+  * Fixes #6514 - New Pull Request on files and pulls pages the same (#6515)
+  * Make distinction between DisplayName and Username in email templates (#6495)
+  * Add X-Auto-Response-Suppress header to outgoing messages (#6492)
+  * Cleaned permission checks for API -> site admin can now do anything (#6483)
+  * Support search operators for commits search (#6479)
+  * Improve listing performance by using go-git (#6478)
+  * Fix repo sub_menu font color in arc-green (#6477)
+  * Show last commit status in pull request lists (#6465)
+  * Add signatures to webhooks (#6428)
+  * Optimize all images in public/img (#6427)
+  * Add golangci (#6418)
+  * Make "Ghost" not link to 404 page (#6410)
+  * Include more variables on admin/config page (#6378)
+  * Markdown: enable some more extensions (#6362)
+  * Include repo name in page title tag (#6343)
+  * Show locale string on timestamp (#6324)
+  * Handle CORS requests (#6289)
+  * Improve issue autolinks (#6273)
+  * Migration Tweaks (#6260)
+  * Add title attributes to all items in the repo list viewer (#6258)
+  * Issue indexer queue redis support (#6218)
+  * Add bio field for user (#6113)
+  * Make the version within makefile overwriteable (#6080)
+  * Updates to API 404 responses (#6077)
+  * Use Go1.11 module (#5743)
+  * UX + Security current user password reset (#5042)
+  * Refactor: append, build variable and type switch (#4940)
+  * Git statistics in Activity tab (#4724)
+  * Drop the bits argument when generating an ed25519 key (#6504)
+* TESTING
+  * Exclude pull_request from fetch-tags step, fixes #7108 (#7120)
+  * Refactor and improve git test (#7086)
+  * Fix TestSearchRepo by waiting till indexing is done (#7004)
+  * Add mssql migration tests (needs #6823) (#6852)
+  * Add tests for Org API (#6731)
+  * Context.ServerError and NotFound should log from their caller (#6550)
+* TRANSLATION
+  * Add french specific rule for translating plural texts (#6846)
+* BUILD
+  * Update mssql driver to last working version 20180314172330-6a30f4e59a44 (#7306)
+  * Alpine 3.10 (#7256)
+  * Use vfsgen instead of go-bindata (#7080)
+  * remove and disable package-lock (#6969)
+  * add make targets for js and css, add js linter (#6952)
+  * Added tags pull step to drone config to show correct version hashes i… (#6836)
+  * Make CustomPath, CustomConf and AppWorkPath configurable at build (#6631)
+  * chore: update drone format to 1.0 (#6602)
+  * Fix race in integration testlogger (#6556)
+  * Quieter Integration Tests (#6513)
+  * Drop the docker Makefile from the image (#6507)
+  * Add make version on gitea version (#6485)
+  * Fix #6468 - Uses space match and adds newline for all sed flavors (#6473)
+  * Move code.gitea.io/git to code.gitea.io/gitea/modules/git (#6364)
+  * Update npm dependencies and various tweaks (#7344)
+  * Fix updated drone file (#7336)
+  * Add 'npm' and 'npm-update' make targets and lockfile (#7246)
+* DOCS
+  * Add work path CLI option (#6922)
+  * Fix logging documentation (#6904)
+  * Some logging documentation (#6498)
+  * Fix link to Hacking on Gitea on From-Source doc page (#6471)
+  * Fix typos in docs command-line examples (#6466)
+  * Added docker example for backup (#5846)
+
+## [1.8.3](https://github.com/go-gitea/gitea/releases/tag/v1.8.3) - 2019-06-17
+
+* BUGFIXES
+  * Always set userID on LFS authentication (#7224) (Part of #6993)
+  * Fix LFS Locks over SSH (#6999) (#7223)
+  * Fix duplicated file on pull request conflicted files (#7211) (#7214)
+  * Detect noreply email address as user (#7133) (#7195)
+  * Don't get milestone from DB if ID is zero (#7169) (#7174)
+  * Allow archived repos to be (un)starred and (un)watched (#7163) (#7168)
+  * Fix GCArgs load from ini (#7156) (#7157)
+
+## [1.8.2](https://github.com/go-gitea/gitea/releases/tag/v1.8.2) - 2019-05-29
+
+* BUGFIXES
+  * Fix possbile mysql invalid connnection error (#7051) (#7071)
+  * Handle invalid administrator username on install page (#7060) (#7063)
+  * Disable arm7 builds (#7037) (#7042)
+  * Fix default for allowing new organization creation for new users (#7017) (#7034)
+  * SearchRepositoryByName improvements and unification (#6897) (#7002)
+  * Fix u2f registrationlist ToRegistrations() method (#6980) (#6982)
+  * Allow collaborators to view repo owned by private org (#6965) (#6968)
+  * Use AppURL for Oauth user link (#6894) (#6925)
+  * Escape the commit message on issues update (#6901) (#6902)
+  * Fix regression for API users search (#6882) (#6885)
+  * Handle early git version's lack of get-url (#7065) (#7076)
+  * Fix wrong init dependency on markup extensions (#7038) (#7074)
+
+## [1.8.1](https://github.com/go-gitea/gitea/releases/tag/v1.8.1) - 2019-05-08
+
+* BUGFIXES
+  * Fix 404 when sending pull requests in some situations (#6871) (#6873)
+  * Enforce osusergo build tag for releases (#6862) (#6869)
+  * Don't post process commit summary in templates (#6842) (#6868)
+  * Fix 500 when reviewer is deleted (#6856) (#6860)
+  * Fix v78 migration for MSSQL (#6823) (#6854)
+  * Added tags pull step to drone config to show correct version hashes (#6836) (#6839)
+  * Fix double-generation of scratch token (#6833) (#6835)
+  * When mirroring we should set the remote to mirror (#6824) (#6834)
+  * Show scrollbar only when needed (#6802) (#6803)
+  * Service worker js is missing a comma (#6788) (#6795)
+  * Set user search base field optional in LDAP (simple auth) edit page (#6779) (#6789)
+  * Fix team edit API panic (#6780) (#6785)
+  * Minor CSS cleanup for the navbar (#6553) (#6781)
+  * Stricter domain name pattern in email regex (#6739) (#6768)
+  * Detect and restore encoding and BOM in content (#6727) (#6765)
+  * Fix org visibility bug when git cloning (#6743) (#6762)
+  * OAuth2 token can be used in basic auth (#6747) (#6761)
+  * Fix missing return (#6751) (#6756)
+  * Fix sorting repos on org home page with non-admin login (#6741) (#6746)
+  * Drop is_bare IDX only when it exists for MySQL and MariaDB (#6736) (#6744)
+  * Fix team members API (#6714) (#6729)
+  * Load issue attributes when editing an issue with API (#6723) (#6725)
+  * Fix config ui error about cache ttl (#6861) (#6865)
+
+## [1.8.0](https://github.com/go-gitea/gitea/releases/tag/v1.8.0) - 2019-04-20
+
+* SECURITY
+  * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6594)
+  * Resolve 2FA bypass on API (#6676) (#6674)
+  * Prevent the creation of empty sessions for non-logged in users (#6690) (#6677)
+* BREAKING
+  * Add "ghost" and "notifications" to list of reserved user names. (#6208)
+  * Change sqlite DB path default to data directory (#6198)
+  * Adds MustChangePassword to user create/edit API (#6193)
+  * Disable redirect for i18n (#5910)
+  * Releases API paging (#5831)
+  * Allow Macaron to be set to log through to gitea.log (#5667)
+  * Don't close issues via commits on non-default branch (#5622)
+* FEATURES
+  * Add regenerate secret feature for oauth2 (#6291)
+  * Expose issue stopwatch toggling via API (#5970)
+  * Add other session providers (#5963)
+  * Pull request conflict files detection (#5951)
+  * Integrate OAuth2 Provider (#5378)
+  * Implement "conversation lock" for issue comments (#5073)
+  * Feature: Archive repos (#5009)
+  * Discord Oauth2 support (#4476)
+  * Allow to set organization visibility (public, internal, private) (#1763)
+  * Added URL mapping for Release attachments like on github.com (#1707)
+* ENHANCEMENTS
+  * Add support for client basic auth for exchanging access tokens (#6293)
+  * Add ability to sort issues by due date (#6206) (#6244)
+  * Style tweaks to issue selection (#6196)
+  * Increase Username and Orgname MaxSize 35 -> 40 (#6178)
+  * Coverage profile with multiple packages (#6167)
+  * Split setting.go to multiple files (#6154)
+  * Allow labels to contain emoji (#6063)
+  * Disable git fsck for mirrored repos by default (#6018)
+  * Add default time out for git operations (#6015)
+  * Split setting.go as multiple files (#6014)
+  * Make dashboard navbar and footer full-width (#6013)
+  * Add lang specific font stacks for CJK (#6007)
+  * Fix header menu misalignment (#6002)
+  * Enhance closed PR and Issue status in the list (#6000)
+  * Make navbar full width (#5998)
+  * Add option to close issues via commit on a non master branch (#5992)
+  * Support n as a line highlight prefix (#5987)
+  * Search for org repos (#3031) (#5986)
+  * Minor UI tweaks (#5980)
+  * Use native golang SSH library but ssh-keygen when enable built-in SSH server to remove dependent on that command lines (#5976)
+  * Dashboard tweaks (#5974)
+  * Fixes for repo topic editor (#5971)
+  * Display the branch name in the commit view (#5950)
+  * handle milestone events for issues and PR (#5947)
+  * Add label names as filter in issue search api (#5946)
+  * Repo header tweaks (#5945)
+  * Better support for long repo names (#5932)
+  * Fix wrapping long code lines (#5927)
+  * Change GPG Validation colors and remove inline CSS (#5404) (#5896)
+  * Fix "pulls.blocked_by_approvals" text (#5879)
+  * Rename reject to 'request changes' (#5858)
+  * Move input fields to add members to a team and repos to a team (#5853)
+  * Config option to disable automatic repo watching (#5852)
+  * New Issue ?body= query (#5851)
+  * Add API to list tags (#5850)
+  * Pagination for git tree API (#5838)
+  * Add InternalTokenURI to load InternalToken from an external file (#5812)
+  * Allow markdown files to read from the LFS (#5787)
+  * Add the ability to use multiple labels as filters (#5786)
+  * Adjust log settings when a user is not found. (#5771)
+  * Log IP of failed ssh connection (#5766)
+  * Moved defaults in defaults.go to setting.go (#5764)
+  * Make DB connect more robust (#5738)
+  * Add Default Pull Request Title (#5735)
+  * Refactor repo.isBare to repo.isEmpty #5629 (#5714)
+  * Add flag to skip repository dumping (#5695)
+  * Prioritize "readme.md" (#5691)
+  * Improve "Fork button" for guests by showing a pop up asking them to log in before forking (#5690)
+  * Allow for user specific themes (#5668)
+  * Display branch name in delete branch confirmation modal. (#5654)
+  * New API routes added (#5594)
+  * Refactor notification for indexer (#5111)
+  * Refactor mail notification (#5110)
+  * Show email if the authenticated user owns the profile page being requested for (#4981)
+  * Optimize pulls merging (#4921)
+  * Sort Repositories widget by most recently updated (#3963) (#4599)
+  * Allow markdown table to scroll (#4401)
+  * Automatically clear stopwatch on merging a PR (#4327)
+  * Add the Owner Name to differentiate when merging (#3807)
+  * Add title attributes to all items in the repo list viewer (#6258) (#6650)
+* BUGFIXES
+  * Fix dropdown icon padding (#6651) (#6654)
+  * Fix wrong GPG expire date (#6643) (#6644)
+  * Fix forking an empty repository (#6637) (#6653)
+  * Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
+  * Properly escape on the redirect from the web editor (#6657) (#6667)
+  * Allow resend of confirmation email when logged in (#6482) (#6486)
+  * Fix mail notification when close/reopen issue (#6581) (#6588)
+  * Change API commit summary to full message (#6591) (#6592)
+  * Add option to disable refresh token invalidation (#6584) (#6587)
+  * Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) (#6586)
+  * Fix new repo alignment (#6583) (#6585)
+  * Prevent server 500 on compare branches with no common history (#6555) (#6558)
+  * Properly escape release attachment URL (#6512) (#6523)
+  * Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
+  * Disable benchmarking during tag events on DroneIO (#6365) (#6366)
+  * Make sure units of a team are returned (#6379) (#6381)
+  * Don't Unescape redirect_to cookie value (#6399) (#6401)
+  * Fix dump table name error and add some test for dump database (#6394) (#6402)
+  * Fix migration v82 to ignore unsynced tags between database and git data; Add missing is_archived column on repository table (#6387) (#6403)
+  * Display correct error for invalid mirror interval (#6414) (#6429)
+  * Clean up ref name rules (#6437) (#6439)
+  * Fix Hook & HookList in Swagger (#6432) (#6440)
+  * Change order that PostProcess Processors are run (#6445) (#6447)
+  * Clean up various use of escape/unescape functions for URL generation (#6334)
+  * Return 409 when creating repo if it already exists. (#6330)
+  * Add same changes from issues page to milestone->issues page (#6328)
+  * Fix ParsePatch function to work with quoted diff --git strings (#6323)
+  * Fix reported issue in repo description (#6306)
+  * Use url.PathEscape to escape the branchname (#6304)
+  * Add robots.txt as reserved username (#6272)
+  * Replace linkRegex with xurls library (#6261)
+  * Remove visitLinksForShortLinks features (#6257)
+  * Add unit types to repo action URL to correctly show 404 when archived (#6247)
+  * Check organization visibility before everything else (#6234) (#6235)
+  * Prevent double-close of issues (#6233)
+  * Override xorm type mapping for U2F counter (#6232)
+  * Add isAdmin to user API response (#6231)
+  * Update git vendor to fix wrong release commit id and add migrations (#6224)
+  * Fix fork button (#6223)
+  * Fix renames over redirects (#6216)
+  * Fix display dashboard even if require to change password (#6214)
+  * Create a repo redirect when transferring ownership (#6210) (#6211)
+  * Fix issue update race condition (#6194)
+  * Fix bug when migrate repository 500 when repo is existed (#6188)
+  * Fix scrollbar always present on page body (#6177)
+  * Fix bug when set indexer as db and add tests (#6173)
+  * Modify linkRegex to require http|https (#6171)
+  * Fix bug user could change private repository to public when force private enabled. (#6156)
+  * Fix admin list user/org API (#6143)
+  * Make repo creation for API similar to UI (#6142)
+  * Make document body a flexbox (#6139)
+  * Refactor issue indexer, add some testing and fix a bug (#6131)
+  * Load Issue attributes for API call (#6122)
+  * Fix bug when update owner team then visit team's repo return 404 (#6119)
+  * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
+  * Show private organization for admin, fix #6111 (#6112)
+  * Fix prohibit login check on authorization (#6106)
+  * Move to ldap.v3 to fix #5928 (#6105)
+  * Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
+  * Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
+  * Make sure labels are actually returned (#6053)
+  * Fix panic: template: repo/issue/list:210: unexpected "=" in operand (#6041)
+  * After deleting a repo on admin panel, UI should remember the last sort type (#6033)
+  * Default create repository on organisation on its dashboard (#6026)
+  * Swagger: Remove spaces in MergePullRequestOption enum (#6016)
+  * Fix metrics auth token detection (#6006)
+  * Fix repo header issues (#5995)
+  * Fix bug when deleting a linked account will removed all (#5989)
+  * Make organization dropdown scrollable when using mouse wheel (#5988)
+  * Fix empty ssh key importing in ldap (#5984)
+  * Admin config page mailertype setting option update (#5973)
+  * Fix redirect loop during forced password change (#5965)
+  * Show user who created the repository instead of the organisation in action feed (#5948)
+  * Remove all CommitStatus when a repo is deleted (#5940)
+  * Fix ssh deploy and user key constraints (#1357) (#5939)
+  * Fix log output (#5938)
+  * Set PusherName and PusherID to owner on deploy key to fix pushing with deploy keys (#5935)
+  * Fix compare button (#5929)
+  * Fix bug when read public repo lfs file (#5912)
+  * Only allow local login if password is non-empty (#5906)
+  * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
+  * Provide better panic handling (#5902)
+  * Respect value of REQUIRE_SIGNIN_VIEW (#5901)
+  * Show a 404 not a 500 if a repo does not exist (#5900)
+  * Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
+  * Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
+  * Correct footer height if screen-width is to small (fixes #5878) (#5889)
+  * In gitea serv switch off console logger to fix #5866 (#5887)
+  * Don't allow pull requests to be created on an archived repository (#5883)
+  * Support reviews on a deleted file path (#5880)
+  * Fix compare button on upstream repo leading to 404 (#5877)
+  * Fix null pointer on not logged in attempt to Sudo (#5872)
+  * Fix new release creation API to allow empty target (#5870)
+  * Fix an error while adding a dependency via UI. (#5862)
+  * Fix failing migration v67 (#5849)
+  * Fix delete correct temp directory (#5839)
+  * Make sure .git/info is created before generating .git/info/sparse-che… (#5825)
+  * Fix topics saving internal error and disable for archived repos (#5821)
+  * Fix TLS errors when using acme/autocert for local connections (#5820)
+  * When creating new repository fsck option should be enabled (#5817)
+  * Request for public keys only if LDAP attribute is set  (#5816)
+  * Fix serving of raw wiki files other than .md (#5814)
+  * Fix migration 78 error mssql (#5791)
+  * Disallow empty titles (#5785)
+  * Fix the v78 migration script (#5776)
+  * Ensure valid git author names passed in signatures (#5774)
+  * Fix wrong assumption where a user is always said to have unassigned (her)himself (#5769)
+  * Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
+  * Fixing PostgreSQL dump creation (#5747)
+  * Add proper CORS preflight origin validation (#5740)
+  * Disable auto-migrate in docker container (#5730)
+  * In basic auth check for tokens before call UserSignIn (#5725)
+  * Pooled and buffered gzip implementation (#5722)
+  * Ensure that sessions are passed into queries that could use the database to prevent deadlocks (#5718)
+  * Keep file permissions during database migration (#5707)
+  * Use correct value for "MSpan Structures Obtained" #4742 (#5706)
+  * Refactor editor upload, update and delete to use git plumbing and add LFS support (#5702)
+  * Update xorm to fix issue #5659 and #5651 (#5680)
+  * Fix public will not be reused as public key after deleting as deploy key (#5671)
+  * When redirecting, clean the path (#5669)
+  * Don't list an issue on its own dependency list UI. (#5658)
+  * Fix commit page showing status for current default branch (#5649) (#5650)
+  * Only count users own actions for heatmap contributions (#5647)
+  * Fix sqlite deadlock when assigning to a PR (#5640)
+  * Refactor issue indexer (#5363)
+* TESTING
+  * Run benchmark at tag to track performances (#6035)
+  * Add test environment for MySQL8 (#5234)
+* BUILD
+  * Use go 1.12 for tests and deprecate go 1.9 (#6186)
+  * Makefile changes for Windows and easier development (#6103)
+  * Update bleve dependency to latest master revision (#6100)
+  * Switch to more recent build of xgo (#6070)
+  * Add autoprefixer to css build (#6029)
+  * Update the version of less (#6010)
+  * Make log mailer for testing (#5893)
+* DOCS
+  * Add more tests and docs for issue indexer, add db indexer type for searching from database (#6144)
+  * update default value of `--must-change-password` cli flag (#6032)
+  * Update and expand information about building Gitea (#6019)
+  * Update U2F Section of app.ini.sample (#5994)
+  * Update swagger for release API pagination (#5841)
+  * Added docs for the tree api (#5834)
+* MISC
+  * Add single commit API support (#5843)
+  * Add missing GET teams endpoints (#5382)
+  * Migrate database if app.ini found (#5290)
+
+## [1.7.6](https://github.com/go-gitea/gitea/releases/tag/v1.7.6) - 2019-04-12
+
+* SECURITY
+  * Prevent remote code execution vulnerability with mirror repo URL settings (#6593) (#6595)
+* BUGFIXES
+  * Allow resend of confirmation email when logged in (#6482) (#6487)
+
+## [1.7.5](https://github.com/go-gitea/gitea/releases/tag/v1.7.5) - 2019-03-27
+
+* BUGFIXES
+  * Fix unitTypeCode not being used in accessLevelUnit (#6419) (#6423)
+  * Fix bug where manifest.json was being requested without cookies and continuously creating new sessions (#6372) (#6383)
+  * Fix ParsePatch function to work with quoted diff --git strings (#6323) (#6332)
+
+## [1.7.4](https://github.com/go-gitea/gitea/releases/tag/v1.7.4) - 2019-03-12
+
+* SECURITY
+  * Fix potential XSS vulnerability in repository description. (#6306) (#6308)
+* BUGFIXES
+  * Fix wrong release commit id (#6224) (#6300)
+  * Fix panic on empty signed commits (#6292) (#6300)
+  * Fix organization dropdown not being scrollable when using mouse wheel (#5988) (#6246)
+  * Fix displaying dashboard even if required to change password (#6214) (#6215)
+
+## [1.7.3](https://github.com/go-gitea/gitea/releases/tag/v1.7.3) - 2019-02-27
+
+* BUGFIXES
+  * Fix server 500 when trying to migrate to an already existing repository (#6188) (#6197)
+  * Load Issue attributes for API /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
+  * Fix bug whereby user could change private repository to public when force private enabled. (#6156) (#6165)
+  * Fix bug when update owner team then visit team's repo return 404 (#6119) (#6166)
+  * Fix heatmap and repository menu display in Internet Explorer 9+ (#6117) (#6137)
+  * Fix prohibit login check on authorization (#6106) (#6115)
+  * Fix LDAP protocol error regression by moving to ldap.v3 (#6105) (#6107)
+  * Fix deadlock in webhook PullRequest (#6102) (#6104)
+  * Fix redirect loop when password change is required and Gitea is installed as a suburl (#5965) (#6101)
+  * Fix compare button regression (#5929) (#6098)
+  * Recover panic in orgmode.Render if bad orgfile (#4982) (#5903) (#6097)
+
+## [1.7.2](https://github.com/go-gitea/gitea/releases/tag/v1.7.2) - 2019-02-14
+
+* BUGFIXES
+  * Remove all CommitStatus when a repo is deleted (#5940) (#5941)
+  * Fix notifications on pushing with deploy keys by setting hook environment variables (#5935) (#5944)
+  * Silence console logger in gitea serv (#5887) (#5943)
+  * Handle milestone webhook events for issues and PR (#5947) (#5955)
+  * Show user who created the repository instead of the organization in action feed (#5948) (#5956)
+  * Fix ssh deploy and user key constraints (#1357) (#5939) (#5966)
+  * Fix bug when deleting a linked account will removed all (#5989) (#5990)
+  * Fix empty ssh key importing in ldap (#5984) (#6009)
+  * Fix metrics auth token detection (#6006) (#6017)
+  * Create repository on organisation by default on its dashboard (#6026) (#6048)
+  * Make sure labels are actually returned in API (#6053) (#6059)
+  * Switch to more recent build of xgo (#6070) (#6072)
+  * In basic auth check for tokens before call UserSignIn (#5725) (#6083)
+
+## [1.7.1](https://github.com/go-gitea/gitea/releases/tag/v1.7.1) - 2019-01-31
+
+* SECURITY
+  * Disable redirect for i18n (#5910) (#5916)
+  * Only allow local login if password is non-empty (#5906) (#5908)
+  * Fix go-get URL generation (#5905) (#5907)
+* BUGFIXES
+  * Fix TLS errors when using acme/autocert for local connections (#5820) (#5826)
+  * Request for public keys only if LDAP attribute is set (#5816) (#5819)
+  * Fix delete correct temp directory (#5840) (#5839)
+  * Fix an error while adding a dependency via UI (#5862) (#5876)
+  * Fix null pointer in attempt to Sudo if not logged in (#5872) (#5884)
+  * When creating new repository fsck option should be enabled (#5817) (#5885)
+  * Prevent nil dereference in mailIssueCommentToParticipants (#5891) (#5895) (#5894)
+  * Fix bug when read public repo lfs file (#5913) (#5912)
+  * Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
+  * Fix compare button on upstream repo leading to 404 (#5877) (#5914)
+* DOCS
+  * Added docs for the tree api (#5835)
+* MISC
+  * Include Go toolchain to --version (#5832) (#5830)
+
+## [1.7.0](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) - 2019-01-22
+
+* SECURITY
+  * Do not display the raw OpenID error in the UI (#5705) (#5712)
+  * When redirecting clean the path to avoid redirecting to external site (#5669) (#5679)
+  * Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BREAKING
+  * Restrict permission check on repositories and fix some problems (#5314)
+  * Show only opened milestones on issues page milestone filter (#5051)
+* FEATURES
+  * Implement git refs API for listing references (branches, tags and other) (#5354)
+  * Approvals at Branch Protection (#5350)
+  * Add raw blob endpoint to get objects by SHA ID (#5334)
+  * Add api for user to create org (#5268)
+  * Create AuthorizedKeysCommand (#5236)
+  * User action heatmap (#5131)
+  * Refactor heatmap to vue component (#5401)
+  * Webhook for Pull Request approval/rejection (#5027)
+  * Add command for migrating database (#4954)
+  * Search keyword by splitting provided values by , (#4939)
+  * Create Progressive Web App (#4730)
+  * Give user a link to create PR after push (#4716)
+  * Add rebase with merge commit merge style (#3844) (#4052)
+* BUGFIXES
+  * Disallow empty titles (#5785) (#5794)
+  * Fix sqlite deadlock when assigning to a PR (#5640) (#5642)
+  * Don't close issues via commits on non-default branch. (#5622) (#5643)
+  * Fix commit page showing status for current default branch (#5650) (#5653)
+  * Only count users own actions for heatmap contributions (#5647) (#5655)
+  * Update xorm to fix issue postgresql dumping issues (#5680) (#5692)
+  * Use correct value for "MSpan Structures Obtained" (#5706) (#5716)
+  * Fix bug on modifying sshd username (#5624)
+  * Delete tags in mirror which are removed for original repo. (#5609)
+  * Fix wrong text getting saved on editing second comment on an issue. (#5608)
+  * Fix nil pointer when adding a due date  (#5587)
+  * Fix type mismatch of format string (#5574)
+  * Fix bug on upload file name (#5571)
+  * Issue is not overdue when it is on the same date #5566 (#5568)
+  * Fix indexer reindex bug when gitea restart (#5563)
+  * Fix table name typo on SQL (#5562)
+  * Synchronize SSH keys on login with LDAP + Fix SQLite deadlock on ldap ssh key deletion (#5557)
+  * Fix makefile generate buildstep (#5556)
+  * Fix nil pointer base branch bug (#5555)
+  * Fix permission check on api create org (#5523)
+  * Fix detect force push failure on deletion of protected branches (#5522)
+  * Fix approvals limitation (#5521)
+  * Fix bug when a read perm user to edit his issue (#5516)
+  * Fix adding reaction fail for read permission user (#5515)
+  * Fixing MSSQL timestamp type (#5511)
+  * Fix forgot deletion of notification when delete repository (#5506)
+  * Fix empty wiki (#5504)
+  * Fix clone wiki failed via ssh (#5503)
+  * Fix code review on mssql (#5502)
+  * Fix lfs version check warning log when using ssh protocol (#5501)
+  * Fix topic name length on database (#5493)
+  * Ensure that the `closed_at` is set for closed issues (#5449)
+  * Admin should be able to delete repos via the API even if he is not a member of the organization (#5443)
+  * Word-Break the WebHook url to prevent a ui-break (#5432)
+  * Fix forgot removed records when deleting user (#5429)
+  * Fix repository deletion when there is large number of issues in it (#5426)
+  * Fix heatmap colors for Chrome/Safari (#5421)
+  * Fix password variable shadowing (#5405)
+  * Fix dependent issue searching when gitea is run in subpath (#5392)
+  * Don't force a password change for the admin user when creating an account via cli (#5391)
+  * API: '/orgs/:org/repos': return private repos with read access (#5383)
+  * Don't send assign webhooks when creating issue (#5365)
+  * Removing Labels via EditPullRequest API (#5348)
+  * Migration fixes for gogs (0.11.66) to gitea (1.6.0) #5318 (#5341)
+  * Fix bug when users have serval teams with different units on different repositories (#5307)
+  * Fix U2F if gitea is configured in subpath (#5302)
+  * Fix file edit change preview functionality (#5300)
+  * Update gitignore list (#5258)
+  * Fixed heatmap not working in mssql (#5248)
+  * Fixed wrong api request url for instances running in subfolders (#5247)
+  * Fix compatibility heatmap with mysql 8 (#5232)
+  * Fix data race on migrate repository (#5224)
+  * Fix sqlite and mssql lock (#5214)
+  * Fix sqlite lock (#5210)
+  * Fix: Accept web-command cli flags if web-command is commited (#5200)
+  * Fix: Add secret to all webhook's payload where it has been missing (#5199)
+  * Fix race on updatesize (#5190)
+  * Fix create team, update team missing units (#5188)
+  * Fix sqlite lock (#5184 & #5176)
+  * Fix showing pull request link when delete a branch (#5166)
+  * Fix JSON result of empty array in heatmap data array (#5154)
+  * Update build tags for sqlite_unlock notify (#5144)
+  * This commit will reduce join star, repo_topic, topic tables on repo search, so that fix extra columns problem on mssql (#5136)
+  * Fix deadlock when sqlite (#5118)
+  * Add comment replies (#5104)
+  * Fix home page template regression (#5102)
+  * Fix regex to support optional end line of old section in diff hunk (#5096)
+  * LDAP via simple auth separate bind user and search base (#5055)
+  * Fix markdown image with link (#4675)
+  * Fix to 3819 - Filtering issues by tags on main screen issues (#3824)
+* ENHANCEMENTS
+  * Delete organization endpoint added (#5601)
+  * Update Licenses (#5558)
+  * Support reverse proxy providing email (#5554)
+  * Add git protocol v2 support via SSH on Docker image (#5520)
+  * Add tests for api user orgs (#5494)
+  * Allow link verification for services like Mastodon (#5481)
+  * Improve team members and repositories settings UI (#5457)
+  * Remove the required class from optional ssh port in installation page (#5428)
+  * Explicitly disable Git credential helper (#5367)
+  * Setting Labels via EditPullRequest API (#5347)
+  * Implement pasting image from clipboard for browsers that supports that (#5317)
+  * Milestone issues and pull requests (#5293)
+  * Support envs on external render commands (#5278)
+  * Add option to disable automatic mirror syncing. (#5242)
+  * Remove unused db init on commands serv, update, hooks (#5225)
+  * Serve audio files using HTML5 audio tag (#5221)
+  * Pass link prefixes to external markup parsers (#5201)
+  * Add AutoHead functionality. (#5186)
+  * Fix emojis not showing in commit messages (#5168)
+  * Block registration based on email domain (#5157)
+  * Update vendor/go-sqlite3 (#5133 & #5162)
+  * Update x/net lib (#5169)
+  * Show review summary in pull requests (#5132)
+  * Use type switch (#5122)
+  * Remove duplicated if bodies (#5121)
+  * Remove check for negative length (#5120)
+  * Make switch more clear (#5119)
+  * Use named const instead of a raw string (#5115)
+  * Fix issue where ecdsa and other key types are not synced from LDAP (#5092) (#5094)
+  * Refactor: err != nil check, just return error instead (#5093)
+  * Add notification interface and refactor UI notifications (#5085)
+  * Use APP_NAME on home page (#5048)
+  * Explicitly decide whether to  use TLS in mailer's configuration (#5024)
+  * Generate random password (#5023)
+  * UX of link account (Step 1) (#5006)
+  * Make sure argsSet verifies string isn't empty too (#4980)
+  * Improve performance of dashboard (#4977)
+  * Keys API changes (#4960)
+  * Add must-change-password flag to cli for creating a user (#4955)
+  * Use native go method to get current user rather than environment variable (#4930)
+  * Make gitea serv use api/internal (#4886)
+  * Add support for search by uid (#4876)
+  * Allow to add organization members as collaborators on organization owned repositories (#4748)
+* TESTING
+  * Kill testing processes if the test takes too long (#5174)
+  * Update outdated Go toolchain version for .drone.yml (#5146)
+  * Increase the retry limit to 20 times and the interval to 200ms (#5134)
+  * Retry test-fixtures loading in case of transaction rollback (#5125)
+  * Added test environment for mssql (#4282)
+* BUILD
+  * Replace lint to revive (#5422)
+  * Update golang version in Dockerfile (#5246)
+* DOCS
+  * Typo in routers/api/v1/org/org.go fixed. (#5598)
+  * Update the docs for sqlite_unlock_notify (#5145)
+  * CN translation of docs part (#5049)
+  * Kubernetes deployment file (#5046)
+* MISC
+  * Upgrade alpine to 3.8 (#5423)
+  * Git-Trees API (#5403)
+  * Only chown directories during docker setup if necessary. Fix #4425 (#5064)
+
+## [1.6.4](https://github.com/go-gitea/gitea/releases/tag/v1.6.4) - 2019-01-15
+
+* BUGFIX
+  * Fix SSH key now can be reused as public key after deleting as deploy key (#5671) (#5685)
+  * When redirecting clean the path to avoid redirecting to external site (#5669) (#5703)
+  * Fix to use correct value for "MSpan Structures Obtained" (#5706) (#5715)
+
+## [1.6.3](https://github.com/go-gitea/gitea/releases/tag/v1.6.3) - 2019-01-04
+
+* SECURITY
+  * Prevent DeleteFilePost doing arbitrary deletion (#5631)
+* BUGFIX
+  * Fix wrong text getting saved on editing second comment on an issue (#5608)
+
+## [1.6.2](https://github.com/go-gitea/gitea/releases/tag/v1.6.2) - 2018-12-21
+
+* SECURITY
+  * Sanitize uploaded file names (#5571) (#5573)
+  * HTMLEncode user added text (#5570) (#5575)
+* BUGFIXES
+  * Fix indexer reindex bug when gitea restart (#5563) (#5564)
+  * Remove a double slash in the HTTPS redirect with Let's Encrypt (#5537) (#5539)
+  * Fix bug when a read perm user to edit his issue (#5516) (#5534)
+  * Detect force push failure on deletion of protected branches (#5522) (#5531)
+  * Let's Encrypt handler listens on correct port for certificate validation (#5525) (#5527)
+  * Fix forgot deletion of notification when delete repository (#5506) (#5514)
+  * Fix undeleted content when deleting user (#5429) (#5509)
+  * Fix empty wiki (#5504) (#5508)
+
+## [1.6.1](https://github.com/go-gitea/gitea/releases/tag/v1.6.1) - 2018-12-08
+
+* BUGFIXES
+  * Fix dependent issue searching when gitea is run in subpath (#5392) (#5400)
+  * API: '/orgs/:org/repos': return private repos with read access (#5393)
+  * Fix repository deletion when there is large number of issues in it (#5426) (#5434)
+  * Word-break the WebHook url to prevent a ui-break (#5445)
+  * Admin should be able to delete repos via the API even if they are not a member of the organization (#5443) (#5447)
+  * Ensure that the `closed_at` is set for closed (#5450)
+  * Fix topic name length on database (#5493) (#5495)
+
+## [1.6.0](https://github.com/go-gitea/gitea/releases/tag/v1.6.0) - 2018-11-22
+
+* BREAKING
+  * Respect email privacy option in user search via API (#4512)
+  * Simply remove tidb and deps (#3993)
+  * Swagger.v1.json template (#3572)
+* SECURITY
+  * Add CSRF checking to reqToken and add reqToken to admin API routes (#5272) (#5250)
+  * Improve URL validation for external wiki  and external issues (#4710)
+  * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)
+  * Don't disclose emails of all users when sending out emails (#4664)
+  * Check that repositories can only be migrated to own user or organizations (#4366)
+* FEATURES
+  * Add comment replies (#5147) (#5104)
+  * Pull request review/approval and comment on code (#3748)
+  * Added dependencies for issues (#2196) (#2531)
+  * Add the ability to have built in themes in Gitea and provide dark theme arc-green (#4198)
+  * Add sudo functionality to the API (#4809)
+  * Add oauth providers via cli (#4591)
+  * Disable merging a WIP Pull request (#4529)
+  * Force user to change password (#4489)
+  * Add letsencrypt to Gitea (#4189)
+  * Add push webhook support for mirrored repositories (#4127)
+  * Add csv file render support defaultly (#4105)
+  * Add Recaptcha functionality to Gitea (#4044)
+* ENHANCEMENTS
+  * Fix milestones sorted wrongly (#4987)
+  * Allow api to create tags for releases if they don't exist (#4890)
+  * Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
+  * Enforce token on api routes [fixed critical security issue #4357] (#4840)
+  * Update legacy branch and tag URLs in dashboard to new format (#4812)
+  * Slack webhook channel name cannot be empty or just contain an hashtag (#4786)
+  * Add whitespace handling to PR-comparsion (#4683)
+  * Make reverse proxy auth optional (#4643)
+  * MySQL TLS (#4642)
+  * Make sure to set PR split view when creating/previewing a pull request  (#4617)
+  * Log user in after a successful sign up (#4615)
+  * Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578)
+  * Allow admin toggle forcing a password change for newly created users (#4563)
+  * Update jQuery to v1.12.4 (#4551)
+  * Env var GITEA_PUSHER_EMAIL (#4516)
+  * Feat(repo): support search repository by topic name (#4505)
+  * Small improvements to dependency UI (#4503)
+  * Make max commits in graph configurable (#4498)
+  * Add valid for lfs oid (#4461)
+  * Add shortcut to save wiki page (#4452)
+  * Allow administrator to create repository for any organization (#4368)
+  * Fix repository last updated time update when delete a user who watched the repo (#4363)
+  * Switch plaintext scratch tokens to use hash instead (#4331)
+  * Increase default TOTP secret size to 320 bits (#4287)
+  * Keep preseeded database password (#4284)
+  * Implemented hover text showing user FullName (#4261)
+  * Add ability to delete a token (#4235)
+  * Fix typos in i18n variable names. (#4080)
+  * Api: repos/search: add parameters to control the sort order (#3964)
+  * Add missing path in the Docker app.ini template (#2181)
+  * Add file name and branch to page title (#4902)
+  * Offline use of google fonts (#4872)
+  * Add missing History link to directory listings v2 (#4829)
+  * Locale for Edit and Remove due date issue (#4802)
+  * Disable 'May Import Local Repository' when is disabled by setting (Is… (#4780)
+  * API /admin/users/{username} missing parameter (#4775)
+  * Display error when adding a user to a team twice (#4746)
+  * Remove UsePrivilegeSeparation from the Docker sshd_config, see #2876 (#4722)
+  * Focus title input when clicking helper link (#4696)
+  * Add vendor to user reserved words and format words list according alphabet (#4685)
+  * Add gitea/issues link to 500 page (#4654)
+  * Hide home button when landing page is not set to home (#4651)
+  * Remove link to GitHub issues in 404 template (#4639)
+  * Cmd/serve: pprof cpu and memory profile dumps to disk (#4560)
+  * Add flash message after an account has been successfully activated (#4510)
+  * Prevent html entity escaping on delete branch (#4471)
+  * Locale for button Edit on protected branch (#4442)
+  * Update notification icon (#4343)
+  * Added front-end topics validation (#4316)
+  * Don't display buttons if there are no system notifications (#4280)
+  * Issue due date api (#3890)
+* BUGFIXES
+  * dont' send assign webhooks when creating issue (#5365)
+  * Fix create team, update team missing units (#5188)
+  * Fix file edit change preview functionality (#5300)
+  * *ix bug when users have serval teams with different units on different repositories (#5307)
+  * Fix U2F if gitea is configured in subpath (#5302)
+  * Fix markdown image with link (#4675)
+  * Remove maxlines option for file logger (#5282)
+  * Fix wrong api request url for instances running in subfolders (#5261) (#5247)
+  * Accept web-command cli flags if web-command is commited (#5245) (#5200)
+  * Reduce join star, repo_topic, topic tables on repo search, to resolve extra columns problem on MSSQL (#5136) (#5229)
+  * Fix data race on migrate repository (#5224) (#5230)
+  * Add secret to all webhook's payload where it has been missing (#5208) (#5199)
+  * Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218) (#5176) (#5179)
+  * Fix race on updatesize (#5190) (#5215)
+  * Fix filtering issues by tags on main screen issues (#5219) (#3824)
+  * Fix SQL quoting (#5137) (#5117)
+  * Fix regex to support optional end line of old section in diff hunk (#5097) (#5096)
+  * Fix release creation via API (#5076)
+  * Remove links from topics in edit mode  (#5026)
+  * Fix missing AppSubUrl in few more templates (fixup) (#5021)
+  * Fix missing AppSubUrl in some templates (#5020)
+  * Hide outdated comments in file view (#5017)
+  * Upgrade gopkg.in/testfixtures.v2 (#4999)
+  * Disable debug routes unless PPROF is enabled in configuration (#4995)
+  * Fix user menu item styling (#4985)
+  * Fix layout of the topics editing form (#4971)
+  * Fix null pointer dereference in ParseCommitWithSignature (#4962)
+  * Fix url in discord webhook (#4953)
+  * Detect charset and convert non UTF-8 files for display (#4950)
+  * Make sure to catch the right error so it is displayed on the UI (#4945)
+  * Fix(topics): don't redirect to explore page. (#4938)
+  * Fix bug forget to remove Stopwatch when remove repository (#4928)
+  * Fix bug when repo remained bare if multiple branches pushed in single push (#4923)
+  * Fix: Crippled diff (#4726) (#4900)
+  * Fix trimming of markup section names (#4863)
+  * Issues api allow pulls and fix #4832 (#4852)
+  * Do not autocreate directory for new users/orgs (#4828) (#4849)
+  * Fix redirect with non-ascii branch names (#4764) (#4810)
+  * Fix missing release title in webhook (#4783) (#4796)
+  * User shouldn't be able to approve or reject his/her own PR (#4729)
+  * Make sure to reset commit count in the cache on mirror syncing (#4720)
+  * Fixed bug where team with admin privelege type doesn't get any unit  (#4719)
+  * Fix incorrect caption of webhook setting (#4701) (#4717)
+  * Allow WIP marker to contains < or > (#4709)
+  * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4680)
+  * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645)
+  * Fix custom templates being ignored (#4638)
+  * Fix starring icon after semantic ui update (#4628)
+  * Fix Split-View line adjustment (#4622)
+  * Fix integer constant overflows in tests (#4616)
+  * Push whitelist now doesn't apply to branch deletion (#4601) (#4607)
+  * Fix bugs when too many IN variables (#4594)
+  * Fix failure on creating pull request with assignees (#4419) (#4583)
+  * Fix panic issue on update avatar email (#4580) (#4581)
+  * Fix status code label for a successful webhook (#4540)
+  * An inactive user shouldn't be able to be added as a collaborator (#4535)
+  * Don't fail silently if trying to add a collaborator twice (#4533)
+  * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525)
+  * Fix out-of-transaction query in removeOrgUser (#4521) (#4522)
+  * Fix migration from older releases (#4495)
+  * Accept 'Data:' in commit graph (#4487)
+  * Update xorm to latest version and fix correct `user` table referencing in sql (#4473)
+  * Relative URLs for LibreJS page (#4460)
+  * Redirect to correct page after using scratch token (#4458)
+  * Fix column droping for MSSQL that need new transaction for that (#4440)
+  * Replace src with raw to fix image paths (#4377)
+  * Add default merge options when creating new repository (#4369)
+  * Fix docker build (#4358)
+  * Fixes repo membership check in API (#4341)
+  * Dep upgrade mysql lib (#4161)
+  * Fix some issues with special chars in branch names (#3767)
+  * Responsive design fixes (#4508)
+* TRANSLATION
+  * Fix punctuation in English translation (#4958)
+  * Fix translation (#4355)
+
+## [1.5.3](https://github.com/go-gitea/gitea/releases/tag/v1.5.3) - 2018-10-31
+
+* SECURITY
+  * Fix remote command execution vulnerability in upstream library (#5177) (#5196)
+
+## [1.5.2](https://github.com/go-gitea/gitea/releases/tag/v1.5.2) - 2018-10-09
+
+* SECURITY
+  * Enforce token on api routes (#4840) (#4905)
+* BUGFIXES
+  * Remove links from topics in edit mode (#5030)
+  * Detect charset and convert non UTF-8 files for display (#4950) (#4994)
+  * Fix layout of the topics editing form (#4971) (#4993)
+  * Fix null pointer dereference in ParseCommitWithSignature (#4964)
+  * Fix url in discord webhook (#4951)
+  * Fix font-cropping UI bug in diff (#4726) (#4929)
+  * Fix bug forget to remove Stopwatch when remove repository (#4933)
+  * Fix bug when repo remained bare if multiple branches pushed (#4927)
+  * Fix redirect with non-ascii branch names (#4764) (#4887)
+  * Fix issues api allow pulls (#4852) (#4862)
+  * Fix trimming of markup section names (#4864)
+
+## [1.5.1](https://github.com/go-gitea/gitea/releases/tag/v1.5.1) - 2018-09-03
+
+* SECURITY
+  * Don't disclose emails of all users when sending out emails (#4784)
+  * Improve URL validation for external wiki and external issues (#4710) (#4740)
+  * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
+* BUGFIXES
+  * Fix missing release title in webhook (#4783) (#4800)
+  * Make sure to reset commit count in the cache on mirror syncing (#4770)
+  * Fixed bug where team with admin privelege type doesn't get any unit (#4759)
+  * Fix failure on creating pull request with assignees (#4583) (#4727)
+  * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
+* TRANSLATION
+  * Fix incorrect caption of webhook setting (#4701) (#4718)
+
+## [1.5.0](https://github.com/go-gitea/gitea/releases/tag/v1.5.0) - 2018-08-10
+
+* SECURITY
+  * Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
+  * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
+  * Do not allow to reuse TOTP passcode (#3878)
+* BUGFIXES
+  * Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
+  * Redirect to correct page after using scratch token (#4458) (#4472)
+  * Replace src with raw to fix image paths (#4377) (#4386)
+  * Fixes repo membership check in API (#4341) (#4379)
+  * Add default merge options when adding new repository (#4369) (#4373)
+  * Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
+  * Fix html entity escaping in branch deletion message (#4471) (#4485)
+  * Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
+  * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519)
+  * Fix panic issue on update avatar email (#4580) (#4590)
+  * Fix bugs when too many IN variables (#4594) (#4597)
+  * Push whitelist now doesn't apply to branch deletion (#4601) (#4640)
+  * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650)
+* FEATURES
+  * Add cli commands to regen hooks & keys (#3979)
+  * Add support for FIDO U2F (#3971)
+  * Added user language setting (#3875)
+  * LDAP Public SSH Keys synchronization (#1844)
+  * Add topic support (#3711)
+  * Multiple assignees (#3705)
+  * Add protected branch whitelists for merging (#3689)
+  * Global code search support (#3664)
+  * Add label descriptions (#3662)
+  * Add issue search via API (#3612)
+  * Add repository setting to enable/disable health checks (#3607)
+  * Emoji Autocomplete (#3433)
+  * Implements generator cli for secrets (#3531)
+* ENHANCEMENTS
+  * Add more webhooks support and refactor webhook templates directory (#3929)
+  * Add new option to allow only OAuth2/OpenID user registration (#3910)
+  * Add option to use paged LDAP search when synchronizing users (#3895)
+  * Symlink icons (#1416)
+  * Improve release page UI (#3693)
+  * Add admin dashboard option to run health checks (#3606)
+  * Add branch link in branch list (#3576)
+  * Reduce sql query times in retrieveFeeds (#3547)
+  * Option to enable or disable swagger endpoints (#3502)
+  * Add missing licenses (#3497)
+  * Reduce repo indexer disk usage (#3452)
+  * Enable caching on assets and avatars (#3376)
+  * Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
+  * Add Environment Variables to Docker template (#4012)
+  * LFS: make HTTP auth period configurable (#4035)
+  * Add config path as an optionial flag when changing pass via CLI (#4184)
+  * Refactor User Settings sections (#3900)
+  * Allow square brackets in external issue patterns (#3408)
+  * Add Attachment API (#3478)
+  * Add EnableTimetracking option to app settings (#3719)
+  * Add config option to enable or disable log executed SQL (#3726)
+  * Shows total tracked time in issue and milestone list (#3341)
+* TRANSLATION
+  * Improve English grammar and consistency (#3614)
+* DEPLOYMENT
+  * Allow Gitea to run as different USER in Docker (#3961)
+  * Provide compressed release binaries (#3991)
+  * Sign release binaries (#4188)
+
+## [1.4.3](https://github.com/go-gitea/gitea/releases/tag/v1.4.3) - 2018-06-26
+
+* SECURITY
+  * HTML-escape plain-text READMEs (#4192) (#4214)
+  * Fix open redirect vulnerability on login screen (#4312) (#4312)
+* BUGFIXES
+  * Fix broken monitoring page when running processes are shown (#4203) (#4208)
+  * Fix delete comment bug (#4216) (#4228)
+  * Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
+  * Fix wiki URL encoding bug (#4091) (#4254)
+  * Fix code tab link when viewing tags (#3908) (#4263)
+  * Fix webhook type conflation (#4285) (#4285)
+
+## [1.4.2](https://github.com/go-gitea/gitea/releases/tag/v1.4.2) - 2018-06-04
+
+* BUGFIXES
+  * Adjust z-index for floating labels (#3939) (#3950)
+  * Add missing token validation on application settings page (#3976) #3978
+  * Webhook and hook_task clean up (#4006)
+  * Fix webhook bug of response info is not displayed in UI (#4023)
+  * Fix writer cannot read bare repo guide (#4033) (#4039)
+  * Don't force due date to current time (#3830) (#4057)
+  * Fix wiki redirects (#3919) (#4065)
+  * Fix attachment ENABLED (#4064) (#4066)
+  * Added deletion of an empty line at the end of file (#4054) (#4074)
+  * Use ResolveReference instead of path.Join (#4073)
+  * Fix #4081 Check for leading / in base before removing it (#4083)
+  * Respository's home page not updated after first push (#4075)
+
+## [1.4.1](https://github.com/go-gitea/gitea/releases/tag/v1.4.1) - 2018-05-03
+
+* BREAKING
+  * Add "error" as reserved username (#3882) (#3886)
+* SECURITY
+  * Do not allow inactive users to access repositories using private key (#3887) (#3889)
+  * Fix path cleanup in file editor, when initilizing new repository and LFS oids  (#3871) (#3873)
+  * Remove unnecessary allowed safe HTML (#3778) (#3779)
+  * Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
+* BUGFIXES
+  * Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
+  * Fix GPG expire time display when time is zero (#3584) (#3884)
+  * Fix to update only issue last update time when adding a comment (#3855) (#3860)
+  * Fix repository star count after deleting user (#3781) (#3783)
+  * Use the active branch for the code tab (#3720) (#3776)
+  * Set default branch name on first push (#3715) (#3723)
+  * Show clipboard button if disable HTTP of git protocol (#3773) (#3774)
+
+## [1.4.0](https://github.com/go-gitea/gitea/releases/tag/v1.4.0) - 2018-03-25
+
+* BREAKING
+  * Drop deprecated GOGS\_WORK\_DIR use (#2946)
+  * Fix API status code for hook creation (#2814)
+* SECURITY
+  * Escape branch name in dropdown menu (#3691) (#3692)
+  * Refactor and simplify to correctly validate redirect to URL (#3674) (#3676)
+  * Fix escaping changed title in comments (#3530) (#3534)
+ Ā * Escape search query (#3486) (#3488)
+  * Sanitize logs for mirror sync (#3057)
+* FEATURES
+  * Serve .patch and .diff for pull requests (#3305, #3293)
+  * Add repo-sync-releases admin command (#3254)
+  * Support default private when creating or migrating repository (#3239)
+  * Writable deploy keys (closes #671) (#3225)
+  * Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
+  * Added progressbar for issues with checkboxes (#1146). (#3171)
+  * Mention completion for issue editor. (#3136)
+  * Add 'mark all read' option to notifications (#3097)
+  * Git LFS lock api (#2938)
+  * Add reactions to issues/PR and comments (#2856)
+  * Add dingtalk webhook  (#2777)
+  * Responsive view (#2750)
+* BUGFIXES
+  * Fix wiki inter-links with spaces (#3560) (#3632)
+  * Fix query protected branch bug (#3563) (#3571)
+  * Fix remove team member issue (#3566) (#3570)
+  * Fix the protected branch panic issue (#3567) (#3569)
+  * If Mirrors repository no content is fetched, updated time should not be changed (#3551) (#3565)
+  * Bug fix for mirrored repository releases sorted (#3522) (#3555)
+  * Add issue closed time column to fix activity closed issues list (#3537) (#3540)
+ Ā * Update markbates/goth library to support OAuth2 with new dropbox API (#3533) (#3539)
+ Ā * Fixes missing avatars in offline mode (#3471) (#3477)
+ Ā * Fix synchronization bug in repo indexer (#3455) (#3461)
+ Ā * Fix rendering of wiki page list if wiki repo contains other files (#3454) (#3463)
+  * Fix webhook X-GitHub-* headers casing for better compatibility (#3429)
+  * Add content type and doctype to requests made with go-get (#3426, #3423)
+  * Fix SQL type error for webhooks (#3424)
+  * Fix PR merge error (#3421)
+  * Recognize more characters in crossreferenced repo name (#3413)
+  * Fix MSSQL bug on org (#3405)
+  * HTML escape all lines of the search result (#3402)
+  * Change local copy origin url after repository rename (#3399)
+  * Force-push to base repo's ref/pull/#/head (#3393)
+  * Fix bug when a user delete but assigned on issue (#3318)
+  * Use issue number/index instead of id for API URL. Fix #3297 (#3298)
+  * Fix repo-transfer-and-team-repo-count bug (#3241)
+  * Fix always-on SSL Mode checkbox in admin page (#3208)
+  * Fix source download link when no code unit allowed (#3166)
+  * Fix org owner cannot be removed if he is not in owner team (#3164)
+  * Fix run web with -p push failed (#3154)
+  * Fix gpg tmpl (#3153)
+  * Fix SSH auth lfs locks (#3152)
+  * Improvements for supporting UI Location (#3146)
+  * Fix new pull request link (#3133)
+  * Fix missing branch in release bug (#3108)
+  * Allow adding collaborators with (fullname) (#3103)
+  * Fix repo links (#3093)
+  * fix lfs url refs + keep path upper/lowercase in db. (#3092)
+  * Fix redis session failed (#3086)
+  * Fix bugs in issue dashboard stats (#3073)
+  * Fix avatar URLs (#3069)
+  * Fix ref parsing in commit messages (#3067)
+  * Fix issue list branch link broken (#3061)
+  * sendmail: correct option to set envelope-sender (#3044)
+  * Fix missing password length check when change password (#3039)
+  * Fix git lfs path (#3016)
+  * Fix API-Endpoint release (#3005) (#3012)
+  * Set OpenID support on by default when installing new instance (#3010)
+  * Various wiki bug fixes (#2996)
+  * Fix go-get, src and raw urls to new scheme (#2978)
+  * Fix error when add user has full name to team (#2973)
+  * Fix memcache support when value is returned as string always (#2924)
+* ENHANCEMENTS
+  * Use GiteaServer as the user agent for http requests (#3404)
+  * Delete indexer DB entries when (re)creating index (#3385)
+  * Change how merged PR commit info are prepared (#3368)
+  * Asynchronously populate the repo indexer (#3366)
+  * Make the default action for the gitea executable that of running the webserver (#3331)
+  * Templates for extra links in top navbar and repo tool tabs. (#3308)
+  * Fixed asterisk based tasklist items #3295 (#3296)
+  * Add more additional template snippets (#3286)
+  * Open external tracker in blank window, consistently with wiki (#3227)
+  * Fix repo links on user profile (#3197)
+  * Enable emoji for wiki view (#3158)
+  * Small improve on deleting attachements (#3145)
+  * Reduce overhead of upgrades for users with custom stylesheets/JS (#3051)
+  * Default log level to Info without hardcoding it in installer (#3041)
+  * Memory usage improvements (#3013)
+  * Add fingerprint to ssh key endpoints. (#3009)
+  * Improve memory usage when reaching diff limits (#2990)
+  * Expandable commit bodies (#2980)
+  * Update gitgraph.js to fix blurry commit graph on HiDPI screens (#2957)
+  * Fix language names (#2955)
+  * Remove render issue link (#2954)
+  * Page parameter for repo search API (#2915)
+  * Apply LANDING\_PAGE config options for logged in users (#2894)
+  * Enable admin to search by email (#2888)
+  * Hide add key button if SSH is disabled (#2873)
+  * Fix comment API paths (#2813)
+  * Add an option to allow redirect of http port 80 to https. (#1928)
+* MISC
+  * Fix organization profile on mobile devices (#3332)
+  * Fix guide link for webhooks in repository settings (#3291) (#3292)
+  * Enable Libravatar by default in new installations (#3287)
+  * Improve suppressed diff boxes (#3193)
+  * fix button heights on commits page (#3091)
+  * Minor copy changes (#3074)
+  * Sort repos in issues dashboard sidebar (#3072)
+  * Remove box-shadow from UI, fix dashboard issue (#3065)
+  * Adjust branch button size (#3063)
+  * Fix misalignment issue in repo header (#3062)
+  * Delete a user's public key via admin api (closes #3014) (#3059)
+  * Dashboard: Fix line height problem in issue titles (#3054)
+  * Remove duplicate "Max Diff Lines" from config view (#2987)
+  * Drop unmaintained gogs migration script (#2947)
+  * App restarts to quickly if it fails to start. (#2945)
+  * Add owner to delete repo message (#2886)
+
+## [1.3.1](https://github.com/go-gitea/gitea/releases/tag/v1.3.1) - 2017-12-08
+
+* BUGFIXES
+  * Sanitize logs for mirror sync (#3057, #3082) (#3078)
+  * Fix missing branch in release bug (#3108) (#3117)
+  * Fix repo indexer and submodule bug (#3107) (#3110)
+  * Fix legacy URL redirects (#3100) (#3106)
+  * Fix redis session failed (#3086) (#3089)
+  * Fix issue list branch link broken (#3061) (#3070)
+  * Fix missing password length check when change password (#3039) (#3071)
+
+## [1.3.0](https://github.com/go-gitea/gitea/releases/tag/v1.3.0) - 2017-11-29
+
+* BREAKING
+  * Make URL scheme unambiguous (#2408)
+* FEATURES
+  * Add branch overiew page (#2108)
+  * Code/repo search (#2582)
+  * Add Activity page to repository (#2674)
+  * Issue Timetracking (#2211)
+  * Add orgmode document type on file view and readme (#2525)
+  * Add external markup render support (#2570)
+  * Implementation of discord webhook (#2402)
+  * Webhooks for repo creation/deletion (#1663)
+  * Complete push webhooks (#2530)
+  * Add possibility to record branch information in an issue (#780)
+  * Create new branch from branch selection dropdown (#2130)
+  * Implementation of all repositories of a user from user->settings (#1740)
+  * Add LFS object verification step after upload (#2868)
+  * Configurable SSH cipher suite (#913)
+  * Disable custom Git Hooks globally via configuration file (#2450)
+  * Sync releases table with tags on push and for mirrors (#2459)
+* BUGFIXES
+  * Fix label comments for French locale (#3017)
+  * Remove duplicate "Max Diff Lines" from config view (#3001)
+  * Fix over-escaped characters (#2992)
+  * Fix go-get, src and raw urls to new scheme (#2986)
+  * Fix error when add user has full name to team (#2975)
+  * Fix files/commits of merged PRs (#2970)
+  * Update golang x/crypto dependencies - Fix SSH transport fail (#2951)
+  * Fix memcache support when value is returned as string always (#2950)
+  * Fix issue link rendering in commit messages (#2897)
+  * Fix adding a new authentication source after selecting OAuth (#2889)
+  * Fix new branch creation to new url scheme (#2884)
+  * Allow spaces in username for LDAP users (#2880)
+  * Fix LFS not returning correct content length when requesting a range … (#2864)
+  * Fix fork repository cycle to self (#2860)
+  * Fix click create pull request button 404 (#2859)
+  * Fix API raw file content access for default branch (#2849)
+  * Clean repository ROOT directory name with filepath.Clean (#2846)
+  * Fix API raw requests for commits and tags (#2841)
+  * Fix order of comments (#2835)
+  * Issue content should not be updated when closing with comment (#2833)
+  * Fix ordering in app.ini and fix run mode option (#2829)
+  * Fix redirect url of legacy commits route (#2825)
+  * Fix commits page url (#2823)
+  * Fix wrong translations (#2818)
+  * Fix dropdown menu position when explore repos (#2808)
+  * Fix Git LFS object/repo link storage in database and small refactoring (#2803)
+  * Use relative URLs for avatars on the dashboard (#2800)
+  * Add checks for commits with missing author and time (#2771)
+  * Fix emojify image URL (#2769)
+  * Hide unactive on explore users and some refactors (#2741)
+  * Fix IE unsupported javascript construction in branch dropdown (#2736)
+  * Only update mirror last update after successful sync (#2730)
+  * Fix semantic-ui style conflict with v-cloak (#2722)
+  * Fixing wrong translation on sort type oldest/latest (#2720)
+  * Fix PR, milestone and label functionality if issue unit is disabled (#2710)
+  * Fix plain readme didn't render correctly on repo home page (#2705)
+  * Fix organization removal from watch table migration (#2703)
+  * Fix repository search function (#2689)
+  * fix panic on gogs webhook creation (#2675)
+  * Fix orgnization user watch repository (#2670)
+  * GPG key email verification no longer case sensitive (#2661) (#2663)
+  * Fix index column deletion (#2651)
+  * table `pull_request` wasn't updated correctly (#2649)
+  * Fix go get response if only app URL is custom in configuration (#2634)
+  * Fix doubled issue tab introduced in migration v16 (#2611)
+  * Rewrite migrations to not depend on future code changes (#2604)
+  * Fix implementation of repo Home func (#2601)
+  * Fix translation upload to crowdin (#2599)
+  * Reduce usage of allcols on update (#2596)
+  * fix go get subpackage bug (#2584)
+  * Fix broken migration to add can_push field back to table (#2574)
+  * fix readme view bug (#2566)
+  * Fix sending mail with a non-latin display name. #2102 (#2559)
+  * Restricting access to fork functioanlity to users with Code access (#2534)
+  * fix updated update on public key (#2514)
+  * Added bucket name to s3 drone plugin (#2505)
+  * fixes 500 error on dashboard when using MSSQL (#2504)
+  * fix wrong rendering of commit detail page (#2503)
+  * Hotfix: Add time manually adds time in nanoseconds (#2499)
+  * Remove repository mirrors from "collaborative" list (#2497)
+  * fix release failed since the wrong token name (#2496)
+  * Fix slice out of bounds error in mailer (#2479)
+  * Fix #2470 (#2477)
+  * fix orgnization webhooks (#2422)
+  * fix webhook test (#2415)
+  * fix missing orgnization discord webhook (#2414)
+  * Fix route handler order (#2409)
+  * Prevent sending emails and notifications to inactive users (#2384)
+  * Move themes to plugin directory. Fixes #2372 (#2375)
+  * fix duplicated feed (#2370)
+  * Fix missing collabrative repos (#2367)
+  * Only check at least one email gpg key (#2266)
+  * don't check minimum key size when disabled (#1754)
+  * Fix run command race (#1470)
+  * fix .netrc authentication (#2700)
+  * Fix so that user can still fork his own repository to his organizations (#2699)
+  * Fix can_push value to false in protected_branch (#2560)
+  * Fix copy in email templates (#2801)
+  * Fix inconsistencies in user settings UI (#2901)
+  * Fix attachments icon size on zoom in/out (#2853)
+  * Fix ignored errors in API route (#2850)
+  * Fix activity css conflit with semantic ui (#2758)
+  * Fix notifications tabs according to semantic-ui docs (#2733)
+  * Fix typos in app.ini (#2732)
+  * Fix duplicated rel attribute (#2549)
+  * Fix tests code to prevent some runtime errors (#2381)
+* ENHANCEMENTS
+  * Memory usage improvements and lower minimal git requirement to 1.7.2 (#3013) (#3028)
+  * Set OpenID support on by default when installing new instance (#3010) (#3027)
+  * Use api.TrackedTime in API (#2807)
+  * Configurable SSH key exchange algorithm and MAC suite (#2806)
+  * Add Safari pinned tab icon (#2799)
+  * Improve force push detect when push (#2798)
+  * Add wrapping to long diff lines (#2789)
+  * Link members and repositories count to each page on org home. (#2787)
+  * Show Sendmail settings on admin config page (#2782)
+  * Add commit count caching (#2774)
+  * Use identicon image for default gravatar. (#2767)
+  * Add default ssh ciphers (#2761)
+  * Remove manual of unsupported option (#2757)
+  * Add search mode option to /api/repo/search (#2756)
+  * Move swagger-ui under /api/v1 (#2746)
+  * Add support for extra sendmail arguments (#2731)
+  * Use buffersize to reduce database connection when iterate (#2724)
+  * Render plain text README.txt monospaced (#2721)
+  * Integration test for activity page (#2704)
+  * Merge password and 2fa page on user settings (#2695)
+  * Allow custom SSH user in UI for built-in SSH server (#2617) (#2678)
+  * Refactor duplicated code in repo handlers (#2657)
+  * Replace deprecated Id method with ID (#2655)
+  * Remove redudant functions and code (#2652)
+  * hide navbar when only 1 sign-in method is available (#2444) (#2648)
+  * Change default sort order (#2647)
+  * Change pull description text (#2075) (#2646)
+  * Remove direct user adding to organization members (#2641)
+  * Use session when creating user (#2638)
+  * Use Semantic UI's Search component for user and repo search (#2636)
+  * Use AfterLoad instead of AfterSet on Structs (#2628)
+  * Remove redudant CheckUnit calls in router (#2627)
+  * Remove repo unit index (#2621)
+  * Remove redudant issue LoadAttributes() calls (#2614)
+  * Make indexer code more reusable (#2590)
+  * Use custom type and constants to hold available order by options (#2572)
+  * Use named ActionType constants in template helper (#2545)
+  * Make basic functionality work without JavaScript (#2541)
+  * Ctrl + Enter to submit forms (#2540)
+  * Automatically regenerate indexer for incompatible versions (#2524)
+  * Set default lfs content path to data/lfs (#2521)
+  * Convert spaces to tabs in footer.tmpl (#2520)
+  * Sort repository tree entries in natural way (#2506)
+  * Open external wiki in new window (#2489)
+  * Use created & updated instead BeforeInsert & BeforeUpdate (#2482)
+  * Hide branch on pull request view or create UI (#2454)
+  * improve protected branch to add whitelist support (#2451)
+  * some refactors for issue and comments (#2419)
+  * Restructure markup & markdown to prepare for multiple markup language… (#2411)
+  * Improve issue search (#2387)
+  * Add UseCompatSSHURI setting (#2356)
+  * Use custom search for each filter type in dashboard (#2343)
+  * Failed authentication are now properly logged (#2334)
+  * Add environment variable support for Docker image (#2201)
+  * Set session and indexers' data files rel to AppDataPath (#2192)
+  * Display commit status on landing page of repo (#1784)
+* TESTING
+  * Add integration test for logging out (#2892)
+  * Integration test for user deleting account (#2891)
+  * Use different directories for session files in integration tests (#2834)
+  * Add deleted_branch table fixture (#2832)
+  * Include HTTP method in test error message (#2815)
+  * Add repository search unit and integration tests (#2575)
+  * Expand fixtures (#2571)
+  * Fix /api/repo/search integration tests (#2550)
+  * Make integration tests more user-friendly (#2536)
+  * Fix unit test race condition (#2516)
+  * Add missing fixture to clean gpg_key table (#2494)
+  * Hotfix for integration testing (#2473)
+  * Make repo private to not interfere with other tests (#2467)
+  * Error message for integration test (#2410)
+  * Fix "index out of range" runtime error in repo_list tests (#2376)
+  * Add git clone test on integration test (#1682)
+* TRANSLATION
+  * Fix localization texts that contain semicolon (#2900)
+  * Fix activity locale (#2709)
+  * Update translation from crowdin (#2368)
+* BUILD
+  * change the email and name to GitBot account. (#2848)
+  * Fix removing backslash before quotes in translations (#2831)
+  * add gitea remote in drone. (#2817)
+  * add remote name for git push. (#2816)
+  * Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791)
+  * Download and pushing translations (#2727)
+  * Automatic update of translations (#2585)
+  * Add pre-build step for nodejs stuff (#2581)
+  * Compress css with nodejs (#2580)
+  * Remove go version check for make fmt (#2558)
+  * Fix lint errors (#2547)
+  * Always run fmt check in CI (#2546)
+  * Fix fmt errors (#2544)
+  * add codecov.io service. (#2493)
+  * Fix some tests : make coverage -> test (#2492)
+  * Fix fmt error in mailer (#2490)
+  * Allow changing integration test database connection using env variables (#2484)
+  * Add changelog config file for generate changelog (#2461)
+  * Changes for latest DroneCI (#2362)
+  * Use standard lessc and minify CSS using Node.js (#2337)
+* DOCS
+  * Update screenshots on README (#2910)
+  * Gogs -> Gitea (#2909)
+  * Update swagger documentation (#2899)
+  * Fix typo (#2810)
+  * Fix Polish language name spelling (#2766)
+  * Fix Various Grammar Issues and Adjust Unnatural Wording (#2737)
+  * Add maintainer label for docker file (#2658)
+  * Link to gitea-specific Vagrant example (#2624)
+  * add release notes of v1.1.4 (#2463)
+  * Wrap most paragraphs to 80 columns (#2396)
+  * Update CONTRIBUTING following #2329  discussion (#2394)
+  * Update hard-coded version to 1.3.0+dev (#2390)
+  * Clarify Translation Process. Also fix branch names (#2378)
+  * Admin grammar fixes and improvements (#2056)
+* MISC
+  * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779)
+  * Dockerfile: Updated alpine image to 3.6. (#2486)
+  * Basic VSCode configuration for building and debugging (#2483)
+  * Added vendor dir for js/css libs; Documented sources (#1484) (#2241)
+
+## [1.2.3](https://github.com/go-gitea/gitea/releases/tag/v1.2.3) - 2017-11-03
+
+* BUGFIXES
+  * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
+  * Fix order of comments (#2835) (#2839)
+
+## [1.2.2](https://github.com/go-gitea/gitea/releases/tag/v1.2.2) - 2017-10-26
+
+* BUGFIXES
+  * Add checks for commits with missing author and time (#2771) (#2785)
+  * Fix sending mail with a non-latin display name (#2559) (#2783)
+  * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
+  * Update vendor git (#2765) (#2772)
+  * Fix emojify image URL (#2769) (#2773)
+
+## [1.2.1](https://github.com/go-gitea/gitea/releases/tag/v1.2.1) - 2017-10-16
+
+* BUGFIXES
+  * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
+  * Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
+  * Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
+  * Fix .netrc authentication (#2700) (#2708)
+  * Fix slice out of bounds error in mailer (#2479) (#2696)
+
+## [1.2.0](https://github.com/go-gitea/gitea/releases/tag/v1.2.0) - 2017-10-10
+
+* SECURITY
+  * Sanitation fix from Gogs (#1461)
+* BREAKING
+  * Rename /forget_password url to /forgot_password (#1219)
+* FEATURES
+  * Logo: Add task to generate images from SVG and change to new logo (#2194)
+  * Status-API (#1332)
+  * Show commit status icon in commits table (#1688)
+  * Additional OAuth2 providers (#1010)
+  * GPG commit validation (#1150)
+  * Rework SSH key management UI to add GPG (#1293)
+  * Implement GPG api (#710)
+  * Login via OpenID-2.0 (#618)
+  * Add units to team (#947)
+  * Batch updates for issues (#926)
+  * Add Gitea Webhook (#1755)
+  * API: support '/orgs/:org/repos' (#2047)
+  * Display all organization from user settings (#1739)
+  * LDAP user synchronization (#1478)
+  * Adding #issuecomment to the URL in E-Mail notifications (#1674)
+  * Add download count field and unit testing for attachment. (#1512)
+  * Add repo mirror sync API endpoint (#1508)
+  * Add markup package to prepare for org markup format (#1493)
+  * Support for custom html meta  (#1423)
+  * Per issue/PR watch/unwatch (#1410)
+  * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
+  * Repo size in admin panel (#1482)
+  * Show user OpenID URIs in their profile (#1314)
+  * Add change-password admin command (#1304)
+  * Only use issue and wiki on repo. (#1297)
+  * Allow push to init a wiki repo (#1279)
+* ENHANCEMENTS
+  * Make time diff translatable (#2057)
+  * Smaller watch, star, and fork buttons (#2052)
+  * Display config file path on admin panel (#2030)
+  * Only show SSH clone URL if signed in (#2169) (#2170)
+  * Only show "No Description" to repo admins (#2167)
+  * Always return valid go-get meta, even if unauthorized (#2010)
+  * Enable assignee e-mail notification (#2003)
+  * Let not-logged-in users view releases (#1999)
+  * No highlighting for .txt files (#1922)
+  * Make side nav on dashboard stackable (#1778)
+  * Setting to disable authorized_keys backup (#1856)
+  * Hide the create organization button (in dashboard/organization section) (#1705)
+  * LFS: Return 404 for unimplemented endpoints (#1330)
+  * Show a link to password reset from user settings requiring a password (#862)
+  * Reserve the "explore" user/org name (#1222)
+  * Send notifications to partecipants in issue comments (#1217)
+  * Improve style of user OpenID setting page (#1324)
+  * Use font-awesome OpenID icon more (#1320)
+  * Use readonly input form to show the validated OpenID URI (#1308)
+  * Add captcha support to OpenID based signup (#1307)
+  * Minor improvements on commit graph UI (#1380)
+  * Mirror sync interval specified as duration string (#1407)
+  * Make issue in commit graph "clickable" (#1392)
+  * Use whole button (commit graph) as link (#1390)
+  * Autofocus on 2fa passcode fields (#1460)
+  * Sort on repo size in admin panel (#1654)
+  * Improve dashboard repo search (#1652)
+  * Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
+  * Adds Parent property to the repo API (#1687)
+  * Add configuration option for default permission to create Organizations (#1686)
+  * Remove sha1 hash display in repository table (#1678)
+  * Download files to their original filename (#1676)
+  * Exposes in API the Repo entity's Size and IsBare property (#1668)
+  * Change two factor code entry box from text to number (#1733)
+  * Directly show error if user hit repository limit  (#1767)
+  * Generate small and large logos at 4x resolution (#2233)
+  * Tags listed in releases tab (#2389) (#2424)
+* BUGFIXES
+  * Fix adding branch as protected to not allow pushing to it (#2556)
+  * Orgs: fix org page title when full name is not defined (#1495)
+  * Fix double borders on edit page (#1152) (#1153)
+  * Search bar fixes for #1187 and #1205 (#1207)
+  * Fix upgrade failed after ever rollback (#1194)
+  * Fix FCGI (over TCP) support (#1368)
+  * Backport of migration fixes (#2604) (#2677)
+  * fix panic on gogs webhook creation (#2675) (#2676)
+  * Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662)
+  * Fix go get response if only app URL is custom in configuration (#2634) (#2640)
+  * Fix deletion of unprotected branches (#2630)
+  * Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622)
+  * v38 migration used an outdated version of RepoUnit model (#2602)
+  * fix go get subpackage bug (#2584) (#2589)
+  * Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554)
+  * Backport: Restricting access to fork functioanlity to users with Code access (#2542)
+  * Fix migration from pre-v15 to 1.2.0 (#2460) (#2465)
+  * Fix migration from pre-v15 to 1.2.0 (#2460)
+  * fix duplicated feed (#2370) (#2413)
+  * Fix releases to be counted from database not tags (#2389)
+  * Fix missing collabrative repos (#2367) (#2382)
+  * Add more test for login links and fix a bug on action retrieve (#2361)
+  * Fix SQL condition bug in GetFeeds(..) (#2360)
+  * fix bug on create repo link on dashboard (#2359)
+  * Fix order of elements in dashboard html (#2344)
+  * Fix repo-search template errors for go1.7 (#2336)
+  * Add missing forks key for dashboard repository component (#2325)
+  * fix template error on explore repos (#2319)
+  * Trigger sync webhooks on UI commit (#2302)
+  * fix 500 error when view an issue which's milestone deleted (#2297)
+  * Only update needed columns when update user (#2296)
+  * Fix rendering of external links (#2292)
+  * Fix and improve dashboard repo UI (#2285)
+  * Make short link pattern greedy (#2259)
+  * Temporarily patch go-ini/ini with fork (#2255)
+  * Convert xorm literal queries to method calls (#2253)
+  * update code.gitea.io/git in vendor to fix delete branch fails (#2250)
+  * Replace calls to xorm UseBool with Where (#2237)
+  * rhel7 has a git version with four digits (1.8.3.1) (#2236)
+  * Fix internal requests when gitea listens to unix socket or only external IP (#2234)
+  * Check for access in /repositories/:id (#2227)
+  * Fixed robots.txt 404 error (#2226)
+  * Fix counts on issues dashboard (#2215)
+  * Fix unclosed session bug (#2214)
+  * Add collaborative repositories to the dashboard (#2205)
+  * Fix issue updated_unix bug (#2204)
+  * Fix Commits nil pointer dereference (#2203)
+  * Fix bare-repo bugs (#2199)
+  * Fix PR nil-dereference bug (#2195)
+  * Allow only single fork per user/organization (#2193)
+  * Fix key usage time update if the key is used in parallel for multiple operations (#2185)
+  * Only allow token authentication with 2FA enabled (#2184)
+  * Fix profile update for non-local users (#2178)
+  * Fix compiling without sqlite and gcc (#2177)
+  * Make compare button URL aware if current repo is a fork (#2162) (#2163)
+  * Remove unit types commits and settings (#2161)
+  * Fix OpenID registration route (#2160)
+  * Fix repository settings collobration list display (#2151)
+  * Ignore invalid issue numbers in commit messages. Fixes  #2022 (#2150)
+  * Fix SHA1 hash linking (#2143)
+  * Fix repo API bug (#2133)
+  * Use POSIX complaint ! operator in find (#2132)
+  * Fix GET /users/:username/repos endpoint (#2125)
+  * Fix username rendering bug (#2122)
+  * Fix wiki preview links (#2119)
+  * vendor: update sqlite to fix "database is locked" errors (#2116)
+  * Fix unchecked error bug (#2110)
+  * Fix missing-return bug (#2109)
+  * Fix API for branches with slashes (#2096)
+  * Fix git hooks update to receive required arguments (#2095)
+  * upgrade git source code. (#2094)
+  * Fix SQL bug in models.PullRequests (#2092)
+  * Don't ignore gravatar error (#2083)
+  * Fix release display and correct paging (#2080)
+  * remove unnecessary blank lines and wrong error log (#2079)
+  * Check for valid renamed usernames (#2077)
+  * Update git module (#2074)
+  * Fix org hooks UI (#2072)
+  * Fix #1271: Call location.reload after XHR finishes (#2071)
+  * Fix default ghost assignee bug (#2069)
+  * Fix bug in issue labels API (#2048)
+  * Load label ID in NewLabels (#2045)
+  * Fix: `http: multiple response.WriteHeader calls` (#2038)
+  * Pagination on releases page (#2035)
+  * repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032)
+  * Fix displaying commits and files of PR created from now deleted fork (#2023)
+  * Fix #2001 and fix issue comments hidden (#2016)
+  * Update code.gitea.io/git (#2014)
+  * Keep sort when switching page (#2013)
+  * Important: wrong PR merge commit ID saved (#2007)
+  * Don't show non-comments in comments API (#2001)
+  * Fix "Dashboard shows deleted comments" (#1995)
+  * Make branch deletion URL more like GitHub's, fixes #1397 (#1994)
+  * Fix fast-forward PR bug (#1989)
+  * Fix GPG email checking to be case insensitive (#1988)
+  * fix bug for normal user visit public repo (#1984)
+  * fix collborators lack of units on orgnization repositories (#1968)
+  * Fix diff of renamed and modified file (#1967)
+  * Fix uppercase default branch bug (#1965)
+  * Fix bug in Action.loadRepo() (#1959)
+  * Fix deleted milestone bug (#1942)
+  * Fix engine bug in getIssueByID (#1934)
+  * Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)
+  * Fix setting.AppPath for integration tests (#1923)
+  * Fix search by issue type (#1914)
+  * Fix ghost user bug (#1913)
+  * Require token before checking membership/ownership (#1905)
+  * Bug fixes for org member API (#1904)
+  * A missing / to provide a correct endpoint (#1903)
+  * Fix 500 in public activity page (#1901)
+  * Center-aligned login topbar (#1880)
+  * Migration to fix existing owner team units (#1873)
+  * Fix paginater length (#1866)
+  * Fix bug in removeOrgRepo (#1858)
+  * Display draft releases (#1854)
+  * Fix 404 for external tracking issues (#1852)
+  * Update code.gitea.io/git (#1849)
+  * Fix user profile activity feed (#1848)
+  * Don't ignore error in getMergeCommit (#1843)
+  * Fix locking bug in removeOrgRepo (#1842)
+  * Fix status table race condition (#1835)
+  * Fix PR template error (#1834)
+  * Fix pull request compare link (#1832)
+  * Use ghost users in issues/PRs (#1831)
+  * Commitless repos should be bare (#1829)
+  * Update code.gitea.io/git (#1824)
+  * Fix invalid reference in feeds template (#1820)
+  * fix bug to deny to add orgnization as a member of an orgnization or team (#1815)
+  * xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
+  * Fix deadlock in updateRepository (#1813)
+  * Give all units to owner team (#1812)
+  * Fix 500 for GET /teams/:id endpoints (#1811)
+  * fix bug not to trim space of login username (#1796)
+  * Fix renaming bug (#1786)
+  * Fix activity feed (#1779)
+  * Make navbar scroll on overflow (#1777)
+  * Delete repo redirects on repo deletion (#1776)
+  * Fix unloaded owner bug (#1770)
+  * Admin should always be allowed to create repositories even if hit limit (#1765)
+  * Update HighlightJS and fix YAML files highlighting (#1764)
+  * fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762)
+  * fix admin lost permission caused by #947 (#1753)
+  * More fixes for dashboard search (#1750)
+  * fixes wrong after field in webhook payload (#1746)
+  * fix avatar update bug (#1729)
+  * Fix FOUC on Firefox (#1728)
+  * Fix changes introduce by update of go-swagger. (#1727)
+  * Fix #1719 (#1722)
+  * Correct flash after sending password reset email (#1718)
+  * Fix and test for delete user (#1713)
+  * Fix rendering of issue checkboxes (#1709)
+  * Enforce netgo build tag while cross-compilation (#1690)
+  * fix bug when push a branch name with / & fix an integration test bug (#1689)
+  * fix potential sqlite lock (#1680)
+  * Fix commit sha1 URL rendering in markdown (#1677)
+  * Fix static files permission under public/ (#1675)
+  * fix: tag contain character ) will http 500 on release page (#1670)
+  * Fix CSS for code in wiki markdown (#1660)
+  * fix multiple readme file rendering and fix #1657 (#1658)
+  * Add primary key and index to external login user table (#1656)
+  * fix #1643 and improve integration test (#1645)
+  * Fix version in Makefile (#1636)
+  * Handle display of GPG key without end date (#1628)
+  * fix bug on issue view when not login (#1624)
+  * bug fixed for API to get user's repos (#1622)
+  * fix lost text color on button on set as primary email (#1621)
+  * Add create_at and updated_at in PR json (#1616)
+  * update git and fix #1133 (#1614)
+  * fix bug on status API (#1533)
+  * Do not show empty collaborators segment (#1531)
+  * Fix markdown rendering (#1530)
+  * fix go get sub package and add domain on installation to let go get work defaultly (#1518)
+  * fix #1501 ssh hangs caused by #1461 (#1513)
+  * Fix empty file download (#1506)
+  * Fix broken v27 migration - change mirror interval from int to bigint (#1504)
+  * Do not allow commiting to protected branch from online editor (#1502)
+  * Add internal routes for ssh hook comands (#1471)
+  * Fix races within code.gitea.io/git.(*Command).RunInDirTimeoutPipeline (#1465)
+  * Simple quick fix for #1418 (#1456)
+  * fix gpg API panic when no verification (#1451)
+  * fix migrate failed and org dashboard failed on MSSQL database (#1448)
+  * Optimize and fix autolink function (#1442) (#1444)
+  * Fix and simplify repo branches (settings) UI (#1435)
+  * Fix disabled fields in repo settings UI (#1431)
+  * fixes pull request hanging when it contains normal and LFS files (#1425)
+  * Fix races in the log module by using syncmap (#1421)
+  * Add length check for the return string (#1420)
+  * Fix "Error: No issue number specified"  when pushing (#1393)
+  * Corrected Mirror.NextUpdate not set (#1388)
+  * fix: remove `str2html` from org full name (#1360)
+  * Correct broken unaligned load/store in armv5 (#1355)
+  * Remove href on first/last link when on first/last page (#1345)
+  * Fix broken table layout (#1344)
+  * LFS: Fix SSH authentication for trailing arguments (#1328)
+  * Remove empty file (#1326)
+  * Fix delete user failed on sqlite (#1321)
+  * Fix inconsistency in layout (#1316)
+  * Fix gpg wrong column types (#1303)
+  * Fix wiki bugs (#1294)
+  * Fix missing less sources for oauth (#1288)
+  * Make sure both scripts/ can live side by side (#1264)
+  * Fix nil-dereference bug (#1258)
+  * rewrite pre-commit, post-commit and options hooks (fixes #1250) (#1257)
+  * Commit search appearence fixes (#1254)
+  * Fix forget migration for wiki hooks (#1227)
+  * Fix repo settings external tracker failed and check external urls (#1215)
+  * Fix 500 caused by branches settings introduced by #1198 (#1214)
+  * fix #1189, commit messages containing a pipe (#1203)
+  * Bug fixed for delete repo failed (#1193)
+  * Fix migration failed when authorized_keys is not exist (#1180)
+  * Fix ini format incomiptable with crowdin (#1177)
+* TESTING
+  * Integration tests for issues API (#2059)
+  * Add integration tests for signin (#2363)
+  * Add INTERNAL_TOKEN to integration .ini file (#2346)
+  * Add public links check (#2323)
+  * Fix hooks for integration repo (#2216)
+  * More integration tests for comment API (#2156)
+  * Cache session cookies in tests (#2128)
+  * Less verbose integration tests (#2123)
+  * Fix improper setup for integration tests (#2050)
+  * Improve integration test helper functions (#2049)
+  * Add integration test for issue creating (#2002)
+  * Use testing/benchmark interface (#1993)
+  * Add integration test for repository migration (#1983)
+  * Consolidate boilerplate in integration tests (#1979)
+  * Set console to debug for integration tests (#1976)
+  * Add pull-create integration test (#1972)
+  * Coverage reports for integration tests (#1960)
+  * Add integration test for pull-request merge (#1912)
+  * Add integration test for file editing (#1907)
+  * Add integration test for repository forking (#1896)
+  * Run unused test (#1875)
+  * Don't recreate database in integration tests (#1697)
+  * remove sqlite tag when integration test with mysql/postgres and recreate database when init integration test (#1693)
+  * MySQL, Postgres integration tests in drone (#1638)
+  * improve integration test to resue models/fixtures and store git repos with tests (#1627)
+  * Improve govendor testing (#1623)
+  * Integration test framework (#1290)
+  * Unit tests for issue_list (#1209)
+  * Add integration test for signup (#1135)
+* TRANSLATION
+  * update translation from crowdin (#2368) (#2380)
+  * Small fixes (#2144)
+  * Missing signed commit display translations (#2134)
+  * Sync latest translations from crowdin (#2104)
+  * Add make command update-translations for update translations from crodwin (#2097)
+  * Fix some mistakes (#1833)
+  * Improve clarity between is_activated and prohibit_login (#1788)
+  * Improve grammar (#1775)
+  * Fix bad grammar and wordiness (#1741)
+  * Make strings translatable (#1188) (#1198)
+* BUILD
+  * Dockerfile for aarch64 (#1128) (#1130)
+  * backport from v1.2 branch: add secrets for github release (#2588) (#2598)
+  * Add secrets for github release to fix drone failed (#2588)
+  * Backport changes for latest drone (#2586)
+  * Removing .drone.yml.sig (#2579)
+  * Fix drone for tags (#2573) (#2576)
+  * Backport: Remove go version check for make fmt (#2558) (#2561)
+  * Backport: Fix lint, fmt and integration testing errors (#2553)
+  * update latest xorm version to vendor (#2353)
+  * Remove integration test executables on `make clean` (#2340)
+  * refactor(Makefile): allow overriding default go program (#2310)
+  * Revert to upstream ini dependency (#2304)
+  * Use /dev/urandom to create random password (#2298)
+  * update drone sig file. (#2262)
+  * go get github.com/wadey/gocovmerge when needed (#2235)
+  * fix typo (#2145)
+  * Revert "Reduce number of layer" (#2086)
+  * Reduce number of layer (#2078)
+  * Skip sqlite integration in CI (#2058)
+  * fix golint error and rename func for suggestion. (#1997)
+  * fix misspell (#1996)
+  * update drone sig file (#1981)
+  * send notification if status changed (#1973)
+  * switch gitter to discord for drone. (#1971)
+  * Fix missing backslash in Dockerfile.rpi (#1952)
+  * Don't run 'make release' on PRs (#1908)
+  * Update code.gitea.io/git (#1892)
+  * Use production version of vuejs (#1869)
+  * Add a variable for docker tag (#1825)
+  * resign drone and fix #1816 (#1819)
+  * Separate generate swagger + fix sed os specific (#1791)
+  * Only run coverage on merges/pushes to master (#1783)
+  * Remove stale rule from Makefile (#1782)
+  * feat: upgrade drone docker image to support multi-stage build. (#1732)
+  * Realy don't cache apk index (#1694)
+  * Limit clone depth when drone-building (#1644)
+  * Refactor Dockerfile (#1632)
+  * Check if missing/modified/unused deps in vendor and fix errors (#1468)
+  * Add GOFLAGS and EXTRA_GOFLAGS (#1438)
+  * Include formatting check to the `make test` (and thus also `check`) rule (#1366)
+* DOCS
+  * fix wrong changelog title (#2395)
+  * fix webhook link (#2289)
+  * Improve swagger doc (#2274)
+  * Add link to forum in issue template (#2070)
+  * add missing lfs config on example file (#2039)
+  * Add discourse link (#2027)
+  * Fix wording (#2024)
+  * Fix typo (#1974)
+  * Swagger docs for list/create forks (#1941)
+  * Update links to Discord server (#1940)
+  * [ci skip] update discord badge. (#1930)
+  * Change join chat from gitter to discord (#1929)
+  * Update changelog with v1.1.1 (#1926)
+  * Correct grammar in APIEmpty documentation (#1748)
+  * Add swagger comment for MirrorSync (#1747)
+  * Add "Table of Contents" in CONTRIBUTING.md (#1634)
+  * Fix service description in Debian init file (#1538)
+  * Use MAINTAINERS file in repository in CONTRIBUTING (#1489)
+  * Generate swagger json (#1402)
+  * Changed text when password reset disabled. (#1364)
+  * Removed email copyright year (#1348)
+  * Specify that time interval units are seconds (#1311)
+  * Gitea OpenID-2.0 login has been tested with livejournal.com too (#1306)
+  * Make wording of commit search more clear (#1291)
+  * Add notice that LFS mirroring is not supported (#1251)
+  * Fix typos in models/ and modules/ (#1248)
+  * Refactor and fix incorrect comment (#1247)
+  * Fix migration comment (#1241)
+  * Update locale_en-US.ini (#1235)
+  * Add LibreJS support (#1201)
+  * rename OSX to macOS (#1176)
+  * add mssql to app.ini db config comment (#1172)
+  * Add MSSQL to issues template (#1171)
+* MISC
+  * Add badge and link to the Matrix room (#2348)
+  * ignore coverage steps. (#2257)
+  * Use sqlite3 database as default for Docker image (#2182)
+  * update drone discord plugin to 0.0.4 version (#1992)
+  * fix typo (#1990)
+  * Move 3rd party js/css into `public/vendor` and document sources (#2383)
+  * Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
+  * Fix variable name typo (#2327)
+  * Make use of Vue more universal (#2318)
+  * Remove (almost) server side data rendering from repo-search component (#2317)
+  * Add OpenID configuration in install page (#2276)
+  * More tweaks to repo top panel (#2267)
+  * File path tweaks in UI (#2264)
+  * Make SHOW_USER_EMAIL also apply to profiles (#2258)
+  * EnableUnit() -> UnitEnabled() (#2242)
+  * Prevent selection of diff line numbers (#2240)
+  * Remove unused variable on makefile (#2225)
+  * No error log entries for repo 404 (#2200)
+  * Refactor vue delimeters to use es6 template delimeters (#2171)
+  * Replace tmp with TMPDIR. (#2152)
+  * Remove unused files (#2124)
+  * Improve org error handling (#2117)
+  * Absolute path for setting.CustomConf (#2085)
+  * remove deprecated code for Gogs compitable (#2041)
+  * Refactor session close as xorm already does everything needed internally  (#2020)
+  * SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
+  * Use monospace font in githook editor (#1958)
+  * Fix import order (#1951)
+  * Gracefully handle bare repositories on API operations. (#1932)
+  * Fix errors caused by force push (#1927)
+  * Display URLs in integration test logs (#1924)
+  * Set TMPDIR enviroment variable for dump command (#1915)
+  * Cache ctx.User in retrieveFeeds (#1902)
+  * Make `LocalCopyPath` a setting instead of a hard-coded path (#1881)
+  * Add check misspelling (#1877)
+  * Fix misspelled variables (#1874)
+  * Gofmt (#1868, #1710, #1662)
+  * Rename misnamed migration (#1867)
+  * Support CRLF when splitting code lines for display (#1862)
+  * Add convert less css file step. (#1861)
+  * Prevent accidential selection of line numbers in code view (#1860)
+  * Delete Public SSH Key tmp file after calculating fingerprint (#1855)
+  * Remove annoying difference in button heights. (#1853)
+  * Only run test coverage on master branch. (#1838)
+  * Error from mktemp command in MacOS. (#1837)
+  * Use writeTmpKeyFile in calcFingerprint (#1828)
+  * ROOT_URL setting use the default as shown in conf/app.ini (#1823)
+  * Rename RepoCreationNum -> MaxCreationLimit (#1766)
+  * Add button to admin ui (#1738)
+  * Correct spelling mistakes (#1703)
+  * Make openid support default false for compitable with v1.1 (#1650)
+  * Send mails as HTML as default. Setting for send as plain text. (#1648)
+  * fix potential lock when sqlite (#1647)
+  * Optimize png images via Google zopflipng [ci skip] (#1639)
+  * Upgrade alpine to v3.5 in Dockerfile (#1633)
+  * remove unused vendor packages (#1620)
+  * markup: microoptimise for many short filenames in directory (#1534)
+  * support health check via / and fix #969 (#1520)
+  * Remove env user salt since no need to use (#1515)
+  * Drop db operations from hook commands (#1514)
+  * Better URL validation (#1507)
+  * Migrate WatchInfo struct to api (#1492)
+  * refactor: show command help message. (#1486)
+  * refactor update ssh key use time (#1466)
+  * Set VERSION from git once, in a variable (#1447)
+  * Remove unused mutex field (#1440)
+  * Simplify settings pages with item list (#1389)
+  * Clean-up PostgreSQL Tests (#1361)
+  * refactor: remove workaround after the golang 1.7 release. (#1349)
+  * Delete the useless code (#1335)
+  * Run "make fmt" with go-1.6 (#1333)
+  * Refactor admin/auth/new.tmpl (#1277)
+  * Refactor repo/issue/view_content.tmpl (#1276)
+  * Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
+  * Cleaner UI for explore page (#1253) (#1255)
+  * Synced licenses with github repo (#1246)
+  * Synced gitignores with github repo (#1245)
+  * Simplify RepositoryList.loadAttributes() (#1211)
+  * Move user_follow to separate file (#1210)
+  * Reduce conditionals in signin/signup inner forms (#1138)
+
+## [1.1.4](https://github.com/go-gitea/gitea/releases/tag/v1.1.4) - 2017-09-04
+
+* BUGFIXES
+  * Fix rendering of external links (#2292) (#2315)
+  * Fix deleted milestone bug (#1942) (#2300)
+  * fix 500 error when view an issue which's milestone deleted (#2297) (#2299)
+  * Fix SHA1 hash linking (#2143) (#2293)
+  * back port from #1709 (#2291)
+
+## [1.1.3](https://github.com/go-gitea/gitea/releases/tag/v1.1.3) - 2017-08-03
+
+* BUGFIXES
+  * Fix PR template error (#2008)
+  * Fix markdown rendering (fix #1530) (#2043)
+  * Fix missing less sources for oauth (backport #1288) (#2135)
+  * Don't ignore gravatar error (#2138)
+  * Fix diff of renamed and modified file (#2136)
+  * Fix fast-forward PR bug (#2137)
+  * Fix some security bugs
+
+## [1.1.2](https://github.com/go-gitea/gitea/releases/tag/v1.1.2) - 2017-06-13
+
+* BUGFIXES
+  * Enforce netgo build tag while cross-compilation (Backport of #1690) (#1731)
+  * fix update avatar
+  * fix delete user failed on sqlite (#1321)
+  * fix bug not to trim space of login username (#1806)
+  * Backport bugfixes #1220 and #1393 to v1.1 (#1758)
+
+## [1.1.1](https://github.com/go-gitea/gitea/releases/tag/v1.1.1) - 2017-05-04
+
+* BUGFIXES
+  * Markdown Sanitation Fix [#1646](https://github.com/go-gitea/gitea/pull/1646)
+  * Fix broken hooks [#1376](https://github.com/go-gitea/gitea/pull/1376)
+  * Fix migration issue [#1375](https://github.com/go-gitea/gitea/pull/1375)
+  * Fix Wiki Issues [#1338](https://github.com/go-gitea/gitea/pull/1338)
+  * Forgotten migration for wiki githooks [#1237](https://github.com/go-gitea/gitea/pull/1237)
+  * Commit messages can contain pipes [#1218](https://github.com/go-gitea/gitea/pull/1218)
+  * Verify external tracker URLs [#1236](https://github.com/go-gitea/gitea/pull/1236)
+  * Allow upgrade after downgrade [#1197](https://github.com/go-gitea/gitea/pull/1197)
+  * 500 on delete repo with issue [#1195](https://github.com/go-gitea/gitea/pull/1195)
+  * INI compat with CrowdIn [#1192](https://github.com/go-gitea/gitea/pull/1192)
+
+## [1.1.0](https://github.com/go-gitea/gitea/releases/tag/v1.1.0) - 2017-03-09
+
+* BREAKING
+  * The SSH keys can potentially break, make sure to regenerate the authorized keys
+* FEATURES
+  * Git LFSv2 support [#122](https://github.com/go-gitea/gitea/pull/122)
+  * API endpoints for repo watching [#191](https://github.com/go-gitea/gitea/pull/191)
+  * Search within private repos [#222](https://github.com/go-gitea/gitea/pull/222)
+  * Hide user email address on explore page [#336](https://github.com/go-gitea/gitea/pull/336)
+  * Protected branch system [#339](https://github.com/go-gitea/gitea/pull/339)
+  * Sendmail for mail delivery [#355](https://github.com/go-gitea/gitea/pull/355)
+  * API endpoints for org webhooks [#372](https://github.com/go-gitea/gitea/pull/372)
+  * Enabled MSSQL support [#383](https://github.com/go-gitea/gitea/pull/383)
+  * API endpoints for org teams [#370](https://github.com/go-gitea/gitea/pull/370)
+  * API endpoints for collaborators [#375](https://github.com/go-gitea/gitea/pull/375)
+  * Graceful server restart [#416](https://github.com/go-gitea/gitea/pull/416)
+  * Commitgraph / timeline on commits page [#428](https://github.com/go-gitea/gitea/pull/428)
+  * API endpoints for repo forks [#509](https://github.com/go-gitea/gitea/pull/509)
+  * API endpoints for releases [#510](https://github.com/go-gitea/gitea/pull/510)
+  * Folder jumping [#511](https://github.com/go-gitea/gitea/pull/511)
+  * Stars tab on profile page [#519](https://github.com/go-gitea/gitea/pull/519)
+  * Notification system [#523](https://github.com/go-gitea/gitea/pull/523)
+  * Push and pull through reverse proxy basic auth [#524](https://github.com/go-gitea/gitea/pull/524)
+  * Search for issues and pull requests [#530](https://github.com/go-gitea/gitea/pull/530)
+  * API endpoint for stargazers [#597](https://github.com/go-gitea/gitea/pull/597)
+  * API endpoints for subscribers [#598](https://github.com/go-gitea/gitea/pull/598)
+  * PID file support [#610](https://github.com/go-gitea/gitea/pull/610)
+  * Two factor authentication (2FA) [#630](https://github.com/go-gitea/gitea/pull/630)
+  * API endpoints for org users [#645](https://github.com/go-gitea/gitea/pull/645)
+  * Release attachments [#673](https://github.com/go-gitea/gitea/pull/673)
+  * OAuth2 consumer [#679](https://github.com/go-gitea/gitea/pull/679)
+  * Add ability to fork your own repos [#761](https://github.com/go-gitea/gitea/pull/761)
+  * Search repository on dashboard [#773](https://github.com/go-gitea/gitea/pull/773)
+  * Search bar on user profile [#787](https://github.com/go-gitea/gitea/pull/787)
+  * Track label changes on issue view [#788](https://github.com/go-gitea/gitea/pull/788)
+  * Allow using custom time format [#798](https://github.com/go-gitea/gitea/pull/798)
+  * Redirects for renamed repos [#807](https://github.com/go-gitea/gitea/pull/807)
+  * Track assignee changes on issue view [#808](https://github.com/go-gitea/gitea/pull/808)
+  * Track title changes on issue view [#841](https://github.com/go-gitea/gitea/pull/841)
+  * Archive cleanup action [#885](https://github.com/go-gitea/gitea/pull/885)
+  * Basic Open Graph support [#901](https://github.com/go-gitea/gitea/pull/901)
+  * Take back control of Git hooks [#1006](https://github.com/go-gitea/gitea/pull/1006)
+  * API endpoints for user repos [#1059](https://github.com/go-gitea/gitea/pull/1059)
+* BUGFIXES
+  * Fixed counting issues for issue filters [#413](https://github.com/go-gitea/gitea/pull/413)
+  * Added back default settings for SSH [#500](https://github.com/go-gitea/gitea/pull/500)
+  * Fixed repo permissions [#513](https://github.com/go-gitea/gitea/pull/513)
+  * Issues cannot be created with labels [#622](https://github.com/go-gitea/gitea/pull/622)
+  * Add a reserved wiki paths check to the wiki [#720](https://github.com/go-gitea/gitea/pull/720)
+  * Update website binding MaxSize to 255 [#722](https://github.com/go-gitea/gitea/pull/722)
+  * User can see the private activity on public history [#818](https://github.com/go-gitea/gitea/pull/818)
+  * Wrong pages number which includes private repositories [#844](https://github.com/go-gitea/gitea/pull/844)
+  * Trim whitespaces for search keyword [#893](https://github.com/go-gitea/gitea/pull/893)
+  * Don't rewrite non-gitea public keys [#906](https://github.com/go-gitea/gitea/pull/906)
+  * Use fingerprint to check instead content for public key [#911](https://github.com/go-gitea/gitea/pull/911)
+  * Fix random avatars [#1147](https://github.com/go-gitea/gitea/pull/1147)
+* ENHANCEMENTS
+  * Refactored process manager [#75](https://github.com/go-gitea/gitea/pull/75)
+  * Restrict rights to create new orgs [#193](https://github.com/go-gitea/gitea/pull/193)
+  * Added label and milestone sorting [#199](https://github.com/go-gitea/gitea/pull/199)
+  * Make minimum password length configurable [#223](https://github.com/go-gitea/gitea/pull/223)
+  * Speedup conflict checking on pull requests [#276](https://github.com/go-gitea/gitea/pull/276)
+  * Added button to delete merged pull request branches [#441](https://github.com/go-gitea/gitea/pull/441)
+  * Improved issue references within markdown [#471](https://github.com/go-gitea/gitea/pull/471)
+  * Dutch translation for the landingpage [#487](https://github.com/go-gitea/gitea/pull/487)
+  * Added Gogs migration script [#532](https://github.com/go-gitea/gitea/pull/532)
+  * Support a .gitea folder for issue templates [#582](https://github.com/go-gitea/gitea/pull/582)
+  * Enhanced diff-view coloring [#584](https://github.com/go-gitea/gitea/pull/584)
+  * Added ETag header to avatars [#721](https://github.com/go-gitea/gitea/pull/721)
+  * Added option to config to disable local path imports [#724](https://github.com/go-gitea/gitea/pull/724)
+  * Allow custom public files [#782](https://github.com/go-gitea/gitea/pull/782)
+  * Added pprof endpoint for debugging [#801](https://github.com/go-gitea/gitea/pull/801)
+  * Added `X-GitHub-*` headers [#809](https://github.com/go-gitea/gitea/pull/809)
+  * Fill SSH key title automatically [#863](https://github.com/go-gitea/gitea/pull/863)
+  * Display Git version on admin panel [#921](https://github.com/go-gitea/gitea/pull/921)
+  * Expose URL field on issue API [#982](https://github.com/go-gitea/gitea/pull/982)
+  * Statically compile the binaries [#985](https://github.com/go-gitea/gitea/pull/985)
+  * Embed build tags into version string [#1051](https://github.com/go-gitea/gitea/pull/1051)
+  * Gitignore support for FSharp and Clojure [#1072](https://github.com/go-gitea/gitea/pull/1072)
+  * Custom templates for static builds [#1087](https://github.com/go-gitea/gitea/pull/1087)
+  * Add ProxyFromEnvironment if none set [#1096](https://github.com/go-gitea/gitea/pull/1096)
+* MISC
+  * Replaced remaining Gogs references
+  * Added more tests on various packages
+  * Use Crowdin for translations again
+  * Resolved some XSS attack vectors
+  * Optimized and reduced number of database queries
+
+## [1.0.2](https://github.com/go-gitea/gitea/releases/tag/v1.0.2) - 2017-02-21
+
+* BUGFIXES
+  * Fixed issue counter [#882](https://github.com/go-gitea/gitea/pull/882)
+  * Fixed XSS vulnerability on wiki page [#955](https://github.com/go-gitea/gitea/pull/955)
+  * Add data dir without session to dump [#587](https://github.com/go-gitea/gitea/pull/587)
+  * Fixed wiki page renaming [#958](https://github.com/go-gitea/gitea/pull/958)
+  * Drop default console logger if not required [#960](https://github.com/go-gitea/gitea/pull/960)
+  * Fixed docker docs link on install page [#972](https://github.com/go-gitea/gitea/pull/972)
+  * Handle SetModel errors [#957](https://github.com/go-gitea/gitea/pull/957)
+  * Fixed XSS vulnerability on milestones [#977](https://github.com/go-gitea/gitea/pull/977)
+  * Fixed XSS vulnerability on alerts [#981](https://github.com/go-gitea/gitea/pull/981)
+
+## [1.0.1](https://github.com/go-gitea/gitea/releases/tag/v1.0.1) - 2017-01-05
+
+* BUGFIXES
+  * Fixed localized `MIN_PASSWORD_LENGTH` [#501](https://github.com/go-gitea/gitea/pull/501)
+  * Fixed 500 error on organization delete [#507](https://github.com/go-gitea/gitea/pull/507)
+  * Ignore empty wiki repo on migrate [#544](https://github.com/go-gitea/gitea/pull/544)
+  * Proper check access for forking [#563](https://github.com/go-gitea/gitea/pull/563)
+  * Fix SSH domain on installer [#506](https://github.com/go-gitea/gitea/pull/506)
+  * Fix missing data rows on admin UI [#580](https://github.com/go-gitea/gitea/pull/580)
+  * Do not delete tags with releases by default [#579](https://github.com/go-gitea/gitea/pull/579)
+  * Fix missing session config data on admin UI [#578](https://github.com/go-gitea/gitea/pull/578)
+  * Properly show the version within footer on the UI [#593](https://github.com/go-gitea/gitea/pull/593)
+
+## [1.0.0](https://github.com/go-gitea/gitea/releases/tag/v1.0.0) - 2016-12-23
+
+* BREAKING
+  * We have various changes on the API, scripting against API must be updated
+* FEATURES
+  * Show last login for admins [#121](https://github.com/go-gitea/gitea/pull/121)
+* BUGFIXES
+  * Fixed sender of notifications [#2](https://github.com/go-gitea/gitea/pull/2)
+  * Fixed keyword hijacking vulnerability [#20](https://github.com/go-gitea/gitea/pull/20)
+  * Fixed non-markdown readme rendering [#95](https://github.com/go-gitea/gitea/pull/95)
+  * Allow updating draft releases [#169](https://github.com/go-gitea/gitea/pull/169)
+  * GitHub API compliance [#227](https://github.com/go-gitea/gitea/pull/227)
+  * Added commit SHA to tag webhook [#286](https://github.com/go-gitea/gitea/issues/286)
+  * Secured links via noopener [#315](https://github.com/go-gitea/gitea/issues/315)
+  * Replace tabs with spaces on wiki title [#371](https://github.com/go-gitea/gitea/pull/371)
+  * Fixed vulnerability on labels and releases [#409](https://github.com/go-gitea/gitea/pull/409)
+  * Fixed issue comment API [#449](https://github.com/go-gitea/gitea/pull/449)
+* ENHANCEMENTS
+  * Use proper import path for libravatar [#3](https://github.com/go-gitea/gitea/pull/3)
+  * Integrated DroneCI for tests and builds [#24](https://github.com/go-gitea/gitea/issues/24)
+  * Integrated dependency manager [#29](https://github.com/go-gitea/gitea/issues/29)
+  * Embedded bindata optionally [#30](https://github.com/go-gitea/gitea/issues/30)
+  * Integrated pagination for releases [#73](https://github.com/go-gitea/gitea/pull/73)
+  * Autogenerate version on every build [#91](https://github.com/go-gitea/gitea/issues/91)
+  * Refactored Docker container [#104](https://github.com/go-gitea/gitea/issues/104)
+  * Added short-hash support for downloads [#211](https://github.com/go-gitea/gitea/issues/211)
+  * Display tooltip for downloads [#221](https://github.com/go-gitea/gitea/issues/221)
+  * Improved HTTP headers for issue attachments [#270](https://github.com/go-gitea/gitea/pull/270)
+  * Integrate public as bindata optionally [#293](https://github.com/go-gitea/gitea/pull/293)
+  * Integrate templates as bindata optionally [#314](https://github.com/go-gitea/gitea/pull/314)
+  * Inject more ENV variables into custom hooks [#316](https://github.com/go-gitea/gitea/issues/316)
+  * Correct LDAP login validation [#342](https://github.com/go-gitea/gitea/pull/342)
+  * Integrate conf as bindata optionally [#354](https://github.com/go-gitea/gitea/pull/354)
+  * Serve video files in browser [#418](https://github.com/go-gitea/gitea/pull/418)
+  * Configurable SSH host binding [#431](https://github.com/go-gitea/gitea/issues/431)
+* MISC
+  * Forked from Gogs and renamed to Gitea
+  * Catching more errors with logs
+  * Fixed all linting errors
+  * Made the go linter entirely happy
+  * Really integrated vendoring
diff --git a/CODEOWNERS b/CODEOWNERS
deleted file mode 100644
index 6ca34a69df..0000000000
--- a/CODEOWNERS
+++ /dev/null
@@ -1,40 +0,0 @@
-# This file describes the expected reviewers for a PR based on the changed
-# files. Unlike what the name of the file suggests they don't own the code, but
-# merely have a good understanding of that area of the codebase and therefore
-# are usually suited as a reviewer.
-
-
-# Please mind the alphabetic order of reviewers.
-
-# Files related to frontend development.
-
-# Javascript and CSS code.
-web_src/.* @caesar @crystal @gusted
-
-# HTML templates used by the backend.
-templates/.* @caesar @crystal @gusted
-## the issue sidebar was touched by fnetx
-templates/repo/issue/view_content/sidebar.* @fnetx
-
-# Playwright tests
-tests/e2e/.* @fnetx
-
-# Files related to Go development.
-
-# The modules usually don't require much knowledge about Forgejo and could
-# be reviewed by Go developers.
-modules/.* @gusted
-
-# Models has code related to SQL queries, general database knowledge and XORM.
-models/.* @gusted
-
-# The routers directory contains the most amount code that requires a good grasp
-# of how Forgejo comes together. It's tedious to write good integration testing
-# for code that lives in here.
-routers/.* @gusted
-
-# Let new strings be checked by the translation team.
-options/locale/locale_en-US.ini @0ko
-
-# Personal interest
-.*/webhook.* @oliverpool
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 18b613d3bd..c0a95c2678 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,4 +4,20 @@ The Forgejo project is run by a community of people who are expected to follow t
 
 Sensitive security-related issues should be reported to [security@forgejo.org](mailto:security@forgejo.org) using [encryption](https://keyoxide.org/security@forgejo.org).
 
-You can find links to the different aspects of Developer documentation on this page: [Forgejo Contributor Guide](https://forgejo.org/docs/next/contributor/).
+## For everyone involved
+
+- [Code of Conduct](CONTRIBUTING/COC.md)
+- [Bugs, features, security and others discussions](CONTRIBUTING/DISCUSSIONS.md)
+- [Governance](CONTRIBUTING/GOVERNANCE.md)
+- [Sustainability and funding](https://codeberg.org/forgejo/sustainability/src/branch/master/README.md)
+
+## For contributors
+
+- [Developer Certificate of Origin (DCO)](CONTRIBUTING/DCO.md)
+- [Development workflow](CONTRIBUTING/WORKFLOW.md)
+
+## For maintainers
+
+- [Release management](CONTRIBUTING/RELEASE.md)
+- [Secrets](CONTRIBUTING/SECRETS.md)
+
diff --git a/CONTRIBUTING/COC.md b/CONTRIBUTING/COC.md
new file mode 100644
index 0000000000..e31374b0e7
--- /dev/null
+++ b/CONTRIBUTING/COC.md
@@ -0,0 +1,31 @@
+# Code of Conduct, Well Being and Moderation teams
+
+Forgejo strives to be an inclusive project where everyone can participate in a safe environment. The **Well Being** team is doing its best to defuse tensions before they escalate and is available to answer all requests sent its way. When diplomacy fails, the **Moderation** team will be forced to act to put a stop to actions that are contrary to the [Code of Conduct](https://codeberg.org/forgejo/code-of-conduct).
+
+## Well Being and Moderation teams
+
+Temporary Well Being and Moderation teams [were appointed 10 November 2022](https://codeberg.org/forgejo/meta/issues/13).
+
+The moderation team will rely on this [Code of Conduct](https://codeberg.org/forgejo/code-of-conduct) when diplomacy fails.
+
+### Well Being
+
+Their goal is to defuse tensions.
+
+It has no power whatsover. The members are approved by the organization and trusted to:
+
+- Read all communications to detect tensions between people before they escalate.
+- Do their best to defuse tensions.
+
+* https://codeberg.org/Gusted
+* https://codeberg.org/dachary
+
+### Moderation
+
+Their goal is to enforce the [Code of Conduct](https://codeberg.org/forgejo/code-of-conduct) when diplomacy fails.
+
+It has the power to exclude people from a space.
+
+Their decisions must be logical, fact based and transparent to the Forgejo community who trust them with this responsibility.
+
+* https://codeberg.org/circlebuilder
diff --git a/CONTRIBUTING/DCO.md b/CONTRIBUTING/DCO.md
new file mode 100644
index 0000000000..5971e5bbd6
--- /dev/null
+++ b/CONTRIBUTING/DCO.md
@@ -0,0 +1,29 @@
+# Developer Certificate of Origin (DCO)
+
+Contributions to Forgejo, in all the repositories in the [Forgejo organization](https://codeberg.org/forgejo) are accepted provided the author agrees to the following Developer Certificate of Origin (DCO).
+
+```
+By making a contribution to Forgejo, I certify that:
+
+(a) The contribution was created in whole or in part by me and I
+    have the right to submit it under the Free Software license
+    indicated in the file; or
+
+(b) The contribution is based upon previous work that, to the best
+    of my knowledge, is covered under an appropriate Free Software
+    license and I have the right under that license to submit that
+    work with modifications, whether created in whole or in part
+    by me, under the same Free Software license (unless I am
+    permitted to submit under a different license), as indicated
+    in the file; or
+
+(c) The contribution was provided directly to me by some other
+    person who certified (a), (b) or (c) and I have not modified
+    it.
+
+(d) I understand and agree that this project and the contribution
+    are public and that a record of the contribution (including all
+    personal information I submit with it, including my sign-off) is
+    maintained indefinitely and may be redistributed consistent with
+    this project or the Free Software license(s) involved.
+```
\ No newline at end of file
diff --git a/CONTRIBUTING/DISCUSSIONS.md b/CONTRIBUTING/DISCUSSIONS.md
new file mode 100644
index 0000000000..e8ceef67db
--- /dev/null
+++ b/CONTRIBUTING/DISCUSSIONS.md
@@ -0,0 +1,18 @@
+# Bugs, features and discussions
+
+The [Forgejo issue tracker](https://codeberg.org/forgejo/forgejo/issues) is where **bugs** should be reported and **features** requested.
+
+Dedicated repositories in the [Forgejo organization](https://codeberg.org/forgejo) cover areas such as:
+- the [website](https://codeberg.org/forgejo/website)
+- the [Code of Conduct](https://codeberg.org/forgejo/code-of-conduct)
+- the [sustainability and funding](https://codeberg.org/forgejo/sustainability).
+
+Other discussions regarding all **non technical aspects** of Forgejo, such as the governance, happen in the [meta issue tracker](https://codeberg.org/forgejo/meta/issues) and in the [matrix chatroom](https://matrix.to/#/#forgejo-chat:matrix.org).
+
+# Security
+
+The [security team](https://codeberg.org/forgejo/meta/src/branch/readme/TEAMS.md#security) takes care of security vulnerabilities. It handles sensitive security-related issues reported to [security@forgejo.org](mailto:security@forgejo.org) using [encryption](https://keyoxide.org/security@forgejo.org).
+
+The security team also keeps the content of the [security.txt](https://codeberg.org/forgejo/website/src/branch/main/public/.well-known/security.txt) file up to date.
+
+The private GPG key for `security@forgejo.org` is shared among all members of the security team and not stored online.
diff --git a/CONTRIBUTING/GOVERNANCE.md b/CONTRIBUTING/GOVERNANCE.md
new file mode 100644
index 0000000000..4a331fc2a5
--- /dev/null
+++ b/CONTRIBUTING/GOVERNANCE.md
@@ -0,0 +1,19 @@
+# Governance
+
+## Codeberg e.V. custodian of the domains
+
+The Forgejo [domains](https://codeberg.org/forgejo/meta/issues/41) are owned by the democratic non-profit dedicated to Free Software [Codeberg e.V.](https://codeberg.org/Codeberg/org/src/branch/main/en/bylaws.md). Forgejo is therefore ultimately under the control of Codeberg e.V. and its governance. However, although Codeberg e.V. is committed to use and host Forgejo, it is expected that Forgejo defines its own governance, in a way that is compatible with the Codeberg e.V. governance.
+
+## Forgejo Governance
+
+See our [decision-making system](https://codeberg.org/forgejo/meta/src/branch/readme/DECISION-MAKING.md) (contains team agreements and guidelines).
+
+Forgejo was bootstraped in November 2022 and is in the process of [defining its governance](https://codeberg.org/forgejo/meta/issues/19). The [first meeting happened November 24th](https://codeberg.org/forgejo/meta/issues/19#issuecomment-694460) and everyone is welcome to participate.
+
+## Interim Forgejo Governance
+
+While the governance is being defined, there was a need to establish an interim Forgejo governance for safeguarding credentials, enforcing the Code of Conduct and ensuring security vulnerabilities are handled responsibly for the Forgejo releases.
+
+All people with a role in the interim Forgejo governance pledge to resign as soon as the Forgejo governance is in place.
+
+The people and teams that are part of the interim governance are [listed publicly](https://codeberg.org/forgejo/meta/src/branch/readme/TEAMS.md).
diff --git a/CONTRIBUTING/RELEASE.md b/CONTRIBUTING/RELEASE.md
new file mode 100644
index 0000000000..5f47a34589
--- /dev/null
+++ b/CONTRIBUTING/RELEASE.md
@@ -0,0 +1,153 @@
+# Release management
+
+## Release numbering
+
+The Forgejo release numbers are composed of the Gitea release number followed by a dash and a serial number. For instance:
+
+* Gitea **v1.18.0** will be Forgejo **v1.18.0-0**, **v1.18.0-1**, etc
+
+The Gitea release candidates are suffixed with **-rcN** which is handled as a special case for packaging: although **X.Y.Z** is lexicographically lower than **X.Y.Z-rc1** is is considered greater. The Forgejo serial number must therefore be inserted before the **-rcN** suffix to preserve the expected version ordering.
+
+* Gitea **v1.18.0-rc0** will be Forgejo **v1.18.0-0-rc0**, **v1.18.0-1-rc0**
+* Gitea **v1.18.0-rc1** will be Forgejo **v1.18.0-2-rc1**, **v1.18.0-3-rc1**, **v1.18.0-4-rc1**
+* Gitea **v1.18.0** will be Forgejo **v1.18.0-5**, **v1.18.0-6**, **v1.18.0-7**
+* etc.
+
+Because Forgejo is a soft fork of Gitea, it must retain the same release numbering scheme to be compatible with libraries and tools that depend on it. For instance, the tea CLI or the Gitea SDK will behave differently depending on the server version they connect to. If Forgejo had a different numbering scheme, it would no longer be compatible with the Gitea ecosystem.
+
+From a [Semantic Versioning](https://semver.org/) standpoint, all Forgejo releases are [pre-releases](https://semver.org/#spec-item-9) because they are suffixed with a dash. They are syntactically correct but do not comply with the Semantic Versioning recommendations. Gitea is not compliant either and as long as Forgejo is a soft fork, it inherits this problem.
+
+## Release process
+
+When publishing the vX.Y.Z-N release, the following steps must be followed:
+
+### Create a milestone and a check list
+
+* Create a `Forgejo vX.X.Z-N` milestone set to the date of the release
+* Create an issue named `[RELEASE] Forgejo vX.Y.Z-N` with a description that includes a list of what needs to be done for the release with links to follow the progress
+* Set the milestone of this issue to `Forgejo vX.X.Z-N`
+* Close the milestone when the release is complete
+
+### Cherry pick the latest commits from Gitea
+
+The vX.Y/forgejo branch is populated as part of the [rebase on top of Gitea](WORKFLOW.md). The release happens in between rebase and it is worth checking if the matching Gitea branch, release/vX.Y contains commits that should be included in the release.
+
+* `cherry-pick -x` the commits
+* push the vX.Y/forgejo branch including the commits
+* verify that the tests pass
+
+### Release Notes
+
+* Add an entry in RELEASE-NOTES.md
+* Copy/paste the matching entry from CHANGELOG.md
+* Update the PR references prefixing them with https://github.com/go-gitea/gitea/pull/
+
+### Testing
+
+When Forgejo is released, artefacts (packages, binaries, etc.) are first published by the CI/CD pipelines in the https://codeberg.org/forgejo-experimental organization, to be downloaded and verified to work.
+
+* Push the vX.Y/forgejo branch to https://codeberg.org/forgejo-integration/forgejo
+* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo-integration (if it fails for whatever reason, the tag and the release can be removed manually)
+  * Binaries are built and uploaded to https://codeberg.org/forgejo/forgejo-integration/releases
+  * Container images are built and uploaded to https://codeberg.org/forgejo-integration/-/packages/container/forgejo/versions
+* Push the vX.Y/forgejo branch to https://codeberg.org/forgejo-experimental/forgejo
+* Push the vX.Y/forgejo branch to https://codeberg.org/forgejo/experimental
+* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo/experimental
+  * Binaries are downloaded from https://codeberg.org/forgejo-integration, signed and copied to https://codeberg.org/forgejo-experimental
+  * Container images are copied from https://codeberg.org/forgejo-integration to https://codeberg.org/forgejo-experimental
+* Fetch the Forgejo release as part of the [forgejo-ci](https://codeberg.org/Codeberg-Infrastructure/scripted-configuration/src/branch/main/hosts/forgejo-ci) test suite. Push the change to a branch of a repository enabled in https://ci.dachary.org/ ([read more...](https://codeberg.org/forgejo/forgejo/issues/208)). It will deploy the release and run high level integration tests.
+* Reach out to packagers and users to manually verify the release works as expected
+
+### Publication
+
+* Push the vX.Y.Z-N tag to https://codeberg.org/forgejo/release
+  * Binaries are downloaded from https://codeberg.org/forgejo-integration, signed and copied to https://codeberg.org/forgejo
+  * Container images are copied from https://codeberg.org/forgejo-integration to https://codeberg.org/forgejo
+
+### Website update
+
+* Restart the last CI build at https://codeberg.org/forgejo/website/src/branch/main/
+* Verify https://forgejo.org/download/ points to the expected release
+* Manually try the instructions to work
+
+### DNS update
+
+* Update the `release.forgejo.org` TXT record that starts with `forgejo_versions=` to be `forgejo_versions=vX.Y.Z-N`
+
+### Standard toot
+
+The following toot can be re-used to announce a minor release at `https://floss.social/@forgejo`. For more significant releases it is best to consider a dedicated and non-standard toot.
+
+```
+#Forgejo vX.Y.Z-N was just released! This is a minor patch. Check out the release notes and download it at https://forgejo.org/releases/. If you experience any issues with this release, please report to https://codeberg.org/forgejo/forgejo/issues.
+```
+
+## Release signing keys management
+
+A GPG master key with no expiration date is created and shared with members of the Owners team via encrypted email. A subkey with a one year expiration date is created and stored in the secrets repository, to be used by the CI pipeline. The public master key is stored in the secrets repository and published where relevant.
+
+### Master key creation
+
+* gpg --expert --full-generate-key
+* key type: ECC and ECC option with Curve 25519 as curve
+* no expiration
+* id: Forgejo Releases 
+* gpg --export-secret-keys --armor EB114F5E6C0DC2BCDD183550A4B61A2DC5923710 and send via encrypted email to Owners
+* gpg --export --armor EB114F5E6C0DC2BCDD183550A4B61A2DC5923710 > release-team-gpg.pub
+* commit to the secret repository
+
+### Subkey creation and renewal
+
+* gpg --expert --edit-key EB114F5E6C0DC2BCDD183550A4B61A2DC5923710
+* addkey
+* key type: ECC (signature only)
+* key validity: one year
+* create [an issue](https://codeberg.org/forgejo/forgejo/issues) to schedule the renewal
+
+#### 2023
+
+* gpg --export --armor F7CBF02094E7665E17ED6C44E381BF3E50D53707 > 2023-release-team-gpg.pub
+* gpg --export-secret-keys --armor F7CBF02094E7665E17ED6C44E381BF3E50D53707 > 2023-release-team-gpg
+* commit to the secrets repository
+* renewal issue https://codeberg.org/forgejo/forgejo/issues/58
+
+### CI configuration
+
+In the Woodpecker CI configuration the following secrets must be set:
+
+* `releaseteamgpg` is the secret GPG key used to sign the releases
+* `releaseteamuser` is the user name to authenticate with the Forgejo API and publish the releases
+* `releaseteamtoken` is the token to authenticate `releaseteamuser` with the Forgejo API and publish the releases
+* `domain` is `codeberg.org`
+
+## Users, organizations and repositories
+
+### Shared user: release-team
+
+The [release-team](https://codeberg.org/release-team) user publishes and signs all releases. The associated email is mailto:release@forgejo.org.
+
+The public GPG key used to sign the releases is [EB114F5E6C0DC2BCDD183550A4B61A2DC5923710](https://codeberg.org/release-team.gpg) `Forgejo Releases `
+
+### Shared user: forgejo-ci
+
+The [forgejo-ci](https://codeberg.org/forgejo-ci) user is dedicated to https://forgejo-ci.codeberg.org/ and provides it with OAuth2 credentials it uses to run.
+
+### Shared user: forgejo-experimental-ci
+
+The [forgejo-experimental-ci](https://codeberg.org/forgejo-experimental-ci) user is dedicated to provide the application tokens used by Woodpecker CI repositories to build releases and publish them to https://codeberg.org/forgejo-experimental. It does not (and must not) have permission to publish releases at https://codeberg.org/forgejo.
+
+### Integration and experimental organization
+
+The https://codeberg.org/forgejo-integration organization is dedicated to integration testing. Its purpose is to ensure all artefacts can effectively be published and retrieved by the CI/CD pipelines. 
+
+The https://codeberg.org/forgejo-experimental organization is dedicated to publishing experimental Forgejo releases. They are copied from the https://codeberg.org/forgejo-integration organization.
+
+The `forgejo-experimental-ci` user as well as all Forgejo contributors working on the CI/CD pipeline should be owners of both organizations.
+
+The https://codeberg.org/forgejo-integration/forgejo repository is coupled with a Woodpecker CI repository configured with the credentials provided by the https://codeberg.org/forgejo-experimental-ci user. It runs the pipelines found in `releases/woodpecker-build/*.yml` which builds and publishes an unsigned release in https://codeberg.org/forgejo-integration.
+
+### Experimental and release repositories
+
+The https://codeberg.org/forgejo/experimental private repository is coupled with a Woodpecker CI repository configured with the credentials provided by the https://codeberg.org/forgejo-experimental-ci user. It runs the pipelines found in `releases/woodpecker-publish/*.yml` which signs and copies a release from https://codeberg.org/forgejo-integration into https://codeberg.org/forgejo-experimental.
+
+The https://codeberg.org/forgejo/release private repository is coupled with a Woodpecker CI repository configured with the credentials provided by the https://codeberg.org/release-team user. It runs the pipelines found in `releases/woodpecker-publish/*.yml` which signs and copies a release from https://codeberg.org/forgejo-integration into https://codeberg.org/forgejo.
diff --git a/CONTRIBUTING/SECRETS.md b/CONTRIBUTING/SECRETS.md
new file mode 100644
index 0000000000..6823d9f2f6
--- /dev/null
+++ b/CONTRIBUTING/SECRETS.md
@@ -0,0 +1,56 @@
+# Secrets
+
+All Forgejo credentials are shared among the [secret keepers](https://codeberg.org/forgejo/meta/src/branch/readme/TEAMS.md#secrets-keeper) teams in a private repository with encrypted content.
+
+## Get started
+
+1. Make sure you have a GPG Key, or [create one](https://github.com/NicoHood/gpgit#12-key-generation)
+2. Send someone else your public key and ask this person to add yourself as a recipient
+```
+# Commands for the other person
+$ gpg --import public_key.asc
+# The following command will open a prompt, with the available public keys. 
+# Choose the one you just added and all secrets will be re-encrypted with this new key.
+$ gopass recipients add
+```
+3. [Install gopass](https://www.gopass.pw/#install)
+> :warning: When installing on Ubuntu or Debian you can either download the deb package, install manually or build from source or use our APT repository ([github comment](https://github.com/gopasspw/gopass/issues/1849#issuecomment-802789285) with more information).
+4. Clone this repo using `gopass` (the name and email are for `git config`)
+```
+$ gopass clone git@codeberg.org:forgejo/gopass.git
+```
+5. Check the consistency of the gopass storage
+```
+$ gopass fsck
+```
+
+## Get a secret
+
+Show the whole secret file:
+```
+$ gopass show ovh.com/manager
+```
+
+Copy the password in the clipboard:
+```
+$ gopass show -c ovh.com/manager
+```
+
+Copy the `user` part of the secret in the clipboard:
+```
+$ gopass show -c ovh.com/manager user
+```
+
+## Insert or edit a secret
+```
+$ gopass edit ovh.com/manager
+```
+In the editor, insert the password on the first line.
+You may then add lines with a `key: value` syntax (`user: username` for instance).
+
+## Debugging and manual git operations
+
+The following command will show the location and status of the git repo (all git commands are available).
+```
+$ gopass git status
+```
diff --git a/CONTRIBUTING/WORKFLOW.md b/CONTRIBUTING/WORKFLOW.md
new file mode 100644
index 0000000000..9ff6101fe5
--- /dev/null
+++ b/CONTRIBUTING/WORKFLOW.md
@@ -0,0 +1,124 @@
+# Development workflow
+
+Forgejo is a soft fork, i.e. a set of commits applied to the Gitea development branch and the stable branches. On a regular basis those commits are rebased and modified if necessary to keep working. All Forgejo commits are merged into a branch from which binary releases and packages are created and distributed. The development workflow is a set of conventions Forgejo developers are expected to follow to work together.
+
+Discussions on how the workflow should evolve happen [in the isssue tracker](https://codeberg.org/forgejo/forgejo/issues?type=all&state=open&labels=&milestone=0&assignee=0&q=%5BWORKFLOW%5D).
+
+## Naming conventions
+
+### Development
+
+* Gitea: main
+* Forgejo: forgejo
+* Feature branches: forgejo-feature-name
+
+### Stable
+
+* Gitea: release/vX.Y
+* Forgejo: vX.Y/forgejo
+* Feature branches: vX.Y/forgejo-feature-name
+
+### Soft fork history
+
+Before rebasing on top of Gitea, all branches are copied to `soft-fork/YYYY-MM-DD/` for safekeeping. Older `soft-fork/*/` branches are converted into references under the same name. Similar to how pull requests store their head, they do not clutter the list of branches but can be retrieved if needed with `git fetch +refs/soft-fork/*:refs/soft-fork/*`. Tooling to automate this archival process [is available](https://codeberg.org/forgejo-contrib/soft-fork-tools/src/branch/master/README.md#archive-branches).
+
+### Tags
+
+Because the branches are rebased on top of Gitea, only the latest tag will be found in a given branch. For instance `v1.18.0-1` won't be found in the `v1.18/forgejo` branch after it is rebased.
+
+## Rebasing
+
+### *Feature branch*
+
+The *Gitea* branches are mirrored with the Gitea development and stable branches.
+
+On a regular basis, each *Feature branch* is rebased against the base *Gitea* branch.
+
+### forgejo branch
+
+The latest *Gitea* branch resets the *forgejo* branch and all *Feature branches* are merged into it.
+
+If tests pass after pushing *forgejo* to the https://codeberg.org/forgejo-integration/forgejo repository, it can be pushed to the https://codeberg.org/forgejo/forgejo repository.
+
+If tests do not pass, an issue is filed to the *Feature branch* that fails the test. Once the issue is resolved, another round of rebasing starts.
+
+### Cherry picking and rebasing
+
+Because Forgejo is a soft fork of Gitea, the commits in feature branches need to be cherry-picked on top of their base branch. They cannot be rebased using `git rebase`, because their base branch has been rebased.
+
+Here is how the commits in the `forgejo-f3` branch can be cherry-picked on top of the latest `forgejo-development` branch:
+
+```
+$ git fetch --all
+$ git remote get-url forgejo
+git@codeberg.org:forgejo/forgejo.git
+$ git checkout -b forgejo/forgejo-f3
+$ git reset --hard forgejo/forgejo-development
+$ git cherry-pick $(git rev-list --reverse forgejo/soft-fork/2022-12-10/forgejo-development..forgejo/soft-fork/2022-12-10/forgejo-f3)
+$ git push --force forgejo-f3 forgejo/forgejo-f3
+```
+
+## Feature branches
+
+All *Feature branches* are based on the {vX.Y/,}forgejo-development branch which provides development tools and documentation.
+
+The `forgejo-development` branch is based on the {vX.Y/,}forgejo-ci branch which provides the Woodpecker CI configuration.
+
+The purpose of each *Feature branch* is documented below:
+
+### General purpose
+
+* [forgejo-ci](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-ci) based on [main](https://codeberg.org/forgejo/forgejo/src/branch/main)
+  Woodpecker CI configuration, including the release process.
+  * Backports: [v1.18/forgejo-ci](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-ci)
+
+* [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development) based on [forgejo-ci](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-ci)
+  Forgejo development tools and documentation.
+  * Backports: [v1.18/forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-development)
+
+### Dependency
+
+* [forgejo-dependency](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-dependency) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  Each commit is prefixed with the name of dependency in uppercase, for instance **[GOTH]** or **[GITEA]**. They are standalone and implement either a bug fix or a feature that is in the process of being contributed to the dependency. It is better to contribute directly to the dependency instead of adding a commit to this branch but it is sometimes not possible, for instance when someone does not have a GitHub account. The author of the commit is responsible for rebasing and resolve conflicts. The ultimate goal of this branch is to be empty and it is expected that a continuous effort is made to reduce its content so that the technical debt it represents does not burden Forgejo long term.
+  * Backports: [v1.18/forgejo-dependency](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-dependency)
+
+### [Privacy](https://codeberg.org/forgejo/forgejo/issues?labels=83271)
+
+* [forgejo-privacy](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-privacy) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  Customize Forgejo to have more privacy.
+  * Backports: [v1.18/forgejo-privacy](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-privacy)
+
+### Branding
+* [forgejo-branding](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-branding) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  Replacing upstream branding with Forgejo branding
+
+### [Internationalization](https://codeberg.org/forgejo/forgejo/issues?labels=82637)
+* [forgejo-i18n](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-i18n) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  Internationalization support for Forgejo with a workflow based on Weblate.
+
+### [Accessibility](https://codeberg.org/forgejo/forgejo/issues?labels=81214)
+* Backports only: [v1.18/forgejo-a11y](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-a11y) based on [v1.18/forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/v1.18/forgejo-development)
+  Backport future upstream a11y improvements to the current release of Forgejo
+
+### [Federation](https://codeberg.org/forgejo/forgejo/issues?labels=79349)
+
+* [forgejo-federation](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-federation) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  Federation support for Forgejo
+
+* [forgejo-f3](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-f3) based on [forgejo-development](https://codeberg.org/forgejo/forgejo/src/branch/forgejo-development)
+  [F3](https://lab.forgefriends.org/friendlyforgeformat/gof3) support for Forgejo
+
+## Pull requests and feature branches
+
+Most people who are used to contributing will be familiar with the workflow of sending a pull request against the default branch. When that happens the reviewer should change the base branch to the appropriate *Feature branch* instead. If the pull request does not fit in any *Feature branch*, the reviewer needs to make decision to either:
+
+* Decline the pull request because it is best contributed to Gitea
+* Create a new *Feature branch*
+
+Returning contributors can figure out which *Feature branch* to base their pull request on using the list of *Feature branches*.
+
+## Granularity
+
+*Feature branches* can contain a number of commits grouped together, for instance for branding the documentation, the landing page and the footer. It makes it convenient for people working on that topic to get the big picture without browsing multiple branches. Creating a new *Feature branch* for each individual commit, while possible, is likely to be difficult to work with.
+
+Observing the granularity of the existing *Feature branches* is the best way to figure out what works and what does not. It requires adjustments from time to time depending on the number of contributors and the complexity of the Forgejo codebase that sits on top of Gitea.
diff --git a/DCO b/DCO
index 49b8cb0549..3aca339def 100644
--- a/DCO
+++ b/DCO
@@ -2,6 +2,8 @@ Developer Certificate of Origin
 Version 1.1
 
 Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
+660 York Street, Suite 102,
+San Francisco, CA 94110 USA
 
 Everyone is permitted to copy and distribute verbatim copies of this
 license document, but changing it is not allowed.
@@ -31,4 +33,4 @@ By making a contribution to this project, I certify that:
     are public and that a record of the contribution (including all
     personal information I submit with it, including my sign-off) is
     maintained indefinitely and may be redistributed consistent with
-    this project or the open source license(s) involved.
+    this project or the open source license(s) involved.
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 3f7f3e7d1f..905c327c3c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,68 +1,30 @@
-FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/xx AS xx
-
-FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.21 as build-env
+#Build stage
+FROM golang:1.19-alpine3.16 AS build-env
 
 ARG GOPROXY
-ENV GOPROXY=${GOPROXY:-direct}
+ENV GOPROXY ${GOPROXY:-direct}
 
-ARG RELEASE_VERSION
+ARG GITEA_VERSION
 ARG TAGS="sqlite sqlite_unlock_notify"
-ENV TAGS="bindata timetzdata $TAGS"
+ENV TAGS "bindata timetzdata $TAGS"
 ARG CGO_EXTRA_CFLAGS
 
-#
-# Transparently cross compile for the target platform
-#
-COPY --from=xx / /
-ARG TARGETPLATFORM
-RUN apk --no-cache add clang lld
-RUN xx-apk --no-cache add gcc musl-dev
-ENV CGO_ENABLED=1
-RUN xx-go --wrap
-#
-# for go generate and binfmt to find
-# without it the generate phase will fail with
-# #19 25.04 modules/public/public_bindata.go:8: running "go": exit status 1
-# #19 25.39 aarch64-binfmt-P: Could not open '/lib/ld-musl-aarch64.so.1': No such file or directory
-# why exactly is it needed? where is binfmt involved?
-#
-RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
-
+#Build deps
 RUN apk --no-cache add build-base git nodejs npm
 
+#Setup repo
 COPY . ${GOPATH}/src/code.gitea.io/gitea
 WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 
-RUN make clean
-RUN make frontend
-RUN go build contrib/environment-to-ini/environment-to-ini.go && xx-verify environment-to-ini
-RUN LDFLAGS="-buildid=" make RELEASE_VERSION=$RELEASE_VERSION GOFLAGS="-trimpath" go-check generate-backend static-executable && xx-verify gitea
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean-all build
 
-# Copy local files
-COPY docker/root /tmp/local
+# Begin env-to-ini build
+RUN go build contrib/environment-to-ini/environment-to-ini.go
 
-# Set permissions
-RUN chmod 755 /tmp/local/usr/bin/entrypoint \
-              /tmp/local/usr/local/bin/gitea \
-              /tmp/local/etc/s6/gitea/* \
-              /tmp/local/etc/s6/openssh/* \
-              /tmp/local/etc/s6/.s6-svscan/* \
-              /go/src/code.gitea.io/gitea/gitea \
-              /go/src/code.gitea.io/gitea/environment-to-ini
-RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
-
-FROM code.forgejo.org/oci/alpine:3.21
-ARG RELEASE_VERSION
-LABEL maintainer="contact@forgejo.org" \
-      org.opencontainers.image.authors="Forgejo" \
-      org.opencontainers.image.url="https://forgejo.org" \
-      org.opencontainers.image.documentation="https://forgejo.org/download/#container-image" \
-      org.opencontainers.image.source="https://codeberg.org/forgejo/forgejo" \
-      org.opencontainers.image.version="${RELEASE_VERSION}" \
-      org.opencontainers.image.vendor="Forgejo" \
-      org.opencontainers.image.licenses="GPL-3.0-or-later" \
-      org.opencontainers.image.title="Forgejo. Beyond coding. We forge." \
-      org.opencontainers.image.description="Forgejo is a self-hosted lightweight software forge. Easy to install and low maintenance, it just does the job."
+FROM alpine:3.16
+LABEL maintainer="contact@forgejo.org"
 
 EXPOSE 22 3000
 
@@ -77,8 +39,7 @@ RUN apk --no-cache add \
     s6 \
     sqlite \
     su-exec \
-    gnupg \
-    && rm -rf /var/cache/apk/*
+    gnupg
 
 RUN addgroup \
     -S -g 1000 \
@@ -92,17 +53,16 @@ RUN addgroup \
     git && \
   echo "git:*" | chpasswd -e
 
-ENV USER=git
-ENV GITEA_CUSTOM=/data/gitea
+ENV USER git
+ENV GITEA_CUSTOM /data/gitea
 
 VOLUME ["/data"]
 
 ENTRYPOINT ["/usr/bin/entrypoint"]
-CMD ["/usr/bin/s6-svscan", "/etc/s6"]
+CMD ["/bin/s6-svscan", "/etc/s6"]
 
-COPY --from=build-env /tmp/local /
-RUN cd /usr/local/bin ; ln -s gitea forgejo
+COPY docker/root /
 COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
-RUN ln -s /app/gitea/gitea /app/gitea/forgejo-cli
 COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
+RUN chmod 755 /usr/bin/entrypoint /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini
+RUN chmod 755 /etc/s6/gitea/* /etc/s6/openssh/* /etc/s6/.s6-svscan/*
diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index 129bd6f1ba..d3df54f731 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -1,65 +1,30 @@
-FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/xx AS xx
-
-FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.21 as build-env
+#Build stage
+FROM golang:1.19-alpine3.16 AS build-env
 
 ARG GOPROXY
-ENV GOPROXY=${GOPROXY:-direct}
+ENV GOPROXY ${GOPROXY:-direct}
 
-ARG RELEASE_VERSION
+ARG GITEA_VERSION
 ARG TAGS="sqlite sqlite_unlock_notify"
-ENV TAGS="bindata timetzdata $TAGS"
+ENV TAGS "bindata timetzdata $TAGS"
 ARG CGO_EXTRA_CFLAGS
 
-#
-# Transparently cross compile for the target platform
-#
-COPY --from=xx / /
-ARG TARGETPLATFORM
-RUN apk --no-cache add clang lld
-RUN xx-apk --no-cache add gcc musl-dev
-ENV CGO_ENABLED=1
-RUN xx-go --wrap
-#
-# for go generate and binfmt to find
-# without it the generate phase will fail with
-# #19 25.04 modules/public/public_bindata.go:8: running "go": exit status 1
-# #19 25.39 aarch64-binfmt-P: Could not open '/lib/ld-musl-aarch64.so.1': No such file or directory
-# why exactly is it needed? where is binfmt involved?
-#
-RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
-
+#Build deps
 RUN apk --no-cache add build-base git nodejs npm
 
+#Setup repo
 COPY . ${GOPATH}/src/code.gitea.io/gitea
 WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 
-RUN make clean
-RUN make frontend
-RUN go build contrib/environment-to-ini/environment-to-ini.go && xx-verify environment-to-ini
-RUN make RELEASE_VERSION=$RELEASE_VERSION go-check generate-backend static-executable && xx-verify gitea
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean-all build
 
-# Copy local files
-COPY docker/rootless /tmp/local
+# Begin env-to-ini build
+RUN go build contrib/environment-to-ini/environment-to-ini.go
 
-# Set permissions
-RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
-              /tmp/local/usr/local/bin/docker-setup.sh \
-              /tmp/local/usr/local/bin/gitea \
-              /go/src/code.gitea.io/gitea/gitea \
-              /go/src/code.gitea.io/gitea/environment-to-ini
-RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
-
-FROM code.forgejo.org/oci/alpine:3.21
-LABEL maintainer="contact@forgejo.org" \
-      org.opencontainers.image.authors="Forgejo" \
-      org.opencontainers.image.url="https://forgejo.org" \
-      org.opencontainers.image.documentation="https://forgejo.org/download/#container-image" \
-      org.opencontainers.image.source="https://codeberg.org/forgejo/forgejo" \
-      org.opencontainers.image.version="${RELEASE_VERSION}" \
-      org.opencontainers.image.vendor="Forgejo" \
-      org.opencontainers.image.licenses="GPL-3.0-or-later" \
-      org.opencontainers.image.title="Forgejo. Beyond coding. We forge." \
-      org.opencontainers.image.description="Forgejo is a self-hosted lightweight software forge. Easy to install and low maintenance, it just does the job."
+FROM alpine:3.16
+LABEL maintainer="contact@forgejo.org"
 
 EXPOSE 2222 3000
 
@@ -70,8 +35,7 @@ RUN apk --no-cache add \
     gettext \
     git \
     curl \
-    gnupg \
-    && rm -rf /var/cache/apk/*
+    gnupg
 
 RUN addgroup \
     -S -g 1000 \
@@ -87,28 +51,24 @@ RUN addgroup \
 RUN mkdir -p /var/lib/gitea /etc/gitea
 RUN chown git:git /var/lib/gitea /etc/gitea
 
-COPY --from=build-env /tmp/local /
-RUN cd /usr/local/bin ; ln -s gitea forgejo
+COPY docker/rootless /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
-RUN ln -s /app/gitea/gitea /app/gitea/forgejo-cli
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
+RUN chmod 755 /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-setup.sh /app/gitea/gitea /usr/local/bin/gitea /usr/local/bin/environment-to-ini
 
 #git:git
 USER 1000:1000
-ENV GITEA_WORK_DIR=/var/lib/gitea
-ENV GITEA_CUSTOM=/var/lib/gitea/custom
-ENV GITEA_TEMP=/tmp/gitea
-ENV TMPDIR=/tmp/gitea
+ENV GITEA_WORK_DIR /var/lib/gitea
+ENV GITEA_CUSTOM /var/lib/gitea/custom
+ENV GITEA_TEMP /tmp/gitea
+ENV TMPDIR /tmp/gitea
 
-# Legacy config file for backwards compatibility
-# TODO: remove on next major version release
-ENV GITEA_APP_INI_LEGACY=/etc/gitea/app.ini
-
-ENV GITEA_APP_INI=${GITEA_CUSTOM}/conf/app.ini
-ENV HOME="/var/lib/gitea/git"
+#TODO add to docs the ability to define the ini to load (useful to test and revert a config)
+ENV GITEA_APP_INI /etc/gitea/app.ini
+ENV HOME "/var/lib/gitea/git"
 VOLUME ["/var/lib/gitea", "/etc/gitea"]
 WORKDIR /var/lib/gitea
 
 ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"]
 CMD []
+
diff --git a/LICENSE b/LICENSE
index f288702d2f..eeefaa717a 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,674 +1,21 @@
-                    GNU GENERAL PUBLIC LICENSE
-                       Version 3, 29 June 2007
-
- Copyright (C) 2007 Free Software Foundation, Inc. 
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-                            Preamble
-
-  The GNU General Public License is a free, copyleft license for
-software and other kinds of works.
-
-  The licenses for most software and other practical works are designed
-to take away your freedom to share and change the works.  By contrast,
-the GNU General Public License is intended to guarantee your freedom to
-share and change all versions of a program--to make sure it remains free
-software for all its users.  We, the Free Software Foundation, use the
-GNU General Public License for most of our software; it applies also to
-any other work released this way by its authors.  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-them if you wish), that you receive source code or can get it if you
-want it, that you can change the software or use pieces of it in new
-free programs, and that you know you can do these things.
-
-  To protect your rights, we need to prevent others from denying you
-these rights or asking you to surrender the rights.  Therefore, you have
-certain responsibilities if you distribute copies of the software, or if
-you modify it: responsibilities to respect the freedom of others.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must pass on to the recipients the same
-freedoms that you received.  You must make sure that they, too, receive
-or can get the source code.  And you must show them these terms so they
-know their rights.
-
-  Developers that use the GNU GPL protect your rights with two steps:
-(1) assert copyright on the software, and (2) offer you this License
-giving you legal permission to copy, distribute and/or modify it.
-
-  For the developers' and authors' protection, the GPL clearly explains
-that there is no warranty for this free software.  For both users' and
-authors' sake, the GPL requires that modified versions be marked as
-changed, so that their problems will not be attributed erroneously to
-authors of previous versions.
-
-  Some devices are designed to deny users access to install or run
-modified versions of the software inside them, although the manufacturer
-can do so.  This is fundamentally incompatible with the aim of
-protecting users' freedom to change the software.  The systematic
-pattern of such abuse occurs in the area of products for individuals to
-use, which is precisely where it is most unacceptable.  Therefore, we
-have designed this version of the GPL to prohibit the practice for those
-products.  If such problems arise substantially in other domains, we
-stand ready to extend this provision to those domains in future versions
-of the GPL, as needed to protect the freedom of users.
-
-  Finally, every program is threatened constantly by software patents.
-States should not allow patents to restrict development and use of
-software on general-purpose computers, but in those that do, we wish to
-avoid the special danger that patents applied to a free program could
-make it effectively proprietary.  To prevent this, the GPL assures that
-patents cannot be used to render the program non-free.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-                       TERMS AND CONDITIONS
-
-  0. Definitions.
-
-  "This License" refers to version 3 of the GNU General Public License.
-
-  "Copyright" also means copyright-like laws that apply to other kinds of
-works, such as semiconductor masks.
-
-  "The Program" refers to any copyrightable work licensed under this
-License.  Each licensee is addressed as "you".  "Licensees" and
-"recipients" may be individuals or organizations.
-
-  To "modify" a work means to copy from or adapt all or part of the work
-in a fashion requiring copyright permission, other than the making of an
-exact copy.  The resulting work is called a "modified version" of the
-earlier work or a work "based on" the earlier work.
-
-  A "covered work" means either the unmodified Program or a work based
-on the Program.
-
-  To "propagate" a work means to do anything with it that, without
-permission, would make you directly or secondarily liable for
-infringement under applicable copyright law, except executing it on a
-computer or modifying a private copy.  Propagation includes copying,
-distribution (with or without modification), making available to the
-public, and in some countries other activities as well.
-
-  To "convey" a work means any kind of propagation that enables other
-parties to make or receive copies.  Mere interaction with a user through
-a computer network, with no transfer of a copy, is not conveying.
-
-  An interactive user interface displays "Appropriate Legal Notices"
-to the extent that it includes a convenient and prominently visible
-feature that (1) displays an appropriate copyright notice, and (2)
-tells the user that there is no warranty for the work (except to the
-extent that warranties are provided), that licensees may convey the
-work under this License, and how to view a copy of this License.  If
-the interface presents a list of user commands or options, such as a
-menu, a prominent item in the list meets this criterion.
-
-  1. Source Code.
-
-  The "source code" for a work means the preferred form of the work
-for making modifications to it.  "Object code" means any non-source
-form of a work.
-
-  A "Standard Interface" means an interface that either is an official
-standard defined by a recognized standards body, or, in the case of
-interfaces specified for a particular programming language, one that
-is widely used among developers working in that language.
-
-  The "System Libraries" of an executable work include anything, other
-than the work as a whole, that (a) is included in the normal form of
-packaging a Major Component, but which is not part of that Major
-Component, and (b) serves only to enable use of the work with that
-Major Component, or to implement a Standard Interface for which an
-implementation is available to the public in source code form.  A
-"Major Component", in this context, means a major essential component
-(kernel, window system, and so on) of the specific operating system
-(if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
-
-  The "Corresponding Source" for a work in object code form means all
-the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
-control those activities.  However, it does not include the work's
-System Libraries, or general-purpose tools or generally available free
-programs which are used unmodified in performing those activities but
-which are not part of the work.  For example, Corresponding Source
-includes interface definition files associated with source files for
-the work, and the source code for shared libraries and dynamically
-linked subprograms that the work is specifically designed to require,
-such as by intimate data communication or control flow between those
-subprograms and other parts of the work.
-
-  The Corresponding Source need not include anything that users
-can regenerate automatically from other parts of the Corresponding
-Source.
-
-  The Corresponding Source for a work in source code form is that
-same work.
-
-  2. Basic Permissions.
-
-  All rights granted under this License are granted for the term of
-copyright on the Program, and are irrevocable provided the stated
-conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
-covered work is covered by this License only if the output, given its
-content, constitutes a covered work.  This License acknowledges your
-rights of fair use or other equivalent, as provided by copyright law.
-
-  You may make, run and propagate covered works that you do not
-convey, without conditions so long as your license otherwise remains
-in force.  You may convey covered works to others for the sole purpose
-of having them make modifications exclusively for you, or provide you
-with facilities for running those works, provided that you comply with
-the terms of this License in conveying all material for which you do
-not control copyright.  Those thus making or running the covered works
-for you must do so exclusively on your behalf, under your direction
-and control, on terms that prohibit them from making any copies of
-your copyrighted material outside their relationship with you.
-
-  Conveying under any other circumstances is permitted solely under
-the conditions stated below.  Sublicensing is not allowed; section 10
-makes it unnecessary.
-
-  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
-
-  No covered work shall be deemed part of an effective technological
-measure under any applicable law fulfilling obligations under article
-11 of the WIPO copyright treaty adopted on 20 December 1996, or
-similar laws prohibiting or restricting circumvention of such
-measures.
-
-  When you convey a covered work, you waive any legal power to forbid
-circumvention of technological measures to the extent such circumvention
-is effected by exercising rights under this License with respect to
-the covered work, and you disclaim any intention to limit operation or
-modification of the work as a means of enforcing, against the work's
-users, your or third parties' legal rights to forbid circumvention of
-technological measures.
-
-  4. Conveying Verbatim Copies.
-
-  You may convey verbatim copies of the Program's source code as you
-receive it, in any medium, provided that you conspicuously and
-appropriately publish on each copy an appropriate copyright notice;
-keep intact all notices stating that this License and any
-non-permissive terms added in accord with section 7 apply to the code;
-keep intact all notices of the absence of any warranty; and give all
-recipients a copy of this License along with the Program.
-
-  You may charge any price or no price for each copy that you convey,
-and you may offer support or warranty protection for a fee.
-
-  5. Conveying Modified Source Versions.
-
-  You may convey a work based on the Program, or the modifications to
-produce it from the Program, in the form of source code under the
-terms of section 4, provided that you also meet all of these conditions:
-
-    a) The work must carry prominent notices stating that you modified
-    it, and giving a relevant date.
-
-    b) The work must carry prominent notices stating that it is
-    released under this License and any conditions added under section
-    7.  This requirement modifies the requirement in section 4 to
-    "keep intact all notices".
-
-    c) You must license the entire work, as a whole, under this
-    License to anyone who comes into possession of a copy.  This
-    License will therefore apply, along with any applicable section 7
-    additional terms, to the whole of the work, and all its parts,
-    regardless of how they are packaged.  This License gives no
-    permission to license the work in any other way, but it does not
-    invalidate such permission if you have separately received it.
-
-    d) If the work has interactive user interfaces, each must display
-    Appropriate Legal Notices; however, if the Program has interactive
-    interfaces that do not display Appropriate Legal Notices, your
-    work need not make them do so.
-
-  A compilation of a covered work with other separate and independent
-works, which are not by their nature extensions of the covered work,
-and which are not combined with it such as to form a larger program,
-in or on a volume of a storage or distribution medium, is called an
-"aggregate" if the compilation and its resulting copyright are not
-used to limit the access or legal rights of the compilation's users
-beyond what the individual works permit.  Inclusion of a covered work
-in an aggregate does not cause this License to apply to the other
-parts of the aggregate.
-
-  6. Conveying Non-Source Forms.
-
-  You may convey a covered work in object code form under the terms
-of sections 4 and 5, provided that you also convey the
-machine-readable Corresponding Source under the terms of this License,
-in one of these ways:
-
-    a) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by the
-    Corresponding Source fixed on a durable physical medium
-    customarily used for software interchange.
-
-    b) Convey the object code in, or embodied in, a physical product
-    (including a physical distribution medium), accompanied by a
-    written offer, valid for at least three years and valid for as
-    long as you offer spare parts or customer support for that product
-    model, to give anyone who possesses the object code either (1) a
-    copy of the Corresponding Source for all the software in the
-    product that is covered by this License, on a durable physical
-    medium customarily used for software interchange, for a price no
-    more than your reasonable cost of physically performing this
-    conveying of source, or (2) access to copy the
-    Corresponding Source from a network server at no charge.
-
-    c) Convey individual copies of the object code with a copy of the
-    written offer to provide the Corresponding Source.  This
-    alternative is allowed only occasionally and noncommercially, and
-    only if you received the object code with such an offer, in accord
-    with subsection 6b.
-
-    d) Convey the object code by offering access from a designated
-    place (gratis or for a charge), and offer equivalent access to the
-    Corresponding Source in the same way through the same place at no
-    further charge.  You need not require recipients to copy the
-    Corresponding Source along with the object code.  If the place to
-    copy the object code is a network server, the Corresponding Source
-    may be on a different server (operated by you or a third party)
-    that supports equivalent copying facilities, provided you maintain
-    clear directions next to the object code saying where to find the
-    Corresponding Source.  Regardless of what server hosts the
-    Corresponding Source, you remain obligated to ensure that it is
-    available for as long as needed to satisfy these requirements.
-
-    e) Convey the object code using peer-to-peer transmission, provided
-    you inform other peers where the object code and Corresponding
-    Source of the work are being offered to the general public at no
-    charge under subsection 6d.
-
-  A separable portion of the object code, whose source code is excluded
-from the Corresponding Source as a System Library, need not be
-included in conveying the object code work.
-
-  A "User Product" is either (1) a "consumer product", which means any
-tangible personal property which is normally used for personal, family,
-or household purposes, or (2) anything designed or sold for incorporation
-into a dwelling.  In determining whether a product is a consumer product,
-doubtful cases shall be resolved in favor of coverage.  For a particular
-product received by a particular user, "normally used" refers to a
-typical or common use of that class of product, regardless of the status
-of the particular user or of the way in which the particular user
-actually uses, or expects or is expected to use, the product.  A product
-is a consumer product regardless of whether the product has substantial
-commercial, industrial or non-consumer uses, unless such uses represent
-the only significant mode of use of the product.
-
-  "Installation Information" for a User Product means any methods,
-procedures, authorization keys, or other information required to install
-and execute modified versions of a covered work in that User Product from
-a modified version of its Corresponding Source.  The information must
-suffice to ensure that the continued functioning of the modified object
-code is in no case prevented or interfered with solely because
-modification has been made.
-
-  If you convey an object code work under this section in, or with, or
-specifically for use in, a User Product, and the conveying occurs as
-part of a transaction in which the right of possession and use of the
-User Product is transferred to the recipient in perpetuity or for a
-fixed term (regardless of how the transaction is characterized), the
-Corresponding Source conveyed under this section must be accompanied
-by the Installation Information.  But this requirement does not apply
-if neither you nor any third party retains the ability to install
-modified object code on the User Product (for example, the work has
-been installed in ROM).
-
-  The requirement to provide Installation Information does not include a
-requirement to continue to provide support service, warranty, or updates
-for a work that has been modified or installed by the recipient, or for
-the User Product in which it has been modified or installed.  Access to a
-network may be denied when the modification itself materially and
-adversely affects the operation of the network or violates the rules and
-protocols for communication across the network.
-
-  Corresponding Source conveyed, and Installation Information provided,
-in accord with this section must be in a format that is publicly
-documented (and with an implementation available to the public in
-source code form), and must require no special password or key for
-unpacking, reading or copying.
-
-  7. Additional Terms.
-
-  "Additional permissions" are terms that supplement the terms of this
-License by making exceptions from one or more of its conditions.
-Additional permissions that are applicable to the entire Program shall
-be treated as though they were included in this License, to the extent
-that they are valid under applicable law.  If additional permissions
-apply only to part of the Program, that part may be used separately
-under those permissions, but the entire Program remains governed by
-this License without regard to the additional permissions.
-
-  When you convey a copy of a covered work, you may at your option
-remove any additional permissions from that copy, or from any part of
-it.  (Additional permissions may be written to require their own
-removal in certain cases when you modify the work.)  You may place
-additional permissions on material, added by you to a covered work,
-for which you have or can give appropriate copyright permission.
-
-  Notwithstanding any other provision of this License, for material you
-add to a covered work, you may (if authorized by the copyright holders of
-that material) supplement the terms of this License with terms:
-
-    a) Disclaiming warranty or limiting liability differently from the
-    terms of sections 15 and 16 of this License; or
-
-    b) Requiring preservation of specified reasonable legal notices or
-    author attributions in that material or in the Appropriate Legal
-    Notices displayed by works containing it; or
-
-    c) Prohibiting misrepresentation of the origin of that material, or
-    requiring that modified versions of such material be marked in
-    reasonable ways as different from the original version; or
-
-    d) Limiting the use for publicity purposes of names of licensors or
-    authors of the material; or
-
-    e) Declining to grant rights under trademark law for use of some
-    trade names, trademarks, or service marks; or
-
-    f) Requiring indemnification of licensors and authors of that
-    material by anyone who conveys the material (or modified versions of
-    it) with contractual assumptions of liability to the recipient, for
-    any liability that these contractual assumptions directly impose on
-    those licensors and authors.
-
-  All other non-permissive additional terms are considered "further
-restrictions" within the meaning of section 10.  If the Program as you
-received it, or any part of it, contains a notice stating that it is
-governed by this License along with a term that is a further
-restriction, you may remove that term.  If a license document contains
-a further restriction but permits relicensing or conveying under this
-License, you may add to a covered work material governed by the terms
-of that license document, provided that the further restriction does
-not survive such relicensing or conveying.
-
-  If you add terms to a covered work in accord with this section, you
-must place, in the relevant source files, a statement of the
-additional terms that apply to those files, or a notice indicating
-where to find the applicable terms.
-
-  Additional terms, permissive or non-permissive, may be stated in the
-form of a separately written license, or stated as exceptions;
-the above requirements apply either way.
-
-  8. Termination.
-
-  You may not propagate or modify a covered work except as expressly
-provided under this License.  Any attempt otherwise to propagate or
-modify it is void, and will automatically terminate your rights under
-this License (including any patent licenses granted under the third
-paragraph of section 11).
-
-  However, if you cease all violation of this License, then your
-license from a particular copyright holder is reinstated (a)
-provisionally, unless and until the copyright holder explicitly and
-finally terminates your license, and (b) permanently, if the copyright
-holder fails to notify you of the violation by some reasonable means
-prior to 60 days after the cessation.
-
-  Moreover, your license from a particular copyright holder is
-reinstated permanently if the copyright holder notifies you of the
-violation by some reasonable means, this is the first time you have
-received notice of violation of this License (for any work) from that
-copyright holder, and you cure the violation prior to 30 days after
-your receipt of the notice.
-
-  Termination of your rights under this section does not terminate the
-licenses of parties who have received copies or rights from you under
-this License.  If your rights have been terminated and not permanently
-reinstated, you do not qualify to receive new licenses for the same
-material under section 10.
-
-  9. Acceptance Not Required for Having Copies.
-
-  You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
-occurring solely as a consequence of using peer-to-peer transmission
-to receive a copy likewise does not require acceptance.  However,
-nothing other than this License grants you permission to propagate or
-modify any covered work.  These actions infringe copyright if you do
-not accept this License.  Therefore, by modifying or propagating a
-covered work, you indicate your acceptance of this License to do so.
-
-  10. Automatic Licensing of Downstream Recipients.
-
-  Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
-propagate that work, subject to this License.  You are not responsible
-for enforcing compliance by third parties with this License.
-
-  An "entity transaction" is a transaction transferring control of an
-organization, or substantially all assets of one, or subdividing an
-organization, or merging organizations.  If propagation of a covered
-work results from an entity transaction, each party to that
-transaction who receives a copy of the work also receives whatever
-licenses to the work the party's predecessor in interest had or could
-give under the previous paragraph, plus a right to possession of the
-Corresponding Source of the work from the predecessor in interest, if
-the predecessor has it or can get it with reasonable efforts.
-
-  You may not impose any further restrictions on the exercise of the
-rights granted or affirmed under this License.  For example, you may
-not impose a license fee, royalty, or other charge for exercise of
-rights granted under this License, and you may not initiate litigation
-(including a cross-claim or counterclaim in a lawsuit) alleging that
-any patent claim is infringed by making, using, selling, offering for
-sale, or importing the Program or any portion of it.
-
-  11. Patents.
-
-  A "contributor" is a copyright holder who authorizes use under this
-License of the Program or a work on which the Program is based.  The
-work thus licensed is called the contributor's "contributor version".
-
-  A contributor's "essential patent claims" are all patent claims
-owned or controlled by the contributor, whether already acquired or
-hereafter acquired, that would be infringed by some manner, permitted
-by this License, of making, using, or selling its contributor version,
-but do not include claims that would be infringed only as a
-consequence of further modification of the contributor version.  For
-purposes of this definition, "control" includes the right to grant
-patent sublicenses in a manner consistent with the requirements of
-this License.
-
-  Each contributor grants you a non-exclusive, worldwide, royalty-free
-patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
-propagate the contents of its contributor version.
-
-  In the following three paragraphs, a "patent license" is any express
-agreement or commitment, however denominated, not to enforce a patent
-(such as an express permission to practice a patent or covenant not to
-sue for patent infringement).  To "grant" such a patent license to a
-party means to make such an agreement or commitment not to enforce a
-patent against the party.
-
-  If you convey a covered work, knowingly relying on a patent license,
-and the Corresponding Source of the work is not available for anyone
-to copy, free of charge and under the terms of this License, through a
-publicly available network server or other readily accessible means,
-then you must either (1) cause the Corresponding Source to be so
-available, or (2) arrange to deprive yourself of the benefit of the
-patent license for this particular work, or (3) arrange, in a manner
-consistent with the requirements of this License, to extend the patent
-license to downstream recipients.  "Knowingly relying" means you have
-actual knowledge that, but for the patent license, your conveying the
-covered work in a country, or your recipient's use of the covered work
-in a country, would infringe one or more identifiable patents in that
-country that you have reason to believe are valid.
-
-  If, pursuant to or in connection with a single transaction or
-arrangement, you convey, or propagate by procuring conveyance of, a
-covered work, and grant a patent license to some of the parties
-receiving the covered work authorizing them to use, propagate, modify
-or convey a specific copy of the covered work, then the patent license
-you grant is automatically extended to all recipients of the covered
-work and works based on it.
-
-  A patent license is "discriminatory" if it does not include within
-the scope of its coverage, prohibits the exercise of, or is
-conditioned on the non-exercise of one or more of the rights that are
-specifically granted under this License.  You may not convey a covered
-work if you are a party to an arrangement with a third party that is
-in the business of distributing software, under which you make payment
-to the third party based on the extent of your activity of conveying
-the work, and under which the third party grants, to any of the
-parties who would receive the covered work from you, a discriminatory
-patent license (a) in connection with copies of the covered work
-conveyed by you (or copies made from those copies), or (b) primarily
-for and in connection with specific products or compilations that
-contain the covered work, unless you entered into that arrangement,
-or that patent license was granted, prior to 28 March 2007.
-
-  Nothing in this License shall be construed as excluding or limiting
-any implied license or other defenses to infringement that may
-otherwise be available to you under applicable patent law.
-
-  12. No Surrender of Others' Freedom.
-
-  If conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot convey a
-covered work so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you may
-not convey it at all.  For example, if you agree to terms that obligate you
-to collect a royalty for further conveying from those to whom you convey
-the Program, the only way you could satisfy both those terms and this
-License would be to refrain entirely from conveying the Program.
-
-  13. Use with the GNU Affero General Public License.
-
-  Notwithstanding any other provision of this License, you have
-permission to link or combine any covered work with a work licensed
-under version 3 of the GNU Affero General Public License into a single
-combined work, and to convey the resulting work.  The terms of this
-License will continue to apply to the part which is the covered work,
-but the special requirements of the GNU Affero General Public License,
-section 13, concerning interaction through a network will apply to the
-combination as such.
-
-  14. Revised Versions of this License.
-
-  The Free Software Foundation may publish revised and/or new versions of
-the GNU General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-  Each version is given a distinguishing version number.  If the
-Program specifies that a certain numbered version of the GNU General
-Public License "or any later version" applies to it, you have the
-option of following the terms and conditions either of that numbered
-version or of any later version published by the Free Software
-Foundation.  If the Program does not specify a version number of the
-GNU General Public License, you may choose any version ever published
-by the Free Software Foundation.
-
-  If the Program specifies that a proxy can decide which future
-versions of the GNU General Public License can be used, that proxy's
-public statement of acceptance of a version permanently authorizes you
-to choose that version for the Program.
-
-  Later license versions may give you additional or different
-permissions.  However, no additional obligations are imposed on any
-author or copyright holder as a result of your choosing to follow a
-later version.
-
-  15. Disclaimer of Warranty.
-
-  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
-APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
-HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
-OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
-THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
-IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
-ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
-
-  16. Limitation of Liability.
-
-  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
-THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
-GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
-USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
-DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
-PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
-EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGES.
-
-  17. Interpretation of Sections 15 and 16.
-
-  If the disclaimer of warranty and limitation of liability provided
-above cannot be given local legal effect according to their terms,
-reviewing courts shall apply local law that most closely approximates
-an absolute waiver of all civil liability in connection with the
-Program, unless a warranty or assumption of liability accompanies a
-copy of the Program in return for a fee.
-
-                     END OF TERMS AND CONDITIONS
-
-            How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-state the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    
-    Copyright (C)   
-
-    This program is free software: you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation, either version 3 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program.  If not, see .
-
-Also add information on how to contact you by electronic and paper mail.
-
-  If the program does terminal interaction, make it output a short
-notice like this when it starts in an interactive mode:
-
-      Copyright (C)   
-    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, your program's commands
-might be different; for a GUI interface, you would use an "about box".
-
-  You should also get your employer (if you work as a programmer) or school,
-if any, to sign a "copyright disclaimer" for the program, if necessary.
-For more information on this, and how to apply and follow the GNU GPL, see
-.
-
-  The GNU General Public License does not permit incorporating your program
-into proprietary programs.  If your program is a subroutine library, you
-may consider it more useful to permit linking proprietary applications with
-the library.  If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.  But first, please read
-.
+Copyright (c) 2022 The Forgejo Authors
+Copyright (c) 2016 The Gitea Authors
+Copyright (c) 2015 The Gogs Authors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/MAINTAINERS b/MAINTAINERS
new file mode 100644
index 0000000000..660f35607c
--- /dev/null
+++ b/MAINTAINERS
@@ -0,0 +1,52 @@
+Alexey Makhov  (@makhov)
+Bo-Yi Wu  (@appleboy)
+Ethan Koenig  (@ethantkoenig)
+Kees de Vries  (@Bwko)
+Kim CarlbƤcker  (@bkcsoft)
+LefsFlare  (@LefsFlarey)
+Lunny Xiao  (@lunny)
+Matthias Loibl  (@metalmatze)
+Morgan Bazalgette  (@thehowl)
+Rachid Zarouali  (@xinity)
+RƩmy Boulanouar  (@DblK)
+Sandro Santilli  (@strk)
+Thibault Meyer  (@0xbaadf00d)
+Thomas Boerger  (@tboerger)
+Patrick G  (@geek1011)
+Antoine Girard  (@sapk)
+Lauris BukŔis-Haberkorns  (@lafriks)
+Jonas ƖstanbƤck  (@cez81)
+David Schneiderbauer  (@daviian)
+Peter Žeby  (@morlinest)
+Matti Ranta  (@techknowlogick)
+Jonas Franz  (@jonasfranz)
+Alexey Terentyev  (@axifive)
+Lanre Adelowo  (@adelowo)
+Konrad Langenberg  (@kolaente)
+He-Long Zhang  (@BetaCat0)
+Andrew Thornton  (@zeripath)
+John Olheiser  (@jolheiser)
+Richard Mahn  (@richmahn)
+Mrsdizzie  (@mrsdizzie)
+silverwind  (@silverwind)
+Gary Kim  (@gary-kim)
+Guillermo Prandi  (@guillep2k)
+Mura Li  (@typeless)
+6543 <6543@obermui.de> (@6543)
+jaqra  (@jaqra)
+David Svantesson  (@davidsvantesson)
+a1012112796 <1012112796@qq.com> (@a1012112796)
+Karl Heinz Marbaise  (@khmarbaise)
+Norwin Roosen  (@noerw)
+Kyle Dumont  (@kdumontnu)
+Patrick Schratz  (@pat-s)
+Janis Estelmann  (@KN4CK3R)
+Steven Kriegler  (@justusbunsi)
+Jimmy Praet  (@jpraet)
+Leon Hofmeister  (@delvh) 
+Gusted  (@silentcodeg)
+Wim  (@42wim)
+xinyu  (@penlinux)
+Jason Song  (@wolfogre)
+Yarden Shoham  (@yardenshoham)
diff --git a/Makefile b/Makefile
index 5865262d1a..03d63db44f 100644
--- a/Makefile
+++ b/Makefile
@@ -18,55 +18,41 @@ DIST := dist
 DIST_DIRS := $(DIST)/binaries $(DIST)/release
 IMPORT := code.gitea.io/gitea
 
-GO ?= $(shell go env GOROOT)/bin/go
+GO ?= go
 SHASUM ?= shasum -a 256
-HAS_GO := $(shell hash $(GO) > /dev/null 2>&1 && echo yes)
+HAS_GO = $(shell hash $(GO) > /dev/null 2>&1 && echo "GO" || echo "NOGO" )
 COMMA := ,
-DIFF ?= diff --unified
 
-ifeq ($(USE_GOTESTSUM), yes)
-	GOTEST ?= gotestsum --
-	GOTESTCOMPILEDRUNPREFIX ?= gotestsum --raw-command -- go tool test2json -t
-	GOTESTCOMPILEDRUNSUFFIX ?= -test.v=test2json
-else
-	GOTEST ?= $(GO) test
-	GOTESTCOMPILEDRUNPREFIX ?=
-	GOTESTCOMPILEDRUNSUFFIX ?=
-endif
+XGO_VERSION := go-1.19.x
 
-XGO_VERSION := go-1.21.x
-
-AIR_PACKAGE ?= github.com/air-verse/air@v1 # renovate: datasource=go
-EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3.1.1 # renovate: datasource=go
-GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.7.0 # renovate: datasource=go
-GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.62.2 # renovate: datasource=go
-GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11 # renovate: datasource=go
-MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.6.0 # renovate: datasource=go
-SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0 # renovate: datasource=go
+AIR_PACKAGE ?= github.com/cosmtrek/air@v1.40.4
+EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/cmd/editorconfig-checker@2.5.0
+ERRCHECK_PACKAGE ?= github.com/kisielk/errcheck@v1.6.1
+GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.4.0
+GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.0
+GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.10
+MISSPELL_PACKAGE ?= github.com/client9/misspell/cmd/misspell@v0.3.4
+SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.30.0
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
-GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0 # renovate: datasource=go
-GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1 # renovate: datasource=go
-DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.29.0 # renovate: datasource=go
-GOMOCK_PACKAGE ?= go.uber.org/mock/mockgen@v0.4.0 # renovate: datasource=go
-GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.17.1 # renovate: datasource=go
-RENOVATE_NPM_PACKAGE ?= renovate@39.115.4 # renovate: datasource=docker packageName=data.forgejo.org/renovate/renovate
+GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.3.0
+GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@latest
 
-# https://github.com/disposable-email-domains/disposable-email-domains/commits/main/
-DISPOSABLE_EMAILS_SHA ?= 0c27e671231d27cf66370034d7f6818037416989 # renovate: ...
+DOCKER_IMAGE ?= gitea/gitea
+DOCKER_TAG ?= latest
+DOCKER_REF := $(DOCKER_IMAGE):$(DOCKER_TAG)
+
+ifeq ($(HAS_GO), GO)
+	GOPATH ?= $(shell $(GO) env GOPATH)
+	export PATH := $(GOPATH)/bin:$(PATH)
 
-ifeq ($(HAS_GO), yes)
 	CGO_EXTRA_CFLAGS := -DSQLITE_MAX_VARIABLE_NUMBER=32766
 	CGO_CFLAGS ?= $(shell $(GO) env CGO_CFLAGS) $(CGO_EXTRA_CFLAGS)
 endif
 
-ifeq ($(GOOS),windows)
-	IS_WINDOWS := yes
-else ifeq ($(patsubst Windows%,Windows,$(OS)),Windows)
-	ifeq ($(GOOS),)
-		IS_WINDOWS := yes
-	endif
-endif
-ifeq ($(IS_WINDOWS),yes)
+ifeq ($(OS), Windows_NT)
+	GOFLAGS := -v -buildmode=exe
+	EXECUTABLE ?= gitea.exe
+else ifeq ($(OS), Windows)
 	GOFLAGS := -v -buildmode=exe
 	EXECUTABLE ?= gitea.exe
 else
@@ -82,7 +68,7 @@ endif
 
 EXTRA_GOFLAGS ?=
 
-MAKE_VERSION := $(shell "$(MAKE)" -v | cat | head -n 1)
+MAKE_VERSION := $(shell "$(MAKE)" -v | head -n 1)
 MAKE_EVIDENCE_DIR := .make_evidence
 
 ifeq ($(RACE_ENABLED),true)
@@ -91,65 +77,47 @@ ifeq ($(RACE_ENABLED),true)
 endif
 
 STORED_VERSION_FILE := VERSION
-HUGO_VERSION ?= 0.111.3
 
-GITEA_COMPATIBILITY ?= gitea-1.22.0
-
-STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
-ifneq ($(STORED_VERSION),)
-  FORGEJO_VERSION ?= $(STORED_VERSION)
+ifneq ($(DRONE_TAG),)
+	VERSION ?= $(subst v,,$(DRONE_TAG))
+	GITEA_VERSION ?= $(VERSION)
 else
-  ifneq ($(GITEA_VERSION),)
-    FORGEJO_VERSION ?= $(GITEA_VERSION)
-    FORGEJO_VERSION_API ?= $(GITEA_VERSION)+${GITEA_COMPATIBILITY}
-  else
-    # drop the "g" prefix prepended by git describe to the commit hash
-    FORGEJO_VERSION ?= $(shell git describe --exclude '*-test' --tags --always | sed 's/^v//' | sed 's/\-g/-/')+${GITEA_COMPATIBILITY}
-  endif
+	ifneq ($(DRONE_BRANCH),)
+		VERSION ?= $(shell echo $(DRONE_BRANCH) | sed -e 's|v\([0-9.][0-9.]*\)/.*|\1|')
+	else
+		VERSION ?= main
+	endif
+
+	STORED_VERSION=$(shell cat $(STORED_VERSION_FILE) 2>/dev/null)
+	ifneq ($(STORED_VERSION),)
+		GITEA_VERSION ?= $(STORED_VERSION)
+	else
+		GITEA_VERSION ?= $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
+	endif
 endif
-FORGEJO_VERSION_MAJOR=$(shell echo $(FORGEJO_VERSION) | sed -e 's/\..*//')
-FORGEJO_VERSION_MINOR=$(shell echo $(FORGEJO_VERSION) | sed -E -e 's/^([0-9]+\.[0-9]+).*/\1/')
 
-show-version-full:
-	@echo ${FORGEJO_VERSION}
+# SemVer
+FORGEJO_VERSION := v2.0.0
 
-show-version-major:
-	@echo ${FORGEJO_VERSION_MAJOR}
-
-show-version-minor:
-	@echo ${FORGEJO_VERSION_MINOR}
-
-RELEASE_VERSION ?= ${FORGEJO_VERSION}
-VERSION ?= ${RELEASE_VERSION}
-
-FORGEJO_VERSION_API ?= ${FORGEJO_VERSION}
-
-show-version-api:
-	@echo ${FORGEJO_VERSION_API}
-
-LDFLAGS := $(LDFLAGS) -X "main.ReleaseVersion=$(RELEASE_VERSION)" -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(FORGEJO_VERSION)" -X "main.Tags=$(TAGS)" -X "main.ForgejoVersion=$(FORGEJO_VERSION_API)"
+LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" -X "code.gitea.io/gitea/routers/api/forgejo/v1.ForgejoVersion=$(FORGEJO_VERSION)"
 
 LINUX_ARCHS ?= linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64
 
-ifeq ($(HAS_GO), yes)
-	GO_TEST_PACKAGES ?= $(filter-out $(shell $(GO) list code.gitea.io/gitea/models/migrations/...) $(shell $(GO) list code.gitea.io/gitea/models/forgejo_migrations/...) code.gitea.io/gitea/tests/integration/migration-test code.gitea.io/gitea/tests code.gitea.io/gitea/tests/integration code.gitea.io/gitea/tests/e2e,$(shell $(GO) list ./...))
-endif
-REMOTE_CACHER_MODULES ?= cache nosql session queue
-GO_TEST_REMOTE_CACHER_PACKAGES ?= $(addprefix code.gitea.io/gitea/modules/,$(REMOTE_CACHER_MODULES))
+GO_PACKAGES ?= $(filter-out code.gitea.io/gitea/models/migrations code.gitea.io/gitea/tests/integration/migration-test code.gitea.io/gitea/tests code.gitea.io/gitea/tests/integration code.gitea.io/gitea/tests/e2e,$(shell $(GO) list ./... | grep -v /vendor/))
 
 FOMANTIC_WORK_DIR := web_src/fomantic
 
-WEBPACK_SOURCES := $(shell find web_src/js web_src/css -type f)
-WEBPACK_CONFIGS := webpack.config.js tailwind.config.js
-WEBPACK_DEST := public/assets/js/index.js public/assets/css/index.css
-WEBPACK_DEST_ENTRIES := public/assets/js public/assets/css public/assets/fonts
+WEBPACK_SOURCES := $(shell find web_src/js web_src/less -type f)
+WEBPACK_CONFIGS := webpack.config.js
+WEBPACK_DEST := public/js/index.js public/css/index.css
+WEBPACK_DEST_ENTRIES := public/js public/css public/fonts public/img/webpack public/serviceworker.js
 
 BINDATA_DEST := modules/public/bindata.go modules/options/bindata.go modules/templates/bindata.go
 BINDATA_HASH := $(addsuffix .hash,$(BINDATA_DEST))
 
 GENERATED_GO_DEST := modules/charset/invisible_gen.go modules/charset/ambiguous_gen.go
 
-SVG_DEST_DIR := public/assets/img/svg
+SVG_DEST_DIR := public/img/svg
 
 AIR_TMP_DIR := .air
 
@@ -164,21 +132,14 @@ TEST_TAGS ?= sqlite sqlite_unlock_notify
 
 TAR_EXCLUDES := .git data indexers queues log node_modules $(EXECUTABLE) $(FOMANTIC_WORK_DIR)/node_modules $(DIST) $(MAKE_EVIDENCE_DIR) $(AIR_TMP_DIR) $(GO_LICENSE_TMP_DIR)
 
-GO_DIRS := build cmd models modules routers services tests
-WEB_DIRS := web_src/js web_src/css
-
-STYLELINT_FILES := web_src/css web_src/js/components/*.vue
-SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) docs/content templates options/locale/locale_en-US.ini .github $(wildcard *.go *.js *.ts *.vue *.md *.yml *.yaml *.toml)
+GO_DIRS := cmd tests models modules routers build services tools
+WEB_DIRS := web_src/js web_src/less
 
 GO_SOURCES := $(wildcard *.go)
-GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go" ! -path modules/options/bindata.go ! -path modules/public/bindata.go ! -path modules/templates/bindata.go)
+GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go" -not -path modules/options/bindata.go -not -path modules/public/bindata.go -not -path modules/templates/bindata.go)
 GO_SOURCES += $(GENERATED_GO_DEST)
 GO_SOURCES_NO_BINDATA := $(GO_SOURCES)
 
-ifeq ($(HAS_GO), yes)
-	MIGRATION_PACKAGES := $(shell $(GO) list code.gitea.io/gitea/models/migrations/... code.gitea.io/gitea/models/forgejo_migrations/...)
-endif
-
 ifeq ($(filter $(TAGS_SPLIT),bindata),bindata)
 	GO_SOURCES += $(BINDATA_DEST)
 	GENERATED_GO_DEST += $(BINDATA_DEST)
@@ -189,25 +150,32 @@ ifdef DEPS_PLAYWRIGHT
 	PLAYWRIGHT_FLAGS += --with-deps
 endif
 
-FORGEJO_API_SPEC := public/assets/forgejo/api.v1.yml
+FORGEJO_API_SPEC := public/forgejo/api.v1.yml
 
 SWAGGER_SPEC := templates/swagger/v1_json.tmpl
-SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl \| JSEscape}}/api/v1"|g
-SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl \| JSEscape}}/api/v1"|"basePath": "/api/v1"|g
+SWAGGER_SPEC_S_TMPL := s|"basePath": *"/api/v1"|"basePath": "{{AppSubUrl \| JSEscape \| Safe}}/api/v1"|g
+SWAGGER_SPEC_S_JSON := s|"basePath": *"{{AppSubUrl \| JSEscape \| Safe}}/api/v1"|"basePath": "/api/v1"|g
 SWAGGER_EXCLUDE := code.gitea.io/sdk
 SWAGGER_NEWLINE_COMMAND := -e '$$a\'
 SWAGGER_SPEC_BRANDING := s|Gitea API|Forgejo API|g
-SWAGGER_SPEC_LICENSE := s|"name": "MIT"|"name": "This file is distributed under the MIT license for the purpose of interoperability"|
 
 TEST_MYSQL_HOST ?= mysql:3306
-TEST_MYSQL_DBNAME ?= testgitea?multiStatements=true
+TEST_MYSQL_DBNAME ?= testgitea
 TEST_MYSQL_USERNAME ?= root
 TEST_MYSQL_PASSWORD ?=
+TEST_MYSQL8_HOST ?= mysql8:3306
+TEST_MYSQL8_DBNAME ?= testgitea
+TEST_MYSQL8_USERNAME ?= root
+TEST_MYSQL8_PASSWORD ?=
 TEST_PGSQL_HOST ?= pgsql:5432
 TEST_PGSQL_DBNAME ?= testgitea
 TEST_PGSQL_USERNAME ?= postgres
 TEST_PGSQL_PASSWORD ?= postgres
 TEST_PGSQL_SCHEMA ?= gtestschema
+TEST_MSSQL_HOST ?= mssql:1433
+TEST_MSSQL_DBNAME ?= gitea
+TEST_MSSQL_USERNAME ?= sa
+TEST_MSSQL_PASSWORD ?= MwantsaSecurePassword1
 
 .PHONY: all
 all: build
@@ -215,7 +183,7 @@ all: build
 .PHONY: help
 help:
 	@echo "Make Routines:"
-	@echo " - \"\"                             equivalent to \"build\""
+	@echo " - \"\"                               equivalent to \"build\""
 	@echo " - build                            build everything"
 	@echo " - frontend                         build frontend files"
 	@echo " - backend                          build backend files"
@@ -227,43 +195,16 @@ help:
 	@echo " - deps                             install dependencies"
 	@echo " - deps-frontend                    install frontend dependencies"
 	@echo " - deps-backend                     install backend dependencies"
-	@echo " - deps-tools                       install tool dependencies"
-	@echo " - deps-py                          install python dependencies"
 	@echo " - lint                             lint everything"
-	@echo " - lint-fix                         lint everything and fix issues"
 	@echo " - lint-frontend                    lint frontend files"
-	@echo " - lint-frontend-fix                lint frontend files and fix issues"
 	@echo " - lint-backend                     lint backend files"
-	@echo " - lint-backend-fix                 lint backend files and fix issues"
-	@echo " - lint-codespell                   lint typos"
-	@echo " - lint-codespell-fix               lint typos and fix them automatically"
-	@echo " - lint-codespell-fix-i             lint typos and fix them interactively"
-	@echo " - lint-go                          lint go files"
-	@echo " - lint-go-fix                      lint go files and fix issues"
-	@echo " - lint-go-vet                      lint go files with vet"
-	@echo " - lint-go-gopls                    lint go files with gopls"
-	@echo " - lint-js                          lint js files"
-	@echo " - lint-js-fix                      lint js files and fix issues"
-	@echo " - lint-css                         lint css files"
-	@echo " - lint-css-fix                     lint css files and fix issues"
-	@echo " - lint-md                          lint markdown files"
-	@echo " - lint-swagger                     lint swagger files"
-	@echo " - lint-templates                   lint template files"
-	@echo " - lint-renovate                    lint renovate files"
-	@echo " - lint-yaml                        lint yaml files"
-	@echo " - lint-spell                       lint spelling"
-	@echo " - lint-spell-fix                   lint spelling and fix issues"
 	@echo " - checks                           run various consistency checks"
 	@echo " - checks-frontend                  check frontend files"
 	@echo " - checks-backend                   check backend files"
 	@echo " - test                             test everything"
-	@echo " - show-version-full                show the same version as the API endpoint"
-	@echo " - show-version-major               show major release number only"
 	@echo " - test-frontend                    test frontend files"
-	@echo " - test-frontend-coverage           test frontend files and display code coverage"
 	@echo " - test-backend                     test backend files"
-	@echo " - test-remote-cacher               test backend files that use a remote cache"
-	@echo " - test-e2e-sqlite[\#name.test.e2e] test end to end using playwright and sqlite"
+	@echo " - test-e2e[\#TestSpecificName]     test end to end using playwright"
 	@echo " - webpack                          build webpack files"
 	@echo " - svg                              build svg files"
 	@echo " - fomantic                         build fomantic files"
@@ -272,20 +213,17 @@ help:
 	@echo " - generate-license                 update license files"
 	@echo " - generate-gitignore               update gitignore files"
 	@echo " - generate-manpage                 generate manpage"
-	@echo " - generate-gomock                  generate gomock files"
 	@echo " - generate-forgejo-api             generate the forgejo API from spec"
 	@echo " - forgejo-api-validate             check if the forgejo API matches the specs"
 	@echo " - generate-swagger                 generate the swagger spec from code comments"
 	@echo " - swagger-validate                 check if the swagger spec is valid"
+	@echo " - golangci-lint                    run golangci-lint linter"
 	@echo " - go-licenses                      regenerate go licenses"
+	@echo " - vet                              examines Go source code and reports suspicious constructs"
 	@echo " - tidy                             run go mod tidy"
-	@echo " - test[\#TestSpecificName]         run unit test"
+	@echo " - test[\#TestSpecificName]    	    run unit test"
 	@echo " - test-sqlite[\#TestSpecificName]  run integration test for sqlite"
-	@echo " - reproduce-build\#version         build a reproducible binary for the specified release version"
-
-###
-# Check system and environment requirements
-###
+	@echo " - pr#                       build and start gitea from a PR with integration test data loaded"
 
 .PHONY: go-check
 go-check:
@@ -293,14 +231,14 @@ go-check:
 	$(eval MIN_GO_VERSION := $(shell printf "%03d%03d" $(shell echo '$(MIN_GO_VERSION_STR)' | tr '.' ' ')))
 	$(eval GO_VERSION := $(shell printf "%03d%03d" $(shell $(GO) version | grep -Eo '[0-9]+\.[0-9]+' | tr '.' ' ');))
 	@if [ "$(GO_VERSION)" -lt "$(MIN_GO_VERSION)" ]; then \
-		echo "Forgejo requires Go $(MIN_GO_VERSION_STR) or greater to build. You can get it at https://go.dev/dl/"; \
+		echo "Gitea requires Go $(MIN_GO_VERSION_STR) or greater to build. You can get it at https://go.dev/dl/"; \
 		exit 1; \
 	fi
 
 .PHONY: git-check
 git-check:
 	@if git lfs >/dev/null 2>&1 ; then : ; else \
-		echo "Forgejo requires git with lfs support to run tests." ; \
+		echo "Gitea requires git with lfs support to run tests." ; \
 		exit 1; \
 	fi
 
@@ -311,45 +249,51 @@ node-check:
 	$(eval NODE_VERSION := $(shell printf "%03d%03d%03d" $(shell node -v | cut -c2- | tr '.' ' ');))
 	$(eval NPM_MISSING := $(shell hash npm > /dev/null 2>&1 || echo 1))
 	@if [ "$(NODE_VERSION)" -lt "$(MIN_NODE_VERSION)" -o "$(NPM_MISSING)" = "1" ]; then \
-		echo "Forgejo requires Node.js $(MIN_NODE_VERSION_STR) or greater and npm to build. You can get it at https://nodejs.org/en/download/"; \
+		echo "Gitea requires Node.js $(MIN_NODE_VERSION_STR) or greater and npm to build. You can get it at https://nodejs.org/en/download/"; \
 		exit 1; \
 	fi
 
-###
-# Basic maintenance, check and lint targets
-###
-
 .PHONY: clean-all
 clean-all: clean
 	rm -rf $(WEBPACK_DEST_ENTRIES) node_modules
 
 .PHONY: clean
 clean:
+	$(GO) clean -i ./...
 	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA_DEST) $(BINDATA_HASH) \
 		integrations*.test \
 		e2e*.test \
-		tests/integration/gitea-integration-* \
-		tests/integration/indexers-* \
-		tests/mysql.ini tests/pgsql.ini man/ \
-		tests/e2e/gitea-e2e-*/ \
-		tests/e2e/indexers-*/ \
-		tests/e2e/reports/ tests/e2e/test-artifacts/ tests/e2e/test-snapshots/
+		tests/integration/gitea-integration-pgsql/ tests/integration/gitea-integration-mysql/ tests/integration/gitea-integration-mysql8/ tests/integration/gitea-integration-sqlite/ \
+		tests/integration/gitea-integration-mssql/ tests/integration/indexers-mysql/ tests/integration/indexers-mysql8/ tests/integration/indexers-pgsql tests/integration/indexers-sqlite \
+		tests/integration/indexers-mssql tests/mysql.ini tests/mysql8.ini tests/pgsql.ini tests/mssql.ini man/ \
+		tests/e2e/gitea-e2e-pgsql/ tests/e2e/gitea-e2e-mysql/ tests/e2e/gitea-e2e-mysql8/ tests/e2e/gitea-e2e-sqlite/ \
+		tests/e2e/gitea-e2e-mssql/ tests/e2e/indexers-mysql/ tests/e2e/indexers-mysql8/ tests/e2e/indexers-pgsql/ tests/e2e/indexers-sqlite/ \
+		tests/e2e/indexers-mssql/ tests/e2e/reports/ tests/e2e/test-artifacts/ tests/e2e/test-snapshots/
 
 .PHONY: fmt
 fmt:
-	@GOFUMPT_PACKAGE=$(GOFUMPT_PACKAGE) $(GO) run build/code-batch-process.go gitea-fmt -w '{file-list}'
+	GOFUMPT_PACKAGE=$(GOFUMPT_PACKAGE) $(GO) run build/code-batch-process.go gitea-fmt -w '{file-list}'
 	$(eval TEMPLATES := $(shell find templates -type f -name '*.tmpl'))
-	@# strip whitespace after '{{' or '(' and before '}}' or ')' unless there is only
-	@# whitespace before it
-	@$(SED_INPLACE) \
-		-e 's/{{[ 	]\{1,\}/{{/g' -e '/^[ 	]\{1,\}}}/! s/[ 	]\{1,\}}}/}}/g' \
-	  -e 's/([ 	]\{1,\}/(/g' -e '/^[ 	]\{1,\})/! s/[ 	]\{1,\})/)/g' \
-	  $(TEMPLATES)
+	@# strip whitespace after '{{' and before `}}` unless there is only whitespace before it
+	@$(SED_INPLACE) -e 's/{{[ 	]\{1,\}/{{/g' -e '/^[ 	]\{1,\}}}/! s/[ 	]\{1,\}}}/}}/g' $(TEMPLATES)
 
 .PHONY: fmt-check
 fmt-check: fmt
-	@git diff --exit-code --color=always $(GO_SOURCES) templates $(WEB_DIRS) \
-	|| (code=$$?; echo "Please run 'make fmt' and commit the result"; exit $${code})
+	@diff=$$(git diff $(GO_SOURCES) templates $(WEB_DIRS)); \
+	if [ -n "$$diff" ]; then \
+	  echo "Please run 'make fmt' and commit the result:"; \
+	  echo "$${diff}"; \
+	  exit 1; \
+	fi
+
+.PHONY: misspell-check
+misspell-check:
+	go run $(MISSPELL_PACKAGE) -error $(GO_DIRS) $(WEB_DIRS)
+
+.PHONY: vet
+vet:
+	@echo "Running go vet..."
+	@$(GO) vet $(GO_PACKAGES)
 
 .PHONY: $(TAGS_EVIDENCE)
 $(TAGS_EVIDENCE):
@@ -370,8 +314,12 @@ generate-forgejo-api: $(FORGEJO_API_SPEC)
 
 .PHONY: forgejo-api-check
 forgejo-api-check: generate-forgejo-api
-	@git diff --exit-code --color=always $(FORGEJO_API_SERVER) \
-	|| (code=$$?; echo "Please run 'make generate-forgejo-api' and commit the result"; exit $${code})
+	@diff=$$(git diff $(FORGEJO_API_SERVER) ; \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make generate-forgejo-api' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
 
 .PHONY: forgejo-api-validate
 forgejo-api-validate:
@@ -385,12 +333,15 @@ $(SWAGGER_SPEC): $(GO_SOURCES_NO_BINDATA)
 	$(SED_INPLACE) '$(SWAGGER_SPEC_S_TMPL)' './$(SWAGGER_SPEC)'
 	$(SED_INPLACE) $(SWAGGER_NEWLINE_COMMAND) './$(SWAGGER_SPEC)'
 	$(SED_INPLACE) '$(SWAGGER_SPEC_BRANDING)' './$(SWAGGER_SPEC)'
-	$(SED_INPLACE) '$(SWAGGER_SPEC_LICENSE)' './$(SWAGGER_SPEC)'
 
 .PHONY: swagger-check
 swagger-check: generate-swagger
-	@git diff --exit-code --color=always '$(SWAGGER_SPEC)' \
-	|| (code=$$?; echo "Please run 'make generate-swagger' and commit the result"; exit $${code})
+	@diff=$$(git diff '$(SWAGGER_SPEC)'); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make generate-swagger' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
 
 .PHONY: swagger-validate
 swagger-validate:
@@ -398,6 +349,11 @@ swagger-validate:
 	$(GO) run $(SWAGGER_PACKAGE) validate './$(SWAGGER_SPEC)'
 	$(SED_INPLACE) '$(SWAGGER_SPEC_S_TMPL)' './$(SWAGGER_SPEC)'
 
+.PHONY: errcheck
+errcheck:
+	@echo "Running errcheck..."
+	$(GO) run $(ERRCHECK_PACKAGE) $(GO_PACKAGES)
+
 .PHONY: checks
 checks: checks-frontend checks-backend
 
@@ -405,147 +361,28 @@ checks: checks-frontend checks-backend
 checks-frontend: lockfile-check svg-check
 
 .PHONY: checks-backend
-checks-backend: tidy-check swagger-check fmt-check swagger-validate security-check
+checks-backend: tidy-check swagger-check fmt-check misspell-check forgejo-api-validate swagger-validate
 
 .PHONY: lint
-lint: lint-frontend lint-backend lint-spell
-
-.PHONY: lint-fix
-lint-fix: lint-frontend-fix lint-backend-fix lint-spell-fix
+lint: lint-frontend lint-backend
 
 .PHONY: lint-frontend
-lint-frontend: lint-js lint-css
-
-.PHONY: lint-frontend-fix
-lint-frontend-fix: lint-js-fix lint-css-fix
-
-.PHONY: lint-backend
-lint-backend: lint-go lint-go-vet lint-editorconfig lint-renovate lint-locale lint-disposable-emails
-
-.PHONY: lint-backend-fix
-lint-backend-fix: lint-go-fix lint-go-vet lint-editorconfig lint-disposable-emails-fix
-
-.PHONY: lint-codespell
-lint-codespell:
-	codespell
-
-.PHONY: lint-codespell-fix
-lint-codespell-fix:
-	codespell -w
-
-.PHONY: lint-codespell-fix-i
-lint-codespell-fix-i:
-	codespell -w -i 3 -C 2
-
-.PHONY: lint-js
-lint-js: node_modules
-	npx eslint --color --max-warnings=0
-
-.PHONY: lint-js-fix
-lint-js-fix: node_modules
-	npx eslint --color --max-warnings=0 --fix
-
-.PHONY: lint-css
-lint-css: node_modules
-	npx stylelint --color --max-warnings=0 $(STYLELINT_FILES)
-
-.PHONY: lint-css-fix
-lint-css-fix: node_modules
-	npx stylelint --color --max-warnings=0 $(STYLELINT_FILES) --fix
-
-.PHONY: lint-swagger
-lint-swagger: node_modules
+lint-frontend: node_modules
+	npx eslint --color --max-warnings=0 --ext js,vue web_src/js build *.config.js docs/assets/js tests/e2e
+	npx stylelint --color --max-warnings=0 web_src/less
 	npx spectral lint -q -F hint $(SWAGGER_SPEC)
-
-.PHONY: lint-renovate
-lint-renovate: node_modules
-	npx --yes --package $(RENOVATE_NPM_PACKAGE) -- renovate-config-validator --strict > .lint-renovate 2>&1 || true
-	@if grep --quiet --extended-regexp -e '^( WARN:|ERROR:)' .lint-renovate ; then cat .lint-renovate ; rm .lint-renovate ; exit 1 ; fi
-	@rm .lint-renovate
-
-.PHONY: lint-locale
-lint-locale:
-	$(GO) run build/lint-locale.go
-
-.PHONY: lint-md
-lint-md: node_modules
 	npx markdownlint docs *.md
 
-.PHONY: lint-spell
-lint-spell: lint-codespell
-	@go run $(MISSPELL_PACKAGE) -error $(SPELLCHECK_FILES)
-
-.PHONY: lint-spell-fix
-lint-spell-fix: lint-codespell-fix
-	@go run $(MISSPELL_PACKAGE) -w $(SPELLCHECK_FILES)
-
-RUN_DEADCODE = $(GO) run $(DEADCODE_PACKAGE) -generated=false -f='{{println .Path}}{{range .Funcs}}{{printf "\t%s\n" .Name}}{{end}}{{println}}' -test code.gitea.io/gitea
-
-.PHONY: lint-go
-lint-go:
-	$(GO) run $(GOLANGCI_LINT_PACKAGE) run $(GOLANGCI_LINT_ARGS)
-	$(RUN_DEADCODE) > .cur-deadcode-out
-	@$(DIFF) .deadcode-out .cur-deadcode-out \
-	|| (code=$$?; echo "Please run 'make lint-go-fix' and commit the result"; exit $${code})
-
-.PHONY: lint-go-fix
-lint-go-fix:
-	$(GO) run $(GOLANGCI_LINT_PACKAGE) run $(GOLANGCI_LINT_ARGS) --fix
-	$(RUN_DEADCODE) > .deadcode-out
-
-# workaround step for the lint-go-windows CI task because 'go run' can not
-# have distinct GOOS/GOARCH for its build and run steps
-.PHONY: lint-go-windows
-lint-go-windows:
-	@GOOS= GOARCH= $(GO) install $(GOLANGCI_LINT_PACKAGE)
-	golangci-lint run
-
-.PHONY: lint-go-vet
-lint-go-vet:
-	@echo "Running go vet..."
-	@$(GO) vet ./...
-
-.PHONY: lint-go-gopls
-lint-go-gopls:
-	@echo "Running gopls check..."
-	@GO=$(GO) GOPLS_PACKAGE=$(GOPLS_PACKAGE) tools/lint-go-gopls.sh $(GO_SOURCES_NO_BINDATA)
-
-.PHONY: lint-editorconfig
-lint-editorconfig:
-	$(GO) run $(EDITORCONFIG_CHECKER_PACKAGE) templates .forgejo/workflows
-
-.PHONY: lint-disposable-emails
-lint-disposable-emails:
-	$(GO) run build/generate-disposable-email.go -check -r $(DISPOSABLE_EMAILS_SHA)
-
-.PHONY: lint-disposable-emails-fix
-lint-disposable-emails-fix:
-	$(GO) run build/generate-disposable-email.go -r $(DISPOSABLE_EMAILS_SHA)
-
-.PHONY: lint-templates
-lint-templates: .venv node_modules
-	@node tools/lint-templates-svg.js
-	@poetry run djlint $(shell find templates -type f -iname '*.tmpl')
-
-.PHONY: lint-yaml
-lint-yaml: .venv
-	@poetry run yamllint .
-
-.PHONY: security-check
-security-check:
-	go run $(GOVULNCHECK_PACKAGE) ./...
-
-###
-# Development and testing targets
-###
+.PHONY: lint-backend
+lint-backend: golangci-lint vet editorconfig-checker
 
 .PHONY: watch
 watch:
-	@bash tools/watch.sh
+	bash tools/watch.sh
 
 .PHONY: watch-frontend
 watch-frontend: node-check node_modules
-	@rm -rf $(WEBPACK_DEST_ENTRIES)
+	rm -rf $(WEBPACK_DEST_ENTRIES)
 	NODE_ENV=development npx webpack --watch --progress
 
 .PHONY: watch-backend
@@ -558,21 +395,12 @@ test: test-frontend test-backend
 .PHONY: test-backend
 test-backend:
 	@echo "Running go test with $(GOTESTFLAGS) -tags '$(TEST_TAGS)'..."
-	@$(GOTEST) $(GOTESTFLAGS) -tags='$(TEST_TAGS)' $(GO_TEST_PACKAGES)
-
-.PHONY: test-remote-cacher
-test-remote-cacher:
-	@echo "Running go test with $(GOTESTFLAGS) -tags '$(TEST_TAGS)'..."
-	@$(GOTEST) $(GOTESTFLAGS) -tags='$(TEST_TAGS)' $(GO_TEST_REMOTE_CACHER_PACKAGES)
+	@$(GO) test $(GOTESTFLAGS) -tags='$(TEST_TAGS)' $(GO_PACKAGES)
 
 .PHONY: test-frontend
 test-frontend: node_modules
 	npx vitest
 
-.PHONY: test-frontend-coverage
-test-frontend-coverage: node_modules
-	npx vitest --coverage --coverage.include 'web_src/**'
-
 .PHONY: test-check
 test-check:
 	@echo "Running test-check...";
@@ -588,7 +416,7 @@ test-check:
 .PHONY: test\#%
 test\#%:
 	@echo "Running go test with -tags '$(TEST_TAGS)'..."
-	@$(GOTEST) $(GOTESTFLAGS) -tags='$(TEST_TAGS)' -run $(subst .,/,$*) $(GO_TEST_PACKAGES)
+	@$(GO) test $(GOTESTFLAGS) -tags='$(TEST_TAGS)' -run $(subst .,/,$*) $(GO_PACKAGES)
 
 .PHONY: coverage
 coverage:
@@ -599,7 +427,7 @@ coverage:
 .PHONY: unit-test-coverage
 unit-test-coverage:
 	@echo "Running unit-test-coverage $(GOTESTFLAGS) -tags '$(TEST_TAGS)'..."
-	@$(GOTEST) $(GOTESTFLAGS) -timeout=20m -tags='$(TEST_TAGS)' -cover -coverprofile coverage.out $(GO_TEST_PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1
+	@$(GO) test $(GOTESTFLAGS) -timeout=20m -tags='$(TEST_TAGS)' -cover -coverprofile coverage.out $(GO_PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1
 
 .PHONY: tidy
 tidy:
@@ -613,14 +441,18 @@ vendor: go.mod go.sum
 
 .PHONY: tidy-check
 tidy-check: tidy
-	@git diff --exit-code --color=always go.mod go.sum $(GO_LICENSE_FILE) \
-	|| (code=$$?; echo "Please run 'make tidy' and commit the result"; exit $${code})
+	@diff=$$(git diff go.mod go.sum $(GO_LICENSE_FILE)); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make tidy' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
 
 .PHONY: go-licenses
 go-licenses: $(GO_LICENSE_FILE)
 
 $(GO_LICENSE_FILE): go.mod go.sum
-	-$(GO) run $(GO_LICENSES_PACKAGE) save . --force --ignore code.gitea.io/gitea --save_path=$(GO_LICENSE_TMP_DIR) 2>/dev/null
+	-$(GO) run $(GO_LICENSES_PACKAGE) save . --force --save_path=$(GO_LICENSE_TMP_DIR) 2>/dev/null
 	$(GO) run build/generate-go-licenses.go $(GO_LICENSE_TMP_DIR) $(GO_LICENSE_FILE)
 	@rm -rf $(GO_LICENSE_TMP_DIR)
 
@@ -632,14 +464,21 @@ generate-ini-sqlite:
 
 .PHONY: test-sqlite
 test-sqlite: integrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./integrations.sqlite.test
 
 .PHONY: test-sqlite\#%
 test-sqlite\#%: integrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./integrations.sqlite.test -test.run $(subst .,/,$*)
 
 .PHONY: test-sqlite-migration
-test-sqlite-migration:  migrations.sqlite.test migrations.individual.sqlite.test
+test-sqlite-migration:  migrations.sqlite.test migrations.individual.sqlite.test generate-ini-sqlite
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./migrations.sqlite.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./migrations.individual.sqlite.test
+
+.PHONY: test-sqlite-migration\#%
+test-sqlite-migration\#%:  migrations.sqlite.test migrations.individual.sqlite.test generate-ini-sqlite
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./migrations.individual.sqlite.test -test.run $(subst .,/,$*)
+
 
 generate-ini-mysql:
 	sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \
@@ -653,14 +492,39 @@ generate-ini-mysql:
 
 .PHONY: test-mysql
 test-mysql: integrations.mysql.test generate-ini-mysql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.mysql.test $(GOTESTCOMPILEDRUNSUFFIX)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./integrations.mysql.test
 
 .PHONY: test-mysql\#%
 test-mysql\#%: integrations.mysql.test generate-ini-mysql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.mysql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./integrations.mysql.test -test.run $(subst .,/,$*)
 
 .PHONY: test-mysql-migration
-test-mysql-migration: migrations.mysql.test migrations.individual.mysql.test
+test-mysql-migration: migrations.mysql.test migrations.individual.mysql.test generate-ini-mysql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./migrations.mysql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./migrations.individual.mysql.test
+
+generate-ini-mysql8:
+	sed -e 's|{{TEST_MYSQL8_HOST}}|${TEST_MYSQL8_HOST}|g' \
+		-e 's|{{TEST_MYSQL8_DBNAME}}|${TEST_MYSQL8_DBNAME}|g' \
+		-e 's|{{TEST_MYSQL8_USERNAME}}|${TEST_MYSQL8_USERNAME}|g' \
+		-e 's|{{TEST_MYSQL8_PASSWORD}}|${TEST_MYSQL8_PASSWORD}|g' \
+		-e 's|{{REPO_TEST_DIR}}|${REPO_TEST_DIR}|g' \
+		-e 's|{{TEST_LOGGER}}|$(or $(TEST_LOGGER),test$(COMMA)file)|g' \
+		-e 's|{{TEST_TYPE}}|$(or $(TEST_TYPE),integration)|g' \
+			tests/mysql8.ini.tmpl > tests/mysql8.ini
+
+.PHONY: test-mysql8
+test-mysql8: integrations.mysql8.test generate-ini-mysql8
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./integrations.mysql8.test
+
+.PHONY: test-mysql8\#%
+test-mysql8\#%: integrations.mysql8.test generate-ini-mysql8
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./integrations.mysql8.test -test.run $(subst .,/,$*)
+
+.PHONY: test-mysql8-migration
+test-mysql8-migration: migrations.mysql8.test migrations.individual.mysql8.test generate-ini-mysql8
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./migrations.mysql8.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./migrations.individual.mysql8.test
 
 generate-ini-pgsql:
 	sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
@@ -671,22 +535,47 @@ generate-ini-pgsql:
 		-e 's|{{REPO_TEST_DIR}}|${REPO_TEST_DIR}|g' \
 		-e 's|{{TEST_LOGGER}}|$(or $(TEST_LOGGER),test$(COMMA)file)|g' \
 		-e 's|{{TEST_TYPE}}|$(or $(TEST_TYPE),integration)|g' \
-		-e 's|{{TEST_STORAGE_TYPE}}|$(or $(TEST_STORAGE_TYPE),minio)|g' \
 			tests/pgsql.ini.tmpl > tests/pgsql.ini
 
 .PHONY: test-pgsql
 test-pgsql: integrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./integrations.pgsql.test
 
 .PHONY: test-pgsql\#%
 test-pgsql\#%: integrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./integrations.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./integrations.pgsql.test -test.run $(subst .,/,$*)
 
 .PHONY: test-pgsql-migration
-test-pgsql-migration: migrations.pgsql.test migrations.individual.pgsql.test
+test-pgsql-migration: migrations.pgsql.test migrations.individual.pgsql.test generate-ini-pgsql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./migrations.pgsql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./migrations.individual.pgsql.test
+
+generate-ini-mssql:
+	sed -e 's|{{TEST_MSSQL_HOST}}|${TEST_MSSQL_HOST}|g' \
+		-e 's|{{TEST_MSSQL_DBNAME}}|${TEST_MSSQL_DBNAME}|g' \
+		-e 's|{{TEST_MSSQL_USERNAME}}|${TEST_MSSQL_USERNAME}|g' \
+		-e 's|{{TEST_MSSQL_PASSWORD}}|${TEST_MSSQL_PASSWORD}|g' \
+		-e 's|{{REPO_TEST_DIR}}|${REPO_TEST_DIR}|g' \
+		-e 's|{{TEST_LOGGER}}|$(or $(TEST_LOGGER),test$(COMMA)file)|g' \
+		-e 's|{{TEST_TYPE}}|$(or $(TEST_TYPE),integration)|g' \
+			tests/mssql.ini.tmpl > tests/mssql.ini
+
+.PHONY: test-mssql
+test-mssql: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./integrations.mssql.test
+
+.PHONY: test-mssql\#%
+test-mssql\#%: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./integrations.mssql.test -test.run $(subst .,/,$*)
+
+.PHONY: test-mssql-migration
+test-mssql-migration: migrations.mssql.test migrations.individual.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./migrations.mssql.test -test.failfast
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./migrations.individual.mssql.test -test.failfast
 
 .PHONY: playwright
-playwright: deps-frontend
+playwright: $(PLAYWRIGHT_DIR)
+	npm install --no-save @playwright/test
 	npx playwright install $(PLAYWRIGHT_FLAGS)
 
 .PHONY: test-e2e%
@@ -699,35 +588,43 @@ test-e2e: test-e2e-sqlite
 
 .PHONY: test-e2e-sqlite
 test-e2e-sqlite: playwright e2e.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./e2e.sqlite.test
 
 .PHONY: test-e2e-sqlite\#%
 test-e2e-sqlite\#%: playwright e2e.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e/$*
-
-.PHONY: test-e2e-sqlite-firefox\#%
-test-e2e-sqlite-firefox\#%: playwright e2e.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini PLAYWRIGHT_PROJECT=firefox $(GOTESTCOMPILEDRUNPREFIX) ./e2e.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./e2e.sqlite.test -test.run TestE2e/$*
 
 .PHONY: test-e2e-mysql
 test-e2e-mysql: playwright e2e.mysql.test generate-ini-mysql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.mysql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./e2e.mysql.test
 
 .PHONY: test-e2e-mysql\#%
 test-e2e-mysql\#%: playwright e2e.mysql.test generate-ini-mysql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.mysql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./e2e.mysql.test -test.run TestE2e/$*
+
+.PHONY: test-e2e-mysql8
+test-e2e-mysql8: playwright e2e.mysql8.test generate-ini-mysql8
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./e2e.mysql8.test
+
+.PHONY: test-e2e-mysql8\#%
+test-e2e-mysql8\#%: playwright e2e.mysql8.test generate-ini-mysql8
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql8.ini ./e2e.mysql8.test -test.run TestE2e/$*
 
 .PHONY: test-e2e-pgsql
 test-e2e-pgsql: playwright e2e.pgsql.test generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./e2e.pgsql.test
 
 .PHONY: test-e2e-pgsql\#%
 test-e2e-pgsql\#%: playwright e2e.pgsql.test generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./e2e.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX) -test.run TestE2e/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./e2e.pgsql.test -test.run TestE2e/$*
 
-.PHONY: test-e2e-debugserver
-test-e2e-debugserver: e2e.sqlite.test generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./e2e.sqlite.test -test.run TestDebugserver -test.timeout 24h
+.PHONY: test-e2e-mssql
+test-e2e-mssql: playwright e2e.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./e2e.mssql.test
+
+.PHONY: test-e2e-mssql\#%
+test-e2e-mssql\#%: playwright e2e.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./e2e.mssql.test -test.run TestE2e/$*
 
 .PHONY: bench-sqlite
 bench-sqlite: integrations.sqlite.test generate-ini-sqlite
@@ -737,6 +634,10 @@ bench-sqlite: integrations.sqlite.test generate-ini-sqlite
 bench-mysql: integrations.mysql.test generate-ini-mysql
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini ./integrations.mysql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
 
+.PHONY: bench-mssql
+bench-mssql: integrations.mssql.test generate-ini-mssql
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mssql.ini ./integrations.mssql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+
 .PHONY: bench-pgsql
 bench-pgsql: integrations.pgsql.test generate-ini-pgsql
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini ./integrations.pgsql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
@@ -750,81 +651,84 @@ integration-test-coverage-sqlite: integrations.cover.sqlite.test generate-ini-sq
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./integrations.cover.sqlite.test -test.coverprofile=integration.coverage.out
 
 integrations.mysql.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql.test
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql.test
+
+integrations.mysql8.test: git-check $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql8.test
 
 integrations.pgsql.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.pgsql.test
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.pgsql.test
+
+integrations.mssql.test: git-check $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mssql.test
 
 integrations.sqlite.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.sqlite.test -tags '$(TEST_TAGS)'
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.sqlite.test -tags '$(TEST_TAGS)'
 
 integrations.cover.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.test
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_PACKAGES) | tr ' ' ',') -o integrations.cover.test
 
 integrations.cover.sqlite.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.sqlite.test -tags '$(TEST_TAGS)'
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_PACKAGES) | tr ' ' ',') -o integrations.cover.sqlite.test -tags '$(TEST_TAGS)'
 
 .PHONY: migrations.mysql.test
-migrations.mysql.test: $(GO_SOURCES) generate-ini-mysql
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql.test
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.mysql.test $(GOTESTCOMPILEDRUNSUFFIX)
+migrations.mysql.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql.test
+
+.PHONY: migrations.mysql8.test
+migrations.mysql8.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql8.test
 
 .PHONY: migrations.pgsql.test
-migrations.pgsql.test: $(GO_SOURCES) generate-ini-pgsql
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.pgsql.test
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX)
+migrations.pgsql.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.pgsql.test
+
+.PHONY: migrations.mssql.test
+migrations.mssql.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mssql.test
 
 .PHONY: migrations.sqlite.test
-migrations.sqlite.test: $(GO_SOURCES) generate-ini-sqlite
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.sqlite.test -tags '$(TEST_TAGS)'
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX)
+migrations.sqlite.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.sqlite.test -tags '$(TEST_TAGS)'
 
 .PHONY: migrations.individual.mysql.test
 migrations.individual.mysql.test: $(GO_SOURCES)
-	for pkg in $(MIGRATION_PACKAGES); do \
-		GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg || exit 1; \
-	done
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/models/migrations -o migrations.individual.mysql.test
 
-.PHONY: migrations.individual.sqlite.test\#%
-migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
+.PHONY: migrations.individual.mysql8.test
+migrations.individual.mysql8.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/models/migrations -o migrations.individual.mysql8.test
 
 .PHONY: migrations.individual.pgsql.test
 migrations.individual.pgsql.test: $(GO_SOURCES)
-	for pkg in $(MIGRATION_PACKAGES); do \
-		GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg || exit 1;\
-	done
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/models/migrations -o migrations.individual.pgsql.test
 
-.PHONY: migrations.individual.pgsql.test\#%
-migrations.individual.pgsql.test\#%: $(GO_SOURCES) generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
+.PHONY: migrations.individual.mssql.test
+migrations.individual.mssql.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/models/migrations -o migrations.individual.mssql.test
 
 .PHONY: migrations.individual.sqlite.test
-migrations.individual.sqlite.test: $(GO_SOURCES) generate-ini-sqlite
-	for pkg in $(MIGRATION_PACKAGES); do \
-		GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' $$pkg || exit 1; \
-	done
-
-.PHONY: migrations.individual.sqlite.test\#%
-migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
+migrations.individual.sqlite.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/models/migrations -o migrations.individual.sqlite.test -tags '$(TEST_TAGS)'
 
 e2e.mysql.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql.test
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql.test
+
+e2e.mysql8.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql8.test
 
 e2e.pgsql.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.pgsql.test
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.pgsql.test
+
+e2e.mssql.test: $(GO_SOURCES)
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mssql.test
 
 e2e.sqlite.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.sqlite.test -tags '$(TEST_TAGS)'
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.sqlite.test -tags '$(TEST_TAGS)'
 
 .PHONY: check
 check: test
 
-###
-# Production / build targets
-###
-
 .PHONY: install $(TAGS_PREREQ)
 install: $(wildcard *.go)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) install -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
@@ -846,35 +750,36 @@ generate: generate-backend
 generate-backend: $(TAGS_PREREQ) generate-go
 
 .PHONY: generate-go
-generate-go: $(TAGS_PREREQ)
+generate-go: $(TAGS_PREREQ) merge-locales
 	@echo "Running go generate..."
-	@CC= GOOS= GOARCH= CGO_ENABLED=0 $(GO) generate -tags '$(TAGS)' ./...
+	@CC= GOOS= GOARCH= $(GO) generate -tags '$(TAGS)' $(GO_PACKAGES)
 
 .PHONY: merge-locales
 merge-locales:
-	@echo "NOT NEEDED: THIS IS A NOOP AS OF Forgejo 7.0 BUT KEPT FOR BACKWARD COMPATIBILITY"
+	$(GO) run build/merge-forgejo-locales.go
+
+.PHONY: security-check
+security-check:
+	govulncheck -v ./...
 
 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
 
-forgejo: $(EXECUTABLE)
-	ln -f $(EXECUTABLE) forgejo
-
-static-executable: $(GO_SOURCES) $(TAGS_PREREQ)
-	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags 'netgo osusergo $(TAGS)' -ldflags '-s -w -linkmode external -extldflags "-static" $(LDFLAGS)' -o $(EXECUTABLE)
-
 .PHONY: release
 release: frontend generate release-linux release-copy release-compress vendor release-sources release-check
 
-# just the sources, with all assets builtin and frontend resources generated
-sources-tarbal: frontend generate vendor release-sources release-check
-
 $(DIST_DIRS):
 	mkdir -p $(DIST_DIRS)
 
 .PHONY: release-windows
 release-windows: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
+ifeq (,$(findstring gogit,$(TAGS)))
+	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'osusergo gogit $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION)-gogit .
+endif
+ifeq ($(CI),true)
+	cp /build/* $(DIST)/binaries
+endif
 
 .PHONY: release-linux
 release-linux: | $(DIST_DIRS)
@@ -886,10 +791,16 @@ endif
 .PHONY: release-darwin
 release-darwin: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin-10.12/amd64,darwin-10.12/arm64' -out gitea-$(VERSION) .
+ifeq ($(CI),true)
+	cp /build/* $(DIST)/binaries
+endif
 
 .PHONY: release-freebsd
 release-freebsd: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'freebsd/amd64' -out gitea-$(VERSION) .
+ifeq ($(CI),true)
+	cp /build/* $(DIST)/binaries
+endif
 
 .PHONY: release-copy
 release-copy: | $(DIST_DIRS)
@@ -901,7 +812,7 @@ release-check: | $(DIST_DIRS)
 
 .PHONY: release-compress
 release-compress: | $(DIST_DIRS)
-	cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "compressing $${file}" && $(GO) run $(GXZ_PACKAGE) -k -9 $${file}; done;
+	cd $(DIST)/release/; for file in `find . -type f -name "*"`; do echo "compressing $${file}" && $(GO) run $(GXZ_PAGAGE) -k -9 $${file}; done;
 
 .PHONY: release-sources
 release-sources: | $(DIST_DIRS)
@@ -915,37 +826,17 @@ release-sources: | $(DIST_DIRS)
 
 .PHONY: release-docs
 release-docs: | $(DIST_DIRS) docs
-	tar -czf $(DIST)/release/gitea-docs-$(VERSION).tar.gz -C ./docs .
+	tar -czf $(DIST)/release/gitea-docs-$(VERSION).tar.gz -C ./docs/public .
 
-.PHONY: reproduce-build
-reproduce-build:
-# Start building the Dockerfile with the RELEASE_VERSION tag set. GOPROXY is set
-# for convenience, because the default of the Dockerfile is `direct` which can be
-# quite slow.
-	@docker build --build-arg="RELEASE_VERSION=$(RELEASE_VERSION)" --build-arg="GOPROXY=$(shell $(GO) env GOPROXY)" --tag "forgejo-reproducibility" .
-	@id=$$(docker create forgejo-reproducibility); \
-	docker cp $$id:/app/gitea/gitea ./forgejo; \
-	docker rm -v $$id; \
-	docker image rm forgejo-reproducibility:latest
-
-.PHONY: reproduce-build\#%
-reproduce-build\#%:
-	@git switch -d "$*"
-# All the current variables are based on information before the git checkout happened.
-# Call the makefile again, so these variables are correct and can be used for building
-# a reproducible binary. Always execute git switch -, to go back to the previous branch.
-	@make reproduce-build; \
-	(code=$$?; git switch -; exit $${code})
-
-###
-# Dependency management
-###
+.PHONY: docs
+docs:
+	@hash hugo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		curl -sL https://github.com/gohugoio/hugo/releases/download/v0.74.3/hugo_0.74.3_Linux-64bit.tar.gz | tar zxf - -C /tmp && mv /tmp/hugo /usr/bin/hugo && chmod +x /usr/bin/hugo; \
+	fi
+	cd docs; make trans-copy clean build-offline;
 
 .PHONY: deps
-deps: deps-frontend deps-backend deps-tools deps-py
-
-.PHONY: deps-py
-deps-py: .venv
+deps: deps-frontend deps-backend
 
 .PHONY: deps-frontend
 deps-frontend: node_modules
@@ -953,29 +844,28 @@ deps-frontend: node_modules
 .PHONY: deps-backend
 deps-backend:
 	$(GO) mod download
-
-.PHONY: deps-tools
-deps-tools:
 	$(GO) install $(AIR_PACKAGE)
 	$(GO) install $(EDITORCONFIG_CHECKER_PACKAGE)
+	$(GO) install $(ERRCHECK_PACKAGE)
 	$(GO) install $(GOFUMPT_PACKAGE)
 	$(GO) install $(GOLANGCI_LINT_PACKAGE)
-	$(GO) install $(GXZ_PACKAGE)
+	$(GO) install $(GXZ_PAGAGE)
 	$(GO) install $(MISSPELL_PACKAGE)
 	$(GO) install $(SWAGGER_PACKAGE)
 	$(GO) install $(XGO_PACKAGE)
 	$(GO) install $(GO_LICENSES_PACKAGE)
 	$(GO) install $(GOVULNCHECK_PACKAGE)
-	$(GO) install $(GOMOCK_PACKAGE)
-	$(GO) install $(GOPLS_PACKAGE)
 
 node_modules: package-lock.json
 	npm install --no-save
 	@touch node_modules
 
-.venv: poetry.lock
-	poetry install
-	@touch .venv
+.PHONY: npm-update
+npm-update: node-check | node_modules
+	npx updates -cu
+	rm -rf node_modules package-lock.json
+	npm install --package-lock
+	@touch node_modules
 
 .PHONY: fomantic
 fomantic:
@@ -983,10 +873,7 @@ fomantic:
 	cd $(FOMANTIC_WORK_DIR) && npm install --no-save
 	cp -f $(FOMANTIC_WORK_DIR)/theme.config.less $(FOMANTIC_WORK_DIR)/node_modules/fomantic-ui/src/theme.config
 	cp -rf $(FOMANTIC_WORK_DIR)/_site $(FOMANTIC_WORK_DIR)/node_modules/fomantic-ui/src/
-	$(SED_INPLACE) -e 's/  overrideBrowserslist\r/  overrideBrowserslist: ["defaults"]\r/g' $(FOMANTIC_WORK_DIR)/node_modules/fomantic-ui/tasks/config/tasks.js
 	cd $(FOMANTIC_WORK_DIR) && npx gulp -f node_modules/fomantic-ui/gulpfile.js build
-	# fomantic uses "touchstart" as click event for some browsers, it's not ideal, so we force fomantic to always use "click" as click event
-	$(SED_INPLACE) -e 's/clickEvent[ \t]*=/clickEvent = "click", unstableClickEvent =/g' $(FOMANTIC_WORK_DIR)/build/semantic.js
 	$(SED_INPLACE) -e 's/\r//g' $(FOMANTIC_WORK_DIR)/build/semantic.css $(FOMANTIC_WORK_DIR)/build/semantic.js
 	rm -f $(FOMANTIC_WORK_DIR)/build/*.min.*
 
@@ -995,27 +882,39 @@ webpack: $(WEBPACK_DEST)
 
 $(WEBPACK_DEST): $(WEBPACK_SOURCES) $(WEBPACK_CONFIGS) package-lock.json
 	@$(MAKE) -s node-check node_modules
-	@rm -rf $(WEBPACK_DEST_ENTRIES)
-	@echo "Running webpack..."
-	@BROWSERSLIST_IGNORE_OLD_DATA=true npx webpack
+	rm -rf $(WEBPACK_DEST_ENTRIES)
+	npx webpack
 	@touch $(WEBPACK_DEST)
 
 .PHONY: svg
 svg: node-check | node_modules
 	rm -rf $(SVG_DEST_DIR)
-	node tools/generate-svg.js
+	node build/generate-svg.js
 
 .PHONY: svg-check
 svg-check: svg
 	@git add $(SVG_DEST_DIR)
-	@git diff --exit-code --color=always --cached $(SVG_DEST_DIR) \
-	|| (code=$$?; echo "Please run 'make svg' and commit the result"; exit $${code})
+	@diff=$$(git diff --cached $(SVG_DEST_DIR)); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make svg' and 'git add $(SVG_DEST_DIR)' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
 
 .PHONY: lockfile-check
 lockfile-check:
 	npm install --package-lock-only
-	@git diff --exit-code --color=always package-lock.json \
-	|| (code=$$?; echo "Please run 'npm install --package-lock-only' and commit the result"; exit $${code})
+	@diff=$$(git diff package-lock.json); \
+	if [ -n "$$diff" ]; then \
+		echo "package-lock.json is inconsistent with package.json"; \
+		echo "Please run 'npm install --package-lock-only' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
+
+.PHONY: update-translations
+update-translations:
+	# noop to detect merge conflicts (potentially needs updating the scripts) and avoid breaking with Gitea
 
 .PHONY: generate-license
 generate-license:
@@ -1025,14 +924,10 @@ generate-license:
 generate-gitignore:
 	$(GO) run build/generate-gitignores.go
 
-.PHONY: generate-gomock
-generate-gomock:
-	$(GO) run $(GOMOCK_PACKAGE) -package mock -destination ./modules/queue/mock/redisuniversalclient.go code.gitea.io/gitea/modules/nosql RedisClient
-
 .PHONY: generate-images
 generate-images: | node_modules
-	npm install --no-save fabric@6 imagemin-zopfli@7
-	node tools/generate-images.js $(TAGS)
+	npm install --no-save --no-package-lock fabric@5 imagemin-zopfli@7
+	node build/generate-images.js $(TAGS)
 
 .PHONY: generate-manpage
 generate-manpage:
@@ -1042,10 +937,33 @@ generate-manpage:
 	@gzip -9 man/man1/gitea.1 && echo man/man1/gitea.1.gz created
 	@#TODO A small script that formats config-cheat-sheet.en-us.md nicely for use as a config man page
 
+.PHONY: pr\#%
+pr\#%: clean-all
+	$(GO) run contrib/pr/checkout.go $*
+
+.PHONY: golangci-lint
+golangci-lint:
+	$(GO) run $(GOLANGCI_LINT_PACKAGE) run
+
+# workaround step for the lint-backend-windows CI task because 'go run' can not
+# have distinct GOOS/GOARCH for its build and run steps
+.PHONY: golangci-lint-windows
+golangci-lint-windows:
+	@GOOS= GOARCH= $(GO) install $(GOLANGCI_LINT_PACKAGE)
+	golangci-lint run
+
+.PHONY: editorconfig-checker
+editorconfig-checker:
+	$(GO) run $(EDITORCONFIG_CHECKER_PACKAGE) templates
+
+.PHONY: docker
+docker:
+	docker build --disable-content-trust=false -t $(DOCKER_REF) .
+# support also build args docker build --build-arg GITEA_VERSION=v1.2.3 --build-arg TAGS="bindata sqlite sqlite_unlock_notify"  .
+
+.PHONY: docker-build
+docker-build:
+	docker run -ti --rm -v "$(CURDIR):/srv/app/src/code.gitea.io/gitea" -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" LDFLAGS="$(LDFLAGS)" CGO_EXTRA_CFLAGS="$(CGO_EXTRA_CFLAGS)" webhippie/golang:edge make clean build
+
 # This endif closes the if at the top of the file
 endif
-
-# Disable parallel execution because it would break some targets that don't
-# specify exact dependencies like 'backend' which does currently not depend
-# on 'frontend' to enable Node.js-less builds from source tarballs.
-.NOTPARALLEL:
diff --git a/README.md b/README.md
index 0c4becacc4..fa21427674 100644
--- a/README.md
+++ b/README.md
@@ -35,16 +35,12 @@ If you like any of the following, Forgejo is literally meant for you:
 - Privacy: From update checker to default settings: Forgejo is built to be **privacy first** for you and your crew.
 - Federation: (WIP) We are actively working to connect software forges with each other through **ActivityPub**,
   and create a collaborative network of personal instances.
+  Interested? [Read more](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING/WORKFLOW.md#federation-https-codeberg-org-forgejo-forgejo-issues-labels-79349)
 
 ## Learn more
 
-Dive into the [documentation](https://forgejo.org/docs/latest/), subscribe to releases and blog post on [our website](https://forgejo.org), find us on the Fediverse or hop into [our Matrix room](https://matrix.to/#/#forgejo-chat:matrix.org) if you have any questions or want to get involved.
+Subscribe to releases and blog post on [our website](https://forgejo.org), find us on the Fediverse or hop into [our Matrix room](https://matrix.to/#/#forgejo-chat:matrix.org) if you have any questions or want to get involved.
 
-## License
-
-Forgejo is distributed under the terms of the [GPL version 3.0](LICENSE) or any later version.
-
-The agreement for this license [was documented in June 2023](https://codeberg.org/forgejo/governance/pulls/24) and implemented during the development of Forgejo v9.0. All Forgejo versions before v9.0 are distributed under the MIT license.
 
 ## Get involved
 
diff --git a/RELEASE-NOTES.md b/RELEASE-NOTES.md
index 32f7b8c264..1d4c525018 100644
--- a/RELEASE-NOTES.md
+++ b/RELEASE-NOTES.md
@@ -1,2259 +1,8 @@
 # Release Notes
 
-A minor or major Forgejo release is published every [three months](https://forgejo.org/docs/latest/developer/release/#release-cycle), with more patch releases in between depending on the severity of the bug and security fixes it contains.
+A Forgejo release is published shortly after a Gitea release is published and they have [matching release numbers](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CONTRIBUTING/RELEASE.md#release-numbering). Additional Forgejo releases may be published to address urgent security issues or bug fixes. Forgejo release notes include all Gitea release notes.
 
-A [patch or minor release](https://semver.org/spec/v2.0.0.html) (e.g. upgrading from v7.0.0 to v7.0.1 or v7.1.0) does not require manual intervention. But [major releases](https://semver.org/spec/v2.0.0.html#spec-item-8) where the first version number changes (e.g. upgrading from v1.21 to v7.0) contain breaking changes and the release notes explain how to deal with them.
-
-The release notes of each release [are available in the release-notes-published directory of this repository](release-notes-published), starting with [Forgejo 7.0.7](release-notes-published/7.0.7.md) and [Forgejo 8.0.1](release-notes-published/8.0.1.md).
-
-## 9.0.2
-
-See the [Forgejo 9.0.2 release notes](release-notes-published/9.0.2.md).
-
-## 9.0.1
-
-See the [Forgejo 9.0.1 release notes](release-notes-published/9.0.1.md).
-
-## 9.0.0
-
-See the [Forgejo 9.0.0 release notes](release-notes-published/9.0.0.md).
-
-## 8.0.3
-
-See the [Forgejo 8.0.3 release notes](release-notes-published/8.0.3.md).
-
-## 8.0.2
-
-See the [Forgejo 8.0.2 release notes](release-notes-published/8.0.2.md).
-
-## 8.0.1
-
-See the [Forgejo 8.0.1 release notes](release-notes-published/8.0.1.md).
-
-## 8.0.0
-
-A [companion blog post](https://forgejo.org/2024-07-release-v8-0/) provides additional context on this release. In addition to the pull requests listed below, you will find a complete list in the [v8.0 milestone](https://codeberg.org/forgejo/forgejo/milestone/6042).
-
-- Two frontend features were removed because a license incompatibility was discovered. [Read more in the dedicated blog post](https://forgejo.org/2024-07-non-free-dependency-found/).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4670): [Mermaid](https://mermaid.js.org/) rendering: `%%{init: {"flowchart": {"defaultRenderer": "elk"}} }%%` will now fail because [ELK](https://github.com/kieler/elkjs) is no longer included.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4595): Repository citation: Removed the ability to export citations in APA format.
-
-
-- **Breaking**
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3040): remove Microsoft SQL Server support see [the discussion](https://codeberg.org/forgejo/discussions/issues/122).
-- **User interface features & enhancements**
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4590) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4571)): Replace `vue-bar-graph` with `chart.js`
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4201): make the tooltip of the author label in comments clearer.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4189): only show the RSS feed button and Public activity tab in user profiles when the activity can be accessed and add messages about visibility.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4139): reorder repo tabs for better UX: (i) `Actions` is now the last tab (ii) `Packages` are located after Releases (iii) this puts Projects after Pull requests. (tab positions may depend on which units are enabled in the repo).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4134): code search results are now displayed in a foldable box.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4095): disable the `Subscribe` button for guest users.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4072): 
-    - Added Enter key handling to the new Markdown editor: Pressing Enter while in a list, quote or code block will copy the prefix to the new line - Ordered list index will be increased for the new line, and task list "checkbox" will be unchecked.
-    - Added indent/unindent function for a line or selection. Currently available as toolbar buttons ([#4263](https://codeberg.org/forgejo/forgejo/pulls/4263)).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3985): added support for displaying images based on the users current color code by using an anchor of `#dark-mode-only` or `#light-mode-only` respectively. Also supporting the github variants (e.g. `#gh-dark-mode-only`).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3870): use CSS-native pattern for image diff background, add dark theme support.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3642): allow navigating to the organization dashboard from the organization view.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3434): when PDFs are displayed in the repository, the full height of the screen is now used instead of a predefined fixed height.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3337): added support for grouping of log-lines inside steps between the special `::group::{title}` and `::endgroup::` workflow commands. A runner of v3.4.2 or later is needed.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3285): the default for `[repository].USE_COMPAT_SSH_URI` has been changed to `true`. With this change, Forgejo defaults to using the same URL style for SSH clone URLs as for HTTPS ones, instead of the former scp-style.
-- **Features & Enhancements**
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4283) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4266)): add support for LFS server implementations which have batch API responses in an older/deprecated schema.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4262): introduce a branch/tag dropdown in the code search page if using git-grep.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4160): added support for fuzzy searching in `/user/repo/issues` and `/user/repo/pulls`.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4145): 
-    - feat(perf): [commit](https://codeberg.org/forgejo/forgejo/commit/358cd67c4f316f2d4f1d3be6dcb891dc04a2ff07) reduce memory usage for chunked artifact uploads to S3.
-    - feat: [commit](https://codeberg.org/forgejo/forgejo/commit/b60e3ac7b4aeeb9b8760f43eea9576c0e23309e9) allow downloading draft releases assets.
-    - feat: [commit](https://codeberg.org/forgejo/forgejo/commit/1fca15529ac8fefb60d86b0c1f4bec8dae9a8566) API endpoints for managing tag protection.
-    - feat: [commit](https://codeberg.org/forgejo/forgejo/commit/4334c705b5f9388b16af23c7e75a69d027d07d5e) extract and display readme and comments for Composer packages.
-    - fix: [commit](https://codeberg.org/forgejo/forgejo/commit/364922c6e4f28264add9e2501a352c25ad6a0993) when a repository is adopted, its object format is not set in the database.
-    - fix: [commit](https://codeberg.org/forgejo/forgejo/commit/e7f332a55d6a48a3f3b4f2bfa43d18455ac00acc) during a migration from bitbucket, LFS downloads fail.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4143): a help overlay, triggered by "?" key can be displayed when viewing [asciinema](https://asciinema.org/) files (.cast extension) and [SGR color sequence](https://github.com/asciinema/avt/issues/9) are supported.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4136): strikethrough in markdown can be achieved with [a single ~ in addition to ~~](https://github.github.com/gfm/#strikethrough-extension-).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4083): 
-    - feat: add [Reviewed-on and Reviewed-by variables](https://codeberg.org/forgejo/forgejo/commit/4ddd9af50fbfcfb2ebf629697a803b3bce56c4af) to the merge template.
-    - feat(perf): [add the `[ui.csv].MAX_ROWS` setting](https://codeberg.org/forgejo/forgejo/commit/433b6c6910f8699dc41787ef8f5148b122b4677e) to avoid displaying a large number of lines (defaults to 2500).
-    - feat: [add a setting to override or add headers of all outgoing emails](https://codeberg.org/forgejo/forgejo/commit/1d4bff4f65d5e4a3969871ef91d3612daf272b45), for instance `Reply-To` or `In-Reply-To`.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4027): the Gitea/Forgejo webhook payload includes additional fields (`html_url`, `additions`, `deletions`, `review_comments`...) for better compatibility with [OpenProject](https://www.openproject.org/).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4026): when an OAuth grant request submitted to a Forgejo user is denied, the server from which the request originates is notified that it has been denied.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3989): 
-    - feat: API endpoints that return a repository now [also include the topics](https://codeberg.org/forgejo/forgejo/commit/ee2247d77c0b13b0b45df704d7589b541db03899).
-    - feat: display an error when an issue comment is [edited simultaneously by two users](https://codeberg.org/forgejo/forgejo/commit/ca0921a95aa9a37d8820538458c15fd0a3b0c97c) instead of silently overriding one of them.
-    - feat: add [support for a credentials chain for minio](https://codeberg.org/forgejo/forgejo/commit/73706ae26d138684ef9da9e1164846a040fd4a7d).
-    - feat(perf): improve performances when [retrieving pull requests via the API](https://codeberg.org/forgejo/forgejo/commit/47a2102694c47bc30a2a7c673c328471839ef206).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3934): when installing Forgejo through the built-in installer, open (self-) registration is now disabled by default.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3917): support [setting the default attribute of the issue template dropdown field](https://codeberg.org/forgejo/forgejo/commit/df15abd07264138fd07e003d0cf056f7da514b8f)
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3886): For federated-star we introduce a new repository setting to define following repositories. That is a workaround till we find a better way to express repository federation.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3847): Basic wiki content search using git-grep. The search results include the first ten matched files. Only the first three matches per file are displayed.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3838): support using label names when changing issue labels.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3836): parse prefix parameter from redis URI for queues and use that as prefix to keys.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3830): neutralize delete runners' UUID to prevent collisions with new records.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3811): implement a non-caching version of the [RubyGems compact API](https://guides.rubygems.org/rubygems-org-compact-index-api/) for bundler dependency resolution.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3808): add support for the [reddit](https://github.com/markbates/goth/pull/523) and [Hubspot](https://github.com/markbates/goth/pull/531) OAuth providers.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3791): when parsing [incoming emails](https://forgejo.org/docs/v8.0/user/incoming/), [remove tspecials from type/subtype](https://github.com/jhillyerd/enmime/pull/317). According to the RFC, content type and subtype cannot contain special characters and any such character will fail parsing. Removing the characters from the type/subtype can help successfully parsing the content type that contains some extra garbage.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3752): there are a couple of new configs to define the name of the instance. The more important is `APP_SLOGAN`. It permits to configure a slogan for the site and it is optional. The other is `APP_DISPLAY_NAME_FORMAT` and permits to customize the aspect of the full display name for the instance used in some parts of the UI as: (i) Title page, (ii) Homepage head title (ii) Open Graph site and title meta tags. Its default value is `APP_NAME: APP_SLOGAN`. The config `APP_DISPLAY_NAME_FORMAT` is used only if `APP_SLOGAN` is set otherwise the full display name shows only `APP_NAME` value.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3729): 
-    - feat: [commit](https://codeberg.org/forgejo/forgejo/commit/7028fe0b4d89c045b64ae891d2716e89965bc012): add actions-artifacts to the [storage migrate CLI](https://forgejo.org/docs/v8.0/admin/command-line/#migrate).
-    - fix: [commit](https://codeberg.org/forgejo/forgejo/commit/8f0f6bf89cdcd12cd4daa761aa259fdba7e32b50): pull request search shows closed pull requests in the open tab.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3724): 
-    - [CERT management was improved](https://codeberg.org/forgejo/forgejo/pulls/3724) when [`ENABLE_ACME=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#server-server)
-      -   Draft support for draft-03 of [ACME Renewal Information (ARI)](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/) which assists with deciding when to renew certificates. This augments CertMagic's already-advanced logic using cert lifetime and OCSP/revocation status.
-      -   New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accessed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support.
-      -   DNS challenges should be smoother in some cases as we've improved propagation checking.
-      -   In the odd case your ACME account disappears from the ACME server, CertMagic will automatically retry with a new account. (This happens in some test/dev environments.)
-      -   ACME accounts are identified only by their public keys, but CertMagic maps accounts by CA+email for practical/storage reasons. So now you can "pin" an account key to use by specifying your email and the account public key in your config, which is useful if you need to absolutely be sure to use a specific account (like if you get rate limit exemptions from a CA).
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3723): 
-    - With the go-enry upgrade to [v2.8.8](https://github.com/go-enry/go-enry/releases/tag/v2.8.8), language detection in the repository [now includes](https://github.com/github-linguist/linguist/releases/tag/v7.29.0):
-      - New languages
-        - [Roc](https://github.com/github-linguist/linguist/pull/6633)
-        - [BitBake](https://github.com/github-linguist/linguist/pull/6665) with `.bbappend`, `.bbclass` and `.inc` extensions
-        - [Glimmer TS](https://github.com/github-linguist/linguist/pull/6680)
-        - [Edge](https://github.com/github-linguist/linguist/pull/6695)
-        - [Pip Requirements](https://github.com/github-linguist/linguist/pull/6739)
-        - [Mojo](https://github.com/github-linguist/linguist/pull/6400)
-        - [Slint](https://github.com/github-linguist/linguist/pull/6750)
-        - [Oberon](https://github.com/github-linguist/linguist/pull/4645)
-      - New data formats
-        - [TextGrid](https://github.com/github-linguist/linguist/pull/6719)
-      - File names and extensions:
-        - The [rebornix.Ruby extension is deprecated in favor of Shopify.ruby-lsp](https://github.com/github-linguist/linguist/pull/6738)
-        - [Add .bicepparam to list of Bicep file extensions](https://github.com/github-linguist/linguist/pull/6664)
-        - [Add cs.pp extension to C#](https://github.com/github-linguist/linguist/pull/6679)
-        - [Add tmux.conf and .tmux.conf as shell filenames](https://github.com/github-linguist/linguist/pull/6726)
-        - [Add .env.sample as Dotenv filename](https://github.com/github-linguist/linguist/pull/6732)
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3654): support Code Search for non-default branches and tags when the repository indexer is disabled.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3615): add an immutable tarball link to archive download headers for Nix.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3414): allow to customize the domain name used as a fallback when synchronizing sources from ldap default domain name.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3383): the default config for `database.MAX_OPEN_CONNS` changed from 0 (unlimited) to 100 to avoid problems if it exceeds the limit by the database server. If you require high concurrency, try to increase this value for both Forgejo **and your database server**.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3366): infer the `[email.incoming].PORT` setting from `.USE_TLS`.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3363): reverted the rootless container image path in `GITEA_APP_INI` from `/etc/gitea/app.ini` to its default value of `/var/lib/gitea/custom/conf/app.ini`. This allows container users to not have to mount two separate volumes (one for the configuration data and one for the configuration `.ini` file). A warning is issued for users with the legacy configuration on how to update to the new path.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3334): added support for the [`workflow_dispatch` trigger](https://forgejo.org/docs/v8.0/user/actions/#onworkflow_dispatch) in Forgejo Actions.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3307): support [Proof Key for Code Exchange (PKCE - RFC7636)](https://www.rfc-editor.org/rfc/rfc7636) for external login using the OpenID Connect authentication source.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/3139): allow hiding auto generated release archives.
-- **Bug fixes**
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4732) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4715)): Show the AGit label on merged pull requests.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4689) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4687)): Fixed: issue state change via the API is not idempotent.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4547) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4546)): The milestone section in the sidebar on the issue and pull request page now uses HTMX. If you update the milestone of a issue or pull request it will no longer reload the whole page and instead update the current page with the new information about the milestone update. This should provide a smoother user experience.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4402) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4382)): Fix mobile UI for organisation creation.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4621) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4618)): Fixes: Forgejo Actions does not trigger an edited event when the title of an issue or pull request is changed.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4529) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4523)): Load attachments for `/issues/comments/{id}`.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4423) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4375)): Fixed: the "View command line instructions" link in pull requests and the "Copy content" button in file editor are not accessible.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4380) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4377)): Use correct SHA in `GetCommitPullRequest`
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4288) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4253)): Fixed: unknown git push options are rejected instead of being ignored.
-  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4240): Fixed: markdown `[*[a]*](b)` [is incorrectly rendered as `

[a]

`](https://github.com/yuin/goldmark/issues/457). - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4222): Fixed: markdown files displayed in the UI that have an unescaped backtick in the image alt [could (accidentally) trigger an inline code](https://github.com/yuin/goldmark/issues/456). - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3562): Fixed: when the git repository is empty, it is not possible to unsubscribe from an issue. - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3442): Fixed: it is not possible to remove attachments from an empty comment. - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3430): Fixed: the `/api/v1/repos/{owner}/{repo}/wiki` API endpoints is using a hardcoded "master" branch for the wiki, rather than the branch they really use. - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3379): Fixed: using the API to search for users, the results are not paged by default an the default paging limits are not respected. -- **Localization** - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4661) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4568)): 24 July updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4565) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4451)): 19 July updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4445) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4330)): 11 July updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4316) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4251)): 4 July updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4168): 18 June updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4098): 10 June updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3992): 2 June updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3908): 25 May updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3851): 20 May updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3759): 14 May updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3637): 5 May updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3508): 28 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3359): 22 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3244): 15 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3138): 10 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/3064): 5 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/2982): 3 April updates - - [PR](https://codeberg.org/forgejo/forgejo/pulls/2937): 31 March updates - - -## 7.0.11 - -See the [Forgejo 7.0.11 release notes](release-notes-published/7.0.11.md). - -## 7.0.10 - -See the [Forgejo 7.0.10 release notes](release-notes-published/7.0.10.md). - -## 7.0.9 - -See the [Forgejo 7.0.9 release notes](release-notes-published/7.0.9.md). - -## 7.0.8 - -See the [Forgejo 7.0.8 release notes](release-notes-published/7.0.8.md). - -## 7.0.7 - -See the [Forgejo 7.0.7 release notes](release-notes-published/7.0.7.md). - -## 7.0.6 - -This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). In addition to the pull requests listed below, you will find a complete list in the [v7.0.6 milestone](https://codeberg.org/forgejo/forgejo/milestone/7252). - -- Two frontend features were removed because a license incompatibility was discovered. [Read more in the companion blog post](https://forgejo.org/2024-07-non-free-dependency-found/). - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4679) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4670)): [Mermaid](https://mermaid.js.org/) rendering: `%%{init: {"flowchart": {"defaultRenderer": "elk"}} }%%` will now fail because [ELK](https://github.com/kieler/elkjs) is no longer included. - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4600) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4595)): Repository citation: Removed the ability to export citations in APA format. -- **User Interface bug fixes** - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4593) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4571)): Replace `vue-bar-graph` with `chart.js` - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4731) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4715)): Show AGit label on merged PR - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4424) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4382)): Fix mobile UI for organisation creation -- **Bug fixes** - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4688) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4687)): fix(api): issue state change is not idempotent - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4647) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4638)): Reserve the `devtest` username - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4620) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4618)): fix(actions): no edited event triggered when a title is changed - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4528) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4523)): Load attachments for `/issues/comments/{id}` - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4526) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/3379)): When searching for users, page the results by default, and respect the default paging limits - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4422) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4375)): the "View command line instructions" link in pull requests and the "Copy content" button in file editor are not accessible - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4379) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4377)): Use correct SHA in `GetCommitPullRequest` -- Localization - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4594) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4451)): Update of translations from Weblate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4447): Update of translations from Weblate - - [PR](https://codeberg.org/forgejo/forgejo/pulls/4420) ([backported from](https://codeberg.org/forgejo/forgejo/pulls/4098)): 3 translation updates from Weblate - [PR 1](https://codeberg.org/forgejo/forgejo/pulls/4098), [PR 2](https://codeberg.org/forgejo/forgejo/pulls/4168), [PR 3](https://codeberg.org/forgejo/forgejo/pulls/4251) - -## 7.0.5 - -This is a security release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of pull requests](https://codeberg.org/forgejo/forgejo/pulls?milestone=6654) included in this release. - -* **regreSSHion** - - Recommended action when running Forgejo from a: - * binary - upgrade the OpenSSH server that was installed independently. - * root OCI image - upgrade to [Forgejo 7.0.5](https://codeberg.org/forgejo/-/packages/container/forgejo/7.0.5). - * rootless OCI image - no upgrade is necessary. - - [CVE-2024-6387](https://nvd.nist.gov/vuln/detail/CVE-2024-6387) also known as [regreSSHion](https://www.qualys.com/regresshion-cve-2024-6387/) is an Unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems. It is **strongly recommended** that an OpenSSH server installed independently of Forgejo is upgraded as soon as possible. - - All Forgejo OCI root images, including [7.0.5](https://codeberg.org/forgejo/-/packages/container/forgejo/7.0.5) contain an OpenSSH server. They are based on https://alpinelinux.org/ which relies on https://musl.libc.org/ and not https://en.wikipedia.org/wiki/Glibc. As a precaution the [Forgejo v7.0.5 root OCI image](https://codeberg.org/forgejo/-/packages/container/forgejo/7.0.5) contains an [updated OpenSSH server](https://pkgs.alpinelinux.org/packages?name=openssh&branch=v3.19) patched for [CVE-2024-6387](https://nvd.nist.gov/vuln/detail/CVE-2024-6387). - - The Forgejo OCI rootless images, including [7.0.5](https://codeberg.org/forgejo/-/packages/container/forgejo/7.0.5-rootless), do not contain an OpenSSH server, they rely on the internal Forgejo implementation of the SSH protocol. - -* **Security:** - * Compiled with Go v1.22.5. Fixed: [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791) - [GO-2024-2963](https://pkg.go.dev/vuln/GO-2024-2963): Denial of service due to improper 100-continue handling in net/http. The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. - -* **Bug fixes:** - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4059) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4194): Fixed: authentication Source Administration page wrongfully handles the "Custom URLs Instead of Default URLs" checkbox (missing checkbox, irrelevant fields). - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4151) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4149): Fixed: git push to an adopted repository fails. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4215) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4213) - [commit](https://codeberg.org/forgejo/forgejo/commit/4ed5044dea94872e025f585debf7a16e6bd6bbdb): Fixed: markdown doesn't render math within brackets - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4219) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4145) - [commit](https://codeberg.org/forgejo/forgejo/commit/9aa3ae955ff506d883737e576dd62f674a3ee372): Fixed: selecting the "No Project" filter in the issue/pull request list has no effect - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4248) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4241): Fixed: error 500 when processing crafted TIFF files. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4261) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4258): Fixed: wrong placeholder text in the form for adding repository collaborator. - -## 7.0.4 - -This is a security release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.3...v7.0.4) included in this release. - -* **Security:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/4054). Fixed: [CVE-2024-24789](https://pkg.go.dev/vuln/GO-2024-2888): the archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3639) - ([fix](https://codeberg.org/forgejo/forgejo/commit/1b088fade6c69e63843d1bdf402454c363b22ce2) & [test](https://codeberg.org/forgejo/forgejo/pulls/4032)). Fixed: the OAuth2 implementation does not always require authentication for public clients, a requirement of [RFC 6749 Section 10.2](https://datatracker.ietf.org/doc/html/rfc6749#section-10.2). A malicious client can impersonate another client and obtain access to protected resources if the impersonated client fails to, or is unable to, keep its client credentials confidential. - -* **Bug fixes:** - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4086) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4085). Fixed: `forgejo migrate-storage --type actions-artifacts` always fails because it picks the wrong path. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4017) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4015). Fixed: avatar files can be found in storage while they do not exist in the database. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3997) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3976). Fixed: repository admins are always denied the right to force merge and instance admins are subject to restrictions to merge that must only apply to repository admins. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3946) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3615). Fixed: non conformance with the [Nix tarball fetcher immutable link protocol](https://github.com/nixos/nix/blob/56763ff918eb308db23080e560ed2ea3e00c80a7/doc/manual/src/protocols/tarball-fetcher.md). - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3936) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3935). Fixed: migrated activities (such as reviews) are mapped to the user who initiated the migration rather than the Ghost user, if the external user cannot be mapped to a local one. This mapping mismatch leads to internal server errors in some cases. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3906) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3904). Fixed: a v7.0.0 regression causes `[admin].SEND_NOTIFICATION_EMAIL_ON_NEW_USER=true` to always be ignored. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3888) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3865). Fixed: using a subquery for user deletion is a performance bottleneck when using mariadb 10 because only mariadb 11 takes advantage of the available index. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3887) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3885). Fixed: a v7.0.3 regression causes the expanding diffs in pull requests to fail with a 404 error. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3881) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3864). Fixed: SourceHut Builds webhook fail when the `triggers` field is used. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3877) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3242). Fixed: the label list rendering in the issue and pull request timeline is displayed on multiple lines instead of a single one. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4084) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4083) - [commit](https://codeberg.org/forgejo/forgejo/commit/c6e04c3c9eddfa6c4bec541f681c8d300b157cdb). Fixed: NuGet Package fails `choco info pkgname` when `pkgname` is also a substring of another package Id. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4004) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3989) - [commit](https://codeberg.org/forgejo/forgejo/commit/62448bfb931882859388b2fd472cb89428c25323). Fixed: "Git hooks of this repository seem to be broken." warning when pushing more than one branch at a time. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3942) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3917) - [commit](https://codeberg.org/forgejo/forgejo/commit/7d7ea45465d6cd1ea0ec549a71f67b4a8ff930cf). Fixed: automerge does not happen when the approval count reaches the required threshold. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3942) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3917) - [commit](https://codeberg.org/forgejo/forgejo/commit/a649610d6175d1994b838f5672261400df9fdb92). Fixed: the `FORCE_PRIVATE=true` setting is not consistently enforced. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/3859) - [PR](https://codeberg.org/forgejo/forgejo/pulls/3838) - [commit](https://codeberg.org/forgejo/forgejo/commit/193ac67176afc72e9d108bc1730c354bfbf9a442). Fixed: CSRF validation errors when OAuth is not enabled. - * [backport](https://codeberg.org/forgejo/forgejo/pulls/4107) - [PR](https://codeberg.org/forgejo/forgejo/pulls/4076). Fixed: headlines in rendered org-mode do not have a margin on the top - -* **Localization:** - * Improvements to English locale: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3914), [[2]](https://codeberg.org/forgejo/forgejo/pulls/4114). - * Translation updates: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3907), [[2]](https://codeberg.org/forgejo/forgejo/pulls/3990), [[3]](https://codeberg.org/forgejo/forgejo/pulls/4099). - -## 7.0.3 - -This is a security release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.2...v7.0.3) included in this release. - -* Container image upgrades - - In the Forgejo v7.0.3 container images, the Git version was upgraded to [2.43.4](https://pkgs.alpinelinux.org/packages?name=git&branch=v3.19) which includes fixes for [multiple vulnerabilities](https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/). However, the vulnerabilities with a high impact can be exploited when Git is used in an environment (or Operating Systems) which is different from the Forgejo OCI image. - -* **Security:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3673). Fixed: [CVE-2024-24788](https://pkg.go.dev/vuln/GO-2024-2824): a malformed DNS message in response to a query can cause the lookup functions to get stuck in an infinite loop. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3802). Fixed: backticks in [mermaid](https://mermaid.js.org/) block diagram labels [are not sanitized properly](https://github.com/mermaid-js/mermaid/commit/c7fe9a646574597adefe3e6fb2b3707112a151aa). - -* **Bug fixes:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3588). Fixed: migration of a repository from gogs fails when it is hosted at a subpath. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3591). Fixed: when creating an OAuth2 application the redirect URLs are not enforced to be mandatory. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3659). Fixed: the API incorrectly excludes repositories where code is not enabled. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3677). Fixed: "Allow edits from maintainers" cannot be modified via the pull request web UI. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3687). Fixed: repository activity feeds (including RSS and Atom feeds) contain repeated activities. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3705). Fixed: uploading maven packages with metadata being uploaded separately will fail. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3751). Fixed: the mail notification sent about commits pushed to pull requests are empty. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3753). Fixed: inline emails attachments are not properly handled when commenting on an issue via email. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3760). Fixed: the links to .zip and tar.gz on the tag list web UI fail. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3767). Fixed: expanding code diff while previewing a pull request before it is created fails. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: the CLI is not able to migrate Forgejo Actions artifacts. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: when adopting a repository, the default branch is not taken into account. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3772). Fixed: when using reverse proxy authentication, logout will not be taken into account when immediately trying to login afterwards. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3788). Fixed: pushing to the master branch of a sha256 repository fails. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3827). Fixed: a very long project column name will make the action menu inaccessible. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3842). Fixed: a useless error is displayed when the title of a merged pull request is modified. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3846). Fixed: workflow badges are not working for workflows that are not running on push (such as scheduled workflows, and ones that run on tags and pull requests). - -* **Localization:** - * Improvements to English locale: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3825), [[2]](https://codeberg.org/forgejo/forgejo/pulls/3750), [[3]](https://codeberg.org/forgejo/forgejo/pulls/3742), [[4]](https://codeberg.org/forgejo/forgejo/pulls/3674), [[5]](https://codeberg.org/forgejo/forgejo/pulls/3641). - * Translation updates: [[1]](https://codeberg.org/forgejo/forgejo/pulls/3852), [[2]](https://codeberg.org/forgejo/forgejo/pulls/3749), [[3]](https://codeberg.org/forgejo/forgejo/pulls/3740), [[4]](https://codeberg.org/forgejo/forgejo/pulls/3631). - -* Gitea v1.21 compatibility - - This section is for information only and does not require any action. - - The semantic version of the Forgejo 7.0 releases are: - - * `v7.0.0+gitea-1.22.0` - * `v7.0.1+gitea-1.22.0` - * `v7.0.2+gitea-1.22.0` - * `v7.0.3+gitea-1.21.11` - - Gitea v1.22 is [not published yet](https://github.com/go-gitea/gitea/issues/30731) as of 21 May 2024 and in reality all Forgejo v7.0 releases are compatible with Gitea v1.21.11. Advertising they will be compatible with an unpublished Gitea version was incorrect. The Gitea v1.22 release was anticipated to happen shortly after [Forgejo v7.0 was published on 23 April 2024](https://forgejo.org/2024-04-release-v7-0/) because it was already in the late stages of its release candidate lifecycle. However, around 27 April, [the Gitea release candidates were dropped](https://github.com/go-gitea/gitea/issues/30501) and the release candidates restarted from the Gitea development branch. - -## 7.0.2 - -This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.1...v7.0.2) included in this release. - -* **Bug fixes:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3562): a v7.0.0 regression where subscribing to or unsubscribing from an issue in a repository with no code produced an internal server error. - * [PR](https://codeberg.org/forgejo/forgejo/issues/3559): a v7.0.0 regression makes all the refs sent in Gitea webhooks to be full refs and might break Woodpecker CI pipelines triggered on tag (`CI_COMMIT_TAG` contained the full ref). This issue [has been fixed](https://github.com/woodpecker-ci/woodpecker/pull/3664) in the `main` branch of Woodpecker CI as well. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3555): the webhook branch filter wrongly applied the match on the full ref for branch creation and deletion (wrongly skipping events). - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3537): toggling the WIP state of a pull request is possible from the sidebar, but not from the footer. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3565): when mentioning a user, the markup post-processor does not handle the case where the mentioned user does not exist: it tries to skip to the next node, which in turn, ended up skipping the rest of the line. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3570): excessive and unnecessary database queries when a user with no repositories is viewing their dashboard. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3580): duplicate status check contexts show in the branch protection settings. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3497): profile info fails to render german singular translation. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3504): inline attachments of [incoming emails](https://forgejo.org/docs/v7.0/user/incoming/) (as they occur for example with Apple Mail) are not attached to comments. - -## 7.0.1 - -This is a bug fix release. See the documentation for more information on the [upgrade procedure](https://forgejo.org/docs/v7.0/admin/upgrade/). - -In addition to the following notable bug fixes, you can browse the [full list of commits](https://codeberg.org/forgejo/forgejo/compare/v7.0.0...v7.0.1) included in this release. - -* **Bug fixes:** - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3466): LFS data corruption when running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`). - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3412): [non backward compatible change](https://codeberg.org/forgejo/forgejo/issues/3399) in the [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3448): error 500 because of an incorrect evaluation of the template when visiting the LFS settings of a repository. - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3464): `GET /repos/{owner}/{name}` API endpoint [always returns an empty string for the `object_format_name` field](https://codeberg.org/forgejo/forgejo/issues/3458). - * [PR](https://codeberg.org/forgejo/forgejo/pulls/3444): fuzzy search [may fail with bleve](https://codeberg.org/forgejo/forgejo/issues/3443). - -## 7.0.0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v7.0/forgejo) included in the `Forgejo v7.0.0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges origin/v1.21/forgejo..origin/v7.0/forgejo -``` - -* **Regressions and workarounds:** - * Running the [`forgejo doctor check --fix`](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-check) CLI command or setting [`[cron.gc_lfs].ENABLED=true`](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---garbage-collect-lfs-pointers-in-repositories-crongc_lfs) (the default is `false`) will corrupt the LFS storage. The workaround is to not run the doctor CLI command and disable the `cron.gc_lfs`. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3438). - * The [`forgejo admin user create`](https://forgejo.org/docs/v7.0/admin/command-line/#admin-user-create) CLI command [requires a password](https://codeberg.org/forgejo/forgejo/commit/b122c6ef8b9254120432aed373cbe075331132ac) change by default when creating the first user and the `--admin` flag is not specified. The `--must-change-password=false` argument must be given to not require a password change. This regression will be [fixed in 7.0.1](https://codeberg.org/forgejo/forgejo/issues/3399). -* **Breaking changes requiring manual intervention:** - * [Forgejo webhooks](https://codeberg.org/forgejo/forgejo/issues/3055) now always send full refs (starting with `refs/`) instead of sending short refs in some cases. This new behavior may require changes when the receiving end assumes a short ref will be received (for instance some versions of Woodpecker CI when receiving webhook payloads when a tag is set). - * [MySQL 8.0 or PostgreSQL 12](https://codeberg.org/forgejo/forgejo/commit/e94f9fcafdcf284561e7fb33f60156a69c4ad6a5) are the minimum supported versions. The database must be migrated before upgrading. The requirements regarding SQLite did not change. - * The `per_page` parameter is [no longer a synonym for `limit`](https://codeberg.org/forgejo/forgejo/commit/0aab2d38a7d91bc8caff332e452364468ce52d9a) in the [/repos/{owner}/{repo}/releases](https://code.forgejo.org/api/swagger/#/repository/repoListReleases) API endpoint. - * The date format of the `created` and `last_update` fields of the [`/repos/{owner}/{repo}/push_mirrors`](https://code.forgejo.org/api/swagger/#/repository/repoListPushMirrors) and [/repos/{owner}/{repo}/push_mirrors](https://code.forgejo.org/api/swagger/#/repository/repoAddPushMirror) API endpoint changed [to be timestamps instead of numbers](https://codeberg.org/forgejo/forgejo/commit/0ee7cbf725f45650136be45f8e0f74d395f73b5c). - * Labels used [by pprof endpoint](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#server-server) have been changed: - * `graceful-lifecycle` to `gracefulLifecycle` - * `process-type` to `processType` - * `process-description` to `processDescription` - This allows for those endpoints to be scraped by services requiring prometheus style labels such as [grafana-agent](https://grafana.com/docs/agent/latest/). - * The repository description [imposes additional restrictions on what it contains](https://codeberg.org/forgejo/forgejo/commit/1075ff74b5050f671c5f9824ae39390230b3c85d) to prevent abuse. You may use [the v7.0 test instance](https://v7.next.forgejo.org/) to check how it will be modified. - * The [Gitea themes were renamed](https://codeberg.org/forgejo/forgejo/commit/023e937141dd891bce3370c869d4db2c60f971ed) and the `[ui].THEMES` setting must be changed as follows: - * `gitea` is replaced by `gitea-light` - * `arc-green` is replaced by `gitea-dark` - * `auto` is replaced by `gitea-auto` -* **Breaking changes in the user interface:** - Note that the modifications related to CSS, templates or assets (images, fonts, etc.) are not documented here. - Although they can be extracted and modified, Forgejo does not provide any guarantee that such changes - will be portable from one version to another (even a patch version). See also - [the developer documentation about interface customization](https://forgejo.org/docs/v7.0/developer/customization/). - * [Update checker setting might change](https://codeberg.org/forgejo/forgejo/pulls/2925). The documentation was listing it as enabled by default, however, for a while it was disabled unless it was explicitly specified in the config or on the installation page. Instances migrated from Gitea also had it disabled due to different default value. Since then Forgejo got a privacy-friendly DNS-based update checking mechanism which is now being enabled by default unless explicitly specified [in the config](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#cron---check-for-new-forgejo-versions-cronupdate_checker). - * Language statistics for repositories that use `linguist` attributes in `.gitattributes` *may* show different statistics than previously, because Forgejo recognizes more [linguist attributes](https://forgejo.org/docs/v7.0/user/language-detection/) now. - * It is [no longer possible to replace the default web editor](https://codeberg.org/forgejo/forgejo/pulls/2916) used to write comments or issues and pull requests with the EasyMDE editor. It is however still available as an alternative to edit releases and wiki pages. - * [The list of all repositories and the `New Issue` button are no longer available in the user dashboard](https://codeberg.org/forgejo/forgejo/commit/beb71f5ef6e8074dc744ac995c15f7b5947a3f2e) for issues and pull requests. -* **Migration warning** - * If the logs show a line like the following, [run doctor convert](https://forgejo.org/docs/v7.0/admin/command-line/#doctor-convert) to fix it. - ``` - [W] Current database is using a case-insensitive collation "utf8mb4_general_ci" - ``` - * Large instances may experience slow migrations when the database is upgraded to support SHA-256 git repositories. For instance, here are the logs from a test migration of the https://codeberg.org production database: - ``` - [I] Migration[286]: Add support for SHA256 git repositories - [W] [Slow SQL Query] ALTER TABLE `commit_status` MODIFY COLUMN `context_hash` VARCHAR(64) [] - 3m41.647738396s - [W] [Slow SQL Query] ALTER TABLE `comment` MODIFY COLUMN `commit_sha` VARCHAR(64) [] - 1m5.500234133s - [W] [Slow SQL Query] ALTER TABLE `release` MODIFY COLUMN `sha1` VARCHAR(64) [] - 22.06241145s - ``` -* **Features and enhancements** - * Repository settings have been refactored, lifting out the repository unit-related settings to their own page. ([#2221](https://codeberg.org/forgejo/forgejo/pulls/2221)) - - When additional units can be enabled, an "Add more..." link will be displayed for repository admins. This can be turned off. ([#2533](https://codeberg.org/forgejo/forgejo/pulls/2533)) - * Repository administrators can [allow anyone to edit the wiki](https://forgejo.org/docs/v7.0/user/wiki/#activation-and-permissions) in the repository Settings. ([#2001](https://codeberg.org/forgejo/forgejo/pulls/2001)) - * Instance administrators can enable [repository badges](https://forgejo.org/docs/v7.0/user/readme-badges/) in the [configuration file](https://forgejo.org/docs/v7.0/admin/config-cheat-sheet/#badges-badges). This feature depends on a shield generator service such as shields.io, and is disabled by default. ([#2070](https://codeberg.org/forgejo/forgejo/pulls/2070)) - * Instance administrators can configure the additional clone methods displayed on the repository home view. ([gitea#29320](https://github.com/go-gitea/gitea/pull/29320)) - * Instance administrators can [assign custom flags to repositories](https://codeberg.org/forgejo/forgejo/pulls/2079). This is disabled by default, and currently requires custom templates to do anything useful with the flags. ([#2079](https://codeberg.org/forgejo/forgejo/pulls/2079) & [#2097](https://codeberg.org/forgejo/forgejo/pulls/2097)) - * Fallback for [basic repo search using git-grep](https://forgejo.org/docs/v7.0/user/code-search/) when code indexer is disabled ([gitea#29998](https://github.com/go-gitea/gitea/pull/29998)) - * Repository administrators can disable forking instance-wide by setting the new `[repository].DISABLE_FORKS` setting. ([#2445](https://codeberg.org/forgejo/forgejo/pulls/2445)) - * Render permalinks to files with a line range by an inline preview in all places where markup is allowed ([#2669](https://codeberg.org/forgejo/forgejo/pulls/2669)) - * A user can now optionally set their preferred pronouns ([#1518](https://codeberg.org/forgejo/forgejo/pulls/1518)). - * [Always enable caches](https://codeberg.org/forgejo/forgejo/commit/e7cb8da2a8310ac167b6f613b283caa3316a7154). - * Forgejo now recognizes more [linguist attributes](https://forgejo.org/docs/v7.0/user/language-detection/), making it possible to include documentation in the repository language statistics, for example. ([#2088](https://codeberg.org/forgejo/forgejo/pulls/2088)) - * When displaying the message to open a pull request from a recently pushed branch, the recently pushed branch now links to the appropriate branch. ([#2141](https://codeberg.org/forgejo/forgejo/pulls/2141)) - * Users who signed up, but have not activated their accounts yet, are now able to [change their email before activation](https://codeberg.org/forgejo/forgejo/pulls/1891). ([#1891](https://codeberg.org/forgejo/forgejo/pulls/1891)) - * The "You pushed on branch ...." banner is now displayed for repositories you have a fork of with recently pushed branches too ([#2195](https://codeberg.org/forgejo/forgejo/pulls/2195)), and it will no longer consider branches that share no history with the default branch. ([#2196](https://codeberg.org/forgejo/forgejo/pulls/2196)) - * Forgejo will now highlight signed tags in a similar way it highlights signed commits. ([#2534](https://codeberg.org/forgejo/forgejo/pulls/2534)) - * Forgejo gained support for the more recent GitHub-style alert blocks. ([#2348](https://codeberg.org/forgejo/forgejo/pulls/2348)) - - The older style remains supported too. - * [[ACTIONS] Add vars context to cron jobs](https://codeberg.org/forgejo/forgejo/pulls/3059) - * [[ACTIONS] Allow viewing the latest Action Run on the web](https://codeberg.org/forgejo/forgejo/pulls/1900) - * [[AGIT] Automatically fill in the description](https://codeberg.org/forgejo/forgejo/pulls/2344) - * [[API] Add API to get PR by base/head](https://codeberg.org/forgejo/forgejo/pulls/2481) - * [[API] commentAssignment() to verify the id belongs](https://codeberg.org/forgejo/forgejo/pulls/2126) - * [[API] DELETE /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}](https://codeberg.org/forgejo/forgejo/pulls/2157) - * [[API] endpoint for adding comments to reviews](https://codeberg.org/forgejo/forgejo/pulls/2122) - * [[API] GET /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}](https://codeberg.org/forgejo/forgejo/pulls/2127) - * [[API] support for repository flags](https://codeberg.org/forgejo/forgejo/pulls/2097) - * [[I18N] Clarify description in deletion modal](https://codeberg.org/forgejo/forgejo/pulls/2488) - * [[I18N] Clarify the description of SSH Keys](https://codeberg.org/forgejo/forgejo/pulls/2393) - * [[I18N] Data size unit localization](https://codeberg.org/forgejo/forgejo/pulls/2528) - * [[I18N] Improve branch select list ui in go templates (gitea#29729)](https://codeberg.org/forgejo/forgejo/pulls/2744) - * [[I18N] Improve localization of repo summary](https://codeberg.org/forgejo/forgejo/pulls/2756) - * [[I18N] Improve registration / password reset emails](https://codeberg.org/forgejo/forgejo/pulls/2529) - * [[I18N] Use correct translations for pull request](https://codeberg.org/forgejo/forgejo/pulls/2260) - * [[I18N] Improve translatability of activity heatmap](https://codeberg.org/forgejo/forgejo/pulls/2612) - * [[I18N] Improve English locale for admin settings](https://codeberg.org/forgejo/forgejo/pulls/2583) - * [I18N] Add plural support: [1](https://codeberg.org/forgejo/forgejo/pulls/2614), [2](https://codeberg.org/forgejo/forgejo/pulls/2695), [3](https://codeberg.org/forgejo/forgejo/pulls/2954), [4](https://codeberg.org/forgejo/forgejo/pulls/3031) - * [I18N] General improvements to English locale: [1](https://codeberg.org/forgejo/forgejo/pulls/2307), [2](https://codeberg.org/forgejo/forgejo/pulls/2437), [3](https://codeberg.org/forgejo/forgejo/pulls/2492), [4](https://codeberg.org/forgejo/forgejo/pulls/2610), [5](https://codeberg.org/forgejo/forgejo/pulls/2703), [6](https://codeberg.org/forgejo/forgejo/pulls/2941). - * [[I18N] Allow custom repo size format](https://codeberg.org/forgejo/forgejo/pulls/2974) - * [[PACKAGES] nuget basic manifest download](https://codeberg.org/forgejo/forgejo/pulls/2222) - * [[UI] Add label filters in organization issues dashboard](https://codeberg.org/forgejo/forgejo/pulls/2944) - * [[UI] Allow users to hide all "Add more units..." hints](https://codeberg.org/forgejo/forgejo/pulls/2533) - * [[UI] Display tag name as title for a tag with no release [gitea]](https://codeberg.org/forgejo/forgejo/pulls/2547) - * [[UI] Enable ambiguous character detection in configured contexts](https://codeberg.org/forgejo/forgejo/pulls/2427) - * [[UI] Improve display of 404/500 error pages](https://codeberg.org/forgejo/forgejo/pulls/2466) - * [[UI] Improve look of user profiles](https://codeberg.org/forgejo/forgejo/pulls/2875) - * [[UI] Include a branch link in the recently pushed banner](https://codeberg.org/forgejo/forgejo/pulls/2141) - * [[UI] Offer to remove WIP: prefix in sidebar](https://codeberg.org/forgejo/forgejo/pulls/2660) - * [[UI] Port console colors](https://codeberg.org/forgejo/forgejo/pulls/2419) - * [[UI] pulls "Edit File" button in "Files Changed" tab](https://codeberg.org/forgejo/forgejo/pulls/1992) - * [[UI] Remove add organization on dashboard switcher](https://codeberg.org/forgejo/forgejo/pulls/2895) - * [[UI] Restrict file size of blame operation](https://codeberg.org/forgejo/forgejo/pulls/2395) - * [[UI] Show follow symlink button](https://codeberg.org/forgejo/forgejo/pulls/2530) - * [[UI] split code conversations in diff tab](https://codeberg.org/forgejo/forgejo/pulls/2306) - * [[UI] Update look of repo/org tabs on homepage](https://codeberg.org/forgejo/forgejo/pulls/2593) - * [[UI] Visual separation between types of attachments](https://codeberg.org/forgejo/forgejo/pulls/2899) - * [[UI] [AGIT] Add AGit label to AGit-created PRs](https://codeberg.org/forgejo/forgejo/pulls/2444) - * [[UI] [AGIT] Add link to docs and tooltip to label](https://codeberg.org/forgejo/forgejo/pulls/2499) - * [Implement commit mail selection for other Git operations](https://codeberg.org/forgejo/forgejo/pulls/2383) - * [Improved Linguist compatibility](https://codeberg.org/forgejo/forgejo/pulls/2088) - * [improve nuget nuspec api](https://codeberg.org/forgejo/forgejo/pulls/2996) - * [Log SQL queries when the database return error](https://codeberg.org/forgejo/forgejo/pulls/2140) - * [New doctor check: fix-push-mirrors-without-git-remote](https://codeberg.org/forgejo/forgejo/pulls/1853) - * [New route to view latest run of specific workflows](https://codeberg.org/forgejo/forgejo/pulls/2304) - * [Check for Commit in opengraph](https://codeberg.org/forgejo/forgejo/pulls/2094) - * [Check if commit is already present in target branch](https://codeberg.org/forgejo/forgejo/pulls/2450) - * [Configure if protected branch rule should apply to admins](https://codeberg.org/forgejo/forgejo/pulls/2867) - * [Count downloads for tag archives](https://codeberg.org/forgejo/forgejo/pulls/2976) - * [depguard sha256-simd](https://codeberg.org/forgejo/forgejo/pulls/2234) - * [Don't consider orphan branches as recently pushed](https://codeberg.org/forgejo/forgejo/pulls/2196) - * [extend webfinger to respond to profile page URIs](https://codeberg.org/forgejo/forgejo/pulls/2883) - * [Highlight signed tags like signed commits](https://codeberg.org/forgejo/forgejo/pulls/2534) - * [Allow changing the email address before activation](https://codeberg.org/forgejo/forgejo/pulls/1891) - * [Allow changing the repo Wiki branch to main](https://codeberg.org/forgejo/forgejo/pulls/2264) - * [Allow forking without a repo ID](https://codeberg.org/forgejo/forgejo/pulls/2310) - * [Allow instance-wide disabling of forking](https://codeberg.org/forgejo/forgejo/pulls/2445) - * [Allow non-explicit push options](https://codeberg.org/forgejo/forgejo/pulls/2984) - * [Allow to exclude files in dump](https://codeberg.org/forgejo/forgejo/pulls/2876) - * [add bucket lookup type](https://codeberg.org/forgejo/forgejo/pulls/2482) - * [Add download URL for executable files](https://codeberg.org/forgejo/forgejo/pulls/1839) - * [Add gitignore template for Janet projects](https://codeberg.org/forgejo/forgejo/pulls/2557) - * [add optional storage init to doctor commands](https://codeberg.org/forgejo/forgejo/pulls/3034) - * [Add rel="nofollow" to issue filter links](https://codeberg.org/forgejo/forgejo/pulls/2367) - * [Add support for shields.io-based badges](https://codeberg.org/forgejo/forgejo/pulls/2070) - * [Add Zig gitignore](https://codeberg.org/forgejo/forgejo/pulls/2352) - * [Recognize SSH signed tags too](https://codeberg.org/forgejo/forgejo/pulls/2520) - * [Repository flags](https://codeberg.org/forgejo/forgejo/pulls/2079) - * [support `.forgejo` dir for issue and PR templates](https://codeberg.org/forgejo/forgejo/pulls/2290) - * [Support Include/Exclude Filters for Grep](https://codeberg.org/forgejo/forgejo/pulls/3058) - * [Use 'Text' instead of 'Plaintext'](https://codeberg.org/forgejo/forgejo/pulls/2833) - * [Render code tags in commit messages](https://codeberg.org/forgejo/forgejo/commit/3ccb0c2512cb551943945aaa3f2bd0b1e2abd3b8). - * [Refactor markdown attention render](https://codeberg.org/forgejo/forgejo/commit/ec2201a3da5f18e55bfc0a54114ac935804f4ef8). - * [Add default board to new projects, remove uncategorized pseudo-board](https://codeberg.org/forgejo/forgejo/commit/8ffb9c6fb1571a1221978440f108911057df25db). - * [Add more stats tables](https://codeberg.org/forgejo/forgejo/commit/926367fe1d778fe7c9f5bc6b8e8c514b619ef038). - * [Improve branch select list ui in go templates](https://codeberg.org/forgejo/forgejo/commit/729849a2fd026adbb91e3ff3259290f61bd919f0). - * [Update allowed attachment types](https://codeberg.org/forgejo/forgejo/commit/04b79bb48b490644c46e58da46af4b62a40e5e03). - * [Completely style the webkit autofill](https://codeberg.org/forgejo/forgejo/commit/9916f3ed64a715fb9a31a0fcad6452276e275615). - * [Set user's 24h preference from their current OS locale](https://codeberg.org/forgejo/forgejo/commit/427ab550a6a35e7369bc1b33a188bb3030c32ec0). - * [Make wiki default branch name changeable](https://codeberg.org/forgejo/forgejo/commit/7ea8993a0e342e7a30cb2da03216697b4819935a). - * [Make admin pages wider because of left sidebar added and some tables become too narrow](https://codeberg.org/forgejo/forgejo/commit/145bebc829c03cbb078e518d7364d27bcf60d96c). - * [Make PR form use toast to show error message](https://codeberg.org/forgejo/forgejo/commit/221a28436a080447f429fa2089d264e56f4980e2). - * [Rename Action.GetDisplayName to GetActDisplayName](https://codeberg.org/forgejo/forgejo/commit/be9189eddc84e942710b16b1c8c54c10aad01b63). - * [Unify search boxes](https://codeberg.org/forgejo/forgejo/commit/847f03b6a65ee251bf764f54f6114737346a43b6). - * [Detect broken git hooks](https://codeberg.org/forgejo/forgejo/commit/963df8290784d82385f7e8ad9f5c9abfd2fa2860). - * [Filter for default-branch selection](https://codeberg.org/forgejo/forgejo/commit/1090734255d70deb9886de2c1a8bb971096223ee). - * [Include resource state events in Gitlab downloads](https://codeberg.org/forgejo/forgejo/commit/bc7a247b9ea68643e3c59d4b4376dea097ffcc68). - * [Properly migrate target branch change GitLab comment](https://codeberg.org/forgejo/forgejo/commit/f0acc71ba13713f07602294b4a33028125343d47). - * [Recolor dark theme to blue shade](https://codeberg.org/forgejo/forgejo/commit/ff581d5a2415f7a3321fa6ba656ae0e972674d6c). - * [Unify organizations header](https://codeberg.org/forgejo/forgejo/commit/4b494d341f3142c066bc5b2b3cfd50f924d64fd3). - * [Auto-update the system status in admin dashboard](https://codeberg.org/forgejo/forgejo/commit/4f050f358a15dd51903e01b330a5419b2ac06693). - * [Show more settings for empty repositories](https://codeberg.org/forgejo/forgejo/commit/b03af9efb275f935bb265c7f031225caaafefaff). - * [Downscale pasted PNG images based on metadata](https://codeberg.org/forgejo/forgejo/commit/b3f2447bc4b6a7220da748cc6eb24bd5568bee7c). - * [Show `View at this point in history` for every commit](https://codeberg.org/forgejo/forgejo/commit/27bc2b9d9597de89d2c6b68581c6729bb16a4572). - * [Drop "@" from email sender to avoid spam filters](https://codeberg.org/forgejo/forgejo/commit/9a1d5c549cb6d32219647ea1a771b8a82d5ac89f). - * [Allow non-admin users to delete review requests](https://codeberg.org/forgejo/forgejo/commit/77c56e29ded5665bdc09d0a568159aa7127b44b1). - * [Some performance optimization on dashboard and issues page](https://codeberg.org/forgejo/forgejo/commit/d996c5d5179c99855e69156a034eca055e9329a4). - * [Improve user search display name](https://codeberg.org/forgejo/forgejo/commit/c3e462921ee31536e59b37e654ed20e92a37ffe6). - * [Fix UI Spacing Errors in mirror settings](https://codeberg.org/forgejo/forgejo/commit/64faecefe10613840709a68c1b8b708115d69d6e). - * [Include username in email headers](https://codeberg.org/forgejo/forgejo/commit/360b3fd17c3315ad9ad9c4e6ac02eda73f48d8ae). - * [Also match weakly validated ETags](https://codeberg.org/forgejo/forgejo/commit/28fe3db1fb0f89bcb55829ced33c1282f85f6e97). - * [Propagate install_if and provider_priority to APKINDEX](https://codeberg.org/forgejo/forgejo/commit/2da233ad8be107de29190720f1c30199410fe0cd). - * [Fix display latest sync time for pull mirrors on the repo page](https://codeberg.org/forgejo/forgejo/commit/4674aea25b54baf08594c54f061dee9e44190f02). - * [Remove trust model selection from repository creation on web page because it can be changed in settings later](https://codeberg.org/forgejo/forgejo/commit/c08d263a1900aa5ee92f56af8ad1c7a2697d02e1). - * [Add ability to see open and closed issues at the same time](https://codeberg.org/forgejo/forgejo/commit/2c3da59e275b69ebf984bb70954f42a7bcb0b49d). - * [Move sign in labels to be above inputs](https://codeberg.org/forgejo/forgejo/commit/4af0944b2604dd2b2e413864492135faea097298). - * [Move the captcha script loader to the template which really needs it](https://codeberg.org/forgejo/forgejo/commit/a04f8c0f81f55a8b927ce0fad8127db39396f892). - * [Display latest sync time for pull mirrors on the repo page](https://codeberg.org/forgejo/forgejo/commit/2d343f8987025015f5b61e328cc9e45082e6d3f2). - * [Show in Web UI if file is vendored and generated](https://codeberg.org/forgejo/forgejo/commit/7ed18566e10b298309dcc99d97447cb1932ae09a). - * [Add orphaned topic consistency check](https://codeberg.org/forgejo/forgejo/commit/e02095c5b6e04f70ae6562f5aee169f7ee93cf7a). - * [Convert to url auth to header auth in tests](https://codeberg.org/forgejo/forgejo/commit/838db2f8911690fa2115c6827ed73687db71bef1). - * [Add option to set language in admin user view](https://codeberg.org/forgejo/forgejo/commit/318634ef74dc0a9c285991692e72d3df90b8583c). - * [Fix incorrect run order of action jobs](https://codeberg.org/forgejo/forgejo/commit/f4561c44b1cad700bf41537eb4db487fff34f6c9). - * [Add missing exclusive in advanced label options](https://codeberg.org/forgejo/forgejo/commit/77506c6f6cbfa5c15d8373743415f47b2adb404d). - * [Add combined index for issue_user.uid and issue_id](https://codeberg.org/forgejo/forgejo/commit/e08f1a9cbd582c73918e401eeba36261627f44a7). - * [Add edit option for README.md](https://codeberg.org/forgejo/forgejo/commit/08552f0076204b99258f9135c77a962c302521dc). - * [Fix link to `Code` tab on wiki commits](https://codeberg.org/forgejo/forgejo/commit/709a376c518d0cfde10bb911b32fd0ea82c67b52). - * [Remove autofocus in search box](https://codeberg.org/forgejo/forgejo/commit/eae555ff2395cc1ad178f3a977d83742ae73e1d9). - * [Allow to set explore page default sort](https://codeberg.org/forgejo/forgejo/commit/16ba16dbe951763cfc026b7351e26009d1a25fdc). - * [Improve PR diff view on mobile](https://codeberg.org/forgejo/forgejo/commit/49dddd87b19aebe83e1c54a455e62529a19f61b4). - * [Properly migrate automatic merge GitLab comments](https://codeberg.org/forgejo/forgejo/commit/542badbb76408c17ce6692e99fff680bee69face). - * [Display issue task list on project cards](https://codeberg.org/forgejo/forgejo/commit/4776fde9e1caa7cee5671715144a668e19a0323c). - * [Add Index to pull_auto_merge.doer_id](https://codeberg.org/forgejo/forgejo/commit/c8602a8dfa05f653e7de8ed2e677c8967b8688f5). - * [Fix display member unit in the menu bar if there are no hidden members in public org](https://codeberg.org/forgejo/forgejo/commit/0e021cd33ee3eb3d8f204bd075e2597b7ec8b391). - * [List all Debian package versions in `Packages`](https://codeberg.org/forgejo/forgejo/commit/b36e2ca4195298d2e4516e3022b953543f62f470). - * [Allow pull requests Manually Merged option to be used by non-admins](https://codeberg.org/forgejo/forgejo/commit/1756e30e102d079f8425aa2061ef80fd36c2e57d). - * [Only show diff file tree when more than one file changed](https://codeberg.org/forgejo/forgejo/commit/572f0963edc71239634ee782a3c69213479f34ba). - * [Show placeholder email in privacy popup](https://codeberg.org/forgejo/forgejo/commit/31f8880bc252a25075f8752e2722b316c6e46ec7). - * [Revamp repo header](https://codeberg.org/forgejo/forgejo/commit/7d62615513b8985360de497e9a051b51ca0faaf2). - * [Add link to members and repositories at teams page](https://codeberg.org/forgejo/forgejo/commit/4f4ddcf3c593b474846d40e47b4351d3deb39202). - * [Add link for repositories README file](https://codeberg.org/forgejo/forgejo/commit/7210f23fa0f11da093b307029d7ab91ed40807fb). - * [Add `must-change-password` cli parameter](https://codeberg.org/forgejo/forgejo/commit/9bea276055edc9527e3d6d66df3bbf0d20326f8b). - * [Unify password changing and invalidate auth tokens](https://codeberg.org/forgejo/forgejo/commit/688d4a1f719d2df4d2626453f4bc042c1874a375). - * [Add slow SQL query warning](https://codeberg.org/forgejo/forgejo/commit/664192767c41b9d0759bcc3915c7bd6ccecc52ae). - * [Pre-register OAuth application for tea](https://codeberg.org/forgejo/forgejo/commit/a825cc0f3423f0a5c8157c436a0c7b489ef536c1). - * [Differentiate between `push` and `pull` `mirror sync in progress`](https://codeberg.org/forgejo/forgejo/commit/e709bc199fe33456c4ecd1cd28029bd31b529832). - * [Cargo package - Fix missing domain in cargo sparse url](https://codeberg.org/forgejo/forgejo/commit/a112cf34d391cc04770021f9ffaa29e383cb9d51). - * [Link to file from its history](https://codeberg.org/forgejo/forgejo/commit/33de64cb21505259338e393ef0d15ccb0f757475). - * [Add a shortcut to user's profile page to admin user details](https://codeberg.org/forgejo/forgejo/commit/e96e440b8bde5516ffc7bba42691e26084a96588). - * [Doctor: delete action entries without existing user](https://codeberg.org/forgejo/forgejo/commit/15fa0383fb5dd9ad1702dbc34ba7100c0cdbcc8c). - * [Add anchor to review types](https://codeberg.org/forgejo/forgejo/commit/89c9a498fdd6184df8afda8b5b488462e65b9e71). - * [Show total TrackedTime on issue/pull/milestone lists](https://codeberg.org/forgejo/forgejo/commit/adbc995c347e158a56264f2488997d7d59a4dd8b). - * [Improve commit record's ui in comment list](https://codeberg.org/forgejo/forgejo/commit/ed1798f66d30e3755f01e24f8cb4aa5e8b6628a0). - * [Don't show new pr button when page is not compare pull](https://codeberg.org/forgejo/forgejo/commit/b693611b35c5ae17cfc820bc3e731608a5251464). - * [Add `Hide/Show all checks` button to commit status check](https://codeberg.org/forgejo/forgejo/commit/dcb648ee71853073d54e8a6e107b764212ede58e). - * [Improvements of releases list and tags list](https://codeberg.org/forgejo/forgejo/commit/3fcad582c9b9bfe66f4a346652f82b1aaf18430d). - * [Support pasting URLs over markdown text](https://codeberg.org/forgejo/forgejo/commit/45112876766cb81ed7edd2b72a3ab93e6deab8bb). - * [Customizable "Open with" applications for repository clone](https://codeberg.org/forgejo/forgejo/commit/44221a3cd747a01d55093b15a12bf053b534da35). - * [Allow options to disable user deletion from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/767e9634d3d02acab27f05e1783391c9c7f6292e). - * [Extend issue template yaml engine](https://codeberg.org/forgejo/forgejo/commit/ff8f7a7a0d1d0f57113a6ad8b499f7c1094288f5). - * [Filter Repositories by type](https://codeberg.org/forgejo/forgejo/commit/83e04328dfff3b09e5d28dd972ebee0865f96b0e). - * [Implement code frequency graph](https://codeberg.org/forgejo/forgejo/commit/f097799953c5f510b7e3314f1e3e115761f207d0). - * [Implement recent commits graph](https://codeberg.org/forgejo/forgejo/commit/428008ac19185125b7cb1e3d379254d7b1932529). - * [Show commit status for releases](https://codeberg.org/forgejo/forgejo/commit/369fe5696697cef33a188d9b985ac4b9824a4bdf). - * [Actions Artifacts v4 backend](https://codeberg.org/forgejo/forgejo/commit/66632c4958041abdffe6adafc278d34ef515c44f). - * [Add merge style `fast-forward-only`](https://codeberg.org/forgejo/forgejo/commit/83123b493f3ae25d07d81c86b1a78afe1c17db53). - * [Retarget depending pulls when the parent branch is deleted](https://codeberg.org/forgejo/forgejo/commit/49eb16867728913d1eb2ced96e0b0b0a358f6ebe). - * [Add global setting how timestamps should be rendered](https://codeberg.org/forgejo/forgejo/commit/cdc33b29a012e61b42f192d79f9486fa8e21b2ed). - * [Add skip ci functionality](https://codeberg.org/forgejo/forgejo/commit/816e46ee7ce4b2649479554a940ecbe1cc505a3d) - * [Show latest commit for file](https://codeberg.org/forgejo/forgejo/commit/885cc32b14584ee2d01009768895b7a776441504). - * [Allow to sync tags from admin dashboard](https://codeberg.org/forgejo/forgejo/commit/4567a3a1ad0490d9077102e0e7b5de35790e5803). - * [Add Profile Readme for Organisations](https://codeberg.org/forgejo/forgejo/commit/603573366a203efae06f818a0b220be964cdac21). - * [Implement contributors graph](https://codeberg.org/forgejo/forgejo/commit/e9be8b25ae57189c4b29eaa393a397cf634d21d7). - * [Artifact deletion in actions ui](https://codeberg.org/forgejo/forgejo/commit/c551d3f3ab13379b0740fc45bc4dfc8f2fb84e16). - * [Add API routes to get runner registration token](https://codeberg.org/forgejo/forgejo/commit/baf0d402d9cb47849394202fcfc7c2e23b0faac3). - * [Add support for forking single branch](https://codeberg.org/forgejo/forgejo/commit/5e02e3b7ee8294e2ec94968ece9af56bf1aa1534). - * [Add support for sha256 repositories](https://codeberg.org/forgejo/forgejo/commit/d68a613ba8fd860863a3465b5b5945b191b87b25). - * [Add admin API route for managing user's badges](https://codeberg.org/forgejo/forgejo/commit/82b7de1360870db7a8b368a3f80ede887e32e128). -* **Bug fixes:** - * The repository home view will no longer redirect to external units. ([#2064](https://codeberg.org/forgejo/forgejo/pulls/2064)) - * User and Organization `.profile` repositories now search for a `README.md` file case insensitively. ([#2090](https://codeberg.org/forgejo/forgejo/pulls/2090)) - * When viewing a file, the RSS feed link is only displayed when there is an RSS feed provided for the context: when viewing a file on a branch. ([#2103](https://codeberg.org/forgejo/forgejo/pulls/2103)) - * Repository topic searches are now correctly paged, which should make topic management on larger instances orders of magnitudes faster. ([#2060](https://codeberg.org/forgejo/forgejo/pulls/2060)) - * Mentioning a user in a comment or similar place ignores apostrophes now. ([#2485](https://codeberg.org/forgejo/forgejo/pulls/2485)) - * Setting the `[repository].DISABLE_STARS` setting to `true` disables the functionality completely, rather than just hiding it from the user interface. - * Forking a repository is now available at a predictable URL, and does not require knowing the repository id. ([#2310](https://codeberg.org/forgejo/forgejo/pulls/2310)) - * Issue and pull request templates can now be placed in a `.forgejo` directory, like workflows. ([#2290](https://codeberg.org/forgejo/forgejo/pulls/2290)) - * [[A11Y] Fix accessibility and translatability of repo explore counters](https://codeberg.org/forgejo/forgejo/pulls/2862) - * [[A11Y] Focus styling and fix Watch/Unwatch buttons](https://codeberg.org/forgejo/forgejo/pulls/2379) - * [[A11Y] Label Stars/Forks links in repo explore](https://codeberg.org/forgejo/forgejo/pulls/2634) - * [[A11Y] Taborder in repo explore](https://codeberg.org/forgejo/forgejo/pulls/2636) - * [[ACTIONS] add proper payload to scheduled events](https://codeberg.org/forgejo/forgejo/pulls/2015) - * [[ACTIONS] Do not update PRs based on events that happened before they existed](https://codeberg.org/forgejo/forgejo/pulls/2932) - * [[ACTIONS] GetScheduledMergeByPullID may involve a system user](https://codeberg.org/forgejo/forgejo/pulls/1908) - * [[ACTIONS] Link to Workflow in View](https://codeberg.org/forgejo/forgejo/pulls/1866) - * [[ACTIONS] the ref of a scheduled action is always the default branch](https://codeberg.org/forgejo/forgejo/pulls/1941) - * [[API] Adjust name of operation](https://codeberg.org/forgejo/forgejo/pulls/2189) - * [[API] `/api/v1/{owner}/{repo}/issue_templates`](https://codeberg.org/forgejo/forgejo/pulls/2292) - * [[API] Document correct status code for creating a tag](https://codeberg.org/forgejo/forgejo/pulls/2201) - * [[API] /api/forgejo/v1/version auth check](https://codeberg.org/forgejo/forgejo/pulls/2582) - * [[API] inconsistencies](https://codeberg.org/forgejo/forgejo/pulls/2182) - * [[API] /issues/search endpoint](https://codeberg.org/forgejo/forgejo/pulls/2020) - * [[API] Make HTTPS schema default for Swagger](https://codeberg.org/forgejo/forgejo/pulls/1896) - * [[I18N] Add missing translation for more_items](https://codeberg.org/forgejo/forgejo/pulls/2828) - * [[I18N] Eliminate wrapping quotes in English locale](https://codeberg.org/forgejo/forgejo/pulls/2467) - * [[I18N] English fixes and improvements](https://codeberg.org/forgejo/forgejo/pulls/2631) - * [[I18N] Fix milestone sorting translation keys](https://codeberg.org/forgejo/forgejo/pulls/2644) - * [[I18N] Use correct translation on closed milestones](https://codeberg.org/forgejo/forgejo/pulls/2957) - * [[I18N] Use new translation key](https://codeberg.org/forgejo/forgejo/pulls/2760) - * [[PACKAGES] Delete redundant snap packaging recipe](https://codeberg.org/forgejo/forgejo/pulls/2693) - * [[PACKAGES] Fix Alpine Registry packages with noarch not being found](https://codeberg.org/forgejo/forgejo/pulls/2285) - * [[PACKAGES] Generate install if condition for Alpine](https://codeberg.org/forgejo/forgejo/pulls/2176) - * [[PACKAGES] Packagist webhook: support all events](https://codeberg.org/forgejo/forgejo/pulls/2646) - * [[PACKAGES] Fix for PyPi Registry PEP 503 Compliance](https://codeberg.org/forgejo/forgejo/pulls/3197) - * [[UI] Adjust the signed tag verification line](https://codeberg.org/forgejo/forgejo/pulls/2966) - * [[UI] Better color for labels/counters](https://codeberg.org/forgejo/forgejo/pulls/2935) - * [[UI] Better number for UserCards pagination](https://codeberg.org/forgejo/forgejo/pulls/2584) - * [[UI] Center icon and callout text](https://codeberg.org/forgejo/forgejo/pulls/3010) - * [[UI] Consistent styling for Sort filter](https://codeberg.org/forgejo/forgejo/pulls/2920) - * [[UI] Disable the RSS feed in file view for non-branches](https://codeberg.org/forgejo/forgejo/pulls/2103) - * [[UI] Disable 'View at this point in history' for wikis](https://codeberg.org/forgejo/forgejo/pulls/2999) - * [[UI] Display error message if doer is unable to fork](https://codeberg.org/forgejo/forgejo/pulls/2649) - * [[UI] Don't use `
` in alert block](https://codeberg.org/forgejo/forgejo/pulls/2741) - * [[UI] Fix admin layout](https://codeberg.org/forgejo/forgejo/pulls/3087) - * [[UI] Fix crash in issue forms](https://codeberg.org/forgejo/forgejo/pulls/3012) - * [[UI] Fix Ctrl+Enter on submitting review comment](https://codeberg.org/forgejo/forgejo/pulls/2370) - * [[UI] Fix diff patch operation in web UI](https://codeberg.org/forgejo/forgejo/pulls/2449) - * [[UI] Fixes for project selector in sidebar](https://codeberg.org/forgejo/forgejo/pulls/2608) - * [[UI] Fix must-change-password help dialog](https://codeberg.org/forgejo/forgejo/pulls/2676) - * [[UI] Fix relative links on orgmode](https://codeberg.org/forgejo/forgejo/pulls/2385) - * [[UI] Fix selector inner radius](https://codeberg.org/forgejo/forgejo/pulls/2860) - * [[UI] Fix tone of callout boxes for Forgejo dark](https://codeberg.org/forgejo/forgejo/pulls/3085) - * [[UI] Fix tooltip for 1000+ stars/forks](https://codeberg.org/forgejo/forgejo/pulls/3147) - * [[UI] include hostname in admin panel URL in new user emails](https://codeberg.org/forgejo/forgejo/pulls/1940) - * [[UI] Increase contrast of code block](https://codeberg.org/forgejo/forgejo/pulls/2874) - * [[UI] Limit amount of javascript errors being shown](https://codeberg.org/forgejo/forgejo/pulls/2175) - * [[UI] Make settings tab not active when on repository "Add units" tab](https://codeberg.org/forgejo/forgejo/pulls/2524) - * [[UI] Make write and preview tabs interactive](https://codeberg.org/forgejo/forgejo/pulls/2681) - * [[UI] New issue button position consistency](https://codeberg.org/forgejo/forgejo/pulls/2845) - * [[UI] Fix orgmode link resolver for text descriptions](https://codeberg.org/forgejo/forgejo/pulls/2276) - * [[UI] Preview: set font-size on preview content](https://codeberg.org/forgejo/forgejo/pulls/2349) - * [[UI] Fix primary button background inconsistency](https://codeberg.org/forgejo/forgejo/pulls/3002) - * [[UI] Fix regression of issue edit not working](https://codeberg.org/forgejo/forgejo/pulls/3043) - * [[UI] Fix relative links rendering](https://codeberg.org/forgejo/forgejo/pulls/2166) - * [[UI] Remember topic only in repo search](https://codeberg.org/forgejo/forgejo/pulls/2575) - * [[UI] Remove min-height from wiki elements](https://codeberg.org/forgejo/forgejo/pulls/2080) - * [[UI] Render emojis in labels in issue info popup](https://codeberg.org/forgejo/forgejo/pulls/2888) - * [[UI] Render correct label link](https://codeberg.org/forgejo/forgejo/pulls/3187) - * [[UI] Render inline file permalinks](https://codeberg.org/forgejo/forgejo/pulls/2669) - * [[UI] Fix repo badges when the label or text contains dashes](https://codeberg.org/forgejo/forgejo/pulls/2711) - * [[UI] Fix repo unarchivation button](https://codeberg.org/forgejo/forgejo/pulls/2550) - * [[UI] Restrict when to make link absolute in markdown](https://codeberg.org/forgejo/forgejo/pulls/2403) - * [[UI] Revert darker tone on labels](https://codeberg.org/forgejo/forgejo/pulls/2881) - * [[UI] Simplify converting struct to map in admin stats](https://codeberg.org/forgejo/forgejo/pulls/2442) - * [[UI] Fix the Fork button in repo headers](https://codeberg.org/forgejo/forgejo/pulls/2495) - * [[UI] Use correct logout URL](https://codeberg.org/forgejo/forgejo/pulls/2475) - * [[UI] Use separate keys for tabs on login screen](https://codeberg.org/forgejo/forgejo/pulls/2630) - * [[UI] "view file" button in diff compare view](https://codeberg.org/forgejo/forgejo/pulls/3046) - * [add Cache-Control header for health-check](https://codeberg.org/forgejo/forgejo/pulls/3060) - * [add max idle time setting for db connections](https://codeberg.org/forgejo/forgejo/pulls/2418) - * [Allow `'s` in mentions](https://codeberg.org/forgejo/forgejo/pulls/2485) - * [Avoid `WHERE IN` for comment migration query](https://codeberg.org/forgejo/forgejo/pulls/1961) - * [Cleanup characters forbidden on Windows from test fixture filenames](https://codeberg.org/forgejo/forgejo/pulls/2178) - * [Correct changed files for CODEOWNERS](https://codeberg.org/forgejo/forgejo/pulls/2507) - * [Correct default licenses to work as desired](https://codeberg.org/forgejo/forgejo/pulls/1888) - * [Detect protected branch on branch rename](https://codeberg.org/forgejo/forgejo/pulls/2811) - * [Disabling Stars should disable the routes too](https://codeberg.org/forgejo/forgejo/pulls/2471) - * [doctor: Don't say All done when no checks were run](https://codeberg.org/forgejo/forgejo/pulls/1907) - * [Do not allow deletion of internal references](https://codeberg.org/forgejo/forgejo/pulls/2834) - * [Don't color dot literal color names](https://codeberg.org/forgejo/forgejo/pulls/2905) - * [Don't delete inactive emails explicitly](https://codeberg.org/forgejo/forgejo/pulls/2880) - * [Don't overwrite protected branch accidentally](https://codeberg.org/forgejo/forgejo/pulls/2473) - * [Don't redirect the repo to external units](https://codeberg.org/forgejo/forgejo/pulls/2064) - * [Don't remove builtin OAuth2 applications](https://codeberg.org/forgejo/forgejo/pulls/3067) - * [Ensure `HasIssueContentHistory` takes into account `comment_id`](https://codeberg.org/forgejo/forgejo/pulls/2518) - * [Find README.md for user profiles case insensitively](https://codeberg.org/forgejo/forgejo/pulls/2090) - * [Fix header name in swagger response](https://codeberg.org/forgejo/forgejo/pulls/2526) - * [Fix pull request reopen conditions](https://codeberg.org/forgejo/forgejo/pulls/2373) - * [Fix unblock action](https://codeberg.org/forgejo/forgejo/pulls/3086) - * [Fix VSCode settings](https://codeberg.org/forgejo/forgejo/pulls/1881) - * [Gracefully handle missing branches on a repos branches page](https://codeberg.org/forgejo/forgejo/pulls/2139) - * [Initialize Git for hook regeneration](https://codeberg.org/forgejo/forgejo/pulls/2416) - * [Internal Server Error when resolving comments](https://codeberg.org/forgejo/forgejo/pulls/2282) - * [Load `AllUnitsEnabled` when necessary](https://codeberg.org/forgejo/forgejo/pulls/2420) - * [Makefile: check git diff exitCode](https://codeberg.org/forgejo/forgejo/pulls/2651) - * [Make pprof labels conformant with prometheus spec](https://codeberg.org/forgejo/forgejo/pulls/2933) - * [Make reference URL absolute](https://codeberg.org/forgejo/forgejo/pulls/2100) - * [misleading comparisons when comparing branches](https://codeberg.org/forgejo/forgejo/pulls/2194) - * [Block issue creation when blocked by repo owner](https://codeberg.org/forgejo/forgejo/pulls/2052) - * [NPE in `ToPullReviewList`](https://codeberg.org/forgejo/forgejo/pulls/2057) - * [NPE in `UsernameSubRoute`](https://codeberg.org/forgejo/forgejo/pulls/1981) - * [Only pass selected repository IDs to pagination](https://codeberg.org/forgejo/forgejo/pulls/1848) - * [panic in `canSoftDeleteContentHistory`](https://codeberg.org/forgejo/forgejo/pulls/2134) - * [prevent removing session cookie when redirect_uri query contains ://](https://codeberg.org/forgejo/forgejo/pulls/2590) - * [pull_request_template branch link](https://codeberg.org/forgejo/forgejo/pulls/2232) - * [Rate limit pre-activation email change separately](https://codeberg.org/forgejo/forgejo/pulls/2043) - * [Refactor LFS GC functions](https://codeberg.org/forgejo/forgejo/pulls/3056) - * [Reflect Cargo index state in settings](https://codeberg.org/forgejo/forgejo/pulls/2698) - * [Remember topic only in repo search](https://codeberg.org/forgejo/forgejo/pulls/2489) - * [Require Latex code to have a end sequence](https://codeberg.org/forgejo/forgejo/pulls/1822) - * [Respond with JSON Resource Descriptor Content-Type per RFC7033](https://codeberg.org/forgejo/forgejo/pulls/2882) - * [Fix session generation for database](https://codeberg.org/forgejo/forgejo/pulls/2045) - * [Sort file list case insensitively](https://codeberg.org/forgejo/forgejo/pulls/2522) - * [Fix the topic search paging](https://codeberg.org/forgejo/forgejo/pulls/2060) - * [Typo fix & clarify RegistrationToken](https://codeberg.org/forgejo/forgejo/pulls/2191) - * [Update checker setting updates](https://codeberg.org/forgejo/forgejo/pulls/2925) - * [Use correct format for attr-check error log](https://codeberg.org/forgejo/forgejo/pulls/2866) - * [Use correct head commit for CODEOWNER](https://codeberg.org/forgejo/forgejo/pulls/2658) - * [Use correct template for commitmail error](https://codeberg.org/forgejo/forgejo/pulls/2973) - * [Workaround borked Git version](https://codeberg.org/forgejo/forgejo/pulls/2335) - * [Remove scheduled action tasks if the repo is archived](https://codeberg.org/forgejo/forgejo/commit/87870ade49eb76ff57a8593ba35df10e0d617aa5). - * [Relax generic package filename restrictions](https://codeberg.org/forgejo/forgejo/commit/ea4755be6dfc8fc1f3c794eeaa2e2322b97d192e). - * [Prevent re-review and dismiss review actions on closed and merged PRs](https://codeberg.org/forgejo/forgejo/commit/23676bfea7ccbbe166a554115ea1f5f02800e379). - * [Add a warning for disallowed email domains](https://codeberg.org/forgejo/forgejo/commit/2559c80bec27a41967b355d214253a83b9ee5dad). - * [Skip email domain check when admins edit user emails](https://codeberg.org/forgejo/forgejo/commit/e7afba21ce2b02eb4230ba03752bd8b937f3e6ef). - * [Skip email domain check when admin users adds user manually](https://codeberg.org/forgejo/forgejo/commit/b6057a34db38e563473db00543a1e39fd743ca34). - * [Add support for API blob upload of release attachments](https://codeberg.org/forgejo/forgejo/commit/47a913d40d3417858f2ee51a7dbed64ca84eff60). - * [Allow options to disable user gpg keys configuration from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/ee6ff937c0782b9cdc7ae1bc62b7eda83982d40f). - * [Allow options to disable user ssh keys configuration from the interface on app.ini](https://codeberg.org/forgejo/forgejo/commit/bb09ad2b63570c80418b4b9a10f7dbbb349448ab). - * [Fix content size does not match error when uploading lfs file](https://codeberg.org/forgejo/forgejo/commit/fb137d1e49c0436f1db093e2dc0a2350d63e1e29). - * [Add API to get merged PR of a commit](https://codeberg.org/forgejo/forgejo/commit/1608ef0ce9ce2ea1c87aef715d111cf441637d01). - * [Add API to get PR by base/head](https://codeberg.org/forgejo/forgejo/commit/feb189554e758ed27d1e309e5ec309d663e8f338). - * [Add attachment support for code review comments](https://codeberg.org/forgejo/forgejo/commit/f95fb8cc44d790e0ae71d3f879124a6ee9b07f66). - * [Add support for action artifact serve direct](https://codeberg.org/forgejo/forgejo/commit/1f8ad34e4391673a2eda434ea5e48ea084cdc814). - * [Show whether a PR is WIP inside popups](https://codeberg.org/forgejo/forgejo/commit/50f55f11c4f785b72a39e59b0fc12ae70ab8d8b5). - * [Add artifacts v4 jwt to job message and accept it](https://codeberg.org/forgejo/forgejo/commit/a9bc590d5d10b97bd8aa050ffb720e141a600064). - * [Fix some RPM registry flaws](https://codeberg.org/forgejo/forgejo/commit/461d8b53c2e51a8a6a1715ba40ac61d7e9f93971). - * [Add branch protection setting for ignoring stale approvals](https://codeberg.org/forgejo/forgejo/commit/5d3fdd121279c758f247a76e020799aa5e548feb). - * [Added instance-level variables](https://codeberg.org/forgejo/forgejo/commit/d0f24ff4cad05c1145afeca791e7d02fe146d46a). - * [Fix the wrong HTTP response status code for duplicate packages](https://codeberg.org/forgejo/forgejo/commit/5b6258a0b94737ec3db1ce418d0c933512a71f78). - * [Don't run push mirrors for archived repos](https://codeberg.org/forgejo/forgejo/commit/f3ba3e922dde7d12999a90d6cee15805a56cc7ff). - * [Support for grouping RPMs using paths](https://codeberg.org/forgejo/forgejo/commit/ba4d0b8ffbd78473273800f586ae8bde55cda6c5). - * [Fixes #27605: inline math blocks can't be preceded/followed by alphanumerical characters](https://codeberg.org/forgejo/forgejo/commit/2adc3a45fbd60126c0eab66b9cdd177a63bd4704). - * [Fix GPG subkey verify](https://codeberg.org/forgejo/forgejo/commit/5a674dd02ed3ea2853afa02dc15dcdadba069a6e). - * [Include encoding in signature payload](https://codeberg.org/forgejo/forgejo/commit/6925c0eee43980133896f9e4ee7e48e5751e9417). - * [Fix milestoneID filter bug in issue list](https://codeberg.org/forgejo/forgejo/commit/0da787f23737d252e6c80aa1a1f665e09dba0ea9). - * [Fix Citation modal responsiveness and clipboard copy](https://codeberg.org/forgejo/forgejo/commit/ca39d743636c9732f4422e130bac974555fb43c2). - * [Fix incorrect locale Tr for gpg command](https://codeberg.org/forgejo/forgejo/commit/071d871dcf8dd8097dc0af6d4baf304a2fbbe4e2). - * [Improve a11y document and dropdown item](https://codeberg.org/forgejo/forgejo/commit/1d4bf7e211db0866774fa3f6f563e15ffadac1f6). - * [Determine fuzziness of bleve indexer by keyword length](https://codeberg.org/forgejo/forgejo/commit/ab5f0b7558229b3ab5c3946a51e58b4caae775b0). - * [Fix ellipsis button not working if the last commit loading is deferred](https://codeberg.org/forgejo/forgejo/commit/1e29bccddbeb29eec3ceb507612851021ab4d60d). - * [Fix incorrect diff expander for deletion of last lines in a file](https://codeberg.org/forgejo/forgejo/commit/85bf170ff0d54471fe88903009a3fec4ef3e6e8c). - * [Do not exceed display for the PR page buttons on smaller screens](https://codeberg.org/forgejo/forgejo/commit/e7297d423f566a383c8861c4aaee028606591038). - * [Move citation button to proper place](https://codeberg.org/forgejo/forgejo/commit/eb4061babacfee2b72f4a33412530eb9f0de3b25). - * [Expire artifacts before deleting them physically](https://codeberg.org/forgejo/forgejo/commit/7f64e4d2a3f20b7d7de6542de5e0856c643e821f). - * [Fix can not select team reviewers when reviewers is empty](https://codeberg.org/forgejo/forgejo/commit/df439b6a983865ba559e517e5e93f5f1a53a97a0). - * [Fix default avatar image size in PR diff page](https://codeberg.org/forgejo/forgejo/commit/3aed8ae03475a430c0dc8e33f42fa9269a4844bd). - * [Fix branch list bug which displayed default branch twice](https://codeberg.org/forgejo/forgejo/commit/0e6fd0d1c1e31d22707e6f06124d5bf76361eaab). - * [Set the `isPermaLink` attribute to `false` in the `guid` sub-element](https://codeberg.org/forgejo/forgejo/commit/5574968ecbc34908dfa17b28bfc79c3490eaa685). - * [Fix long package version names overflowing](https://codeberg.org/forgejo/forgejo/commit/3d474110c181df7854576d78e46209908f7e1b52). - * [Fix wrong link in user and organization profile when using relative url](https://codeberg.org/forgejo/forgejo/commit/42149ff1a816501643ec2407ed61a83bf5b65059). - * [Fix session key conflict with database keyword](https://codeberg.org/forgejo/forgejo/commit/4c29c75968f520123f125e8305b2c29198664251). - * [Fix commit status in repo list](https://codeberg.org/forgejo/forgejo/commit/0abb5633e34fd14c2d49de0b4c98f7ba7d98a37e). - * [Fix incorrect action duration time when rerun the job before executed once](https://codeberg.org/forgejo/forgejo/commit/07ba4d9f87cf21b7ce87158ae5651cae3bb35604). - * [Fix missing mail reply address](https://codeberg.org/forgejo/forgejo/commit/3081e7e1536356346f73fb4a0d00101863b2cf05). - * [Filter inactive auth sources](https://codeberg.org/forgejo/forgejo/commit/e378545f3083990eb36ff5d72477662d9787280d). - * [Refactor Find Sources and fix bug when view a user who belongs to an inactive auth source](https://codeberg.org/forgejo/forgejo/commit/1bf5527eac6b947010c8faf408f6747de2a2384f). - * [Fix issue not showing on default board and add test](https://codeberg.org/forgejo/forgejo/commit/1eae2aadae0583ab092d6ed857bb727829aa52b7). - * [Improve file history UI and fix URL escaping bug](https://codeberg.org/forgejo/forgejo/commit/d1527dac3d1e68caf5a6f54c08144e28256e5c47). - * [Fix ldap admin privileges update bug](https://codeberg.org/forgejo/forgejo/commit/7ad31567cdc8206e0080b851a9b880729266b084). -* **other** - * [[PERFORMANCE] git check-attr on bare repo if supported](https://codeberg.org/forgejo/forgejo/pulls/2763) - * [[REFACTOR] [AGIT] Refactor the AGit code](https://codeberg.org/forgejo/forgejo/pulls/2386) - * [[REFACTOR] generation of JWT secret](https://codeberg.org/forgejo/forgejo/pulls/2227) - * [[REFACTOR] PKT protocol](https://codeberg.org/forgejo/forgejo/pulls/2868) - * [Remove .exe suffix when cross-compiling on Windows](https://codeberg.org/forgejo/forgejo/commit/6acce16ee3a03df1cc06c46398f594009a0e31b9). - * [Refactor repo header/list](https://codeberg.org/forgejo/forgejo/commit/65e190ae8bd6c72d8701a58d67b256c87b92c189). - * [Update register application URL for GitLab](https://codeberg.org/forgejo/forgejo/commit/64fcf0cb64d455d5ca1420aa832aa057cf61e6dd). - * [Update golang links to use https](https://codeberg.org/forgejo/forgejo/commit/8ef53c871bcb5c007b3640a347c7868585c9e4de). - * [Teams: new View button](https://codeberg.org/forgejo/forgejo/commit/e3afe4a248ac3a961f332e2ba221bedafa3dfb7e). - * [Commit-Dropdown: Show Author of commit if available](https://codeberg.org/forgejo/forgejo/commit/300c8dedfd01ba0ea63486b644e93aa2be6785b2). - * [Refactor dropzone](https://codeberg.org/forgejo/forgejo/commit/c1ac3e5891a49bedc5e54ed5811cb2c0e058c43c). - * [When the title in the issue has a value, set the text cursor at the end of the text.](https://codeberg.org/forgejo/forgejo/commit/8c2559a72603e07fe682efddd698e1fc190b2728). - * [Load citation JS only when needed](https://codeberg.org/forgejo/forgejo/commit/f2fc2dcfc9305a42242421c718ee3673bd1c851c). - * [Refactor markdown attention render](https://codeberg.org/forgejo/forgejo/commit/ec2201a3da5f18e55bfc0a54114ac935804f4ef8). - * [Light theme color enhancements](https://codeberg.org/forgejo/forgejo/commit/23e2ace77d1612cda09bc0d08690314e7321cca3). - * [Dark theme color enhancements](https://codeberg.org/forgejo/forgejo/commit/704a59e59584041f95939e3d90260173906f946a). - * [Refactor markup/csv: don't read all to memory](https://codeberg.org/forgejo/forgejo/commit/d413a8fcacc81b6f7039371408034c9c2fc6c15f). - * [Move all login and account creation page labels to be above inputs](https://codeberg.org/forgejo/forgejo/commit/3acea02eb66ea09248ff29eb6b9cefce29fcea37). - * [Fix Gitpod logic of setting ROOT_URL](https://codeberg.org/forgejo/forgejo/commit/e52d87758272c417bb9b30e944f9b0bd33d28cb7). - * [Fix broken following organization](https://codeberg.org/forgejo/forgejo/commit/fd3b4afa2b3621ece2d7d1587fd4b017142d75a0). - * [Don't do a full page load when clicking `Watch` or `Star`](https://codeberg.org/forgejo/forgejo/commit/6992ef98fc227a60cf06e0a06b9ae2492b3d61be). - * [Fix non-alphabetic sorting of repo topics](https://codeberg.org/forgejo/forgejo/commit/a240d5dfa7e261f2fb703cf24b1ba4dc6aa47bfd). - * [Make cross-reference issue links work in markdown documents again](https://codeberg.org/forgejo/forgejo/commit/12c0487e01d3fd9fe289345c53e8a220be55e864). - * [Fix tooltip of variable edit button](https://codeberg.org/forgejo/forgejo/commit/361839fb1c8bdfb8291bbcf9bd650b21a605bbd7). - * [Disable query token param in integration tests](https://codeberg.org/forgejo/forgejo/commit/33439b733a4f69640350b9cda370963ebe9d1e0a). - * [Add merge arrow direction and update styling](https://codeberg.org/forgejo/forgejo/commit/e522e774cae2240279fc48c349fc513c9d3353ee). - * [Add links to owner home page in explore](https://codeberg.org/forgejo/forgejo/commit/dd5693387e0642e1aba05b01eeb18139ce90ef5e). - * [Render PyPi long description as document](https://codeberg.org/forgejo/forgejo/commit/876a0cb3d652f42545abdb33dc4fd71a7c3343bf). - * [Ignore temporary files for directory size](https://codeberg.org/forgejo/forgejo/commit/cb8298b7178f5dde302604bfe34c658b725f16f8). - * [Make pushUpdate error verbose](https://codeberg.org/forgejo/forgejo/commit/1bfcdeef4cca0f5509476358e5931c13d37ed1ca). - * [Add download URL for executable files](https://codeberg.org/forgejo/forgejo/commit/9341b37520e5626352bf2df52e8dbace2985c0d7). - * [Improve profile for Organizations](https://codeberg.org/forgejo/forgejo/commit/089ac06969030b0886d4e20bf8f7a757f785f158). - * [Fix Show/hide filetree button on small displays](https://codeberg.org/forgejo/forgejo/commit/e31c6cfe6e30341c502302d1c0a03138f8bf5c9f). - * [Fix merge base commit for fast-forwarded GitLab PRs](https://codeberg.org/forgejo/forgejo/commit/02dae3f84b80047bef391960eea1350d551e4d72). - * [Align ISSUE_TEMPLATE with the new label system](https://codeberg.org/forgejo/forgejo/commit/248b7ee850ecdb538b22ddcfbe80b6f91be32b70). - * [Improve the list header in milestone page](https://codeberg.org/forgejo/forgejo/commit/8abc1aae4ab5b03be0bcbdd390bb903b54ccd21a). - -## 1.21.11-2 - -[The complete list of new commits included in the Forgejo v1.21.11-2 release can be reviewed here](https://codeberg.org/forgejo/forgejo/compare/v1.21.11-1...v1.21.11-2), or from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo -$ git -C forgejo log --oneline --no-merges v1.21.11-1..v1.21.11-2 -``` - -This stable release contains a **security fix**. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.13+0-gitea-1.21.10` - -* Security fix - * [PR](https://codeberg.org/forgejo/forgejo/pulls/4047). Fixed: the OAuth2 implementation does not always require authentication for public clients, a requirement of [RFC 6749 Section 10.2](https://datatracker.ietf.org/doc/html/rfc6749#section-10.2). A malicious client can impersonate another client and obtain access to protected resources if the impersonated client fails to, or is unable to, keep its client credentials confidential. - -## 1.21.11-1 - -This stable release contains a single bug fix for a regression introduced in v1.21.11-0 by which creating a tag via the API would fail with error 500 on a repository a where Forgejo Actions workflow triggered by tags exists. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.12+0-gitea-1.21.10` - -* Bug fix - - * [error 500 on tag creation when a workflow exists](https://codeberg.org/forgejo/forgejo/issues/3327) - -## 1.21.11-0 - -[The complete list of new commits included in the Forgejo v1.21.11-0 release can be reviewed here](https://codeberg.org/forgejo/forgejo/compare/v1.21.10-0...v1.21.11-0), or from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo -$ git -C forgejo log --oneline --no-merges v1.21.10-0..v1.21.11-0 -``` - -This stable release contains bug fixes and **security fixes**. - -* Recommended Action - - We strongly recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.11+0-gitea-1.21.10` - -* Security fix - - * [Fixed a privilege escalation through git push options](https://codeberg.org/forgejo/forgejo/commit/cc80e661531794fff7f8a336eaaefdb7e3bd3956) that allows any user to change the visibility of any repository they can see, regardless of their level of access. - * [Fixed a bug that allows user-supplied, non-sandboxed JavaScript to be run from the same domain as the forge](https://codeberg.org/forgejo/forgejo/commit/8dcc7d9e8ce36d94bae1a1becddc4735f51add3c), via `/{owner}/{repo}/render/branch/{branch}/{filename}` URLs. - -* Bug fixes - - * [Use system action user to trigger scheduled action workflows](https://codeberg.org/forgejo/forgejo/commit/387aea4434488555838e55e067242509bc1510a6) - * [Close file in upload function](https://codeberg.org/forgejo/forgejo/commit/fd47240545ab1c4f10d07434c2ba00fff044236a) - * [Prevent registering runners for deleted repositories](https://codeberg.org/forgejo/forgejo/commit/fd47240545ab1c4f10d07434c2ba00fff044236a). Prevents 500 Internal Server Error in admin interface. - * [More reliable pagination support when migrating from gitbucket](https://codeberg.org/forgejo/forgejo/commit/e702e79625980b08ec060a1690b76502455acad9) - * [Fix automerge when used with actions](https://codeberg.org/forgejo/forgejo/commit/4889a3a1713d91a5ae95af4edf1bb3352d1871fd) - -## 1.21.10-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.10-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.8-0..v1.21.10-0 -``` - -This stable release contains bug fixes and a **security fix**. - -Note that there is no `Forgejo v1.21.9-0` release. The release numbering of the `Forgejo v1.21` patch series follows the Gitea release numbering. However, the publication of `Gitea v1.21.9` and `Gitea v1.21.10` were a few days apart because of a regression that is not present on Forgejo and there was no need to publish `Forgejo v1.21.9-0`. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.10+0-gitea-1.21.10` - -* Built with Go 1.21.9 and `golang.org/x/net` v0.23.0 - - It [includes vulnerability fixes](https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M/m/khALNYGdAAAJ). - - * [CVE-2023-45288](https://pkg.go.dev/vuln/GO-2024-2687) which permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. A Forgejo instance is affected if it is configured to listen to HTTPS instead of doing this via a reverse proxy. - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix to not remove repository avatars when the doctor runs with --fix on the repository archives](https://codeberg.org/forgejo/forgejo/commit/e9932a404d4bb5b22a87797094dff615eb38171a). - * [Detect protected branch on branch rename](https://codeberg.org/forgejo/forgejo/commit/611610c3c4cba12f2a835b41438a7ed54da9bc23). If a branch cannot be renamed due to a protected branch rule, show this error in the UI instead of throwing an internal server error. - * [Don't delete inactive emails explicitly](https://codeberg.org/forgejo/forgejo/commit/fb4c42deb23a67379afb29870e430e47687ccc6c). This can cause issues as the associated user might not have been deleted. It would lead to a database inconsistency and internal server errors if the user tries to activate their account. - * [Fix user interface when a review is deleted without refreshing](https://codeberg.org/forgejo/forgejo/commit/456a33e8bb770a86341dc883edc6b62264b950a1). - * [Fix paths when finding files via the web interface that were not escaped](https://codeberg.org/forgejo/forgejo/commit/b22be0c03fa4814c1b8b892346de5d4547782ce7). - * [Respect `DEFAULT_ORG_MEMBER_VISIBLE` setting when adding creator to org](https://codeberg.org/forgejo/forgejo/commit/5e5574c7b328e2c500d497517047b8d1fd0ca478). - * [Fix duplicate migrated milestones](https://codeberg.org/forgejo/forgejo/commit/706ff7aa9fcfe4c43893dc12e27d064064e80635). - * [Fix inline math blocks can't be preceded/followed by alphanumerical characters](https://codeberg.org/forgejo/forgejo/commit/0d3f446460b22a29c259e7d42ed89f90fd216ca7). - -## 1.21.8-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.8-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.7-0..v1.21.8-0 -``` - -This stable release contains bug fixes. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.8+0-gitea-1.21.8` - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix `/api/v1/{owner}/{repo}/issue_templates`](https://codeberg.org/forgejo/forgejo/commit/969d3f44101402afd9dd848e79dd5823d547a00d) which was always failing with a 500 error. - * [Prevent error 500 on /user/settings/security when SignedUser has a linked account from a deactivated authentication source](https://codeberg.org/forgejo/forgejo/commit/d9418651af8c8a3276ebc40a516109c0f33139b0). - * [Fix error 500 when pushing release to an empty repo](https://codeberg.org/forgejo/forgejo/commit/b76f370a3f8993638cad91547491b46631776f59). - * [Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize](https://codeberg.org/forgejo/forgejo/commit/e151e0467341bd25a2465ca15e81ebc0c8fa3fc4). - * [Fix error 500 when deleting account with incorrect password or unsupported login type](https://codeberg.org/forgejo/forgejo/commit/66061d28286ee3adf69747c284d40121e2e4b280). - * [handle user-defined `name` anchors like `[Link](#link)` linking to `Link`](https://codeberg.org/forgejo/forgejo/commit/03caefbb02854d5c98a26d889e0e30c910651395). - * [Use correct head commit for CODEOWNER](https://codeberg.org/forgejo/forgejo/commit/d1cebb0e884a88941e27e2280e117cc04d2665fe). - * [Fix manual merge button](https://codeberg.org/forgejo/forgejo/commit/c70719c59c410e5378c04926c66461d7b9f72884). - * [Make meilisearch do exact search for issues](https://codeberg.org/forgejo/forgejo/commit/a876ac2c7934fa0f8a66424e178b501e4a341e0f). - * [Fix PR creation via api between branches of same repo with head field namespaced](https://codeberg.org/forgejo/forgejo/commit/120a173e24fd359b0b57f2bd1021168645fab5a8). - -## 1.21.7-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.7-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.6-0..v1.21.7-0 -``` - -This stable release contains bug fixes and a **security fix**. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.7+0-gitea-1.21.7` - -* Built with Go 1.21.8 - - It [includes vulnerability fixes](https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg). - - * [CVE-2023-45290](https://go.dev/issue/65383) which could lead to memory exhaustion when parsing a multipart form. - * [CVE-2023-45289](https://go.dev/issue/65065) which could allow incorrect forwarding of sensitive headers and cookies on HTTP redirect. - -* Security fix - - * The google.golang.org/protobuf module was bumped to version v1.33.0 to fix a bug in the google.golang.org/protobuf/encoding/protojson package which could cause the Unmarshal function to enter an infinite loop when handling some invalid inputs. [Read more in the announcement](https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY). - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix tarball/zipball download bug](https://codeberg.org/forgejo/forgejo/commit/8e2c991b35de8c94899ad053e89339cea4538589). - * [Ensure `HasIssueContentHistory` takes into account `comment_id`](https://codeberg.org/forgejo/forgejo/commit/8fb027fea5e9525293802d977fd3ee0c374ba9ba). - -## 1.21.6-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.6-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.5-0..v1.21.6-0 -``` - -This stable release contains bug fixes and a **security fix**, as explained in the [v1.21.6-0 companion blog post](https://forgejo.org/2024-02-release-v1-21-6-0/). - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.6+0-gitea-1.21.6` - -* Security fix - - * [Fix XSS vulnerabilities](https://codeberg.org/forgejo/forgejo/pulls/2434). It enabled attackers to inject client-side scripts into web pages displayed to Forgejo visitors. - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Always write proc-receive hook for all git versions](https://codeberg.org/forgejo/forgejo/commit/a1fb6a2346193439dafaee5acf071632246e6dd7). - * [Fix debian InRelease Acquire-By-Hash newline](https://codeberg.org/forgejo/forgejo/commit/8a2c4e9ff2743f47a8d1f081b9e35dcc16431115). - * [Fix missing link on outgoing new release notifications](https://codeberg.org/forgejo/forgejo/commit/3a061083d65bdfc9acf0cb5839b84f6a9c17a727). - * [Workaround to clean up old reviews on creating a new one](https://codeberg.org/forgejo/forgejo/commit/8377ecbfe1f2b72ec7d65c46cbc9022ad0ccd75f). - * [Fix push to create with capitalize repo name](https://codeberg.org/forgejo/forgejo/commit/8782275c9c66ad6fc7c44503d7df9dae7196aa65). - * In Markdown [don't try to make the link absolute if the link has a schema that's defined in `[markdown].CUSTOM_URL_SCHEMES`](https://codeberg.org/forgejo/forgejo/commit/6c100083c29fb0ccf0cc52e8767e540a260d9468), because they can't be made absolute. - * [Fix Ctrl+Enter on submitting review comment](https://codeberg.org/forgejo/forgejo/commit/1c3a31d85112d10fb948d6f0b763191ed6f68e90). - * In Git version v2.43.1, the behavior of `GIT_FLUSH` was accidentally flipped. This causes Forgejo to hang on the `check-attr` command, because no output was being flushed. [Workaround this by detecting if Git v2.43.1 is used and set `GIT_FLUSH=0` thus getting the correct behavior](https://codeberg.org/forgejo/forgejo/commit/ff468ab5e426582b068586ce13d5a5348365e783). - * [When setting `url.host` on a URL object with no port specified (like is the case of default port), the resulting URL's port will not change. Workaround this quirk in the URL standard by explicitly setting port for the http and https protocols](https://codeberg.org/forgejo/forgejo/commit/628e1036cfbcfae442cb6494249fe11410447056). - * [Fix elasticsearch Request Entity Too Large](https://codeberg.org/forgejo/forgejo/commit/e6f59f6e1489d63d53de0da1de406a7a71a82adb). - * [Do not send update/delete release notifications when it is in a draft state](https://codeberg.org/forgejo/forgejo/commit/3c54a1dbf62e56d948feb1008512900140033737). - * [Do not run Forgejo Actions workflows synchronized events on the same commit as the one used to create a pull request](https://codeberg.org/forgejo/forgejo/commit/ce96379aef6e92cff2e9982031d5248ef8b01947). - * [Fix a MySQL performance regression introduced in v1.21.4-0](https://codeberg.org/forgejo/forgejo/commit/af98a0a7c6f4cbb5340974958ebe4389e3bf4e9a). - * [Fix Internal Server Error when resolving comments](https://codeberg.org/forgejo/forgejo/commit/ad67d9ef1a219b21309f811c14e7353cbc4982e3). - * Packages - * Swift: [fix a failure to resolve from package registry](https://codeberg.org/forgejo/forgejo/commit/fab6780fda5d8ded020a98253a793e87ed94f634). - * Alpine: [if the APKINFO contains an install if condition, write it in the APKINDEX](https://codeberg.org/forgejo/forgejo/commit/7afbc62057b876fb6711ef58743f664a2509dde4). - * org-mode files - * [It is possible that the description of an `Regularlink` is `Text` and not another `Regularlink`](https://codeberg.org/forgejo/forgejo/commit/781d2a68ccb276bf13caf0b378b74d9efeab3d39). - * [Fix relative links on orgmode](https://codeberg.org/forgejo/forgejo/commit/fa700333ba2649d14f1670dd2745957704a33b40). - -## 1.21.5-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.5-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.4-0..v1.21.5-0 -``` - -This stable release includes bug fixes as well as documentation improvements. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.5+0-gitea-1.21.5` - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Upgrade go-git to v5.11.0](https://codeberg.org/forgejo/forgejo/commit/faafccbcc7942b39cbc43f8014a435de4cc30f62). Although go-git is not used by Forgejo in a way that meets the requirements for the [CVE-2023-49568](https://github.com/advisories/GHSA-mw99-9chc-xw7r) and [DoS](https://github.com/go-git/go-git/security/advisories/GHSA-mw99-9chc-xw7r) vulnerabilities to be possible, it is upgraded to v5.11.0 which mitigates the issue, as a precaution. - * [Fix markdown relative links rendering](https://codeberg.org/forgejo/forgejo/commit/f8c9ff55b98adfbfbcc24efd178c114006f28336) - * [Fix NPE in `UsernameSubRoute`](https://codeberg.org/forgejo/forgejo/commit/3c7a955f05ec4c29f3c4f7412c45129b74c33e5c) - * [Fix duplication when blocking multiple users](https://codeberg.org/forgejo/forgejo/commit/3d3790ef4c6cdbcbe0cf7ec80627596f44701977) - * [Render code block in activity tab](https://codeberg.org/forgejo/forgejo/commit/766305f47c87b0199986f22402a17526b2586eca) - * [Fix reverting a merge commit failing](https://codeberg.org/forgejo/forgejo/commit/c450df40f1be3ca22f64c062cbc6046a15a6a634) - * [Fix archive creating LFS hooks and breaking pull requests](https://codeberg.org/forgejo/forgejo/commit/fd1681019528e78b764f75d11910cbdf681bfbb1) - * [Avoid duplicate JS error messages on UI](https://codeberg.org/forgejo/forgejo/commit/367dd037d25d659aff3cd3bc5df5c7e4c168d58a) - * [Fix incorrect PostgreSQL connection string for Unix sockets](https://codeberg.org/forgejo/forgejo/commit/16dbd9f2003f22beff413cbf453d99f9099afeef) - * [Fix avatar storage migration](https://codeberg.org/forgejo/forgejo/commit/fcabc262f77bc285bf5f1e4e66cf5d601d8e1820) - * [Prevent anonymous container access if `RequireSignInView` is enabled](https://codeberg.org/forgejo/forgejo/commit/5a4a151209dc74257885a5a1f991163e26210602) - * [Fix uploaded artifacts that were not overwritten](https://codeberg.org/forgejo/forgejo/commit/5dbe9596ac3274026ef4fe46889b7d440652e420) - * [Update enable_prune even if mirror_interval is not provided](https://codeberg.org/forgejo/forgejo/commit/20c436ec922a7fcb40950b3ad48365e0bd2bf1fe) - * [Strip `/` from relative links](https://codeberg.org/forgejo/forgejo/commit/c6285052dd41342782b66c9e8e3c53dce492cba4) - -* Improvements - - * [Don't remove repository's releases when mirroring](https://codeberg.org/forgejo/forgejo/commit/04904b933d138a184b361328c287487306c0f4c7) - -## 1.21.4-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.4-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.3-0..v1.21.4-0 -``` - -This stable release includes security and bug fixes as well as documentation improvements. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version. - -* Container image upgrades - - In the Forgejo container images the ssh version was upgraded to [9.3_p2-r1](https://pkgs.alpinelinux.org/packages?name=openssh&branch=v3.18) which includes a fix for [CVE-2023-48795](https://nvd.nist.gov/vuln/detail/CVE-2023-48795). - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.4+0-gitea-1.21.4` - -* Security fixes - - * [Require token for GET subscription endpoint](https://codeberg.org/forgejo/forgejo/commit/6a66e8c7486b0be873dfc55dfdef9ba056970a90) - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Gracefully handle missing branches](https://codeberg.org/forgejo/forgejo/commit/c2fa9c308f5cdb08dd84fb8ec6623a57e75d5152) when a branch is missing from Git but still lingering in the database. - * [Fix panic in `canSoftDeleteContentHistory`](https://codeberg.org/forgejo/forgejo/commit/ab1ccc55dca7fd05e59a01343e6dfe53be6195d0) - * [Check for Commit in opengraph](https://codeberg.org/forgejo/forgejo/commit/b473a44a2bb59591f3e24bfcdeed1d8fbb0f9204) - * [Handle non-existent commit in Archive request](https://codeberg.org/forgejo/forgejo/commit/0fbf761d1930f9336be6da8d17ae6032203a9381) - * [Fix NPE in `ToPullReviewList`](https://codeberg.org/forgejo/forgejo/commit/f5349b66b78968301d7dc4c45e8e08b46910aa6e) - * [Fix URL in the mail to include the host](https://codeberg.org/forgejo/forgejo/commit/ac889d42903b2ce2129a02ace620a10a6f940920) - * [Fix the event of a scheduled action](https://codeberg.org/forgejo/forgejo/commit/892a8e1f4a5cc09cc3136e0b0e6487c154c5ed2b) to be "schedule" instead of a semi-random event from the default branch. - * [Use refname:strip-2 instead of refname:short when syncing tags](https://codeberg.org/forgejo/forgejo/commit/4df056a14ecaad3ff9d963599fff8c8d7ebe87e9) - * [Fix button size in "attached header right"](https://codeberg.org/forgejo/forgejo/commit/10699872930005a79490dd47eb86438ff20f449d) - * [Fix `convert.ToTeams` on empty input](https://codeberg.org/forgejo/forgejo/commit/453d27853c18991c13b6e457032406664b07751b) - * [Hide code related setting options in repository when code unit is disabled](https://codeberg.org/forgejo/forgejo/commit/703ed272ccba55c08873f6a23e557cdc5cd498ee) - * [Fix incorrect URL for "Reference in New Issue"](https://codeberg.org/forgejo/forgejo/commit/01285dc47cd77e7c0755423af96ba6bf0e23650e) - * [Fix panic when parsing empty pgsql host](https://codeberg.org/forgejo/forgejo/commit/ad027c28181004cbf891be14bb383ed906b13521) - * [Fix alpine package files are not rebuilt](https://codeberg.org/forgejo/forgejo/commit/881159f593b8f848d52afe8d420f4f3ced34de7f) - * [Avoid cycle-redirecting user/login page](https://codeberg.org/forgejo/forgejo/commit/ea8ca5b5098d04bf5f6218ca099af32d20bb465f) - * [Fix the scroll behavior for emoji/mention list](https://codeberg.org/forgejo/forgejo/commit/fef19bcf94b2265870d21897e9bc55d6a07975d7) - * [Fix wrong due date rendering in issue list page](https://codeberg.org/forgejo/forgejo/commit/29a0e7738c0725ee8407e2714c3d890286a94fd0) - * [Fix `status_check_contexts` matching bug](https://codeberg.org/forgejo/forgejo/commit/3fe44b87627612705413e80abbe8af55fae36666) - * [Fix 405 method not allowed CORS / OIDC](https://codeberg.org/forgejo/forgejo/commit/9ad7a67fc127712f897a3c8348e9f55d7cb2f6ec) - * [Fix `GetCommitStatuses`](https://codeberg.org/forgejo/forgejo/commit/c287b1383f91024a8eba1a3f47912eecd66e19be) - * [Forbid removing the last admin user](https://codeberg.org/forgejo/forgejo/commit/5124be72aaac4ad814c1ec7a57a2e92c529d00f9) - * [Fix issue dependencies](https://codeberg.org/forgejo/forgejo/commit/2ab54a9c0671b70ab83bd3c643815ac7424a6a36) - * [Fix system webhooks API bug](https://codeberg.org/forgejo/forgejo/commit/f5764bbf269d82e7e344834a5eeb8de82356cfde) - -* Documentation - - * The Forgejo Actions [user reference guide](https://forgejo.org/docs/v1.21/user/actions/) includes [event payload examples](https://forgejo.org/docs/v1.21/user/actions/#githubevent) for pull requests and push events. It also covers most of the [jobs](https://forgejo.org/docs/v1.21/user/actions/#jobs) syntax. - * The [Forgejo command line page](https://forgejo.org/docs/v1.21/admin/command-line/) was [entirely reworked](https://codeberg.org/forgejo/docs/pulls/340) and updates are now automated. - -* Improvements - - * [Rework markup link rendering](https://codeberg.org/forgejo/forgejo/commit/875b398e5e0c53a615c861eba77d4e0ff50ff49d) - * [Modernize merge button](https://codeberg.org/forgejo/forgejo/commit/70c7ee54754e93fd2612287b1ccfc24006924651) - * [Assign pull request to project during creation](https://codeberg.org/forgejo/forgejo/commit/10b555a52b0541fa5e4bc3ddb43001abc2ce0c76) - * [Add download attribute to release attachments](https://codeberg.org/forgejo/forgejo/commit/fab93c6393f5365e2e985619f0b82e4c580874c9) - -## 1.21.3-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.3-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.2-1..v1.21.3-0 -``` - -This stable release includes bug fixes. It was built with an updated version of the [Go Cryptography](https://pkg.go.dev/golang.org/x/crypto) package that fixes [CVE-2023-48795](https://go.dev/issue/64784). As explained in the [corresponding Go issue](https://github.com/golang/vulndb/issues/2402): "The impact of this attack is relatively limited, as it does not compromise confidentiality of the channel." - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.3+0-gitea-1.21.3` - -* Security fix - - * The [Go Cryptography](https://pkg.go.dev/golang.org/x/crypto) package [is upgraded](https://codeberg.org/forgejo/forgejo/commit/9515a0ea38c179a2811e489079a68bbcc79f3cd3) to fix [CVE-2023-48795](https://go.dev/issue/64784). - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix a regression](https://codeberg.org/forgejo/forgejo/commit/dbd896ce42b2c5a1f4b4a69289fa3a38a875d04d) in how the markdown anchors are generated. For instance the anchor for `A.B.C` is `A-B-C` but was incorrectly set to `ABC`. - * [Fix the branch name of scheduled actions](https://codeberg.org/forgejo/forgejo/commit/580f29d9a2f8986c02b6ac30f2f3c177866cc81a) which [was sometime incorrectly set](https://codeberg.org/forgejo/forgejo/issues/1926). - * [Fix a visual glitch](https://codeberg.org/forgejo/forgejo/commit/b0874a0912ee97b11047bb2bd7d370b93c298d2a) when [setting an emoji in the web UI](https://codeberg.org/forgejo/forgejo/issues/1990). - * [Recently Docker started to use the optional `POST /v2/token` endpoint](https://codeberg.org/forgejo/forgejo/commit/a77398cd344be76e1cd2474063d917b286f8e9b1) which should respond with a `404 Not Found` status code instead of the current `405 Method Not Allowed`. - * [Fix a missing leading ssh:// when using a port other than 22](https://codeberg.org/forgejo/forgejo/commit/1475c1fcc4f1d5d526260a3f2068ae62c2ccaae3) when Git URLs are displayed in the web UI. - * [Allow disabling the detection of ambiguous unicode characters](https://codeberg.org/forgejo/forgejo/commit/cd5a0ec1c88edc238469657731e209a0080e9bfc) with the new setting `AMBIGUOUS_UNICODE_DETECTION=false`. - * [Fix a regression with the issue references rendering in wiki pages](https://codeberg.org/forgejo/forgejo/commit/40fa6a526a1cb42889eddd5135f2749cc092fff5). - * [Fix merging artifact chunks error when minio storage basepath is set](https://codeberg.org/forgejo/forgejo/commit/bea2c52572d62781228099812e56b2e7051e7ab0) - * [Fix missing information in the blame page web UI](https://codeberg.org/forgejo/forgejo/commit/1f8d01c74d75c0b426b7b7a95cc1ca3bfe1b853c). - -## 1.21.2-1 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.2-1` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.2-0..v1.21.2-1 -``` - -This stable release contains a **security fix**, as explained in the [v1.21.2-1 companion blog post](https://forgejo.org/2023-12-release-v1-21-2-1/). - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.2+0-gitea-1.21.2` - -* Security fix - - The project page [of private users](https://forgejo.org/2023-12-release-v1-21-2-1/) is no longer publicly visible. - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * The default preferred licenses for the [[repository].PREFERRED_LICENSES](https://forgejo.org/docs/v1.21/admin/config-cheat-sheet/#repository-repository) setting were incorrect and have been [fixed to be `Apache-2.0` and `MIT`](https://codeberg.org/forgejo/forgejo/commit/5258e8f63d649b016d5c5d0e37422723bef26dac). - * A failed cron job can [no longer cause the Forgejo instance to shutdown](https://codeberg.org/forgejo/forgejo/commit/026a4bb02d8ac0b0dd90eb8a89c25ae18abca34f). - * A pull request merged by a workflow using the [automatic token](https://forgejo.org/docs/v1.21/user/actions/#automatic-token) with the `auto merge` flag [no longer cause an error 500 when displaying the pull request page](https://codeberg.org/forgejo/forgejo/commit/4148fb27dbc337a433b41d6d450d48fad73239cc). - * [Tentative fix for when the database branch cache is out of sync with the branches found in Git repositories](https://codeberg.org/forgejo/forgejo/commit/14750f3d11c8d065d3f9af31b8b4ee8d28acd0a5). When in doubt it is recommended to click on `Sync missed branches from git data to databases` in the `/admin` dashboard. - -## 1.21.2-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.2-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.21.1-0..v1.21.2-0 -``` - -This stable release includes bug fixes. It was built with Go v1.21.5 that fixes [CVE-2023-39326](https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo) which a malicious HTTP client can exploit to cause a server to automatically read a large amount of data. It allows for memory exhaustion in the situation that HTTP chunked encoding requests can reach Forgejo. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.21/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/) - - The semantic version was updated to `6.0.1+0-gitea-1.21.2` - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [OAuth2 uses the link_account page when the email or username is missing](https://codeberg.org/forgejo/forgejo/commit/e6fb2107f2843a09c3a72c3629bcee50c4797a6c) - * [Avoid conflicts of issue and PR numbers in GitLab migration](https://codeberg.org/forgejo/forgejo/commit/272d0a4c20987e33fa132fc94d996e0c6fdb86d7) - * [Only pass selected repository IDs to pagination](https://codeberg.org/forgejo/forgejo/commit/2552bb7b6ec51a094c9d800589991b1556fba798) - * [Add download URL for executable files](https://codeberg.org/forgejo/forgejo/commit/958a20865b897daaa4c26a3ba4b195ba2e854223) - * [Fix Forgejo repositories migration to also include issues, prs etc.](https://codeberg.org/forgejo/forgejo/commit/61fc5c514a6b3f99560b0df5e4cdb7df94763984) - * [Fix template substitution bug preventing notifications to be sent on new user registration](https://codeberg.org/forgejo/forgejo/commit/bc0078a50a6ab341ca4af15ce5d3fd221e6e9e0d) - * [When searching for issues, require that all terms are matched instead of one of them](https://codeberg.org/forgejo/forgejo/commit/13c0df40de319db2c4c2ec11a9a9dc5cf9eaf681) - * [Ignore temporary files when calculating the size of a repository](https://codeberg.org/forgejo/forgejo/commit/b17113bb06b57211b9c264b6953a783e7d0bb9a2) - * [Convert git commit summary to valid UTF8](https://codeberg.org/forgejo/forgejo/commit/346635605da024c3a0a6e7f4d63de1632459f4d6) - * [Fix incorrect default value of `[attachment].MAX_SIZE`](https://codeberg.org/forgejo/forgejo/commit/52f8fde69f121af6f72685fd08dc45b4b3e89004) - * [Fix object does not exist error when checking citation file](https://codeberg.org/forgejo/forgejo/commit/1ce155c5a695f07a9252b4ffc8c9ae7d48ebf7ec) - -* Improvements - - * [new doctor check: fix-push-mirrors-without-git-remote](https://codeberg.org/forgejo/forgejo/commit/1fea3ce6592afca7f8d16c147effd343244746fa) - * [Add `HEAD` support for RPM registry](https://codeberg.org/forgejo/forgejo/commit/ce3a24ef5f80413514e8de28ff47e77acccf0d2b) - -## 1.21.1-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.21/forgejo) included in the `Forgejo v1.21.1-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges origin/v1.20/forgejo..origin/v1.21/forgejo -``` - -- **[Forgejo Semantic Version](https://forgejo.org/docs/v1.21/user/semver/):** - The semantic version was updated to `6.0.0+0-gitea-1.21.0` because it contains breaking changes. - -- **Breaking:** - Note that the modifications related to CSS, templates or assets (images, fonts, etc.) are not documented here. - Although they can be extracted and modified, Forgejo does not provide any guarantee that such changes - will be portable from one version to another (even a patch version). A [Q&A discussion is available](https://codeberg.org/forgejo/discussions/issues/84) - to share tips and tricks. A new section was also added - [to the developer documentation about interface customization](https://forgejo.org/docs/v1.21/developer/customization/). - - If you have custom asset files, e.g. custom themes, inside `custom/public/*` (css included), you need to transfer these files to `custom/public/assets/*` for them to be detected. Read more [in the documentation](https://forgejo.org/docs/v1.21/developer/customization/) and the [Q&A discussion dedicated to interface customization](https://codeberg.org/forgejo/discussions/issues/84). - - Git [branches are stored in the databases](https://codeberg.org/forgejo/forgejo/commit/6e19484f4d3bf372212f2da462110a1a8c10cbf2) to reduce the calls to a git process and improve performances. After upgrading, login as an admin, go to the `/admin` page and click run **Sync missed branches from git data to databases**. If this is not done there will be messages such as `LoadBranches: branch does not exist` in the logs. - - [Some Forgejo CLI options have changed](https://codeberg.org/forgejo/forgejo/commit/d0dbe52e76f3038777c3b50066e3636105387ca3) and scripts may need to be updated. For instance `--verbose` is no longer a global option and is implemented on a per sub-command basis. Check `forgejo --help` or `forgejo docs` for more information. - - [Remove "CHARSET" config option for MySQL and always use "utf8mb4"](https://codeberg.org/forgejo/forgejo/commit/ce46834b938eb687152a680669ada95a26304178). It has been a requirement for years and specifying anything else is likely to cause issues. Existing MySQL databases still using `utf8` can be converted using the CLI: `forgejo doctor convert`. - - [Restrict certificate type for builtin SSH server](https://codeberg.org/forgejo/forgejo/pulls/1172). This is a breaking change for setups where the builtin SSH server is being used and for some reason host certificates were being used for authentication. - - [Set SSH_AUTHORIZED_KEYS_BACKUP to false by default](https://codeberg.org/forgejo/forgejo/commit/469d89b95a1ce18dd34808a95c7230375e828e24). There is no automatic cleanup of these backups and can end up using a significant amount of disk space over time. - - [The minimum RSA keylength is now 3072 instead of 2048](https://codeberg.org/forgejo/forgejo/commit/c533991519816313dfaa0ddcec183756a97b9348). - - Prior to this release, a token scoped to read or write permissions on issues was allowed to access both issues and pull requests, regardless of the restrictions imposed to the team in which they belong. In a team it is possible to grant finer grained permissions, for instance to allow a user to access issues but not pull requests. These restrictions are [now enforced](https://codeberg.org/forgejo/forgejo/commit/f4310d74ee65500ef02064256808530e09da76a0) and API calls that previously succeeded on `/api/v1/repos/{org}/{repo}/issues` or other endpoints common to both issues and pull requests could return 404. Granting the user the necessary permissions in the team in which they belong will allow them to use that endpoint again. -- **Forgejo Actions:** - It is now enabled by default but should still be considered alpha stage and subject to unannounced breaking changes. - - The API can now be used to manage secrets for [users](https://code.forgejo.org/api/swagger/#/user/updateUserSecret), [organizations](https://code.forgejo.org/api/swagger/#/organization/orgListActionsSecrets) and [repositories](https://code.forgejo.org/api/swagger/#/repository/updateRepoSecret). - - [Registration tokens can register multiple runners](https://codeberg.org/forgejo/forgejo/commit/9b698362a333de2c388499f1a64d39545b0263bd) instead of a single one. Read more [about runner registration](https://forgejo.org/docs/v1.21/admin/actions/#registration). - - [Add](https://codeberg.org/forgejo/forgejo/commit/35a653d7edbe0d693649604b8309bfc578dd988b) support for [variables in addition to secrets](https://forgejo.org/docs/v1.21/user/actions/#variables). - - [Add](https://codeberg.org/forgejo/forgejo/commit/0d55f64e6cd3de2e1e5c0ee795605823efb14231) support for [recurring actions similar to cron jobs](https://forgejo.org/docs/v1.21/user/actions/#onschedule). - - [Add](https://codeberg.org/forgejo/forgejo/commit/19872063a3c14256a1d89b2a104d63e7538a3a28) the possibility to [disable workflows from the user interface](https://forgejo.org/docs/v1.21/user/actions/#list-of-runners-and-their-tasks). - - [Add](https://codeberg.org/forgejo/forgejo/commit/460a2b0edffe71d9e64633beaa1071fcf4a33369) automatic [cleanup of artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts). - - [Add](https://codeberg.org/forgejo/forgejo/commit/44781f9f5c4ede618660d8cfe42437f0e8dc22a0) automatic cancellation [of jobs when pushing new commits](https://forgejo.org/docs/v1.21/user/actions/#auto-cancellation-of-workflows) to a PR. - - [Add](https://codeberg.org/forgejo/forgejo/commit/f3d293d2bbe0b2eab047bdd403046069cffbc0c4) support for [uploading multiple artificats](https://forgejo.org/docs/v1.21/user/actions/#artifacts). - - [Add](https://codeberg.org/forgejo/forgejo/commit/48e5a74f215d78813a816c57fc5a85a909a003d5) support for the [`pull_request_target` event](https://forgejo.org/docs/v1.21/user/actions/#onpull_request_target) which has access to secrets because it runs using the workflows from the base branch instead of the pull request. - - [Add](https://codeberg.org/forgejo/forgejo/commit/8228751c55d6a4263f0fec2932ca16181c09c97d) support for reading labels from the runner [instead of specifying them during registration](https://forgejo.org/docs/v1.21/admin/actions/#registration). -- **Features:** - - With the Chroma upgrade from [2.7.0](https://github.com/alecthomas/chroma/releases/tag/v2.7.0) to [2.10.0](https://github.com/alecthomas/chroma/releases/tag/v2.10.0) syntax highlighting is now available for [Smali](https://github.com/alecthomas/chroma/pull/765), [DHCP](https://github.com/alecthomas/chroma/pull/772), [WebGPU Shading Language](https://github.com/alecthomas/chroma/pull/776), [AutoHotkey](https://github.com/alecthomas/chroma/commit/4779f9035a3aaea3ec650f0923657c12e12dd35a), [AutoIt](https://github.com/alecthomas/chroma/commit/029798b351baa9c3d0dd5ec16e87ab98486d843c), [tal (uxntal)](https://github.com/alecthomas/chroma/commit/e422a6286fdc61393deb09afd270293eb590d023), [ArangoDB Query Language (AQL)](https://github.com/alecthomas/chroma/pull/794), [BIND DNS Zone](https://github.com/alecthomas/chroma/pull/796), [Odin](https://github.com/alecthomas/chroma/pull/802), [Sourcepawn](https://github.com/alecthomas/chroma/pull/804), [CPP](https://github.com/alecthomas/chroma/pull/813), [C](https://github.com/alecthomas/chroma/pull/815). New files and extensions are associated as follows: [.tpp as a c++](https://github.com/alecthomas/chroma/pull/817), [.eex as a Elixir](https://github.com/alecthomas/chroma/pull/820), [Pipfile and poetry.lock as a TOML](https://github.com/alecthomas/chroma/pull/821), [ISCdhcpd filename](https://github.com/alecthomas/chroma/pull/822), [.twig](https://github.com/alecthomas/chroma/pull/833), [Mathematica](https://github.com/alecthomas/chroma/pull/836). - - With the go-enry upgrade from [v2.8.4](https://github.com/go-enry/go-enry/releases/tag/v2.8.4) to [v2.8.6](https://github.com/go-enry/go-enry/releases/tag/v2.8.6), language detection in the repository now includes: - - Bluespec BH: [atom-haskell/language-haskell](https://github.com/atom-haskell/language-haskell) - - D2: [terrastruct/d2-vscode](https://github.com/terrastruct/d2-vscode) - - Go Workspace: [golang/vscode-go](https://github.com/golang/vscode-go) - - Gradle Kotlin DSL: [nishtahir/language-kotlin](https://github.com/nishtahir/language-kotlin) - - Hosts File: [Alhadis/language-etc](https://github.com/Alhadis/language-etc) - - LOLCODE: [KrazIvan/LOLCODE-grammar-vscode](https://github.com/KrazIvan/LOLCODE-grammar-vscode) - - MDX: [wooorm/markdown-tm-language](https://github.com/wooorm/markdown-tm-language) - - Nasal: [BobDotCom/Nasal.tmbundle](https://github.com/BobDotCom/Nasal.tmbundle) - - Nushell: [hustcer/nu-grammar](https://github.com/hustcer/nu-grammar) - - Pact: [kadena-io/pact-atom](https://github.com/kadena-io/pact-atom) - - RBS: [soutaro/vscode-rbs-syntax](https://github.com/soutaro/vscode-rbs-syntax) - - Rez: [textmate/rez.tmbundle](https://github.com/textmate/rez.tmbundle) - - Sweave: [textmate/sweave.tmbundle](https://github.com/textmate/sweave.tmbundle) - - TL-Verilog: [adamint/tlv-vscode](https://github.com/adamint/tlv-vscode) - - Typst: [michidk/typst-grammar](https://github.com/michidk/typst-grammar) - - WDL: [broadinstitute/wdl-sublime-syntax-highlighter](https://github.com/broadinstitute/wdl-sublime-syntax-highlighter) - - WGSL: [wgsl-analyzer/wgsl-analyzer](https://github.com/wgsl-analyzer/wgsl-analyzer) - - WebAssembly Interface Type: [bytecodealliance/vscode-wit](https://github.com/bytecodealliance/vscode-wit) - - [Newly pushed branches show in the web UI with a link to create a PR](https://codeberg.org/forgejo/forgejo/commit/6375419468edc95fdfac94aac3b0e10b23743557). Read more [about the `New Pull Request` button](https://forgejo.org/docs/v1.21/user/pull-requests-and-git-flow/#create-a-pull-request). - - Labels that are no longer useful [can be archived](https://codeberg.org/forgejo/forgejo/commit/cafce3b4b5afb3f254a48e87f1516d7b5dc209b6). They can no longer be selected but they remain on existing issues. Read more [about archiving labels](https://forgejo.org/docs/v1.21/user/labels/#archiving-labels). - - The blame view now [takes into account](https://codeberg.org/forgejo/forgejo/commit/ed64f1c2b835bf9332bf8347be9675ef29c8274b) the [`.git-blame-ignore-revs`](https://git-scm.com/docs/git-config#Documentation/git-config.txt-blameignoreRevsFile) file. - - [Pre-register OAuth2 applications for git credential helpers](https://codeberg.org/forgejo/forgejo/commit/63ab92d7971e4931e98f014f2c5385d2242fa780). Read more in the git authentication section of the [user guide](https://forgejo.org/docs/v1.21/user/oauth2-provider/#git-authentication) and the [administrator guide](https://forgejo.org/docs/v1.21/admin/oauth2-provider/#git-authentication). - - Admins can be [notified via email](https://codeberg.org/forgejo/forgejo/commit/9b7bbae8c4cd5dc4d36726f10870462c8985e543) when a new user registers to help fight spam bots by setting `[admin].SEND_NOTIFICATION_EMAIL_ON_NEW_USER = true`. - - When a page display the history of changes for a file, [file rename are detected and displayed](https://codeberg.org/forgejo/forgejo/commit/ea23594cdbb12c32dc28638f65bf40e37d344e5f). - - Packages [can be configured to redirect requests to the S3 server](https://codeberg.org/forgejo/forgejo/commit/c890454769562e0ec2978e123aaf3d9a43e5ef4f) for clients that support this feature. - - When a PR contains multiple commits, it is now possible [review to each commit independently](https://codeberg.org/forgejo/forgejo/commit/55532061c83d38d33ef48bdc5eeac0f652844e8a). Read more [about selecting commits for review](https://forgejo.org/docs/v1.21/user/pull-requests-and-git-flow/#reviews). - - Issues can [be deleted in batch](https://codeberg.org/forgejo/forgejo/commit/a1c5057fe81c25dfd1777e9625eb5480c45897ea). - - An email can be associated with [an Organisations](https://codeberg.org/forgejo/forgejo/commit/6598d0291cf7dfeb00cb5e5d18faf2bf46fad596). - - The CODEOWNERS file is [interpreted to automatically set reviewers on PRs](https://codeberg.org/forgejo/forgejo/commit/3bdd48016f659c440d6e8bb57386fab7ad7b357b). The CODEOWNERS file is loaded from these paths in this order: `./CODEOWNERS`, `./docs/CODEOWNERS`. - - Issue search [were reworked entirely](https://codeberg.org/forgejo/forgejo/commit/1e76a824bcd71acd59cdfb2c4547806bc34b3d86) to fix the shortcomings of the previous implementation. - - [Allow "latest" to be used as a release tag when downloading a file](https://codeberg.org/forgejo/forgejo/commit/a7d9a70552410d797cefc87b177b33ca4a1a60c4). - - [Authentication via reverse proxy is available and disabled by default](https://codeberg.org/forgejo/forgejo/commit/e97e883ad50774f249c8c694598c25a17227299b). - - [Add API for changing avatars](https://codeberg.org/forgejo/forgejo/commit/254a82842addb1475611789107c3720e37394879). -- **User Interface:** - - [Show OpenID Connect and OAuth on the signup page](https://codeberg.org/forgejo/forgejo/commit/63b53af933d748f9b4e0f1273e3701b4c3d08ac3). - - [Show branches and tags that contain the commit being displayed](https://codeberg.org/forgejo/forgejo/commit/bd6ef718548767ff209048eb8443a067106908bf) - - [Add 'Show on a map' button to the location in the usr profile](https://codeberg.org/forgejo/forgejo/commit/d58c5425799335ea57f27461f99ddd1078e9b2de). - - [Render plaintext task list items for markdown files](https://codeberg.org/forgejo/forgejo/commit/eaea530d6bc84b23e6ff14ff8c2a74aa3b67ecd0). - - The administrators user details page [was modified](https://codeberg.org/forgejo/forgejo/commit/5b5bb8d3546e6504b689b01d3ac4897dda3aee3d). - - When mirroring a repository fails, [a `Retry` button allows to re-create it](https://codeberg.org/forgejo/forgejo/commit/865d2221c0f4b2a8623ff9299930c9bab0da2c78). - - Package cleanup [can be triggered from from administration web interface](https://codeberg.org/forgejo/forgejo/commit/0c6ae61229bce9d9ad3d359cee927464968a2dd1). - - In the page displaying the [list of branches, it is now possible to search them by name](https://codeberg.org/forgejo/forgejo/commit/47b878858ada27fc4c74eeadcc1e467d2da90e04). - - [Display all user types (including bots) org types on the administration web interface](https://codeberg.org/forgejo/forgejo/commit/198a9ca6350954a6d3327a408021fec2bc0fc805). - - [Improve opengraph previews](https://codeberg.org/forgejo/forgejo/commit/5743d7cb5bcd85c88ad7d128e0162893a074418b). - - [Render code blocks in the repository description](https://codeberg.org/forgejo/forgejo/commit/3d109861ddf95846905143b4cf39129bf253161e). - - [Add `member`, `collaborator`, `contributor`, and `first-time contributor` roles and tooltips](https://codeberg.org/forgejo/forgejo/commit/d2e4039def61d9cc9952be462216001125327270) next to the author. - - It is no longer possible to [change the run user in the installation page](https://codeberg.org/forgejo/forgejo/commit/d17a848fe275c3e8734a4dfcaf2eae8ca0dc361c). - - [Update emoji set](https://codeberg.org/forgejo/forgejo/commit/e882398c5acb99db555553acc2da89db73713710) to [Unicode 15](https://unicode.org/versions/Unicode15.0.0/). - - [Improve the image diff user interface](https://codeberg.org/forgejo/forgejo/commit/09faf43ef822ca4dbdfb2a2714ad43a782acf6e8). - - Allow [rebuilding the issue index from the cron task list in the admin panel](https://codeberg.org/forgejo/forgejo/commit/47fddaadc8b4c8d4d4359d6209b9fe06d6387a30). -- **Enhancements:** - - [Improve the privacy of the user profile settings](https://codeberg.org/forgejo/forgejo/commit/ff90c87c878b03e7beabac5f19396e0db2c25a1e). - - [Add the upload URL to the release API](https://codeberg.org/forgejo/forgejo/commit/a9ce570298d4541bc1b5598dc080d9e4541de17b). - - [Allow editing existing push mirrors from the settings page of a repository](https://codeberg.org/forgejo/forgejo/commit/ab388deb0e52c058a19dbd844bdd890f7cf84d51). - - [Add a link to the OpenID issuer URL in the WebFinger response](https://codeberg.org/forgejo/forgejo/commit/df55f9b189174767296e562389948e5250f1df73). - - [Support copy protected branches with template repositories](https://codeberg.org/forgejo/forgejo/commit/037c9895a7406b42f88991295382db18f98dbef9). - - [In the administration web interface, split the lfs size from repository size](https://codeberg.org/forgejo/forgejo/commit/4aba8a6a5ff96f0995ada7e183c7864f8f5bc05c). -- **Bug fixes:** - - [Allow empty Conan files](https://codeberg.org/forgejo/forgejo/commit/d513628db90415a27e887c3cf349309b3ad44d55). - - [Fix the incorrect route path in the user edit page. ](https://codeberg.org/forgejo/forgejo/commit/323135b97b219d7fb10557fb9d9156c6bef3ae62). - - [Add auth-required to config.json for Cargo sparse registry](https://codeberg.org/forgejo/forgejo/commit/a587d2526163153a4d992527fe6040d578beaa83). - - [Rewrite the DiffFileTreeItem and fix misalignment ](https://codeberg.org/forgejo/forgejo/commit/48c4a7e75cf2717f00c9691ca26688aa4db0a17a). - - [Do not "guess" the file encoding/BOM when using API to upload files](https://codeberg.org/forgejo/forgejo/commit/22eeede885327fca0328b7d5b153e7a6c4211ffa). -- **Security:** - - [Do not show the profile README when a repository is private](https://codeberg.org/forgejo/forgejo/commit/6a7a5ea32ab61a608b52029f778e8df76b04f489). - - A [security.txt files is provided by default](https://codeberg.org/forgejo/forgejo/pulls/1201/files) and other static files [can also be added](https://codeberg.org/forgejo/forgejo/commit/52fb9367734100847249d074e2bc17f2aa91053e). - -## 1.20.6-1 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.6-1` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.6-0..v1.20.6-1 -``` - -This stable release contains a **security fix**. - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.8+0-gitea-1.20.6` - -* Security fix - - The project page [of private users](https://forgejo.org/2023-12-release-v1-21-2-1/) is no longer publicly visible. - -* Bug fix - - * [Consider executable files as a valid case when returning a downloadURL for them](https://codeberg.org/forgejo/forgejo/issues/1825). They are just regular files with the difference being the executable permission bit being set. - -* New doctor check and fix - - * Adds a [new doctor check: fix-push-mirrors-without-git-remote](https://codeberg.org/forgejo/forgejo/pulls/1853). The new check looks for push mirrors that do not have their remotes configured in git. If automatic fixing is enabled, it will remove these push mirrors from the database. - -## 1.20.6-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.6-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.5-1..v1.20.6-0 -``` - -This stable release contains a **security fix**, as explained in the [v1.20.6-0 companion blog post](https://forgejo.org/2023-11-release-v1-20-6-0/). - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.7+0-gitea-1.20.6` - -* Breaking change - - Prior to this release, a token scoped to read or write permissions on issues was allowed to access both issues and pull requests, regardless of the restrictions imposed to the team in which they belong. In a team it is possible to grant finer grained permissions, for instance to allow a user to access issues but not pull requests. These restrictions are now enforced and API calls that previously succeeded on `/api/v1/repos/{org}/{repo}/issues` or other endpoints common to both issues and pull requests could return 404. Granting the user the necessary permissions in the team in which they belong will allow them to use that endpoint again. - -* Security fix - - Additional API and web [endpoints now fail](https://forgejo.org/2023-11-release-v1-20-6-0/) when given manually crafted identifiers. - -## 1.20.5-1 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.5-1` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.5-0..v1.20.5-1 -``` - -This stable release contains **critical security fixes**, as explained in the [v1.20.5-1 companion blog post](https://forgejo.org/2023-11-release-v1-20-5-1/). - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.6+0-gitea-1.20.5` - -* Security fixes - - * API and web [endpoints now fail](https://forgejo.org/2023-11-release-v1-20-5-1/) when given manually crafted identifiers. - * When an extension is added to the URL of a user profile (e.g. `/myuser.rss`) it is now [verified to be visible](https://codeberg.org/forgejo/forgejo/commit/d7408d8b0b04afd2a3c8e23cc908e7bd3849f34d). - * `docker login` now fails with basic auth [when 2FA is enabled](https://codeberg.org/forgejo/forgejo/commit/44df78edd40076b349d50dc5fb02af417a44cfab). - -* Bug fixes - - The most prominent bug fixes are described below. Others can be found in the list of commits included in the release as described above. - - * Create the ActionTaskOutput [table for new Forgejo instances](https://codeberg.org/forgejo/forgejo/commit/c0ccd4c2d7ac586276ab65bd2dfbf4eba7e71cd6). - * [Restricted users only see repos in orgs which their team was assigned to](https://codeberg.org/forgejo/forgejo/commit/f302373eb4ea04f3b655d8f8bb27bc3ff3027276). - * Release assets are now [taken into account during a migration](https://codeberg.org/forgejo/forgejo/commit/1fd3cc32170ff9a36419083541bb2e1ad612df92) from GitLab, Forgejo or Gitea. - * When `webhook.PROXY_URL` is set, the `ALLOWED_HOST_LIST` setting is [now properly enforced](https://codeberg.org/forgejo/forgejo/commit/d6798ae0159e58b427e9ad894ca3e0ee272efdb2). - * It is now possible to access `///attachments/` [with an application token](https://codeberg.org/forgejo/forgejo/commit/f142ae18c093d4cb5ccc7eeec8beac0212e466a0) and the attachments API download URL is usable. - -## 1.20.5-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.5-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.4-1..v1.20.5-0 -``` - -This stable release contains an **important security fix**, as explained in the [v1.20.5-0 companion blog post](https://forgejo.org/2023-10-release-v1-20-5-0/). - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.5+0-gitea-1.20.5` - -* Security fix - - * When a user logs into Forgejo, they can click the **Remember This Device** checkbox and their browser will store a **Long-term authentication** token provided by the server, in a cookie that will allow them to stay logged in for an extended period of time. The implementation was inherently insecure and was [reworked](https://codeberg.org/forgejo/forgejo/commit/51988ef52bc93b63184d28395d10bf3b76914ad0). Read more about this issue in the [v1.20.5-0 blog post](https://forgejo.org/2023-10-release-v1-20-5-0/). - -* Bug fixes - - The most prominent bug fixes are described below. Others can be found in the list of commits included in the release as described above. - - * [Fix the display of pull requests waiting for review](https://codeberg.org/forgejo/forgejo/commit/4b23f11864) on the `/pulls` page. It incorrectly included all reviews. - * [Fix a v1.20 regression preventing access to files with OAuth2 tokens](https://codeberg.org/forgejo/forgejo/commit/3e8c3b7c09) in private repositories. - * [Fix](https://codeberg.org/forgejo/forgejo/commit/101cfc1f82) a bug by which the `doctor` command [complains the `deleted_branch` table is missing](https://codeberg.org/forgejo/forgejo/issues/1522) although it should not. - * [Fix the release URL in webhooks](https://codeberg.org/forgejo/forgejo/commit/1b1f878204) so that `URL` points to the API URL and `HTMLURL` points to the web page. - * [Fix organization field being null in POST /orgs/{orgid}/teams](https://codeberg.org/forgejo/forgejo/commit/f8bf284794). - -## 1.20.4-1 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.4-1` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.4-0..v1.20.4-1 -``` - -This stable release includes bug fixes. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.4+0-gitea-1.20.4` - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix the followers and following list that only showed the first page](https://codeberg.org/forgejo/forgejo/commit/c041114a20fcaaf0931da81dcb542a930e8f9c5f) - * [Fix issue templates preventing the creation of any new issues when blank issues are not authorized](https://codeberg.org/forgejo/forgejo/commit/64a418dfc778665f56cb20d678f3c10dbb62ddca) (regression introduced in v1.20.4-0) - -## 1.20.4-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.4-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.3-0..v1.20.4-0 -``` - -This stable release includes bug fixes and two features. - -* Recommended Action - - We recommend that all Forgejo installations are [upgraded](https://forgejo.org/docs/v1.20/admin/upgrade/) to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.3+0-gitea-1.20.4` - -* Features - - * [Log slow SQL queries](https://codeberg.org/forgejo/forgejo/commit/fa25b9eec63c073e16f4595459880e4ee8797913) to help identify bottlenecks on large Forgejo instances - * [Add `branch_filter` to hooks API endpoints](https://codeberg.org/forgejo/forgejo/commit/19a49e763a013dec4c3fcf3e9e2be89c7009bb3b) - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Ignore the trailing slashes when comparing oauth2 redirect_uri](https://codeberg.org/forgejo/forgejo/commit/2f6d011503a35a1eede96f5a13b2a9868c06b3ae) - * [Fix the reopen logic for agit flow pull request](https://codeberg.org/forgejo/forgejo/commit/5abca17b644ded3c3ab8869db1d34f9bd678f18e) - * [Fix the missing display of user projects](https://codeberg.org/forgejo/forgejo/commit/ef46b01168e251fad92ed46102b5faad75a5bcb1) - * [Fix](https://codeberg.org/forgejo/forgejo/commit/08762875d7362ee207bbd320123cbb0ad4cf70d2) issue templates [that failed to save checkboxes](https://codeberg.org/forgejo/forgejo/pulls/1317) - * [Fix accessibility issues preventing focus and selection](https://codeberg.org/forgejo/forgejo/commit/66016b3fe3a9646e5d9c8b4c2d88b1da7a908ccf) - * [Fix being unable to use a repo that prohibits accepting PRs as a PR source](https://codeberg.org/forgejo/forgejo/commit/1d228e6ee93525bd630c4a915febd98d159f1824) - * [Forgejo doctor database fix](https://codeberg.org/forgejo/forgejo/commit/0b1175f21b403ff59c0c3f7a759de8d0fe13bee8) to repair a condition preventing the owner of an organization from creating a repository - * [Fix dashboard filters having no effect](https://codeberg.org/forgejo/forgejo/commit/a6c2201dd41706a000ca96bdcd3e89df96e342fd) - * [Also check the email blocklists when adding new emails to existing accounts](https://codeberg.org/forgejo/forgejo/commit/d5845521a842418ae8f6dfcad8368ba2a6035f54) - * [Sync tags when adopting repos](https://codeberg.org/forgejo/forgejo/commit/6b5ef0fad754a863eb7d91eefa8301dd9a5a84b5) - * [Fix an error when pushing a new branch and there is a requirement that all commits are signed](https://codeberg.org/forgejo/forgejo/commit/193e04c43b556e0a25c260149429945ba2164efa) - -## 1.20.3-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.3-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.2-0..v1.20.3-0 -``` - -This stable release includes bug fixes and a safeguard against a -regression that may lead to data loss. The `[storage*]` sections in the -`app.ini` file may cause the files for some subsystems - Attachments, -LFS, Avatars, Repository avatars, Repository archives, Packages - to -be merged together or misplaced. The safeguard detects this situation -and Forgejo will not start to prevent data loss. If your instance is in -this situation, [follow the instructions in the companion blog post](https://forgejo.org/2023-08-release-v1-20-3-0/). - -* Recommended Action - - We recommend that all Forgejo installations are upgraded to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.2+0-gitea-1.20.3` - -* Breaking changes - - * [Fix some bugs in how the storage sections are interpreted](https://codeberg.org/forgejo/forgejo/commit/815682c88) in the `app.ini` file. Read more about this issue in the [v1.20.3-0 blog post](https://forgejo.org/2023-08-release-v1-20-3-0/) - * [Add sanity checks](https://codeberg.org/forgejo/forgejo/commit/ee0e4848e) to detect an `app.ini` configuration that [needs manual fixing to preserve storage](https://forgejo.org/2023-08-release-v1-20-3-0/) - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix links to pull request reviews sent via mail](https://codeberg.org/forgejo/forgejo/commit/88e179d5ef8ee41f71d068195685ff098b38ca31). The pull request link was correct but it did not go the review and stayed at the beginning of the page - * [Recognize OGG as an audio format](https://codeberg.org/forgejo/forgejo/commit/622ec5c79f299c32ac2667a1aa7b4bf5d7c2d6cf) - * [Consistently show the last time a cron job was run in the admin panel](https://codeberg.org/forgejo/forgejo/commit/5f769ef20) - * [Fix NuGet registry v2 & v3 API search endpoints](https://codeberg.org/forgejo/forgejo/commit/471138829b0c24fe8c621dbb866ae8bb45ebc674) - * [Allow html code to be parsed in markdown files](https://codeberg.org/forgejo/forgejo/commit/e7d0475e1) - * [Fix incorrect color of the selected assignees when creating an issue](https://codeberg.org/forgejo/forgejo/commit/c7d7490b2) - * [Add missing MinIO region on client initialization](https://codeberg.org/forgejo/forgejo/commit/927cbe62b) - * [Add pull request review request webhook event](https://codeberg.org/forgejo/forgejo/commit/99c8dab9d) - * [Fix bad url in the wiki due to incorrect unescaping](https://codeberg.org/forgejo/forgejo/commit/e0f6956a4) - * [Fix the sort menu that was broken when displaying a custom profile from the `.profile` repository](https://codeberg.org/forgejo/forgejo/commit/fa92a6a4c) - * [Workaround](https://codeberg.org/forgejo/forgejo/commit/3d211dea2) MariaDB [performance issue on large Forgejo instances](https://codeberg.org/forgejo/forgejo/issues/1161) - * [Display human-readable text](https://codeberg.org/forgejo/forgejo/commit/2729bb3c6) instead of [numerical file modes](https://en.wikipedia.org/wiki/File-system_permissions#Numeric_notation) - * [The CLI exit code now is different from zero when an error occurs](https://codeberg.org/forgejo/forgejo/commit/089af9ab1) - * [Fix error when a Debian package has a double newline character at the end of the control block](https://codeberg.org/forgejo/forgejo/commit/dd7180846) - * [Fix a condition that would cause git related tasks to hang for longer than necessary in the queues and use too many resources as a result](https://codeberg.org/forgejo/forgejo/commit/36f8fbe1b) - * [Fix the topic validation rule and support dots](https://codeberg.org/forgejo/forgejo/commit/a578b75d7) - * [Fix pull request check list when there are more than 30](https://codeberg.org/forgejo/forgejo/commit/e226b9646) - * [Fix attachment clipboard copy on insecure origin](https://codeberg.org/forgejo/forgejo/commit/12ac84c26) - * [Fix the profile README rendering](https://codeberg.org/forgejo/forgejo/commit/84c3b60a4) that [was inconsistent with other markdown files renderings](https://codeberg.org/forgejo/forgejo/issues/833) - * [Fix API leaking the user email when the caller is not authenticated](https://codeberg.org/forgejo/forgejo/commit/d89003cc1) - -## 1.20.2-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.2-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.20.1-0..v1.20.2-0 -``` - -This stable release includes bug fixes and displays [warnings in the administration panel](https://codeberg.org/forgejo/forgejo/commit/28f4029e40) when deprecated entries are found in `app.ini`. - -* Recommended Action - - We recommend that all Forgejo installations are upgraded to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/) - - The semantic version was updated to `5.0.1+0-gitea-1.20.2` - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Add missing assets to the Forgejo sources tarball](https://codeberg.org/forgejo/forgejo/commit/e14d239005) - * [Fix user type selection error when creating a user](https://codeberg.org/forgejo/forgejo/commit/268569b462) and selecting `public` or `private`. - * [Fix access check for org-level project](https://codeberg.org/forgejo/forgejo/commit/5afb0294f4) - * [Warn instead of reporting an error when a webhook cannot be found](https://codeberg.org/forgejo/forgejo/commit/4c3dcdf815) - * [Set MAX_WORKERS](https://codeberg.org/forgejo/forgejo/commit/5a4b19435d) to a value lower than 10 if the number of available CPUs is low to avoid overloading the host. - * [Fix bug when pushing to a pull request which enabled dismiss approval automatically](https://codeberg.org/forgejo/forgejo/commit/4640c53386) - * [Fix handling of plenty Nuget package versions](https://codeberg.org/forgejo/forgejo/commit/7bb8526736) - * [Update email-setup.en-us.md](https://codeberg.org/forgejo/forgejo/commit/31f2ce3998) - * [Fix bugs](https://codeberg.org/forgejo/forgejo/commit/9654d71bb2) in [LFS meta garbage collection](https://codeberg.org/forgejo/forgejo/issues/1113) - * [Fix UI regression of asciinema player](https://codeberg.org/forgejo/forgejo/commit/f3c26de1f4) - * [Fix LFS object list style](https://codeberg.org/forgejo/forgejo/commit/f20cfc291c) - * [Fix CLI allowing creation of multiple user access tokens with the same name](https://codeberg.org/forgejo/forgejo/commit/b699e1d340) - * [Fix](https://codeberg.org/forgejo/forgejo/commit/f4a8f10f64) router logger [preventing separating the logs in different files](https://codeberg.org/forgejo/forgejo/issues/1123). - * [added ssh mirror workaround description](https://codeberg.org/forgejo/forgejo/commit/d9d38b6244) - * [Fix wrong workflow status when rerun a job in an already finished workflow](https://codeberg.org/forgejo/forgejo/commit/e2101ae572) - * [Fix escape problems in the branch selector](https://codeberg.org/forgejo/forgejo/commit/9fae415030) - * [Fix handling of Debian files with trailing slash](https://codeberg.org/forgejo/forgejo/commit/4be3270e87) - * [fix Missing 404 swagger response docs for /admin/users/{username}](https://codeberg.org/forgejo/forgejo/commit/1cd4d4b00e) - * [Use stderr as fallback if the log file can't be opened](https://codeberg.org/forgejo/forgejo/commit/942d02f8e9) - -## 1.20.1-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.20/forgejo) included in the `Forgejo v1.20.1-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges origin/v1.19/forgejo..origin/v1.20/forgejo -``` - -- **[Forgejo Semantic Version](https://forgejo.org/docs/v1.20/user/semver/):** - The semantic version was updated to `5.0.0+0-gitea-1.20.1` because it contains breaking changes. -- **Breaking:** - - [Scoped access tokens](https://codeberg.org/forgejo/forgejo/commit/18de83b2a3fc120922096b7348d6375094ae1532) or (Personal Access Tokens), were refactored and although existing tokens are still valid, they may have a different scope than before. To ensure that no tokens have a larger scope than expected they must be removed and recreated. - - If your `app.ini` has one of the following `[indexer].ISSUE_INDEXER_QUEUE_TYPE`, `[indexer].ISSUE_INDEXER_QUEUE_BATCH_NUMBER`, `[indexer].`, `[indexer].ISSUE_INDEXER_QUEUE_DIR`, `[indexer].ISSUE_INDEXER_QUEUE_CONN_STR`, `[indexer].UPDATE_BUFFER_LEN`, `[mailer].SEND_BUFFER_LEN`, `[repository].PULL_REQUEST_QUEUE_LENGTH` or `[repository].MIRROR_QUEUE_LENGTH`, Forgejo will abort immediately. Unless you know exactly what you're doing, you must comment them out so the default values are used. - - The `-p` option of `environment-to-ini` is [no longer supported](https://codeberg.org/forgejo/forgejo/commit/fa0b5b14c2faa6a5f76bb2e7bc9241a5e4354189) - - The ".png" suffix for [user and organizations is now reserved](https://codeberg.org/forgejo/forgejo/commit/2b91841cd3e1213ff3e4ed4209d6a4be89c2fa79) - - The section `[git.reflog]` is [now obsolete and its keys have been moved](https://codeberg.org/forgejo/forgejo/commit/2f149c5c9db97f20fbbc65e32d1f3133048b11a2) to the following replacements: - * `[git.reflog].ENABLED` → `[git.config].core.logAllRefUpdates` - * `[git.reflog].EXPIRATION` → `[git.config].gc.reflogExpire` - - The [logger](https://codeberg.org/forgejo/forgejo/commit/4647660776436f0a83129b4ceb8426b1fb0599bb) used to display Forgejo's was refactored and has new settings, different from the previous one found at `log..` in `app.ini`. Check the [documentation](https://forgejo.org/docs/v1.20/admin/config-cheat-sheet/#log-log) and `app.example.ini` for more information. The SMTP logger was removed. - - Forgejo will refuse to start if [the refactored path & config system](https://codeberg.org/forgejo/forgejo/commit/061b68e99) does not pass sanity checks (e.g. WORK_PATH must be absolute). - - Manually set [WORK_PATH](https://forgejo.org/docs/v1.20/admin/config-cheat-sheet/#overall-default) in `app.ini`. - If the `app.ini` file is writable by the user under which the Forgejo server runs and `WORK_PATH` is not set, - the server will add it. Otherwise it will log an error starting with `Unable to update WORK_PATH`. - One of the consequences of not setting `WORK_PATH` in `app.ini` is that pushing to a repository via ssh is - [likely to fail as explained in the corresponding bug report](https://codeberg.org/forgejo/forgejo/issues/1118). - Read the technical details in the [commit that implements the WORK_PATH change](https://codeberg.org/forgejo/forgejo/commit/061b68e99). - - The user profile can be customized with [a Markdown file](https://codeberg.org/forgejo/forgejo/commit/c090f87a8db5b51e0aa9c7278b38ddc862c048ac). - The profile page of a user is rendered using the `README.md` file of the `.profile` repository, if it exists. It is a - breaking change because **it will display the .profile/README.md of a pre-existing repository, private or not**. - - The [API endpoint pagination](https://codeberg.org/forgejo/forgejo/commit/0a3c4d4a595cc7e12462dde393ed64186260f26b) for team members was fixed: it now starts at 1 instead of 0, just like all other paginated API endpoints. - - The `SSH_KEYGEN_PATH` variable in `app.ini` now defaults to using the [Go SSH key parsing instead of the `ssh-keygen` binary](https://codeberg.org/forgejo/forgejo/commit/7a8a4f54321f208ebbb0f708a5f0e49c4cd4cc04). When `START_SSH_SERVER` is true, the decision to use the Go SSH key parsing or an external binary will now depend on the value of `SSH_KEYGEN_PATH` instead of always using the Go SSH key parsing. - - The storage settings were [refactored](https://codeberg.org/forgejo/forgejo/commit/d6dd6d641b593c54fe1a1041c153111ce81dbc20). Read more about [storage settings](https://forgejo.org/docs/v1.20/admin/storage/). - - [The [repository.editor] PREVIEWABLE_FILE_MODES setting was removed](https://codeberg.org/forgejo/forgejo/commit/84daddc2fa74393cdc13371b0cc44f0444cfdae0). This setting served no practical purpose and was not working correctly. Instead a preview tab is always shown in the file editor when supported. - - In addition to the already deprecated options inside [queue], many options have been dropped as well. Those are WRAP_IF_NECESSARY, MAX_ATTEMPTS, TIMEOUT, WORKERS, BLOCK_TIMEOUT, BOOST_TIMEOUT, BOOST_WORKERS. You can remove them from your app.ini now. Additionally, some default values have changed in this section. - - The default CSS and templates included in Forgejo were heavily refactored and a large number of variables renamed. These changes are not documented and there is a very high chance that a template extracted and modified for a particular Forgejo instance will no longer work as it did. Browsing through the git history of the template in the sources is the best way to figure out how and why it was modified. -- **Moderation:** - Blocking another user is desirable if they are acting maliciously or are spamming your repository. When you block a user, Forgejo does not explicitly notify them, but they may learn through an interaction with you that is blocked. [Read more about blocking users](https://forgejo.org/docs/v1.20/user/blocking-user/). -- **Package:** - New registries are available for [SWIFT](https://forgejo.org/docs/v1.20/user/packages/swift), [debian](https://forgejo.org/docs/v1.20/user/packages/debian), [RPM](https://forgejo.org/docs/v1.20/user/packages/rpm), [alpine](https://forgejo.org/docs/v1.20/user/packages/alpine), [Go](https://forgejo.org/docs/v1.20/user/packages/go) and [CRAN](https://forgejo.org/docs/v1.20/user/packages/cran). -- **Accessibility:** - numerous improvements for [issue comments](https://codeberg.org/forgejo/forgejo/commit/6c354546547cd3a9595a7db119a6480d9cd506a7), [the menu on the navbar](https://codeberg.org/forgejo/forgejo/commit/a78e0b7dade16bc6509b943fe86e74962f1b95b6), [scoped labels](https://codeberg.org/forgejo/forgejo/commit/e8935606f5f1fff3c59222ebca6d4615ab06fb0b), [checkboxes and dropdowns](https://codeberg.org/forgejo/forgejo/commit/d4f35bd681af0632da988e15306f330e020422b2), [RTL rendering support to Markdown](https://codeberg.org/forgejo/forgejo/commit/32d9c47ec7706d8f06e09b42e09a28d7a0e3c526), [file (re-)views](https://codeberg.org/forgejo/forgejo/commit/e95b42e187cde9ac4bd541cd714bdb4f5c1fd8bc), [interactive tooltips](https://codeberg.org/forgejo/forgejo/commit/87f0f7e670c6c0e6aeab8c4458bfdb9d954eacec), [using a button element](https://codeberg.org/forgejo/forgejo/commit/81fe5d61851c0e586af7d32c29171ceff9a571bb), [repository list](https://codeberg.org/forgejo/forgejo/commit/e82f1b15c7120ad13fd3b67cf7e2c6cb9915c22d) and more. -- **Time:** - The display and localization of time was improved for [tooltips](https://codeberg.org/forgejo/forgejo/commit/b7b58348317cbe0145dc453d45c886b8e2764b4c), [milestones](https://codeberg.org/forgejo/forgejo/commit/97176754beb4de23fa0f68df715c4737919c93b0), [due date and translations that contain dates](https://codeberg.org/forgejo/forgejo/commit/70bb4984cdad9a15d676708bd345b590aa42d72a), [commit graphs](https://codeberg.org/forgejo/forgejo/commit/5bc9f7fcf9aece92c3fa2a0ea56e5585261a7f28), [runners](https://codeberg.org/forgejo/forgejo/commit/62ca5825f73ad5a25ffeb6c3ef66f0eaf5d30cdf), [webhooks](https://codeberg.org/forgejo/forgejo/commit/dbb37367854d108ebfffcac27837c0afac199a8e), [tests](https://codeberg.org/forgejo/forgejo/commit/3d266dd0f3dbae7e417c0e790e266aebc0078814) and more. Previously each rendered timestamp would be static, now the real time since an event happened is show. If a comment was added 2 minutes before the page rendered it would show as "2 minutes ago" on the initial render and if another 8 minutes have passed, without a page refresh you'd see "10 minutes ago". -- **[Wiki](https://forgejo.org/docs/v1.20/user/wiki/)** - - Improve the [display of the table of content](https://codeberg.org/forgejo/forgejo/commit/1ab16e48cccc086e7f97fb3ae8a293fe47a3a452) - - Fixed a bug [preventing team users who have wiki write permission from deleting a page](https://codeberg.org/forgejo/forgejo/commit/284b41f45244bbe46fc8feee15bbfdf66d150e79) - - [Shows the External Link icon and URL in the header](https://codeberg.org/forgejo/forgejo/commit/d347208114966166ffa9655adc5b202676546c31) to indicate that the user will be sent to an external side to help prevent fishing - - Allow dash in [titles](https://codeberg.org/forgejo/forgejo/commit/b39a5bbbd610ba30651218658caaec1c86d6bca1) -- **[Actions](https://forgejo.org/docs/v1.20/user/actions/)** - - The internal CI graduated from **experimental** to **[alpha](https://en.wikipedia.org/wiki/Software_release_life_cycle#Alpha)**. It now has with a [user](https://forgejo.org/docs/v1.20/user/actions) documentation that includes examples and an extensive [administrator](https://forgejo.org/docs/v1.20/admin/actions) guide to set it up. - - [Forgejo Actions](https://forgejo.org/docs/v1.20/user/actions/) workflows are [now available](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/.forgejo/workflows) to run tests and publish releases for `Forgejo` itself. - - The Woodpecker CI configuration for PR verification and building releases for Forgejo v1.18 and v1.19 is no longer maintained as part of Forgejo itself and was moved to its [own repository](https://codeberg.org/forgejo-contrib/forgejo-ci-woodpecker). -- **[Templates](https://forgejo.org/docs/v1.20/user/issue-pull-request-templates/)** - - [Configuration for the issue templates](https://codeberg.org/forgejo/forgejo/commit/f384b13f1cd44be3a87df5553a0099390dacd010). [Read more about issue config](https://forgejo.org/docs/v1.20/user/issue-pull-request-templates/#syntax-for-issue-config) in the documentation. - - [Add validations.required check to the dropdown field](https://codeberg.org/forgejo/forgejo/commit/5c0745c0349f0709d0fc36fd8a97dcab86bce28a) - - [Issue template support markdown edition](https://codeberg.org/forgejo/forgejo/commit/c4303efc23ea19f16ee826809f43888ee4583ebb) - - [Use a general Eval function for expressions in templates](https://codeberg.org/forgejo/forgejo/commit/5b89670a318e52e271f65d96bfe1116d85d20988) - - [reload-templates CLI](https://codeberg.org/forgejo/forgejo/commit/3588edbb08f93aaa56defa82dffdbb202cd9aa4a) -- **User Interface and User eXperience** - - The web editor used when creating issues, adding comments, etc. [changed](https://codeberg.org/forgejo/forgejo/commit/5cc0801de90d16b4d528e62de11c9b525be5d122) from [EasyMDE](https://github.com/Ionaru/easy-markdown-editor) which was no longer actively maintained to [GitHub markdown](https://github.com/github/markdown-toolbar-element). To help with the transition it is still possible to switch back to using EasyMDE using the double arrow button in the menubar. - - [Improve wiki sidebar and TOC](https://codeberg.org/forgejo/forgejo/commit/51789ba12) - - [Show outdated comments in the files changed tab of a pull request review](https://codeberg.org/forgejo/forgejo/commit/30a783879) - - [Redirect to package after version deletion](https://codeberg.org/forgejo/forgejo/commit/c27a3af72) - - Use a [separate admin page to show stats](https://codeberg.org/forgejo/forgejo/commit/520eb57d7642a5fca3df319e5b5d1c7c9018087c) - - [Improve avatar compression and resizing](https://codeberg.org/forgejo/forgejo/commit/82224c54e0488738dbd3b7eccf56ab08b6790627) - - [Add button to compare force pushed commits in pull requests](https://codeberg.org/forgejo/forgejo/commit/545495dcb0a4cb9d820132dde4f1127f7fe91aa4) - - [When creating a new file in a repository via the web user interface allow for a path to be pasted](https://codeberg.org/forgejo/forgejo/commit/7f9d58fab8a3c4fd1a8f18d58e36fbfab7b30f33) - - [Allows "video" HTML tag to be used in MarkDown, with the src, autoplay, and controls attributes](https://codeberg.org/forgejo/forgejo/commit/de6c718b46ebd3b7f6362c766eed328044d95ec7) - - [Add "Reviewed by you" filter for pull requests](https://codeberg.org/forgejo/forgejo/commit/10cdcb9ea8077098921d72720f9f36fcfd950452) - - [Make Ctrl+Enter submit a pending comment (starting review) instead of submitting a single comment](https://codeberg.org/forgejo/forgejo/commit/188c8c12c290e131fb342e3203634828652b0af5) - - If an instance chooses to disable new pull or push mirrors or mirrors entirely, an appropriate message will [now be shown to the user in the Repository Settings](https://codeberg.org/forgejo/forgejo/commit/35ce7ca25b5756441949312d79aa6382f98ce8d6) - - [Change `Close` to either `Close issue` or `Close pull request`](https://codeberg.org/forgejo/forgejo/commit/39d3711f3036db42d7ddf73dbdb125be611bcbba) - - [Make Issue/PR/projects more compact](https://codeberg.org/forgejo/forgejo/commit/4a722c9a45659e7732258397bbb3dd1039ea1952) - - [Improve RSS user interface](https://codeberg.org/forgejo/forgejo/commit/59d060622d375c4123ea88e2fa6c4f34d4fea4d3) - - [Add details summary for vertical menus in settings to allow toggling](https://codeberg.org/forgejo/forgejo/commit/58536093b3112841bc69edb542189893b57e7a47) - - [Show visibility status of email in own profile](https://codeberg.org/forgejo/forgejo/commit/5e1bd8af5f16f9db88cfeb5b80bdf731435cacfb) - - [Improve the protected branch setting page](https://codeberg.org/forgejo/forgejo/commit/72e956b79a3b2e055bb5d4d5e20e88eaa2eeec96) - - [Improve the display of the pull request branch delete button](https://codeberg.org/forgejo/forgejo/commit/774d1a0fbdadd1136b6af895f8d449b0c8db54cb) - - [Fix the color for repository transfer related buttons when having no permission to act](https://codeberg.org/forgejo/forgejo/commit/7abe958f5b507efa676fb3b2e27d30517f6d1908) - - [Add a progressbar to Milestone Page](https://codeberg.org/forgejo/forgejo/commit/7d192cb674bc475b123c84b205aca821247c5dd1) - - [Nicer display when the list of notifications is empty](https://codeberg.org/forgejo/forgejo/commit/8251b317f7b7a2b5f626a02fa3bb540a1495e81d) - - [Rename board to column in projects](https://codeberg.org/forgejo/forgejo/commit/843f81113ebe71fd725210c5a382268333865cc7) - - [Improve header bar on issue, pull requests and milestone](https://codeberg.org/forgejo/forgejo/commit/8f4dafcd4e6b0b5d307c3e060ffe908c2a96f047) - - [Add organization visibility label when displayed on the dashboard](https://codeberg.org/forgejo/forgejo/commit/97b70a0cd40e8f73cdf6ba4397087b45061de3d8) - - [Unification of registration fields order](https://codeberg.org/forgejo/forgejo/commit/b9fad73e9fcf40e81cde3304198105af6c668421) - - [Append `(comment)` when a link points at a comment rather than the whole issue](https://codeberg.org/forgejo/forgejo/commit/ca905b82df7f1d2a823d8df4448d485e5902876d) - - [Add visibility (private, limited) in the dashboard navbar](https://codeberg.org/forgejo/forgejo/commit/d949d8e074407a96dbcfa98a71ccd80527b5ad78) - - [Show all activities in the dashboard, not just the most recent ones](https://codeberg.org/forgejo/forgejo/commit/f4920c9c7f5947d3b6476610f39bc3492ab4ef3b) - - [Do not display the stars in the repository list of the dashboard](https://codeberg.org/forgejo/forgejo/commit/06c067bb0f9eeb8873ddc298819b30fc5913943f) - - [Improve the display of tags to include the tag message](https://codeberg.org/forgejo/forgejo/commit/b78c955958301dde72d8caf189531f6e53c496b4) - - [Hide the target selector if a tag exists when creating a new release](https://codeberg.org/forgejo/forgejo/commit/3de9e63fd04d61e08fcbdec035c9f138347d9f37) - - [Show the calculated commit status state of the latest commit on the default branch for each repository in the dashboard repository list](https://codeberg.org/forgejo/forgejo/commit/4810fe55e3e73edb962052df46bef125eb1817b3) - - [Sort users and orgs on the explore page by recency](https://codeberg.org/forgejo/forgejo/commit/4daf40505a5f89747982ddd2f1df2a4001720846) - - [Show the number of repositories in the user or organization profile](https://codeberg.org/forgejo/forgejo/commit/52b17bfa07fea29441cd961da4edaf1ea97fe348) - - [Review management (requesting again and discard) now happens at the top of the pull request](https://codeberg.org/forgejo/forgejo/commit/a70d853d064a97f0be1d3702a9c3912494b546ec) - - [Add markdown preview when submitting a review](https://codeberg.org/forgejo/forgejo/commit/b5c26fa825e08122843ad6d27191d399a9af1c37) - - [Support no label/assignee filter and batch clearing labels/assignees](https://codeberg.org/forgejo/forgejo/commit/b807d2f6205bf1ba60d3a543e8e1a16f7be956df) - - [Display when a repo was archived](https://codeberg.org/forgejo/forgejo/commit/c41bc4f1279c9e1e6e11d7b5fcfe7ef089fc7577) - - [Improve squash merge commit author and co-author with private emails](https://codeberg.org/forgejo/forgejo/commit/d647e74502fdf734c89b3e6592a9ad88c3005971) - - [Allow adding new files to an empty repo](https://codeberg.org/forgejo/forgejo/commit/e422342eebc18034ef586ec58f1e2fff0340091d) - - [Move `Rename branch` from repo settings page to the page of branches list](https://codeberg.org/forgejo/forgejo/commit/e8173c2c33f1dd5b0a2c044255434d414cab62d2) - - [Add "Updated" column for admin repositories list](https://codeberg.org/forgejo/forgejo/commit/94d6b5b09d49b2622c2164a03cfae45dced96c74) - - [Hide the merge box of a pull request if it is merged and the branch was deleted](https://codeberg.org/forgejo/forgejo/commit/e9b39250b285f1b9cbf9739f33c06fc57401f314) - - [The repository migration can be canceled](https://codeberg.org/forgejo/forgejo/commit/f6e029e6c7849d4361abf7f1d749b5d528364ac4) - - [Add button on the diff header to copy the file name](https://codeberg.org/forgejo/forgejo/commit/c5ede35124c8d5280219c24049bb0ad7da9f02ed) - - [Add --quiet option to the dump CLI](https://codeberg.org/forgejo/forgejo/commit/cb1536471bcef4d78a3fe5cbd738b9f60fabbcc2) - - [Support searching for an issue with its number in the list of issues](https://codeberg.org/forgejo/forgejo/commit/1144b1d129de530b2c07dfdfaf55de383cd82212) - - [Improve the list of notifications](https://codeberg.org/forgejo/forgejo/commit/f7ede92f82f7f3ec7bb31a1249f9524e5b728f34) - - [When editing a file in the web UI, allow for a preview whenever possible](https://codeberg.org/forgejo/forgejo/commit/ac64c8297444ade63a2a364c4afb7e6c1de5a75f) - - [Make release download URLs human readable](https://codeberg.org/forgejo/forgejo/commit/42919ccb7cd32ab67d0878baf2bac6cd007899a8) - - [Add a tooltip to `Publish Review` explaining why they are disabled](https://codeberg.org/forgejo/forgejo/commit/a8c30a45fa49a3a551b1dca882960008c254bb3d) - - [Show the file tree view by default when browsing the changes in a pull request](https://codeberg.org/forgejo/forgejo/commit/72eedfb91584720da774909d3f078b7d515c9fdd) - - [Allow both fullname search in the author dropdown search of the issue list when `DEFAULT_SHOW_FULL_NAME` is true](https://codeberg.org/forgejo/forgejo/commit/661e78bed5c0879c32c53eb60f3d6898b93e1f08) -- **Performance** - - [Improve performances when listing issues](https://codeberg.org/forgejo/forgejo/commit/9bbb4d8d6) - - [Speedup loading the list of authors in the dropdown of the list of issues](https://codeberg.org/forgejo/forgejo/commit/6eb678374b583079a0a08b7ed0c9ca220c0c0434) - - [Use minio/sha256-simd for accelerated SHA256](https://codeberg.org/forgejo/forgejo/commit/1319ba6742a8562453646763adad22379674bab5) - - [Speed up HasUserStopwatch & GetActiveStopwatch](https://codeberg.org/forgejo/forgejo/commit/ef4fc302468cc8a9fd8f65c4ebdc6f55138450d1) - - [Do not create commit graph for temporary repos](https://codeberg.org/forgejo/forgejo/commit/0268ee5c37b8ad733678f02bc15ec8642da62c10) - - [Faster git.GetDivergingCommits](https://codeberg.org/forgejo/forgejo/commit/75ea0d5dba5dbf2f84cef2d12460fdd566d43e62) - - [Order pull request conflict checking by recently updated, for each push](https://codeberg.org/forgejo/forgejo/commit/df48af22296ccce8e9bd18e5d35c9a3cdf5acb0f) - - [MySQL integration tests](https://codeberg.org/forgejo/forgejo/commit/49f68518c2a2bd36ca0106045bd84de01dec4b61) run twice faster low end machines and use an order of magnitude less disk I/O -- **Authentication** - - [Add ntlm authentication support for mail](https://codeberg.org/forgejo/forgejo/commit/8be6da3e2fd0b685aeb6b9e7fd9dee5a4571163a) - - [LDAP filters include both username and email address](https://codeberg.org/forgejo/forgejo/commit/b8c19e7a11525da4174b6f80f87ff3e844d03d8a) - - [Allow for PKCE flow without client secret](https://codeberg.org/forgejo/forgejo/commit/7d855efb1fe6b97c5d87492f67ed6aefd31b2474) - - [Add the ability to set multiple redirect URIs in the OAuth application UI](https://codeberg.org/forgejo/forgejo/commit/ca35dec18b3d3d7dd5cde4c69a10ae830961faf7) -- **Refactor:** - Many essential sub-systems were refactored: the [queue system](https://codeberg.org/forgejo/forgejo/commit/6f9c278559789066aa831c1df25b0d866103d02d) that handles background tasks such as checking pull requests, [pull mirror](https://codeberg.org/forgejo/forgejo/commit/99283415bcbaa8acfe4d249ce3040de2f3a8b006), [git internal API](https://codeberg.org/forgejo/forgejo/commit/f4538791f5fc82b173608fcf9c30e36ec01dc9d3), [routes](https://codeberg.org/forgejo/forgejo/commit/92fd3fc4fd369b6a8c0a022a32a80dec2340223a) and [web routes](https://codeberg.org/forgejo/forgejo/commit/b9a97ccd0ea1ee44db85b0fbb80b75255af7c742), [merge & update logic](https://codeberg.org/forgejo/forgejo/commit/8598356df1eb21b6e33ecb9f9268ba36c5488e7c) and [git command calls](https://codeberg.org/forgejo/forgejo/commit/542cec98f8c07e0f046a35f1d516807416536e74), [listing commits](https://codeberg.org/forgejo/forgejo/commit/ec261b63e14f84da3e2d9a6e27c8b831a7750677), [cookie](https://codeberg.org/forgejo/forgejo/commit/5b9557aef59b190c55de9ea218bf51152bc04786), [issue stats](https://codeberg.org/forgejo/forgejo/commit/38cf43d0606c13c38f459659f38e26cf31dceccb), [renaming users and organizations](https://codeberg.org/forgejo/forgejo/commit/c59a057297c782f44a81a3e630b5094a58099edb), [app.ini handling](https://codeberg.org/forgejo/forgejo/commit/de4a21fcb4476772c69c36d086549e89ed4dcf6c), [diffFileInfo / DiffTreeStore](https://codeberg.org/forgejo/forgejo/commit/ee99cf6313ba565523b3c43f61ffda4b71e2c39b).... In theory these changes are transparent to the Forgejo user and admin but the risk of subtle regressions is real: do not hesitate to [reach out](https://codeberg.org/forgejo/forgejo/issues) if you suspect anything. -- **RSS** - - [Support "." char as user name for User/Orgs in RSS/ATOM/GPG/KEYS](https://codeberg.org/forgejo/forgejo/commit/88033438aa8214569913899a17b19b57bd609d97) - - [Add RSS Feeds for branches and files](https://codeberg.org/forgejo/forgejo/commit/56d4893b2a996da6388801c9c8ff16b9b588ad55) -- **API** - - [Add admin API for email](https://codeberg.org/forgejo/forgejo/commit/d56bb7420184c0c2f451f4bcaa96c9b3b00c393d) - - [Add admin API to rename a user](https://codeberg.org/forgejo/forgejo/commit/03591f0f95823a0b1dcca969d2a3ed505c7e6d73) - - [Add login name and source id to admin user searching API](https://codeberg.org/forgejo/forgejo/commit/6f9cc617fcc42477dec5ccab83d06f0a96544403) - - [Add missing units to create and edit repo API](https://codeberg.org/forgejo/forgejo/commit/574d8fe6d6675c8aa05e2b75fdbc01c009efd8be) - - [Add API to manage issue dependencies](https://codeberg.org/forgejo/forgejo/commit/3cab9c6b0c050bfcb9f2f067e7dc1b0242875254) - - [Add API for activity feeds](https://codeberg.org/forgejo/forgejo/commit/6b0df6d8da76d77a9b5c42dcfa78dbfe197fd56d) - - [Add API for license templates](https://codeberg.org/forgejo/forgejo/commit/fb37eefa282543fd8ce63c361cd4cf0dfac9943c) - - [Add API for gitignore templates](https://codeberg.org/forgejo/forgejo/commit/36a5d4c2f3b5670e5e921034cd5d25817534a6d4) - - [Add API to upuload a file to an empty repository](https://codeberg.org/forgejo/forgejo/commit/cf465b472166ccf6d3e001e3043e4bf43e16e6b3) - - [Allow for --not when listing the commits of a repo](https://codeberg.org/forgejo/forgejo/commit/f766b002938b5c81e343c81fda3c0669fa09809f) - - [Add `files` and `verification` parameters to improve performances when listing the commits of a repo](https://codeberg.org/forgejo/forgejo/commit/1dd83dbb917d55bd253001646d6743f247a4d98b) - - [Allow for listing a single commit in a repository](https://codeberg.org/forgejo/forgejo/commit/5930ab5fdf7a970fcca3cd50b44cf1cacb615a54) - - [Create a branch directly from commit on the create branch API](https://codeberg.org/forgejo/forgejo/commit/cd9a13ebb47d32f46b38439a524e3b2e0c619490) - - [Add API for Label templates](https://codeberg.org/forgejo/forgejo/commit/25dc1556cd70b567a4920beb002a0addfbfd6ef2) - - [Add API for changing/creating/deleting multiple files](https://codeberg.org/forgejo/forgejo/commit/275d4b7e3f4595206e5c4b1657d4f6d6969d9ce2) -- **Miscellaneous Features** - - [Any URL scheme may be used for links](https://codeberg.org/forgejo/forgejo/commit/f5ce2ed292a90041abd749a8db26671645648a43). Previously, non-standard URLs (like matrix:) were not rendered unless explicitly listed in `markdown.CUSTOM_URL_SCHEMES`. Now the default if `markdown.CUSTOM_URL_SCHEMES` is not set, all schemes are allowed and markdown links ([label](URL)) render as links. - - [Always use "utf8mb4" for MySQL](https://codeberg.org/forgejo/forgejo/commit/cb3173a1e) - - [Add Adopt repository event and handler](https://codeberg.org/forgejo/forgejo/commit/9d69a4758) - - Add [meilisearch](https://www.meilisearch.com/) support to [index the content of repositories](https://codeberg.org/forgejo/forgejo/commit/92c160d8e716cb3d05215a97cf521e843596f562). - - [Add support](https://codeberg.org/forgejo/forgejo/commit/985f76dc4b0692c4d6c6f37e82500ef859557c16) for [redis v7](https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES) - - Allow [webp](https://en.wikipedia.org/wiki/WebP) images [as avatars](https://codeberg.org/forgejo/forgejo/commit/65fe0fb22cfb264f0b756065d0c3ce7a17d7e55b) - - [Add support](https://codeberg.org/forgejo/forgejo/commit/58caf422e67c78f87327bc9b00f89083a2432940) for rendering [.livemd](https://livebook.dev/) - - The `forgejo forgejo-cli actions` [subcommand is added](https://codeberg.org/forgejo/forgejo/commit/d6efefbb63d59ba0251c10b6031f6b630b184eaf) to implement [offline registration with `actions register`](https://forgejo.org/docs/v1.20/admin/actions/#offline-registration) for the [Forgejo runner](https://code.forgejo.org/forgejo/runner). - - When [called as `forgejo-cli`](https://codeberg.org/forgejo/forgejo/commit/935fb85e8b2a5f6a9c9c6c0b78a234abc14df4fe) (with `ln -f forgejo forgejo-cli`), Forgejo provides a new CLI that is not backward compatible with Gitea. It contains Forgejo specific additions such as [offline registration](https://forgejo.org/docs/v1.20/admin/actions/#offline-registration) - - [Render list items](https://codeberg.org/forgejo/forgejo/commit/e1829f0728509c4c1b7810fe9f6df1aebb71b4c0) when an [org-mode](https://orgmode.org/) file is displayed - - [A user can follow an organization](https://codeberg.org/forgejo/forgejo/commit/cc64a925602d54f3439dd19f16b5280bd0377a7a) - - [When playing a video in the web UI, the player control can be dragged to play on the specified position](https://codeberg.org/forgejo/forgejo/commit/023a048f52b5bf8c4b715285245a129f04e05a8c) - - The commit status required for a pull request to be merged can now be [specified as patterns](https://codeberg.org/forgejo/forgejo/commit/e7c2231dee356df5cbe5a47c07e31e3a8d090a6f) instead of being a hard coded list - - [Support wildcard in email domain allow and block lists](https://codeberg.org/forgejo/forgejo/commit/2cb66fff60c95efbd58b797f1197f2421f4687ce). [Read more about EMAIL_DOMAIN_ALLOWLIST and EMAIL_DOMAIN_BLOCKLIST](https://forgejo.org/docs/v1.20/admin/config-cheat-sheet/). - - When [installing with docker](https://forgejo.org/docs/v1.20/admin/installation/#installation-with-docker) the value of a configuration variable can now be fetched from a file by [adding the `__FILE` suffix](https://codeberg.org/forgejo/forgejo/commit/c21605951b581440bb08b65d5907b1cd4e0ab6c5). For instance `FORGEJO__security__INTERNAL_TOKEN__FILE=/etc/forgejo/token` can be used instead of `FORGEJO__security__INTERNAL_TOKEN=tokenvalue`. - - The [new `[git.config]` section of `app.ini`](https://codeberg.org/forgejo/forgejo/commit/8080ace6fcf73a5fbe4a0dd71881228abd0c68b9) is used to `git set config`. [Read more about the defaults it contains](https://forgejo.org/docs/v1.20/admin/config-cheat-sheet/#git---config-options-gitconfig). - - [Issues and pull requests can be pinned](https://codeberg.org/forgejo/forgejo/commit/aaa109466350c531b9238a61115b2877daca57d3). They will show on top of the list of issues (or pull requests) and can be re-arranged by dragging them. - - [Implement systemd-notify protocol](https://codeberg.org/forgejo/forgejo/commit/7565e5c3de051400a9e3703f707049cbb9054cf3) and allows for using `Type=notify` in service files. - - [Provide more control over the repositories that are indexed](https://codeberg.org/forgejo/forgejo/commit/033d92997fc16baee097d2b25f08e0984e628abd). [Read more about REPO_INDEXER_REPO_TYPES](https://forgejo.org/docs/v1.20/admin/config-cheat-sheet/). -- **Webhook** - - Similar to organization wide webhooks, it is now possible to have [user wide webhooks](https://codeberg.org/forgejo/forgejo/commit/2173f14708ff3b35d7821fc9b6dcb5fcd06b8494) - - [Add webhook trigger when a Pull Request review requests is created](https://codeberg.org/forgejo/forgejo/commit/309354c70ee994a1e8f261d7bc24e7473e601d02) - -* Container images upgraded to Alpine 3.18 - - The Forgejo container images are now based on [Alpine 3.18](https://alpinelinux.org/posts/Alpine-3.18.0-released.html) instead of Alpine 3.17. - -## 1.19.4-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.4-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.19.3-0..v1.19.4-0 -``` - -This stable release contains security fixes. - -* Recommended Action - - We recommend that all Forgejo installations are upgraded to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.19/user/semver/) - - The semantic version was updated from `4.2.1+0-gitea-1.19.3` to `4.2.2+0-gitea-1.19.4`. - -* Security fixes - - * [An additional verification](https://codeberg.org/forgejo/forgejo/commit/a259a928a) was implemented to prevent [open redirects](https://en.wikipedia.org/wiki/Open_redirect). - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix an edge case](https://codeberg.org/forgejo/forgejo/commit/27796464c) where a user changing their `username` in their profile page could fail - * The secrets are only meaningful in the context of `Frogejo Actions`, do not display them if `Forgejo Actions` is disabled ([patch 1](https://codeberg.org/forgejo/forgejo/commit/5883db45c), [patch 2](https://codeberg.org/forgejo/forgejo/commit/5fdac0d46)) - * Actions can now be triggered on mirrored repositories ([patch 1](https://codeberg.org/forgejo/forgejo/commit/58bdcae61), [patch 2](https://codeberg.org/forgejo/forgejo/commit/8d4d6f9b2)) - * [Return `404` in the API if the requested webhooks were not found](https://codeberg.org/forgejo/forgejo/commit/16bcceeff) instead of `500` - * Ensure topics deleted via the API are [also deleted in the repository](https://codeberg.org/forgejo/forgejo/commit/5dc29fdeb) - * [Tentative fix](https://codeberg.org/forgejo/forgejo/commit/9bc4887cb) to suppress the JavaScript error **TypeError: undefined is not an object (evaluating '_i18n.textEdited')** on safari. It is unclear if that fix is effective because it could not be reproduced, please report if it still happens for you. - * [Respect original content when creating secrets](https://codeberg.org/forgejo/forgejo/commit/f6919e3e5) - * If a mirror failed and left the database in an inconsistent state, make it so the repository page [does not fail with an error `500`](https://codeberg.org/forgejo/forgejo/commit/f37fba567) - * If a user that triggered `Actions` is deleted, [allow for the page listing the tasks it launched to show](https://codeberg.org/forgejo/forgejo/commit/f9bf040a5) instead of failing with an error `500` - * [Allow the selection of milestones](https://codeberg.org/forgejo/forgejo/commit/55d062003) when acting on multiple issues in the issue list page - * [Fix the API error message when trying to create a fork that already exists](https://codeberg.org/forgejo/forgejo/commit/4dccac3db) - * [Don't display a `create page` button in a mirror wiki repository](https://codeberg.org/forgejo/forgejo/commit/7a74957c1). A mirrored repository will also mirror a wiki and changes will be overridden. - * [Do not allow for a repository to enable actions if it is not enabled in the configuration](https://codeberg.org/forgejo/forgejo/commit/257287954) - * Allow for closed PRs to be re-opened and [synchronize with the latest content of the head branch](https://codeberg.org/forgejo/forgejo/commit/306b7b5d1) - * [Fix the `close` button of projects within an organization](https://codeberg.org/forgejo/forgejo/commit/306b7b5d1). It was a noop and now effectively closes the project - -## 1.19.3-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.3-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.19.2-0..v1.19.3-0 -``` - -This stable release contains security fixes. - -* Recommended Action - - We recommend that all Forgejo installations are upgraded to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.19/user/semver/) - - The semantic version was updated from `4.2.0+0-gitea-1.19.2` to `4.2.1+0-gitea-1.19.3` because of the rebuild with [Go version 1.20.4](https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved). - -* Security fixes - - * Forgejo was recompiled with Go version v1.20.4 published 2 May 2023. It fixes [three vulnerabilities](https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved) ([CVE-2023-29400](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29400), [CVE-2023-24540](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24540), [CVE-2023-24539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24539)) related to the [html/template](https://pkg.go.dev/html/template) package. The [Forgejo security team](https://forgejo.org/.well-known/security.txt) analyzed the security fixes it contains and concluded that Forgejo is not affected but recommended a rebuild as a precaution. - -* Bug fixes - - The most prominent one is described here, others can be found in the list of commits included in the release as described above. - - * [Allow users that are not signed in to browse the tag list](https://codeberg.org/forgejo/forgejo/commit/e76b3f72b23bf778a562682d829744451b27d615). Requiring users to be signed in to view the tag list was a regression introduced in Forgejo v1.19.2-0. - -## 1.19.2-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.2-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.19.1-0..v1.19.2-0 -``` - -This stable release contains **important security fixes**. - -* Recommended Action - - We **strongly recommend** that all Forgejo installations are upgraded to the latest version as soon as possible. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.19/user/semver/) - - The semantic version was updated from `4.1.0+0-gitea-1.19.1` to `4.2.0+0-gitea-1.19.2` because of the changes introduced in the internal CI. - -* Security fixes - - * Token scopes were not enforced in some cases ([patch 1](https://codeberg.org/forgejo/forgejo/commit/7c3ac69c0) and [patch 2](https://codeberg.org/forgejo/forgejo/commit/10d3ed53f1cc6d383b52637bedd7bc3679476eb4)). The [scoped token](https://forgejo.org/docs/v1.19/user/oauth2-provider/#scoped-tokens) were introduced in Forgejo v1.19 allow for the creation of application tokens that only have limited permissions, such as creating packages or accessing repositories. Prior to Forgejo v1.19 tokens could be used to perform any operation the user issuing the token could. - * [Permissions to delete secrets was not enforced](https://codeberg.org/forgejo/forgejo/commit/68d80eb56). The experimental internal CI relies on secrets managed via the web interface, for instance to communicate credentials to a job. Secrets are only used in the context of the experimental internal CI. - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Restore public access to some API endpoints](https://codeberg.org/forgejo/forgejo/commit/b00f7c3c545c6a00a747a5aea7596f45c50157ac). When [scoped token](https://forgejo.org/docs/v1.19/user/oauth2-provider/#scoped-tokens) introduced in Forgejo v1.19, some API endpoints that were previously accessible anonymously became restricted: `/orgs`, `/orgs/{org}`, `/orgs/{org}/repos`, `/orgs/{org}/public_members`, `/orgs/{org}/public_members/{username}`, `/orgs/{org}/labels`. - * [Fix 2-dot direct compare to use the right base commit](https://codeberg.org/forgejo/forgejo/commit/494e373292962de34b7ea7efd3f4a8d2f27daa26). For 2-dot direct compare, the base commit should be used in the title and templates, as is used elsewhere, not the common ancestor which is used for 3-dot compare. - * [Make CORS work](https://codeberg.org/forgejo/forgejo/commit/2e6e5bc9c96ebb760f28c08423bb0c244ca7e01c). No [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) headers were set, even if CORS was enabled in the configuration. - * [Fix issue attachment removal](https://codeberg.org/forgejo/forgejo/commit/d5f2c9d74d63443cc2abbcabc268cf1121f58e8b). When an attachment was removed from an issue or review comment, all of the image/attachment links were broken. - * [Fix wiki write permissions for users who do not have repository write permissions](https://codeberg.org/forgejo/forgejo/commit/8c465206e2fea27076fdb986ea0478729653f0b5). When a team member had write access to the wiki but not to the code repository, some operations (deleting a page for instance) were denied. - * [Respect the REGISTER_MANUAL_CONFIRM setting when registering via OAuth](https://codeberg.org/forgejo/forgejo/commit/116b6d5b27c40b248281f5fd543f7aa8df0d59d3). Contrary to the local registration, the OAuth registration flow activated a newly registered user regardless of the value of `REGISTER_MANUAL_CONFIRM`. - * [Fix tags list for repos whose release setting is disabled](https://codeberg.org/forgejo/forgejo/commit/eeee32cdc3aab4d2086b24aae670a39501c9ea99). When releases was disabled the "tags" button led to a `Not Found` page, even when tags existed. - -* Container image upgrades - - In the Forgejo container images the Git version was upgraded to [2.38.5](https://github.com/git/git/blob/master/Documentation/RelNotes/2.38.5.txt) as a precaution. The [Forgejo security team](https://forgejo.org/.well-known/security.txt) analyzed the security fixes it contains and concluded that Forgejo is not affected. - -## 1.19.1-0 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.1-0` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.19.0-3..v1.19.1-0 -``` - -This stable release includes bug fixes. Functional changes related to the experimental CI have also been backported. - -* Recommended Action - - We recommend that all installations are upgraded to the latest version. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.19/user/semver/) - - The semantic version was updated from `4.0.0+0-gitea-1.19.0` to `4.1.0+0-gitea-1.19.1` because of the changes introduced in the internal CI. - -* Bug fixes - - The most prominent ones are described here, others can be found in the list of commits included in the release as described above. - - * [Fix RSS/ATOM/GPG/KEYS path for users (or orgs) with a dot in their name](https://codeberg.org/forgejo/forgejo/commit/085b56302cfd9a949319a3a1e32e008b4a0d0772). It is allowed for a user (or an organization) to have a dot in their name, for instance `user.name`. Because of a [bug in Chi](https://codeberg.org/forgejo/forgejo/issues/652) it was not possible to access `/user.name.png`, `/user.name.gpg`, etc. A workaround was implemented while a [proper fix is being discussed](https://github.com/go-chi/chi/pull/811). - * [Creating a tag via the web interface no longer requires a title](https://codeberg.org/forgejo/forgejo/commit/1b8ecd179bdb58427b99c2c2eb9ad5a45abf7055). - * [Use fully qualified URLs in Dockerfile](https://codeberg.org/forgejo/forgejo/commit/833a4b177596debc138e5723219fd063d067bd5b). The Dockerfile to create the Forgejo container image now uses the fully qualified image `docker.io/library/golang:1.20-alpine3.17` instead of `golang:1.20-alpine3.17`. This allows for building on platforms that don't have docker hub as the default container registry. - * [Redis use Get/Set instead of Rename when Regenerate session id](https://codeberg.org/forgejo/forgejo/commit/3a7cb1a83b4ecd89421b5656b8caeb30c2b13c7c). The old sid and new sid may be in different redis cluster slot. - * [Do not escape space between PyPI repository url and package name](https://codeberg.org/forgejo/forgejo/commit/cfde557e231417b7fb3cde3e9bab70d05b7d182f). It also adds a trailing slash to the PyPI repository URL in accordance to [Python PEP-503](https://peps.python.org/pep-0503/). - * [Fix failure when using the API and an empty rule_name to protect a branch](https://codeberg.org/forgejo/forgejo/commit/abf0386e2ef6b56c048c04cd3d6913f453c87cb1). The `rule_name` parameter for the [/repos/{owner}/{repo}/branch_protections](https://code.forgejo.org/api/swagger#/repository/repoCreateBranchProtection) API now defaults to the branch name instead of being empty. - * [Fix branch protection priority](https://codeberg.org/forgejo/forgejo/commit/580da8f35320dbd15b168bf8ccfaff6187ff87e0). Contrary to [the documentation](https://forgejo.org/docs/v1.19/user/protection/#protected-branches) it was possible for a glob rule to take precedence over a non-glob rule. - * [Fix deleting an issue when the git repo does not exist](https://codeberg.org/forgejo/forgejo/commit/1d8ae34e57e46b84a885b4f072d949344c5977c4). If a project had an issue tracker (such as the [Forgejo discussion](https://codeberg.org/forgejo/discussions/issues)) but [no git repository](https://codeberg.org/forgejo/discussions/), trying to delete an issue would fail. - * [Fix accidental overwriting of LDAP team memberships](https://codeberg.org/forgejo/forgejo/commit/66aa85429684aca45753ac9578492ed3f7507ea3). If an LDAP user is a member of two groups, the LDAP group sync only matched the last group. - -## 1.19.0-3 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.0-3` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges v1.19.0-2..v1.19.0-3 -``` - -This stable release includes security updates and bug fixes. - -* Recommended Action - - We recommend that all installations are upgraded to the latest version. - -* Security - - The [Forgejo security team](https://forgejo.org/.well-known/security.txt) analyzed the vulnerabilities fixed in the latest [Go 1.20.3 packages](https://go.dev/doc/devel/release#go1.20.minor) and [Alpine 3.17.3](https://alpinelinux.org/posts/Alpine-3.17.3-released.html) and concluded that Forgejo is not affected. - - As a precaution the Forgejo v1.19.0-3 binaries were compiled with [Go 1.20.3 packages](https://go.dev/doc/devel/release#go1.20.minor) as published on 4 April 2023 and the container images were built with [Alpine 3.17.3](https://alpinelinux.org/posts/Alpine-3.17.3-released.html) as published on 29 March 2023. - -* [Forgejo Semantic Version](https://forgejo.org/docs/v1.19/user/semver/) - - The semantic version was updated from `3.0.0+0-gitea-1.19.0` to `4.0.0+0-gitea-1.19.0` because of the breaking changes described below. - -* Breaking changes - - They should not have a significant impact because they are related to experimental features (federation and CI). - - * [Use User.ID instead of User.Name in ActivityPub API for Person IRI](https://codeberg.org/forgejo/forgejo/commit/2fcd57d5ae5b5926e5b0b87e46f78ad4ac83cbbd) - - The ActivityPub id is an HTTPS URI that should remain constant, even if -the user changes their name. - - * [Actions unit is repo.actions instead of actions.actions](https://codeberg.org/forgejo/forgejo/commit/9596bd3712caec440859fce93d05e19cf95e5330) - - All instances of `actions.actions` in the `DISABLED_REPO_UNITS` or `DEFAULT_REPO_UNITS` configuration variables must be replaced with `repo.actions`. - -* Bug fixes - - They are for the most part about user interface and actions. The most prominent ones are: - - * [Do not filter repositories by default on the explore page](https://codeberg.org/forgejo/forgejo/commit/d15f20b2d2ce613cc8b36536995f29f81797c002). The behavior of the explore page is back to what it was in Forgejo v1.18. Changing it was confusing. - * [Skip LFS when disabled in dump and doctor](https://codeberg.org/forgejo/forgejo/commit/b6a2323981a7a89205a382ddf0542e205e292d3d). - * [Do not display own email on the profile](https://codeberg.org/forgejo/forgejo/commit/1fed0e1adc8dd2d27d2d7e34dda29c8e79e5e6e8). - * [Make minio package support legacy MD5 checksum](https://codeberg.org/forgejo/forgejo/commit/b73d1ac1eb7d5c985749dc721bbea7ebd14f9c83). - * [Do not triggers Webhooks and actions on closed PR](https://codeberg.org/forgejo/forgejo/commit/a04535e212b04c0f6643a4f36904a3d1bf30c63f). - -## 1.19.0-2 - -The [complete list of commits](https://codeberg.org/forgejo/forgejo/commits/branch/v1.19/forgejo) included in the `Forgejo v1.19.0-2` release can be reviewed from the command line with: - -```shell -$ git clone https://codeberg.org/forgejo/forgejo/ -$ git -C forgejo log --oneline --no-merges origin/v1.18/forgejo..origin/v1.19/forgejo -``` - -* Breaking changes - * [Scoped access tokens](https://codeberg.org/forgejo/forgejo/commit/de484e86bc) - - Forgejo access token, used with the [API](https://forgejo.org/docs/v1.19/admin/api-usage/) can now have a "scope" that limits what it can access. Existing tokens stored in the database and created before Forgejo v1.19 had unlimited access. For backward compatibility, their access will remain the same and they will continue to work as before. However, **newly created token that do not specify a scope will now only have read-only access to public user profile and public repositories**. - - For instance, the `/users/{username}/tokens` API endpoint will require the `scopes: ['all', 'sudo']` parameter and the `forgejo admin user generate-access-token` will require the `--scopes all,sudo` argument obtain tokens with unlimited access as before for admin users. - - [Read more about the scoped tokens](https://forgejo.org/docs/v1.19/user/oauth2-provider/#scoped-tokens). - - * [Disable all units except code and pulls on forks](https://codeberg.org/forgejo/forgejo/commit/2741546be) - - When forking a repository, the fork will now have issues, projects, releases, packages and wiki disabled. These can be enabled in the repository settings afterwards. To change back to the previous default behavior, configure `DEFAULT_FORK_REPO_UNITS` to be the same value as `DEFAULT_REPO_UNITS`. - - * [Filter repositories by default on the explore page](https://codeberg.org/forgejo/forgejo/commit/4d20a4a1b) - - The explore page now always filters out repositories that are considered not relevant because they are either forks or have no topic and not description and no icon. A link is shown to display all repositories, unfiltered. - - Explore repositories - - * [Remove deprecated DSA host key from Docker Container](https://codeberg.org/forgejo/forgejo/commit/f17edfaf5a31ea3f4e9152424b75c2c4986acbe3) - Since OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public key algorithm, and recommend against its use. http://www.openssh.com/legacy.html - - * Additional restrictions on valid user names - - The algorithm for validating user names was modified and some users may have invalid names. The command `forgejo doctor --run check-user-names` will list all of them so they can be renamed. - - If a Forgejo instance has users or organizations named `forgejo-actions` and `gitea-actions`, they will also need to be renamed before the upgrade. They are now reserved names for the experimental internal CI/CD named `Actions`. - - * [Semantic version](https://forgejo.org/docs/latest/user/semver) - - Since v1.18.5, in addition to the Forgejo release number, a [semantic version](https://semver.org/#semantic-versioning-200) number (e.g. `v3.0.0`) can be obtained from the `number` key of a new `/api/forgejo/v1/version` endpoint. - - Now, it reflects the Gitea version that Forgejo depends on, is no longer prefixed with `v` (e.g. `3.0.0+0-gitea-1.19.0`), and can be obtained from the `version` key of the same endpoint. -* Features - - * [Documentation](https://forgejo.org/docs/latest/) - The first version of the [Forgejo documentation](https://forgejo.org/docs/latest/) is available and covers the administration of Forgejo, from installation to troubleshooting. - - [Read more about semantic versions](https://forgejo.codeberg.page/docs/v1.19/user/semver) - - * [Webhook authorization header](https://codeberg.org/forgejo/forgejo/commit/b6e81357bd6fb80f8ba94c513f89a210beb05313) - Forgejo webhooks can be configured to send an [authorization header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization) to the target. - - [Read more about the webhook authorization header](https://forgejo.codeberg.page/docs/v1.19/user/webhooks/#authorization-header) - - * [Incoming emails](https://codeberg.org/forgejo/forgejo/commit/fc037b4b825f0501a1489e10d7c822435d825cb7) - You can now set up Forgejo to receive incoming email. When enabled, it is now possible to reply to an email notification from Forgejo and: - * Add a comment to an issue or a pull request - * Unsubscribe to the notifications - - [Read more about incoming emails](https://forgejo.org/docs/v1.19/admin/incoming-email/) - - * Packages registries - * Support for [Cargo](https://forgejo.org/docs/v1.19/admin/packages/cargo/), [Conda](https://forgejo.org/docs/v1.19/admin/packages/conda/) and [Chef](https://forgejo.org/docs/v1.19/admin/packages/chef/) - * [Cleanup rules](https://codeberg.org/forgejo/forgejo/commit/32db62515) - * [Quota limits](https://codeberg.org/forgejo/forgejo/commit/20674dd05) - - * [Option to prohibit fork if user reached maximum limit of repositories](https://codeberg.org/forgejo/forgejo/commit/7cc7db73b) - It is possible for a user to create as many fork as they want, even when a quota on the number of repositories is imposed. The new `ALLOW_FORK_WITHOUT_MAXIMUM_LIMIT` setting can now be set to `false` so forks are prohibited if that means exceeding the quota. - - [Read more about repository configurations](https://forgejo.org/docs/v1.19/admin/config-cheat-sheet/#repository-repository) - - * [Scoped labels](https://codeberg.org/forgejo/forgejo/commit/6221a6fd5) - Labels that contain a forward slash (**/**) separator are displayed with a slightly different color before and after the separator, as a visual aid. The first part of the label defines its "scope". - - [Read more about scoped labels](https://forgejo.org/docs/v1.19/user/labels/). - - * [Support org/user level projects](https://codeberg.org/forgejo/forgejo/commit/6fe3c8b39) - It is now possible to create projects (kanban boards) for an organization or a user, in the same way it was possible for an individual repository. - - * [Map OIDC groups to Orgs/Teams](https://codeberg.org/forgejo/forgejo/commit/e8186f1c0) - When a user logs in Forgejo using an provider such as [Keycloak](https://www.keycloak.org/), they can now automatically be part of a Forgejo team, depending on the OIDC group they belong to. For instance: - - ```json - {"Developer": {"MyForgejoOrganization": ["MyForgejoTeam1", "MyForgejoTeam2"]}} - ``` - - Means that the user who is in the OIDC group `Developer` will automatically be a member of the `MyForgejoTeam1` and `MyForgejoTeam2` teams in the `MyForgejoOrganization` organization. - This mapping is set when adding a new `Authentication Source` in the `Site Administration` panel. - - OIDC Group mapping part1 - - ... - - OIDC Group mapping part2 - - [Read more about OIDC groups mapping](https://forgejo.org/docs/v1.19/user/oauth2-provider/#endpoints) - - * [RSS feed for releases and tags](https://codeberg.org/forgejo/forgejo/commit/48d71b7d6) - - A RSS feed is now available for releases at `/{owner}/{repo}/releases.rss` and tags at `/{owner}/{repo}/tags.rss`. - - * [Supports wildcard protected branch](https://codeberg.org/forgejo/forgejo/commit/2782c1439) - - Instead of selecting a branch to be protected, the name of the branch must be specified and can be a pattern such as `precious*`. - - [Read more about branch protection](https://forgejo.org/docs/v1.19/user/protection/#protected-branches). - - * [Garbage collect LFS](https://codeberg.org/forgejo/forgejo/commit/651fe4bb7) - Add a doctor command for full garbage collection of LFS: `forgejo doctor --run gc-lfs`. - - * Additions to the API - - * [Management for issue/pull and comment attachments](https://codeberg.org/forgejo/forgejo/commit/3c59d31bc) - * [Get latest release](https://codeberg.org/forgejo/forgejo/commit/4d072a4c4) - * [System hook](https://codeberg.org/forgejo/forgejo/commit/c0015979a) - - * [Option to disable releases on a repository](https://codeberg.org/forgejo/forgejo/commit/faa96553d) - - It is now possible to disable releases on a repository, in the same way it is possible to disable issues or packages. - - * [Git reflog support](https://codeberg.org/forgejo/forgejo/commit/757b4c17e) - The [git reflog](https://git-scm.com/docs/git-reflog) are now active by default on all repositories and - kept around for 90 days. It allows the Forgejo admin to recover the previous tip of a branch after an - accidental force push. - - [Read more about reflog](https://forgejo.org/docs/v1.19/admin/config-cheat-sheet/#git---reflog-settings-gitreflog) - - * [Actions](https://codeberg.org/forgejo/forgejo/commit/4011821c946e8db032be86266dd9364ccb204118): an experimental CI/CD - - It appears for the first time in this Forgejo release but is not yet fit for production. It is not fully implemented and may be insecure. However, as long as it is not enabled, it presents no risk to existing Forgejo instances. - - If a repository has a file such as `.forgejo/workflows/test.yml`, it will be interpreted, for instance to run tests and verify the code in the repository works as expected (Continuous Integration). It can also be used to create HTML pages for a website and publish them (Continuous Deployment). The syntax is similar to GitHub Actions and the jobs can be controlled from the Forgejo web interface. - - [Read more about Forgejo Actions](https://forgejo.codeberg.page/2023-02-27-forgejo-actions/) - - Actions - -* User Interface improvements - - * [Review box on small screens](https://codeberg.org/forgejo/forgejo/commit/1fcf96ad0) - The rendering of the review box is improved on small screens. - - * [Video element enabled in markdown](https://codeberg.org/forgejo/forgejo/commit/f8a40dafb) - The `
"}, checkLocaleContent([]byte(`key = %[1]s`))) - }) - - t.Run("General safe tags", func(t *testing.T) { - assert.Empty(t, checkLocaleContent([]byte("error404 = The page you are trying to reach either does not exist or you are not authorized to view it."))) - assert.Empty(t, checkLocaleContent([]byte("teams.specific_repositories_helper = Members will only have access to repositories explicitly added to the team. Selecting this will not automatically remove repositories already added with All repositories."))) - assert.Empty(t, checkLocaleContent([]byte("sqlite_helper = File path for the SQLite3 database.
Enter an absolute path if you run Forgejo as a service."))) - assert.Empty(t, checkLocaleContent([]byte("hi_user_x = Hi %s,"))) - - assert.EqualValues(t, []string{"error404: The page you are trying to reach either does not exist or you are not authorized to view it."}, checkLocaleContent([]byte("error404 = The page you are trying to reach either does not exist or you are not authorized to view it."))) - }) - - t.Run("
", func(t *testing.T) { - assert.Empty(t, checkLocaleContent([]byte(`admin.new_user.text = Please click here to manage this user from the admin panel.`))) - assert.Empty(t, checkLocaleContent([]byte(`access_token_desc = Selected token permissions limit authorization only to the corresponding API routes. Read the documentation for more information.`))) - assert.Empty(t, checkLocaleContent([]byte(`webauthn_desc = Security keys are hardware devices containing cryptographic keys. They can be used for two-factor authentication. Security keys must support the WebAuthn Authenticator standard.`))) - assert.Empty(t, checkLocaleContent([]byte("issues.closed_at = `closed this issue %[2]s`"))) - - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: "}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: "}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - assert.EqualValues(t, []string{"key: \x1b[31m\x1b[0m"}, checkLocaleContent([]byte(`key = `))) - }) - - t.Run("Escaped HTML characters", func(t *testing.T) { - assert.Empty(t, checkLocaleContent([]byte("activity.git_stats_push_to_branch = `؄لى %s و\"`"))) - - assert.EqualValues(t, []string{"key: و\x1b[31m \x1b[0m\x1b[32m\u00a0\x1b[0m"}, checkLocaleContent([]byte(`key = و `))) - }) -} diff --git a/build/merge-forgejo-locales.go b/build/merge-forgejo-locales.go index 05c8d9b5e9..4368fa9571 100644 --- a/build/merge-forgejo-locales.go +++ b/build/merge-forgejo-locales.go @@ -1,4 +1,4 @@ -// Copyright 2024 The Forgejo Authors c/o Codeberg e.V.. All rights reserved. +// Copyright 2022 The Forgejo Authors c/o Codeberg e.V.. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. @@ -7,9 +7,86 @@ package main import ( - "fmt" + "bufio" + "os" + "regexp" + "strings" + + "gopkg.in/ini.v1" ) -func main() { - fmt.Println("NOT NEEDED: THIS IS A NOOP AS OF Forgejo 7.0 BUT KEPT FOR BACKWARD COMPATIBILITY") +const ( + trimPrefix = "gitea_" + sourceFolder = "options/locales/" +) + +// returns list of locales, still containing the file extension! +func generate_locale_list() []string { + localeFiles, _ := os.ReadDir(sourceFolder) + locales := []string{} + for _, localeFile := range localeFiles { + if !localeFile.IsDir() && strings.HasPrefix(localeFile.Name(), trimPrefix) { + locales = append(locales, strings.TrimPrefix(localeFile.Name(), trimPrefix)) + } + } + return locales +} + +// replace all occurrences of Gitea with Forgejo +func renameGiteaForgejo(filename string) []byte { + file, err := os.Open(filename) + if err != nil { + panic(err) + } + + replacer := strings.NewReplacer( + "Gitea", "Forgejo", + "https://docs.gitea.io/en-us/install-from-binary/", "https://forgejo.org/download/#installation-from-binary", + "https://github.com/go-gitea/gitea/tree/master/docker", "https://forgejo.org/download/#container-image", + "https://docs.gitea.io/en-us/install-from-package/", "https://forgejo.org/download", + "https://code.gitea.io/gitea", "https://forgejo.org/download", + "code.gitea.io/gitea", "Forgejo", + `GitHub`, `Codeberg`, + "https://github.com/go-gitea/gitea", "https://codeberg.org/forgejo/forgejo", + "https://blog.gitea.io", "https://forgejo.org/news", + ) + + out := make([]byte, 0, 1024) + scanner := bufio.NewScanner(file) + scanner.Split(bufio.ScanLines) + for scanner.Scan() { + line := scanner.Text() + if strings.HasPrefix(line, "[") && strings.HasSuffix(line, "]") { + out = append(out, []byte("\n"+line+"\n")...) + } else if strings.HasPrefix(line, "settings.web_hook_name_gitea") { + out = append(out, []byte("\n"+line+"\n")...) + out = append(out, []byte("settings.web_hook_name_forgejo = Forgejo\n")...) + } else if strings.HasPrefix(line, "migrate.gitea.description") { + re := regexp.MustCompile(`(.*Gitea)`) + out = append(out, []byte(re.ReplaceAllString(line, "${1}/Forgejo")+"\n")...) + } else { + out = append(out, []byte(replacer.Replace(line)+"\n")...) + } + } + file.Close() + return out +} + +func main() { + locales := generate_locale_list() + var err error + var localeFile *ini.File + for _, locale := range locales { + giteaLocale := sourceFolder + "gitea_" + locale + localeFile, err = ini.LoadSources(ini.LoadOptions{ + IgnoreInlineComment: true, + }, giteaLocale, renameGiteaForgejo(giteaLocale)) + if err != nil { + panic(err) + } + err = localeFile.SaveTo("options/locale/locale_" + locale) + if err != nil { + panic(err) + } + } } diff --git a/build/test-echo.go b/build/test-echo.go deleted file mode 100644 index 093364fcf8..0000000000 --- a/build/test-echo.go +++ /dev/null @@ -1,20 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -//go:build ignore - -package main - -import ( - "fmt" - "io" - "os" -) - -func main() { - _, err := io.Copy(os.Stdout, os.Stdin) - if err != nil { - fmt.Fprintf(os.Stderr, "Error: %v", err) - os.Exit(1) - } -} diff --git a/build/update-locales.sh b/build/update-locales.sh index 6f9ee334be..046f48ee86 100755 --- a/build/update-locales.sh +++ b/build/update-locales.sh @@ -1,43 +1,14 @@ #!/bin/sh -# this script runs in alpine image which only has `sh` shell - -set +e -if sed --version 2>/dev/null | grep -q GNU; then - SED_INPLACE="sed -i" -else - SED_INPLACE="sed -i ''" -fi -set -e - -if [ ! -f ./options/locale/locale_en-US.ini ]; then - echo "please run this script in the root directory of the project" - exit 1 -fi - mv ./options/locale/locale_en-US.ini ./options/ -# the "ini" library for locale has many quirks, its behavior is different from Crowdin. -# see i18n_test.go for more details - -# this script helps to unquote the Crowdin outputs for the quirky ini library -# * find all `key="...\"..."` lines -# * remove the leading quote -# * remove the trailing quote -# * unescape the quotes -# * eg: key="...\"..." => key=..."... -$SED_INPLACE -r -e '/^[-.A-Za-z0-9_]+[ ]*=[ ]*".*"$/ { - s/^([-.A-Za-z0-9_]+)[ ]*=[ ]*"/\1=/ - s/"$// +# Make sure to only change lines that have the translation enclosed between quotes +sed -i -r -e '/^[a-zA-Z0-9_.-]+[ ]*=[ ]*".*"$/ { + s/^([a-zA-Z0-9_.-]+)[ ]*="/\1=/ s/\\"/"/g + s/"$// }' ./options/locale/*.ini -# * if the escaped line is incomplete like `key="...` or `key=..."`, quote it with backticks -# * eg: key="... => key=`"...` -# * eg: key=..." => key=`..."` -$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*(".*[^"])$/\1=`\2`/' ./options/locale/*.ini -$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*([^"].*")$/\1=`\2`/' ./options/locale/*.ini - # Remove translation under 25% of en_us baselines=$(wc -l "./options/locale_en-US.ini" | cut -d" " -f1) baselines=$((baselines / 4)) diff --git a/cmd/actions.go b/cmd/actions.go deleted file mode 100644 index 10ae6243c3..0000000000 --- a/cmd/actions.go +++ /dev/null @@ -1,55 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "fmt" - - "code.gitea.io/gitea/modules/private" - "code.gitea.io/gitea/modules/setting" - - "github.com/urfave/cli/v2" -) - -var ( - // CmdActions represents the available actions sub-commands. - CmdActions = &cli.Command{ - Name: "actions", - Usage: "Manage Forgejo Actions", - Subcommands: []*cli.Command{ - subcmdActionsGenRunnerToken, - }, - } - - subcmdActionsGenRunnerToken = &cli.Command{ - Name: "generate-runner-token", - Usage: "Generate a new token for a runner to use to register with the server", - Action: runGenerateActionsRunnerToken, - Aliases: []string{"grt"}, - Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "scope", - Aliases: []string{"s"}, - Value: "", - Usage: "{owner}[/{repo}] - leave empty for a global runner", - }, - }, - } -) - -func runGenerateActionsRunnerToken(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - setting.MustInstalled() - - scope := c.String("scope") - - respText, extra := private.GenerateActionsRunnerToken(ctx, scope) - if extra.HasError() { - return handleCliResponseExtra(extra) - } - _, _ = fmt.Printf("%s\n", respText.Text) - return nil -} diff --git a/cmd/admin.go b/cmd/admin.go index 6c9480e76e..3c09aa3175 100644 --- a/cmd/admin.go +++ b/cmd/admin.go @@ -1,29 +1,39 @@ // Copyright 2016 The Gogs Authors. All rights reserved. // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( - "context" + "errors" "fmt" + "os" + "strings" + "text/tabwriter" + asymkey_model "code.gitea.io/gitea/models/asymkey" + auth_model "code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/models/db" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/modules/git" - "code.gitea.io/gitea/modules/gitrepo" + "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" repo_module "code.gitea.io/gitea/modules/repository" + auth_service "code.gitea.io/gitea/services/auth" + "code.gitea.io/gitea/services/auth/source/oauth2" + "code.gitea.io/gitea/services/auth/source/smtp" + repo_service "code.gitea.io/gitea/services/repository" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) var ( // CmdAdmin represents the available admin sub-command. - CmdAdmin = &cli.Command{ + CmdAdmin = cli.Command{ Name: "admin", - Usage: "Perform common administrative operations", - Subcommands: []*cli.Command{ + Usage: "Command line interface to perform common administrative operations", + Subcommands: []cli.Command{ subcmdUser, subcmdRepoSyncReleases, subcmdRegenerate, @@ -32,31 +42,43 @@ var ( }, } - subcmdRepoSyncReleases = &cli.Command{ + subcmdRepoSyncReleases = cli.Command{ Name: "repo-sync-releases", Usage: "Synchronize repository releases with tags", Action: runRepoSyncReleases, } - subcmdRegenerate = &cli.Command{ + subcmdRegenerate = cli.Command{ Name: "regenerate", Usage: "Regenerate specific files", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ microcmdRegenHooks, microcmdRegenKeys, }, } - subcmdAuth = &cli.Command{ + microcmdRegenHooks = cli.Command{ + Name: "hooks", + Usage: "Regenerate git-hooks", + Action: runRegenerateHooks, + } + + microcmdRegenKeys = cli.Command{ + Name: "keys", + Usage: "Regenerate authorized_keys file", + Action: runRegenerateKeys, + } + + subcmdAuth = cli.Command{ Name: "auth", Usage: "Modify external auth providers", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ microcmdAuthAddOauth, microcmdAuthUpdateOauth, - microcmdAuthAddLdapBindDn, - microcmdAuthUpdateLdapBindDn, - microcmdAuthAddLdapSimpleAuth, - microcmdAuthUpdateLdapSimpleAuth, + cmdAuthAddLdapBindDn, + cmdAuthUpdateLdapBindDn, + cmdAuthAddLdapSimpleAuth, + cmdAuthUpdateLdapSimpleAuth, microcmdAuthAddSMTP, microcmdAuthUpdateSMTP, microcmdAuthList, @@ -64,33 +86,243 @@ var ( }, } - subcmdSendMail = &cli.Command{ - Name: "sendmail", - Usage: "Send a message to all users", - Action: runSendMail, + microcmdAuthList = cli.Command{ + Name: "list", + Usage: "List auth sources", + Action: runListAuth, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "title", - Usage: `a title of a message`, - Value: "", + cli.IntFlag{ + Name: "min-width", + Usage: "Minimal cell width including any padding for the formatted table", + Value: 0, }, - &cli.StringFlag{ - Name: "content", - Usage: "a content of a message", - Value: "", + cli.IntFlag{ + Name: "tab-width", + Usage: "width of tab characters in formatted table (equivalent number of spaces)", + Value: 8, }, - &cli.BoolFlag{ - Name: "force", - Aliases: []string{"f"}, - Usage: "A flag to bypass a confirmation step", + cli.IntFlag{ + Name: "padding", + Usage: "padding added to a cell before computing its width", + Value: 1, + }, + cli.StringFlag{ + Name: "pad-char", + Usage: `ASCII char used for padding if padchar == '\\t', the Writer will assume that the width of a '\\t' in the formatted output is tabwidth, and cells are left-aligned independent of align_left (for correct-looking results, tabwidth must correspond to the tab width in the viewer displaying the result)`, + Value: "\t", + }, + cli.BoolFlag{ + Name: "vertical-bars", + Usage: "Set to true to print vertical bars between columns", }, }, } - idFlag = &cli.Int64Flag{ + idFlag = cli.Int64Flag{ Name: "id", Usage: "ID of authentication source", } + + microcmdAuthDelete = cli.Command{ + Name: "delete", + Usage: "Delete specific auth source", + Flags: []cli.Flag{idFlag}, + Action: runDeleteAuth, + } + + oauthCLIFlags = []cli.Flag{ + cli.StringFlag{ + Name: "name", + Value: "", + Usage: "Application Name", + }, + cli.StringFlag{ + Name: "provider", + Value: "", + Usage: "OAuth2 Provider", + }, + cli.StringFlag{ + Name: "key", + Value: "", + Usage: "Client ID (Key)", + }, + cli.StringFlag{ + Name: "secret", + Value: "", + Usage: "Client Secret", + }, + cli.StringFlag{ + Name: "auto-discover-url", + Value: "", + Usage: "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)", + }, + cli.StringFlag{ + Name: "use-custom-urls", + Value: "false", + Usage: "Use custom URLs for GitLab/GitHub OAuth endpoints", + }, + cli.StringFlag{ + Name: "custom-auth-url", + Value: "", + Usage: "Use a custom Authorization URL (option for GitLab/GitHub)", + }, + cli.StringFlag{ + Name: "custom-token-url", + Value: "", + Usage: "Use a custom Token URL (option for GitLab/GitHub)", + }, + cli.StringFlag{ + Name: "custom-profile-url", + Value: "", + Usage: "Use a custom Profile URL (option for GitLab/GitHub)", + }, + cli.StringFlag{ + Name: "custom-email-url", + Value: "", + Usage: "Use a custom Email URL (option for GitHub)", + }, + cli.StringFlag{ + Name: "icon-url", + Value: "", + Usage: "Custom icon URL for OAuth2 login source", + }, + cli.BoolFlag{ + Name: "skip-local-2fa", + Usage: "Set to true to skip local 2fa for users authenticated by this source", + }, + cli.StringSliceFlag{ + Name: "scopes", + Value: nil, + Usage: "Scopes to request when to authenticate against this OAuth2 source", + }, + cli.StringFlag{ + Name: "required-claim-name", + Value: "", + Usage: "Claim name that has to be set to allow users to login with this source", + }, + cli.StringFlag{ + Name: "required-claim-value", + Value: "", + Usage: "Claim value that has to be set to allow users to login with this source", + }, + cli.StringFlag{ + Name: "group-claim-name", + Value: "", + Usage: "Claim name providing group names for this source", + }, + cli.StringFlag{ + Name: "admin-group", + Value: "", + Usage: "Group Claim value for administrator users", + }, + cli.StringFlag{ + Name: "restricted-group", + Value: "", + Usage: "Group Claim value for restricted users", + }, + } + + microcmdAuthUpdateOauth = cli.Command{ + Name: "update-oauth", + Usage: "Update existing Oauth authentication source", + Action: runUpdateOauth, + Flags: append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...), + } + + microcmdAuthAddOauth = cli.Command{ + Name: "add-oauth", + Usage: "Add new Oauth authentication source", + Action: runAddOauth, + Flags: oauthCLIFlags, + } + + subcmdSendMail = cli.Command{ + Name: "sendmail", + Usage: "Send a message to all users", + Action: runSendMail, + Flags: []cli.Flag{ + cli.StringFlag{ + Name: "title", + Usage: `a title of a message`, + Value: "", + }, + cli.StringFlag{ + Name: "content", + Usage: "a content of a message", + Value: "", + }, + cli.BoolFlag{ + Name: "force,f", + Usage: "A flag to bypass a confirmation step", + }, + }, + } + + smtpCLIFlags = []cli.Flag{ + cli.StringFlag{ + Name: "name", + Value: "", + Usage: "Application Name", + }, + cli.StringFlag{ + Name: "auth-type", + Value: "PLAIN", + Usage: "SMTP Authentication Type (PLAIN/LOGIN/CRAM-MD5) default PLAIN", + }, + cli.StringFlag{ + Name: "host", + Value: "", + Usage: "SMTP Host", + }, + cli.IntFlag{ + Name: "port", + Usage: "SMTP Port", + }, + cli.BoolTFlag{ + Name: "force-smtps", + Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.", + }, + cli.BoolTFlag{ + Name: "skip-verify", + Usage: "Skip TLS verify.", + }, + cli.StringFlag{ + Name: "helo-hostname", + Value: "", + Usage: "Hostname sent with HELO. Leave blank to send current hostname", + }, + cli.BoolTFlag{ + Name: "disable-helo", + Usage: "Disable SMTP helo.", + }, + cli.StringFlag{ + Name: "allowed-domains", + Value: "", + Usage: "Leave empty to allow all domains. Separate multiple domains with a comma (',')", + }, + cli.BoolTFlag{ + Name: "skip-local-2fa", + Usage: "Skip 2FA to log on.", + }, + cli.BoolTFlag{ + Name: "active", + Usage: "This Authentication Source is Activated.", + }, + } + + microcmdAuthAddSMTP = cli.Command{ + Name: "add-smtp", + Usage: "Add new SMTP authentication source", + Action: runAddSMTP, + Flags: smtpCLIFlags, + } + + microcmdAuthUpdateSMTP = cli.Command{ + Name: "update-smtp", + Usage: "Update existing SMTP authentication source", + Action: runUpdateSMTP, + Flags: append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...), + } ) func runRepoSyncReleases(_ *cli.Context) error { @@ -101,13 +333,9 @@ func runRepoSyncReleases(_ *cli.Context) error { return err } - if err := git.InitSimple(ctx); err != nil { - return err - } - log.Trace("Synchronizing repository releases (this may take a while)") for page := 1; ; page++ { - repos, count, err := repo_model.SearchRepositoryByName(ctx, &repo_model.SearchRepoOptions{ + repos, count, err := repo_model.SearchRepositoryByName(&repo_model.SearchRepoOptions{ ListOptions: db.ListOptions{ PageSize: repo_model.RepositoryListDefaultPageSize, Page: page, @@ -123,25 +351,25 @@ func runRepoSyncReleases(_ *cli.Context) error { log.Trace("Processing next %d repos of %d", len(repos), count) for _, repo := range repos { log.Trace("Synchronizing repo %s with path %s", repo.FullName(), repo.RepoPath()) - gitRepo, err := gitrepo.OpenRepository(ctx, repo) + gitRepo, err := git.OpenRepository(ctx, repo.RepoPath()) if err != nil { log.Warn("OpenRepository: %v", err) continue } - oldnum, err := getReleaseCount(ctx, repo.ID) + oldnum, err := getReleaseCount(repo.ID) if err != nil { log.Warn(" GetReleaseCountByRepoID: %v", err) } log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum) - if err = repo_module.SyncReleasesWithTags(ctx, repo, gitRepo); err != nil { + if err = repo_module.SyncReleasesWithTags(repo, gitRepo); err != nil { log.Warn(" SyncReleasesWithTags: %v", err) gitRepo.Close() continue } - count, err = getReleaseCount(ctx, repo.ID) + count, err = getReleaseCount(repo.ID) if err != nil { log.Warn(" GetReleaseCountByRepoID: %v", err) gitRepo.Close() @@ -157,12 +385,337 @@ func runRepoSyncReleases(_ *cli.Context) error { return nil } -func getReleaseCount(ctx context.Context, id int64) (int64, error) { - return db.Count[repo_model.Release]( - ctx, +func getReleaseCount(id int64) (int64, error) { + return repo_model.GetReleaseCountByRepoID( + id, repo_model.FindReleasesOptions{ - RepoID: id, IncludeTags: true, }, ) } + +func runRegenerateHooks(_ *cli.Context) error { + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext()) +} + +func runRegenerateKeys(_ *cli.Context) error { + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + return asymkey_model.RewriteAllPublicKeys() +} + +func parseOAuth2Config(c *cli.Context) *oauth2.Source { + var customURLMapping *oauth2.CustomURLMapping + if c.IsSet("use-custom-urls") { + customURLMapping = &oauth2.CustomURLMapping{ + TokenURL: c.String("custom-token-url"), + AuthURL: c.String("custom-auth-url"), + ProfileURL: c.String("custom-profile-url"), + EmailURL: c.String("custom-email-url"), + } + } else { + customURLMapping = nil + } + return &oauth2.Source{ + Provider: c.String("provider"), + ClientID: c.String("key"), + ClientSecret: c.String("secret"), + OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"), + CustomURLMapping: customURLMapping, + IconURL: c.String("icon-url"), + SkipLocalTwoFA: c.Bool("skip-local-2fa"), + Scopes: c.StringSlice("scopes"), + RequiredClaimName: c.String("required-claim-name"), + RequiredClaimValue: c.String("required-claim-value"), + GroupClaimName: c.String("group-claim-name"), + AdminGroup: c.String("admin-group"), + RestrictedGroup: c.String("restricted-group"), + } +} + +func runAddOauth(c *cli.Context) error { + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + return auth_model.CreateSource(&auth_model.Source{ + Type: auth_model.OAuth2, + Name: c.String("name"), + IsActive: true, + Cfg: parseOAuth2Config(c), + }) +} + +func runUpdateOauth(c *cli.Context) error { + if !c.IsSet("id") { + return fmt.Errorf("--id flag is missing") + } + + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + source, err := auth_model.GetSourceByID(c.Int64("id")) + if err != nil { + return err + } + + oAuth2Config := source.Cfg.(*oauth2.Source) + + if c.IsSet("name") { + source.Name = c.String("name") + } + + if c.IsSet("provider") { + oAuth2Config.Provider = c.String("provider") + } + + if c.IsSet("key") { + oAuth2Config.ClientID = c.String("key") + } + + if c.IsSet("secret") { + oAuth2Config.ClientSecret = c.String("secret") + } + + if c.IsSet("auto-discover-url") { + oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url") + } + + if c.IsSet("icon-url") { + oAuth2Config.IconURL = c.String("icon-url") + } + + if c.IsSet("scopes") { + oAuth2Config.Scopes = c.StringSlice("scopes") + } + + if c.IsSet("required-claim-name") { + oAuth2Config.RequiredClaimName = c.String("required-claim-name") + } + if c.IsSet("required-claim-value") { + oAuth2Config.RequiredClaimValue = c.String("required-claim-value") + } + + if c.IsSet("group-claim-name") { + oAuth2Config.GroupClaimName = c.String("group-claim-name") + } + if c.IsSet("admin-group") { + oAuth2Config.AdminGroup = c.String("admin-group") + } + if c.IsSet("restricted-group") { + oAuth2Config.RestrictedGroup = c.String("restricted-group") + } + + // update custom URL mapping + customURLMapping := &oauth2.CustomURLMapping{} + + if oAuth2Config.CustomURLMapping != nil { + customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL + customURLMapping.AuthURL = oAuth2Config.CustomURLMapping.AuthURL + customURLMapping.ProfileURL = oAuth2Config.CustomURLMapping.ProfileURL + customURLMapping.EmailURL = oAuth2Config.CustomURLMapping.EmailURL + } + if c.IsSet("use-custom-urls") && c.IsSet("custom-token-url") { + customURLMapping.TokenURL = c.String("custom-token-url") + } + + if c.IsSet("use-custom-urls") && c.IsSet("custom-auth-url") { + customURLMapping.AuthURL = c.String("custom-auth-url") + } + + if c.IsSet("use-custom-urls") && c.IsSet("custom-profile-url") { + customURLMapping.ProfileURL = c.String("custom-profile-url") + } + + if c.IsSet("use-custom-urls") && c.IsSet("custom-email-url") { + customURLMapping.EmailURL = c.String("custom-email-url") + } + + oAuth2Config.CustomURLMapping = customURLMapping + source.Cfg = oAuth2Config + + return auth_model.UpdateSource(source) +} + +func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error { + if c.IsSet("auth-type") { + conf.Auth = c.String("auth-type") + validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"} + if !contains(validAuthTypes, strings.ToUpper(c.String("auth-type"))) { + return errors.New("Auth must be one of PLAIN/LOGIN/CRAM-MD5") + } + conf.Auth = c.String("auth-type") + } + if c.IsSet("host") { + conf.Host = c.String("host") + } + if c.IsSet("port") { + conf.Port = c.Int("port") + } + if c.IsSet("allowed-domains") { + conf.AllowedDomains = c.String("allowed-domains") + } + if c.IsSet("force-smtps") { + conf.ForceSMTPS = c.BoolT("force-smtps") + } + if c.IsSet("skip-verify") { + conf.SkipVerify = c.BoolT("skip-verify") + } + if c.IsSet("helo-hostname") { + conf.HeloHostname = c.String("helo-hostname") + } + if c.IsSet("disable-helo") { + conf.DisableHelo = c.BoolT("disable-helo") + } + if c.IsSet("skip-local-2fa") { + conf.SkipLocalTwoFA = c.BoolT("skip-local-2fa") + } + return nil +} + +func runAddSMTP(c *cli.Context) error { + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + if !c.IsSet("name") || len(c.String("name")) == 0 { + return errors.New("name must be set") + } + if !c.IsSet("host") || len(c.String("host")) == 0 { + return errors.New("host must be set") + } + if !c.IsSet("port") { + return errors.New("port must be set") + } + active := true + if c.IsSet("active") { + active = c.BoolT("active") + } + + var smtpConfig smtp.Source + if err := parseSMTPConfig(c, &smtpConfig); err != nil { + return err + } + + // If not set default to PLAIN + if len(smtpConfig.Auth) == 0 { + smtpConfig.Auth = "PLAIN" + } + + return auth_model.CreateSource(&auth_model.Source{ + Type: auth_model.SMTP, + Name: c.String("name"), + IsActive: active, + Cfg: &smtpConfig, + }) +} + +func runUpdateSMTP(c *cli.Context) error { + if !c.IsSet("id") { + return fmt.Errorf("--id flag is missing") + } + + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + source, err := auth_model.GetSourceByID(c.Int64("id")) + if err != nil { + return err + } + + smtpConfig := source.Cfg.(*smtp.Source) + + if err := parseSMTPConfig(c, smtpConfig); err != nil { + return err + } + + if c.IsSet("name") { + source.Name = c.String("name") + } + + if c.IsSet("active") { + source.IsActive = c.BoolT("active") + } + + source.Cfg = smtpConfig + + return auth_model.UpdateSource(source) +} + +func runListAuth(c *cli.Context) error { + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + authSources, err := auth_model.Sources() + if err != nil { + return err + } + + flags := tabwriter.AlignRight + if c.Bool("vertical-bars") { + flags |= tabwriter.Debug + } + + padChar := byte('\t') + if len(c.String("pad-char")) > 0 { + padChar = c.String("pad-char")[0] + } + + // loop through each source and print + w := tabwriter.NewWriter(os.Stdout, c.Int("min-width"), c.Int("tab-width"), c.Int("padding"), padChar, flags) + fmt.Fprintf(w, "ID\tName\tType\tEnabled\n") + for _, source := range authSources { + fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", source.ID, source.Name, source.Type.String(), source.IsActive) + } + w.Flush() + + return nil +} + +func runDeleteAuth(c *cli.Context) error { + if !c.IsSet("id") { + return fmt.Errorf("--id flag is missing") + } + + ctx, cancel := installSignals() + defer cancel() + + if err := initDB(ctx); err != nil { + return err + } + + source, err := auth_model.GetSourceByID(c.Int64("id")) + if err != nil { + return err + } + + return auth_service.DeleteSource(source) +} diff --git a/cmd/admin_auth.go b/cmd/admin_auth.go deleted file mode 100644 index 4777a92908..0000000000 --- a/cmd/admin_auth.go +++ /dev/null @@ -1,111 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "errors" - "fmt" - "os" - "text/tabwriter" - - auth_model "code.gitea.io/gitea/models/auth" - "code.gitea.io/gitea/models/db" - auth_service "code.gitea.io/gitea/services/auth" - - "github.com/urfave/cli/v2" -) - -var ( - microcmdAuthDelete = &cli.Command{ - Name: "delete", - Usage: "Delete specific auth source", - Flags: []cli.Flag{idFlag}, - Action: runDeleteAuth, - } - microcmdAuthList = &cli.Command{ - Name: "list", - Usage: "List auth sources", - Action: runListAuth, - Flags: []cli.Flag{ - &cli.IntFlag{ - Name: "min-width", - Usage: "Minimal cell width including any padding for the formatted table", - Value: 0, - }, - &cli.IntFlag{ - Name: "tab-width", - Usage: "width of tab characters in formatted table (equivalent number of spaces)", - Value: 8, - }, - &cli.IntFlag{ - Name: "padding", - Usage: "padding added to a cell before computing its width", - Value: 1, - }, - &cli.StringFlag{ - Name: "pad-char", - Usage: `ASCII char used for padding if padchar == '\\t', the Writer will assume that the width of a '\\t' in the formatted output is tabwidth, and cells are left-aligned independent of align_left (for correct-looking results, tabwidth must correspond to the tab width in the viewer displaying the result)`, - Value: "\t", - }, - &cli.BoolFlag{ - Name: "vertical-bars", - Usage: "Set to true to print vertical bars between columns", - }, - }, - } -) - -func runListAuth(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - authSources, err := db.Find[auth_model.Source](ctx, auth_model.FindSourcesOptions{}) - if err != nil { - return err - } - - flags := tabwriter.AlignRight - if c.Bool("vertical-bars") { - flags |= tabwriter.Debug - } - - padChar := byte('\t') - if len(c.String("pad-char")) > 0 { - padChar = c.String("pad-char")[0] - } - - // loop through each source and print - w := tabwriter.NewWriter(os.Stdout, c.Int("min-width"), c.Int("tab-width"), c.Int("padding"), padChar, flags) - fmt.Fprintf(w, "ID\tName\tType\tEnabled\n") - for _, source := range authSources { - fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", source.ID, source.Name, source.Type.String(), source.IsActive) - } - w.Flush() - - return nil -} - -func runDeleteAuth(c *cli.Context) error { - if !c.IsSet("id") { - return errors.New("--id flag is missing") - } - - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - source, err := auth_model.GetSourceByID(ctx, c.Int64("id")) - if err != nil { - return err - } - - return auth_service.DeleteSource(ctx, source) -} diff --git a/cmd/admin_auth_ldap.go b/cmd/admin_auth_ldap.go index aff2a12855..9040def822 100644 --- a/cmd/admin_auth_ldap.go +++ b/cmd/admin_auth_ldap.go @@ -1,5 +1,6 @@ // Copyright 2019 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -11,131 +12,131 @@ import ( "code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/services/auth/source/ldap" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) type ( authService struct { initDB func(ctx context.Context) error - createAuthSource func(context.Context, *auth.Source) error - updateAuthSource func(context.Context, *auth.Source) error - getAuthSourceByID func(ctx context.Context, id int64) (*auth.Source, error) + createAuthSource func(*auth.Source) error + updateAuthSource func(*auth.Source) error + getAuthSourceByID func(id int64) (*auth.Source, error) } ) var ( commonLdapCLIFlags = []cli.Flag{ - &cli.StringFlag{ + cli.StringFlag{ Name: "name", Usage: "Authentication name.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "not-active", Usage: "Deactivate the authentication source.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "active", Usage: "Activate the authentication source.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "security-protocol", Usage: "Security protocol name.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-tls-verify", Usage: "Disable TLS verification.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "host", Usage: "The address where the LDAP server can be reached.", }, - &cli.IntFlag{ + cli.IntFlag{ Name: "port", Usage: "The port to use when connecting to the LDAP server.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "user-search-base", Usage: "The LDAP base at which user accounts will be searched for.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "user-filter", Usage: "An LDAP filter declaring how to find the user record that is attempting to authenticate.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "admin-filter", Usage: "An LDAP filter specifying if a user should be given administrator privileges.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "restricted-filter", Usage: "An LDAP filter specifying if a user should be given restricted status.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "allow-deactivate-all", Usage: "Allow empty search results to deactivate all users.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "username-attribute", Usage: "The attribute of the user’s LDAP record containing the user name.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "firstname-attribute", Usage: "The attribute of the user’s LDAP record containing the user’s first name.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "surname-attribute", Usage: "The attribute of the user’s LDAP record containing the user’s surname.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "email-attribute", Usage: "The attribute of the user’s LDAP record containing the user’s email address.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "public-ssh-key-attribute", Usage: "The attribute of the user’s LDAP record containing the user’s public ssh key.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-local-2fa", Usage: "Set to true to skip local 2fa for users authenticated by this source", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "avatar-attribute", Usage: "The attribute of the user’s LDAP record containing the user’s avatar.", }, } ldapBindDnCLIFlags = append(commonLdapCLIFlags, - &cli.StringFlag{ + cli.StringFlag{ Name: "bind-dn", Usage: "The DN to bind to the LDAP server with when searching for the user.", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "bind-password", Usage: "The password for the Bind DN, if any.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "attributes-in-bind", Usage: "Fetch attributes in bind DN context.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "synchronize-users", Usage: "Enable user synchronization.", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "disable-synchronize-users", Usage: "Disable user synchronization.", }, - &cli.UintFlag{ + cli.UintFlag{ Name: "page-size", Usage: "Search page size.", }) ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags, - &cli.StringFlag{ + cli.StringFlag{ Name: "user-dn", - Usage: "The user's DN.", + Usage: "The user’s DN.", }) - microcmdAuthAddLdapBindDn = &cli.Command{ + cmdAuthAddLdapBindDn = cli.Command{ Name: "add-ldap", Usage: "Add new LDAP (via Bind DN) authentication source", Action: func(c *cli.Context) error { @@ -144,7 +145,7 @@ var ( Flags: ldapBindDnCLIFlags, } - microcmdAuthUpdateLdapBindDn = &cli.Command{ + cmdAuthUpdateLdapBindDn = cli.Command{ Name: "update-ldap", Usage: "Update existing LDAP (via Bind DN) authentication source", Action: func(c *cli.Context) error { @@ -153,7 +154,7 @@ var ( Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...), } - microcmdAuthAddLdapSimpleAuth = &cli.Command{ + cmdAuthAddLdapSimpleAuth = cli.Command{ Name: "add-ldap-simple", Usage: "Add new LDAP (simple auth) authentication source", Action: func(c *cli.Context) error { @@ -162,7 +163,7 @@ var ( Flags: ldapSimpleAuthCLIFlags, } - microcmdAuthUpdateLdapSimpleAuth = &cli.Command{ + cmdAuthUpdateLdapSimpleAuth = cli.Command{ Name: "update-ldap-simple", Usage: "Update existing LDAP (simple auth) authentication source", Action: func(c *cli.Context) error { @@ -289,12 +290,12 @@ func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) { // getAuthSource gets the login source by its id defined in the command line flags. // It returns an error if the id is not set, does not match any source or if the source is not of expected type. -func (a *authService) getAuthSource(ctx context.Context, c *cli.Context, authType auth.Type) (*auth.Source, error) { +func (a *authService) getAuthSource(c *cli.Context, authType auth.Type) (*auth.Source, error) { if err := argsSet(c, "id"); err != nil { return nil, err } - authSource, err := a.getAuthSourceByID(ctx, c.Int64("id")) + authSource, err := a.getAuthSourceByID(c.Int64("id")) if err != nil { return nil, err } @@ -332,7 +333,7 @@ func (a *authService) addLdapBindDn(c *cli.Context) error { return err } - return a.createAuthSource(ctx, authSource) + return a.createAuthSource(authSource) } // updateLdapBindDn updates a new LDAP via Bind DN authentication source. @@ -344,7 +345,7 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error { return err } - authSource, err := a.getAuthSource(ctx, c, auth.LDAP) + authSource, err := a.getAuthSource(c, auth.LDAP) if err != nil { return err } @@ -354,7 +355,7 @@ func (a *authService) updateLdapBindDn(c *cli.Context) error { return err } - return a.updateAuthSource(ctx, authSource) + return a.updateAuthSource(authSource) } // addLdapSimpleAuth adds a new LDAP (simple auth) authentication source. @@ -383,10 +384,10 @@ func (a *authService) addLdapSimpleAuth(c *cli.Context) error { return err } - return a.createAuthSource(ctx, authSource) + return a.createAuthSource(authSource) } -// updateLdapSimpleAuth updates a new LDAP (simple auth) authentication source. +// updateLdapBindDn updates a new LDAP (simple auth) authentication source. func (a *authService) updateLdapSimpleAuth(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() @@ -395,7 +396,7 @@ func (a *authService) updateLdapSimpleAuth(c *cli.Context) error { return err } - authSource, err := a.getAuthSource(ctx, c, auth.DLDAP) + authSource, err := a.getAuthSource(c, auth.DLDAP) if err != nil { return err } @@ -405,5 +406,5 @@ func (a *authService) updateLdapSimpleAuth(c *cli.Context) error { return err } - return a.updateAuthSource(ctx, authSource) + return a.updateAuthSource(authSource) } diff --git a/cmd/admin_auth_ldap_test.go b/cmd/admin_auth_ldap_test.go index d5385d09e8..2180b24be5 100644 --- a/cmd/admin_auth_ldap_test.go +++ b/cmd/admin_auth_ldap_test.go @@ -1,5 +1,6 @@ // Copyright 2019 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -11,8 +12,7 @@ import ( "code.gitea.io/gitea/services/auth/source/ldap" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) func TestAddLdapBindDn(t *testing.T) { @@ -211,15 +211,15 @@ func TestAddLdapBindDn(t *testing.T) { initDB: func(context.Context) error { return nil }, - createAuthSource: func(ctx context.Context, authSource *auth.Source) error { + createAuthSource: func(authSource *auth.Source) error { createdAuthSource = authSource return nil }, - updateAuthSource: func(ctx context.Context, authSource *auth.Source) error { + updateAuthSource: func(authSource *auth.Source) error { assert.FailNow(t, "case %d: should not call updateAuthSource", n) return nil }, - getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) { + getAuthSourceByID: func(id int64) (*auth.Source, error) { assert.FailNow(t, "case %d: should not call getAuthSourceByID", n) return nil, nil }, @@ -227,7 +227,7 @@ func TestAddLdapBindDn(t *testing.T) { // Create a copy of command to test app := cli.NewApp() - app.Flags = microcmdAuthAddLdapBindDn.Flags + app.Flags = cmdAuthAddLdapBindDn.Flags app.Action = service.addLdapBindDn // Run it @@ -235,7 +235,7 @@ func TestAddLdapBindDn(t *testing.T) { if c.errMsg != "" { assert.EqualError(t, err, c.errMsg, "case %d: error should match", n) } else { - require.NoError(t, err, "case %d: should have no errors", n) + assert.NoError(t, err, "case %d: should have no errors", n) assert.Equal(t, c.source, createdAuthSource, "case %d: wrong authSource", n) } } @@ -442,15 +442,15 @@ func TestAddLdapSimpleAuth(t *testing.T) { initDB: func(context.Context) error { return nil }, - createAuthSource: func(ctx context.Context, authSource *auth.Source) error { + createAuthSource: func(authSource *auth.Source) error { createdAuthSource = authSource return nil }, - updateAuthSource: func(ctx context.Context, authSource *auth.Source) error { + updateAuthSource: func(authSource *auth.Source) error { assert.FailNow(t, "case %d: should not call updateAuthSource", n) return nil }, - getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) { + getAuthSourceByID: func(id int64) (*auth.Source, error) { assert.FailNow(t, "case %d: should not call getAuthSourceByID", n) return nil, nil }, @@ -458,7 +458,7 @@ func TestAddLdapSimpleAuth(t *testing.T) { // Create a copy of command to test app := cli.NewApp() - app.Flags = microcmdAuthAddLdapSimpleAuth.Flags + app.Flags = cmdAuthAddLdapSimpleAuth.Flags app.Action = service.addLdapSimpleAuth // Run it @@ -466,7 +466,7 @@ func TestAddLdapSimpleAuth(t *testing.T) { if c.errMsg != "" { assert.EqualError(t, err, c.errMsg, "case %d: error should match", n) } else { - require.NoError(t, err, "case %d: should have no errors", n) + assert.NoError(t, err, "case %d: should have no errors", n) assert.Equal(t, c.authSource, createdAuthSource, "case %d: wrong authSource", n) } } @@ -897,15 +897,15 @@ func TestUpdateLdapBindDn(t *testing.T) { initDB: func(context.Context) error { return nil }, - createAuthSource: func(ctx context.Context, authSource *auth.Source) error { + createAuthSource: func(authSource *auth.Source) error { assert.FailNow(t, "case %d: should not call createAuthSource", n) return nil }, - updateAuthSource: func(ctx context.Context, authSource *auth.Source) error { + updateAuthSource: func(authSource *auth.Source) error { updatedAuthSource = authSource return nil }, - getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) { + getAuthSourceByID: func(id int64) (*auth.Source, error) { if c.id != 0 { assert.Equal(t, c.id, id, "case %d: wrong id", n) } @@ -921,7 +921,7 @@ func TestUpdateLdapBindDn(t *testing.T) { // Create a copy of command to test app := cli.NewApp() - app.Flags = microcmdAuthUpdateLdapBindDn.Flags + app.Flags = cmdAuthUpdateLdapBindDn.Flags app.Action = service.updateLdapBindDn // Run it @@ -929,7 +929,7 @@ func TestUpdateLdapBindDn(t *testing.T) { if c.errMsg != "" { assert.EqualError(t, err, c.errMsg, "case %d: error should match", n) } else { - require.NoError(t, err, "case %d: should have no errors", n) + assert.NoError(t, err, "case %d: should have no errors", n) assert.Equal(t, c.authSource, updatedAuthSource, "case %d: wrong authSource", n) } } @@ -1287,15 +1287,15 @@ func TestUpdateLdapSimpleAuth(t *testing.T) { initDB: func(context.Context) error { return nil }, - createAuthSource: func(ctx context.Context, authSource *auth.Source) error { + createAuthSource: func(authSource *auth.Source) error { assert.FailNow(t, "case %d: should not call createAuthSource", n) return nil }, - updateAuthSource: func(ctx context.Context, authSource *auth.Source) error { + updateAuthSource: func(authSource *auth.Source) error { updatedAuthSource = authSource return nil }, - getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) { + getAuthSourceByID: func(id int64) (*auth.Source, error) { if c.id != 0 { assert.Equal(t, c.id, id, "case %d: wrong id", n) } @@ -1311,7 +1311,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) { // Create a copy of command to test app := cli.NewApp() - app.Flags = microcmdAuthUpdateLdapSimpleAuth.Flags + app.Flags = cmdAuthUpdateLdapSimpleAuth.Flags app.Action = service.updateLdapSimpleAuth // Run it @@ -1319,7 +1319,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) { if c.errMsg != "" { assert.EqualError(t, err, c.errMsg, "case %d: error should match", n) } else { - require.NoError(t, err, "case %d: should have no errors", n) + assert.NoError(t, err, "case %d: should have no errors", n) assert.Equal(t, c.authSource, updatedAuthSource, "case %d: wrong authSource", n) } } diff --git a/cmd/admin_auth_oauth.go b/cmd/admin_auth_oauth.go deleted file mode 100644 index 8e6239ac33..0000000000 --- a/cmd/admin_auth_oauth.go +++ /dev/null @@ -1,299 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "errors" - "fmt" - "net/url" - - auth_model "code.gitea.io/gitea/models/auth" - "code.gitea.io/gitea/services/auth/source/oauth2" - - "github.com/urfave/cli/v2" -) - -var ( - oauthCLIFlags = []cli.Flag{ - &cli.StringFlag{ - Name: "name", - Value: "", - Usage: "Application Name", - }, - &cli.StringFlag{ - Name: "provider", - Value: "", - Usage: "OAuth2 Provider", - }, - &cli.StringFlag{ - Name: "key", - Value: "", - Usage: "Client ID (Key)", - }, - &cli.StringFlag{ - Name: "secret", - Value: "", - Usage: "Client Secret", - }, - &cli.StringFlag{ - Name: "auto-discover-url", - Value: "", - Usage: "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)", - }, - &cli.StringFlag{ - Name: "use-custom-urls", - Value: "false", - Usage: "Use custom URLs for GitLab/GitHub OAuth endpoints", - }, - &cli.StringFlag{ - Name: "custom-tenant-id", - Value: "", - Usage: "Use custom Tenant ID for OAuth endpoints", - }, - &cli.StringFlag{ - Name: "custom-auth-url", - Value: "", - Usage: "Use a custom Authorization URL (option for GitLab/GitHub)", - }, - &cli.StringFlag{ - Name: "custom-token-url", - Value: "", - Usage: "Use a custom Token URL (option for GitLab/GitHub)", - }, - &cli.StringFlag{ - Name: "custom-profile-url", - Value: "", - Usage: "Use a custom Profile URL (option for GitLab/GitHub)", - }, - &cli.StringFlag{ - Name: "custom-email-url", - Value: "", - Usage: "Use a custom Email URL (option for GitHub)", - }, - &cli.StringFlag{ - Name: "icon-url", - Value: "", - Usage: "Custom icon URL for OAuth2 login source", - }, - &cli.BoolFlag{ - Name: "skip-local-2fa", - Usage: "Set to true to skip local 2fa for users authenticated by this source", - }, - &cli.StringSliceFlag{ - Name: "scopes", - Value: nil, - Usage: "Scopes to request when to authenticate against this OAuth2 source", - }, - &cli.StringFlag{ - Name: "required-claim-name", - Value: "", - Usage: "Claim name that has to be set to allow users to login with this source", - }, - &cli.StringFlag{ - Name: "required-claim-value", - Value: "", - Usage: "Claim value that has to be set to allow users to login with this source", - }, - &cli.StringFlag{ - Name: "group-claim-name", - Value: "", - Usage: "Claim name providing group names for this source", - }, - &cli.StringFlag{ - Name: "admin-group", - Value: "", - Usage: "Group Claim value for administrator users", - }, - &cli.StringFlag{ - Name: "restricted-group", - Value: "", - Usage: "Group Claim value for restricted users", - }, - &cli.StringFlag{ - Name: "group-team-map", - Value: "", - Usage: "JSON mapping between groups and org teams", - }, - &cli.BoolFlag{ - Name: "group-team-map-removal", - Usage: "Activate automatic team membership removal depending on groups", - }, - } - - microcmdAuthAddOauth = &cli.Command{ - Name: "add-oauth", - Usage: "Add new Oauth authentication source", - Action: runAddOauth, - Flags: oauthCLIFlags, - } - - microcmdAuthUpdateOauth = &cli.Command{ - Name: "update-oauth", - Usage: "Update existing Oauth authentication source", - Action: runUpdateOauth, - Flags: append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...), - } -) - -func parseOAuth2Config(c *cli.Context) *oauth2.Source { - var customURLMapping *oauth2.CustomURLMapping - if c.IsSet("use-custom-urls") { - customURLMapping = &oauth2.CustomURLMapping{ - TokenURL: c.String("custom-token-url"), - AuthURL: c.String("custom-auth-url"), - ProfileURL: c.String("custom-profile-url"), - EmailURL: c.String("custom-email-url"), - Tenant: c.String("custom-tenant-id"), - } - } else { - customURLMapping = nil - } - return &oauth2.Source{ - Provider: c.String("provider"), - ClientID: c.String("key"), - ClientSecret: c.String("secret"), - OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"), - CustomURLMapping: customURLMapping, - IconURL: c.String("icon-url"), - SkipLocalTwoFA: c.Bool("skip-local-2fa"), - Scopes: c.StringSlice("scopes"), - RequiredClaimName: c.String("required-claim-name"), - RequiredClaimValue: c.String("required-claim-value"), - GroupClaimName: c.String("group-claim-name"), - AdminGroup: c.String("admin-group"), - RestrictedGroup: c.String("restricted-group"), - GroupTeamMap: c.String("group-team-map"), - GroupTeamMapRemoval: c.Bool("group-team-map-removal"), - } -} - -func runAddOauth(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - config := parseOAuth2Config(c) - if config.Provider == "openidConnect" { - discoveryURL, err := url.Parse(config.OpenIDConnectAutoDiscoveryURL) - if err != nil || (discoveryURL.Scheme != "http" && discoveryURL.Scheme != "https") { - return fmt.Errorf("invalid Auto Discovery URL: %s (this must be a valid URL starting with http:// or https://)", config.OpenIDConnectAutoDiscoveryURL) - } - } - - return auth_model.CreateSource(ctx, &auth_model.Source{ - Type: auth_model.OAuth2, - Name: c.String("name"), - IsActive: true, - Cfg: config, - }) -} - -func runUpdateOauth(c *cli.Context) error { - if !c.IsSet("id") { - return errors.New("--id flag is missing") - } - - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - source, err := auth_model.GetSourceByID(ctx, c.Int64("id")) - if err != nil { - return err - } - - oAuth2Config := source.Cfg.(*oauth2.Source) - - if c.IsSet("name") { - source.Name = c.String("name") - } - - if c.IsSet("provider") { - oAuth2Config.Provider = c.String("provider") - } - - if c.IsSet("key") { - oAuth2Config.ClientID = c.String("key") - } - - if c.IsSet("secret") { - oAuth2Config.ClientSecret = c.String("secret") - } - - if c.IsSet("auto-discover-url") { - oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url") - } - - if c.IsSet("icon-url") { - oAuth2Config.IconURL = c.String("icon-url") - } - - if c.IsSet("scopes") { - oAuth2Config.Scopes = c.StringSlice("scopes") - } - - if c.IsSet("required-claim-name") { - oAuth2Config.RequiredClaimName = c.String("required-claim-name") - } - if c.IsSet("required-claim-value") { - oAuth2Config.RequiredClaimValue = c.String("required-claim-value") - } - - if c.IsSet("group-claim-name") { - oAuth2Config.GroupClaimName = c.String("group-claim-name") - } - if c.IsSet("admin-group") { - oAuth2Config.AdminGroup = c.String("admin-group") - } - if c.IsSet("restricted-group") { - oAuth2Config.RestrictedGroup = c.String("restricted-group") - } - if c.IsSet("group-team-map") { - oAuth2Config.GroupTeamMap = c.String("group-team-map") - } - if c.IsSet("group-team-map-removal") { - oAuth2Config.GroupTeamMapRemoval = c.Bool("group-team-map-removal") - } - - // update custom URL mapping - customURLMapping := &oauth2.CustomURLMapping{} - - if oAuth2Config.CustomURLMapping != nil { - customURLMapping.TokenURL = oAuth2Config.CustomURLMapping.TokenURL - customURLMapping.AuthURL = oAuth2Config.CustomURLMapping.AuthURL - customURLMapping.ProfileURL = oAuth2Config.CustomURLMapping.ProfileURL - customURLMapping.EmailURL = oAuth2Config.CustomURLMapping.EmailURL - customURLMapping.Tenant = oAuth2Config.CustomURLMapping.Tenant - } - if c.IsSet("use-custom-urls") && c.IsSet("custom-token-url") { - customURLMapping.TokenURL = c.String("custom-token-url") - } - - if c.IsSet("use-custom-urls") && c.IsSet("custom-auth-url") { - customURLMapping.AuthURL = c.String("custom-auth-url") - } - - if c.IsSet("use-custom-urls") && c.IsSet("custom-profile-url") { - customURLMapping.ProfileURL = c.String("custom-profile-url") - } - - if c.IsSet("use-custom-urls") && c.IsSet("custom-email-url") { - customURLMapping.EmailURL = c.String("custom-email-url") - } - - if c.IsSet("use-custom-urls") && c.IsSet("custom-tenant-id") { - customURLMapping.Tenant = c.String("custom-tenant-id") - } - - oAuth2Config.CustomURLMapping = customURLMapping - source.Cfg = oAuth2Config - - return auth_model.UpdateSource(ctx, source) -} diff --git a/cmd/admin_auth_stmp.go b/cmd/admin_auth_stmp.go deleted file mode 100644 index d724746905..0000000000 --- a/cmd/admin_auth_stmp.go +++ /dev/null @@ -1,200 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "errors" - "strings" - - auth_model "code.gitea.io/gitea/models/auth" - "code.gitea.io/gitea/modules/util" - "code.gitea.io/gitea/services/auth/source/smtp" - - "github.com/urfave/cli/v2" -) - -var ( - smtpCLIFlags = []cli.Flag{ - &cli.StringFlag{ - Name: "name", - Value: "", - Usage: "Application Name", - }, - &cli.StringFlag{ - Name: "auth-type", - Value: "PLAIN", - Usage: "SMTP Authentication Type (PLAIN/LOGIN/CRAM-MD5) default PLAIN", - }, - &cli.StringFlag{ - Name: "host", - Value: "", - Usage: "SMTP Host", - }, - &cli.IntFlag{ - Name: "port", - Usage: "SMTP Port", - }, - &cli.BoolFlag{ - Name: "force-smtps", - Usage: "SMTPS is always used on port 465. Set this to force SMTPS on other ports.", - Value: true, - }, - &cli.BoolFlag{ - Name: "skip-verify", - Usage: "Skip TLS verify.", - Value: true, - }, - &cli.StringFlag{ - Name: "helo-hostname", - Value: "", - Usage: "Hostname sent with HELO. Leave blank to send current hostname", - }, - &cli.BoolFlag{ - Name: "disable-helo", - Usage: "Disable SMTP helo.", - Value: true, - }, - &cli.StringFlag{ - Name: "allowed-domains", - Value: "", - Usage: "Leave empty to allow all domains. Separate multiple domains with a comma (',')", - }, - &cli.BoolFlag{ - Name: "skip-local-2fa", - Usage: "Skip 2FA to log on.", - Value: true, - }, - &cli.BoolFlag{ - Name: "active", - Usage: "This Authentication Source is Activated.", - Value: true, - }, - } - - microcmdAuthAddSMTP = &cli.Command{ - Name: "add-smtp", - Usage: "Add new SMTP authentication source", - Action: runAddSMTP, - Flags: smtpCLIFlags, - } - - microcmdAuthUpdateSMTP = &cli.Command{ - Name: "update-smtp", - Usage: "Update existing SMTP authentication source", - Action: runUpdateSMTP, - Flags: append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...), - } -) - -func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error { - if c.IsSet("auth-type") { - conf.Auth = c.String("auth-type") - validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"} - if !util.SliceContainsString(validAuthTypes, strings.ToUpper(c.String("auth-type"))) { - return errors.New("Auth must be one of PLAIN/LOGIN/CRAM-MD5") - } - conf.Auth = c.String("auth-type") - } - if c.IsSet("host") { - conf.Host = c.String("host") - } - if c.IsSet("port") { - conf.Port = c.Int("port") - } - if c.IsSet("allowed-domains") { - conf.AllowedDomains = c.String("allowed-domains") - } - if c.IsSet("force-smtps") { - conf.ForceSMTPS = c.Bool("force-smtps") - } - if c.IsSet("skip-verify") { - conf.SkipVerify = c.Bool("skip-verify") - } - if c.IsSet("helo-hostname") { - conf.HeloHostname = c.String("helo-hostname") - } - if c.IsSet("disable-helo") { - conf.DisableHelo = c.Bool("disable-helo") - } - if c.IsSet("skip-local-2fa") { - conf.SkipLocalTwoFA = c.Bool("skip-local-2fa") - } - return nil -} - -func runAddSMTP(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - if !c.IsSet("name") || len(c.String("name")) == 0 { - return errors.New("name must be set") - } - if !c.IsSet("host") || len(c.String("host")) == 0 { - return errors.New("host must be set") - } - if !c.IsSet("port") { - return errors.New("port must be set") - } - active := true - if c.IsSet("active") { - active = c.Bool("active") - } - - var smtpConfig smtp.Source - if err := parseSMTPConfig(c, &smtpConfig); err != nil { - return err - } - - // If not set default to PLAIN - if len(smtpConfig.Auth) == 0 { - smtpConfig.Auth = "PLAIN" - } - - return auth_model.CreateSource(ctx, &auth_model.Source{ - Type: auth_model.SMTP, - Name: c.String("name"), - IsActive: active, - Cfg: &smtpConfig, - }) -} - -func runUpdateSMTP(c *cli.Context) error { - if !c.IsSet("id") { - return errors.New("--id flag is missing") - } - - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - source, err := auth_model.GetSourceByID(ctx, c.Int64("id")) - if err != nil { - return err - } - - smtpConfig := source.Cfg.(*smtp.Source) - - if err := parseSMTPConfig(c, smtpConfig); err != nil { - return err - } - - if c.IsSet("name") { - source.Name = c.String("name") - } - - if c.IsSet("active") { - source.IsActive = c.Bool("active") - } - - source.Cfg = smtpConfig - - return auth_model.UpdateSource(ctx, source) -} diff --git a/cmd/admin_regenerate.go b/cmd/admin_regenerate.go deleted file mode 100644 index 0db505ff9c..0000000000 --- a/cmd/admin_regenerate.go +++ /dev/null @@ -1,46 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - asymkey_model "code.gitea.io/gitea/models/asymkey" - "code.gitea.io/gitea/modules/graceful" - repo_service "code.gitea.io/gitea/services/repository" - - "github.com/urfave/cli/v2" -) - -var ( - microcmdRegenHooks = &cli.Command{ - Name: "hooks", - Usage: "Regenerate git-hooks", - Action: runRegenerateHooks, - } - - microcmdRegenKeys = &cli.Command{ - Name: "keys", - Usage: "Regenerate authorized_keys file", - Action: runRegenerateKeys, - } -) - -func runRegenerateHooks(_ *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext()) -} - -func runRegenerateKeys(_ *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - return asymkey_model.RewriteAllPublicKeys(ctx) -} diff --git a/cmd/admin_user.go b/cmd/admin_user.go index 967a6ed88a..a442b8fe9c 100644 --- a/cmd/admin_user.go +++ b/cmd/admin_user.go @@ -4,13 +4,13 @@ package cmd import ( - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var subcmdUser = &cli.Command{ +var subcmdUser = cli.Command{ Name: "user", Usage: "Modify users", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ microcmdUserCreate, microcmdUserList, microcmdUserChangePassword, diff --git a/cmd/admin_user_change_password.go b/cmd/admin_user_change_password.go index bd9063a8e4..7866bde912 100644 --- a/cmd/admin_user_change_password.go +++ b/cmd/admin_user_change_password.go @@ -4,39 +4,31 @@ package cmd import ( + "context" "errors" "fmt" user_model "code.gitea.io/gitea/models/user" - "code.gitea.io/gitea/modules/auth/password" - "code.gitea.io/gitea/modules/optional" + pwd "code.gitea.io/gitea/modules/auth/password" "code.gitea.io/gitea/modules/setting" - user_service "code.gitea.io/gitea/services/user" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserChangePassword = &cli.Command{ +var microcmdUserChangePassword = cli.Command{ Name: "change-password", Usage: "Change a user's password", Action: runChangePassword, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "username", - Aliases: []string{"u"}, - Value: "", - Usage: "The user to change password for", + cli.StringFlag{ + Name: "username,u", + Value: "", + Usage: "The user to change password for", }, - &cli.StringFlag{ - Name: "password", - Aliases: []string{"p"}, - Value: "", - Usage: "New password to set for user", - }, - &cli.BoolFlag{ - Name: "must-change-password", - Usage: "User must change password", - Value: true, + cli.StringFlag{ + Name: "password,p", + Value: "", + Usage: "New password to set for user", }, }, } @@ -52,27 +44,31 @@ func runChangePassword(c *cli.Context) error { if err := initDB(ctx); err != nil { return err } + if len(c.String("password")) < setting.MinPasswordLength { + return fmt.Errorf("Password is not long enough. Needs to be at least %d", setting.MinPasswordLength) + } - user, err := user_model.GetUserByName(ctx, c.String("username")) + if !pwd.IsComplexEnough(c.String("password")) { + return errors.New("Password does not meet complexity requirements") + } + pwned, err := pwd.IsPwned(context.Background(), c.String("password")) if err != nil { return err } - - opts := &user_service.UpdateAuthOptions{ - Password: optional.Some(c.String("password")), - MustChangePassword: optional.Some(c.Bool("must-change-password")), + if pwned { + return errors.New("The password you chose is on a list of stolen passwords previously exposed in public data breaches. Please try again with a different password.\nFor more details, see https://haveibeenpwned.com/Passwords") } - if err := user_service.UpdateAuth(ctx, user, opts); err != nil { - switch { - case errors.Is(err, password.ErrMinLength): - return fmt.Errorf("password is not long enough, needs to be at least %d characters", setting.MinPasswordLength) - case errors.Is(err, password.ErrComplexity): - return errors.New("password does not meet complexity requirements") - case errors.Is(err, password.ErrIsPwned): - return errors.New("the password is in a list of stolen passwords previously exposed in public data breaches, please try again with a different password, to see more details: https://haveibeenpwned.com/Passwords") - default: - return err - } + uname := c.String("username") + user, err := user_model.GetUserByName(ctx, uname) + if err != nil { + return err + } + if err = user.SetPassword(c.String("password")); err != nil { + return err + } + + if err = user_model.UpdateUserCols(ctx, user, "passwd", "passwd_hash_algo", "salt"); err != nil { + return err } fmt.Printf("%s's password has been successfully updated!\n", user.Name) diff --git a/cmd/admin_user_create.go b/cmd/admin_user_create.go index 781148e734..09eaad54be 100644 --- a/cmd/admin_user_create.go +++ b/cmd/admin_user_create.go @@ -6,62 +6,60 @@ package cmd import ( "errors" "fmt" + "os" auth_model "code.gitea.io/gitea/models/auth" - "code.gitea.io/gitea/models/db" user_model "code.gitea.io/gitea/models/user" pwd "code.gitea.io/gitea/modules/auth/password" - "code.gitea.io/gitea/modules/optional" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserCreate = &cli.Command{ +var microcmdUserCreate = cli.Command{ Name: "create", Usage: "Create a new user in database", Action: runCreateUser, Flags: []cli.Flag{ - &cli.StringFlag{ + cli.StringFlag{ Name: "name", Usage: "Username. DEPRECATED: use username instead", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "username", Usage: "Username", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "password", Usage: "User password", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "email", Usage: "User email address", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "admin", Usage: "User is an admin", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "random-password", Usage: "Generate a random password for the user", }, - &cli.BoolFlag{ - Name: "must-change-password", - Usage: "Set this option to false to prevent forcing the user to change their password after initial login", - Value: true, - DisableDefaultText: true, + cli.BoolFlag{ + Name: "must-change-password", + Usage: "Set this option to false to prevent forcing the user to change their password after initial login, (Default: true)", }, - &cli.IntFlag{ + cli.IntFlag{ Name: "random-password-length", Usage: "Length of the random password to be generated", Value: 12, }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "access-token", Usage: "Generate access token for the user", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "restricted", Usage: "Make a restricted user account", }, @@ -69,19 +67,15 @@ var microcmdUserCreate = &cli.Command{ } func runCreateUser(c *cli.Context) error { - // this command highly depends on the many setting options (create org, visibility, etc.), so it must have a full setting load first - // duplicate setting loading should be safe at the moment, but it should be refactored & improved in the future. - setting.LoadSettings() - if err := argsSet(c, "email"); err != nil { return err } if c.IsSet("name") && c.IsSet("username") { - return errors.New("cannot set both --name and --username flags") + return errors.New("Cannot set both --name and --username flags") } if !c.IsSet("name") && !c.IsSet("username") { - return errors.New("one of --name or --username flags must be set") + return errors.New("One of --name or --username flags must be set") } if c.IsSet("password") && c.IsSet("random-password") { @@ -93,7 +87,7 @@ func runCreateUser(c *cli.Context) error { username = c.String("username") } else { username = c.String("name") - _, _ = fmt.Fprintf(c.App.ErrWriter, "--name flag is deprecated. Use --username instead.\n") + fmt.Fprintf(os.Stderr, "--name flag is deprecated. Use --username instead.\n") } ctx, cancel := installSignals() @@ -117,27 +111,23 @@ func runCreateUser(c *cli.Context) error { return errors.New("must set either password or random-password flag") } - isAdmin := c.Bool("admin") - mustChangePassword := true // always default to true - if c.IsSet("must-change-password") { - // if the flag is set, use the value provided by the user - mustChangePassword = c.Bool("must-change-password") - } else { - // check whether there are users in the database - hasUserRecord, err := db.IsTableNotEmpty(&user_model.User{}) - if err != nil { - return fmt.Errorf("IsTableNotEmpty: %w", err) - } - if !hasUserRecord { - // if this is the first admin being created, don't force to change password (keep the old behavior) - mustChangePassword = false - } + // always default to true + changePassword := true + + // If this is the first user being created. + // Take it as the admin and don't force a password update. + if n := user_model.CountUsers(nil); n == 0 { + changePassword = false } - restricted := optional.None[bool]() + if c.IsSet("must-change-password") { + changePassword = c.Bool("must-change-password") + } + + restricted := util.OptionalBoolNone if c.IsSet("restricted") { - restricted = optional.Some(c.Bool("restricted")) + restricted = util.OptionalBoolOf(c.Bool("restricted")) } // default user visibility in app.ini @@ -147,17 +137,17 @@ func runCreateUser(c *cli.Context) error { Name: username, Email: c.String("email"), Passwd: password, - IsAdmin: isAdmin, - MustChangePassword: mustChangePassword, + IsAdmin: c.Bool("admin"), + MustChangePassword: changePassword, Visibility: visibility, } overwriteDefault := &user_model.CreateUserOverwriteOptions{ - IsActive: optional.Some(true), + IsActive: util.OptionalBoolTrue, IsRestricted: restricted, } - if err := user_model.CreateUser(ctx, u, overwriteDefault); err != nil { + if err := user_model.CreateUser(u, overwriteDefault); err != nil { return fmt.Errorf("CreateUser: %w", err) } @@ -167,7 +157,7 @@ func runCreateUser(c *cli.Context) error { UID: u.ID, } - if err := auth_model.NewAccessToken(ctx, t); err != nil { + if err := auth_model.NewAccessToken(t); err != nil { return err } diff --git a/cmd/admin_user_delete.go b/cmd/admin_user_delete.go index 520557554a..43363783ed 100644 --- a/cmd/admin_user_delete.go +++ b/cmd/admin_user_delete.go @@ -4,7 +4,6 @@ package cmd import ( - "errors" "fmt" "strings" @@ -12,28 +11,26 @@ import ( "code.gitea.io/gitea/modules/storage" user_service "code.gitea.io/gitea/services/user" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserDelete = &cli.Command{ +var microcmdUserDelete = cli.Command{ Name: "delete", Usage: "Delete specific user by id, name or email", Flags: []cli.Flag{ - &cli.Int64Flag{ + cli.Int64Flag{ Name: "id", Usage: "ID of user of the user to delete", }, - &cli.StringFlag{ - Name: "username", - Aliases: []string{"u"}, - Usage: "Username of the user to delete", + cli.StringFlag{ + Name: "username,u", + Usage: "Username of the user to delete", }, - &cli.StringFlag{ - Name: "email", - Aliases: []string{"e"}, - Usage: "Email of the user to delete", + cli.StringFlag{ + Name: "email,e", + Usage: "Email of the user to delete", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "purge", Usage: "Purge user, all their repositories, organizations and comments", }, @@ -43,7 +40,7 @@ var microcmdUserDelete = &cli.Command{ func runDeleteUser(c *cli.Context) error { if !c.IsSet("id") && !c.IsSet("username") && !c.IsSet("email") { - return errors.New("You must provide the id, username or email of a user to delete") + return fmt.Errorf("You must provide the id, username or email of a user to delete") } ctx, cancel := installSignals() @@ -60,11 +57,11 @@ func runDeleteUser(c *cli.Context) error { var err error var user *user_model.User if c.IsSet("email") { - user, err = user_model.GetUserByEmail(ctx, c.String("email")) + user, err = user_model.GetUserByEmail(c.String("email")) } else if c.IsSet("username") { user, err = user_model.GetUserByName(ctx, c.String("username")) } else { - user, err = user_model.GetUserByID(ctx, c.Int64("id")) + user, err = user_model.GetUserByID(c.Int64("id")) } if err != nil { return err diff --git a/cmd/admin_user_generate_access_token.go b/cmd/admin_user_generate_access_token.go index 6c2c10494e..196746ba56 100644 --- a/cmd/admin_user_generate_access_token.go +++ b/cmd/admin_user_generate_access_token.go @@ -4,46 +4,38 @@ package cmd import ( - "errors" "fmt" auth_model "code.gitea.io/gitea/models/auth" user_model "code.gitea.io/gitea/models/user" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserGenerateAccessToken = &cli.Command{ +var microcmdUserGenerateAccessToken = cli.Command{ Name: "generate-access-token", Usage: "Generate an access token for a specific user", Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "username", - Aliases: []string{"u"}, - Usage: "Username", + cli.StringFlag{ + Name: "username,u", + Usage: "Username", }, - &cli.StringFlag{ - Name: "token-name", - Aliases: []string{"t"}, - Usage: "Token name", - Value: "gitea-admin", + cli.StringFlag{ + Name: "token-name,t", + Usage: "Token name", + Value: "gitea-admin", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "raw", Usage: "Display only the token value", }, - &cli.StringFlag{ - Name: "scopes", - Value: "", - Usage: "Comma separated list of scopes to apply to access token", - }, }, Action: runGenerateAccessToken, } func runGenerateAccessToken(c *cli.Context) error { if !c.IsSet("username") { - return errors.New("You must provide a username to generate a token for") + return fmt.Errorf("You must provide a username to generate a token for") } ctx, cancel := installSignals() @@ -58,29 +50,12 @@ func runGenerateAccessToken(c *cli.Context) error { return err } - // construct token with name and user so we can make sure it is unique t := &auth_model.AccessToken{ Name: c.String("token-name"), UID: user.ID, } - exist, err := auth_model.AccessTokenByNameExists(ctx, t) - if err != nil { - return err - } - if exist { - return errors.New("access token name has been used already") - } - - // make sure the scopes are valid - accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize() - if err != nil { - return fmt.Errorf("invalid access token scope provided: %w", err) - } - t.Scope = accessTokenScope - - // create the token - if err := auth_model.NewAccessToken(ctx, t); err != nil { + if err := auth_model.NewAccessToken(t); err != nil { return err } diff --git a/cmd/admin_user_list.go b/cmd/admin_user_list.go index 4c2b26d1df..85490331ed 100644 --- a/cmd/admin_user_list.go +++ b/cmd/admin_user_list.go @@ -10,15 +10,15 @@ import ( user_model "code.gitea.io/gitea/models/user" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserList = &cli.Command{ +var microcmdUserList = cli.Command{ Name: "list", Usage: "List users", Action: runListUsers, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "admin", Usage: "List only admin users", }, @@ -33,7 +33,7 @@ func runListUsers(c *cli.Context) error { return err } - users, err := user_model.GetAllUsers(ctx) + users, err := user_model.GetAllUsers() if err != nil { return err } @@ -48,7 +48,7 @@ func runListUsers(c *cli.Context) error { } } } else { - twofa := user_model.UserList(users).GetTwoFaStatus(ctx) + twofa := user_model.UserList(users).GetTwoFaStatus() fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\t2FA\n") for _, u := range users { fmt.Fprintf(w, "%d\t%s\t%s\t%t\t%t\t%t\n", u.ID, u.Name, u.Email, u.IsActive, u.IsAdmin, twofa[u.ID]) diff --git a/cmd/admin_user_must_change_password.go b/cmd/admin_user_must_change_password.go index 2794414259..eb13fbcae5 100644 --- a/cmd/admin_user_must_change_password.go +++ b/cmd/admin_user_must_change_password.go @@ -9,25 +9,23 @@ import ( user_model "code.gitea.io/gitea/models/user" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -var microcmdUserMustChangePassword = &cli.Command{ +var microcmdUserMustChangePassword = cli.Command{ Name: "must-change-password", Usage: "Set the must change password flag for the provided users or all users", Action: runMustChangePassword, Flags: []cli.Flag{ - &cli.BoolFlag{ - Name: "all", - Aliases: []string{"A"}, - Usage: "All users must change password, except those explicitly excluded with --exclude", + cli.BoolFlag{ + Name: "all,A", + Usage: "All users must change password, except those explicitly excluded with --exclude", }, - &cli.StringSliceFlag{ - Name: "exclude", - Aliases: []string{"e"}, - Usage: "Do not change the must-change-password flag for these users", + cli.StringSliceFlag{ + Name: "exclude,e", + Usage: "Do not change the must-change-password flag for these users", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "unset", Usage: "Instead of setting the must-change-password flag, unset it", }, @@ -50,7 +48,7 @@ func runMustChangePassword(c *cli.Context) error { return err } - n, err := user_model.SetMustChangePassword(ctx, all, mustChangePassword, c.Args().Slice(), exclude) + n, err := user_model.SetMustChangePassword(ctx, all, mustChangePassword, c.Args(), exclude) if err != nil { return err } diff --git a/cmd/cert.go b/cmd/cert.go index bf83af389f..162c4171bf 100644 --- a/cmd/cert.go +++ b/cmd/cert.go @@ -1,7 +1,8 @@ // Copyright 2009 The Go Authors. All rights reserved. // Copyright 2014 The Gogs Authors. All rights reserved. // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -20,50 +21,50 @@ import ( "strings" "time" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdCert represents the available cert sub-command. -var CmdCert = &cli.Command{ +var CmdCert = cli.Command{ Name: "cert", Usage: "Generate self-signed certificate", Description: `Generate a self-signed X.509 certificate for a TLS server. Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`, Action: runCert, Flags: []cli.Flag{ - &cli.StringFlag{ + cli.StringFlag{ Name: "host", Value: "", Usage: "Comma-separated hostnames and IPs to generate a certificate for", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "ecdsa-curve", Value: "", Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521", }, - &cli.IntFlag{ + cli.IntFlag{ Name: "rsa-bits", - Value: 3072, + Value: 2048, Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "start-date", Value: "", Usage: "Creation date formatted as Jan 1 15:04:05 2011", }, - &cli.DurationFlag{ + cli.DurationFlag{ Name: "duration", Value: 365 * 24 * time.Hour, Usage: "Duration that certificate is valid for", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "ca", Usage: "whether this cert should be its own Certificate Authority", }, }, } -func publicKey(priv any) any { +func publicKey(priv interface{}) interface{} { switch k := priv.(type) { case *rsa.PrivateKey: return &k.PublicKey @@ -74,7 +75,7 @@ func publicKey(priv any) any { } } -func pemBlockForKey(priv any) *pem.Block { +func pemBlockForKey(priv interface{}) *pem.Block { switch k := priv.(type) { case *rsa.PrivateKey: return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)} @@ -94,7 +95,7 @@ func runCert(c *cli.Context) error { return err } - var priv any + var priv interface{} var err error switch c.String("ecdsa-curve") { case "": @@ -136,7 +137,7 @@ func runCert(c *cli.Context) error { SerialNumber: serialNumber, Subject: pkix.Name{ Organization: []string{"Acme Co"}, - CommonName: "Forgejo", + CommonName: "Gitea", }, NotBefore: notBefore, NotAfter: notAfter, diff --git a/cmd/cmd.go b/cmd/cmd.go index 423dce2674..f20a936325 100644 --- a/cmd/cmd.go +++ b/cmd/cmd.go @@ -1,5 +1,6 @@ // Copyright 2018 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. // Package cmd provides subcommands to the gitea binary - such as "web" or // "admin". @@ -9,7 +10,6 @@ import ( "context" "errors" "fmt" - "io" "os" "os/signal" "strings" @@ -20,7 +20,7 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // argsSet checks that all the required arguments are set. args is a list of @@ -58,9 +58,9 @@ func confirm() (bool, error) { } func initDB(ctx context.Context) error { - setting.MustInstalled() - setting.LoadDBSetting() - setting.InitSQLLoggersForCli(log.INFO) + setting.LoadFromExisting() + setting.InitDBConfig() + setting.NewXORMLogService(false) if setting.Database.Type == "" { log.Fatal(`Database settings are missing from the configuration file: %q. @@ -94,42 +94,3 @@ func installSignals() (context.Context, context.CancelFunc) { return ctx, cancel } - -func setupConsoleLogger(level log.Level, colorize bool, out io.Writer) { - if out != os.Stdout && out != os.Stderr { - panic("setupConsoleLogger can only be used with os.Stdout or os.Stderr") - } - - writeMode := log.WriterMode{ - Level: level, - Colorize: colorize, - WriterOption: log.WriterConsoleOption{Stderr: out == os.Stderr}, - } - writer := log.NewEventWriterConsole("console-default", writeMode) - log.GetManager().GetLogger(log.DEFAULT).ReplaceAllWriters(writer) -} - -func globalBool(c *cli.Context, name string) bool { - for _, ctx := range c.Lineage() { - if ctx.Bool(name) { - return true - } - } - return false -} - -// PrepareConsoleLoggerLevel by default, use INFO level for console logger, but some sub-commands (for git/ssh protocol) shouldn't output any log to stdout. -// Any log appears in git stdout pipe will break the git protocol, eg: client can't push and hangs forever. -func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(*cli.Context) error { - return func(c *cli.Context) error { - level := defaultLevel - if globalBool(c, "quiet") { - level = log.FATAL - } - if globalBool(c, "debug") || globalBool(c, "verbose") { - level = log.TRACE - } - log.SetConsoleLogger(log.DEFAULT, "console-default", level) - return nil - } -} diff --git a/cmd/convert.go b/cmd/convert.go new file mode 100644 index 0000000000..6d4d99a255 --- /dev/null +++ b/cmd/convert.go @@ -0,0 +1,52 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package cmd + +import ( + "fmt" + + "code.gitea.io/gitea/models/db" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/setting" + + "github.com/urfave/cli" +) + +// CmdConvert represents the available convert sub-command. +var CmdConvert = cli.Command{ + Name: "convert", + Usage: "Convert the database", + Description: "A command to convert an existing MySQL database from utf8 to utf8mb4", + Action: runConvert, +} + +func runConvert(ctx *cli.Context) error { + stdCtx, cancel := installSignals() + defer cancel() + + if err := initDB(stdCtx); err != nil { + return err + } + + log.Info("AppPath: %s", setting.AppPath) + log.Info("AppWorkPath: %s", setting.AppWorkPath) + log.Info("Custom path: %s", setting.CustomPath) + log.Info("Log path: %s", setting.LogRootPath) + log.Info("Configuration file: %s", setting.CustomConf) + + if !setting.Database.UseMySQL { + fmt.Println("This command can only be used with a MySQL database") + return nil + } + + if err := db.ConvertUtf8ToUtf8mb4(); err != nil { + log.Fatal("Failed to convert database from utf8 to utf8mb4: %v", err) + return err + } + + fmt.Println("Converted successfully, please confirm your database's character set is now utf8mb4") + + return nil +} diff --git a/cmd/docs.go b/cmd/docs.go index 1dc0980c00..073c574973 100644 --- a/cmd/docs.go +++ b/cmd/docs.go @@ -1,5 +1,6 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -8,14 +9,14 @@ import ( "os" "strings" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdDocs represents the available docs sub-command. -var CmdDocs = &cli.Command{ +var CmdDocs = cli.Command{ Name: "docs", Usage: "Output CLI documentation", - Description: "A command to output Forgejo's CLI documentation, optionally to a file.", + Description: "A command to output Gitea's CLI documentation, optionally to a file.", Action: runDocs, Flags: []cli.Flag{ &cli.BoolFlag{ @@ -23,9 +24,8 @@ var CmdDocs = &cli.Command{ Usage: "Output man pages instead", }, &cli.StringFlag{ - Name: "output", - Aliases: []string{"o"}, - Usage: "Path to output to instead of stdout (will overwrite if exists)", + Name: "output, o", + Usage: "Path to output to instead of stdout (will overwrite if exists)", }, }, } diff --git a/cmd/doctor.go b/cmd/doctor.go index 9957053365..a118484052 100644 --- a/cmd/doctor.go +++ b/cmd/doctor.go @@ -1,90 +1,79 @@ // Copyright 2019 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( + "errors" "fmt" golog "log" "os" - "path/filepath" "strings" "text/tabwriter" "code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/migrations" - migrate_base "code.gitea.io/gitea/models/migrations/base" - "code.gitea.io/gitea/modules/container" + "code.gitea.io/gitea/modules/doctor" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" - "code.gitea.io/gitea/services/doctor" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" "xorm.io/xorm" ) // CmdDoctor represents the available doctor sub-command. -var CmdDoctor = &cli.Command{ +var CmdDoctor = cli.Command{ Name: "doctor", - Usage: "Diagnose and optionally fix problems, convert or re-create database tables", - Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.", - - Subcommands: []*cli.Command{ - cmdDoctorCheck, - cmdRecreateTable, - cmdDoctorConvert, - }, -} - -var cmdDoctorCheck = &cli.Command{ - Name: "check", Usage: "Diagnose and optionally fix problems", - Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.", - Action: runDoctorCheck, + Description: "A command to diagnose problems with the current Gitea instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.", + Action: runDoctor, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "list", Usage: "List the available checks", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "default", Usage: "Run the default checks (if neither --run or --all is set, this is the default behaviour)", }, - &cli.StringSliceFlag{ + cli.StringSliceFlag{ Name: "run", Usage: "Run the provided checks - (if --default is set, the default checks will also run)", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "all", Usage: "Run all the available checks", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "fix", Usage: "Automatically fix what we can", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "log-file", - Usage: `Name of the log file (no verbose log output by default). Set to "-" to output to stdout`, + Usage: `Name of the log file (default: "doctor.log"). Set to "-" to output to stdout, set to "" to disable`, }, - &cli.BoolFlag{ - Name: "color", - Aliases: []string{"H"}, - Usage: "Use color for outputted information", + cli.BoolFlag{ + Name: "color, H", + Usage: "Use color for outputted information", }, }, + Subcommands: []cli.Command{ + cmdRecreateTable, + }, } -var cmdRecreateTable = &cli.Command{ +var cmdRecreateTable = cli.Command{ Name: "recreate-table", Usage: "Recreate tables from XORM definitions and copy the data.", ArgsUsage: "[TABLE]... : (TABLEs to recreate - leave blank for all)", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", Usage: "Print SQL commands sent", }, }, - Description: `The database definitions Forgejo uses change across versions, sometimes changing default values and leaving old unused columns. + Description: `The database definitions Gitea uses change across versions, sometimes changing default values and leaving old unused columns. This command will cause Xorm to recreate tables, copying over the data and deleting the old table. @@ -93,25 +82,22 @@ You should back-up your database before doing this and ensure that your database } func runRecreateTable(ctx *cli.Context) error { - stdCtx, cancel := installSignals() - defer cancel() - // Redirect the default golog to here golog.SetFlags(0) golog.SetPrefix("") - golog.SetOutput(log.LoggerToWriter(log.GetLogger(log.DEFAULT).Info)) + golog.SetOutput(log.NewLoggerAsWriter("INFO", log.GetLogger(log.DEFAULT))) - debug := ctx.Bool("debug") - setting.MustInstalled() - setting.LoadDBSetting() + setting.LoadFromExisting() + setting.InitDBConfig() - if debug { - setting.InitSQLLoggersForCli(log.DEBUG) - } else { - setting.InitSQLLoggersForCli(log.INFO) - } + setting.EnableXORMLog = ctx.Bool("debug") + setting.Database.LogSQL = ctx.Bool("debug") + setting.Cfg.Section("log").Key("XORM").SetValue(",") + + setting.NewXORMLogService(!ctx.Bool("debug")) + stdCtx, cancel := installSignals() + defer cancel() - setting.Database.LogSQL = debug if err := db.InitEngine(stdCtx); err != nil { fmt.Println(err) fmt.Println("Check if you are using the right config file. You can use a --config directive to specify one.") @@ -128,7 +114,7 @@ func runRecreateTable(ctx *cli.Context) error { if err != nil { return err } - recreateTables := migrate_base.RecreateTables(beans...) + recreateTables := migrations.RecreateTables(beans...) return db.InitEngineWithMigration(stdCtx, func(x *xorm.Engine) error { if err := migrations.EnsureUpToDate(x); err != nil { @@ -138,47 +124,71 @@ func runRecreateTable(ctx *cli.Context) error { }) } -func setupDoctorDefaultLogger(ctx *cli.Context, colorize bool) { - // Silence the default loggers - setupConsoleLogger(log.FATAL, log.CanColorStderr, os.Stderr) - +func setDoctorLogger(ctx *cli.Context) { logFile := ctx.String("log-file") - if logFile == "" { - return // if no doctor log-file is set, do not show any log from default logger - } else if logFile == "-" { - setupConsoleLogger(log.TRACE, colorize, os.Stdout) - } else { - logFile, _ = filepath.Abs(logFile) - writeMode := log.WriterMode{Level: log.TRACE, WriterOption: log.WriterFileOption{FileName: logFile}} - writer, err := log.NewEventWriter("console-to-file", "file", writeMode) - if err != nil { - log.FallbackErrorf("unable to create file log writer: %v", err) + if !ctx.IsSet("log-file") { + logFile = "doctor.log" + } + colorize := log.CanColorStdout + if ctx.IsSet("color") { + colorize = ctx.Bool("color") + } + + if len(logFile) == 0 { + log.NewLogger(1000, "doctor", "console", fmt.Sprintf(`{"level":"NONE","stacktracelevel":"NONE","colorize":%t}`, colorize)) + return + } + + defer func() { + recovered := recover() + if recovered == nil { return } - log.GetManager().GetLogger(log.DEFAULT).ReplaceAllWriters(writer) + + err, ok := recovered.(error) + if !ok { + panic(recovered) + } + if errors.Is(err, os.ErrPermission) { + fmt.Fprintf(os.Stderr, "ERROR: Unable to write logs to provided file due to permissions error: %s\n %v\n", logFile, err) + } else { + fmt.Fprintf(os.Stderr, "ERROR: Unable to write logs to provided file: %s\n %v\n", logFile, err) + } + fmt.Fprintf(os.Stderr, "WARN: Logging will be disabled\n Use `--log-file` to configure log file location\n") + log.NewLogger(1000, "doctor", "console", fmt.Sprintf(`{"level":"NONE","stacktracelevel":"NONE","colorize":%t}`, colorize)) + }() + + if logFile == "-" { + log.NewLogger(1000, "doctor", "console", fmt.Sprintf(`{"level":"trace","stacktracelevel":"NONE","colorize":%t}`, colorize)) + } else { + log.NewLogger(1000, "doctor", "file", fmt.Sprintf(`{"filename":%q,"level":"trace","stacktracelevel":"NONE"}`, logFile)) } } -func runDoctorCheck(ctx *cli.Context) error { +func runDoctor(ctx *cli.Context) error { stdCtx, cancel := installSignals() defer cancel() + // Silence the default loggers + log.DelNamedLogger("console") + log.DelNamedLogger(log.DEFAULT) + + // Now setup our own + setDoctorLogger(ctx) + colorize := log.CanColorStdout if ctx.IsSet("color") { colorize = ctx.Bool("color") } - setupDoctorDefaultLogger(ctx, colorize) - - // Finally redirect the default golang's log to here + // Finally redirect the default golog to here golog.SetFlags(0) golog.SetPrefix("") - golog.SetOutput(log.LoggerToWriter(log.GetLogger(log.DEFAULT).Info)) + golog.SetOutput(log.NewLoggerAsWriter("INFO", log.GetLogger(log.DEFAULT))) if ctx.IsSet("list") { w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0) _, _ = w.Write([]byte("Default\tName\tTitle\n")) - doctor.SortChecks(doctor.Checks) for _, check := range doctor.Checks { if check.IsDefault { _, _ = w.Write([]byte{'*'}) @@ -194,19 +204,25 @@ func runDoctorCheck(ctx *cli.Context) error { var checks []*doctor.Check if ctx.Bool("all") { - checks = make([]*doctor.Check, len(doctor.Checks)) - copy(checks, doctor.Checks) + checks = doctor.Checks } else if ctx.IsSet("run") { addDefault := ctx.Bool("default") - runNamesSet := container.SetOf(ctx.StringSlice("run")...) - for _, check := range doctor.Checks { - if (addDefault && check.IsDefault) || runNamesSet.Contains(check.Name) { - checks = append(checks, check) - runNamesSet.Remove(check.Name) - } + names := ctx.StringSlice("run") + for i, name := range names { + names[i] = strings.ToLower(strings.TrimSpace(name)) } - if len(runNamesSet) > 0 { - return fmt.Errorf("unknown checks: %q", strings.Join(runNamesSet.Values(), ",")) + + for _, check := range doctor.Checks { + if addDefault && check.IsDefault { + checks = append(checks, check) + continue + } + for _, name := range names { + if name == check.Name { + checks = append(checks, check) + break + } + } } } else { for _, check := range doctor.Checks { @@ -215,5 +231,18 @@ func runDoctorCheck(ctx *cli.Context) error { } } } - return doctor.RunChecks(stdCtx, colorize, ctx.Bool("fix"), checks) + + // Now we can set up our own logger to return information about what the doctor is doing + if err := log.NewNamedLogger("doctorouter", + 0, + "console", + "console", + fmt.Sprintf(`{"level":"INFO","stacktracelevel":"NONE","colorize":%t,"flags":-1}`, colorize)); err != nil { + fmt.Println(err) + return err + } + + logger := log.GetLogger("doctorouter") + defer logger.Close() + return doctor.RunChecks(stdCtx, logger, ctx.Bool("fix"), checks) } diff --git a/cmd/doctor_convert.go b/cmd/doctor_convert.go deleted file mode 100644 index 190b2fc2ef..0000000000 --- a/cmd/doctor_convert.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2019 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "fmt" - - "code.gitea.io/gitea/models/db" - "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/setting" - - "github.com/urfave/cli/v2" -) - -// cmdDoctorConvert represents the available convert sub-command. -var cmdDoctorConvert = &cli.Command{ - Name: "convert", - Usage: "Convert the database", - Description: "A command to convert an existing MySQL database from utf8 to utf8mb4", - Action: runDoctorConvert, -} - -func runDoctorConvert(ctx *cli.Context) error { - stdCtx, cancel := installSignals() - defer cancel() - - if err := initDB(stdCtx); err != nil { - return err - } - - log.Info("AppPath: %s", setting.AppPath) - log.Info("AppWorkPath: %s", setting.AppWorkPath) - log.Info("Custom path: %s", setting.CustomPath) - log.Info("Log path: %s", setting.Log.RootPath) - log.Info("Configuration file: %s", setting.CustomConf) - - if setting.Database.Type.IsMySQL() { - if err := db.ConvertDatabaseTable(); err != nil { - log.Fatal("Failed to convert database & table: %v", err) - return err - } - fmt.Println("Converted successfully, please confirm your database's character set is now utf8mb4") - } else { - fmt.Println("This command can only be used with a MySQL database") - } - - return nil -} diff --git a/cmd/doctor_test.go b/cmd/doctor_test.go deleted file mode 100644 index e6daae18b9..0000000000 --- a/cmd/doctor_test.go +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "context" - "testing" - - "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/services/doctor" - - "github.com/stretchr/testify/require" - "github.com/urfave/cli/v2" -) - -func TestDoctorRun(t *testing.T) { - doctor.Register(&doctor.Check{ - Title: "Test Check", - Name: "test-check", - Run: func(ctx context.Context, logger log.Logger, autofix bool) error { return nil }, - - SkipDatabaseInitialization: true, - }) - app := cli.NewApp() - app.Commands = []*cli.Command{cmdDoctorCheck} - err := app.Run([]string{"./gitea", "check", "--run", "test-check"}) - require.NoError(t, err) - err = app.Run([]string{"./gitea", "check", "--run", "no-such"}) - require.ErrorContains(t, err, `unknown checks: "no-such"`) - err = app.Run([]string{"./gitea", "check", "--run", "test-check,no-such"}) - require.ErrorContains(t, err, `unknown checks: "no-such"`) -} diff --git a/cmd/dump.go b/cmd/dump.go index 14f9a00b58..6569fb6e36 100644 --- a/cmd/dump.go +++ b/cmd/dump.go @@ -1,6 +1,7 @@ // Copyright 2014 The Gogs Authors. All rights reserved. // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -20,9 +21,9 @@ import ( "code.gitea.io/gitea/modules/storage" "code.gitea.io/gitea/modules/util" - "code.forgejo.org/go-chi/session" + "gitea.com/go-chi/session" "github.com/mholt/archiver/v3" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) func addReader(w archiver.Writer, r io.ReadCloser, info os.FileInfo, customName string, verbose bool) error { @@ -96,75 +97,60 @@ var outputTypeEnum = &outputType{ } // CmdDump represents the available dump sub-command. -var CmdDump = &cli.Command{ +var CmdDump = cli.Command{ Name: "dump", - Usage: "Dump Forgejo files and database", + Usage: "Dump Gitea files and database", Description: `Dump compresses all related files and database into zip file. -It can be used for backup and capture Forgejo server image to send to maintainer`, +It can be used for backup and capture Gitea server image to send to maintainer`, Action: runDump, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "file", - Aliases: []string{"f"}, - Value: fmt.Sprintf("forgejo-dump-%d.zip", time.Now().Unix()), - Usage: "Name of the dump file which will be created. Supply '-' for stdout. See type for available types.", + cli.StringFlag{ + Name: "file, f", + Value: fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix()), + Usage: "Name of the dump file which will be created. Supply '-' for stdout. See type for available types.", }, - &cli.BoolFlag{ - Name: "verbose", - Aliases: []string{"V"}, - Usage: "Show process details", + cli.BoolFlag{ + Name: "verbose, V", + Usage: "Show process details", }, - &cli.BoolFlag{ - Name: "quiet", - Aliases: []string{"q"}, - Usage: "Only display warnings and errors", + cli.StringFlag{ + Name: "tempdir, t", + Value: os.TempDir(), + Usage: "Temporary dir path", }, - &cli.StringFlag{ - Name: "tempdir", - Aliases: []string{"t"}, - Value: os.TempDir(), - Usage: "Temporary dir path", + cli.StringFlag{ + Name: "database, d", + Usage: "Specify the database SQL syntax", }, - &cli.StringFlag{ - Name: "database", - Aliases: []string{"d"}, - Usage: "Specify the database SQL syntax: sqlite3, mysql, postgres", + cli.BoolFlag{ + Name: "skip-repository, R", + Usage: "Skip the repository dumping", }, - &cli.BoolFlag{ - Name: "skip-repository", - Aliases: []string{"R"}, - Usage: "Skip repositories", + cli.BoolFlag{ + Name: "skip-log, L", + Usage: "Skip the log dumping", }, - &cli.BoolFlag{ - Name: "skip-log", - Aliases: []string{"L"}, - Usage: "Skip logs", - }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-custom-dir", Usage: "Skip custom directory", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-lfs-data", Usage: "Skip LFS data", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-attachment-data", Usage: "Skip attachment data", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-package-data", Usage: "Skip package data", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "skip-index", Usage: "Skip bleve index data", }, - &cli.BoolFlag{ - Name: "skip-repo-archives", - Usage: "Skip repository archives", - }, - &cli.GenericFlag{ + cli.GenericFlag{ Name: "type", Value: outputTypeEnum, Usage: fmt.Sprintf("Dump output format: %s", outputTypeEnum.Join()), @@ -172,7 +158,7 @@ It can be used for backup and capture Forgejo server image to send to maintainer }, } -func fatal(format string, args ...any) { +func fatal(format string, args ...interface{}) { fmt.Fprintf(os.Stderr, format+"\n", args...) log.Fatal(format, args...) } @@ -183,7 +169,10 @@ func runDump(ctx *cli.Context) error { outType := ctx.String("type") if fileName == "-" { file = os.Stdout - setupConsoleLogger(log.FATAL, log.CanColorStderr, os.Stderr) + err := log.DelLogger("console") + if err != nil { + fatal("Deleting default logger failed. Can not write to stdout: %v", err) + } } else { for _, suffix := range outputTypeEnum.Enum { if strings.HasSuffix(fileName, "."+suffix) { @@ -193,34 +182,20 @@ func runDump(ctx *cli.Context) error { } fileName += "." + outType } - setting.MustInstalled() + setting.LoadFromExisting() // make sure we are logging to the console no matter what the configuration tells us do to - // FIXME: don't use CfgProvider directly - if _, err := setting.CfgProvider.Section("log").NewKey("MODE", "console"); err != nil { + if _, err := setting.Cfg.Section("log").NewKey("MODE", "console"); err != nil { fatal("Setting logging mode to console failed: %v", err) } - if _, err := setting.CfgProvider.Section("log.console").NewKey("STDERR", "true"); err != nil { + if _, err := setting.Cfg.Section("log.console").NewKey("STDERR", "true"); err != nil { fatal("Setting console logger to stderr failed: %v", err) } - - // Set loglevel to Warn if quiet-mode is requested - if ctx.Bool("quiet") { - if _, err := setting.CfgProvider.Section("log.console").NewKey("LEVEL", "Warn"); err != nil { - fatal("Setting console log-level failed: %v", err) - } - } - if !setting.InstallLock { log.Error("Is '%s' really the right config path?\n", setting.CustomConf) - return fmt.Errorf("forgejo is not initialized") - } - setting.LoadSettings() // cannot access session settings otherwise - - verbose := ctx.Bool("verbose") - if verbose && ctx.Bool("quiet") { - return fmt.Errorf("--quiet and --verbose cannot both be set") + return fmt.Errorf("gitea is not initialized") } + setting.NewServices() // cannot access session settings otherwise stdCtx, cancel := installSignals() defer cancel() @@ -237,7 +212,7 @@ func runDump(ctx *cli.Context) error { if file == nil { file, err = os.Create(fileName) if err != nil { - fatal("Failed to open %s: %v", fileName, err) + fatal("Unable to open %s: %v", fileName, err) } } defer file.Close() @@ -247,14 +222,15 @@ func runDump(ctx *cli.Context) error { return err } - var iface any + verbose := ctx.Bool("verbose") + var iface interface{} if fileName == "-" { iface, err = archiver.ByExtension(fmt.Sprintf(".%s", outType)) } else { iface, err = archiver.ByExtension(fileName) } if err != nil { - fatal("Failed to get archiver for extension: %v", err) + fatal("Unable to get archiver for extension: %v", err) } w, _ := iface.(archiver.Writer) @@ -264,7 +240,7 @@ func runDump(ctx *cli.Context) error { defer w.Close() if ctx.IsSet("skip-repository") && ctx.Bool("skip-repository") { - log.Info("Skipping local repositories") + log.Info("Skip dumping local repositories") } else { log.Info("Dumping local repositories... %s", setting.RepoRootPath) if err := addRecursiveExclude(w, "repos", setting.RepoRootPath, []string{absFileName}, verbose); err != nil { @@ -272,10 +248,8 @@ func runDump(ctx *cli.Context) error { } if ctx.IsSet("skip-lfs-data") && ctx.Bool("skip-lfs-data") { - log.Info("Skipping LFS data") - } else if !setting.LFS.StartServer { - log.Info("LFS not enabled - skipping") - } else if err := storage.LFS.IterateObjects("", func(objPath string, object storage.Object) error { + log.Info("Skip dumping LFS data") + } else if err := storage.LFS.IterateObjects(func(objPath string, object storage.Object) error { info, err := object.Stat() if err != nil { return err @@ -292,19 +266,18 @@ func runDump(ctx *cli.Context) error { fatal("Path does not exist: %s", tmpDir) } - dbDump, err := os.CreateTemp(tmpDir, "forgejo-db.sql") + dbDump, err := os.CreateTemp(tmpDir, "gitea-db.sql") if err != nil { fatal("Failed to create tmp file: %v", err) } defer func() { - _ = dbDump.Close() if err := util.Remove(dbDump.Name()); err != nil { - log.Warn("Failed to remove temporary file: %s: Error: %v", dbDump.Name(), err) + log.Warn("Unable to remove temporary file: %s: Error: %v", dbDump.Name(), err) } }() targetDBType := ctx.String("database") - if len(targetDBType) > 0 && targetDBType != setting.Database.Type.String() { + if len(targetDBType) > 0 && targetDBType != setting.Database.Type { log.Info("Dumping database %s => %s...", setting.Database.Type, targetDBType) } else { log.Info("Dumping database...") @@ -314,8 +287,8 @@ func runDump(ctx *cli.Context) error { fatal("Failed to dump database: %v", err) } - if err := addFile(w, "forgejo-db.sql", dbDump.Name(), verbose); err != nil { - fatal("Failed to include forgejo-db.sql: %v", err) + if err := addFile(w, "gitea-db.sql", dbDump.Name(), verbose); err != nil { + fatal("Failed to include gitea-db.sql: %v", err) } if len(setting.CustomConf) > 0 { @@ -335,22 +308,22 @@ func runDump(ctx *cli.Context) error { fatal("Failed to include custom: %v", err) } } else { - log.Info("Custom dir %s is inside data dir %s, skipping", setting.CustomPath, setting.AppDataPath) + log.Info("Custom dir %s is inside data dir %s, skipped", setting.CustomPath, setting.AppDataPath) } } else { - log.Info("Custom dir %s does not exist, skipping", setting.CustomPath) + log.Info("Custom dir %s doesn't exist, skipped", setting.CustomPath) } } isExist, err := util.IsExist(setting.AppDataPath) if err != nil { - log.Error("Failed to check if %s exists: %v", setting.AppDataPath, err) + log.Error("Unable to check if %s exists. Error: %v", setting.AppDataPath, err) } if isExist { log.Info("Packing data directory...%s", setting.AppDataPath) var excludes []string - if setting.SessionConfig.OriginalProvider == "file" { + if setting.Cfg.Section("session").Key("PROVIDER").Value() == "file" { var opts session.Options if err = json.Unmarshal([]byte(setting.SessionConfig.ProviderConfig), &opts); err != nil { return err @@ -359,21 +332,15 @@ func runDump(ctx *cli.Context) error { } if ctx.IsSet("skip-index") && ctx.Bool("skip-index") { - log.Info("Skipping bleve index data") excludes = append(excludes, setting.Indexer.RepoPath) excludes = append(excludes, setting.Indexer.IssuePath) } - if ctx.IsSet("skip-repo-archives") && ctx.Bool("skip-repo-archives") { - log.Info("Skipping repository archives data") - excludes = append(excludes, setting.RepoArchive.Storage.Path) - } - excludes = append(excludes, setting.RepoRootPath) - excludes = append(excludes, setting.LFS.Storage.Path) - excludes = append(excludes, setting.Attachment.Storage.Path) - excludes = append(excludes, setting.Packages.Storage.Path) - excludes = append(excludes, setting.Log.RootPath) + excludes = append(excludes, setting.LFS.Path) + excludes = append(excludes, setting.Attachment.Path) + excludes = append(excludes, setting.Packages.Path) + excludes = append(excludes, setting.LogRootPath) excludes = append(excludes, absFileName) if err := addRecursiveExclude(w, "data", setting.AppDataPath, excludes, verbose); err != nil { fatal("Failed to include data directory: %v", err) @@ -381,8 +348,8 @@ func runDump(ctx *cli.Context) error { } if ctx.IsSet("skip-attachment-data") && ctx.Bool("skip-attachment-data") { - log.Info("Skipping attachment data") - } else if err := storage.Attachments.IterateObjects("", func(objPath string, object storage.Object) error { + log.Info("Skip dumping attachment data") + } else if err := storage.Attachments.IterateObjects(func(objPath string, object storage.Object) error { info, err := object.Stat() if err != nil { return err @@ -394,10 +361,8 @@ func runDump(ctx *cli.Context) error { } if ctx.IsSet("skip-package-data") && ctx.Bool("skip-package-data") { - log.Info("Skipping package data") - } else if !setting.Packages.Enabled { - log.Info("Package registry not enabled - skipping") - } else if err := storage.Packages.IterateObjects("", func(objPath string, object storage.Object) error { + log.Info("Skip dumping package data") + } else if err := storage.Packages.IterateObjects(func(objPath string, object storage.Object) error { info, err := object.Stat() if err != nil { return err @@ -412,14 +377,14 @@ func runDump(ctx *cli.Context) error { // ensuring that it's clear the dump is skipped whether the directory's initialized // yet or not. if ctx.IsSet("skip-log") && ctx.Bool("skip-log") { - log.Info("Skipping log files") + log.Info("Skip dumping log files") } else { - isExist, err := util.IsExist(setting.Log.RootPath) + isExist, err := util.IsExist(setting.LogRootPath) if err != nil { - log.Error("Failed to check if %s exists: %v", setting.Log.RootPath, err) + log.Error("Unable to check if %s exists. Error: %v", setting.LogRootPath, err) } if isExist { - if err := addRecursiveExclude(w, "log", setting.Log.RootPath, []string{absFileName}, verbose); err != nil { + if err := addRecursiveExclude(w, "log", setting.LogRootPath, []string{absFileName}, verbose); err != nil { fatal("Failed to include log: %v", err) } } @@ -445,6 +410,15 @@ func runDump(ctx *cli.Context) error { return nil } +func contains(slice []string, s string) bool { + for _, v := range slice { + if v == s { + return true + } + } + return false +} + // addRecursiveExclude zips absPath to specified insidePath inside writer excluding excludeAbsPath func addRecursiveExclude(w archiver.Writer, insidePath, absPath string, excludeAbsPath []string, verbose bool) error { absPath, err := filepath.Abs(absPath) @@ -462,20 +436,16 @@ func addRecursiveExclude(w archiver.Writer, insidePath, absPath string, excludeA return err } for _, file := range files { - currentAbsPath := filepath.Join(absPath, file.Name()) + currentAbsPath := path.Join(absPath, file.Name()) currentInsidePath := path.Join(insidePath, file.Name()) - - if util.SliceContainsString(excludeAbsPath, currentAbsPath) { - log.Debug("Skipping %q (matched an excluded path)", currentAbsPath) - continue - } - if file.IsDir() { - if err := addFile(w, currentInsidePath, currentAbsPath, false); err != nil { - return err - } - if err = addRecursiveExclude(w, currentInsidePath, currentAbsPath, excludeAbsPath, verbose); err != nil { - return err + if !contains(excludeAbsPath, currentAbsPath) { + if err := addFile(w, currentInsidePath, currentAbsPath, false); err != nil { + return err + } + if err = addRecursiveExclude(w, currentInsidePath, currentAbsPath, excludeAbsPath, verbose); err != nil { + return err + } } } else { // only copy regular files and symlink regular files, skip non-regular files like socket/pipe/... diff --git a/cmd/dump_repo.go b/cmd/dump_repo.go index 3a24cf6c5f..5f41ab69a9 100644 --- a/cmd/dump_repo.go +++ b/cmd/dump_repo.go @@ -1,5 +1,6 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -10,67 +11,66 @@ import ( "os" "strings" + "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" base "code.gitea.io/gitea/modules/migration" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" - "code.gitea.io/gitea/services/convert" "code.gitea.io/gitea/services/migrations" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdDumpRepository represents the available dump repository sub-command. -var CmdDumpRepository = &cli.Command{ +var CmdDumpRepository = cli.Command{ Name: "dump-repo", Usage: "Dump the repository from git/github/gitea/gitlab", Description: "This is a command for dumping the repository data.", Action: runDumpRepository, Flags: []cli.Flag{ - &cli.StringFlag{ + cli.StringFlag{ Name: "git_service", Value: "", Usage: "Git service, git, github, gitea, gitlab. If clone_addr could be recognized, this could be ignored.", }, - &cli.StringFlag{ - Name: "repo_dir", - Aliases: []string{"r"}, - Value: "./data", - Usage: "Repository dir path to store the data", + cli.StringFlag{ + Name: "repo_dir, r", + Value: "./data", + Usage: "Repository dir path to store the data", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "clone_addr", Value: "", Usage: "The URL will be clone, currently could be a git/github/gitea/gitlab http/https URL", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "auth_username", Value: "", Usage: "The username to visit the clone_addr", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "auth_password", Value: "", Usage: "The password to visit the clone_addr", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "auth_token", Value: "", Usage: "The personal token to visit the clone_addr", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "owner_name", Value: "", Usage: "The data will be stored on a directory with owner name if not empty", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "repo_name", Value: "", Usage: "The data will be stored on a directory with repository name if not empty", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "units", Value: "", Usage: `Which items will be migrated, one or more units should be separated as comma. @@ -95,7 +95,7 @@ func runDumpRepository(ctx *cli.Context) error { log.Info("AppPath: %s", setting.AppPath) log.Info("AppWorkPath: %s", setting.AppWorkPath) log.Info("Custom path: %s", setting.CustomPath) - log.Info("Log path: %s", setting.Log.RootPath) + log.Info("Log path: %s", setting.LogRootPath) log.Info("Configuration file: %s", setting.CustomConf) var ( diff --git a/cmd/dump_test.go b/cmd/dump_test.go deleted file mode 100644 index 459386318f..0000000000 --- a/cmd/dump_test.go +++ /dev/null @@ -1,118 +0,0 @@ -// Copyright 2024 The Forgejo Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "io" - "os" - "testing" - - "github.com/mholt/archiver/v3" - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" -) - -type mockArchiver struct { - addedFiles []string -} - -func (mockArchiver) Create(out io.Writer) error { - return nil -} - -func (m *mockArchiver) Write(f archiver.File) error { - m.addedFiles = append(m.addedFiles, f.Name()) - return nil -} - -func (mockArchiver) Close() error { - return nil -} - -func TestAddRecursiveExclude(t *testing.T) { - t.Run("Empty", func(t *testing.T) { - dir := t.TempDir() - archiver := &mockArchiver{} - - err := addRecursiveExclude(archiver, "", dir, []string{}, false) - require.NoError(t, err) - assert.Empty(t, archiver.addedFiles) - }) - - t.Run("Single file", func(t *testing.T) { - dir := t.TempDir() - err := os.WriteFile(dir+"/example", nil, 0o666) - require.NoError(t, err) - - t.Run("No exclude", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, nil, false) - require.NoError(t, err) - assert.Len(t, archiver.addedFiles, 1) - assert.Contains(t, archiver.addedFiles, "example") - }) - - t.Run("With exclude", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, []string{dir + "/example"}, false) - require.NoError(t, err) - assert.Empty(t, archiver.addedFiles) - }) - }) - - t.Run("File inside directory", func(t *testing.T) { - dir := t.TempDir() - err := os.MkdirAll(dir+"/deep/nested/folder", 0o750) - require.NoError(t, err) - err = os.WriteFile(dir+"/deep/nested/folder/example", nil, 0o666) - require.NoError(t, err) - err = os.WriteFile(dir+"/deep/nested/folder/another-file", nil, 0o666) - require.NoError(t, err) - - t.Run("No exclude", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, nil, false) - require.NoError(t, err) - assert.Len(t, archiver.addedFiles, 5) - assert.Contains(t, archiver.addedFiles, "deep") - assert.Contains(t, archiver.addedFiles, "deep/nested") - assert.Contains(t, archiver.addedFiles, "deep/nested/folder") - assert.Contains(t, archiver.addedFiles, "deep/nested/folder/example") - assert.Contains(t, archiver.addedFiles, "deep/nested/folder/another-file") - }) - - t.Run("Exclude first directory", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, []string{dir + "/deep"}, false) - require.NoError(t, err) - assert.Empty(t, archiver.addedFiles) - }) - - t.Run("Exclude nested directory", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, []string{dir + "/deep/nested/folder"}, false) - require.NoError(t, err) - assert.Len(t, archiver.addedFiles, 2) - assert.Contains(t, archiver.addedFiles, "deep") - assert.Contains(t, archiver.addedFiles, "deep/nested") - }) - - t.Run("Exclude file", func(t *testing.T) { - archiver := &mockArchiver{} - - err = addRecursiveExclude(archiver, "", dir, []string{dir + "/deep/nested/folder/example"}, false) - require.NoError(t, err) - assert.Len(t, archiver.addedFiles, 4) - assert.Contains(t, archiver.addedFiles, "deep") - assert.Contains(t, archiver.addedFiles, "deep/nested") - assert.Contains(t, archiver.addedFiles, "deep/nested/folder") - assert.Contains(t, archiver.addedFiles, "deep/nested/folder/another-file") - }) - }) -} diff --git a/cmd/embedded.go b/cmd/embedded.go index 9f03f7be7c..b71ee6dfe7 100644 --- a/cmd/embedded.go +++ b/cmd/embedded.go @@ -1,5 +1,8 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +//go:build bindata package cmd @@ -8,9 +11,9 @@ import ( "fmt" "os" "path/filepath" + "sort" "strings" - "code.gitea.io/gitea/modules/assetfs" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/options" "code.gitea.io/gitea/modules/public" @@ -19,98 +22,117 @@ import ( "code.gitea.io/gitea/modules/util" "github.com/gobwas/glob" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) -// CmdEmbedded represents the available extract sub-command. +// Cmdembedded represents the available extract sub-command. var ( - CmdEmbedded = &cli.Command{ + Cmdembedded = cli.Command{ Name: "embedded", Usage: "Extract embedded resources", Description: "A command for extracting embedded resources, like templates and images", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ subcmdList, subcmdView, subcmdExtract, }, } - subcmdList = &cli.Command{ + subcmdList = cli.Command{ Name: "list", Usage: "List files matching the given pattern", Action: runList, Flags: []cli.Flag{ - &cli.BoolFlag{ - Name: "include-vendored", - Aliases: []string{"vendor"}, - Usage: "Include files under public/vendor as well", + cli.BoolFlag{ + Name: "include-vendored,vendor", + Usage: "Include files under public/vendor as well", }, }, } - subcmdView = &cli.Command{ + subcmdView = cli.Command{ Name: "view", Usage: "View a file matching the given pattern", Action: runView, Flags: []cli.Flag{ - &cli.BoolFlag{ - Name: "include-vendored", - Aliases: []string{"vendor"}, - Usage: "Include files under public/vendor as well", + cli.BoolFlag{ + Name: "include-vendored,vendor", + Usage: "Include files under public/vendor as well", }, }, } - subcmdExtract = &cli.Command{ + subcmdExtract = cli.Command{ Name: "extract", Usage: "Extract resources", Action: runExtract, Flags: []cli.Flag{ - &cli.BoolFlag{ - Name: "include-vendored", - Aliases: []string{"vendor"}, - Usage: "Include files under public/vendor as well", + cli.BoolFlag{ + Name: "include-vendored,vendor", + Usage: "Include files under public/vendor as well", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "overwrite", Usage: "Overwrite files if they already exist", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "rename", Usage: "Rename files as {name}.bak if they already exist (overwrites previous .bak)", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "custom", Usage: "Extract to the 'custom' directory as per app.ini", }, - &cli.StringFlag{ - Name: "destination", - Aliases: []string{"dest-dir"}, - Usage: "Extract to the specified directory", + cli.StringFlag{ + Name: "destination,dest-dir", + Usage: "Extract to the specified directory", }, }, } - matchedAssetFiles []assetFile + sections map[string]*section + assets []asset ) -type assetFile struct { - fs *assetfs.LayeredFS - name string - path string +type section struct { + Path string + Names func() []string + IsDir func(string) (bool, error) + Asset func(string) ([]byte, error) +} + +type asset struct { + Section *section + Name string + Path string } func initEmbeddedExtractor(c *cli.Context) error { - setupConsoleLogger(log.ERROR, log.CanColorStderr, os.Stderr) + // Silence the console logger + log.DelNamedLogger("console") + log.DelNamedLogger(log.DEFAULT) - patterns, err := compileCollectPatterns(c.Args().Slice()) + // Read configuration file + setting.LoadAllowEmpty() + + pats, err := getPatterns(c.Args()) if err != nil { return err } + sections := make(map[string]*section, 3) - collectAssetFilesByPattern(c, patterns, "options", options.BuiltinAssets()) - collectAssetFilesByPattern(c, patterns, "public", public.BuiltinAssets()) - collectAssetFilesByPattern(c, patterns, "templates", templates.BuiltinAssets()) + sections["public"] = §ion{Path: "public", Names: public.AssetNames, IsDir: public.AssetIsDir, Asset: public.Asset} + sections["options"] = §ion{Path: "options", Names: options.AssetNames, IsDir: options.AssetIsDir, Asset: options.Asset} + sections["templates"] = §ion{Path: "templates", Names: templates.BuiltinAssetNames, IsDir: templates.BuiltinAssetIsDir, Asset: templates.BuiltinAsset} + + for _, sec := range sections { + assets = append(assets, buildAssetList(sec, pats, c)...) + } + + // Sort assets + sort.SliceStable(assets, func(i, j int) bool { + return assets[i].Path < assets[j].Path + }) return nil } @@ -144,8 +166,8 @@ func runListDo(c *cli.Context) error { return err } - for _, a := range matchedAssetFiles { - fmt.Println(a.path) + for _, a := range assets { + fmt.Println(a.Path) } return nil @@ -156,19 +178,19 @@ func runViewDo(c *cli.Context) error { return err } - if len(matchedAssetFiles) == 0 { - return errors.New("no files matched the given pattern") - } else if len(matchedAssetFiles) > 1 { - return errors.New("too many files matched the given pattern, try to be more specific") + if len(assets) == 0 { + return fmt.Errorf("No files matched the given pattern") + } else if len(assets) > 1 { + return fmt.Errorf("Too many files matched the given pattern; try to be more specific") } - data, err := matchedAssetFiles[0].fs.ReadFile(matchedAssetFiles[0].name) + data, err := assets[0].Section.Asset(assets[0].Name) if err != nil { - return fmt.Errorf("%s: %w", matchedAssetFiles[0].path, err) + return fmt.Errorf("%s: %w", assets[0].Path, err) } if _, err = os.Stdout.Write(data); err != nil { - return fmt.Errorf("%s: %w", matchedAssetFiles[0].path, err) + return fmt.Errorf("%s: %w", assets[0].Path, err) } return nil @@ -179,8 +201,8 @@ func runExtractDo(c *cli.Context) error { return err } - if c.NArg() == 0 { - return errors.New("a list of pattern of files to extract is mandatory (e.g. '**' for all)") + if len(c.Args()) == 0 { + return fmt.Errorf("A list of pattern of files to extract is mandatory (e.g. '**' for all)") } destdir := "." @@ -205,7 +227,7 @@ func runExtractDo(c *cli.Context) error { if err != nil { return fmt.Errorf("%s: %s", destdir, err) } else if !fi.IsDir() { - return fmt.Errorf("destination %q is not a directory", destdir) + return fmt.Errorf("%s is not a directory.", destdir) } fmt.Printf("Extracting to %s:\n", destdir) @@ -213,23 +235,23 @@ func runExtractDo(c *cli.Context) error { overwrite := c.Bool("overwrite") rename := c.Bool("rename") - for _, a := range matchedAssetFiles { + for _, a := range assets { if err := extractAsset(destdir, a, overwrite, rename); err != nil { // Non-fatal error - fmt.Fprintf(os.Stderr, "%s: %v", a.path, err) + fmt.Fprintf(os.Stderr, "%s: %v", a.Path, err) } } return nil } -func extractAsset(d string, a assetFile, overwrite, rename bool) error { - dest := filepath.Join(d, filepath.FromSlash(a.path)) +func extractAsset(d string, a asset, overwrite, rename bool) error { + dest := filepath.Join(d, filepath.FromSlash(a.Path)) dir := filepath.Dir(dest) - data, err := a.fs.ReadFile(a.name) + data, err := a.Section.Asset(a.Name) if err != nil { - return fmt.Errorf("%s: %w", a.path, err) + return fmt.Errorf("%s: %w", a.Path, err) } if err := os.MkdirAll(dir, os.ModePerm); err != nil { @@ -250,7 +272,7 @@ func extractAsset(d string, a assetFile, overwrite, rename bool) error { return fmt.Errorf("%s already exists, but it's not a regular file", dest) } else if rename { if err := util.Rename(dest, dest+".bak"); err != nil { - return fmt.Errorf("error creating backup for %s: %w", dest, err) + return fmt.Errorf("Error creating backup for %s: %w", dest, err) } // Attempt to respect file permissions mask (even if user:group will be set anew) perms = fi.Mode() @@ -271,30 +293,32 @@ func extractAsset(d string, a assetFile, overwrite, rename bool) error { return nil } -func collectAssetFilesByPattern(c *cli.Context, globs []glob.Glob, path string, layer *assetfs.Layer) { - fs := assetfs.Layered(layer) - files, err := fs.ListAllFiles(".", true) - if err != nil { - log.Error("Error listing files in %q: %v", path, err) - return - } - for _, name := range files { - if path == "public" && - strings.HasPrefix(name, "vendor/") && - !c.Bool("include-vendored") { - continue - } - matchName := path + "/" + name - for _, g := range globs { - if g.Match(matchName) { - matchedAssetFiles = append(matchedAssetFiles, assetFile{fs: fs, name: name, path: path + "/" + name}) - break +func buildAssetList(sec *section, globs []glob.Glob, c *cli.Context) []asset { + results := make([]asset, 0, 64) + for _, name := range sec.Names() { + if isdir, err := sec.IsDir(name); !isdir && err == nil { + if sec.Path == "public" && + strings.HasPrefix(name, "vendor/") && + !c.Bool("include-vendored") { + continue + } + matchName := sec.Path + "/" + name + for _, g := range globs { + if g.Match(matchName) { + results = append(results, asset{ + Section: sec, + Name: name, + Path: sec.Path + "/" + name, + }) + break + } } } } + return results } -func compileCollectPatterns(args []string) ([]glob.Glob, error) { +func getPatterns(args []string) ([]glob.Glob, error) { if len(args) == 0 { args = []string{"**"} } @@ -302,7 +326,7 @@ func compileCollectPatterns(args []string) ([]glob.Glob, error) { for i := range args { if g, err := glob.Compile(args[i], '/'); err != nil { return nil, fmt.Errorf("'%s': Invalid glob pattern: %w", args[i], err) - } else { //nolint:revive + } else { pat[i] = g } } diff --git a/cmd/embedded_stub.go b/cmd/embedded_stub.go new file mode 100644 index 0000000000..26228256f2 --- /dev/null +++ b/cmd/embedded_stub.go @@ -0,0 +1,30 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +//go:build !bindata + +package cmd + +import ( + "fmt" + "os" + + "github.com/urfave/cli" +) + +// Cmdembedded represents the available extract sub-command. +var ( + Cmdembedded = cli.Command{ + Name: "embedded", + Usage: "Extract embedded resources", + Description: "A command for extracting embedded resources, like templates and images", + Action: extractorNotImplemented, + } +) + +func extractorNotImplemented(c *cli.Context) error { + err := fmt.Errorf("Sorry: the 'embedded' subcommand is not available in builds without bindata") + fmt.Fprintf(os.Stderr, "%s\n", err) + return err +} diff --git a/cmd/forgejo/actions.go b/cmd/forgejo/actions.go deleted file mode 100644 index 1560b10fac..0000000000 --- a/cmd/forgejo/actions.go +++ /dev/null @@ -1,242 +0,0 @@ -// Copyright The Forgejo Authors. -// SPDX-License-Identifier: MIT - -package forgejo - -import ( - "context" - "encoding/hex" - "fmt" - "io" - "os" - "strings" - - actions_model "code.gitea.io/gitea/models/actions" - "code.gitea.io/gitea/modules/private" - "code.gitea.io/gitea/modules/setting" - private_routers "code.gitea.io/gitea/routers/private" - - "github.com/urfave/cli/v2" -) - -func CmdActions(ctx context.Context) *cli.Command { - return &cli.Command{ - Name: "actions", - Usage: "Commands for managing Forgejo Actions", - Subcommands: []*cli.Command{ - SubcmdActionsGenerateRunnerToken(ctx), - SubcmdActionsGenerateRunnerSecret(ctx), - SubcmdActionsRegister(ctx), - }, - } -} - -func SubcmdActionsGenerateRunnerToken(ctx context.Context) *cli.Command { - return &cli.Command{ - Name: "generate-runner-token", - Usage: "Generate a new token for a runner to use to register with the server", - Before: prepareWorkPathAndCustomConf(ctx), - Action: func(cliCtx *cli.Context) error { return RunGenerateActionsRunnerToken(ctx, cliCtx) }, - Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "scope", - Aliases: []string{"s"}, - Value: "", - Usage: "{owner}[/{repo}] - leave empty for a global runner", - }, - }, - } -} - -func SubcmdActionsGenerateRunnerSecret(ctx context.Context) *cli.Command { - return &cli.Command{ - Name: "generate-secret", - Usage: "Generate a secret suitable for input to the register subcommand", - Action: func(cliCtx *cli.Context) error { return RunGenerateSecret(ctx, cliCtx) }, - } -} - -func SubcmdActionsRegister(ctx context.Context) *cli.Command { - return &cli.Command{ - Name: "register", - Usage: "Idempotent registration of a runner using a shared secret", - Before: prepareWorkPathAndCustomConf(ctx), - Action: func(cliCtx *cli.Context) error { return RunRegister(ctx, cliCtx) }, - Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "secret", - Usage: "the secret the runner will use to connect as a 40 character hexadecimal string", - }, - &cli.StringFlag{ - Name: "secret-stdin", - Usage: "the secret the runner will use to connect as a 40 character hexadecimal string, read from stdin", - }, - &cli.StringFlag{ - Name: "secret-file", - Usage: "path to the file containing the secret the runner will use to connect as a 40 character hexadecimal string", - }, - &cli.StringFlag{ - Name: "scope", - Aliases: []string{"s"}, - Value: "", - Usage: "{owner}[/{repo}] - leave empty for a global runner", - }, - &cli.StringFlag{ - Name: "labels", - Value: "", - Usage: "comma separated list of labels supported by the runner (e.g. docker,ubuntu-latest,self-hosted) (not required since v1.21)", - }, - &cli.BoolFlag{ - Name: "keep-labels", - Value: false, - Usage: "do not affect the labels when updating an existing runner", - }, - &cli.StringFlag{ - Name: "name", - Value: "runner", - Usage: "name of the runner (default runner)", - }, - &cli.StringFlag{ - Name: "version", - Value: "", - Usage: "version of the runner (not required since v1.21)", - }, - }, - } -} - -func readSecret(ctx context.Context, cliCtx *cli.Context) (string, error) { - if cliCtx.IsSet("secret") { - return cliCtx.String("secret"), nil - } - if cliCtx.IsSet("secret-stdin") { - buf, err := io.ReadAll(ContextGetStdin(ctx)) - if err != nil { - return "", err - } - return string(buf), nil - } - if cliCtx.IsSet("secret-file") { - path := cliCtx.String("secret-file") - buf, err := os.ReadFile(path) - if err != nil { - return "", err - } - return string(buf), nil - } - return "", fmt.Errorf("at least one of the --secret, --secret-stdin, --secret-file options is required") -} - -func validateSecret(secret string) error { - secretLen := len(secret) - if secretLen != 40 { - return fmt.Errorf("the secret must be exactly 40 characters long, not %d: generate-secret can provide a secret matching the requirements", secretLen) - } - if _, err := hex.DecodeString(secret); err != nil { - return fmt.Errorf("the secret must be an hexadecimal string: %w", err) - } - return nil -} - -func getLabels(cliCtx *cli.Context) (*[]string, error) { - if !cliCtx.Bool("keep-labels") { - lblValue := strings.Split(cliCtx.String("labels"), ",") - return &lblValue, nil - } - if cliCtx.String("labels") != "" { - return nil, fmt.Errorf("--labels and --keep-labels should not be used together") - } - return nil, nil -} - -func RunRegister(ctx context.Context, cliCtx *cli.Context) error { - var cancel context.CancelFunc - if !ContextGetNoInit(ctx) { - ctx, cancel = installSignals(ctx) - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - } - setting.MustInstalled() - - secret, err := readSecret(ctx, cliCtx) - if err != nil { - return err - } - if err := validateSecret(secret); err != nil { - return err - } - scope := cliCtx.String("scope") - name := cliCtx.String("name") - version := cliCtx.String("version") - labels, err := getLabels(cliCtx) - if err != nil { - return err - } - - // - // There are two kinds of tokens - // - // - "registration token" only used when a runner interacts to - // register - // - // - "token" obtained after a successful registration and stored by - // the runner to authenticate - // - // The register subcommand does not need a "registration token", it - // needs a "token". Using the same name is confusing and secret is - // preferred for this reason in the cli. - // - // The ActionsRunnerRegister argument is token to be consistent with - // the internal naming. It is still confusing to the developer but - // not to the user. - // - owner, repo, err := private_routers.ParseScope(ctx, scope) - if err != nil { - return err - } - - runner, err := actions_model.RegisterRunner(ctx, owner, repo, secret, labels, name, version) - if err != nil { - return fmt.Errorf("error while registering runner: %v", err) - } - - if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", runner.UUID); err != nil { - panic(err) - } - return nil -} - -func RunGenerateSecret(ctx context.Context, cliCtx *cli.Context) error { - runner := actions_model.ActionRunner{} - if err := runner.GenerateToken(); err != nil { - return err - } - if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", runner.Token); err != nil { - panic(err) - } - return nil -} - -func RunGenerateActionsRunnerToken(ctx context.Context, cliCtx *cli.Context) error { - if !ContextGetNoInit(ctx) { - var cancel context.CancelFunc - ctx, cancel = installSignals(ctx) - defer cancel() - } - - setting.MustInstalled() - - scope := cliCtx.String("scope") - - respText, extra := private.GenerateActionsRunnerToken(ctx, scope) - if extra.HasError() { - return handleCliResponseExtra(ctx, extra) - } - if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", respText.Text); err != nil { - panic(err) - } - return nil -} diff --git a/cmd/forgejo/actions_test.go b/cmd/forgejo/actions_test.go deleted file mode 100644 index 897af98315..0000000000 --- a/cmd/forgejo/actions_test.go +++ /dev/null @@ -1,88 +0,0 @@ -// Copyright The Forgejo Authors. -// SPDX-License-Identifier: MIT - -package forgejo - -import ( - "fmt" - "testing" - - "code.gitea.io/gitea/services/context" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/urfave/cli/v2" -) - -func TestActions_getLabels(t *testing.T) { - type testCase struct { - args []string - hasLabels bool - hasError bool - labels []string - } - type resultType struct { - labels *[]string - err error - } - - cases := []testCase{ - { - args: []string{"x"}, - hasLabels: true, - hasError: false, - labels: []string{""}, - }, { - args: []string{"x", "--labels", "a,b"}, - hasLabels: true, - hasError: false, - labels: []string{"a", "b"}, - }, { - args: []string{"x", "--keep-labels"}, - hasLabels: false, - hasError: false, - }, { - args: []string{"x", "--keep-labels", "--labels", "a,b"}, - hasLabels: false, - hasError: true, - }, { - // this edge-case exists because that's what actually happens - // when no '--labels ...' options are present - args: []string{"x", "--keep-labels", "--labels", ""}, - hasLabels: false, - hasError: false, - }, - } - - flags := SubcmdActionsRegister(context.Context{}).Flags - for _, c := range cases { - t.Run(fmt.Sprintf("args: %v", c.args), func(t *testing.T) { - // Create a copy of command to test - var result *resultType - app := cli.NewApp() - app.Flags = flags - app.Action = func(ctx *cli.Context) error { - labels, err := getLabels(ctx) - result = &resultType{labels, err} - return nil - } - - // Run it - _ = app.Run(c.args) - - // Test the results - require.NotNil(t, result) - if c.hasLabels { - assert.NotNil(t, result.labels) - assert.Equal(t, c.labels, *result.labels) - } else { - assert.Nil(t, result.labels) - } - if c.hasError { - require.Error(t, result.err) - } else { - assert.NoError(t, result.err) - } - }) - } -} diff --git a/cmd/forgejo/f3.go b/cmd/forgejo/f3.go deleted file mode 100644 index 5a0d0ac036..0000000000 --- a/cmd/forgejo/f3.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright Earl Warren -// Copyright LoĆÆc Dachary -// SPDX-License-Identifier: MIT - -package forgejo - -import ( - "context" - "errors" - - "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/git" - "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/setting" - "code.gitea.io/gitea/modules/storage" - "code.gitea.io/gitea/services/f3/util" - - _ "code.gitea.io/gitea/services/f3/driver" // register the driver - - f3_cmd "code.forgejo.org/f3/gof3/v3/cmd" - f3_logger "code.forgejo.org/f3/gof3/v3/logger" - f3_util "code.forgejo.org/f3/gof3/v3/util" - "github.com/urfave/cli/v2" -) - -func CmdF3(ctx context.Context) *cli.Command { - ctx = f3_logger.ContextSetLogger(ctx, util.NewF3Logger(nil, log.GetLogger(log.DEFAULT))) - return &cli.Command{ - Name: "f3", - Usage: "F3", - Subcommands: []*cli.Command{ - SubcmdF3Mirror(ctx), - }, - } -} - -func SubcmdF3Mirror(ctx context.Context) *cli.Command { - mirrorCmd := f3_cmd.CreateCmdMirror(ctx) - mirrorCmd.Before = prepareWorkPathAndCustomConf(ctx) - f3Action := mirrorCmd.Action - mirrorCmd.Action = func(c *cli.Context) error { return runMirror(ctx, c, f3Action) } - return mirrorCmd -} - -func runMirror(ctx context.Context, c *cli.Context, action cli.ActionFunc) error { - setting.LoadF3Setting() - if !setting.F3.Enabled { - return errors.New("F3 is disabled, it is not ready to be used and is only present for development purposes") - } - - var cancel context.CancelFunc - if !ContextGetNoInit(ctx) { - ctx, cancel = installSignals(ctx) - defer cancel() - - if err := initDB(ctx); err != nil { - return err - } - - if err := storage.Init(); err != nil { - return err - } - - if err := git.InitSimple(ctx); err != nil { - return err - } - if err := models.Init(ctx); err != nil { - return err - } - } - - err := action(c) - if panicError, ok := err.(f3_util.PanicError); ok { - log.Debug("F3 Stack trace\n%s", panicError.Stack()) - } - return err -} diff --git a/cmd/forgejo/forgejo.go b/cmd/forgejo/forgejo.go deleted file mode 100644 index 1b7e16ca8f..0000000000 --- a/cmd/forgejo/forgejo.go +++ /dev/null @@ -1,170 +0,0 @@ -// Copyright The Forgejo Authors. -// SPDX-License-Identifier: MIT - -package forgejo - -import ( - "context" - "fmt" - "io" - "os" - "os/signal" - "syscall" - - "code.gitea.io/gitea/models/db" - "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/private" - "code.gitea.io/gitea/modules/setting" - - "github.com/urfave/cli/v2" -) - -type key int - -const ( - noInitKey key = iota + 1 - noExitKey - stdoutKey - stderrKey - stdinKey -) - -func CmdForgejo(ctx context.Context) *cli.Command { - return &cli.Command{ - Name: "forgejo-cli", - Usage: "Forgejo CLI", - Flags: []cli.Flag{}, - Subcommands: []*cli.Command{ - CmdActions(ctx), - CmdF3(ctx), - }, - } -} - -func ContextSetNoInit(ctx context.Context, value bool) context.Context { - return context.WithValue(ctx, noInitKey, value) -} - -func ContextGetNoInit(ctx context.Context) bool { - value, ok := ctx.Value(noInitKey).(bool) - return ok && value -} - -func ContextSetNoExit(ctx context.Context, value bool) context.Context { - return context.WithValue(ctx, noExitKey, value) -} - -func ContextGetNoExit(ctx context.Context) bool { - value, ok := ctx.Value(noExitKey).(bool) - return ok && value -} - -func ContextSetStderr(ctx context.Context, value io.Writer) context.Context { - return context.WithValue(ctx, stderrKey, value) -} - -func ContextGetStderr(ctx context.Context) io.Writer { - value, ok := ctx.Value(stderrKey).(io.Writer) - if !ok { - return os.Stderr - } - return value -} - -func ContextSetStdout(ctx context.Context, value io.Writer) context.Context { - return context.WithValue(ctx, stdoutKey, value) -} - -func ContextGetStdout(ctx context.Context) io.Writer { - value, ok := ctx.Value(stderrKey).(io.Writer) - if !ok { - return os.Stdout - } - return value -} - -func ContextSetStdin(ctx context.Context, value io.Reader) context.Context { - return context.WithValue(ctx, stdinKey, value) -} - -func ContextGetStdin(ctx context.Context) io.Reader { - value, ok := ctx.Value(stdinKey).(io.Reader) - if !ok { - return os.Stdin - } - return value -} - -// copied from ../cmd.go -func initDB(ctx context.Context) error { - setting.MustInstalled() - setting.LoadDBSetting() - setting.InitSQLLoggersForCli(log.INFO) - - if setting.Database.Type == "" { - log.Fatal(`Database settings are missing from the configuration file: %q. -Ensure you are running in the correct environment or set the correct configuration file with -c. -If this is the intended configuration file complete the [database] section.`, setting.CustomConf) - } - if err := db.InitEngine(ctx); err != nil { - return fmt.Errorf("unable to initialize the database using the configuration in %q. Error: %w", setting.CustomConf, err) - } - return nil -} - -// copied from ../cmd.go -func installSignals(ctx context.Context) (context.Context, context.CancelFunc) { - ctx, cancel := context.WithCancel(ctx) - go func() { - // install notify - signalChannel := make(chan os.Signal, 1) - - signal.Notify( - signalChannel, - syscall.SIGINT, - syscall.SIGTERM, - ) - select { - case <-signalChannel: - case <-ctx.Done(): - } - cancel() - signal.Reset() - }() - - return ctx, cancel -} - -func handleCliResponseExtra(ctx context.Context, extra private.ResponseExtra) error { - if false && extra.UserMsg != "" { - if _, err := fmt.Fprintf(ContextGetStdout(ctx), "%s", extra.UserMsg); err != nil { - panic(err) - } - } - if ContextGetNoExit(ctx) { - return extra.Error - } - return cli.Exit(extra.Error, 1) -} - -func prepareWorkPathAndCustomConf(ctx context.Context) func(c *cli.Context) error { - return func(c *cli.Context) error { - if !ContextGetNoInit(ctx) { - var args setting.ArgWorkPathAndCustomConf - // from children to parent, check the global flags - for _, curCtx := range c.Lineage() { - if curCtx.IsSet("work-path") && args.WorkPath == "" { - args.WorkPath = curCtx.String("work-path") - } - if curCtx.IsSet("custom-path") && args.CustomPath == "" { - args.CustomPath = curCtx.String("custom-path") - } - if curCtx.IsSet("config") && args.CustomConf == "" { - args.CustomConf = curCtx.String("config") - } - } - setting.InitWorkPathAndCommonConfig(os.Getenv, args) - } - return nil - } -} diff --git a/cmd/generate.go b/cmd/generate.go index 806946244b..35c77a815b 100644 --- a/cmd/generate.go +++ b/cmd/generate.go @@ -1,6 +1,7 @@ // Copyright 2016 The Gogs Authors. All rights reserved. // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -11,43 +12,43 @@ import ( "code.gitea.io/gitea/modules/generate" "github.com/mattn/go-isatty" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) var ( // CmdGenerate represents the available generate sub-command. - CmdGenerate = &cli.Command{ + CmdGenerate = cli.Command{ Name: "generate", - Usage: "Generate Gitea's secrets/keys/tokens", - Subcommands: []*cli.Command{ + Usage: "Command line interface for running generators", + Subcommands: []cli.Command{ subcmdSecret, }, } - subcmdSecret = &cli.Command{ + subcmdSecret = cli.Command{ Name: "secret", Usage: "Generate a secret token", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ microcmdGenerateInternalToken, microcmdGenerateLfsJwtSecret, microcmdGenerateSecretKey, }, } - microcmdGenerateInternalToken = &cli.Command{ + microcmdGenerateInternalToken = cli.Command{ Name: "INTERNAL_TOKEN", Usage: "Generate a new INTERNAL_TOKEN", Action: runGenerateInternalToken, } - microcmdGenerateLfsJwtSecret = &cli.Command{ + microcmdGenerateLfsJwtSecret = cli.Command{ Name: "JWT_SECRET", Aliases: []string{"LFS_JWT_SECRET"}, Usage: "Generate a new JWT_SECRET", Action: runGenerateLfsJwtSecret, } - microcmdGenerateSecretKey = &cli.Command{ + microcmdGenerateSecretKey = cli.Command{ Name: "SECRET_KEY", Usage: "Generate a new SECRET_KEY", Action: runGenerateSecretKey, @@ -70,12 +71,12 @@ func runGenerateInternalToken(c *cli.Context) error { } func runGenerateLfsJwtSecret(c *cli.Context) error { - _, jwtSecretBase64, err := generate.NewJwtSecret() + JWTSecretBase64, err := generate.NewJwtSecretBase64() if err != nil { return err } - fmt.Printf("%s", jwtSecretBase64) + fmt.Printf("%s", JWTSecretBase64) if isatty.IsTerminal(os.Stdout.Fd()) { fmt.Printf("\n") diff --git a/cmd/hook.go b/cmd/hook.go index 93dfd9d648..3970d27cf2 100644 --- a/cmd/hook.go +++ b/cmd/hook.go @@ -1,27 +1,27 @@ // Copyright 2017 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "bufio" "bytes" - "context" "fmt" "io" + "net/http" "os" "strconv" "strings" "time" "code.gitea.io/gitea/modules/git" - "code.gitea.io/gitea/modules/git/pushoptions" - "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" repo_module "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) const ( @@ -30,12 +30,11 @@ const ( var ( // CmdHook represents the available hooks sub-command. - CmdHook = &cli.Command{ + CmdHook = cli.Command{ Name: "hook", - Usage: "(internal) Should only be called by Git", - Description: "Delegate commands to corresponding Git hooks", - Before: PrepareConsoleLoggerLevel(log.FATAL), - Subcommands: []*cli.Command{ + Usage: "Delegate commands to corresponding Git hooks", + Description: "This should only be called by Git", + Subcommands: []cli.Command{ subcmdHookPreReceive, subcmdHookUpdate, subcmdHookPostReceive, @@ -43,47 +42,47 @@ var ( }, } - subcmdHookPreReceive = &cli.Command{ + subcmdHookPreReceive = cli.Command{ Name: "pre-receive", Usage: "Delegate pre-receive Git hook", Description: "This command should only be called by Git", Action: runHookPreReceive, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, } - subcmdHookUpdate = &cli.Command{ + subcmdHookUpdate = cli.Command{ Name: "update", Usage: "Delegate update Git hook", Description: "This command should only be called by Git", Action: runHookUpdate, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, } - subcmdHookPostReceive = &cli.Command{ + subcmdHookPostReceive = cli.Command{ Name: "post-receive", Usage: "Delegate post-receive Git hook", Description: "This command should only be called by Git", Action: runHookPostReceive, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, } // Note: new hook since git 2.29 - subcmdHookProcReceive = &cli.Command{ + subcmdHookProcReceive = cli.Command{ Name: "proc-receive", Usage: "Delegate proc-receive Git hook", Description: "This command should only be called by Git", Action: runHookProcReceive, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, @@ -140,10 +139,11 @@ func (d *delayWriter) WriteString(s string) (n int, err error) { } func (d *delayWriter) Close() error { - if d.timer.Stop() { - d.buf = nil + if d == nil { + return nil } - if d.buf == nil { + stopped := util.StopTimer(d.timer) + if stopped || d.buf == nil { return nil } _, err := d.internal.Write(d.buf.Bytes()) @@ -168,13 +168,13 @@ func runHookPreReceive(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) + setup("hooks/pre-receive.log", c.Bool("debug")) if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 { if setting.OnlyAllowPushIfGiteaEnvironmentSet { - return fail(ctx, `Rejecting changes as Forgejo environment not set. + return fail(`Rejecting changes as Gitea environment not set. If you are pushing over SSH you must push with a key managed by -Forgejo or set your environment appropriately.`, "") +Gitea or set your environment appropriately.`, "") } return nil } @@ -186,24 +186,22 @@ Forgejo or set your environment appropriately.`, "") userID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPusherID), 10, 64) prID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPRID), 10, 64) deployKeyID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvDeployKeyID), 10, 64) - actionPerm, _ := strconv.ParseInt(os.Getenv(repo_module.EnvActionPerm), 10, 64) hookOptions := private.HookOptions{ UserID: userID, GitAlternativeObjectDirectories: os.Getenv(private.GitAlternativeObjectDirectories), GitObjectDirectory: os.Getenv(private.GitObjectDirectory), GitQuarantinePath: os.Getenv(private.GitQuarantinePath), - GitPushOptions: pushoptions.New().ReadEnv().Map(), + GitPushOptions: pushOptions(), PullRequestID: prID, DeployKeyID: deployKeyID, - ActionPerm: int(actionPerm), } scanner := bufio.NewScanner(os.Stdin) oldCommitIDs := make([]string, hookBatchSize) newCommitIDs := make([]string, hookBatchSize) - refFullNames := make([]git.RefName, hookBatchSize) + refFullNames := make([]string, hookBatchSize) count := 0 total := 0 lastline := 0 @@ -220,9 +218,9 @@ Forgejo or set your environment appropriately.`, "") } } - supportProcReceive := false + supportProcRecive := false if git.CheckGitVersionAtLeast("2.29") == nil { - supportProcReceive = true + supportProcRecive = true } for scanner.Scan() { @@ -238,14 +236,14 @@ Forgejo or set your environment appropriately.`, "") oldCommitID := string(fields[0]) newCommitID := string(fields[1]) - refFullName := git.RefName(fields[2]) + refFullName := string(fields[2]) total++ lastline++ // If the ref is a branch or tag, check if it's protected - // if supportProcReceive all ref should be checked because + // if supportProcRecive all ref should be checked because // permission check was delayed - if supportProcReceive || refFullName.IsBranch() || refFullName.IsTag() { + if supportProcRecive || strings.HasPrefix(refFullName, git.BranchPrefix) || strings.HasPrefix(refFullName, git.TagPrefix) { oldCommitIDs[count] = oldCommitID newCommitIDs[count] = newCommitID refFullNames[count] = refFullName @@ -258,9 +256,14 @@ Forgejo or set your environment appropriately.`, "") hookOptions.OldCommitIDs = oldCommitIDs hookOptions.NewCommitIDs = newCommitIDs hookOptions.RefFullNames = refFullNames - extra := private.HookPreReceive(ctx, username, reponame, hookOptions) - if extra.HasError() { - return fail(ctx, extra.UserMsg, "HookPreReceive(batch) failed: %v", extra.Error) + statusCode, msg := private.HookPreReceive(ctx, username, reponame, hookOptions) + switch statusCode { + case http.StatusOK: + // no-op + case http.StatusInternalServerError: + return fail("Internal Server Error", msg) + default: + return fail(msg, "") } count = 0 lastline = 0 @@ -281,9 +284,12 @@ Forgejo or set your environment appropriately.`, "") fmt.Fprintf(out, " Checking %d references\n", count) - extra := private.HookPreReceive(ctx, username, reponame, hookOptions) - if extra.HasError() { - return fail(ctx, extra.UserMsg, "HookPreReceive(last) failed: %v", extra.Error) + statusCode, msg := private.HookPreReceive(ctx, username, reponame, hookOptions) + switch statusCode { + case http.StatusInternalServerError: + return fail("Internal Server Error", msg) + case http.StatusForbidden: + return fail(msg, "") } } else if lastline > 0 { fmt.Fprintf(out, "\n") @@ -293,44 +299,16 @@ Forgejo or set your environment appropriately.`, "") return nil } -// runHookUpdate process the update hook: https://git-scm.com/docs/githooks#update func runHookUpdate(c *cli.Context) error { - // Now if we're an internal don't do anything else - if isInternal, _ := strconv.ParseBool(os.Getenv(repo_module.EnvIsInternal)); isInternal { - return nil - } - - ctx, cancel := installSignals() - defer cancel() - - if c.NArg() != 3 { - return nil - } - args := c.Args().Slice() - - // The arguments given to the hook are in order: reference name, old commit ID and new commit ID. - refFullName := git.RefName(args[0]) - newCommitID := args[2] - - // Only process pull references. - if !refFullName.IsPull() { - return nil - } - - // Empty new commit ID means deletion. - if git.IsEmptyCommitID(newCommitID, nil) { - return fail(ctx, fmt.Sprintf("The deletion of %s is skipped as it's an internal reference.", refFullName), "") - } - - // If the new comment isn't empty it means modification. - return fail(ctx, fmt.Sprintf("The modification of %s is skipped as it's an internal reference.", refFullName), "") + // Update is empty and is kept only for backwards compatibility + return nil } func runHookPostReceive(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) + setup("hooks/post-receive.log", c.Bool("debug")) // First of all run update-server-info no matter what if _, _, err := git.NewCommand(ctx, "update-server-info").RunStdString(nil); err != nil { @@ -344,18 +322,19 @@ func runHookPostReceive(c *cli.Context) error { if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 { if setting.OnlyAllowPushIfGiteaEnvironmentSet { - return fail(ctx, `Rejecting changes as Forgejo environment not set. + return fail(`Rejecting changes as Gitea environment not set. If you are pushing over SSH you must push with a key managed by -Forgejo or set your environment appropriately.`, "") +Gitea or set your environment appropriately.`, "") } return nil } var out io.Writer + var dWriter *delayWriter out = &nilWriter{} if setting.Git.VerbosePush { if setting.Git.VerbosePushDelay > 0 { - dWriter := newDelayWriter(os.Stdout, setting.Git.VerbosePushDelay) + dWriter = newDelayWriter(os.Stdout, setting.Git.VerbosePushDelay) defer dWriter.Close() out = dWriter } else { @@ -368,7 +347,6 @@ Forgejo or set your environment appropriately.`, "") isWiki, _ := strconv.ParseBool(os.Getenv(repo_module.EnvRepoIsWiki)) repoName := os.Getenv(repo_module.EnvRepoName) pusherID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPusherID), 10, 64) - prID, _ := strconv.ParseInt(os.Getenv(repo_module.EnvPRID), 10, 64) pusherName := os.Getenv(repo_module.EnvPusherName) hookOptions := private.HookOptions{ @@ -377,13 +355,11 @@ Forgejo or set your environment appropriately.`, "") GitAlternativeObjectDirectories: os.Getenv(private.GitAlternativeObjectDirectories), GitObjectDirectory: os.Getenv(private.GitObjectDirectory), GitQuarantinePath: os.Getenv(private.GitQuarantinePath), - GitPushOptions: pushoptions.New().ReadEnv().Map(), - PullRequestID: prID, - PushTrigger: repo_module.PushTrigger(os.Getenv(repo_module.EnvPushTrigger)), + GitPushOptions: pushOptions(), } oldCommitIDs := make([]string, hookBatchSize) newCommitIDs := make([]string, hookBatchSize) - refFullNames := make([]git.RefName, hookBatchSize) + refFullNames := make([]string, hookBatchSize) count := 0 total := 0 wasEmpty := false @@ -405,9 +381,8 @@ Forgejo or set your environment appropriately.`, "") fmt.Fprintf(out, ".") oldCommitIDs[count] = string(fields[0]) newCommitIDs[count] = string(fields[1]) - refFullNames[count] = git.RefName(fields[2]) - - if refFullNames[count] == git.BranchPrefix+"master" && !git.IsEmptyCommitID(newCommitIDs[count], nil) && count == total { + refFullNames[count] = string(fields[2]) + if refFullNames[count] == git.BranchPrefix+"master" && newCommitIDs[count] != git.EmptySHA && count == total { masterPushed = true } count++ @@ -418,10 +393,11 @@ Forgejo or set your environment appropriately.`, "") hookOptions.OldCommitIDs = oldCommitIDs hookOptions.NewCommitIDs = newCommitIDs hookOptions.RefFullNames = refFullNames - resp, extra := private.HookPostReceive(ctx, repoUser, repoName, hookOptions) - if extra.HasError() { + resp, err := private.HookPostReceive(ctx, repoUser, repoName, hookOptions) + if resp == nil { + _ = dWriter.Close() hookPrintResults(results) - return fail(ctx, extra.UserMsg, "HookPostReceive failed: %v", extra.Error) + return fail("Internal Server Error", err) } wasEmpty = wasEmpty || resp.RepoWasEmpty results = append(results, resp.Results...) @@ -432,13 +408,14 @@ Forgejo or set your environment appropriately.`, "") if count == 0 { if wasEmpty && masterPushed { // We need to tell the repo to reset the default branch to master - extra := private.SetDefaultBranch(ctx, repoUser, repoName, "master") - if extra.HasError() { - return fail(ctx, extra.UserMsg, "SetDefaultBranch failed: %v", extra.Error) + err := private.SetDefaultBranch(ctx, repoUser, repoName, "master") + if err != nil { + return fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err) } } fmt.Fprintf(out, "Processed %d references in total\n", total) + _ = dWriter.Close() hookPrintResults(results) return nil } @@ -449,10 +426,11 @@ Forgejo or set your environment appropriately.`, "") fmt.Fprintf(out, " Processing %d references\n", count) - resp, extra := private.HookPostReceive(ctx, repoUser, repoName, hookOptions) + resp, err := private.HookPostReceive(ctx, repoUser, repoName, hookOptions) if resp == nil { + _ = dWriter.Close() hookPrintResults(results) - return fail(ctx, extra.UserMsg, "HookPostReceive failed: %v", extra.Error) + return fail("Internal Server Error", err) } wasEmpty = wasEmpty || resp.RepoWasEmpty results = append(results, resp.Results...) @@ -461,13 +439,14 @@ Forgejo or set your environment appropriately.`, "") if wasEmpty && masterPushed { // We need to tell the repo to reset the default branch to master - extra := private.SetDefaultBranch(ctx, repoUser, repoName, "master") - if extra.HasError() { - return fail(ctx, extra.UserMsg, "SetDefaultBranch failed: %v", extra.Error) + err := private.SetDefaultBranch(ctx, repoUser, repoName, "master") + if err != nil { + return fail("Internal Server Error", "SetDefaultBranch failed with Error: %v", err) } } - + _ = dWriter.Close() hookPrintResults(results) + return nil } @@ -486,27 +465,41 @@ func hookPrintResults(results []private.HookPostReceiveBranchResult) { fmt.Fprintf(os.Stderr, " %s\n", res.URL) } fmt.Fprintln(os.Stderr, "") - _ = os.Stderr.Sync() + os.Stderr.Sync() } } -func runHookProcReceive(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() +func pushOptions() map[string]string { + opts := make(map[string]string) + if pushCount, err := strconv.Atoi(os.Getenv(private.GitPushOptionCount)); err == nil { + for idx := 0; idx < pushCount; idx++ { + opt := os.Getenv(fmt.Sprintf("GIT_PUSH_OPTION_%d", idx)) + kv := strings.SplitN(opt, "=", 2) + if len(kv) == 2 { + opts[kv[0]] = kv[1] + } + } + } + return opts +} - setup(ctx, c.Bool("debug")) +func runHookProcReceive(c *cli.Context) error { + setup("hooks/proc-receive.log", c.Bool("debug")) if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 { if setting.OnlyAllowPushIfGiteaEnvironmentSet { - return fail(ctx, `Rejecting changes as Forgejo environment not set. + return fail(`Rejecting changes as Gitea environment not set. If you are pushing over SSH you must push with a key managed by -Forgejo or set your environment appropriately.`, "") +Gitea or set your environment appropriately.`, "") } return nil } + ctx, cancel := installSignals() + defer cancel() + if git.CheckGitVersionAtLeast("2.29") != nil { - return fail(ctx, "No proc-receive support", "current git version doesn't support proc-receive.") + return fail("Internal Server Error", "git not support proc-receive.") } reader := bufio.NewReader(os.Stdin) @@ -521,7 +514,7 @@ Forgejo or set your environment appropriately.`, "") // H: PKT-LINE(version=1\0push-options...) // H: flush-pkt - rs, err := readPktLine(ctx, reader, pktLineTypeData) + rs, err := readPktLine(reader, pktLineTypeData) if err != nil { return err } @@ -536,19 +529,19 @@ Forgejo or set your environment appropriately.`, "") index := bytes.IndexByte(rs.Data, byte(0)) if index >= len(rs.Data) { - return fail(ctx, "Protocol: format error", "pkt-line: format error %s", rs.Data) + return fail("Internal Server Error", "pkt-line: format error "+fmt.Sprint(rs.Data)) } if index < 0 { if len(rs.Data) == 10 && rs.Data[9] == '\n' { index = 9 } else { - return fail(ctx, "Protocol: format error", "pkt-line: format error %s", rs.Data) + return fail("Internal Server Error", "pkt-line: format error "+fmt.Sprint(rs.Data)) } } if string(rs.Data[0:index]) != VersionHead { - return fail(ctx, "Protocol: version error", "Received unsupported version: %s", string(rs.Data[0:index])) + return fail("Internal Server Error", "Received unsupported version: %s", string(rs.Data[0:index])) } requestOptions = strings.Split(string(rs.Data[index+1:]), " ") @@ -561,17 +554,17 @@ Forgejo or set your environment appropriately.`, "") } response = append(response, '\n') - _, err = readPktLine(ctx, reader, pktLineTypeFlush) + _, err = readPktLine(reader, pktLineTypeFlush) if err != nil { return err } - err = writeDataPktLine(ctx, os.Stdout, response) + err = writeDataPktLine(os.Stdout, response) if err != nil { return err } - err = writeFlushPktLine(ctx, os.Stdout) + err = writeFlushPktLine(os.Stdout) if err != nil { return err } @@ -590,11 +583,11 @@ Forgejo or set your environment appropriately.`, "") } hookOptions.OldCommitIDs = make([]string, 0, hookBatchSize) hookOptions.NewCommitIDs = make([]string, 0, hookBatchSize) - hookOptions.RefFullNames = make([]git.RefName, 0, hookBatchSize) + hookOptions.RefFullNames = make([]string, 0, hookBatchSize) for { // note: pktLineTypeUnknow means pktLineTypeFlush and pktLineTypeData all allowed - rs, err = readPktLine(ctx, reader, pktLineTypeUnknown) + rs, err = readPktLine(reader, pktLineTypeUnknow) if err != nil { return err } @@ -608,15 +601,14 @@ Forgejo or set your environment appropriately.`, "") } hookOptions.OldCommitIDs = append(hookOptions.OldCommitIDs, t[0]) hookOptions.NewCommitIDs = append(hookOptions.NewCommitIDs, t[1]) - hookOptions.RefFullNames = append(hookOptions.RefFullNames, git.RefName(t[2])) + hookOptions.RefFullNames = append(hookOptions.RefFullNames, t[2]) } hookOptions.GitPushOptions = make(map[string]string) if hasPushOptions { - pushOptions := pushoptions.NewFromMap(&hookOptions.GitPushOptions) for { - rs, err = readPktLine(ctx, reader, pktLineTypeUnknown) + rs, err = readPktLine(reader, pktLineTypeUnknow) if err != nil { return err } @@ -624,14 +616,18 @@ Forgejo or set your environment appropriately.`, "") if rs.Type == pktLineTypeFlush { break } - pushOptions.Parse(string(rs.Data)) + + kv := strings.SplitN(string(rs.Data), "=", 2) + if len(kv) == 2 { + hookOptions.GitPushOptions[kv[0]] = kv[1] + } } } // 3. run hook - resp, extra := private.HookProcReceive(ctx, repoUser, repoName, hookOptions) - if extra.HasError() { - return fail(ctx, extra.UserMsg, "HookProcReceive failed: %v", extra.Error) + resp, err := private.HookProcReceive(ctx, repoUser, repoName, hookOptions) + if err != nil { + return fail("Internal Server Error", "run proc-receive hook failed :%v", err) } // 4. response result to service @@ -652,7 +648,7 @@ Forgejo or set your environment appropriately.`, "") for _, rs := range resp.Results { if len(rs.Err) > 0 { - err = writeDataPktLine(ctx, os.Stdout, []byte("ng "+rs.OriginalRef.String()+" "+rs.Err)) + err = writeDataPktLine(os.Stdout, []byte("ng "+rs.OriginalRef+" "+rs.Err)) if err != nil { return err } @@ -660,43 +656,43 @@ Forgejo or set your environment appropriately.`, "") } if rs.IsNotMatched { - err = writeDataPktLine(ctx, os.Stdout, []byte("ok "+rs.OriginalRef.String())) + err = writeDataPktLine(os.Stdout, []byte("ok "+rs.OriginalRef)) if err != nil { return err } - err = writeDataPktLine(ctx, os.Stdout, []byte("option fall-through")) + err = writeDataPktLine(os.Stdout, []byte("option fall-through")) if err != nil { return err } continue } - err = writeDataPktLine(ctx, os.Stdout, []byte("ok "+rs.OriginalRef)) + err = writeDataPktLine(os.Stdout, []byte("ok "+rs.OriginalRef)) if err != nil { return err } - err = writeDataPktLine(ctx, os.Stdout, []byte("option refname "+rs.Ref)) + err = writeDataPktLine(os.Stdout, []byte("option refname "+rs.Ref)) if err != nil { return err } - if !git.IsEmptyCommitID(rs.OldOID, nil) { - err = writeDataPktLine(ctx, os.Stdout, []byte("option old-oid "+rs.OldOID)) + if rs.OldOID != git.EmptySHA { + err = writeDataPktLine(os.Stdout, []byte("option old-oid "+rs.OldOID)) if err != nil { return err } } - err = writeDataPktLine(ctx, os.Stdout, []byte("option new-oid "+rs.NewOID)) + err = writeDataPktLine(os.Stdout, []byte("option new-oid "+rs.NewOID)) if err != nil { return err } if rs.IsForcePush { - err = writeDataPktLine(ctx, os.Stdout, []byte("option forced-update")) + err = writeDataPktLine(os.Stdout, []byte("option forced-update")) if err != nil { return err } } } - err = writeFlushPktLine(ctx, os.Stdout) + err = writeFlushPktLine(os.Stdout) return err } @@ -706,8 +702,8 @@ Forgejo or set your environment appropriately.`, "") type pktLineType int64 const ( - // Unknown type - pktLineTypeUnknown pktLineType = 0 + // UnKnow type + pktLineTypeUnknow pktLineType = 0 // flush-pkt "0000" pktLineTypeFlush pktLineType = iota // data line @@ -721,36 +717,45 @@ type gitPktLine struct { Data []byte } -// Reads an Pkt-Line from `in`. If requestType is not unknown, it will a -func readPktLine(ctx context.Context, in *bufio.Reader, requestType pktLineType) (*gitPktLine, error) { - // Read length prefix +func readPktLine(in *bufio.Reader, requestType pktLineType) (*gitPktLine, error) { + var ( + err error + r *gitPktLine + ) + + // read prefix lengthBytes := make([]byte, 4) - if n, err := in.Read(lengthBytes); n != 4 || err != nil { - return nil, fail(ctx, "Protocol: stdin error", "Pkt-Line: read stdin failed : %v", err) + for i := 0; i < 4; i++ { + lengthBytes[i], err = in.ReadByte() + if err != nil { + return nil, fail("Internal Server Error", "Pkt-Line: read stdin failed : %v", err) + } } - var err error - r := &gitPktLine{} + r = new(gitPktLine) r.Length, err = strconv.ParseUint(string(lengthBytes), 16, 32) if err != nil { - return nil, fail(ctx, "Protocol: format parse error", "Pkt-Line format is wrong :%v", err) + return nil, fail("Internal Server Error", "Pkt-Line format is wrong :%v", err) } if r.Length == 0 { if requestType == pktLineTypeData { - return nil, fail(ctx, "Protocol: format data error", "Pkt-Line format is wrong") + return nil, fail("Internal Server Error", "Pkt-Line format is wrong") } r.Type = pktLineTypeFlush return r, nil } if r.Length <= 4 || r.Length > 65520 || requestType == pktLineTypeFlush { - return nil, fail(ctx, "Protocol: format length error", "Pkt-Line format is wrong") + return nil, fail("Internal Server Error", "Pkt-Line format is wrong") } r.Data = make([]byte, r.Length-4) - if n, err := io.ReadFull(in, r.Data); uint64(n) != r.Length-4 || err != nil { - return nil, fail(ctx, "Protocol: stdin error", "Pkt-Line: read stdin failed : %v", err) + for i := range r.Data { + r.Data[i], err = in.ReadByte() + if err != nil { + return nil, fail("Internal Server Error", "Pkt-Line: read stdin failed : %v", err) + } } r.Type = pktLineTypeData @@ -758,38 +763,45 @@ func readPktLine(ctx context.Context, in *bufio.Reader, requestType pktLineType) return r, nil } -func writeFlushPktLine(ctx context.Context, out io.Writer) error { +func writeFlushPktLine(out io.Writer) error { l, err := out.Write([]byte("0000")) - if err != nil || l != 4 { - return fail(ctx, "Protocol: write error", "Pkt-Line response failed: %v", err) + if err != nil { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) } + if l != 4 { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) + } + return nil } -// Write an Pkt-Line based on `data` to `out` according to the specification. -// https://git-scm.com/docs/protocol-common -func writeDataPktLine(ctx context.Context, out io.Writer, data []byte) error { - // Implementations SHOULD NOT send an empty pkt-line ("0004"). - if len(data) == 0 { - return fail(ctx, "Protocol: write error", "Not allowed to write empty Pkt-Line") +func writeDataPktLine(out io.Writer, data []byte) error { + hexchar := []byte("0123456789abcdef") + hex := func(n uint64) byte { + return hexchar[(n)&15] } length := uint64(len(data) + 4) + tmp := make([]byte, 4) + tmp[0] = hex(length >> 12) + tmp[1] = hex(length >> 8) + tmp[2] = hex(length >> 4) + tmp[3] = hex(length) - // The maximum length of a pkt-line’s data component is 65516 bytes. - // Implementations MUST NOT send pkt-line whose length exceeds 65520 (65516 bytes of payload + 4 bytes of length data). - if length > 65520 { - return fail(ctx, "Protocol: write error", "Pkt-Line exceeds maximum of 65520 bytes") + lr, err := out.Write(tmp) + if err != nil { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) } - - lr, err := fmt.Fprintf(out, "%04x", length) - if err != nil || lr != 4 { - return fail(ctx, "Protocol: write error", "Pkt-Line response failed: %v", err) + if lr != 4 { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) } lr, err = out.Write(data) - if err != nil || int(length-4) != lr { - return fail(ctx, "Protocol: write error", "Pkt-Line response failed: %v", err) + if err != nil { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) + } + if int(length-4) != lr { + return fail("Internal Server Error", "Pkt-Line response failed: %v", err) } return nil diff --git a/cmd/hook_test.go b/cmd/hook_test.go index 1f0ee7087b..92c7e82a9a 100644 --- a/cmd/hook_test.go +++ b/cmd/hook_test.go @@ -1,203 +1,41 @@ // Copyright 2021 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "bufio" "bytes" - "context" - "io" - "net/http" - "net/http/httptest" - "os" "strings" "testing" - "time" - - "code.gitea.io/gitea/modules/setting" - "code.gitea.io/gitea/modules/test" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/urfave/cli/v2" ) -// Capture what's being written into a standard file descriptor. -func captureOutput(t *testing.T, stdFD *os.File) (finish func() (output string)) { - t.Helper() - - r, w, err := os.Pipe() - require.NoError(t, err) - resetStdout := test.MockVariableValue(stdFD, *w) - - return func() (output string) { - w.Close() - resetStdout() - - out, err := io.ReadAll(r) - require.NoError(t, err) - return string(out) - } -} - func TestPktLine(t *testing.T) { - ctx := context.Background() + // test read + s := strings.NewReader("0000") + r := bufio.NewReader(s) + result, err := readPktLine(r, pktLineTypeFlush) + assert.NoError(t, err) + assert.Equal(t, pktLineTypeFlush, result.Type) - t.Run("Read", func(t *testing.T) { - s := strings.NewReader("0000") - r := bufio.NewReader(s) - result, err := readPktLine(ctx, r, pktLineTypeFlush) - require.NoError(t, err) - assert.Equal(t, pktLineTypeFlush, result.Type) + s = strings.NewReader("0006a\n") + r = bufio.NewReader(s) + result, err = readPktLine(r, pktLineTypeData) + assert.NoError(t, err) + assert.Equal(t, pktLineTypeData, result.Type) + assert.Equal(t, []byte("a\n"), result.Data) - s = strings.NewReader("0006a\n") - r = bufio.NewReader(s) - result, err = readPktLine(ctx, r, pktLineTypeData) - require.NoError(t, err) - assert.Equal(t, pktLineTypeData, result.Type) - assert.Equal(t, []byte("a\n"), result.Data) + // test write + w := bytes.NewBuffer([]byte{}) + err = writeFlushPktLine(w) + assert.NoError(t, err) + assert.Equal(t, []byte("0000"), w.Bytes()) - s = strings.NewReader("0004") - r = bufio.NewReader(s) - result, err = readPktLine(ctx, r, pktLineTypeData) - require.Error(t, err) - assert.Nil(t, result) - - data := strings.Repeat("x", 65516) - r = bufio.NewReader(strings.NewReader("fff0" + data)) - result, err = readPktLine(ctx, r, pktLineTypeData) - require.NoError(t, err) - assert.Equal(t, pktLineTypeData, result.Type) - assert.Equal(t, []byte(data), result.Data) - - r = bufio.NewReader(strings.NewReader("fff1a")) - result, err = readPktLine(ctx, r, pktLineTypeData) - require.Error(t, err) - assert.Nil(t, result) - }) - - t.Run("Write", func(t *testing.T) { - w := bytes.NewBuffer([]byte{}) - err := writeFlushPktLine(ctx, w) - require.NoError(t, err) - assert.Equal(t, []byte("0000"), w.Bytes()) - - w.Reset() - err = writeDataPktLine(ctx, w, []byte("a\nb")) - require.NoError(t, err) - assert.Equal(t, []byte("0007a\nb"), w.Bytes()) - - w.Reset() - data := bytes.Repeat([]byte{0x05}, 288) - err = writeDataPktLine(ctx, w, data) - require.NoError(t, err) - assert.Equal(t, append([]byte("0124"), data...), w.Bytes()) - - w.Reset() - err = writeDataPktLine(ctx, w, nil) - require.Error(t, err) - assert.Empty(t, w.Bytes()) - - w.Reset() - data = bytes.Repeat([]byte{0x64}, 65516) - err = writeDataPktLine(ctx, w, data) - require.NoError(t, err) - assert.Equal(t, append([]byte("fff0"), data...), w.Bytes()) - - w.Reset() - err = writeDataPktLine(ctx, w, bytes.Repeat([]byte{0x64}, 65516+1)) - require.Error(t, err) - assert.Empty(t, w.Bytes()) - }) -} - -func TestDelayWriter(t *testing.T) { - // Setup the environment. - defer test.MockVariableValue(&setting.InternalToken, "Random")() - defer test.MockVariableValue(&setting.InstallLock, true)() - defer test.MockVariableValue(&setting.Git.VerbosePush, true)() - t.Setenv("SSH_ORIGINAL_COMMAND", "true") - - // Setup the Stdin. - f, err := os.OpenFile(t.TempDir()+"/stdin", os.O_RDWR|os.O_CREATE|os.O_EXCL, 0o666) - require.NoError(t, err) - _, err = f.Write([]byte("00000000000000000000 00000000000000000001 refs/head/main\n")) - require.NoError(t, err) - _, err = f.Seek(0, 0) - require.NoError(t, err) - defer test.MockVariableValue(os.Stdin, *f)() - - // Setup the server that processes the hooks. - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - time.Sleep(time.Millisecond * 600) - })) - defer ts.Close() - defer test.MockVariableValue(&setting.LocalURL, ts.URL+"/")() - - app := cli.NewApp() - app.Commands = []*cli.Command{subcmdHookPreReceive} - - t.Run("Should delay", func(t *testing.T) { - defer test.MockVariableValue(&setting.Git.VerbosePushDelay, time.Millisecond*500)() - finish := captureOutput(t, os.Stdout) - - err = app.Run([]string{"./forgejo", "pre-receive"}) - require.NoError(t, err) - out := finish() - - require.Contains(t, out, "* Checking 1 references") - require.Contains(t, out, "Checked 1 references in total") - }) - - t.Run("Shouldn't delay", func(t *testing.T) { - defer test.MockVariableValue(&setting.Git.VerbosePushDelay, time.Second*5)() - finish := captureOutput(t, os.Stdout) - - err = app.Run([]string{"./forgejo", "pre-receive"}) - require.NoError(t, err) - out := finish() - - require.NoError(t, err) - require.Empty(t, out) - }) -} - -func TestRunHookUpdate(t *testing.T) { - app := cli.NewApp() - app.Commands = []*cli.Command{subcmdHookUpdate} - - t.Run("Removal of internal reference", func(t *testing.T) { - defer test.MockVariableValue(&cli.OsExiter, func(code int) {})() - defer test.MockVariableValue(&setting.IsProd, false)() - finish := captureOutput(t, os.Stderr) - - err := app.Run([]string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"}) - out := finish() - require.Error(t, err) - - assert.Contains(t, out, "The deletion of refs/pull/1/head is skipped as it's an internal reference.") - }) - - t.Run("Update of internal reference", func(t *testing.T) { - defer test.MockVariableValue(&cli.OsExiter, func(code int) {})() - defer test.MockVariableValue(&setting.IsProd, false)() - finish := captureOutput(t, os.Stderr) - - err := app.Run([]string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000001"}) - out := finish() - require.Error(t, err) - - assert.Contains(t, out, "The modification of refs/pull/1/head is skipped as it's an internal reference.") - }) - - t.Run("Removal of branch", func(t *testing.T) { - err := app.Run([]string{"./forgejo", "update", "refs/head/main", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"}) - require.NoError(t, err) - }) - - t.Run("Not enough arguments", func(t *testing.T) { - err := app.Run([]string{"./forgejo", "update"}) - require.NoError(t, err) - }) + w.Reset() + err = writeDataPktLine(w, []byte("a\nb")) + assert.NoError(t, err) + assert.Equal(t, []byte("0007a\nb"), w.Bytes()) } diff --git a/cmd/keys.go b/cmd/keys.go index 81425a5722..684aca64e2 100644 --- a/cmd/keys.go +++ b/cmd/keys.go @@ -1,5 +1,6 @@ // Copyright 2018 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -8,43 +9,36 @@ import ( "fmt" "strings" - "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdKeys represents the available keys sub-command -var CmdKeys = &cli.Command{ - Name: "keys", - Usage: "(internal) Should only be called by SSH server", - Description: "Queries the Forgejo database to get the authorized command for a given ssh key fingerprint", - Before: PrepareConsoleLoggerLevel(log.FATAL), - Action: runKeys, +var CmdKeys = cli.Command{ + Name: "keys", + Usage: "This command queries the Gitea database to get the authorized command for a given ssh key fingerprint", + Action: runKeys, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "expected", - Aliases: []string{"e"}, - Value: "git", - Usage: "Expected user for whom provide key commands", + cli.StringFlag{ + Name: "expected, e", + Value: "git", + Usage: "Expected user for whom provide key commands", }, - &cli.StringFlag{ - Name: "username", - Aliases: []string{"u"}, - Value: "", - Usage: "Username trying to log in by SSH", + cli.StringFlag{ + Name: "username, u", + Value: "", + Usage: "Username trying to log in by SSH", }, - &cli.StringFlag{ - Name: "type", - Aliases: []string{"t"}, - Value: "", - Usage: "Type of the SSH key provided to the SSH Server (requires content to be provided too)", + cli.StringFlag{ + Name: "type, t", + Value: "", + Usage: "Type of the SSH key provided to the SSH Server (requires content to be provided too)", }, - &cli.StringFlag{ - Name: "content", - Aliases: []string{"k"}, - Value: "", - Usage: "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)", + cli.StringFlag{ + Name: "content, k", + Value: "", + Usage: "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)", }, }, } @@ -71,13 +65,12 @@ func runKeys(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) + setup("keys.log", false) - authorizedString, extra := private.AuthorizedPublicKeyByContent(ctx, content) - // do not use handleCliResponseExtra or cli.NewExitError, if it exists immediately, it breaks some tests like Test_CmdKeys - if extra.Error != nil { - return extra.Error + authorizedString, err := private.AuthorizedPublicKeyByContent(ctx, content) + if err != nil { + return err } - _, _ = fmt.Fprintln(c.App.Writer, strings.TrimSpace(authorizedString.Text)) + fmt.Println(strings.TrimSpace(authorizedString)) return nil } diff --git a/cmd/mailer.go b/cmd/mailer.go index 0c5f2c8c8d..35fcb302f8 100644 --- a/cmd/mailer.go +++ b/cmd/mailer.go @@ -1,22 +1,24 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "fmt" + "net/http" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) func runSendMail(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setting.MustInstalled() + setting.LoadFromExisting() if err := argsSet(c, "title"); err != nil { return err @@ -41,10 +43,13 @@ func runSendMail(c *cli.Context) error { } } - respText, extra := private.SendEmail(ctx, subject, body, nil) - if extra.HasError() { - return handleCliResponseExtra(extra) + status, message := private.SendEmail(ctx, subject, body, nil) + if status != http.StatusOK { + fmt.Printf("error: %s\n", message) + return nil } - _, _ = fmt.Printf("Sent %s email(s) to all users\n", respText.Text) + + fmt.Printf("Success: %s\n", message) + return nil } diff --git a/cmd/main.go b/cmd/main.go deleted file mode 100644 index 9a28722b4b..0000000000 --- a/cmd/main.go +++ /dev/null @@ -1,226 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -package cmd - -import ( - "context" - "fmt" - "os" - "path/filepath" - "strings" - - "code.gitea.io/gitea/cmd/forgejo" - "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/setting" - - "github.com/urfave/cli/v2" -) - -// cmdHelp is our own help subcommand with more information -// Keep in mind that the "./gitea help"(subcommand) is different from "./gitea --help"(flag), the flag doesn't parse the config or output "DEFAULT CONFIGURATION:" information -func cmdHelp() *cli.Command { - c := &cli.Command{ - Name: "help", - Aliases: []string{"h"}, - Usage: "Shows a list of commands or help for one command", - ArgsUsage: "[command]", - Action: func(c *cli.Context) (err error) { - lineage := c.Lineage() // The order is from child to parent: help, doctor, Gitea, {Command:nil} - targetCmdIdx := 0 - if c.Command.Name == "help" { - targetCmdIdx = 1 - } - if lineage[targetCmdIdx+1].Command != nil { - err = cli.ShowCommandHelp(lineage[targetCmdIdx+1], lineage[targetCmdIdx].Command.Name) - } else { - err = cli.ShowAppHelp(c) - } - _, _ = fmt.Fprintf(c.App.Writer, ` -DEFAULT CONFIGURATION: - AppPath: %s - WorkPath: %s - CustomPath: %s - ConfigFile: %s - -`, setting.AppPath, setting.AppWorkPath, setting.CustomPath, setting.CustomConf) - return err - }, - } - return c -} - -func appGlobalFlags() []cli.Flag { - return []cli.Flag{ - // make the builtin flags at the top - cli.HelpFlag, - - // shared configuration flags, they are for global and for each sub-command at the same time - // eg: such command is valid: "./gitea --config /tmp/app.ini web --config /tmp/app.ini", while it's discouraged indeed - // keep in mind that the short flags like "-C", "-c" and "-w" are globally polluted, they can't be used for sub-commands anymore. - &cli.StringFlag{ - Name: "custom-path", - Aliases: []string{"C"}, - Usage: "Set custom path (defaults to '{WorkPath}/custom')", - }, - &cli.StringFlag{ - Name: "config", - Aliases: []string{"c"}, - Value: setting.CustomConf, - Usage: "Set custom config file (defaults to '{WorkPath}/custom/conf/app.ini')", - }, - &cli.StringFlag{ - Name: "work-path", - Aliases: []string{"w"}, - Usage: "Set Forgejo's working path (defaults to the directory of the Forgejo binary)", - }, - } -} - -func prepareSubcommandWithConfig(command *cli.Command, globalFlags []cli.Flag) { - command.Flags = append(append([]cli.Flag{}, globalFlags...), command.Flags...) - command.Action = prepareWorkPathAndCustomConf(command.Action) - command.HideHelp = true - if command.Name != "help" { - command.Subcommands = append(command.Subcommands, cmdHelp()) - } - for i := range command.Subcommands { - prepareSubcommandWithConfig(command.Subcommands[i], globalFlags) - } -} - -// prepareWorkPathAndCustomConf wraps the Action to prepare the work path and custom config -// It can't use "Before", because each level's sub-command's Before will be called one by one, so the "init" would be done multiple times -func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(ctx *cli.Context) error { - return func(ctx *cli.Context) error { - var args setting.ArgWorkPathAndCustomConf - // from children to parent, check the global flags - for _, curCtx := range ctx.Lineage() { - if curCtx.IsSet("work-path") && args.WorkPath == "" { - args.WorkPath = curCtx.String("work-path") - } - if curCtx.IsSet("custom-path") && args.CustomPath == "" { - args.CustomPath = curCtx.String("custom-path") - } - if curCtx.IsSet("config") && args.CustomConf == "" { - args.CustomConf = curCtx.String("config") - } - } - setting.InitWorkPathAndCommonConfig(os.Getenv, args) - if ctx.Bool("help") || action == nil { - // the default behavior of "urfave/cli": "nil action" means "show help" - return cmdHelp().Action(ctx) - } - return action(ctx) - } -} - -func NewMainApp(version, versionExtra string) *cli.App { - path, err := os.Executable() - if err != nil { - panic(err) - } - executable := filepath.Base(path) - - var subCmdsStandalone []*cli.Command = make([]*cli.Command, 0, 10) - var subCmdWithConfig []*cli.Command = make([]*cli.Command, 0, 10) - var globalFlags []cli.Flag = make([]cli.Flag, 0, 10) - - // - // If the executable is forgejo-cli, provide a Forgejo specific CLI - // that is NOT compatible with Gitea. - // - if executable == "forgejo-cli" { - subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdActions(context.Background())) - subCmdWithConfig = append(subCmdWithConfig, forgejo.CmdF3(context.Background())) - globalFlags = append(globalFlags, []cli.Flag{ - &cli.BoolFlag{ - Name: "quiet", - }, - &cli.BoolFlag{ - Name: "verbose", - }, - }...) - } else { - // - // Otherwise provide a Gitea compatible CLI which includes Forgejo - // specific additions under the forgejo-cli subcommand. It allows - // admins to migration from Gitea to Forgejo by replacing the gitea - // binary and rename it to forgejo if they want. - // - subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdForgejo(context.Background())) - subCmdWithConfig = append(subCmdWithConfig, CmdActions) - } - - return innerNewMainApp(version, versionExtra, subCmdsStandalone, subCmdWithConfig, globalFlags) -} - -func innerNewMainApp(version, versionExtra string, subCmdsStandaloneArgs, subCmdWithConfigArgs []*cli.Command, globalFlagsArgs []cli.Flag) *cli.App { - app := cli.NewApp() - app.HelpName = "forgejo" - app.Name = "Forgejo" - app.Usage = "Beyond coding. We forge." - app.Description = `By default, forgejo will start serving using the web-server with no argument, which can alternatively be run by running the subcommand "web".` - app.Version = version + versionExtra - app.EnableBashCompletion = true - - // these sub-commands need to use config file - subCmdWithConfig := []*cli.Command{ - cmdHelp(), // the "help" sub-command was used to show the more information for "work path" and "custom config" - CmdWeb, - CmdServ, - CmdHook, - CmdKeys, - CmdDump, - CmdAdmin, - CmdMigrate, - CmdDoctor, - CmdManager, - CmdEmbedded, - CmdMigrateStorage, - CmdDumpRepository, - CmdRestoreRepository, - } - - subCmdWithConfig = append(subCmdWithConfig, subCmdWithConfigArgs...) - - // these sub-commands do not need the config file, and they do not depend on any path or environment variable. - subCmdStandalone := []*cli.Command{ - CmdCert, - CmdGenerate, - CmdDocs, - } - subCmdStandalone = append(subCmdStandalone, subCmdsStandaloneArgs...) - - app.DefaultCommand = CmdWeb.Name - - globalFlags := appGlobalFlags() - globalFlags = append(globalFlags, globalFlagsArgs...) - app.Flags = append(app.Flags, cli.VersionFlag) - app.Flags = append(app.Flags, globalFlags...) - app.HideHelp = true // use our own help action to show helps (with more information like default config) - app.Before = PrepareConsoleLoggerLevel(log.INFO) - for i := range subCmdWithConfig { - prepareSubcommandWithConfig(subCmdWithConfig[i], globalFlags) - } - app.Commands = append(app.Commands, subCmdWithConfig...) - app.Commands = append(app.Commands, subCmdStandalone...) - - setting.InitGiteaEnvVars() - return app -} - -func RunMainApp(app *cli.App, args ...string) error { - err := app.Run(args) - if err == nil { - return nil - } - if strings.HasPrefix(err.Error(), "flag provided but not defined:") { - // the cli package should already have output the error message, so just exit - cli.OsExiter(1) - return err - } - _, _ = fmt.Fprintf(app.ErrWriter, "Command error: %v\n", err) - cli.OsExiter(1) - return err -} diff --git a/cmd/main_test.go b/cmd/main_test.go index 8a9ec14b2e..9cce0ef036 100644 --- a/cmd/main_test.go +++ b/cmd/main_test.go @@ -1,158 +1,23 @@ // Copyright 2022 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( - "fmt" - "io" - "path/filepath" - "strings" "testing" "code.gitea.io/gitea/models/unittest" "code.gitea.io/gitea/modules/setting" - "code.gitea.io/gitea/modules/test" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/urfave/cli/v2" ) +func init() { + setting.SetCustomPathAndConf("", "", "") + setting.LoadForTest() +} + func TestMain(m *testing.M) { - unittest.MainTest(m) -} - -func makePathOutput(workPath, customPath, customConf string) string { - return fmt.Sprintf("WorkPath=%s\nCustomPath=%s\nCustomConf=%s", workPath, customPath, customConf) -} - -func newTestApp(testCmdAction func(ctx *cli.Context) error) *cli.App { - app := NewMainApp("version", "version-extra") - testCmd := &cli.Command{Name: "test-cmd", Action: testCmdAction} - prepareSubcommandWithConfig(testCmd, appGlobalFlags()) - app.Commands = append(app.Commands, testCmd) - app.DefaultCommand = testCmd.Name - return app -} - -type runResult struct { - Stdout string - Stderr string - ExitCode int -} - -func runTestApp(app *cli.App, args ...string) (runResult, error) { - outBuf := new(strings.Builder) - errBuf := new(strings.Builder) - app.Writer = outBuf - app.ErrWriter = errBuf - exitCode := -1 - defer test.MockVariableValue(&cli.ErrWriter, app.ErrWriter)() - defer test.MockVariableValue(&cli.OsExiter, func(code int) { - if exitCode == -1 { - exitCode = code // save the exit code once and then reset the writer (to simulate the exit) - app.Writer, app.ErrWriter, cli.ErrWriter = io.Discard, io.Discard, io.Discard - } - })() - err := RunMainApp(app, args...) - return runResult{outBuf.String(), errBuf.String(), exitCode}, err -} - -func TestCliCmd(t *testing.T) { - defaultWorkPath := filepath.Dir(setting.AppPath) - defaultCustomPath := filepath.Join(defaultWorkPath, "custom") - defaultCustomConf := filepath.Join(defaultCustomPath, "conf/app.ini") - - cli.CommandHelpTemplate = "(command help template)" - cli.AppHelpTemplate = "(app help template)" - cli.SubcommandHelpTemplate = "(subcommand help template)" - - cases := []struct { - env map[string]string - cmd string - exp string - }{ - // main command help - { - cmd: "./gitea help", - exp: "DEFAULT CONFIGURATION:", - }, - - // parse paths - { - cmd: "./gitea test-cmd", - exp: makePathOutput(defaultWorkPath, defaultCustomPath, defaultCustomConf), - }, - { - cmd: "./gitea -c /tmp/app.ini test-cmd", - exp: makePathOutput(defaultWorkPath, defaultCustomPath, "/tmp/app.ini"), - }, - { - cmd: "./gitea test-cmd -c /tmp/app.ini", - exp: makePathOutput(defaultWorkPath, defaultCustomPath, "/tmp/app.ini"), - }, - { - env: map[string]string{"GITEA_WORK_DIR": "/tmp"}, - cmd: "./gitea test-cmd", - exp: makePathOutput("/tmp", "/tmp/custom", "/tmp/custom/conf/app.ini"), - }, - { - env: map[string]string{"GITEA_WORK_DIR": "/tmp"}, - cmd: "./gitea test-cmd --work-path /tmp/other", - exp: makePathOutput("/tmp/other", "/tmp/other/custom", "/tmp/other/custom/conf/app.ini"), - }, - { - env: map[string]string{"GITEA_WORK_DIR": "/tmp"}, - cmd: "./gitea test-cmd --config /tmp/app-other.ini", - exp: makePathOutput("/tmp", "/tmp/custom", "/tmp/app-other.ini"), - }, - } - - app := newTestApp(func(ctx *cli.Context) error { - _, _ = fmt.Fprint(ctx.App.Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf)) - return nil + unittest.MainTest(m, &unittest.TestOptions{ + GiteaRootPath: "..", }) - for _, c := range cases { - t.Run(c.cmd, func(t *testing.T) { - for k, v := range c.env { - t.Setenv(k, v) - } - args := strings.Split(c.cmd, " ") // for test only, "split" is good enough - r, err := runTestApp(app, args...) - require.NoError(t, err, c.cmd) - assert.NotEmpty(t, c.exp, c.cmd) - assert.Contains(t, r.Stdout, c.exp, c.cmd) - }) - } -} - -func TestCliCmdError(t *testing.T) { - app := newTestApp(func(ctx *cli.Context) error { return fmt.Errorf("normal error") }) - r, err := runTestApp(app, "./gitea", "test-cmd") - require.Error(t, err) - assert.Equal(t, 1, r.ExitCode) - assert.Equal(t, "", r.Stdout) - assert.Equal(t, "Command error: normal error\n", r.Stderr) - - app = newTestApp(func(ctx *cli.Context) error { return cli.Exit("exit error", 2) }) - r, err = runTestApp(app, "./gitea", "test-cmd") - require.Error(t, err) - assert.Equal(t, 2, r.ExitCode) - assert.Equal(t, "", r.Stdout) - assert.Equal(t, "exit error\n", r.Stderr) - - app = newTestApp(func(ctx *cli.Context) error { return nil }) - r, err = runTestApp(app, "./gitea", "test-cmd", "--no-such") - require.Error(t, err) - assert.Equal(t, 1, r.ExitCode) - assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stdout) - assert.Equal(t, "", r.Stderr) // the cli package's strange behavior, the error message is not in stderr .... - - app = newTestApp(func(ctx *cli.Context) error { return nil }) - r, err = runTestApp(app, "./gitea", "test-cmd") - require.NoError(t, err) - assert.Equal(t, -1, r.ExitCode) // the cli.OsExiter is not called - assert.Equal(t, "", r.Stdout) - assert.Equal(t, "", r.Stderr) } diff --git a/cmd/manager.go b/cmd/manager.go index b74771e53d..8fbfd1093c 100644 --- a/cmd/manager.go +++ b/cmd/manager.go @@ -1,106 +1,98 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( + "fmt" + "net/http" "os" "time" "code.gitea.io/gitea/modules/private" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) var ( // CmdManager represents the manager command - CmdManager = &cli.Command{ + CmdManager = cli.Command{ Name: "manager", - Usage: "Manage the running forgejo process", - Description: "This is a command for managing the running forgejo process", - Subcommands: []*cli.Command{ + Usage: "Manage the running gitea process", + Description: "This is a command for managing the running gitea process", + Subcommands: []cli.Command{ subcmdShutdown, subcmdRestart, - subcmdReloadTemplates, subcmdFlushQueues, subcmdLogging, subCmdProcesses, }, } - subcmdShutdown = &cli.Command{ + subcmdShutdown = cli.Command{ Name: "shutdown", Usage: "Gracefully shutdown the running process", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, Action: runShutdown, } - subcmdRestart = &cli.Command{ + subcmdRestart = cli.Command{ Name: "restart", Usage: "Gracefully restart the running process - (not implemented for windows servers)", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, Action: runRestart, } - subcmdReloadTemplates = &cli.Command{ - Name: "reload-templates", - Usage: "Reload template files in the running process", - Flags: []cli.Flag{ - &cli.BoolFlag{ - Name: "debug", - }, - }, - Action: runReloadTemplates, - } - subcmdFlushQueues = &cli.Command{ + subcmdFlushQueues = cli.Command{ Name: "flush-queues", Usage: "Flush queues in the running process", Action: runFlushQueues, Flags: []cli.Flag{ - &cli.DurationFlag{ + cli.DurationFlag{ Name: "timeout", Value: 60 * time.Second, Usage: "Timeout for the flushing process", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "non-blocking", Usage: "Set to true to not wait for flush to complete before returning", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, } - subCmdProcesses = &cli.Command{ + subCmdProcesses = cli.Command{ Name: "processes", Usage: "Display running processes within the current process", Action: runProcesses, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "flat", Usage: "Show processes as flat table rather than as tree", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "no-system", Usage: "Do not show system processes", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "stacktraces", Usage: "Show stacktraces", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "json", Usage: "Output as json", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "cancel", Usage: "Process PID to cancel. (Only available for non-system processes.)", }, @@ -112,43 +104,57 @@ func runShutdown(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - extra := private.Shutdown(ctx) - return handleCliResponseExtra(extra) + setup("manager", c.Bool("debug")) + statusCode, msg := private.Shutdown(ctx) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) + return nil } func runRestart(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - extra := private.Restart(ctx) - return handleCliResponseExtra(extra) -} + setup("manager", c.Bool("debug")) + statusCode, msg := private.Restart(ctx) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } -func runReloadTemplates(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - setup(ctx, c.Bool("debug")) - extra := private.ReloadTemplates(ctx) - return handleCliResponseExtra(extra) + fmt.Fprintln(os.Stdout, msg) + return nil } func runFlushQueues(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - extra := private.FlushQueues(ctx, c.Duration("timeout"), c.Bool("non-blocking")) - return handleCliResponseExtra(extra) + setup("manager", c.Bool("debug")) + statusCode, msg := private.FlushQueues(ctx, c.Duration("timeout"), c.Bool("non-blocking")) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) + return nil } func runProcesses(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - extra := private.Processes(ctx, os.Stdout, c.Bool("flat"), c.Bool("no-system"), c.Bool("stacktraces"), c.Bool("json"), c.String("cancel")) - return handleCliResponseExtra(extra) + setup("manager", c.Bool("debug")) + statusCode, msg := private.Processes(ctx, os.Stdout, c.Bool("flat"), c.Bool("no-system"), c.Bool("stacktraces"), c.Bool("json"), c.String("cancel")) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + return nil } diff --git a/cmd/manager_logging.go b/cmd/manager_logging.go index 6049b00d5e..761edf654c 100644 --- a/cmd/manager_logging.go +++ b/cmd/manager_logging.go @@ -1,71 +1,60 @@ // Copyright 2022 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( - "errors" "fmt" + "net/http" "os" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) var ( defaultLoggingFlags = []cli.Flag{ - &cli.StringFlag{ - Name: "logger", - Usage: `Logger name - will default to "default"`, - }, - &cli.StringFlag{ - Name: "writer", - Usage: "Name of the log writer - will default to mode", - }, - &cli.StringFlag{ - Name: "level", + cli.StringFlag{ + Name: "group, g", + Usage: "Group to add logger to - will default to \"default\"", + }, cli.StringFlag{ + Name: "name, n", + Usage: "Name of the new logger - will default to mode", + }, cli.StringFlag{ + Name: "level, l", Usage: "Logging level for the new logger", - }, - &cli.StringFlag{ - Name: "stacktrace-level", - Aliases: []string{"L"}, - Usage: "Stacktrace logging level", - }, - &cli.StringFlag{ - Name: "flags", - Aliases: []string{"F"}, - Usage: "Flags for the logger", - }, - &cli.StringFlag{ - Name: "expression", - Aliases: []string{"e"}, - Usage: "Matching expression for the logger", - }, - &cli.StringFlag{ - Name: "prefix", - Aliases: []string{"p"}, - Usage: "Prefix for the logger", - }, - &cli.BoolFlag{ + }, cli.StringFlag{ + Name: "stacktrace-level, L", + Usage: "Stacktrace logging level", + }, cli.StringFlag{ + Name: "flags, F", + Usage: "Flags for the logger", + }, cli.StringFlag{ + Name: "expression, e", + Usage: "Matching expression for the logger", + }, cli.StringFlag{ + Name: "prefix, p", + Usage: "Prefix for the logger", + }, cli.BoolFlag{ Name: "color", Usage: "Use color in the logs", - }, - &cli.BoolFlag{ + }, cli.BoolFlag{ Name: "debug", }, } - subcmdLogging = &cli.Command{ + subcmdLogging = cli.Command{ Name: "logging", Usage: "Adjust logging commands", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ { Name: "pause", - Usage: "Pause logging (Forgejo will buffer logs up to a certain point and will drop them after that point)", + Usage: "Pause logging (Gitea will buffer logs up to a certain point and will drop them after that point)", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, @@ -74,16 +63,16 @@ var ( Name: "resume", Usage: "Resume logging", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, Action: runResumeLogging, }, { Name: "release-and-reopen", - Usage: "Cause Forgejo to release and re-open files used for logging", + Usage: "Cause Gitea to release and re-open files used for logging", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, @@ -93,59 +82,52 @@ var ( Usage: "Remove a logger", ArgsUsage: "[name] Name of logger to remove", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", - }, &cli.StringFlag{ - Name: "logger", - Usage: `Logger name - will default to "default"`, + }, cli.StringFlag{ + Name: "group, g", + Usage: "Group to add logger to - will default to \"default\"", }, }, Action: runRemoveLogger, }, { Name: "add", Usage: "Add a logger", - Subcommands: []*cli.Command{ + Subcommands: []cli.Command{ { + Name: "console", + Usage: "Add a console logger", + Flags: append(defaultLoggingFlags, + cli.BoolFlag{ + Name: "stderr", + Usage: "Output console logs to stderr - only relevant for console", + }), + Action: runAddConsoleLogger, + }, { Name: "file", Usage: "Add a file logger", Flags: append(defaultLoggingFlags, []cli.Flag{ - &cli.StringFlag{ - Name: "filename", - Aliases: []string{"f"}, - Usage: "Filename for the logger - this must be set.", - }, - &cli.BoolFlag{ - Name: "rotate", - Aliases: []string{"r"}, - Usage: "Rotate logs", - Value: true, - }, - &cli.Int64Flag{ - Name: "max-size", - Aliases: []string{"s"}, - Usage: "Maximum size in bytes before rotation", - }, - &cli.BoolFlag{ - Name: "daily", - Aliases: []string{"d"}, - Usage: "Rotate logs daily", - Value: true, - }, - &cli.IntFlag{ - Name: "max-days", - Aliases: []string{"D"}, - Usage: "Maximum number of daily logs to keep", - }, - &cli.BoolFlag{ - Name: "compress", - Aliases: []string{"z"}, - Usage: "Compress rotated logs", - Value: true, - }, - &cli.IntFlag{ - Name: "compression-level", - Aliases: []string{"Z"}, - Usage: "Compression level to use", + cli.StringFlag{ + Name: "filename, f", + Usage: "Filename for the logger - this must be set.", + }, cli.BoolTFlag{ + Name: "rotate, r", + Usage: "Rotate logs", + }, cli.Int64Flag{ + Name: "max-size, s", + Usage: "Maximum size in bytes before rotation", + }, cli.BoolTFlag{ + Name: "daily, d", + Usage: "Rotate logs daily", + }, cli.IntFlag{ + Name: "max-days, D", + Usage: "Maximum number of daily logs to keep", + }, cli.BoolTFlag{ + Name: "compress, z", + Usage: "Compress rotated logs", + }, cli.IntFlag{ + Name: "compression-level, Z", + Usage: "Compression level to use", }, }...), Action: runAddFileLogger, @@ -153,38 +135,52 @@ var ( Name: "conn", Usage: "Add a net conn logger", Flags: append(defaultLoggingFlags, []cli.Flag{ - &cli.BoolFlag{ - Name: "reconnect-on-message", - Aliases: []string{"R"}, - Usage: "Reconnect to host for every message", - }, - &cli.BoolFlag{ - Name: "reconnect", - Aliases: []string{"r"}, - Usage: "Reconnect to host when connection is dropped", - }, - &cli.StringFlag{ - Name: "protocol", - Aliases: []string{"P"}, - Usage: "Set protocol to use: tcp, unix, or udp (defaults to tcp)", - }, - &cli.StringFlag{ - Name: "address", - Aliases: []string{"a"}, - Usage: "Host address and port to connect to (defaults to :7020)", + cli.BoolFlag{ + Name: "reconnect-on-message, R", + Usage: "Reconnect to host for every message", + }, cli.BoolFlag{ + Name: "reconnect, r", + Usage: "Reconnect to host when connection is dropped", + }, cli.StringFlag{ + Name: "protocol, P", + Usage: "Set protocol to use: tcp, unix, or udp (defaults to tcp)", + }, cli.StringFlag{ + Name: "address, a", + Usage: "Host address and port to connect to (defaults to :7020)", }, }...), Action: runAddConnLogger, + }, { + Name: "smtp", + Usage: "Add an SMTP logger", + Flags: append(defaultLoggingFlags, []cli.Flag{ + cli.StringFlag{ + Name: "username, u", + Usage: "Mail server username", + }, cli.StringFlag{ + Name: "password, P", + Usage: "Mail server password", + }, cli.StringFlag{ + Name: "host, H", + Usage: "Mail server host (defaults to: 127.0.0.1:25)", + }, cli.StringSliceFlag{ + Name: "send-to, s", + Usage: "Email address(es) to send to", + }, cli.StringFlag{ + Name: "subject, S", + Usage: "Subject header of sent emails", + }, + }...), + Action: runAddSMTPLogger, }, }, }, { Name: "log-sql", Usage: "Set LogSQL", Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", - }, - &cli.BoolFlag{ + }, cli.BoolFlag{ Name: "off", Usage: "Switch off SQL logging", }, @@ -196,26 +192,59 @@ var ( ) func runRemoveLogger(c *cli.Context) error { + setup("manager", c.Bool("debug")) + group := c.String("group") + if len(group) == 0 { + group = log.DEFAULT + } + name := c.Args().First() ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - logger := c.String("logger") - if len(logger) == 0 { - logger = log.DEFAULT + statusCode, msg := private.RemoveLogger(ctx, group, name) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) } - writer := c.Args().First() - extra := private.RemoveLogger(ctx, logger, writer) - return handleCliResponseExtra(extra) + fmt.Fprintln(os.Stdout, msg) + return nil +} + +func runAddSMTPLogger(c *cli.Context) error { + setup("manager", c.Bool("debug")) + vals := map[string]interface{}{} + mode := "smtp" + if c.IsSet("host") { + vals["host"] = c.String("host") + } else { + vals["host"] = "127.0.0.1:25" + } + + if c.IsSet("username") { + vals["username"] = c.String("username") + } + if c.IsSet("password") { + vals["password"] = c.String("password") + } + + if !c.IsSet("send-to") { + return fmt.Errorf("Some recipients must be provided") + } + vals["sendTos"] = c.StringSlice("send-to") + + if c.IsSet("subject") { + vals["subject"] = c.String("subject") + } else { + vals["subject"] = "Diagnostic message from Gitea" + } + + return commonAddLogger(c, mode, vals) } func runAddConnLogger(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - setup(ctx, c.Bool("debug")) - vals := map[string]any{} + setup("manager", c.Bool("debug")) + vals := map[string]interface{}{} mode := "conn" vals["net"] = "tcp" if c.IsSet("protocol") { @@ -241,16 +270,13 @@ func runAddConnLogger(c *cli.Context) error { } func runAddFileLogger(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - setup(ctx, c.Bool("debug")) - vals := map[string]any{} + setup("manager", c.Bool("debug")) + vals := map[string]interface{}{} mode := "file" if c.IsSet("filename") { vals["filename"] = c.String("filename") } else { - return errors.New("filename must be set when creating a file logger") + return fmt.Errorf("filename must be set when creating a file logger") } if c.IsSet("rotate") { vals["rotate"] = c.Bool("rotate") @@ -273,12 +299,22 @@ func runAddFileLogger(c *cli.Context) error { return commonAddLogger(c, mode, vals) } -func commonAddLogger(c *cli.Context, mode string, vals map[string]any) error { +func runAddConsoleLogger(c *cli.Context) error { + setup("manager", c.Bool("debug")) + vals := map[string]interface{}{} + mode := "console" + if c.IsSet("stderr") && c.Bool("stderr") { + vals["stderr"] = c.Bool("stderr") + } + return commonAddLogger(c, mode, vals) +} + +func commonAddLogger(c *cli.Context, mode string, vals map[string]interface{}) error { if len(c.String("level")) > 0 { - vals["level"] = log.LevelFromString(c.String("level")).String() + vals["level"] = log.FromString(c.String("level")).String() } if len(c.String("stacktrace-level")) > 0 { - vals["stacktraceLevel"] = log.LevelFromString(c.String("stacktrace-level")).String() + vals["stacktraceLevel"] = log.FromString(c.String("stacktrace-level")).String() } if len(c.String("expression")) > 0 { vals["expression"] = c.String("expression") @@ -292,28 +328,39 @@ func commonAddLogger(c *cli.Context, mode string, vals map[string]any) error { if c.IsSet("color") { vals["colorize"] = c.Bool("color") } - logger := log.DEFAULT - if c.IsSet("logger") { - logger = c.String("logger") + group := "default" + if c.IsSet("group") { + group = c.String("group") } - writer := mode - if c.IsSet("writer") { - writer = c.String("writer") + name := mode + if c.IsSet("name") { + name = c.String("name") } ctx, cancel := installSignals() defer cancel() - extra := private.AddLogger(ctx, logger, writer, mode, vals) - return handleCliResponseExtra(extra) + statusCode, msg := private.AddLogger(ctx, group, name, mode, vals) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) + return nil } func runPauseLogging(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - userMsg := private.PauseLogging(ctx) - _, _ = fmt.Fprintln(os.Stdout, userMsg) + setup("manager", c.Bool("debug")) + statusCode, msg := private.PauseLogging(ctx) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) return nil } @@ -321,9 +368,14 @@ func runResumeLogging(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - userMsg := private.ResumeLogging(ctx) - _, _ = fmt.Fprintln(os.Stdout, userMsg) + setup("manager", c.Bool("debug")) + statusCode, msg := private.ResumeLogging(ctx) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) return nil } @@ -331,17 +383,28 @@ func runReleaseReopenLogging(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) - userMsg := private.ReleaseReopenLogging(ctx) - _, _ = fmt.Fprintln(os.Stdout, userMsg) + setup("manager", c.Bool("debug")) + statusCode, msg := private.ReleaseReopenLogging(ctx) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) return nil } func runSetLogSQL(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setup(ctx, c.Bool("debug")) + setup("manager", c.Bool("debug")) - extra := private.SetLogSQL(ctx, !c.Bool("off")) - return handleCliResponseExtra(extra) + statusCode, msg := private.SetLogSQL(ctx, !c.Bool("off")) + switch statusCode { + case http.StatusInternalServerError: + return fail("InternalServerError", msg) + } + + fmt.Fprintln(os.Stdout, msg) + return nil } diff --git a/cmd/migrate.go b/cmd/migrate.go index 53c496a36c..49a13adeb5 100644 --- a/cmd/migrate.go +++ b/cmd/migrate.go @@ -1,5 +1,6 @@ // Copyright 2018 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -11,14 +12,14 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdMigrate represents the available migrate sub-command. -var CmdMigrate = &cli.Command{ +var CmdMigrate = cli.Command{ Name: "migrate", Usage: "Migrate the database", - Description: "This is a command for migrating the database, so that you can run 'forgejo admin user create' before starting the server.", + Description: "This is a command for migrating the database, so that you can run gitea admin create-user before starting the server.", Action: runMigrate, } @@ -33,7 +34,7 @@ func runMigrate(ctx *cli.Context) error { log.Info("AppPath: %s", setting.AppPath) log.Info("AppWorkPath: %s", setting.AppWorkPath) log.Info("Custom path: %s", setting.CustomPath) - log.Info("Log path: %s", setting.Log.RootPath) + log.Info("Log path: %s", setting.LogRootPath) log.Info("Configuration file: %s", setting.CustomConf) if err := db.InitEngineWithMigration(context.Background(), migrations.Migrate); err != nil { diff --git a/cmd/migrate_storage.go b/cmd/migrate_storage.go index 3a69b555e0..a283f91401 100644 --- a/cmd/migrate_storage.go +++ b/cmd/migrate_storage.go @@ -1,16 +1,14 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "context" - "errors" "fmt" - "io/fs" "strings" - actions_model "code.gitea.io/gitea/models/actions" "code.gitea.io/gitea/models/db" git_model "code.gitea.io/gitea/models/git" "code.gitea.io/gitea/models/migrations" @@ -22,116 +20,98 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdMigrateStorage represents the available migrate storage sub-command. -var CmdMigrateStorage = &cli.Command{ +var CmdMigrateStorage = cli.Command{ Name: "migrate-storage", Usage: "Migrate the storage", Description: "Copies stored files from storage configured in app.ini to parameter-configured storage", Action: runMigrateStorage, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "type", - Aliases: []string{"t"}, - Value: "", - Usage: "Type of stored files to copy. Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages', 'actions-log', 'actions-artifacts'", + cli.StringFlag{ + Name: "type, t", + Value: "", + Usage: "Type of stored files to copy. Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages'", }, - &cli.StringFlag{ - Name: "storage", - Aliases: []string{"s"}, - Value: "", - Usage: "New storage type: local (default) or minio", + cli.StringFlag{ + Name: "storage, s", + Value: "", + Usage: "New storage type: local (default) or minio", }, - &cli.StringFlag{ - Name: "path", - Aliases: []string{"p"}, - Value: "", - Usage: "New storage placement if store is local (leave blank for default)", + cli.StringFlag{ + Name: "path, p", + Value: "", + Usage: "New storage placement if store is local (leave blank for default)", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-endpoint", Value: "", Usage: "Minio storage endpoint", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-access-key-id", Value: "", Usage: "Minio storage accessKeyID", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-secret-access-key", Value: "", Usage: "Minio storage secretAccessKey", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-bucket", Value: "", Usage: "Minio storage bucket", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-location", Value: "", Usage: "Minio storage location to create bucket", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "minio-base-path", Value: "", - Usage: "Minio storage base path on the bucket", + Usage: "Minio storage basepath on the bucket", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "minio-use-ssl", Usage: "Enable SSL for minio", }, - &cli.BoolFlag{ - Name: "minio-insecure-skip-verify", - Usage: "Skip SSL verification", - }, - &cli.StringFlag{ - Name: "minio-checksum-algorithm", - Value: "", - Usage: "Minio checksum algorithm (default/md5)", - }, }, } func migrateAttachments(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, attach *repo_model.Attachment) error { + return db.IterateObjects(ctx, func(attach *repo_model.Attachment) error { _, err := storage.Copy(dstStorage, attach.RelativePath(), storage.Attachments, attach.RelativePath()) return err }) } func migrateLFS(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, mo *git_model.LFSMetaObject) error { + return db.IterateObjects(ctx, func(mo *git_model.LFSMetaObject) error { _, err := storage.Copy(dstStorage, mo.RelativePath(), storage.LFS, mo.RelativePath()) return err }) } func migrateAvatars(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, user *user_model.User) error { - if user.CustomAvatarRelativePath() == "" { - return nil - } + return db.IterateObjects(ctx, func(user *user_model.User) error { _, err := storage.Copy(dstStorage, user.CustomAvatarRelativePath(), storage.Avatars, user.CustomAvatarRelativePath()) return err }) } func migrateRepoAvatars(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, repo *repo_model.Repository) error { - if repo.CustomAvatarRelativePath() == "" { - return nil - } + return db.IterateObjects(ctx, func(repo *repo_model.Repository) error { _, err := storage.Copy(dstStorage, repo.CustomAvatarRelativePath(), storage.RepoAvatars, repo.CustomAvatarRelativePath()) return err }) } func migrateRepoArchivers(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, archiver *repo_model.RepoArchiver) error { + return db.IterateObjects(ctx, func(archiver *repo_model.RepoArchiver) error { p := archiver.RelativePath() _, err := storage.Copy(dstStorage, p, storage.RepoArchives, p) return err @@ -139,48 +119,13 @@ func migrateRepoArchivers(ctx context.Context, dstStorage storage.ObjectStorage) } func migratePackages(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, pb *packages_model.PackageBlob) error { + return db.IterateObjects(ctx, func(pb *packages_model.PackageBlob) error { p := packages_module.KeyToRelativePath(packages_module.BlobHash256Key(pb.HashSHA256)) _, err := storage.Copy(dstStorage, p, storage.Packages, p) return err }) } -func migrateActionsLog(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, task *actions_model.ActionTask) error { - if task.LogExpired { - // the log has been cleared - return nil - } - if !task.LogInStorage { - // running tasks store logs in DBFS - return nil - } - p := task.LogFilename - _, err := storage.Copy(dstStorage, p, storage.Actions, p) - return err - }) -} - -func migrateActionsArtifacts(ctx context.Context, dstStorage storage.ObjectStorage) error { - return db.Iterate(ctx, nil, func(ctx context.Context, artifact *actions_model.ActionArtifact) error { - if artifact.Status == int64(actions_model.ArtifactStatusExpired) { - return nil - } - - _, err := storage.Copy(dstStorage, artifact.StoragePath, storage.ActionsArtifacts, artifact.StoragePath) - if err != nil { - if errors.Is(err, fs.ErrNotExist) { - log.Warn("ignored: actions artifact %s exists in the database but not in storage", artifact.StoragePath) - return nil - } - return err - } - - return nil - }) -} - func runMigrateStorage(ctx *cli.Context) error { stdCtx, cancel := installSignals() defer cancel() @@ -192,7 +137,7 @@ func runMigrateStorage(ctx *cli.Context) error { log.Info("AppPath: %s", setting.AppPath) log.Info("AppWorkPath: %s", setting.AppWorkPath) log.Info("Custom path: %s", setting.CustomPath) - log.Info("Log path: %s", setting.Log.RootPath) + log.Info("Log path: %s", setting.LogRootPath) log.Info("Configuration file: %s", setting.CustomConf) if err := db.InitEngineWithMigration(context.Background(), migrations.Migrate); err != nil { @@ -209,32 +154,28 @@ func runMigrateStorage(ctx *cli.Context) error { switch strings.ToLower(ctx.String("storage")) { case "": fallthrough - case string(setting.LocalStorageType): + case string(storage.LocalStorageType): p := ctx.String("path") if p == "" { - log.Fatal("Path must be given when storage is local") + log.Fatal("Path must be given when storage is loal") return nil } dstStorage, err = storage.NewLocalStorage( stdCtx, - &setting.Storage{ + storage.LocalStorageConfig{ Path: p, }) - case string(setting.MinioStorageType): + case string(storage.MinioStorageType): dstStorage, err = storage.NewMinioStorage( stdCtx, - &setting.Storage{ - MinioConfig: setting.MinioStorageConfig{ - Endpoint: ctx.String("minio-endpoint"), - AccessKeyID: ctx.String("minio-access-key-id"), - SecretAccessKey: ctx.String("minio-secret-access-key"), - Bucket: ctx.String("minio-bucket"), - Location: ctx.String("minio-location"), - BasePath: ctx.String("minio-base-path"), - UseSSL: ctx.Bool("minio-use-ssl"), - InsecureSkipVerify: ctx.Bool("minio-insecure-skip-verify"), - ChecksumAlgorithm: ctx.String("minio-checksum-algorithm"), - }, + storage.MinioStorageConfig{ + Endpoint: ctx.String("minio-endpoint"), + AccessKeyID: ctx.String("minio-access-key-id"), + SecretAccessKey: ctx.String("minio-secret-access-key"), + Bucket: ctx.String("minio-bucket"), + Location: ctx.String("minio-location"), + BasePath: ctx.String("minio-base-path"), + UseSSL: ctx.Bool("minio-use-ssl"), }) default: return fmt.Errorf("unsupported storage type: %s", ctx.String("storage")) @@ -244,14 +185,12 @@ func runMigrateStorage(ctx *cli.Context) error { } migratedMethods := map[string]func(context.Context, storage.ObjectStorage) error{ - "attachments": migrateAttachments, - "lfs": migrateLFS, - "avatars": migrateAvatars, - "repo-avatars": migrateRepoAvatars, - "repo-archivers": migrateRepoArchivers, - "packages": migratePackages, - "actions-log": migrateActionsLog, - "actions-artifacts": migrateActionsArtifacts, + "attachments": migrateAttachments, + "lfs": migrateLFS, + "avatars": migrateAvatars, + "repo-avatars": migrateRepoAvatars, + "repo-archivers": migrateRepoArchivers, + "packages": migratePackages, } tp := strings.ToLower(ctx.String("type")) diff --git a/cmd/migrate_storage_test.go b/cmd/migrate_storage_test.go index 56745e9a38..0d264ef5a1 100644 --- a/cmd/migrate_storage_test.go +++ b/cmd/migrate_storage_test.go @@ -1,56 +1,36 @@ // Copyright 2022 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "context" - "io" "os" "strings" "testing" - "code.gitea.io/gitea/models/actions" - "code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/packages" "code.gitea.io/gitea/models/unittest" user_model "code.gitea.io/gitea/models/user" packages_module "code.gitea.io/gitea/modules/packages" - "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" - "code.gitea.io/gitea/modules/test" packages_service "code.gitea.io/gitea/services/packages" "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" ) -func createLocalStorage(t *testing.T) (storage.ObjectStorage, string) { - t.Helper() - - p := t.TempDir() - - storage, err := storage.NewLocalStorage( - context.Background(), - &setting.Storage{ - Path: p, - }) - require.NoError(t, err) - - return storage, p -} - func TestMigratePackages(t *testing.T) { - require.NoError(t, unittest.PrepareTestDatabase()) + assert.NoError(t, unittest.PrepareTestDatabase()) creator := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1}) content := "package main\n\nfunc main() {\nfmt.Println(\"hi\")\n}\n" - buf, err := packages_module.CreateHashedBufferFromReaderWithSize(strings.NewReader(content), 1024) - require.NoError(t, err) + buf, err := packages_module.CreateHashedBufferFromReader(strings.NewReader(content), 1024) + assert.NoError(t, err) defer buf.Close() - v, f, err := packages_service.CreatePackageAndAddFile(db.DefaultContext, &packages_service.PackageCreationInfo{ + v, f, err := packages_service.CreatePackageAndAddFile(&packages_service.PackageCreationInfo{ PackageInfo: packages_service.PackageInfo{ Owner: creator, PackageType: packages.TypeGeneric, @@ -64,71 +44,30 @@ func TestMigratePackages(t *testing.T) { PackageFileInfo: packages_service.PackageFileInfo{ Filename: "a.go", }, - Creator: creator, - Data: buf, - IsLead: true, + Data: buf, + IsLead: true, }) - require.NoError(t, err) + assert.NoError(t, err) assert.NotNil(t, v) assert.NotNil(t, f) ctx := context.Background() - dstStorage, p := createLocalStorage(t) + p := t.TempDir() + + dstStorage, err := storage.NewLocalStorage( + ctx, + storage.LocalStorageConfig{ + Path: p, + }) + assert.NoError(t, err) err = migratePackages(ctx, dstStorage) - require.NoError(t, err) + assert.NoError(t, err) entries, err := os.ReadDir(p) - require.NoError(t, err) - assert.Len(t, entries, 2) + assert.NoError(t, err) + assert.EqualValues(t, 2, len(entries)) assert.EqualValues(t, "01", entries[0].Name()) assert.EqualValues(t, "tmp", entries[1].Name()) } - -func TestMigrateActionsArtifacts(t *testing.T) { - require.NoError(t, unittest.PrepareTestDatabase()) - - srcStorage, _ := createLocalStorage(t) - defer test.MockVariableValue(&storage.ActionsArtifacts, srcStorage)() - id := int64(42) - - addArtifact := func(storagePath string, status actions.ArtifactStatus) { - id++ - artifact := &actions.ActionArtifact{ - ID: id, - ArtifactName: storagePath, - StoragePath: storagePath, - Status: int64(status), - } - _, err := db.GetEngine(db.DefaultContext).Insert(artifact) - require.NoError(t, err) - srcStorage.Save(storagePath, strings.NewReader(storagePath), -1) - } - - exists := "/exists" - addArtifact(exists, actions.ArtifactStatusUploadConfirmed) - - expired := "/expired" - addArtifact(expired, actions.ArtifactStatusExpired) - - notFound := "/notfound" - addArtifact(notFound, actions.ArtifactStatusUploadConfirmed) - srcStorage.Delete(notFound) - - dstStorage, _ := createLocalStorage(t) - - require.NoError(t, migrateActionsArtifacts(db.DefaultContext, dstStorage)) - - object, err := dstStorage.Open(exists) - require.NoError(t, err) - buf, err := io.ReadAll(object) - require.NoError(t, err) - assert.Equal(t, exists, string(buf)) - - _, err = dstStorage.Stat(expired) - require.Error(t, err) - - _, err = dstStorage.Stat(notFound) - require.Error(t, err) -} diff --git a/cmd/restore_repo.go b/cmd/restore_repo.go index 37b32aa304..2256cc61ab 100644 --- a/cmd/restore_repo.go +++ b/cmd/restore_repo.go @@ -1,47 +1,50 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( + "errors" + "net/http" "strings" + "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) // CmdRestoreRepository represents the available restore a repository sub-command. -var CmdRestoreRepository = &cli.Command{ +var CmdRestoreRepository = cli.Command{ Name: "restore-repo", Usage: "Restore the repository from disk", Description: "This is a command for restoring the repository data.", Action: runRestoreRepository, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "repo_dir", - Aliases: []string{"r"}, - Value: "./data", - Usage: "Repository dir path to restore from", + cli.StringFlag{ + Name: "repo_dir, r", + Value: "./data", + Usage: "Repository dir path to restore from", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "owner_name", Value: "", Usage: "Restore destination owner name", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "repo_name", Value: "", Usage: "Restore destination repository name", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "units", Value: "", Usage: `Which items will be restored, one or more units should be separated as comma. wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`, }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "validation", Usage: "Sanity check the content of the files before trying to load them", }, @@ -52,12 +55,12 @@ func runRestoreRepository(c *cli.Context) error { ctx, cancel := installSignals() defer cancel() - setting.MustInstalled() + setting.LoadFromExisting() var units []string if s := c.String("units"); s != "" { units = strings.Split(s, ",") } - extra := private.RestoreRepo( + statusCode, errStr := private.RestoreRepo( ctx, c.String("repo_dir"), c.String("owner_name"), @@ -65,5 +68,10 @@ func runRestoreRepository(c *cli.Context) error { units, c.Bool("validation"), ) - return handleCliResponseExtra(extra) + if statusCode == http.StatusOK { + return nil + } + + log.Fatal("Failed to restore repository: %v", errStr) + return errors.New(errStr) } diff --git a/cmd/serv.go b/cmd/serv.go index db67e36fa3..d19020e5c3 100644 --- a/cmd/serv.go +++ b/cmd/serv.go @@ -1,22 +1,21 @@ // Copyright 2014 The Gogs Authors. All rights reserved. // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd import ( "context" "fmt" + "net/http" "net/url" "os" "os/exec" - "path/filepath" "regexp" "strconv" "strings" - "testing" "time" - "unicode" asymkey_model "code.gitea.io/gitea/models/asymkey" git_model "code.gitea.io/gitea/models/git" @@ -31,9 +30,9 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/services/lfs" - "github.com/golang-jwt/jwt/v5" + "github.com/golang-jwt/jwt/v4" "github.com/kballard/go-shellquote" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" ) const ( @@ -41,35 +40,46 @@ const ( ) // CmdServ represents the available serv sub-command. -var CmdServ = &cli.Command{ +var CmdServ = cli.Command{ Name: "serv", - Usage: "(internal) Should only be called by SSH shell", + Usage: "This command should only be called by SSH shell", Description: "Serv provides access auth for repositories", - Before: PrepareConsoleLoggerLevel(log.FATAL), Action: runServ, Flags: []cli.Flag{ - &cli.BoolFlag{ + cli.BoolFlag{ Name: "enable-pprof", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "debug", }, }, } -func setup(ctx context.Context, debug bool) { +func setup(logPath string, debug bool) { + _ = log.DelLogger("console") if debug { - setupConsoleLogger(log.TRACE, false, os.Stderr) + _ = log.NewLogger(1000, "console", "console", `{"level":"trace","stacktracelevel":"NONE","stderr":true}`) } else { - setupConsoleLogger(log.FATAL, false, os.Stderr) + _ = log.NewLogger(1000, "console", "console", `{"level":"fatal","stacktracelevel":"NONE","stderr":true}`) } - setting.MustInstalled() + setting.LoadFromExisting() + if debug { + setting.RunMode = "dev" + } + + // Check if setting.RepoRootPath exists. It could be the case that it doesn't exist, this can happen when + // `[repository]` `ROOT` is a relative path and $GITEA_WORK_DIR isn't passed to the SSH connection. if _, err := os.Stat(setting.RepoRootPath); err != nil { - _ = fail(ctx, "Unable to access repository path", "Unable to access repository path %q, err: %v", setting.RepoRootPath, err) + if os.IsNotExist(err) { + _ = fail("Incorrect configuration, no repository directory.", "Directory `[repository].ROOT` %q was not found, please check if $GITEA_WORK_DIR is passed to the SSH connection or make `[repository].ROOT` an absolute value.", setting.RepoRootPath) + } else { + _ = fail("Incorrect configuration, repository directory is inaccessible", "Directory `[repository].ROOT` %q is inaccessible. err: %v", setting.RepoRootPath, err) + } return } + if err := git.InitSimple(context.Background()); err != nil { - _ = fail(ctx, "Failed to init git", "Failed to init git, err: %v", err) + _ = fail("Failed to init git", "Failed to init git, err: %v", err) } } @@ -83,49 +93,24 @@ var ( alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`) ) -// fail prints message to stdout, it's mainly used for git serv and git hook commands. -// The output will be passed to git client and shown to user. -func fail(ctx context.Context, userMessage, logMsgFmt string, args ...any) error { - if userMessage == "" { - userMessage = "Internal Server Error (no specific error)" - } - +func fail(userMessage, logMessage string, args ...interface{}) error { // There appears to be a chance to cause a zombie process and failure to read the Exit status // if nothing is outputted on stdout. _, _ = fmt.Fprintln(os.Stdout, "") - _, _ = fmt.Fprintln(os.Stderr, "Forgejo:", userMessage) + _, _ = fmt.Fprintln(os.Stderr, "Gitea:", userMessage) - if logMsgFmt != "" { - logMsg := fmt.Sprintf(logMsgFmt, args...) + if len(logMessage) > 0 { if !setting.IsProd { - _, _ = fmt.Fprintln(os.Stderr, "Forgejo:", logMsg) - } - if userMessage != "" { - if unicode.IsPunct(rune(userMessage[len(userMessage)-1])) { - logMsg = userMessage + " " + logMsg - } else { - logMsg = userMessage + ". " + logMsg - } - } - // Don't send an log if this is done in a test and no InternalToken is set. - if !testing.Testing() || setting.InternalToken != "" { - _ = private.SSHLog(ctx, true, logMsg) + _, _ = fmt.Fprintf(os.Stderr, logMessage+"\n", args...) } } - return cli.Exit("", 1) -} + ctx, cancel := installSignals() + defer cancel() -// handleCliResponseExtra handles the extra response from the cli sub-commands -// If there is a user message it will be printed to stdout -// If the command failed it will return an error (the error will be printed by cli framework) -func handleCliResponseExtra(extra private.ResponseExtra) error { - if extra.UserMsg != "" { - _, _ = fmt.Fprintln(os.Stdout, extra.UserMsg) + if len(logMessage) > 0 { + _ = private.SSHLog(ctx, true, fmt.Sprintf(logMessage+": ", args...)) } - if extra.HasError() { - return cli.Exit(extra.Error, 1) - } - return nil + return cli.NewExitError("", 1) } func runServ(c *cli.Context) error { @@ -133,50 +118,44 @@ func runServ(c *cli.Context) error { defer cancel() // FIXME: This needs to internationalised - setup(ctx, c.Bool("debug")) + setup("serv.log", c.Bool("debug")) if setting.SSH.Disabled { - fmt.Println("Forgejo: SSH has been disabled") + println("Gitea: SSH has been disabled") return nil } - if c.NArg() < 1 { + if len(c.Args()) < 1 { if err := cli.ShowSubcommandHelp(c); err != nil { fmt.Printf("error showing subcommand help: %v\n", err) } return nil } - defer func() { - if err := recover(); err != nil { - _ = fail(ctx, "Internal Server Error", "Panic: %v\n%s", err, log.Stack(2)) - } - }() - - keys := strings.Split(c.Args().First(), "-") + keys := strings.Split(c.Args()[0], "-") if len(keys) != 2 || keys[0] != "key" { - return fail(ctx, "Key ID format error", "Invalid key argument: %s", c.Args().First()) + return fail("Key ID format error", "Invalid key argument: %s", c.Args()[0]) } keyID, err := strconv.ParseInt(keys[1], 10, 64) if err != nil { - return fail(ctx, "Key ID parsing error", "Invalid key argument: %s", c.Args().Get(1)) + return fail("Key ID format error", "Invalid key argument: %s", c.Args()[1]) } cmd := os.Getenv("SSH_ORIGINAL_COMMAND") if len(cmd) == 0 { key, user, err := private.ServNoCommand(ctx, keyID) if err != nil { - return fail(ctx, "Key check failed", "Failed to check provided key: %v", err) + return fail("Internal error", "Failed to check provided key: %v", err) } switch key.Type { case asymkey_model.KeyTypeDeploy: - fmt.Println("Hi there! You've successfully authenticated with the deploy key named " + key.Name + ", but Forgejo does not provide shell access.") + println("Hi there! You've successfully authenticated with the deploy key named " + key.Name + ", but Forgejo does not provide shell access.") case asymkey_model.KeyTypePrincipal: - fmt.Println("Hi there! You've successfully authenticated with the principal " + key.Content + ", but Forgejo does not provide shell access.") + println("Hi there! You've successfully authenticated with the principal " + key.Content + ", but Forgejo does not provide shell access.") default: - fmt.Println("Hi there, " + user.Name + "! You've successfully authenticated with the key named " + key.Name + ", but Forgejo does not provide shell access.") + println("Hi there, " + user.Name + "! You've successfully authenticated with the key named " + key.Name + ", but Forgejo does not provide shell access.") } - fmt.Println("If this is unexpected, please log in with password and setup Forgejo under another user.") + println("If this is unexpected, please log in with password and setup Forgejo under another user.") return nil } else if c.Bool("debug") { log.Debug("SSH_ORIGINAL_COMMAND: %s", os.Getenv("SSH_ORIGINAL_COMMAND")) @@ -184,7 +163,7 @@ func runServ(c *cli.Context) error { words, err := shellquote.Split(cmd) if err != nil { - return fail(ctx, "Error parsing arguments", "Failed to parse arguments: %v", err) + return fail("Error parsing arguments", "Failed to parse arguments: %v", err) } if len(words) < 2 { @@ -195,16 +174,19 @@ func runServ(c *cli.Context) error { return nil } } - return fail(ctx, "Too few arguments", "Too few arguments in cmd: %s", cmd) + return fail("Too few arguments", "Too few arguments in cmd: %s", cmd) } verb := words[0] - repoPath := strings.TrimPrefix(words[1], "/") + repoPath := words[1] + if repoPath[0] == '/' { + repoPath = repoPath[1:] + } var lfsVerb string if verb == lfsAuthenticateVerb { if !setting.LFS.StartServer { - return fail(ctx, "Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled") + return fail("Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled") } if len(words) > 2 { @@ -212,44 +194,42 @@ func runServ(c *cli.Context) error { } } - rr := strings.SplitN(repoPath, "/", 2) - if len(rr) != 2 { - return fail(ctx, "Invalid repository path", "Invalid repository path: %v", repoPath) - } - - username := rr[0] - reponame := strings.TrimSuffix(rr[1], ".git") - // LowerCase and trim the repoPath as that's how they are stored. - // This should be done after splitting the repoPath into username and reponame - // so that username and reponame are not affected. repoPath = strings.ToLower(strings.TrimSpace(repoPath)) + rr := strings.SplitN(repoPath, "/", 2) + if len(rr) != 2 { + return fail("Invalid repository path", "Invalid repository path: %v", repoPath) + } + + username := strings.ToLower(rr[0]) + reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git")) + if alphaDashDotPattern.MatchString(reponame) { - return fail(ctx, "Invalid repo name", "Invalid repo name: %s", reponame) + return fail("Invalid repo name", "Invalid repo name: %s", reponame) } if c.Bool("enable-pprof") { if err := os.MkdirAll(setting.PprofDataPath, os.ModePerm); err != nil { - return fail(ctx, "Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err) + return fail("Error while trying to create PPROF_DATA_PATH", "Error while trying to create PPROF_DATA_PATH: %v", err) } stopCPUProfiler, err := pprof.DumpCPUProfileForUsername(setting.PprofDataPath, username) if err != nil { - return fail(ctx, "Unable to start CPU profiler", "Unable to start CPU profile: %v", err) + return fail("Internal Server Error", "Unable to start CPU profile: %v", err) } defer func() { stopCPUProfiler() err := pprof.DumpMemProfileForUsername(setting.PprofDataPath, username) if err != nil { - _ = fail(ctx, "Unable to dump Mem profile", "Unable to dump Mem Profile: %v", err) + _ = fail("Internal Server Error", "Unable to dump Mem Profile: %v", err) } }() } requestedMode, has := allowedCommands[verb] if !has { - return fail(ctx, "Unknown git command", "Unknown git command %s", verb) + return fail("Unknown git command", "Unknown git command %s", verb) } if verb == lfsAuthenticateVerb { @@ -258,13 +238,20 @@ func runServ(c *cli.Context) error { } else if lfsVerb == "download" { requestedMode = perm.AccessModeRead } else { - return fail(ctx, "Unknown LFS verb", "Unknown lfs verb %s", lfsVerb) + return fail("Unknown LFS verb", "Unknown lfs verb %s", lfsVerb) } } - results, extra := private.ServCommand(ctx, keyID, username, reponame, requestedMode, verb, lfsVerb) - if extra.HasError() { - return fail(ctx, extra.UserMsg, "ServCommand failed: %s", extra.Error) + results, err := private.ServCommand(ctx, keyID, username, reponame, requestedMode, verb, lfsVerb) + if err != nil { + if private.IsErrServCommand(err) { + errServCommand := err.(private.ErrServCommand) + if errServCommand.StatusCode != http.StatusInternalServerError { + return fail("Unauthorized", "%s", errServCommand.Error()) + } + return fail("Internal Server Error", "%s", errServCommand.Error()) + } + return fail("Internal Server Error", "%s", err.Error()) } // LFS token authentication @@ -286,7 +273,7 @@ func runServ(c *cli.Context) error { // Sign and get the complete encoded token as a string using the secret tokenString, err := token.SignedString(setting.LFS.JWTSecretBytes) if err != nil { - return fail(ctx, "Failed to sign JWT Token", "Failed to sign JWT token: %v", err) + return fail("Internal error", "Failed to sign JWT token: %v", err) } tokenAuthentication := &git_model.LFSTokenResponse{ @@ -298,26 +285,22 @@ func runServ(c *cli.Context) error { enc := json.NewEncoder(os.Stdout) err = enc.Encode(tokenAuthentication) if err != nil { - return fail(ctx, "Failed to encode LFS json response", "Failed to encode LFS json response: %v", err) + return fail("Internal error", "Failed to encode LFS json response: %v", err) } return nil } - var gitcmd *exec.Cmd - gitBinPath := filepath.Dir(git.GitExecutable) // e.g. /usr/bin - gitBinVerb := filepath.Join(gitBinPath, verb) // e.g. /usr/bin/git-upload-pack - if _, err := os.Stat(gitBinVerb); err != nil { - // if the command "git-upload-pack" doesn't exist, try to split "git-upload-pack" to use the sub-command with git - // ps: Windows only has "git.exe" in the bin path, so Windows always uses this way - verbFields := strings.SplitN(verb, "-", 2) - if len(verbFields) == 2 { - // use git binary with the sub-command part: "C:\...\bin\git.exe", "upload-pack", ... - gitcmd = exec.CommandContext(ctx, git.GitExecutable, verbFields[1], repoPath) - } + // Special handle for Windows. + if setting.IsWindows { + verb = strings.Replace(verb, "-", " ", 1) } - if gitcmd == nil { - // by default, use the verb (it has been checked above by allowedCommands) - gitcmd = exec.CommandContext(ctx, gitBinVerb, repoPath) + + var gitcmd *exec.Cmd + verbs := strings.Split(verb, " ") + if len(verbs) == 2 { + gitcmd = exec.CommandContext(ctx, verbs[0], verbs[1], repoPath) + } else { + gitcmd = exec.CommandContext(ctx, verb, repoPath) } process.SetSysProcAttribute(gitcmd) @@ -344,13 +327,13 @@ func runServ(c *cli.Context) error { gitcmd.Env = append(gitcmd.Env, git.CommonCmdServEnvs()...) if err = gitcmd.Run(); err != nil { - return fail(ctx, "Failed to execute git command", "Failed to execute git command: %v", err) + return fail("Internal error", "Failed to execute git command: %v", err) } // Update user key activity. if results.KeyID > 0 { if err = private.UpdatePublicKeyInRepo(ctx, results.KeyID, results.RepoID); err != nil { - return fail(ctx, "Failed to update public key", "UpdatePublicKeyInRepo: %v", err) + return fail("Internal error", "UpdatePublicKeyInRepo: %v", err) } } diff --git a/cmd/web.go b/cmd/web.go index 787411939c..1b9f7e420a 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -1,5 +1,6 @@ // Copyright 2014 The Gogs Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd @@ -9,61 +10,50 @@ import ( "net" "net/http" "os" - "path/filepath" - "strconv" "strings" - "time" _ "net/http/pprof" // Used for debugging if enabled and a web server is running - "code.gitea.io/gitea/modules/container" "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/process" - "code.gitea.io/gitea/modules/public" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/routers" "code.gitea.io/gitea/routers/install" "github.com/felixge/fgprof" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" + ini "gopkg.in/ini.v1" ) -// PIDFile could be set from build tag -var PIDFile = "/run/gitea.pid" - // CmdWeb represents the available web sub-command. -var CmdWeb = &cli.Command{ +var CmdWeb = cli.Command{ Name: "web", - Usage: "Start the Forgejo web server", - Description: `The Forgejo web server is the only thing you need to run, + Usage: "Start Gitea web server", + Description: `Gitea web server is the only thing you need to run, and it takes care of all the other things for you`, - Before: PrepareConsoleLoggerLevel(log.INFO), Action: runWeb, Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "port", - Aliases: []string{"p"}, - Value: "3000", - Usage: "Temporary port number to prevent conflict", + cli.StringFlag{ + Name: "port, p", + Value: "3000", + Usage: "Temporary port number to prevent conflict", }, - &cli.StringFlag{ + cli.StringFlag{ Name: "install-port", Value: "3000", Usage: "Temporary port number to run the install page on to prevent conflict", }, - &cli.StringFlag{ - Name: "pid", - Aliases: []string{"P"}, - Value: PIDFile, - Usage: "Custom pid file path", + cli.StringFlag{ + Name: "pid, P", + Value: setting.PIDFile, + Usage: "Custom pid file path", }, - &cli.BoolFlag{ - Name: "quiet", - Aliases: []string{"q"}, - Usage: "Only display Fatal logging errors until logging is set-up", + cli.BoolFlag{ + Name: "quiet, q", + Usage: "Only display Fatal logging errors until logging is set-up", }, - &cli.BoolFlag{ + cli.BoolFlag{ Name: "verbose", Usage: "Set initial logging to TRACE level until logging is properly set-up", }, @@ -92,151 +82,14 @@ func runHTTPRedirector() { } } -func createPIDFile(pidPath string) { - currentPid := os.Getpid() - if err := os.MkdirAll(filepath.Dir(pidPath), os.ModePerm); err != nil { - log.Fatal("Failed to create PID folder: %v", err) - } - - file, err := os.Create(pidPath) - if err != nil { - log.Fatal("Failed to create PID file: %v", err) - } - defer file.Close() - if _, err := file.WriteString(strconv.FormatInt(int64(currentPid), 10)); err != nil { - log.Fatal("Failed to write PID information: %v", err) - } -} - -func showWebStartupMessage(msg string) { - log.Info("Forgejo version: %s%s", setting.AppVer, setting.AppBuiltWith) - log.Info("* RunMode: %s", setting.RunMode) - log.Info("* AppPath: %s", setting.AppPath) - log.Info("* WorkPath: %s", setting.AppWorkPath) - log.Info("* CustomPath: %s", setting.CustomPath) - log.Info("* ConfigFile: %s", setting.CustomConf) - log.Info("%s", msg) // show startup message - - if setting.CORSConfig.Enabled { - log.Info("CORS Service Enabled") - } - if setting.DefaultUILocation != time.Local { - log.Info("Default UI Location is %v", setting.DefaultUILocation.String()) - } - if setting.MailService != nil { - log.Info("Mail Service Enabled: RegisterEmailConfirm=%v, Service.EnableNotifyMail=%v", setting.Service.RegisterEmailConfirm, setting.Service.EnableNotifyMail) - } -} - -func serveInstall(ctx *cli.Context) error { - showWebStartupMessage("Prepare to run install page") - - routers.InitWebInstallPage(graceful.GetManager().HammerContext()) - - // Flag for port number in case first time run conflict - if ctx.IsSet("port") { - if err := setPort(ctx.String("port")); err != nil { - return err - } - } - if ctx.IsSet("install-port") { - if err := setPort(ctx.String("install-port")); err != nil { - return err - } - } - c := install.Routes() - err := listen(c, false) - if err != nil { - log.Critical("Unable to open listener for installer. Is Forgejo already running?") - graceful.GetManager().DoGracefulShutdown() - } - select { - case <-graceful.GetManager().IsShutdown(): - <-graceful.GetManager().Done() - log.Info("PID: %d Forgejo Web Finished", os.Getpid()) - log.GetManager().Close() - return err - default: - } - return nil -} - -func serveInstalled(ctx *cli.Context) error { - setting.InitCfgProvider(setting.CustomConf) - setting.LoadCommonSettings() - setting.MustInstalled() - - showWebStartupMessage("Prepare to run web server") - - if setting.AppWorkPathMismatch { - log.Error("WORK_PATH from config %q doesn't match other paths from environment variables or command arguments. "+ - "Only WORK_PATH in config should be set and used. Please make sure the path in config file is correct, "+ - "remove the other outdated work paths from environment variables and command arguments", setting.CustomConf) - } - - rootCfg := setting.CfgProvider - if rootCfg.Section("").Key("WORK_PATH").String() == "" { - saveCfg, err := rootCfg.PrepareSaving() - if err != nil { - log.Error("Unable to prepare saving WORK_PATH=%s to config %q: %v\nYou should set it manually, otherwise there might be bugs when accessing the git repositories.", setting.AppWorkPath, setting.CustomConf, err) - } else { - rootCfg.Section("").Key("WORK_PATH").SetValue(setting.AppWorkPath) - saveCfg.Section("").Key("WORK_PATH").SetValue(setting.AppWorkPath) - if err = saveCfg.Save(); err != nil { - log.Error("Unable to update WORK_PATH=%s to config %q: %v\nYou should set it manually, otherwise there might be bugs when accessing the git repositories.", setting.AppWorkPath, setting.CustomConf, err) - } - } - } - - // in old versions, user's custom web files are placed in "custom/public", and they were served as "http://domain.com/assets/xxx" - // now, Gitea only serves pre-defined files in the "custom/public" folder basing on the web root, the user should move their custom files to "custom/public/assets" - publicFiles, _ := public.AssetFS().ListFiles(".") - publicFilesSet := container.SetOf(publicFiles...) - publicFilesSet.Remove(".well-known") - publicFilesSet.Remove("assets") - publicFilesSet.Remove("robots.txt") - for fn := range publicFilesSet.Seq() { - log.Error("Found legacy public asset %q in CustomPath. Please move it to %s/public/assets/%s", fn, setting.CustomPath, fn) - } - if _, err := os.Stat(filepath.Join(setting.CustomPath, "robots.txt")); err == nil { - log.Error(`Found legacy public asset "robots.txt" in CustomPath. Please move it to %s/public/robots.txt`, setting.CustomPath) - } - - routers.InitWebInstalled(graceful.GetManager().HammerContext()) - - // We check that AppDataPath exists here (it should have been created during installation) - // We can't check it in `InitWebInstalled`, because some integration tests - // use cmd -> InitWebInstalled, but the AppDataPath doesn't exist during those tests. - if _, err := os.Stat(setting.AppDataPath); err != nil { - log.Fatal("Can not find APP_DATA_PATH %q", setting.AppDataPath) - } - - // Override the provided port number within the configuration - if ctx.IsSet("port") { - if err := setPort(ctx.String("port")); err != nil { - return err - } - } - - // Set up Chi routes - webRoutes := routers.NormalRoutes() - err := listen(webRoutes, true) - <-graceful.GetManager().Done() - log.Info("PID: %d Forgejo Web Finished", os.Getpid()) - log.GetManager().Close() - return err -} - -func servePprof() { - http.DefaultServeMux.Handle("/debug/fgprof", fgprof.Handler()) - _, _, finished := process.GetManager().AddTypedContext(context.Background(), "Web: PProf Server", process.SystemProcessType, true) - // The pprof server is for debug purpose only, it shouldn't be exposed on public network. At the moment it's not worth to introduce a configurable option for it. - log.Info("Starting pprof server on localhost:6060") - log.Info("Stopped pprof server: %v", http.ListenAndServe("localhost:6060", nil)) - finished() -} - func runWeb(ctx *cli.Context) error { + if ctx.Bool("verbose") { + _ = log.DelLogger("console") + log.NewLogger(0, "console", "console", fmt.Sprintf(`{"level": "trace", "colorize": %t, "stacktraceLevel": "none"}`, log.CanColorStdout)) + } else if ctx.Bool("quiet") { + _ = log.DelLogger("console") + log.NewLogger(0, "console", "console", fmt.Sprintf(`{"level": "fatal", "colorize": %t, "stacktraceLevel": "none"}`, log.CanColorStdout)) + } defer func() { if panicked := recover(); panicked != nil { log.Fatal("PANIC: %v\n%s", panicked, log.Stack(2)) @@ -248,29 +101,88 @@ func runWeb(ctx *cli.Context) error { defer cancel() if os.Getppid() > 1 && len(os.Getenv("LISTEN_FDS")) > 0 { - log.Info("Restarting Forgejo on PID: %d from parent PID: %d", os.Getpid(), os.Getppid()) + log.Info("Restarting Gitea on PID: %d from parent PID: %d", os.Getpid(), os.Getppid()) } else { - log.Info("Starting Forgejo on PID: %d", os.Getpid()) + log.Info("Starting Gitea on PID: %d", os.Getpid()) } // Set pid file setting if ctx.IsSet("pid") { - createPIDFile(ctx.String("pid")) + setting.PIDFile = ctx.String("pid") + setting.WritePIDFile = true } - if !setting.InstallLock { - if err := serveInstall(ctx); err != nil { + // Perform pre-initialization + needsInstall := install.PreloadSettings(graceful.GetManager().HammerContext()) + if needsInstall { + // Flag for port number in case first time run conflict + if ctx.IsSet("port") { + if err := setPort(ctx.String("port")); err != nil { + return err + } + } + if ctx.IsSet("install-port") { + if err := setPort(ctx.String("install-port")); err != nil { + return err + } + } + installCtx, cancel := context.WithCancel(graceful.GetManager().HammerContext()) + c := install.Routes(installCtx) + err := listen(c, false) + cancel() + if err != nil { + log.Critical("Unable to open listener for installer. Is Gitea already running?") + graceful.GetManager().DoGracefulShutdown() + } + select { + case <-graceful.GetManager().IsShutdown(): + <-graceful.GetManager().Done() + log.Info("PID: %d Gitea Web Finished", os.Getpid()) + log.Close() return err + default: } } else { NoInstallListener() } if setting.EnablePprof { - go servePprof() + go func() { + http.DefaultServeMux.Handle("/debug/fgprof", fgprof.Handler()) + _, _, finished := process.GetManager().AddTypedContext(context.Background(), "Web: PProf Server", process.SystemProcessType, true) + // The pprof server is for debug purpose only, it shouldn't be exposed on public network. At the moment it's not worth to introduce a configurable option for it. + log.Info("Starting pprof server on localhost:6060") + log.Info("Stopped pprof server: %v", http.ListenAndServe("localhost:6060", nil)) + finished() + }() } - return serveInstalled(ctx) + log.Info("Global init") + // Perform global initialization + setting.LoadFromExisting() + routers.GlobalInitInstalled(graceful.GetManager().HammerContext()) + + // We check that AppDataPath exists here (it should have been created during installation) + // We can't check it in `GlobalInitInstalled`, because some integration tests + // use cmd -> GlobalInitInstalled, but the AppDataPath doesn't exist during those tests. + if _, err := os.Stat(setting.AppDataPath); err != nil { + log.Fatal("Can not find APP_DATA_PATH '%s'", setting.AppDataPath) + } + + // Override the provided port number within the configuration + if ctx.IsSet("port") { + if err := setPort(ctx.String("port")); err != nil { + return err + } + } + + // Set up Chi routes + c := routers.NormalRoutes(graceful.GetManager().HammerContext()) + err := listen(c, true) + <-graceful.GetManager().Done() + log.Info("PID: %d Gitea Web Finished", os.Getpid()) + log.Close() + return err } func setPort(port string) error { @@ -291,16 +203,9 @@ func setPort(port string) error { defaultLocalURL += ":" + setting.HTTPPort + "/" // Save LOCAL_ROOT_URL if port changed - rootCfg := setting.CfgProvider - saveCfg, err := rootCfg.PrepareSaving() - if err != nil { - return fmt.Errorf("failed to save config file: %v", err) - } - rootCfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL) - saveCfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL) - if err = saveCfg.Save(); err != nil { - return fmt.Errorf("failed to save config file: %v", err) - } + setting.CreateOrAppendToCustomConf("server.LOCAL_ROOT_URL", func(cfg *ini.File) { + cfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL) + }) } return nil } @@ -310,7 +215,7 @@ func listen(m http.Handler, handleRedirector bool) error { if setting.Protocol != setting.HTTPUnix && setting.Protocol != setting.FCGIUnix { listenAddr = net.JoinHostPort(listenAddr, setting.HTTPPort) } - _, _, finished := process.GetManager().AddTypedContext(graceful.GetManager().HammerContext(), "Web: Forgejo Server", process.SystemProcessType, true) + _, _, finished := process.GetManager().AddTypedContext(graceful.GetManager().HammerContext(), "Web: Gitea Server", process.SystemProcessType, true) defer finished() log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL) // This can be useful for users, many users do wrong to their config and get strange behaviors behind a reverse-proxy. diff --git a/cmd/web_acme.go b/cmd/web_acme.go index 90e4a02764..d8e550b321 100644 --- a/cmd/web_acme.go +++ b/cmd/web_acme.go @@ -1,5 +1,6 @@ // Copyright 2020 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd diff --git a/cmd/web_graceful.go b/cmd/web_graceful.go index 996537be3b..ba88cc59c2 100644 --- a/cmd/web_graceful.go +++ b/cmd/web_graceful.go @@ -1,5 +1,6 @@ // Copyright 2016 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd diff --git a/cmd/web_https.go b/cmd/web_https.go index 70d35cd40d..aac11517a6 100644 --- a/cmd/web_https.go +++ b/cmd/web_https.go @@ -1,5 +1,6 @@ // Copyright 2021 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package cmd diff --git a/contrib/autoboot.sh b/contrib/autoboot.sh new file mode 100755 index 0000000000..eb16d58170 --- /dev/null +++ b/contrib/autoboot.sh @@ -0,0 +1,2 @@ +#!/bin/sh +su git -c "/home/git/gogs/scripts/gogs_supervisord.sh restart" diff --git a/contrib/autocompletion/README b/contrib/autocompletion/README deleted file mode 100644 index 1defd219d8..0000000000 --- a/contrib/autocompletion/README +++ /dev/null @@ -1,17 +0,0 @@ -Bash and Zsh completion -======================= - -From within the gitea root run: - -```bash -source contrib/autocompletion/bash_autocomplete -``` - -or for zsh run: - -```bash -source contrib/autocompletion/zsh_autocomplete -``` - -These scripts will check if gitea is on the path and if so add autocompletion for `gitea`. Or if not autocompletion will work for `./gitea`. -If gitea has been installed as a different program pass in the `PROG` environment variable to set the correct program name. diff --git a/contrib/autocompletion/bash_autocomplete b/contrib/autocompletion/bash_autocomplete deleted file mode 100755 index 5cb62f26a7..0000000000 --- a/contrib/autocompletion/bash_autocomplete +++ /dev/null @@ -1,30 +0,0 @@ -#! /bin/bash -# Heavily inspired by https://github.com/urfave/cli - -_cli_bash_autocomplete() { - if [[ "${COMP_WORDS[0]}" != "source" ]]; then - local cur opts base - COMPREPLY=() - cur="${COMP_WORDS[COMP_CWORD]}" - if [[ "$cur" == "-"* ]]; then - opts=$( ${COMP_WORDS[@]:0:$COMP_CWORD} ${cur} --generate-bash-completion ) - else - opts=$( ${COMP_WORDS[@]:0:$COMP_CWORD} --generate-bash-completion ) - fi - COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) - return 0 - fi -} - -if [ -z "$PROG" ] && [ ! "$(command -v gitea &> /dev/null)" ] ; then - complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete gitea -elif [ -z "$PROG" ]; then - complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete ./gitea - complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete "$PWD/gitea" -else - complete -o bashdefault -o default -o nospace -F _cli_bash_autocomplete "$PROG" - unset PROG -fi - - - diff --git a/contrib/autocompletion/zsh_autocomplete b/contrib/autocompletion/zsh_autocomplete deleted file mode 100644 index b3b40df503..0000000000 --- a/contrib/autocompletion/zsh_autocomplete +++ /dev/null @@ -1,30 +0,0 @@ -#compdef ${PROG:=gitea} - - -# Heavily inspired by https://github.com/urfave/cli - -_cli_zsh_autocomplete() { - - local -a opts - local cur - cur=${words[-1]} - if [[ "$cur" == "-"* ]]; then - opts=("${(@f)$(_CLI_ZSH_AUTOCOMPLETE_HACK=1 ${words[@]:0:#words[@]-1} ${cur} --generate-bash-completion)}") - else - opts=("${(@f)$(_CLI_ZSH_AUTOCOMPLETE_HACK=1 ${words[@]:0:#words[@]-1} --generate-bash-completion)}") - fi - - if [[ "${opts[1]}" != "" ]]; then - _describe 'values' opts - else - _files - fi - - return -} - -if [ -z $PROG ] ; then - compdef _cli_zsh_autocomplete gitea -else - compdef _cli_zsh_autocomplete $(basename $PROG) -fi diff --git a/contrib/backport/README b/contrib/backport/README deleted file mode 100644 index 466b79c6d4..0000000000 --- a/contrib/backport/README +++ /dev/null @@ -1,41 +0,0 @@ -`backport` -========== - -`backport` is a command to help create backports of PRs. It backports a -provided PR from main on to a released version. - -It will create a backport branch, cherry-pick the PR's merge commit, adjust -the commit message and then push this back up to your fork's remote. - -The default version will read from `docs/config.yml`. You can override this -using the option `--version`. - -The upstream branches will be fetched, using the remote `origin`. This can -be overridden using `--upstream`, and fetching can be avoided using -`--no-fetch`. - -By default the branch created will be called `backport-$PR-$VERSION`. You -can override this using the option `--backport-branch`. This branch will -be created from `--release-branch` which is `release/$(VERSION)` -by default and will be pulled from `$(UPSTREAM)`. - -The merge-commit as determined by the github API will be used as the SHA to -cherry-pick. You can override this using `--cherry-pick`. - -The commit message will be amended to add the `Backport` header. -`--no-amend-message` can be set to stop this from happening. - -If cherry-pick is successful the backported branch will be pushed up to your -fork using your remote. These will be determined using `git remote -v`. You -can set your fork name using `--fork-user` and your remote name using -`--remote`. You can avoid pushing using `--no-push`. - -If the push is successful, `xdg-open` will be called to open a backport url. -You can stop this using `--no-xdg-open`. - -Installation -============ - -```bash -go install contrib/backport/backport.go -``` diff --git a/contrib/backport/backport.go b/contrib/backport/backport.go deleted file mode 100644 index dd6b4129df..0000000000 --- a/contrib/backport/backport.go +++ /dev/null @@ -1,474 +0,0 @@ -// Copyright 2023 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT - -//nolint:forbidigo -package main - -import ( - "context" - "fmt" - "log" - "net/http" - "os" - "os/exec" - "os/signal" - "path" - "strconv" - "strings" - "syscall" - - "github.com/google/go-github/v64/github" - "github.com/urfave/cli/v2" - "gopkg.in/yaml.v3" -) - -const defaultVersion = "v1.18" // to backport to - -func main() { - app := cli.NewApp() - app.Name = "backport" - app.Usage = "Backport provided PR-number on to the current or previous released version" - app.Description = `Backport will look-up the PR in Gitea's git log and attempt to cherry-pick it on the current version` - app.ArgsUsage = "" - - app.Flags = []cli.Flag{ - &cli.StringFlag{ - Name: "version", - Usage: "Version branch to backport on to", - }, - &cli.StringFlag{ - Name: "upstream", - Value: "origin", - Usage: "Upstream remote for the Gitea upstream", - }, - &cli.StringFlag{ - Name: "release-branch", - Value: "", - Usage: "Release branch to backport on. Will default to release/", - }, - &cli.StringFlag{ - Name: "cherry-pick", - Usage: "SHA to cherry-pick as backport", - }, - &cli.StringFlag{ - Name: "backport-branch", - Usage: "Backport branch to backport on to (default: backport--", - }, - &cli.StringFlag{ - Name: "remote", - Value: "", - Usage: "Remote for your fork of the Gitea upstream", - }, - &cli.StringFlag{ - Name: "fork-user", - Value: "", - Usage: "Forked user name on Github", - }, - &cli.BoolFlag{ - Name: "no-fetch", - Usage: "Set this flag to prevent fetch of remote branches", - }, - &cli.BoolFlag{ - Name: "no-amend-message", - Usage: "Set this flag to prevent automatic amendment of the commit message", - }, - &cli.BoolFlag{ - Name: "no-push", - Usage: "Set this flag to prevent pushing the backport up to your fork", - }, - &cli.BoolFlag{ - Name: "no-xdg-open", - Usage: "Set this flag to not use xdg-open to open the PR URL", - }, - &cli.BoolFlag{ - Name: "continue", - Usage: "Set this flag to continue from a git cherry-pick that has broken", - }, - } - cli.AppHelpTemplate = `NAME: - {{.Name}} - {{.Usage}} -USAGE: - {{.HelpName}} {{if .VisibleFlags}}[options]{{end}} {{if .ArgsUsage}}{{.ArgsUsage}}{{else}}[arguments...]{{end}} - {{if len .Authors}} -AUTHOR: - {{range .Authors}}{{ . }}{{end}} - {{end}}{{if .Commands}} -OPTIONS: - {{range .VisibleFlags}}{{.}} - {{end}}{{end}} -` - - app.Action = runBackport - - if err := app.Run(os.Args); err != nil { - fmt.Fprintf(os.Stderr, "Unable to backport: %v\n", err) - } -} - -func runBackport(c *cli.Context) error { - ctx, cancel := installSignals() - defer cancel() - - continuing := c.Bool("continue") - - var pr string - - version := c.String("version") - if version == "" && continuing { - // determine version from current branch name - var err error - pr, version, err = readCurrentBranch(ctx) - if err != nil { - return err - } - } - if version == "" { - version = readVersion() - } - if version == "" { - version = defaultVersion - } - - upstream := c.String("upstream") - if upstream == "" { - upstream = "origin" - } - - forkUser := c.String("fork-user") - remote := c.String("remote") - if remote == "" && !c.Bool("--no-push") { - var err error - remote, forkUser, err = determineRemote(ctx, forkUser) - if err != nil { - return err - } - } - - upstreamReleaseBranch := c.String("release-branch") - if upstreamReleaseBranch == "" { - upstreamReleaseBranch = path.Join("release", version) - } - - localReleaseBranch := path.Join(upstream, upstreamReleaseBranch) - - args := c.Args().Slice() - if len(args) == 0 && pr == "" { - return fmt.Errorf("no PR number provided\nProvide a PR number to backport") - } else if len(args) != 1 && pr == "" { - return fmt.Errorf("multiple PRs provided %v\nOnly a single PR can be backported at a time", args) - } - if pr == "" { - pr = args[0] - } - - backportBranch := c.String("backport-branch") - if backportBranch == "" { - backportBranch = "backport-" + pr + "-" + version - } - - fmt.Printf("* Backporting %s to %s as %s\n", pr, localReleaseBranch, backportBranch) - - sha := c.String("cherry-pick") - if sha == "" { - var err error - sha, err = determineSHAforPR(ctx, pr) - if err != nil { - return err - } - } - if sha == "" { - return fmt.Errorf("unable to determine sha for cherry-pick of %s", pr) - } - - if !c.Bool("no-fetch") { - if err := fetchRemoteAndMain(ctx, upstream, upstreamReleaseBranch); err != nil { - return err - } - } - - if !continuing { - if err := checkoutBackportBranch(ctx, backportBranch, localReleaseBranch); err != nil { - return err - } - } - - if err := cherrypick(ctx, sha); err != nil { - return err - } - - if !c.Bool("no-amend-message") { - if err := amendCommit(ctx, pr); err != nil { - return err - } - } - - if !c.Bool("no-push") { - url := "https://github.com/go-gitea/gitea/compare/" + upstreamReleaseBranch + "..." + forkUser + ":" + backportBranch - - if err := gitPushUp(ctx, remote, backportBranch); err != nil { - return err - } - - if !c.Bool("no-xdg-open") { - if err := xdgOpen(ctx, url); err != nil { - return err - } - } else { - fmt.Printf("* Navigate to %s to open PR\n", url) - } - } - return nil -} - -func xdgOpen(ctx context.Context, url string) error { - fmt.Printf("* `xdg-open %s`\n", url) - out, err := exec.CommandContext(ctx, "xdg-open", url).Output() - if err != nil { - fmt.Fprintf(os.Stderr, "%s", string(out)) - return fmt.Errorf("unable to xdg-open to %s: %w", url, err) - } - return nil -} - -func gitPushUp(ctx context.Context, remote, backportBranch string) error { - fmt.Printf("* `git push -u %s %s`\n", remote, backportBranch) - out, err := exec.CommandContext(ctx, "git", "push", "-u", remote, backportBranch).Output() - if err != nil { - fmt.Fprintf(os.Stderr, "%s", string(out)) - return fmt.Errorf("unable to push up to %s: %w", remote, err) - } - return nil -} - -func amendCommit(ctx context.Context, pr string) error { - fmt.Printf("* Amending commit to prepend `Backport #%s` to body\n", pr) - out, err := exec.CommandContext(ctx, "git", "log", "-1", "--pretty=format:%B").Output() - if err != nil { - fmt.Fprintf(os.Stderr, "%s", string(out)) - return fmt.Errorf("unable to get last log message: %w", err) - } - - parts := strings.SplitN(string(out), "\n", 2) - - if len(parts) != 2 { - return fmt.Errorf("unable to interpret log message:\n%s", string(out)) - } - subject, body := parts[0], parts[1] - if !strings.HasSuffix(subject, " (#"+pr+")") { - subject = subject + " (#" + pr + ")" - } - - out, err = exec.CommandContext(ctx, "git", "commit", "--amend", "-m", subject+"\n\nBackport #"+pr+"\n"+body).Output() - if err != nil { - fmt.Fprintf(os.Stderr, "%s", string(out)) - return fmt.Errorf("unable to amend last log message: %w", err) - } - return nil -} - -func cherrypick(ctx context.Context, sha string) error { - // Check if a CHERRY_PICK_HEAD exists - if _, err := os.Stat(".git/CHERRY_PICK_HEAD"); err == nil { - // Assume that we are in the middle of cherry-pick - continue it - fmt.Println("* Attempting git cherry-pick --continue") - out, err := exec.CommandContext(ctx, "git", "cherry-pick", "--continue").Output() - if err != nil { - fmt.Fprintf(os.Stderr, "git cherry-pick --continue failed:\n%s\n", string(out)) - return fmt.Errorf("unable to continue cherry-pick: %w", err) - } - return nil - } - - fmt.Printf("* Attempting git cherry-pick %s\n", sha) - out, err := exec.CommandContext(ctx, "git", "cherry-pick", sha).Output() - if err != nil { - fmt.Fprintf(os.Stderr, "git cherry-pick %s failed:\n%s\n", sha, string(out)) - return fmt.Errorf("git cherry-pick %s failed: %w", sha, err) - } - return nil -} - -func checkoutBackportBranch(ctx context.Context, backportBranch, releaseBranch string) error { - out, err := exec.CommandContext(ctx, "git", "branch", "--show-current").Output() - if err != nil { - return fmt.Errorf("unable to check current branch %w", err) - } - - currentBranch := strings.TrimSpace(string(out)) - fmt.Printf("* Current branch is %s\n", currentBranch) - if currentBranch == backportBranch { - fmt.Printf("* Current branch is %s - not checking out\n", currentBranch) - return nil - } - - if _, err := exec.CommandContext(ctx, "git", "rev-list", "-1", backportBranch).Output(); err == nil { - fmt.Printf("* Branch %s already exists. Checking it out...\n", backportBranch) - return exec.CommandContext(ctx, "git", "checkout", "-f", backportBranch).Run() - } - - fmt.Printf("* `git checkout -b %s %s`\n", backportBranch, releaseBranch) - return exec.CommandContext(ctx, "git", "checkout", "-b", backportBranch, releaseBranch).Run() -} - -func fetchRemoteAndMain(ctx context.Context, remote, releaseBranch string) error { - fmt.Printf("* `git fetch %s main`\n", remote) - out, err := exec.CommandContext(ctx, "git", "fetch", remote, "main").Output() - if err != nil { - fmt.Println(string(out)) - return fmt.Errorf("unable to fetch %s from %s: %w", "main", remote, err) - } - fmt.Println(string(out)) - - fmt.Printf("* `git fetch %s %s`\n", remote, releaseBranch) - out, err = exec.CommandContext(ctx, "git", "fetch", remote, releaseBranch).Output() - if err != nil { - fmt.Println(string(out)) - return fmt.Errorf("unable to fetch %s from %s: %w", releaseBranch, remote, err) - } - fmt.Println(string(out)) - - return nil -} - -func determineRemote(ctx context.Context, forkUser string) (string, string, error) { - out, err := exec.CommandContext(ctx, "git", "remote", "-v").Output() - if err != nil { - fmt.Fprintf(os.Stderr, "Unable to list git remotes:\n%s\n", string(out)) - return "", "", fmt.Errorf("unable to determine forked remote: %w", err) - } - lines := strings.Split(string(out), "\n") - for _, line := range lines { - fields := strings.Split(line, "\t") - name, remote := fields[0], fields[1] - // only look at pushers - if !strings.HasSuffix(remote, " (push)") { - continue - } - // only look at github.com pushes - if !strings.Contains(remote, "github.com") { - continue - } - // ignore go-gitea/gitea - if strings.Contains(remote, "go-gitea/gitea") { - continue - } - if !strings.Contains(remote, forkUser) { - continue - } - if strings.HasPrefix(remote, "git@github.com:") { - forkUser = strings.TrimPrefix(remote, "git@github.com:") - } else if strings.HasPrefix(remote, "https://github.com/") { - forkUser = strings.TrimPrefix(remote, "https://github.com/") - } else if strings.HasPrefix(remote, "https://www.github.com/") { - forkUser = strings.TrimPrefix(remote, "https://www.github.com/") - } else if forkUser == "" { - return "", "", fmt.Errorf("unable to extract forkUser from remote %s: %s", name, remote) - } - idx := strings.Index(forkUser, "/") - if idx >= 0 { - forkUser = forkUser[:idx] - } - return name, forkUser, nil - } - return "", "", fmt.Errorf("unable to find appropriate remote in:\n%s", string(out)) -} - -func readCurrentBranch(ctx context.Context) (pr, version string, err error) { - out, err := exec.CommandContext(ctx, "git", "branch", "--show-current").Output() - if err != nil { - fmt.Fprintf(os.Stderr, "Unable to read current git branch:\n%s\n", string(out)) - return "", "", fmt.Errorf("unable to read current git branch: %w", err) - } - parts := strings.Split(strings.TrimSpace(string(out)), "-") - - if len(parts) != 3 || parts[0] != "backport" { - fmt.Fprintf(os.Stderr, "Unable to continue from git branch:\n%s\n", string(out)) - return "", "", fmt.Errorf("unable to continue from git branch:\n%s", string(out)) - } - - return parts[1], parts[2], nil -} - -func readVersion() string { - bs, err := os.ReadFile("docs/config.yaml") - if err != nil { - if err == os.ErrNotExist { - log.Println("`docs/config.yaml` not present") - return "" - } - fmt.Fprintf(os.Stderr, "Unable to read `docs/config.yaml`: %v\n", err) - return "" - } - - type params struct { - Version string - } - type docConfig struct { - Params params - } - dc := &docConfig{} - if err := yaml.Unmarshal(bs, dc); err != nil { - fmt.Fprintf(os.Stderr, "Unable to read `docs/config.yaml`: %v\n", err) - return "" - } - - if dc.Params.Version == "" { - fmt.Fprintf(os.Stderr, "No version in `docs/config.yaml`") - return "" - } - - version := dc.Params.Version - if version[0] != 'v' { - version = "v" + version - } - - split := strings.SplitN(version, ".", 3) - - return strings.Join(split[:2], ".") -} - -func determineSHAforPR(ctx context.Context, prStr string) (string, error) { - prNum, err := strconv.Atoi(prStr) - if err != nil { - return "", err - } - - client := github.NewClient(http.DefaultClient) - - pr, _, err := client.PullRequests.Get(ctx, "go-gitea", "gitea", prNum) - if err != nil { - return "", err - } - - if pr.Merged == nil || !*pr.Merged { - return "", fmt.Errorf("PR #%d is not yet merged - cannot determine sha to backport", prNum) - } - - if pr.MergeCommitSHA != nil { - return *pr.MergeCommitSHA, nil - } - - return "", nil -} - -func installSignals() (context.Context, context.CancelFunc) { - ctx, cancel := context.WithCancel(context.Background()) - go func() { - // install notify - signalChannel := make(chan os.Signal, 1) - - signal.Notify( - signalChannel, - syscall.SIGINT, - syscall.SIGTERM, - ) - select { - case <-signalChannel: - case <-ctx.Done(): - } - cancel() - signal.Reset() - }() - - return ctx, cancel -} diff --git a/contrib/environment-to-ini/environment-to-ini.go b/contrib/environment-to-ini/environment-to-ini.go index f8593e49c3..0baba5902b 100644 --- a/contrib/environment-to-ini/environment-to-ini.go +++ b/contrib/environment-to-ini/environment-to-ini.go @@ -1,17 +1,27 @@ +// Copyright 2023 The Forgejo Authors. All rights reserved. // Copyright 2019 The Gitea Authors. All rights reserved. -// SPDX-License-Identifier: MIT +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. package main import ( "os" + "regexp" + "strconv" + "strings" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" - "github.com/urfave/cli/v2" + "github.com/urfave/cli" + ini "gopkg.in/ini.v1" ) +// EnvironmentPrefix environment variables prefixed with this represent ini values to write +const prefixRegexpString = "^(FORGEJO|GITEA)" + func main() { app := cli.NewApp() app.Name = "environment-to-ini" @@ -24,10 +34,6 @@ func main() { will be mapped to the ini section "[section_name]" and the key "KEY_NAME" with the value as provided. - Environment variables of the form "FORGEJO__SECTION_NAME__KEY_NAME__FILE" - will be mapped to the ini section "[section_name]" and the key - "KEY_NAME" with the value loaded from the specified file. - Environment variables are usually restricted to a reduced character set "0-9A-Z_" - in order to allow the setting of sections with characters outside of that set, they should be escaped as following: @@ -43,58 +49,115 @@ func main() { """ You would set the environment variables: "FORGEJO__LOG_0x2E_CONSOLE__COLORIZE=false" - and "FORGEJO__LOG_0x2E_CONSOLE__STDERR=false". Other examples can be found - on the configuration cheat sheet.` + and "FORGEJO__LOG_0x2E_CONSOLE__STDERR=false".` app.Flags = []cli.Flag{ - &cli.StringFlag{ - Name: "custom-path", - Aliases: []string{"C"}, - Value: setting.CustomPath, - Usage: "Custom path file path", + cli.StringFlag{ + Name: "custom-path, C", + Value: setting.CustomPath, + Usage: "Custom path file path", }, - &cli.StringFlag{ - Name: "config", - Aliases: []string{"c"}, - Value: setting.CustomConf, - Usage: "Custom configuration file path", + cli.StringFlag{ + Name: "config, c", + Value: setting.CustomConf, + Usage: "Custom configuration file path", }, - &cli.StringFlag{ - Name: "work-path", - Aliases: []string{"w"}, - Value: setting.AppWorkPath, - Usage: "Set the forgejo working path", + cli.StringFlag{ + Name: "work-path, w", + Value: setting.AppWorkPath, + Usage: "Set the gitea working path", }, - &cli.StringFlag{ - Name: "out", - Aliases: []string{"o"}, - Value: "", - Usage: "Destination file to write to", + cli.StringFlag{ + Name: "out, o", + Value: "", + Usage: "Destination file to write to", + }, + cli.BoolFlag{ + Name: "clear", + Usage: "Clears the matched variables from the environment", + }, + cli.StringFlag{ + Name: "prefix, p", + Value: prefixRegexpString, + Usage: "Environment prefix to look for - will be suffixed by __ (2 underscores)", }, } app.Action = runEnvironmentToIni + setting.SetCustomPathAndConf("", "", "") + err := app.Run(os.Args) if err != nil { log.Fatal("Failed to run app with %s: %v", os.Args, err) } } -func runEnvironmentToIni(c *cli.Context) error { - // the config system may change the environment variables, so get a copy first, to be used later - env := append([]string{}, os.Environ()...) - setting.InitWorkPathAndCfgProvider(os.Getenv, setting.ArgWorkPathAndCustomConf{ - WorkPath: c.String("work-path"), - CustomPath: c.String("custom-path"), - CustomConf: c.String("config"), - }) - - cfg, err := setting.NewConfigProviderFromFile(setting.CustomConf) - if err != nil { - log.Fatal("Failed to load custom conf '%s': %v", setting.CustomConf, err) +func splitEnvironmentVariable(prefixRegexp *regexp.Regexp, kv string) (string, string) { + idx := strings.IndexByte(kv, '=') + if idx < 0 { + return "", "" } + k := kv[:idx] + loc := prefixRegexp.FindStringIndex(k) + if loc == nil { + return "", "" + } + return k[loc[1]:], kv[idx+1:] +} - changed := setting.EnvironmentToConfig(cfg, env) +func runEnvironmentToIni(c *cli.Context) error { + providedCustom := c.String("custom-path") + providedConf := c.String("config") + providedWorkPath := c.String("work-path") + setting.SetCustomPathAndConf(providedCustom, providedConf, providedWorkPath) - // try to save the config file + cfg := ini.Empty() + isFile, err := util.IsFile(setting.CustomConf) + if err != nil { + log.Fatal("Unable to check if %s is a file. Error: %v", setting.CustomConf, err) + } + if isFile { + if err := cfg.Append(setting.CustomConf); err != nil { + log.Fatal("Failed to load custom conf '%s': %v", setting.CustomConf, err) + } + } else { + log.Warn("Custom config '%s' not found, ignore this if you're running first time", setting.CustomConf) + } + cfg.NameMapper = ini.SnackCase + + changed := false + + prefixRegexp := regexp.MustCompile(c.String("prefix") + "__") + + for _, kv := range os.Environ() { + eKey, value := splitEnvironmentVariable(prefixRegexp, kv) + if eKey == "" { + continue + } + sectionName, keyName := DecodeSectionKey(eKey) + if len(keyName) == 0 { + continue + } + section, err := cfg.GetSection(sectionName) + if err != nil { + section, err = cfg.NewSection(sectionName) + if err != nil { + log.Error("Error creating section: %s : %v", sectionName, err) + continue + } + } + key := section.Key(keyName) + if key == nil { + key, err = section.NewKey(keyName, value) + if err != nil { + log.Error("Error creating key: %s in section: %s with value: %s : %v", keyName, sectionName, value, err) + continue + } + } + oldValue := key.Value() + if !changed && oldValue != value { + changed = true + } + key.SetValue(value) + } destination := c.String("out") if len(destination) == 0 { destination = setting.CustomConf @@ -106,6 +169,73 @@ func runEnvironmentToIni(c *cli.Context) error { return err } } - + if c.Bool("clear") { + for _, kv := range os.Environ() { + eKey, _ := splitEnvironmentVariable(prefixRegexp, kv) + if eKey == "" { + continue + } + _ = os.Unsetenv(eKey) + } + } return nil } + +const escapeRegexpString = "_0[xX](([0-9a-fA-F][0-9a-fA-F])+)_" + +var escapeRegex = regexp.MustCompile(escapeRegexpString) + +// DecodeSectionKey will decode a portable string encoded Section__Key pair +// Portable strings are considered to be of the form [A-Z0-9_]* +// We will encode a disallowed value as the UTF8 byte string preceded by _0X and +// followed by _. E.g. _0X2C_ for a '-' and _0X2E_ for '.' +// Section and Key are separated by a plain '__'. +// The entire section can be encoded as a UTF8 byte string +func DecodeSectionKey(encoded string) (string, string) { + section := "" + key := "" + + inKey := false + last := 0 + escapeStringIndices := escapeRegex.FindAllStringIndex(encoded, -1) + for _, unescapeIdx := range escapeStringIndices { + preceding := encoded[last:unescapeIdx[0]] + if !inKey { + if splitter := strings.Index(preceding, "__"); splitter > -1 { + section += preceding[:splitter] + inKey = true + key += preceding[splitter+2:] + } else { + section += preceding + } + } else { + key += preceding + } + toDecode := encoded[unescapeIdx[0]+3 : unescapeIdx[1]-1] + decodedBytes := make([]byte, len(toDecode)/2) + for i := 0; i < len(toDecode)/2; i++ { + // Can ignore error here as we know these should be hexadecimal from the regexp + byteInt, _ := strconv.ParseInt(toDecode[2*i:2*i+2], 16, 0) + decodedBytes[i] = byte(byteInt) + } + if inKey { + key += string(decodedBytes) + } else { + section += string(decodedBytes) + } + last = unescapeIdx[1] + } + remaining := encoded[last:] + if !inKey { + if splitter := strings.Index(remaining, "__"); splitter > -1 { + section += remaining[:splitter] + key += remaining[splitter+2:] + } else { + section += remaining + } + } else { + key += remaining + } + section = strings.ToLower(section) + return section, key +} diff --git a/contrib/environment-to-ini/environment-to-ini_test.go b/contrib/environment-to-ini/environment-to-ini_test.go new file mode 100644 index 0000000000..6abbb67eff --- /dev/null +++ b/contrib/environment-to-ini/environment-to-ini_test.go @@ -0,0 +1,21 @@ +// Copyright 2023 The Forgejo Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package main + +import ( + "regexp" + "testing" + + "github.com/stretchr/testify/assert" +) + +func Test_splitEnvironmentVariable(t *testing.T) { + prefixRegexp := regexp.MustCompile(prefixRegexpString + "__") + k, v := splitEnvironmentVariable(prefixRegexp, "FORGEJO__KEY=VALUE") + assert.Equal(t, k, "KEY") + assert.Equal(t, v, "VALUE") + k, v = splitEnvironmentVariable(prefixRegexp, "nothing=interesting") + assert.Equal(t, k, "") + assert.Equal(t, v, "") +} diff --git a/contrib/fixtures/fixture_generation.go b/contrib/fixtures/fixture_generation.go new file mode 100644 index 0000000000..66ff5c54e3 --- /dev/null +++ b/contrib/fixtures/fixture_generation.go @@ -0,0 +1,78 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package main + +import ( + "fmt" + "os" + "path/filepath" + + "code.gitea.io/gitea/models" + "code.gitea.io/gitea/models/unittest" +) + +// To generate derivative fixtures, execute the following from Gitea's repository base dir: +// go run -tags 'sqlite sqlite_unlock_notify' contrib/fixtures/fixture_generation.go [fixture...] + +var ( + generators = []struct { + gen func() (string, error) + name string + }{ + { + models.GetYamlFixturesAccess, "access", + }, + } + fixturesDir string +) + +func main() { + pathToGiteaRoot := "." + fixturesDir = filepath.Join(pathToGiteaRoot, "models", "fixtures") + if err := unittest.CreateTestEngine(unittest.FixturesOptions{ + Dir: fixturesDir, + }); err != nil { + fmt.Printf("CreateTestEngine: %+v", err) + os.Exit(1) + } + if err := unittest.PrepareTestDatabase(); err != nil { + fmt.Printf("PrepareTestDatabase: %+v\n", err) + os.Exit(1) + } + if len(os.Args) == 0 { + for _, r := range os.Args { + if err := generate(r); err != nil { + fmt.Printf("generate '%s': %+v\n", r, err) + os.Exit(1) + } + } + } else { + for _, g := range generators { + if err := generate(g.name); err != nil { + fmt.Printf("generate '%s': %+v\n", g.name, err) + os.Exit(1) + } + } + } +} + +func generate(name string) error { + for _, g := range generators { + if g.name == name { + data, err := g.gen() + if err != nil { + return err + } + path := filepath.Join(fixturesDir, name+".yml") + if err := os.WriteFile(path, []byte(data), 0o644); err != nil { + return fmt.Errorf("%s: %+v", path, err) + } + fmt.Printf("%s created.\n", path) + return nil + } + } + + return fmt.Errorf("generator not found") +} diff --git a/contrib/gitea-monitoring-mixin/config.libsonnet b/contrib/gitea-monitoring-mixin/config.libsonnet index 446fc09a41..55297949e4 100644 --- a/contrib/gitea-monitoring-mixin/config.libsonnet +++ b/contrib/gitea-monitoring-mixin/config.libsonnet @@ -7,7 +7,7 @@ dashboardTimezone: 'default', dashboardRefresh: '1m', - // please see https://docs.gitea.com/administration/config-cheat-sheet#metrics-metrics + // please see https://docs.gitea.io/en-us/config-cheat-sheet/#metrics-metrics // Show issue by repository metrics with format gitea_issues_by_repository{repository="org/repo"} 5. // Requires Gitea 1.16.0 with ENABLED_ISSUE_BY_REPOSITORY set to true. showIssuesByRepository: true, diff --git a/contrib/gitea-monitoring-mixin/dashboards/overview.libsonnet b/contrib/gitea-monitoring-mixin/dashboards/overview.libsonnet index 31b7d4f9b2..3e2513c4cf 100644 --- a/contrib/gitea-monitoring-mixin/dashboards/overview.libsonnet +++ b/contrib/gitea-monitoring-mixin/dashboards/overview.libsonnet @@ -29,7 +29,7 @@ local addIssueLabelsOverrides(labels) = grafanaDashboards+:: { - local giteaSelector = 'job=~"$job", instance=~"$instance"', + local giteaSelector = 'job="$job", instance="$instance"', local giteaStatsPanel = grafana.statPanel.new( 'Gitea stats', @@ -399,31 +399,25 @@ local addIssueLabelsOverrides(labels) = .addTemplate( { hide: 0, - label: 'job', + label: null, name: 'job', options: [], - datasource: '$datasource', query: 'label_values(gitea_organizations, job)', refresh: 1, regex: '', type: 'query', - multi: true, - allValue: '.+' }, ) .addTemplate( { hide: 0, - label: 'instance', + label: null, name: 'instance', options: [], - datasource: '$datasource', query: 'label_values(gitea_organizations{job="$job"}, instance)', refresh: 1, regex: '', type: 'query', - multi: true, - allValue: '.+' }, ) .addTemplate( diff --git a/contrib/gitea-monitoring-mixin/jsonnetfile.lock.json b/contrib/gitea-monitoring-mixin/jsonnetfile.lock.json index 480438230f..0430b39fc3 100644 --- a/contrib/gitea-monitoring-mixin/jsonnetfile.lock.json +++ b/contrib/gitea-monitoring-mixin/jsonnetfile.lock.json @@ -8,8 +8,8 @@ "subdir": "grafonnet" } }, - "version": "a1d61cce1da59c71409b99b5c7568511fec661ea", - "sum": "342u++/7rViR/zj2jeJOjshzglkZ1SY+hFNuyCBFMdc=" + "version": "3626fc4dc2326931c530861ac5bebe39444f6cbf", + "sum": "gF8foHByYcB25jcUOBqP6jxk0OPifQMjPvKY0HaCk6w=" } ], "legacyImports": false diff --git a/contrib/ide/vscode/settings.json b/contrib/ide/vscode/settings.json index 7f7de43622..e33bccf902 100644 --- a/contrib/ide/vscode/settings.json +++ b/contrib/ide/vscode/settings.json @@ -1,6 +1,4 @@ { - "go.buildTags": "sqlite,sqlite_unlock_notify", - "go.testFlags": ["-v"], - "go.lintTool": "golangci-lint", - "go.lintFlags": ["--fast"] -} + "go.buildTags": "'sqlite sqlite_unlock_notify'", + "go.testFlags": ["-v"] +} \ No newline at end of file diff --git a/contrib/init/ubuntu/gitea b/contrib/init/ubuntu/gitea deleted file mode 100644 index da56b6e4a9..0000000000 --- a/contrib/init/ubuntu/gitea +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/sh -### BEGIN INIT INFO -# Provides: gitea -# Required-Start: $syslog $network -# Required-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: A self-hosted Git service written in Go. -# Description: A self-hosted Git service written in Go. -### END INIT INFO - -# Do NOT "set -e" - -# PATH should only include /usr/* if it runs after the mountnfs.sh script -PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin -DESC="Gitea - Git with a cup of tea" -NAME=gitea -SERVICEVERBOSE=yes -PIDFILE=/run/$NAME.pid -SCRIPTNAME=/etc/init.d/$NAME -WORKINGDIR=/var/lib/$NAME -DAEMON=/usr/local/bin/$NAME -DAEMON_ARGS="web -c /etc/$NAME/app.ini" -USER=git -STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}" - -# Read configuration variable file if it is present -[ -r /etc/default/$NAME ] && . /etc/default/$NAME - -# Exit if the package is not installed -[ -x "$DAEMON" ] || exit 0 - -do_start() -{ - GITEA_ENVS="USER=$USER GITEA_WORK_DIR=$WORKINGDIR HOME=/home/$USER" - GITEA_EXEC="$DAEMON -- $DAEMON_ARGS" - sh -c "start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \\ - --background --chdir $WORKINGDIR --chuid $USER \\ - --exec /bin/bash -- -c '/usr/bin/env $GITEA_ENVS $GITEA_EXEC'" -} - -do_stop() -{ - start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PIDFILE --name $NAME --oknodo - rm -f $PIDFILE -} - -do_status() -{ - if [ -f $PIDFILE ]; then - if kill -0 $(cat "$PIDFILE"); then - echo "$NAME is running, PID is $(cat $PIDFILE)" - else - echo "$NAME process is dead, but pidfile exists" - fi - else - echo "$NAME is not running" - fi -} - -case "$1" in - start) - echo "Starting $DESC" "$NAME" - do_start - ;; - stop) - echo "Stopping $DESC" "$NAME" - do_stop - ;; - status) - do_status - ;; - restart) - echo "Restarting $DESC" "$NAME" - do_stop - do_start - ;; - *) - echo "Usage: $SCRIPTNAME {start|stop|status|restart}" >&2 - exit 2 - ;; -esac - -exit 0 diff --git a/contrib/legal/privacy.html.sample b/contrib/legal/privacy.html.sample index 34a9a5142f..22fc40fa3c 100644 --- a/contrib/legal/privacy.html.sample +++ b/contrib/legal/privacy.html.sample @@ -7,11 +7,11 @@

Privacy Policy

-

Last updated: December 19, 2024

+

Last updated: January 29, 2020

Who We Are?

-

Your Forgejo Instance

+

Your Gitea Instance

What Personal Data We Collect?

@@ -37,19 +37,19 @@

With your Consent

-

We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you allow third party applications to access your Account using OAuth2 providers, we share all information associated with your Account, including private repos and organizations. You may also direct us through your action on Your Forgejo Instance to share your User Personal Information, such as when joining an Organization.

+

We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you allow third party applications to access your Account using OAuth2 providers, we share all information associated with your Account, including private repos and organizations. You may also direct us through your action on Your Gitea Instance to share your User Personal Information, such as when joining an Organization.

With Service Providers

-

We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While Your Forgejo Instance processes all User Personal Information in the (country/state where Forgejo is deployed), our service providers may process data outside of (country/state where Forgejo is deployed), the United States or the European Union.

+

We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While Your Gitea Instance processes all User Personal Information in the (country/state where Gitea is deployed), our service providers may process data outside of (country/state where Gitea is deployed), the United States or the European Union.

For Security Purposes

-

If you are a member of an Organization, Your Forgejo Instance may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization who has agreed to the Corporate Terms of Service or applicable customer agreements, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.

+

If you are a member of an Organization, Your Gitea Instance may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization who has agreed to the Corporate Terms of Service or applicable customer agreements, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.

For Legal Disclosure

-

Your Forgejo Instance strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. Your Forgejo Instance may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.

+

Your Gitea Instance strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. Your Gitea Instance may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.

Change in Control or Sale

@@ -57,7 +57,7 @@

Aggregate, Non-Personally Identifying Information

-

We share certain aggregated, non-personally identifying information with others about how our users, collectively, use Your Forgejo Instance, or how our users respond to our other offerings, such as our conferences or events. For example, we may compile statistics on the open source activity across Your Forgejo Instance.

+

We share certain aggregated, non-personally identifying information with others about how our users, collectively, use Your Gitea Instance, or how our users respond to our other offerings, such as our conferences or events. For example, we may compile statistics on the open source activity across Your Gitea Instance.

We don't sell your User Personal Information for monetary or other consideration.

@@ -67,34 +67,34 @@
  1. We use your Registration Information to create your account, and to provide you the Service.
  2. -
  3. We use your User Personal Information, specifically your username, to identify you on Your Forgejo Instance.
  4. +
  5. We use your User Personal Information, specifically your username, to identify you on Your Gitea Instance.
  6. We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
  7. We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay.
  8. -
  9. We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on Your Forgejo Instance—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
  10. -
  11. We use Usage Information and Device Information to better understand how our Users use Your Forgejo Instance and to improve our Website and Service.
  12. -
  13. We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm Your Forgejo Instance or our Users.
  14. +
  15. We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on Your Gitea Instance—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
  16. +
  17. We use Usage Information and Device Information to better understand how our Users use Your Gitea Instance and to improve our Website and Service.
  18. +
  19. We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm Your Gitea Instance or our Users.
  20. We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
  21. We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
-

How Your Forgejo Instance Secures Your Information?

+

How Your Gitea Instance Secures Your Information?

-

Your Forgejo Instance takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.

+

Your Gitea Instance takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.

To the extent above, we enforce a written security information program, which:

  • aligns with industry recognized frameworks;
  • includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
  • -
  • is appropriate to the nature, size, and complexity of Your Forgejo Instance’s business operations;
  • +
  • is appropriate to the nature, size, and complexity of Your Gitea Instance’s business operations;
  • includes incident response and data breach notification processes; and
  • -
  • complies with applicable information security-related laws and regulations in the geographic regions where Your Forgejo Instance does business.
  • +
  • complies with applicable information security-related laws and regulations in the geographic regions where Your Gitea Instance does business.

In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.

-

Transmission of data on Your Forgejo Instance is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We host Your Forgejo Instance at our hosting partner, which they provide data centers with high level of physical and network security.

+

Transmission of data on Your Gitea Instance is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We host Your Gitea Instance at our hosting partner, which they provide data centers with high level of physical and network security.

Disclaimer: No method of transmission, or method of electronic storage, is 100% secure, therefore, we cannot guarantee absolute security.

@@ -102,13 +102,13 @@

Cookies

-

We uses cookies to make interactions with our service easy and meaningful. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of Your Forgejo Instance. For security purposes, we use cookies to identify a device. By using our Website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our services.

+

We uses cookies to make interactions with our service easy and meaningful. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of Your Gitea Instance. For security purposes, we use cookies to identify a device. By using our Website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our services.

Tracking and Analytics

-

Out of the box, Forgejo doesn't use third-party analytics. In case when we opt in to their usage, we do that to help us evaluate our Users' use of Your Forgejo Instance, compile statistical reports on activity, and improve our content and Website performance. We only use these third-party analytics providers on certain areas of our Website, and all of them have signed data protection agreements with us that limit the type of User Personal Information they can collect and the purpose for which they can process the information. In addition, we may also deploy internal analytics software to provide similar functionality.

+

Out of the box, Gitea doesn't use third-party analytics. In case when we opt in to their usage, we do that to help us evaluate our Users' use of Your Gitea Instance, compile statistical reports on activity, and improve our content and Website performance. We only use these third-party analytics providers on certain areas of our Website, and all of them have signed data protection agreements with us that limit the type of User Personal Information they can collect and the purpose for which they can process the information. In addition, we may also deploy internal analytics software to provide similar functionality.

-

Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Your Forgejo Instance responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you have not enabled DNT on a browser that supports it, cookies on some parts of our Website will track your online browsing activity on other online services over time, though we do not permit third parties other than our analytics and service providers to track Your Forgejo Instance Users' activity over time on Your Forgejo Instance.

+

Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Your Gitea Instance responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you have not enabled DNT on a browser that supports it, cookies on some parts of our Website will track your online browsing activity on other online services over time, though we do not permit third parties other than our analytics and service providers to track Your Gitea Instance Users' activity over time on Your Gitea Instance.

Repository Contents

@@ -118,19 +118,19 @@

Public Information

-

Many of our services and feature are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing Your Forgejo Instance information. Other third parties, such as data brokers, have been known to scrape Your Forgejo Instance and compile data as well.

+

Many of our services and feature are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing Your Gitea Instance information. Other third parties, such as data brokers, have been known to scrape Your Gitea Instance and compile data as well.

-

Your User Personal Information associated with your content could be gathered by third parties in these compilations of Your Forgejo Instance data. If you do not want your User Personal Information to appear in third parties’ compilations of Your Forgejo Instance data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings.

+

Your User Personal Information associated with your content could be gathered by third parties in these compilations of Your Gitea Instance data. If you do not want your User Personal Information to appear in third parties’ compilations of Your Gitea Instance data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings.

-

If you would like to compile Your Forgejo Instance data, you must comply with our Terms of Service regarding scraping and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a Your Forgejo Instance user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from Your Forgejo Instance, and to respond promptly to complaints, removal requests, and "do not contact" requests from Your Forgejo Instance or Your Forgejo Instance users.

+

If you would like to compile Your Gitea Instance data, you must comply with our Terms of Service regarding scraping and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a Your Gitea Instance user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from Your Gitea Instance, and to respond promptly to complaints, removal requests, and "do not contact" requests from Your Gitea Instance or Your Gitea Instance users.

-

In similar fashion, projects on Your Forgejo Instance may include publicly available User Personal Information collected as part of the collaborative events.

+

In similar fashion, projects on Your Gitea Instance may include publicly available User Personal Information collected as part of the collaborative events.

Organizations

If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see. If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).

-

Please note, Your Forgejo Instance may share your username, Usage Information, and Device Information with the owner of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.

+

Please note, Your Gitea Instance may share your username, Usage Information, and Device Information with the owner of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.

If you collaborate with or become a member of an Account that has agreed to a Data Protection Addendum (DPA) to this Privacy Policy, then that DPA governs in the event of conflicts between this Privacy Policy and DPA with respect to your activity in the Account.

@@ -138,19 +138,19 @@

How You Can Access and Control the Information We Collect?

-

If you're already a Your Forgejo Instance user, you may access, update, alter, or delete your basic user information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile, or by keeping your information current.

+

If you're already a Your Gitea Instance user, you may access, update, alter, or delete your basic user information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile, or by keeping your information current.

-

If Your Forgejo Instance processes information about you, such as information receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting our support.

+

If Your Gitea Instance processes information about you, such as information receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting our support.

Data Portability

-

As a Your Forgejo Instance User, you can always take your data with you. You can clone your repositories to your computer, or you can perform migrations using the provided interfaces, for example.

+

As a Your Gitea Instance User, you can always take your data with you. You can clone your repositories to your computer, or you can perform migrations using the provided interfaces, for example.

Data Retention and Deletion of Data

-

In general, Your Forgejo Instance retains User Personal Information for as long as your account is active, or as needed to provide you service.

+

In general, Your Gitea Instance retains User Personal Information for as long as your account is active, or as needed to provide you service.

-

If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. Feel free to contact our support to request erasure of the data we process on the basis of consent within 30 days.

+

If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. Feel free to contact our support to request erasure of the data we process on the bassis of consent within 30 days.

After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.

@@ -158,14 +158,14 @@

Our Global Privacy Practices

-

We store and process the information that we collect in the (country/state where Forgejo is deployed) in accordance with this Privacy Statement though our service providers may store and process data outside the (country/state where Forgejo is deployed). However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the (country/state where Forgejo is deployed) does not have the same privacy framework as other countries.

+

We store and process the information that we collect in the (country/state where Gitea is deployed) in accordance with this Privacy Statement though our service providers may store and process data outside the (country/state where Gitea is deployed). However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the (country/state where Gitea is deployed) does not have the same privacy framework as other countries.

We provide a high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.

In particular:

    -
  • Your Forgejo Instance provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
  • +
  • Your Gitea Instance provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
  • We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
  • We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
  • We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement. These are the Privacy Shield Principles, but they are also just good practices.
  • @@ -173,21 +173,21 @@

    How We Communicate with You?

    -

    We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our support with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through Your Forgejo instance. You may manage your communication preferences in your user profile.

    +

    We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our support with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through Your Gitea instance. You may manage your communication preferences in your user profile.

    By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you.

    -

    Depending on your email settings, Your Forgejo instance may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an ā€œunsubscribeā€ link located at the bottom of each of the marketing emails we send you. Note that you can opt out of any communications with us, except the important ones (like from our support and system emails).

    +

    Depending on your email settings, Your Gitea instance may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an ā€œunsubscribeā€ link located at the bottom of each of the marketing emails we send you. Note that you can opt out of any communications with us, except the important ones (like from our support and system emails).

    Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.

    Changes to this Privacy Policy

    -

    Although most changes are likely to be minor, Your Forgejo Instance may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your account.

    +

    Although most changes are likely to be minor, Your Gitea Instance may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your account.

    Contact

    -

    If you have any concerns about privacy, please contact us at privacy@your-forgejo-instance. We will respond promptly, within 45 days.

    +

    If you have any concerns about privacy, please contact us at privacy@your-gitea-instance. We will respond promptly, within 45 days.

    COPYING

    diff --git a/contrib/legal/tos.html.sample b/contrib/legal/tos.html.sample index 73ee0899ef..d39082909f 100644 --- a/contrib/legal/tos.html.sample +++ b/contrib/legal/tos.html.sample @@ -7,26 +7,26 @@

    Terms of Service

    -

    Last updated: December 19, 2024

    +

    Last updated: January 29, 2020

    -

    Thank you for choosing Your Forgejo Instance! Before you use it, please read this Terms of Service agreement carefully, which contains important contract between us and our users.

    +

    Thank you for choosing Your Gitea Instance! Before you use it, please read this Terms of Service agreement carefully, which contains important contract between us and our users.

    Definitions

      -
    1. An "Account" represents your legal relationship with Your Forgejo Instance. A ā€œUser Accountā€ represents an individual User’s authorization to log in to and use the Service and serves as a User’s identity on Your Forgejo Instance. ā€œOrganizationsā€ are shared workspaces that may be associated with a single entity or with one or more Users where multiple Users can collaborate across many projects at once. A User Account can be a member of any number of Organizations.
    2. +
    3. An "Account" represents your legal relationship with Your Gitea Instance. A ā€œUser Accountā€ represents an individual User’s authorization to log in to and use the Service and serves as a User’s identity on Your Gitea Instance. ā€œOrganizationsā€ are shared workspaces that may be associated with a single entity or with one or more Users where multiple Users can collaborate across many projects at once. A User Account can be a member of any number of Organizations.
    4. The "Agreement" collectively refers to all terms, conditions, and notices referenced or contained in this document and other operating rules, policies (including Privacy Policy) and procedures that we may publish from time to time on this Website.
    5. ā€œContentā€ refers to content featured or displayed through the Website, including without limitation code, text, data, articles, images, photographs, graphics, software, applications, packages, designs, features, and other materials that are available on the Website or otherwise available through the Service. "Content" also includes Services. ā€œUser-Generated Contentā€ is Content, written or otherwise, created or uploaded by our Users. "Your Content" is Content that you create or own.
    6. -
    7. "Your Forgejo Instance", "We", and "Us" refers to Your Forgejo Instance, as well as our affiliates, directors, subsidiaries, contractors, licensors, officers, agents, and employees.
    8. +
    9. "Your Gitea Instance", "We", and "Us" refers to Your Gitea Instance, as well as our affiliates, directors, subsidiaries, contractors, licensors, officers, agents, and employees.
    10. -
    11. The "Service" refers to applications/software, products, and services provided by Your Forgejo Instance.
    12. +
    13. The "Service" refers to applications/software, products, and services provided by Your Gitea Instance.
    14. The "User", "You", and "Your" refers to individual person or institution (organizations or company) that has visited or using the Service; that have access or use any part of the Account; or that directs to use the Account to perform its function. Please note that additional terms may apply for Accounts related to business or government.
    15. -
    16. The "Website" refers to Your Forgejo Instance's website at your-forgejo-instance, including its subdomains and other websites owned by Your Forgejo Instance.
    17. +
    18. The "Website" refers to Your Gitea Instance's website at your-gitea-instance, including its subdomains and other websites owned by Your Gitea Instance.

    Account Terms

    @@ -48,7 +48,7 @@
    • You must be a human to create an Account. Accounts registered by "bots" or other automated methods are not permitted. We do permit machine accounts:
    • A machine account is an Account set up by an individual human who accepts the Terms on behalf of the Account, provides a valid email address, and is responsible for its actions. A machine account is used exclusively for performing automated tasks. Multiple users may direct the actions of a machine account, but the owner of the Account is ultimately responsible for the machine's actions.
    • -
    • You must be age 13 or older. If we learn of any User under that age, we will immediately terminate that User's Account. Different countries may have different minimum age; in such cases you are responsible for complying with your country's regulation. By using Your Forgejo Instance, you agree to comply with COPPA and/or similar law in your country.
    • +
    • You must be age 13 or older. If we learn of any User under that age, we will immediately terminate that User's Account. Different countries may have different minimum age; in such cases you are responsible for complying with your country's regulation. By using Your Gitea Instance, you agree to comply with COPPA and/or similar law in your country.

    User Account Security

    @@ -57,7 +57,7 @@

    Additional Terms

    -

    In some situations, third parties' terms may apply to your use of Your Forgejo Instance. For example, you may be a member of an organization on Your Forgejo Instance with its own terms or license agreements; you may download an application that integrates with Your Forgejo Instance; or you may use Your Forgejo Instance to authenticate to another service. Please be aware that while these Terms are our full agreement with you, other parties' terms govern their relationships with you.

    +

    In some situations, third parties' terms may apply to your use of Your Gitea Instance. For example, you may be a member of an organization on Your Gitea Instance with its own terms or license agreements; you may download an application that integrates with Your Gitea Instance; or you may use Your Gitea Instance to authenticate to another service. Please be aware that while these Terms are our full agreement with you, other parties' terms govern their relationships with you.

    Acceptable Use

    @@ -73,19 +73,19 @@
  • You retain ownership of and responsibility for Your Content. If you're posting anything you did not create yourself or do not own the rights to, you agree that you are responsible for any Content you post; that you will only submit Content that you have the right to post; and that you will fully comply with any third party licenses relating to Content you post.

    -

    Because of above, we need you to grant us -- and other Your Forgejo Instance users -- certain legal permissions, listed below in this section. If you upload Content that already comes with a license granting Your Forgejo Instance the permissions we need to run our Service, no additional license is required. You understand that you will not receive any payment for any of the rights granted below. The licenses you grant to us will end when you remove Your Content from our servers, unless other Users have forked it.

    +

    Because of above, we need you to grant us -- and other Your Gitea Instance users -- certain legal permissions, listed below in this section. If you upload Content that already comes with a license granting Your Gitea Instance the permissions we need to run our Service, no additional license is required. You understand that you will not receive any payment for any of the rights granted below. The licenses you grant to us will end when you remove Your Content from our servers, unless other Users have forked it.

  • We need the legal right to do things like host Your Content, publish it, and share it. You grant us and our legal successors the right to store, parse, and display Your Content, and make incidental copies as necessary to render the Website and provide the Service. This includes the right to do things like copy it to our database and make backups; show it to you and other users; parse it into a search index or otherwise analyze it on our servers; share it with other users; and perform it, in case Your Content is something like music or video.

    -

    This license, however, doesn't grant Your Forgejo Instance the right to sell Your Content or otherwise distribute or use it outside of our provision of the Service.

    +

    This license, however, doesn't grant Your Gitea Instance the right to sell Your Content or otherwise distribute or use it outside of our provision of the Service.

  • Any User-Generated Content you post publicly, including issues, comments, and contributions to other Users' repositories, may be viewed by others. By setting your repositories to be viewed publicly, you agree to allow others to view and "fork" your repositories (this means that others may make their own copies of Content from your repositories in repositories they control).

    -

    If you set your pages and repositories to be viewed publicly, you grant each User of Your Forgejo Instance a nonexclusive, worldwide license to use, display, and perform Your Content through the Your Forgejo Instance Service and to reproduce Your Content solely on Your Forgejo Instance as permitted through Your Forgejo Instance's functionality (for example, through forking). You may grant further rights if you adopt a license. If you are uploading Content you did not create or own, you are responsible for ensuring that the Content you upload is licensed under terms that grant these permissions to other Your Forgejo Instance Users.

    +

    If you set your pages and repositories to be viewed publicly, you grant each User of Your Gitea Instance a nonexclusive, worldwide license to use, display, and perform Your Content through the Your Gitea Instance Service and to reproduce Your Content solely on Your Gitea Instance as permitted through Your Gitea Instance's functionality (for example, through forking). You may grant further rights if you adopt a license. If you are uploading Content you did not create or own, you are responsible for ensuring that the Content you upload is licensed under terms that grant these permissions to other Your Gitea Instance Users.

  • @@ -97,7 +97,7 @@
  • You retain all moral rights to Your Content that you upload, publish, or submit to any part of the Service, including the rights of integrity and attribution. However, you waive these rights and agree not to assert them against us, to enable us to reasonably exercise the rights granted above, but not otherwise.

    -

    To the extent this agreement is not enforceable by applicable law, you grant Your Forgejo Instance the rights we need to use Your Content without attribution and to make reasonable adaptations of Your Content as necessary to render the Website and provide the Service.

    +

    To the extent this agreement is not enforceable by applicable law, you grant Your Gitea Instance the rights we need to use Your Content without attribution and to make reasonable adaptations of Your Content as necessary to render the Website and provide the Service.

  • @@ -106,27 +106,27 @@
    1. Some Accounts may have private repositories, which allow the User to control access to Content.
    2. -
    3. Your Forgejo Instance considers the contents of private repositories to be confidential to you. Your Forgejo Instance will protect the contents of private repositories from unauthorized use, access, or disclosure in the same manner that we would use to protect our own confidential information of a similar nature and in no event with less than a reasonable degree of care.
    4. +
    5. Your Gitea Instance considers the contents of private repositories to be confidential to you. Your Gitea Instance will protect the contents of private repositories from unauthorized use, access, or disclosure in the same manner that we would use to protect our own confidential information of a similar nature and in no event with less than a reasonable degree of care.
    6. -

      Your Forgejo Instance employees may only access the content of your private repositories in the following situations:

      +

      Your Gitea Instance employees may only access the content of your private repositories in the following situations:

        -
      • With your consent and knowledge, for support reasons. If Your Forgejo Instance accesses a private repository for support reasons, we will only do so with the owner’s consent and knowledge.
      • -
      • When access is required for security reasons, including when access is required to maintain ongoing confidentiality, integrity, availability and resilience of Your Forgejo Instance's systems and Service.
      • +
      • With your consent and knowledge, for support reasons. If Your Gitea Instance accesses a private repository for support reasons, we will only do so with the owner’s consent and knowledge.
      • +
      • When access is required for security reasons, including when access is required to maintain ongoing confidentiality, integrity, availability and resilience of Your Gitea Instance's systems and Service.
    7. -
    8. You may choose to enable additional access to your private repositories. For example: You may enable various Your Forgejo Instance services or features that require additional rights to Your Content in private repositories. These rights may vary depending on the service or feature, but Your Forgejo Instance will continue to treat your private repository Content as confidential. If those services or features require rights in addition to those we need to provide the Your Forgejo Instance Service, we will provide an explanation of those rights.
    9. +
    10. You may choose to enable additional access to your private repositories. For example: You may enable various Your Gitea Instance services or features that require additional rights to Your Content in private repositories. These rights may vary depending on the service or feature, but Your Gitea Instance will continue to treat your private repository Content as confidential. If those services or features require rights in addition to those we need to provide the Your Gitea Instance Service, we will provide an explanation of those rights.

    Copyright Infringement and DMCA Policy

    -

    If you are copyright owner and believe that content on our website violates your copyright, please contact us at copyright@your-forgejo-instance. Please note that before sending a takedown notice, consider legal uses (such as fair use and licensed use); and legal consequences for sending false notices.

    +

    If you are copyright owner and believe that content on our website violates your copyright, please contact us at copyright@your-gitea-instance. Please note that before sending a takedown notice, consider legal uses (such as fair use and licensed use); and legal consequences for sending false notices.

    Intellectual Properties and COPYING

    -

    Your Forgejo Instance and our licensors, vendors, agents, and/or our content providers retain ownership of all intellectual property rights of any kind related to the Website and Service. We reserve all rights that are not expressly granted to you under this Agreement or by law. The look and feel of the Website and Service is copyright Ā© Your Forgejo Instance. All rights reserved.

    +

    Your Gitea Instance and our licensors, vendors, agents, and/or our content providers retain ownership of all intellectual property rights of any kind related to the Website and Service. We reserve all rights that are not expressly granted to you under this Agreement or by law. The look and feel of the Website and Service is copyright Ā© Your Gitea Instance. All rights reserved.

    If you'd like to use our trademarks, you must follow all of our trademark guidelines.

    @@ -134,13 +134,13 @@

    API Terms

    -

    Abuse or excessively frequent requests to Your Forgejo Instance via the API may result in the temporary or permanent suspension of your Account's access to the API. Your Forgejo Instance, in our sole discretion, will determine abuse or excessive usage of the API. We will make a reasonable attempt to warn you via email prior to suspension.

    +

    Abuse or excessively frequent requests to Your Gitea Instance via the API may result in the temporary or permanent suspension of your Account's access to the API. Your Gitea Instance, in our sole discretion, will determine abuse or excessive usage of the API. We will make a reasonable attempt to warn you via email prior to suspension.

    -

    You may not share API tokens to exceed Your Forgejo Instance's rate limitations.

    +

    You may not share API tokens to exceed Your Gitea Instance's rate limitations.

    -

    You may not use the API to download data or Content from Your Forgejo Instance for spamming purposes, including for the purposes of selling Your Forgejo Instance users' personal information, such as to recruiters, headhunters, and job boards.

    +

    You may not use the API to download data or Content from Your Gitea Instance for spamming purposes, including for the purposes of selling Your Gitea Instance users' personal information, such as to recruiters, headhunters, and job boards.

    -

    All use of the Your Forgejo Instance API is subject to these Terms of Service and the Your Forgejo Instance Privacy Statement.

    +

    All use of the Your Gitea Instance API is subject to these Terms of Service and the Your Gitea Instance Privacy Statement.

    However, we may provide subscription-based access to our API for Users who need high-throughput access or reselling our Service.

    @@ -149,7 +149,7 @@

    Account Cancellation

    -

    It is your responsibility to properly cancel your Account with Your Forgejo Instance. You can cancel your Account at any time by going into your Settings in the global navigation bar at the top of the screen. The Account screen provides a simple, no questions asked cancellation link. We are not able to cancel Accounts in response to an email or phone request.

    +

    It is your responsibility to properly cancel your Account with Your Gitea Instance. You can cancel your Account at any time by going into your Settings in the global navigation bar at the top of the screen. The Account screen provides a simple, no questions asked cancellation link. We are not able to cancel Accounts in response to an email or phone request.

    Upon Cancellation

    @@ -161,7 +161,7 @@

    We May Terminate

    -

    Your Forgejo Instance has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. Your Forgejo Instance reserves the right to refuse service to anyone for any reason at any time.

    +

    Your Gitea Instance has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. Your Gitea Instance reserves the right to refuse service to anyone for any reason at any time.

    Survival

    @@ -175,7 +175,7 @@

    Legal Notices to Us Must Be in Writing

    -

    Communications made through email or Your Forgejo Instance Support's messaging system will not constitute legal notice to Your Forgejo Instance or any of its officers, employees, agents or representatives in any situation where notice to Your Forgejo Instance is required by contract or any law or regulation. Legal notice to Your Forgejo Instance must be in writing and served on Your Forgejo Instance's legal agent.

    +

    Communications made through email or Your Gitea Instance Support's messaging system will not constitute legal notice to Your Gitea Instance or any of its officers, employees, agents or representatives in any situation where notice to Your Gitea Instance is required by contract or any law or regulation. Legal notice to Your Gitea Instance must be in writing and served on Your Gitea Instance's legal agent.

    No Phone Support

    @@ -183,9 +183,9 @@

    Disclaimer of Warranties

    -

    Your Forgejo Instance provides the Website and the Service ā€œas isā€ and ā€œas available,ā€ without warranty of any kind. Without limiting this, we expressly disclaim all warranties, whether express, implied or statutory, regarding the Website and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement.

    +

    Your Gitea Instance provides the Website and the Service ā€œas isā€ and ā€œas available,ā€ without warranty of any kind. Without limiting this, we expressly disclaim all warranties, whether express, implied or statutory, regarding the Website and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement.

    -

    Your Forgejo Instance does not warrant that the Service will meet your requirements; that the Service will be uninterrupted, timely, secure, or error-free; that the information provided through the Service is accurate, reliable or correct; that any defects or errors will be corrected; that the Service will be available at any particular time or location; or that the Service is free of viruses or other harmful components. You assume full responsibility and risk of loss resulting from your downloading and/or use of files, information, content or other material obtained from the Service.

    +

    Your Gitea Instance does not warrant that the Service will meet your requirements; that the Service will be uninterrupted, timely, secure, or error-free; that the information provided through the Service is accurate, reliable or correct; that any defects or errors will be corrected; that the Service will be available at any particular time or location; or that the Service is free of viruses or other harmful components. You assume full responsibility and risk of loss resulting from your downloading and/or use of files, information, content or other material obtained from the Service.

    Limitation of Liability

    @@ -212,9 +212,9 @@

    Release and Indemnification

    -

    If you have a dispute with one or more Users, you agree to release Your Forgejo Instance from any and all claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes.

    +

    If you have a dispute with one or more Users, you agree to release Your Gitea Instance from any and all claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes.

    -

    You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys’ fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that Your Forgejo Instance (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases Your Forgejo Instance of all liability); and (3) provides to you all reasonable assistance, at your expense.

    +

    You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys’ fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that Your Gitea Instance (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases Your Gitea Instance of all liability); and (3) provides to you all reasonable assistance, at your expense.

    Changes to These Terms

    @@ -224,22 +224,22 @@

    Governing Law

    -

    Except to the extent applicable law provides otherwise, this Agreement between you and us and any access to or use of the Website or the Service are governed by (national laws of country/state where Forgejo is deployed) and (regional laws of locality where Forgejo is deployed), without regard to conflict of law provisions. You and Your Forgejo Instance agree to submit to the exclusive jurisdiction and venue of the courts located in (locality where Forgejo is deployed).

    +

    Except to the extent applicable law provides otherwise, this Agreement between you and us and any access to or use of the Website or the Service are governed by (national laws of country/state where Gitea is deployed) and (regional laws of locality where Gitea is deployed), without regard to conflict of law provisions. You and Your Gitea Instance agree to submit to the exclusive jurisdiction and venue of the courts located in (locality where Gitea is deployed).

    Non-Assignability

    -

    Your Forgejo Instance may assign or delegate these Terms of Service and/or our Privacy Policy in whole or in part, to any person or entity at any time with or without your consent, including the license granted in User-Generated Content. You may not assign or delegate any rights or obligations under the Terms of Service or Privacy Statement without our prior written consent, and any unauthorized assignment and delegation by you is void.

    +

    Your Gitea Instance may assign or delegate these Terms of Service and/or our Privacy Policy in whole or in part, to any person or entity at any time with or without your consent, including the license granted in User-Generated Content. You may not assign or delegate any rights or obligations under the Terms of Service or Privacy Statement without our prior written consent, and any unauthorized assignment and delegation by you is void.

    Severablity, No Waiver, and Survival

    -

    If any part of this Agreement is held invalid or unenforceable, that portion of the Agreement will be construed to reflect the parties’ original intent. The remaining portions will remain in full force and effect. Any failure on the part of Your Forgejo Instance to enforce any provision of this Agreement will not be considered a waiver of our right to enforce such provision. Our rights under this Agreement will survive any termination of this Agreement.

    +

    If any part of this Agreement is held invalid or unenforceable, that portion of the Agreement will be construed to reflect the parties’ original intent. The remaining portions will remain in full force and effect. Any failure on the part of Your Gitea Instance to enforce any provision of this Agreement will not be considered a waiver of our right to enforce such provision. Our rights under this Agreement will survive any termination of this Agreement.

    Amendments and Complete Agreement

    -

    This Agreement may only be modified by a written amendment signed by an authorized representative of Your Forgejo Instance, or by the posting by Your Forgejo Instance of a revised version in accordance with Changes to These Terms. These Terms of Service, together with the Your Forgejo Instance Privacy Policy, represent the complete and exclusive statement of the agreement between you and us. This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and Your Forgejo Instance relating to the subject matter of these terms including any confidentiality or nondisclosure agreements.

    +

    This Agreement may only be modified by a written amendment signed by an authorized representative of Your Gitea Instance, or by the posting by Your Gitea Instance of a revised version in accordance with Changes to These Terms. These Terms of Service, together with the Your Gitea Instance Privacy Policy, represent the complete and exclusive statement of the agreement between you and us. This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and Your Gitea Instance relating to the subject matter of these terms including any confidentiality or nondisclosure agreements.

    Contact

    -

    If you have questions about these Terms of Service, you can contact our support.

    +

    If you have questions about these Terms of Service, you can contact our support.

    diff --git a/contrib/mysql.sql b/contrib/mysql.sql new file mode 100644 index 0000000000..aad8beddfa --- /dev/null +++ b/contrib/mysql.sql @@ -0,0 +1,2 @@ +DROP DATABASE IF EXISTS gitea; +CREATE DATABASE IF NOT EXISTS gitea CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; diff --git a/contrib/pr/checkout.go b/contrib/pr/checkout.go new file mode 100644 index 0000000000..686a3ddffa --- /dev/null +++ b/contrib/pr/checkout.go @@ -0,0 +1,267 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package main + +/* +Checkout a PR and load the tests data into sqlite database +*/ + +import ( + "context" + "flag" + "fmt" + "log" + "net/http" + "os" + "os/exec" + "os/user" + "path" + "path/filepath" + "runtime" + "strconv" + "time" + + "code.gitea.io/gitea/models/db" + "code.gitea.io/gitea/models/unittest" + gitea_git "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/graceful" + "code.gitea.io/gitea/modules/markup" + "code.gitea.io/gitea/modules/markup/external" + repo_module "code.gitea.io/gitea/modules/repository" + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/routers" + markup_service "code.gitea.io/gitea/services/markup" + + "github.com/go-git/go-git/v5" + "github.com/go-git/go-git/v5/config" + "github.com/go-git/go-git/v5/plumbing" + "xorm.io/xorm" +) + +var codeFilePath = "contrib/pr/checkout.go" + +func runPR() { + log.Printf("[PR] Starting gitea ...\n") + curDir, err := os.Getwd() + if err != nil { + log.Fatal(err) + } + setting.SetCustomPathAndConf("", "", "") + setting.LoadAllowEmpty() + + setting.RepoRootPath, err = os.MkdirTemp(os.TempDir(), "repos") + if err != nil { + log.Fatalf("TempDir: %v\n", err) + } + setting.AppDataPath, err = os.MkdirTemp(os.TempDir(), "appdata") + if err != nil { + log.Fatalf("TempDir: %v\n", err) + } + setting.AppWorkPath = curDir + setting.StaticRootPath = curDir + setting.GravatarSource = "https://secure.gravatar.com/avatar/" + setting.AppURL = "http://localhost:8080/" + setting.HTTPPort = "8080" + setting.SSH.Domain = "localhost" + setting.SSH.Port = 3000 + setting.InstallLock = true + setting.SecretKey = "9pCviYTWSb" + setting.InternalToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTI3OTU5ODN9.OQkH5UmzID2XBdwQ9TAI6Jj2t1X-wElVTjbE7aoN4I8" + curUser, err := user.Current() + if err != nil { + log.Fatal(err) + } + setting.RunUser = curUser.Username + + log.Printf("[PR] Loading fixtures data ...\n") + //models.LoadConfigs() + /* + setting.Database.Type = "sqlite3" + setting.Database.Path = ":memory:" + setting.Database.Timeout = 500 + */ + dbCfg := setting.Cfg.Section("database") + dbCfg.NewKey("DB_TYPE", "sqlite3") + dbCfg.NewKey("PATH", ":memory:") + + routers.InitGitServices() + setting.Database.LogSQL = true + // x, err = xorm.NewEngine("sqlite3", "file::memory:?cache=shared") + + db.InitEngineWithMigration(context.Background(), func(_ *xorm.Engine) error { + return nil + }) + db.HasEngine = true + // x.ShowSQL(true) + err = unittest.InitFixtures( + unittest.FixturesOptions{ + Dir: path.Join(curDir, "models/fixtures/"), + }, + ) + if err != nil { + fmt.Printf("Error initializing test database: %v\n", err) + os.Exit(1) + } + unittest.LoadFixtures() + util.RemoveAll(setting.RepoRootPath) + util.RemoveAll(repo_module.LocalCopyPath()) + unittest.CopyDir(path.Join(curDir, "tests/gitea-repositories-meta"), setting.RepoRootPath) + + log.Printf("[PR] Setting up router\n") + // routers.GlobalInit() + external.RegisterRenderers() + markup.Init(markup_service.ProcessorHelper()) + c := routers.NormalRoutes(graceful.GetManager().HammerContext()) + + log.Printf("[PR] Ready for testing !\n") + log.Printf("[PR] Login with user1, user2, user3, ... with pass: password\n") + /* + log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL) + + if setting.LFS.StartServer { + log.Info("LFS server enabled") + } + + if setting.EnablePprof { + go func() { + log.Info("Starting pprof server on localhost:6060") + log.Info("%v", http.ListenAndServe("localhost:6060", nil)) + }() + } + */ + + // Start the server + http.ListenAndServe(":8080", c) + + log.Printf("[PR] Cleaning up ...\n") + /* + if err = util.RemoveAll(setting.Indexer.IssuePath); err != nil { + fmt.Printf("util.RemoveAll: %v\n", err) + os.Exit(1) + } + if err = util.RemoveAll(setting.Indexer.RepoPath); err != nil { + fmt.Printf("Unable to remove repo indexer: %v\n", err) + os.Exit(1) + } + */ + if err = util.RemoveAll(setting.RepoRootPath); err != nil { + log.Fatalf("util.RemoveAll: %v\n", err) + } + if err = util.RemoveAll(setting.AppDataPath); err != nil { + log.Fatalf("util.RemoveAll: %v\n", err) + } +} + +func main() { + runPRFlag := flag.Bool("run", false, "Run the PR code") + flag.Parse() + if *runPRFlag { + runPR() + return + } + + // To force checkout (e.g. Windows complains about unclean work tree) set env variable FORCE=true + force, err := strconv.ParseBool(os.Getenv("FORCE")) + if err != nil { + force = false + } + + // Otherwise checkout PR + if len(os.Args) != 2 { + log.Fatal("Need only one arg: the PR number") + } + pr := os.Args[1] + + codeFilePath = filepath.FromSlash(codeFilePath) // Convert to running OS + + // Copy this file if it will not exist in the PR branch + dat, err := os.ReadFile(codeFilePath) + if err != nil { + log.Fatalf("Failed to cache this code file : %v", err) + } + + repo, err := git.PlainOpen(".") + if err != nil { + log.Fatalf("Failed to open the repo : %v", err) + } + + // Find remote upstream + remotes, err := repo.Remotes() + if err != nil { + log.Fatalf("Failed to list remotes of repo : %v", err) + } + remoteUpstream := "origin" // Default + for _, r := range remotes { + if r.Config().URLs[0] == "https://github.com/go-gitea/gitea.git" || + r.Config().URLs[0] == "https://github.com/go-gitea/gitea" || + r.Config().URLs[0] == "git@github.com:go-gitea/gitea.git" { // fetch at index 0 + remoteUpstream = r.Config().Name + break + } + } + + branch := fmt.Sprintf("pr-%s-%d", pr, time.Now().Unix()) + branchRef := plumbing.NewBranchReferenceName(branch) + + log.Printf("Fetching PR #%s in %s\n", pr, branch) + if runtime.GOOS == "windows" { + // Use git cli command for windows + runCmd("git", "fetch", remoteUpstream, fmt.Sprintf("pull/%s/head:%s", pr, branch)) + } else { + ref := fmt.Sprintf("%s%s/head:%s", gitea_git.PullPrefix, pr, branchRef) + err = repo.Fetch(&git.FetchOptions{ + RemoteName: remoteUpstream, + RefSpecs: []config.RefSpec{ + config.RefSpec(ref), + }, + }) + if err != nil { + log.Fatalf("Failed to fetch %s from %s : %v", ref, remoteUpstream, err) + } + } + + tree, err := repo.Worktree() + if err != nil { + log.Fatalf("Failed to parse git tree : %v", err) + } + log.Printf("Checkout PR #%s in %s\n", pr, branch) + err = tree.Checkout(&git.CheckoutOptions{ + Branch: branchRef, + Force: force, + }) + if err != nil { + log.Fatalf("Failed to checkout %s : %v", branch, err) + } + + // Copy this file if not exist + if _, err := os.Stat(codeFilePath); os.IsNotExist(err) { + err = os.MkdirAll(filepath.Dir(codeFilePath), 0o755) + if err != nil { + log.Fatalf("Failed to duplicate this code file in PR : %v", err) + } + err = os.WriteFile(codeFilePath, dat, 0o644) + if err != nil { + log.Fatalf("Failed to duplicate this code file in PR : %v", err) + } + } + // Force build of js, css, bin, ... + runCmd("make", "build") + // Start with integration test + runCmd("go", "run", "-mod", "vendor", "-tags", "sqlite sqlite_unlock_notify", codeFilePath, "-run") +} + +func runCmd(cmd ...string) { + log.Printf("Executing : %s ...\n", cmd) + c := exec.Command(cmd[0], cmd[1:]...) + c.Stdout = os.Stdout + c.Stderr = os.Stderr + if err := c.Start(); err != nil { + log.Panicln(err) + } + if err := c.Wait(); err != nil { + log.Panicln(err) + } +} diff --git a/contrib/systemd/forgejo.service b/contrib/systemd/forgejo.service index ee019e11ea..04ef69adc0 100644 --- a/contrib/systemd/forgejo.service +++ b/contrib/systemd/forgejo.service @@ -61,7 +61,7 @@ WorkingDirectory=/var/lib/forgejo/ #RuntimeDirectory=forgejo ExecStart=/usr/local/bin/forgejo web --config /etc/forgejo/app.ini Restart=always -Environment=USER=git HOME=/home/git FORGEJO_WORK_DIR=/var/lib/forgejo +Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/forgejo # If you install Git to directory prefix other than default PATH (which happens # for example if you install other versions of Git side-to-side with # distribution version), uncomment below line and add that prefix to PATH diff --git a/contrib/upgrade.sh b/contrib/upgrade.sh index 4240b5694f..3a98c277d6 100755 --- a/contrib/upgrade.sh +++ b/contrib/upgrade.sh @@ -1,42 +1,33 @@ #!/usr/bin/env bash -# This is an update script for forgejo installed via the binary distribution -# from codeberg.org/forgejo/forgejo on linux as systemd service. It -# performs a backup and updates Forgejo in place. -# NOTE: This adds the GPG Signing Key of the Forgejo maintainers to the keyring. +# This is an update script for gitea installed via the binary distribution +# from dl.gitea.io on linux as systemd service. It performs a backup and updates +# Gitea in place. +# NOTE: This adds the GPG Signing Key of the Gitea maintainers to the keyring. # Depends on: bash, curl, xz, sha256sum. optionally jq, gpg # See section below for available environment vars. # When no version is specified, updates to the latest release. # Examples: # upgrade.sh 1.15.10 -# forgejohome=/opt/forgejo forgejoconf=$forgejohome/app.ini upgrade.sh - -# Check if forgejo service is running -if ! pidof forgejo &> /dev/null; then - echo "Error: forgejo is not running." - exit 1 -fi - -# Continue with rest of the script if forgejo is running -echo "Forgejo is running. Continuing with rest of script..." +# giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh # apply variables from environment -: "${forgejobin:="/usr/local/bin/forgejo"}" -: "${forgejohome:="/var/lib/forgejo"}" -: "${forgejoconf:="/etc/forgejo/app.ini"}" -: "${forgejouser:="git"}" +: "${giteabin:="/usr/local/bin/gitea"}" +: "${giteahome:="/var/lib/gitea"}" +: "${giteaconf:="/etc/gitea/app.ini"}" +: "${giteauser:="git"}" : "${sudocmd:="sudo"}" : "${arch:="linux-amd64"}" -: "${service_start:="$sudocmd systemctl start forgejo"}" -: "${service_stop:="$sudocmd systemctl stop forgejo"}" -: "${service_status:="$sudocmd systemctl status forgejo"}" -: "${backupopts:=""}" # see `forgejo dump --help` for available options +: "${service_start:="$sudocmd systemctl start gitea"}" +: "${service_stop:="$sudocmd systemctl stop gitea"}" +: "${service_status:="$sudocmd systemctl status gitea"}" +: "${backupopts:=""}" # see `gitea dump --help` for available options -function forgejocmd { +function giteacmd { if [[ $sudocmd = "su" ]]; then # `-c` only accept one string as argument. - "$sudocmd" - "$forgejouser" -c "$(printf "%q " "$forgejobin" "--config" "$forgejoconf" "--work-path" "$forgejohome" "$@")" + "$sudocmd" - "$giteauser" -c "$(printf "%q " "$giteabin" "--config" "$giteaconf" "--work-path" "$giteahome" "$@")" else - "$sudocmd" --user "$forgejouser" "$forgejobin" --config "$forgejoconf" --work-path "$forgejohome" "$@" + "$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@" fi } @@ -49,7 +40,7 @@ function require { # parse command line arguments while true; do case "$1" in - -v | --version ) forgejoversion="$2"; shift 2 ;; + -v | --version ) giteaversion="$2"; shift 2 ;; -y | --yes ) no_confirm="yes"; shift ;; --ignore-gpg) ignore_gpg="yes"; shift ;; "" | -- ) shift; break ;; @@ -65,9 +56,9 @@ if [[ -f /etc/os-release ]]; then if [[ "$os_release" =~ "OpenWrt" ]]; then sudocmd="su" - service_start="/etc/init.d/forgejo start" - service_stop="/etc/init.d/forgejo stop" - service_status="/etc/init.d/forgejo status" + service_start="/etc/init.d/gitea start" + service_stop="/etc/init.d/gitea stop" + service_status="/etc/init.d/gitea status" else require systemctl fi @@ -76,31 +67,31 @@ fi require curl xz sha256sum "$sudocmd" # select version to install -if [[ -z "${forgejoversion:-}" ]]; then +if [[ -z "${giteaversion:-}" ]]; then require jq - forgejoversion=$(curl --connect-timeout 10 -sL 'https://codeberg.org/api/v1/repos/forgejo/forgejo/releases?draft=false&pre-release=false&limit=1' -H 'accept: application/json' | jq -r '.[0].tag_name | sub("v"; "")') - echo "Latest available version is $forgejoversion" + giteaversion=$(curl --connect-timeout 10 -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version) + echo "Latest available version is $giteaversion" fi # confirm update echo "Checking currently installed version..." -current=$(forgejocmd --version | cut -d ' ' -f 3) -[[ "$current" == "$forgejoversion" ]] && echo "$current is already installed, stopping." && exit 1 +current=$(giteacmd --version | cut -d ' ' -f 3) +[[ "$current" == "$giteaversion" ]] && echo "$current is already installed, stopping." && exit 1 if [[ -z "${no_confirm:-}" ]]; then - echo "Make sure to read the changelog first: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/CHANGELOG.md" - echo "Are you ready to update forgejo from ${current} to ${forgejoversion}? (y/N)" + echo "Make sure to read the changelog first: https://github.com/go-gitea/gitea/blob/main/CHANGELOG.md" + echo "Are you ready to update Gitea from ${current} to ${giteaversion}? (y/N)" read -r confirm [[ "$confirm" == "y" ]] || [[ "$confirm" == "Y" ]] || exit 1 fi -echo "Upgrading forgejo from $current to $forgejoversion ..." +echo "Upgrading gitea from $current to $giteaversion ..." pushd "$(pwd)" &>/dev/null -cd "$forgejohome" # needed for forgejo dump later +cd "$giteahome" # needed for gitea dump later # download new binary -binname="forgejo-${forgejoversion}-${arch}" -binurl="https://codeberg.org/forgejo/forgejo/releases/download/v${forgejoversion}/${binname}.xz" +binname="gitea-${giteaversion}-${arch}" +binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz" echo "Downloading $binurl..." curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,.sha256,.asc}" @@ -108,28 +99,28 @@ curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,. sha256sum -c "${binname}.xz.sha256" if [[ -z "${ignore_gpg:-}" ]]; then require gpg - gpg --keyserver keys.openpgp.org --recv EB114F5E6C0DC2BCDD183550A4B61A2DC5923710 + gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2 gpg --verify "${binname}.xz.asc" "${binname}.xz" || { echo 'Signature does not match'; exit 1; } fi rm "${binname}".xz.{sha256,asc} # unpack binary + make executable xz --decompress --force "${binname}.xz" -chown "$forgejouser" "$binname" +chown "$giteauser" "$binname" chmod +x "$binname" -# stop forgejo, create backup, replace binary, restart forgejo -echo "Flushing forgejo queues at $(date)" -forgejocmd manager flush-queues -echo "Stopping forgejo at $(date)" +# stop gitea, create backup, replace binary, restart gitea +echo "Flushing gitea queues at $(date)" +giteacmd manager flush-queues +echo "Stopping gitea at $(date)" $service_stop -echo "Creating backup in $forgejohome" -forgejocmd dump $backupopts -echo "Updating binary at $forgejobin" -cp -f "$forgejobin" "$forgejobin.bak" && mv -f "$binname" "$forgejobin" +echo "Creating backup in $giteahome" +giteacmd dump $backupopts +echo "Updating binary at $giteabin" +cp -f "$giteabin" "$giteabin.bak" && mv -f "$binname" "$giteabin" $service_start $service_status -echo "Upgrade to $forgejoversion successful!" +echo "Upgrade to $giteaversion successful!" popd diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index ee8ad66668..39ee594549 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1,64 +1,24 @@ -; This file lists the default values used by Forgejo +; This file lists the default values used by Gitea ;; Copy required sections to your own app.ini (default is custom/conf/app.ini) ;; and modify as needed. ;; Do not copy the whole file as-is, as it contains some invalid sections for illustrative purposes. ;; If you don't know what a setting is you should not set it. ;; -;; see https://forgejo.org/docs/next/admin/config-cheat-sheet for additional documentation. +;; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation. -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Default Configuration (non-`app.ini` configuration) -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; -;; These values are environment-dependent but form the basis of a lot of values. They will be -;; reported as part of the default configuration when running `gitea help` or on start-up. The order they are emitted there is slightly different but we will list them here in the order they are set-up. -;; -;; - _`AppPath`_: This is the absolute path of the running gitea binary. -;; - _`AppWorkPath`_: This refers to "working path" of the `gitea` binary. It is determined by using the first set thing in the following hierarchy: -;; - The "WORK_PATH" option in "app.ini" file -;; - The `--work-path` flag passed to the binary -;; - The environment variable `$GITEA_WORK_DIR` -;; - A built-in value set at build time (see building from source) -;; - Otherwise it defaults to the directory of the _`AppPath`_ -;; - If any of the above are relative paths then they are made absolute against the directory of the _`AppPath`_ -;; - _`CustomPath`_: This is the base directory for custom templates and other options. It is determined by using the first set thing in the following hierarchy: -;; - The `--custom-path` flag passed to the binary -;; - The environment variable `$GITEA_CUSTOM` -;; - A built-in value set at build time (see building from source) -;; - Otherwise it defaults to _`AppWorkPath`_`/custom` -;; - If any of the above are relative paths then they are made absolute against the directory of the _`AppWorkPath`_ -;; - _`CustomConf`_: This is the path to the `app.ini` file. -;; - The `--config` flag passed to the binary -;; - A built-in value set at build time (see building from source) -;; - Otherwise it defaults to _`CustomPath`_`/conf/app.ini` -;; - If any of the above are relative paths then they are made absolute against the directory of the _`CustomPath`_ -;; -;; In addition there is _`StaticRootPath`_ which can be set as a built-in at build time, but will otherwise default to _`AppWorkPath`_ - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; General Settings ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; App name that shows in every page title -APP_NAME = ; Forgejo: Beyond coding. We Forge. -;; -;; APP_SLOGAN shows a slogan near the App name in every page title. -;APP_SLOGAN = -;; -;; APP_DISPLAY_NAME_FORMAT defines how the AppDisplayName should be presented -;; It is used only if APP_SLOGAN is set. -;APP_DISPLAY_NAME_FORMAT = {APP_NAME}: {APP_SLOGAN} +APP_NAME = ; Gitea: Git with a cup of tea ;; ;; RUN_USER will automatically detect the current user - but you can set it here change it if you run locally RUN_USER = ; git ;; -;; Application run mode, affects performance and debugging: "dev" or "prod", default is "prod" -;; Mode "dev" makes Gitea easier to develop and debug, values other than "dev" are treated as "prod" which is for production use. -;RUN_MODE = prod -;; -;; The working directory, see the comment of AppWorkPath above -;WORK_PATH = +;; Application run mode, affects performance and debugging. Either "dev", "prod" or "test", default is "prod" +RUN_MODE = ; prod ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -66,8 +26,7 @@ RUN_USER = ; git ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; -;; The protocol the server listens on. One of 'http', 'https', 'http+unix', 'fcgi' or 'fcgi+unix'. Defaults to 'http' -;; Note: Value must be lowercase. +;; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'. Defaults to 'http' ;PROTOCOL = http ;; ;; Expect PROXY protocol headers on connections @@ -92,8 +51,6 @@ RUN_USER = ; git ;STATIC_URL_PREFIX = ;; ;; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket. -;; If PROTOCOL is set to `http+unix` or `fcgi+unix`, this should be the name of the Unix socket file to use. -;; Relative paths will be made absolute against the _`AppWorkPath`_. ;HTTP_ADDR = 0.0.0.0 ;; ;; The port to listen on. Leave empty when using a unix socket. @@ -107,7 +64,7 @@ RUN_USER = ; git ;PORT_TO_REDIRECT = 80 ;; ;; expect PROXY protocol header on connections to https redirector. -;REDIRECTOR_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL)s +;REDIRECTOR_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL) ;; Minimum and maximum supported TLS versions ;SSL_MIN_VERSION=TLSv1.2 ;SSL_MAX_VERSION= @@ -127,17 +84,14 @@ RUN_USER = ; git ;; Permission for unix socket ;UNIX_SOCKET_PERMISSION = 666 ;; -;; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service. In -;; most cases you do not need to change the default value. Alter it only if -;; your SSH server node is not the same as HTTP node. For different protocol, the default -;; values are different. If `PROTOCOL` is `http+unix`, the default value is `http://unix/`. -;; If `PROTOCOL` is `fcgi` or `fcgi+unix`, the default value is `%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/`. -;; If listen on `0.0.0.0`, the default value is `%(PROTOCOL)s://localhost:%(HTTP_PORT)s/`, Otherwise the default -;; value is `%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/`. +;; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service. +;; In most cases you do not need to change the default value. +;; Alter it only if your SSH server node is not the same as HTTP node. +;; Do not set this variable if PROTOCOL is set to 'unix'. ;LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/ ;; ;; When making local connections pass the PROXY protocol header. -;LOCAL_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL)s +;LOCAL_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL) ;; ;; Disable SSH feature when not available ;DISABLE_SSH = false @@ -191,18 +145,18 @@ RUN_USER = ; git ;; ;; For the built-in SSH server, choose the keypair to offer as the host key ;; The private key should be at SSH_SERVER_HOST_KEY and the public SSH_SERVER_HOST_KEY.pub -;; relative paths are made absolute relative to the %(APP_DATA_PATH)s +;; relative paths are made absolute relative to the APP_DATA_PATH ;SSH_SERVER_HOST_KEYS=ssh/gitea.rsa, ssh/gogs.rsa ;; ;; Directory to create temporary files in when testing public keys using ssh-keygen, ;; default is the system temporary directory. ;SSH_KEY_TEST_PATH = ;; -;; Use `ssh-keygen` to parse public SSH keys. The value is passed to the shell. By default, Gitea does the parsing itself. -;SSH_KEYGEN_PATH = +;; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call. +;SSH_KEYGEN_PATH = ssh-keygen ;; -;; Enable SSH Authorized Key Backup when rewriting all keys, default is false -;SSH_AUTHORIZED_KEYS_BACKUP = false +;; Enable SSH Authorized Key Backup when rewriting all keys, default is true +;SSH_AUTHORIZED_KEYS_BACKUP = true ;; ;; Determines which principals to allow ;; - empty: if SSH_TRUSTED_USER_CA_KEYS is empty this will default to off, otherwise will default to email, username. @@ -229,9 +183,6 @@ RUN_USER = ; git ;; Enable exposure of SSH clone URL to anonymous visitors, default is false ;SSH_EXPOSE_ANONYMOUS = false ;; -;; Command template for authorized keys entries -;SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE = {{.AppPath}} --config={{.CustomConf}} serv key-{{.Key.ID}} -;; ;; Timeout for any write to ssh connections. (Set to -1 to disable all timeouts.) ;; Will default to the PER_WRITE_TIMEOUT. ;SSH_PER_WRITE_TIMEOUT = 30s @@ -244,7 +195,8 @@ RUN_USER = ; git ;MINIMUM_KEY_SIZE_CHECK = false ;; ;; Disable CDN even in "prod" mode -;OFFLINE_MODE = true +;OFFLINE_MODE = false +;DISABLE_ROUTER_LOG = false ;; ;; TLS Settings: Either ACME or manual ;; (Other common TLS configuration are found before) @@ -289,10 +241,10 @@ RUN_USER = ; git ;; ;; Root directory containing templates and static files. ;; default is the path where Gitea is executed -;STATIC_ROOT_PATH = ; Will default to the built-in value _`StaticRootPath`_ +;STATIC_ROOT_PATH = ;; ;; Default path for App data -;APP_DATA_PATH = data ; relative paths will be made absolute with _`AppWorkPath`_ +;APP_DATA_PATH = data ;; ;; Enable gzip compression for runtime-generated content, static resources excluded ;ENABLE_GZIP = false @@ -303,7 +255,7 @@ RUN_USER = ; git ;ENABLE_PPROF = false ;; ;; PPROF_DATA_PATH, use an absolute path when you start gitea as service -;PPROF_DATA_PATH = data/tmp/pprof ; Path is relative to _`AppWorkPath`_ +;PPROF_DATA_PATH = data/tmp/pprof ;; ;; Landing page, can be "home", "explore", "organizations", "login", or any URL such as "/org/repo" or even "https://anotherwebsite.com" ;; The "login" choice is not a security measure but just a UI flow change, use REQUIRE_SIGNIN_VIEW to force users to log in. @@ -314,13 +266,10 @@ RUN_USER = ; git ;; ;; ;; LFS authentication secret, change this yourself -;LFS_JWT_SECRET = -;; -;; Alternative location to specify LFS authentication secret. You cannot specify both this and LFS_JWT_SECRET, and must pick one -;LFS_JWT_SECRET_URI = file:/etc/gitea/lfs_jwt_secret +LFS_JWT_SECRET = ;; ;; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail. -;LFS_HTTP_AUTH_EXPIRY = 24h +;LFS_HTTP_AUTH_EXPIRY = 20m ;; ;; Maximum allowed LFS file size in bytes (Set to 0 for no limit). ;LFS_MAX_FILE_SIZE = 0 @@ -328,10 +277,6 @@ RUN_USER = ; git ;; Maximum number of locks returned per page ;LFS_LOCKS_PAGING_NUM = 50 ;; -;; When clients make lfs batch requests, reject them if there are more pointers than this number -;; zero means 'unlimited' -;LFS_MAX_BATCH_SIZE = 0 -;; ;; Allow graceful restarts using SIGHUP to fork ;ALLOW_GRACEFUL_RESTARTS = true ;; @@ -353,28 +298,21 @@ RUN_USER = ; git ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; -;; Database to use. Either "sqlite3", "mySQL" or "postgres". -;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; -;; SQLite Configuration -;; -DB_TYPE = sqlite3 -;PATH= ; defaults to data/forgejo.db -;SQLITE_TIMEOUT = ; Query timeout defaults to: 500 -;SQLITE_JOURNAL_MODE = ; defaults to sqlite database default (often DELETE), can be used to enable WAL mode. https://www.sqlite.org/pragma.html#pragma_journal_mode +;; Database to use. Either "mysql", "postgres", "mssql" or "sqlite3". ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; MySQL Configuration ;; -;DB_TYPE = mysql -;HOST = 127.0.0.1:3306 ; can use socket e.g. /var/run/mysqld/mysqld.sock -;NAME = gitea -;USER = root +DB_TYPE = mysql +HOST = 127.0.0.1:3306 ; can use socket e.g. /var/run/mysqld/mysqld.sock +NAME = gitea +USER = root ;PASSWD = ;Use PASSWD = `your password` for quoting if you use special characters in the password. ;SSL_MODE = false ; either "false" (default), "true", or "skip-verify" -;CHARSET_COLLATION = ; Empty as default, Gitea will try to find a case-sensitive collation. Don't change it unless you clearly know what you need. +;CHARSET = utf8mb4 ;either "utf8" or "utf8mb4", default is "utf8mb4". +;; +;; NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this. ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; @@ -390,13 +328,32 @@ DB_TYPE = sqlite3 ;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; +;; SQLite Configuration +;; +;DB_TYPE = sqlite3 +;PATH= ; defaults to data/forgejo.db +;SQLITE_TIMEOUT = ; Query timeout defaults to: 500 +;SQLITE_JOURNAL_MODE = ; defaults to sqlite database default (often DELETE), can be used to enable WAL mode. https://www.sqlite.org/pragma.html#pragma_journal_mode +;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; +;; MSSQL Configuration +;; +;DB_TYPE = mssql +;HOST = 172.17.0.2:1433 +;NAME = gitea +;USER = SA +;PASSWD = MwantsaSecurePassword1 +;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; ;; Other settings ;; ;; For iterate buffer, default is 50 ;ITERATE_BUFFER_SIZE = 50 ;; ;; Show the database generated SQL -;LOG_SQL = false +LOG_SQL = false ; if unset defaults to true ;; ;; Maximum number of DB Connect retries ;DB_RETRIES = 10 @@ -410,18 +367,8 @@ DB_TYPE = sqlite3 ;; Database connection max life time, default is 0 or 3s mysql (See #6804 & #7071 for reasoning) ;CONN_MAX_LIFETIME = 3s ;; -;; Database connection max idle time, 0 prevents closing due to idle time. -;CONN_MAX_IDLETIME = 0 -;; -;; Database maximum number of open connections, default is 100 which is the lowest default from Postgres (MariaDB + MySQL default to 151). Ensure you only increase the value if you configured your database server accordingly. -;MAX_OPEN_CONNS = 100 -;; -;; Whether execute database models migrations automatically -;AUTO_MIGRATION = true -;; -;; Threshold value (in seconds) beyond which query execution time is logged as a warning in the xorm logger -;; -;SLOW_QUERY_TRESHOLD = 5s +;; Database maximum number of open connections, default is 0 meaning no maximum +;MAX_OPEN_CONNS = 0 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -441,13 +388,16 @@ SECRET_KEY = ;SECRET_KEY_URI = file:/etc/gitea/secret_key ;; ;; Secret used to validate communication within Gitea binary. -INTERNAL_TOKEN = +INTERNAL_TOKEN= ;; ;; Alternative location to specify internal token, instead of this file; you cannot specify both this and INTERNAL_TOKEN, and must pick one ;INTERNAL_TOKEN_URI = file:/etc/gitea/internal_token ;; ;; How long to remember that a user is logged in before requiring relogin (in days) -;LOGIN_REMEMBER_DAYS = 31 +;LOGIN_REMEMBER_DAYS = 7 +;; +;; Name of the cookie used to store the current username. +;COOKIE_USERNAME = gitea_awesome ;; ;; Name of cookie used to store authentication information. ;COOKIE_REMEMBER_NAME = gitea_incredible @@ -464,7 +414,7 @@ INTERNAL_TOKEN = ;REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128 ;; ;; The minimum password length for new Users -;MIN_PASSWORD_LENGTH = 8 +;MIN_PASSWORD_LENGTH = 6 ;; ;; Set to true to allow users to import local server paths ;IMPORT_LOCAL_PATHS = false @@ -501,11 +451,6 @@ INTERNAL_TOKEN = ;; Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. ;; This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security. ;SUCCESSFUL_TOKENS_CACHE_SIZE = 20 -;; -;; Reject API tokens sent in URL query string (Accept Header-based API tokens only). This avoids security vulnerabilities -;; stemming from cached/logged plain-text API tokens. -;; In future releases, this will become the default behavior -;DISABLE_QUERY_AUTH_TOKEN = false ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -522,8 +467,7 @@ INTERNAL_TOKEN = ;; HMAC to encode urls with, it **is required** if camo is enabled. ;HMAC_KEY = ;; Set to true to use camo for https too lese only non https urls are proxyed -;; ALLWAYS is deprecated and will be removed in the future -;ALWAYS = false +;ALLWAYS = false ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -532,7 +476,7 @@ INTERNAL_TOKEN = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; Enables OAuth2 provider -ENABLED = true +ENABLE = true ;; ;; Algorithm used to sign OAuth2 tokens. Valid values: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512, EdDSA ;JWT_SIGNING_ALGORITHM = RS256 @@ -546,9 +490,6 @@ ENABLED = true ;; This setting is only needed if JWT_SIGNING_ALGORITHM is set to HS256, HS384 or HS512. ;JWT_SECRET = ;; -;; Alternative location to specify OAuth2 authentication secret. You cannot specify both this and JWT_SECRET, and must pick one -;JWT_SECRET_URI = file:/etc/gitea/oauth2_jwt_secret -;; ;; Lifetime of an OAuth2 access token in seconds ;ACCESS_TOKEN_EXPIRATION_TIME = 3600 ;; @@ -560,12 +501,6 @@ ENABLED = true ;; ;; Maximum length of oauth2 token/cookie stored on server ;MAX_TOKEN_LENGTH = 32767 -;; -;; Pre-register OAuth2 applications for some universally useful services -;; * https://github.com/hickford/git-credential-oauth -;; * https://github.com/git-ecosystem/git-credential-manager -;; * https://gitea.com/gitea/tea -;DEFAULT_APPLICATIONS = git-credential-oauth, git-credential-manager, tea ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -578,67 +513,78 @@ ENABLED = true ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Main Logger ;; -;; Either "console", "file" or "conn", default is "console" +;; Either "console", "file", "conn", "smtp" or "database", default is "console" ;; Use comma to separate multiple modes, e.g. "console, file" MODE = console ;; -;; Either "Trace", "Debug", "Info", "Warn", "Error" or "None", default is "Info" +;; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical" or "None", default is "Info" LEVEL = Info ;; -;; Print Stacktrace with logs (rarely helpful, do not set) Either "Trace", "Debug", "Info", "Warn", "Error", default is "None" -;STACKTRACE_LEVEL = None +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Router Logger ;; -;; Buffer length of the channel, keep it as it is if you don't know what it is. -;BUFFER_LEN = 10000 +;; Switch off the router log +;DISABLE_ROUTER_LOG=false ;; -;; Sub logger modes, a single comma means use default MODE above, empty means disable it -;logger.access.MODE= -;logger.router.MODE=, -;logger.xorm.MODE=, +;; Set the log "modes" for the router log (if file is set the log file will default to router.log) +ROUTER = console ;; -;; Collect SSH logs (Creates log from ssh git request) +;; The router will log different things at different levels. ;; -;ENABLE_SSH_LOG = false +;; * started messages will be logged at TRACE level +;; * polling/completed routers will be logged at INFO +;; * slow routers will be logged at WARN +;; * failed routers will be logged at WARN ;; +;; The routing level will default to that of the system but individual router level can be set in +;; [log..router] LEVEL +;; + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; ;; Access Logger (Creates log in NCSA common log format) ;; -;; Print request id which parsed from request headers in access log, when access log is enabled. -;; * E.g: -;; * In request Header: X-Request-ID: test-id-123 -;; * Configuration in app.ini: REQUEST_ID_HEADERS = X-Request-ID -;; * Print in log: 127.0.0.1:58384 - - [14/Feb/2023:16:33:51 +0800] "test-id-123" +;ENABLE_ACCESS_LOG = false ;; -;; If you configure more than one in the .ini file, it will match in the order of configuration, -;; and the first match will be finally printed in the log. -;; * E.g: -;; * In request Header: X-Trace-ID: trace-id-1q2w3e4r -;; * Configuration in app.ini: REQUEST_ID_HEADERS = X-Request-ID, X-Trace-ID, X-Req-ID -;; * Print in log: 127.0.0.1:58384 - - [14/Feb/2023:16:33:51 +0800] "trace-id-1q2w3e4r" -;; -;REQUEST_ID_HEADERS = +;; Set the log "modes" for the access log (if file is set the log file will default to access.log) +;ACCESS = file ;; ;; Sets the template used to create the access log. -;ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteHost}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.URL.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}" "{{.Ctx.Req.UserAgent}}" - +;ACCESS_LOG_TEMPLATE = {{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.URL.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}" +;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; -;; Log modes (aka log writers) +;; SSH log (Creates log from ssh git request) ;; -;[log.%(WriterMode)] -;MODE=console/file/conn/... +;ENABLE_SSH_LOG = false +;; +;; Other Settings +;; +;; Print Stacktraces with logs. (Rarely helpful.) Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "None" +;STACKTRACE_LEVEL = None +;; +;; Buffer length of the channel, keep it as it is if you don't know what it is. +;BUFFER_LEN = 10000 + +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; Creating specific log configuration +;; +;; You can set specific configuration for individual modes and subloggers +;; +;; Configuration available to all log modes/subloggers ;LEVEL= -;FLAGS = stdflags or journald +;FLAGS = stdflags ;EXPRESSION = ;PREFIX = ;COLORIZE = false ;; -;[log.console] +;; For "console" mode only ;STDERR = false ;; -;[log.file] -;; Set the file_name for the logger. If this is a relative path this will be relative to ROOT_PATH +;; For "file" mode only +;LEVEL = +;; Set the file_name for the logger. If this is a relative path this +;; will be relative to ROOT_PATH ;FILE_NAME = ;; This enables automated log rotate(switch of following options), default is true ;LOG_ROTATE = true @@ -652,8 +598,9 @@ LEVEL = Info ;COMPRESS = true ;; compression level see godoc for compress/gzip ;COMPRESSION_LEVEL = -1 -;; -;[log.conn] +; +;; For "conn" mode only +;LEVEL = ;; Reconnect host for every single message, default is false ;RECONNECT_ON_MSG = false ;; Try to reconnect when connection is lost, default is false @@ -662,6 +609,19 @@ LEVEL = Info ;PROTOCOL = tcp ;; Host address ;ADDR = +; +;; For "smtp" mode only +;LEVEL = +;; Name displayed in mail title, default is "Diagnostic message from server" +;SUBJECT = Diagnostic message from server +;; Mail server +;HOST = +;; Mailer user name and password +;USER = +;; Use PASSWD = `your password` for quoting if you use special characters in the password. +;PASSWD = +;; Receivers, can be one or more, e.g. 1@example.com,2@example.com +;RECEIVERS = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -673,7 +633,7 @@ LEVEL = Info ;PATH = ;; ;; The HOME directory for Git -;HOME_PATH = %(APP_DATA_PATH)s/home +;HOME_PATH = %(APP_DATA_PATH)/home ;; ;; Disables highlight of added and removed changes ;DISABLE_DIFF_HIGHLIGHT = false @@ -693,12 +653,6 @@ LEVEL = Info ;; Set the default branches range size ;BRANCHES_RANGE_SIZE = 20 ;; -;; Print out verbose infos on push to stdout -;VERBOSE_PUSH = true -;; -;; Delay before verbose push infos are printed to stdout -;VERBOSE_PUSH_DELAY = 5s -;; ;; Arguments for command 'git gc', e.g. "--aggressive --auto" ;; see more on http://git-scm.com/docs/git-gc/ ;GC_ARGS = @@ -717,25 +671,6 @@ LEVEL = Info ;; Disable the usage of using partial clones for git. ;DISABLE_PARTIAL_CLONE = false -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Git Operation timeout in seconds -;[git.timeout] -;DEFAULT = 360 -;MIGRATE = 600 -;MIRROR = 300 -;CLONE = 300 -;PULL = 300 -;GC = 60 -;GREP = 2 - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Git config options -;; This section only does "set" config, a removed config key from this section won't be removed from git config automatically. The format is `some.configKey = value`. -;[git.config] -;diff.algorithm = histogram -;core.logAllRefUpdates = true -;gc.reflogExpire = 90 - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; [service] @@ -754,11 +689,11 @@ LEVEL = Info ;; Whether a new user needs to be confirmed manually after registration. (Requires `REGISTER_EMAIL_CONFIRM` to be disabled.) ;REGISTER_MANUAL_CONFIRM = false ;; -;; List of domain names that are allowed to be used to register on a Gitea instance, wildcard is supported -;; eg: gitea.io,example.com,*.mydomain.com -;EMAIL_DOMAIN_ALLOWLIST = +;; List of domain names that are allowed to be used to register on a Gitea instance +;; gitea.io,example.com +;EMAIL_DOMAIN_WHITELIST = ;; -;; Comma-separated list of domain names that are not allowed to be used to register on a Gitea instance, wildcard is supported +;; Comma-separated list of domain names that are not allowed to be used to register on a Gitea instance ;EMAIL_DOMAIN_BLOCKLIST = ;; ;; Disallow registration, only allow admins to create accounts. @@ -783,8 +718,6 @@ LEVEL = Info ;; ;; More detail: https://github.com/gogits/gogs/issues/165 ;ENABLE_REVERSE_PROXY_AUTHENTICATION = false -; Enable this to allow reverse proxy authentication for API requests, the reverse proxy is responsible for ensuring that no CSRF is possible. -;ENABLE_REVERSE_PROXY_AUTHENTICATION_API = false ;ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false ;ENABLE_REVERSE_PROXY_EMAIL = false ;ENABLE_REVERSE_PROXY_FULL_NAME = false @@ -792,15 +725,7 @@ LEVEL = Info ;; Enable captcha validation for registration ;ENABLE_CAPTCHA = false ;; -;; Enable this to require captcha validation for login -;REQUIRE_CAPTCHA_FOR_LOGIN = false -;; -;; Requires captcha for external registrations -;REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA = false -;; Requires a password for external registrations -;REQUIRE_EXTERNAL_REGISTRATION_PASSWORD = false -;; -;; Type of captcha you want to use. Options: image, recaptcha, hcaptcha, mcaptcha, cfturnstile. +;; Type of captcha you want to use. Options: image, recaptcha, hcaptcha, mcaptcha. ;CAPTCHA_TYPE = image ;; ;; Change this to use recaptcha.net or other recaptcha service @@ -822,10 +747,6 @@ LEVEL = Info ;MCAPTCHA_SECRET = ;MCAPTCHA_SITEKEY = ;; -;; Go to https://dash.cloudflare.com/?to=/:account/turnstile to sign up for a key -;CF_TURNSTILE_SITEKEY = -;CF_TURNSTILE_SECRET = -;; ;; Default value for KeepEmailPrivate ;; Each new user will get the value of this setting copied into their profile ;DEFAULT_KEEP_EMAIL_PRIVATE = false @@ -837,11 +758,6 @@ LEVEL = Info ;; Every new user will have restricted permissions depending on this setting ;DEFAULT_USER_IS_RESTRICTED = false ;; -;; Users will be able to use dots when choosing their username. Disabling this is -;; helpful if your usersare having issues with e.g. RSS feeds or advanced third-party -;; extensions that use strange regex patterns. -; ALLOW_DOTS_IN_USERNAMES = true -;; ;; Either "public", "limited" or "private", default is "public" ;; Limited is for users visible only to signed users ;; Private is for users visible only to members of their organizations @@ -868,15 +784,6 @@ LEVEL = Info ;; Dependencies can be added from any repository where the user is granted access or only from the current repository depending on this setting. ;ALLOW_CROSS_REPOSITORY_DEPENDENCIES = true ;; -;; Default map service. No external API support has been included. A service has to allow -;; searching using URL parameters, the location will be appended to the URL as escaped query parameter. -;; Some example values are: -;; - OpenStreetMap: https://www.openstreetmap.org/search?query= -;; - Google Maps: https://www.google.com/maps/place/ -;; - MapQuest: https://www.mapquest.com/search/ -;; - Bing Maps: https://www.bing.com/maps?where1= -; USER_LOCATION_MAP_URL = https://www.openstreetmap.org/search?query= -;; ;; Enable heatmap on users profiles. ;ENABLE_USER_HEATMAP = true ;; @@ -901,9 +808,6 @@ LEVEL = Info ;; Show Registration button ;SHOW_REGISTRATION_BUTTON = true ;; -;; Whether to allow internal signin -; ENABLE_INTERNAL_SIGNIN = true -;; ;; Show milestones dashboard page - a view of all the user's milestones ;SHOW_MILESTONES_DASHBOARD_PAGE = true ;; @@ -921,24 +825,6 @@ LEVEL = Info ;; Valid site url schemes for user profiles ;VALID_SITE_URL_SCHEMES=http,https -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[service.explore] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; -;; Only allow signed in users to view the explore pages. -;REQUIRE_SIGNIN_VIEW = false -;; -;; Disable the users explore page. -;DISABLE_USERS_PAGE = false -;; -;; Disable the organizations explore page. -;DISABLE_ORGANIZATIONS_PAGE = false -;; -;; Disable the code explore page. -;DISABLE_CODE_PAGE = false -;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -949,19 +835,11 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[badges] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Enable repository badges (via shields.io or a similar generator) -;ENABLED = true -;; Template for the badge generator. -;GENERATOR_URL_TEMPLATE = https://img.shields.io/badge/{{.label}}-{{.text}}-{{.color}} - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[repository] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Root path for storing all repository data. By default, it is set to %(APP_DATA_PATH)s/gitea-repositories. -;; A relative path is interpreted as _`AppWorkPath`_/%(ROOT)s +;; Root path for storing all repository data. By default, it is set to %(APP_DATA_PATH)/gitea-repositories. +;; A relative path is interpreted as %(GITEA_WORK_DIR)/%(ROOT) ;ROOT = ;; ;; The script type this server supports. Usually this is `bash`, but some users report that only `sh` is available. @@ -988,9 +866,15 @@ LEVEL = Info ;; Global limit of repositories per user, applied at creation time. -1 means no limit ;MAX_CREATION_LIMIT = -1 ;; +;; Mirror sync queue length, increase if mirror syncing starts hanging (DEPRECATED: please use [queue.mirror] LENGTH instead) +;MIRROR_QUEUE_LENGTH = 1000 +;; +;; Patch test queue length, increase if pull request patch testing starts hanging (DEPRECATED: please use [queue.pr_patch_checker] LENGTH instead) +;PULL_REQUEST_QUEUE_LENGTH = 1000 +;; ;; Preferred Licenses to place at the top of the List ;; The name here must match the filename in options/license or custom/options/license -;PREFERRED_LICENSES = Apache-2.0,MIT +;PREFERRED_LICENSES = Apache License 2.0,MIT License ;; ;; Disable the ability to interact with repositories using the HTTP protocol ;DISABLE_HTTP_GIT = false @@ -1000,30 +884,17 @@ LEVEL = Info ;ACCESS_CONTROL_ALLOW_ORIGIN = ;; ;; Force ssh:// clone url instead of scp-style uri when default SSH port is used -;USE_COMPAT_SSH_URI = true -;; -;; Value for the "go get" request returns the repository url as https or ssh, default is https -;GO_GET_CLONE_URL_PROTOCOL = https +;USE_COMPAT_SSH_URI = false ;; ;; Close issues as long as a commit on any branch marks it as fixed -;DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH = false -;; -;; Allow users to push local repositories to Gitea and have them automatically created for a user or an org -;ENABLE_PUSH_CREATE_USER = false -;ENABLE_PUSH_CREATE_ORG = false -;; -;; Comma separated list of globally disabled repo units. Allowed values: repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects, repo.packages, repo.actions. +;; Comma separated list of globally disabled repo units. Allowed values: repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects ;DISABLED_REPO_UNITS = ;; -;; Comma separated list of default new repo units. Allowed values: repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects, repo.packages, repo.actions. +;; Comma separated list of default repo units. Allowed values: repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects. ;; Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. ;; External wiki and issue tracker can't be enabled by default as it requires additional settings. ;; Disabled repo units will not be added to new repositories regardless if it is in the default list. -;DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages,repo.actions -;; -;; Comma separated list of default forked repo units. -;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS. -;DEFAULT_FORK_REPO_UNITS = repo.code,repo.pulls +;DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects ;; ;; Prefix archive files by placing them in a directory named after the repository ;PREFIX_ARCHIVE_FILES = true @@ -1034,9 +905,6 @@ LEVEL = Info ;; Disable stars feature. ;DISABLE_STARS = false ;; -;; Disable repository forking. -;DISABLE_FORKS = false -;; ;; The default branch name of new repositories ;DEFAULT_BRANCH = main ;; @@ -1049,9 +917,6 @@ LEVEL = Info ;; Don't allow download source archive files from UI ;DISABLE_DOWNLOAD_SOURCE_ARCHIVES = false -;; Allow fork repositories without maximum number limit -;ALLOW_FORK_WITHOUT_MAXIMUM_LIMIT = true - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[repository.editor] @@ -1060,7 +925,11 @@ LEVEL = Info ;; ;; List of file extensions for which lines should be wrapped in the Monaco editor ;; Separate extensions with a comma. To line wrap files without an extension, just put a comma -;LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,.livemd, +;LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd, +;; +;; Valid file modes that have a preview API associated with them, such as api/v1/markdown +;; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match +;PREVIEWABLE_FILE_MODES = markdown ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1086,8 +955,8 @@ LEVEL = Info ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types. ;ALLOWED_TYPES = ;; -;; Max size of each file in megabytes. Defaults to 50MB -;FILE_MAX_SIZE = 50 +;; Max size of each file in megabytes. Defaults to 3MB +;FILE_MAX_SIZE = 3 ;; ;; Max number of files per upload. Defaults to 5 ;MAX_FILES = 5 @@ -1107,7 +976,7 @@ LEVEL = Info ;; List of keywords used in Pull Request comments to automatically reopen a related issue ;REOPEN_KEYWORDS = reopen,reopens,reopened ;; -;; Set default merge style for repository creating, valid options: merge, rebase, rebase-merge, squash, fast-forward-only +;; Set default merge style for repository creating, valid options: merge, rebase, rebase-merge, squash ;DEFAULT_MERGE_STYLE = merge ;; ;; In the default merge message for squash commits include at most this many commits @@ -1125,17 +994,11 @@ LEVEL = Info ;; In default merge messages only include approvers who are official ;DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY = true ;; -;; If an squash commit's comment should be populated with the commit messages of the squashed commits -;POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES = false -;; ;; Add co-authored-by and co-committed-by trailers if committer does not match author ;ADD_CO_COMMITTER_TRAILERS = true ;; ;; In addition to testing patches using the three-way merge method, re-test conflicting patches with git apply -;TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = false -;; -;; Retarget child pull requests to the parent pull request branch target on merge of parent pull request. It only works on merged PRs where the head and base branch target the same repo. -;RETARGET_CHILDREN_ON_MERGE = true +;TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = true ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1143,10 +1006,7 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; List of reasons why a Pull Request or Issue can be locked -;LOCK_REASONS = Too heated,Off-topic,Spam,Resolved -;; Maximum number of pinned Issues per repo -;; Set to 0 to disable pinning Issues -;MAX_PINNED = 3 +;LOCK_REASONS = Too heated,Off-topic,Resolved,Spam ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1229,9 +1089,15 @@ LEVEL = Info ;; enable cors headers (disabled by default) ;ENABLED = false ;; -;; list of requesting origins that are allowed, eg: "https://*.example.com" +;; scheme of allowed requests +;SCHEME = http +;; +;; list of requesting domains that are allowed ;ALLOW_DOMAIN = * ;; +;; allow subdomains of headers listed above to request +;ALLOW_SUBDOMAIN = false +;; ;; list of methods allowed to request ;METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS ;; @@ -1241,9 +1107,6 @@ LEVEL = Info ;; allow request with credentials ;ALLOW_CREDENTIALS = false ;; -;; headers to permit -;HEADERS = Content-Type,User-Agent -;; ;; set X-FRAME-OPTIONS header ;X_FRAME_OPTIONS = SAMEORIGIN @@ -1259,12 +1122,6 @@ LEVEL = Info ;; Number of issues that are displayed on one page ;ISSUE_PAGING_NUM = 20 ;; -;; Number of repositories that are displayed on one page when searching. -;REPO_SEARCH_PAGING_NUM = 20 -;; -;; Number of members that are displayed on one page -;MEMBERS_PAGING_NUM = 20 -;; ;; Number of maximum commits displayed in one activity feed ;FEED_MAX_COMMIT_NUM = 5 ;; @@ -1274,47 +1131,38 @@ LEVEL = Info ;; Number of items that are displayed in a single subsitemap ;SITEMAP_PAGING_NUM = 20 ;; -;; Number of packages that are displayed on one page -;PACKAGES_PAGING_NUM = 20 -;; ;; Number of maximum commits displayed in commit graph. ;GRAPH_MAX_COMMIT_NUM = 100 ;; ;; Number of line of codes shown for a code comment ;CODE_COMMENT_LINES = 4 ;; +;; Value of `theme-color` meta tag, used by Android >= 5.0 +;; An invalid color like "none" or "disable" will have the default style +;; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android +;THEME_COLOR_META_TAG = `#6cc644` +;; ;; Max size of files to be displayed (default is 8MiB) ;MAX_DISPLAY_FILE_SIZE = 8388608 ;; -;; Detect ambiguous unicode characters in file contents and show warnings on the UI -;AMBIGUOUS_UNICODE_DETECTION = true -;; ;; Whether the email of the user should be shown in the Explore Users page ;SHOW_USER_EMAIL = true ;; ;; Set the default theme for the Gitea install -;DEFAULT_THEME = forgejo-auto +;DEFAULT_THEME = auto ;; ;; All available themes. Allow users select personalized themes regardless of the value of `DEFAULT_THEME`. -;; By default available: -;; - forgejo-auto, forgejo-light, forgejo-dark -;; - gitea-auto, gitea-light, gitea-dark -;; - forgejo-auto-deuteranopia-protanopia, forgejo-light-deuteranopia-protanopia, forgejo-dark-deuteranopia-protanopia -;; - forgejo-auto-tritanopia, forgejo-light-tritanopia, forgejo-dark-tritanopia -;THEMES = gitea-auto,gitea-light,gitea-dark +;THEMES = auto,gitea,arc-green ;; ;; All available reactions users can choose on issues/prs and comments. ;; Values can be emoji alias (:smile:) or a unicode emoji. -;; For custom reactions, add a tightly cropped square image to public/assets/img/emoji/reaction_name.png +;; For custom reactions, add a tightly cropped square image to public/img/emoji/reaction_name.png ;REACTIONS = +1, -1, laugh, hooray, confused, heart, rocket, eyes ;; -;; Change the number of users that are displayed in reactions tooltip (triggered by mouse hover). -;REACTION_MAX_USER_NUM = 10 -;; ;; Additional Emojis not defined in the utf8 standard -;; By default we support gitea (:gitea:), to add more copy them to public/assets/img/emoji/emoji_name.png and add it to this config. +;; By default we support gitea (:gitea:), to add more copy them to public/img/emoji/emoji_name.png and add it to this config. ;; Dont mistake it for Reactions. -;CUSTOM_EMOJIS = gitea, codeberg, gitlab, git, github, gogs, forgejo +;CUSTOM_EMOJIS = gitea, codeberg, gitlab, git, github, gogs ;; ;; Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used. ;DEFAULT_SHOW_FULL_NAME = false @@ -1322,17 +1170,12 @@ LEVEL = Info ;; Whether to search within description at repository search on explore page. ;SEARCH_REPO_DESCRIPTION = true ;; +;; Whether to enable a Service Worker to cache frontend assets +;USE_SERVICE_WORKER = false +;; ;; Whether to only show relevant repos on the explore page when no keyword is specified and default sorting is used. ;; A repo is considered irrelevant if it's a fork or if it has no metadata (no description, no icon, no topic). ;ONLY_SHOW_RELEVANT_REPOS = false -;; -;; Change the sort type of the explore pages. -;; Default is "recentupdate", but you also have "alphabetically", "reverselastlogin", "newest", "oldest". -;EXPLORE_PAGING_DEFAULT_SORT = recentupdate -;; -;; The tense all timestamps should be rendered in. Possible values are `absolute` time (i.e. 1970-01-01, 11:59) and `mixed`. -;; `mixed` means most timestamps are rendered in relative time (i.e. 2 days ago). -;PREFERRED_TIMESTAMP_TENSE = mixed ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1365,9 +1208,9 @@ LEVEL = Info ;[ui.meta] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;AUTHOR = Forgejo – Beyond coding. We forge. -;DESCRIPTION = Forgejo is a self-hosted lightweight software forge. Easy to install and low maintenance, it just does the job. -;KEYWORDS = git,forge,forgejo +;AUTHOR = Gitea - Git with a cup of tea +;DESCRIPTION = Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go +;KEYWORDS = go,git,self-hosted,gitea ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1403,9 +1246,6 @@ LEVEL = Info ;; ;; Maximum allowed file size in bytes to render CSV files as table. (Set to 0 for no limit). ;MAX_FILE_SIZE = 524288 -;; -;; Maximum allowed rows to render CSV files. (Set to 0 for no limit) -;MAX_ROWS = 2500 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1425,12 +1265,11 @@ LEVEL = Info ;; Comma separated list of custom URL-Schemes that are allowed as links when rendering Markdown ;; for example git,magnet,ftp (more at https://en.wikipedia.org/wiki/List_of_URI_schemes) ;; URLs starting with http and https are always displayed, whatever is put in this entry. -;; If this entry is empty, all URL schemes are allowed. ;CUSTOM_URL_SCHEMES = ;; ;; List of file extensions that should be rendered/edited as Markdown ;; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma -;FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd,.livemd +;FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd ;; ;; Enables math inline and block detection ;ENABLE_MATH = true @@ -1444,7 +1283,7 @@ LEVEL = Info ;; Define allowed algorithms and their minimum key length (use -1 to disable a type) ;ED25519 = 256 ;ECDSA = 256 -;RSA = 3071 ; we allow 3071 here because an otherwise valid 3072 bit RSA key can be reported as having 3071 bit length +;RSA = 2047 ; we allow 2047 here because an otherwise valid 2048 bit RSA key can be reported as having 2047 bit length ;DSA = -1 ; set to 1024 to switch on ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1456,22 +1295,38 @@ LEVEL = Info ;; Issue Indexer settings ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; -;; Issue indexer type, currently support: bleve, db, elasticsearch or meilisearch default is bleve +;; Issue indexer type, currently support: bleve, db or elasticsearch, default is bleve ;ISSUE_INDEXER_TYPE = bleve ;; ;; Issue indexer storage path, available when ISSUE_INDEXER_TYPE is bleve -;ISSUE_INDEXER_PATH = indexers/issues.bleve ; Relative paths will be made absolute against _`AppWorkPath`_. +;ISSUE_INDEXER_PATH = indexers/issues.bleve ;; -;; Issue indexer connection string, available when ISSUE_INDEXER_TYPE is elasticsearch (e.g. http://elastic:password@localhost:9200) or meilisearch (e.g. http://:apikey@localhost:7700) -;ISSUE_INDEXER_CONN_STR = +;; Issue indexer connection string, available when ISSUE_INDEXER_TYPE is elasticsearch +;ISSUE_INDEXER_CONN_STR = http://elastic:changeme@localhost:9200 ;; -;; Issue indexer name, available when ISSUE_INDEXER_TYPE is elasticsearch or meilisearch. +;; Issue indexer name, available when ISSUE_INDEXER_TYPE is elasticsearch ;ISSUE_INDEXER_NAME = gitea_issues ;; ;; Timeout the indexer if it takes longer than this to start. ;; Set to -1 to disable timeout. ;STARTUP_TIMEOUT = 30s ;; +;; Issue indexer queue, currently support: channel, levelqueue or redis, default is levelqueue (deprecated - use [queue.issue_indexer]) +;ISSUE_INDEXER_QUEUE_TYPE = levelqueue; **DEPRECATED** use settings in `[queue.issue_indexer]`. +;; +;; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the path where the queue will be saved. +;; This can be overridden by `ISSUE_INDEXER_QUEUE_CONN_STR`. +;; default is queues/common +;ISSUE_INDEXER_QUEUE_DIR = queues/common; **DEPRECATED** use settings in `[queue.issue_indexer]`. +;; +;; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string. +;; When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of +;; the form `leveldb://path/to/db?option=value&....`, and overrides `ISSUE_INDEXER_QUEUE_DIR`. +;ISSUE_INDEXER_QUEUE_CONN_STR = "addrs=127.0.0.1:6379 db=0"; **DEPRECATED** use settings in `[queue.issue_indexer]`. +;; +;; Batch queue number, default is 20 +;ISSUE_INDEXER_QUEUE_BATCH_NUMBER = 20; **DEPRECATED** use settings in `[queue.issue_indexer]`. + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Repository Indexer settings ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1479,10 +1334,6 @@ LEVEL = Info ;; repo indexer by default disabled, since it uses a lot of disk space ;REPO_INDEXER_ENABLED = false ;; -;; repo indexer units, the items to index, could be `sources`, `forks`, `mirrors`, `templates` or any combination of them separated by a comma. -;; If empty then it defaults to `sources` only, as if you'd like to disable fully please see REPO_INDEXER_ENABLED. -;REPO_INDEXER_REPO_TYPES = sources,forks,mirrors,templates -;; ;; Code search engine type, could be `bleve` or `elasticsearch`. ;REPO_INDEXER_TYPE = bleve ;; @@ -1502,11 +1353,8 @@ LEVEL = Info ;; A comma separated list of glob patterns to exclude from the index; ; default is empty ;REPO_INDEXER_EXCLUDE = ;; -;; If vendored files should be excluded. -;; See https://github.com/go-enry/go-enry for more details which files are considered to be vendored. -;REPO_INDEXER_EXCLUDE_VENDORED = true ;; -;; The maximum filesize to include for indexing +;UPDATE_BUFFER_LEN = 20; **DEPRECATED** use settings in `[queue.issue_indexer]`. ;MAX_FILE_SIZE = 1048576 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1525,18 +1373,18 @@ LEVEL = Info ;TYPE = persistable-channel ;; ;; data-dir for storing persistable queues and level queues, individual queues will default to `queues/common` meaning the queue is shared. -;DATADIR = queues/ ; Relative paths will be made absolute against `%(APP_DATA_PATH)s`. +;DATADIR = queues/ ;; ;; Default queue length before a channel queue will block -;LENGTH = 100000 +;LENGTH = 20 ;; ;; Batch size to send for batched queues ;BATCH_LENGTH = 20 ;; -;; Connection string for redis queues this will store the redis (or Redis cluster) connection string. +;; Connection string for redis queues this will store the redis connection string. ;; When `TYPE` is `persistable-channel`, this provides a directory for the underlying leveldb ;; or additional options of the form `leveldb://path/to/db?option=value&....`, and will override `DATADIR`. -;CONN_STR = "redis://127.0.0.1:6379/0" +;CONN_STR = "addrs=127.0.0.1:6379 db=0" ;; ;; Provides the suffix of the default redis/disk queue name - specific queues can be overridden within in their [queue.name] sections. ;QUEUE_NAME = "_queue" @@ -1544,8 +1392,29 @@ LEVEL = Info ;; Provides the suffix of the default redis/disk unique queue set name - specific queues can be overridden within in their [queue.name] sections. ;SET_NAME = "_unique" ;; -;; Maximum number of worker go-routines for the queue. Default value is "CpuNum/2" clipped to between 1 and 10. -;MAX_WORKERS = ; (dynamic) +;; If the queue cannot be created at startup - level queues may need a timeout at startup - wrap the queue: +;WRAP_IF_NECESSARY = true +;; +;; Attempt to create the wrapped queue at max +;MAX_ATTEMPTS = 10 +;; +;; Timeout queue creation +;TIMEOUT = 15m30s +;; +;; Create a pool with this many workers +;WORKERS = 0 +;; +;; Dynamically scale the worker pool to at this many workers +;MAX_WORKERS = 10 +;; +;; Add boost workers when the queue blocks for BLOCK_TIMEOUT +;BLOCK_TIMEOUT = 1s +;; +;; Remove the boost workers after BOOST_TIMEOUT +;BOOST_TIMEOUT = 5m +;; +;; During a boost add BOOST_WORKERS +;BOOST_WORKERS = 1 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1558,18 +1427,6 @@ LEVEL = Info ;; ;; Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled ;DEFAULT_EMAIL_NOTIFICATIONS = enabled -;; Send an email to all admins when a new user signs up to inform the admins about this act. Options: true, false -;SEND_NOTIFICATION_EMAIL_ON_NEW_USER = false -;; Disabled features for users, could be "deletion", "manage_ssh_keys","manage_gpg_keys" more features can be disabled in future -;; - deletion: a user cannot delete their own account -;; - manage_ssh_keys: a user cannot configure ssh keys -;; - manage_gpg_keys: a user cannot configure gpg keys -;USER_DISABLED_FEATURES = -;; Comma separated list of disabled features ONLY if the user has an external login type (eg. LDAP, Oauth, etc.), could be `deletion`, `manage_ssh_keys`, `manage_gpg_keys`. This setting is independent from `USER_DISABLED_FEATURES` and supplements its behavior. -;; - deletion: a user cannot delete their own account -;; - manage_ssh_keys: a user cannot configure ssh keys -;; - manage_gpg_keys: a user cannot configure gpg keys -;;EXTERNAL_USER_DISABLE_FEATURES = ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -1598,7 +1455,7 @@ LEVEL = Info ;; ;; Whether to allow registering via OpenID ;; Do not include to rely on rhw DISABLE_REGISTRATION setting -;ENABLE_OPENID_SIGNUP = true +;;ENABLE_OPENID_SIGNUP = true ;; ;; Allowed URI patterns (POSIX regexp). ;; Space separated. @@ -1634,10 +1491,6 @@ LEVEL = Info ;; userid = use the userid / sub attribute ;; nickname = use the nickname attribute ;; email = use the username part of the email attribute -;; Note: `nickname` and `email` options will normalize input strings using the following criteria: -;; - diacritics are removed -;; - the characters in the set `['Ā“\x60]` are removed -;; - the characters in the set `[\s~+]` are replaced with `-` ;USERNAME = nickname ;; ;; Update avatar if available from oauth2 provider. @@ -1743,10 +1596,6 @@ LEVEL = Info ;; Sometimes it is helpful to use a different address on the envelope. Set this to use ENVELOPE_FROM as the from on the envelope. Set to `<>` to send an empty address. ;ENVELOPE_FROM = ;; -;; If gitea sends mails on behave of users, it will just use the name also displayed in the WebUI. If you want e.g. `Mister X (by CodeIt) `, -;; set it to `{{ .DisplayName }} (by {{ .AppName }})`. Available Variables: `.DisplayName`, `.AppName` and `.Domain`. -;FROM_DISPLAY_NAME_FORMAT = {{ .DisplayName }} -;; ;; Mailer user name and password, if required by provider. ;USER = ;; @@ -1769,63 +1618,15 @@ LEVEL = Info ;; convert \r\n to \n for Sendmail ;SENDMAIL_CONVERT_CRLF = true -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[mailer.override_header] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; This is empty by default, use it only if you know what you need it for. -;Reply-To = test@example.com, test2@example.com -;Content-Type = text/html; charset=utf-8 -;In-Reply-To = - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[email.incoming] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; -;; Enable handling of incoming emails. -;ENABLED = false -;; -;; The email address including the %{token} placeholder that will be replaced per user/action. -;; Example: incoming+%{token}@example.com -;; The placeholder must appear in the user part of the address (before the @). -;REPLY_TO_ADDRESS = -;; -;; IMAP server host -;HOST = -;; -;; IMAP server port -;PORT = -;; -;; Username of the receiving account -;USERNAME = -;; -;; Password of the receiving account -;PASSWORD = -;; -;; Whether the IMAP server uses TLS. -;USE_TLS = false -;; -;; If set to true, completely ignores server certificate validation errors. This option is unsafe. -;SKIP_TLS_VERIFY = true -;; -;; The mailbox name where incoming mail will end up. -;MAILBOX = INBOX -;; -;; Whether handled messages should be deleted from the mailbox. -;DELETE_HANDLED_MESSAGE = true -;; -;; Maximum size of a message to handle. Bigger messages are ignored. Set to 0 to allow every size. -;MAXIMUM_MESSAGE_SIZE = 10485760 - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[cache] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; +;; if the cache enabled +;ENABLED = true +;; ;; Either "memory", "redis", "memcache", or "twoqueue". default is "memory" ;ADAPTER = memory ;; @@ -1833,7 +1634,7 @@ LEVEL = Info ;INTERVAL = 60 ;; ;; For "redis" and "memcache", connection host address -;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster) +;; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 ;; memcache: `127.0.0.1:11211` ;; twoqueue: `{"size":50000,"recent_ratio":0.25,"ghost_ratio":0.5}` or `50000` ;HOST = @@ -1849,6 +1650,8 @@ LEVEL = Info ;[cache.last_commit] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; if the cache enabled +;ENABLED = true ;; ;; Time to keep items in cache if not used, default is 8760 hours. ;; Setting it to -1 disables caching @@ -1870,15 +1673,15 @@ LEVEL = Info ;; Provider config options ;; memory: doesn't have any config yet ;; file: session file path, e.g. `data/sessions` -;; redis: `redis://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` (or `redis+cluster://127.0.0.1:6379/0?pool_size=100&idle_timeout=180s` for a Redis cluster) +;; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180 ;; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table` -;PROVIDER_CONFIG = data/sessions ; Relative paths will be made absolute against _`AppWorkPath`_. +;PROVIDER_CONFIG = data/sessions ;; ;; Session cookie name ;COOKIE_NAME = i_like_gitea ;; -;; If you use session in https only: true or false. If not set, it defaults to `true` if the ROOT_URL is an HTTPS URL. -;COOKIE_SECURE = +;; If you use session in https only, default is false +;COOKIE_SECURE = false ;; ;; Session GC time interval in seconds, default is 86400 (1 day) ;GC_INTERVAL_TIME = 86400 @@ -1886,9 +1689,6 @@ LEVEL = Info ;; Session life time in seconds, default is 86400 (1 day) ;SESSION_LIFE_TIME = 86400 ;; -;; Cookie domain name. Default is empty -;DOMAIN = -;; ;; SameSite settings. Either "none", "lax", or "strict" ;SAME_SITE=lax @@ -1898,6 +1698,9 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; +;AVATAR_UPLOAD_PATH = data/avatars +;REPOSITORY_AVATAR_UPLOAD_PATH = data/repo-avatars +;; ;; How Gitea deals with missing repository avatars ;; none = no avatar will be displayed; random = random avatar will be displayed; image = default image will be used ;REPOSITORY_AVATAR_FALLBACK = none @@ -1906,19 +1709,16 @@ LEVEL = Info ;; Max Width and Height of uploaded avatars. ;; This is to limit the amount of RAM used when resizing the image. ;AVATAR_MAX_WIDTH = 4096 -;AVATAR_MAX_HEIGHT = 4096 +;AVATAR_MAX_HEIGHT = 3072 ;; ;; The multiplication factor for rendered avatar images. ;; Larger values result in finer rendering on HiDPI devices. -;AVATAR_RENDERED_SIZE_FACTOR = 2 +;AVATAR_RENDERED_SIZE_FACTOR = 3 ;; ;; Maximum allowed file size for uploaded avatars. ;; This is to limit the amount of RAM used when resizing the image. ;AVATAR_MAX_FILE_SIZE = 1048576 ;; -;; If the uploaded file is not larger than this byte size, the image will be used as is, without resizing/converting. -;AVATAR_MAX_ORIGIN_SIZE = 262144 -;; ;; Chinese users can choose "duoshuo" ;; or a custom avatar source, like: http://cn.gravatar.com/avatar/ ;GRAVATAR_SOURCE = gravatar @@ -1941,10 +1741,10 @@ LEVEL = Info ;ENABLED = true ;; ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types. -;ALLOWED_TYPES = .avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.xls,.xlsx,.zip +;ALLOWED_TYPES = .csv,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.xls,.xlsx,.zip ;; -;; Max size of each file. Defaults to 2048MB -;MAX_SIZE = 2048 +;; Max size of each file. Defaults to 4MB +;MAX_SIZE = 4 ;; ;; Max number of files per upload. Defaults to 5 ;MAX_FILES = 5 @@ -1957,17 +1757,13 @@ LEVEL = Info ;; Currently, only `minio` is supported. ;SERVE_DIRECT = false ;; -;; Path for attachments. Defaults to `attachments`. Only available when STORAGE_TYPE is `local` -;; Relative paths will be resolved to `${AppDataPath}/${attachment.PATH}` -;PATH = attachments +;; Path for attachments. Defaults to `data/attachments` only available when STORAGE_TYPE is `local` +;PATH = data/attachments ;; ;; Minio endpoint to connect only available when STORAGE_TYPE is `minio` ;MINIO_ENDPOINT = localhost:9000 ;; -;; Minio accessKeyID to connect only available when STORAGE_TYPE is `minio`. -;; If not provided and STORAGE_TYPE is `minio`, will search for credentials in known -;; environment variables (MINIO_ACCESS_KEY_ID, AWS_ACCESS_KEY_ID), credentials files -;; (~/.mc/config.json, ~/.aws/credentials), and EC2 instance metadata. +;; Minio accessKeyID to connect only available when STORAGE_TYPE is `minio` ;MINIO_ACCESS_KEY_ID = ;; ;; Minio secretAccessKey to connect only available when STORAGE_TYPE is `minio` @@ -1976,11 +1772,6 @@ LEVEL = Info ;; Minio bucket to store the attachments only available when STORAGE_TYPE is `minio` ;MINIO_BUCKET = gitea ;; -;; Url lookup for the minio bucket only available when STORAGE_TYPE is `minio` -;; Available values: auto, dns, path -;; If empty, it behaves the same as "auto" was set -;MINIO_BUCKET_LOOKUP = -;; ;; Minio location to create bucket only available when STORAGE_TYPE is `minio` ;MINIO_LOCATION = us-east-1 ;; @@ -1989,12 +1780,6 @@ LEVEL = Info ;; ;; Minio enabled ssl only available when STORAGE_TYPE is `minio` ;MINIO_USE_SSL = false -;; -;; Minio skip SSL verification available when STORAGE_TYPE is `minio` -;MINIO_INSECURE_SKIP_VERIFY = false -;; -;; Minio checksum algorithm: default (for MinIO or AWS S3) or md5 (for Cloudflare or Backblaze) -;MINIO_CHECKSUM_ALGORITHM = default ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2002,6 +1787,11 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; +;; Specifies the format for fully outputted dates. Defaults to RFC1123 +;; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano +;; For more information about the format see http://golang.org/pkg/time/#pkg-constants +;FORMAT = +;; ;; Location the UI time display i.e. Asia/Shanghai ;; Empty means server's location setting ;DEFAULT_UI_LOCATION = @@ -2133,17 +1923,6 @@ LEVEL = Info ;; or only create new users if UPDATE_EXISTING is set to false ;UPDATE_EXISTING = true -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Cleanup expired actions assets -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[cron.cleanup_actions] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;ENABLED = true -;RUN_AT_START = true -;SCHEDULE = @midnight - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Clean-up deleted branches @@ -2310,7 +2089,7 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Delete all old activities from database +;; Delete all old actions from database ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[cron.delete_old_actions] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2328,11 +2107,11 @@ LEVEL = Info ;[cron.update_checker] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;ENABLED = true +;ENABLED = false ;RUN_AT_START = false ;ENABLE_SUCCESS_NOTICE = false ;SCHEDULE = @every 168h -;HTTP_ENDPOINT = https://dl.gitea.com/gitea/version.json +;HTTP_ENDPOINT = https://dl.gitea.io/gitea/version.json ;DOMAIN_ENDPOINT = release.forgejo.org ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2350,24 +2129,17 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; Garbage collect LFS pointers in repositories +;; Git Operation timeout in seconds ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[cron.gc_lfs] +;[git.timeout] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;ENABLED = false -;; Garbage collect LFS pointers in repositories (default false) -;RUN_AT_START = false -;; Interval as a duration between each gc run (default every 24h) -;SCHEDULE = @every 24h -;; Only attempt to garbage collect LFSMetaObjects older than this (default 7 days) -;OLDER_THAN = 168h -;; Only attempt to garbage collect LFSMetaObjects that have not been attempted to be garbage collected for this long (default 3 days) -;LAST_UPDATED_MORE_THAN_AGO = 72h -; Minimum number of stale LFSMetaObjects to check per repo. Set to `0` to always check all. -;NUMBER_TO_CHECK_PER_REPO = 100 -;Check at least this proportion of LFSMetaObjects per repo. (This may cause all stale LFSMetaObjects to be checked.) -;PROPORTION_TO_CHECK_PER_REPO = 0.6 +;DEFAULT = 360 +;MIGRATE = 600 +;MIRROR = 300 +;CLONE = 300 +;PULL = 300 +;GC = 60 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2407,8 +2179,8 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; The first locale will be used as the default if user browser's language doesn't match any locale in the list. -;LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,nds,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pt-PT,pl-PL,bg,it-IT,fi-FI,fil,eo,tr-TR,cs-CZ,sl,sv-SE,ko-KR,el-GR,fa-IR,hu-HU,id-ID -;NAMES = English,简体中文,ē¹é«”äø­ę–‡ļ¼ˆé¦™ęøÆļ¼‰,ē¹é«”äø­ę–‡ļ¼ˆå°ē£ļ¼‰,Deutsch,Plattdüütsch,FranƧais,Nederlands,LatvieÅ”u,Русский,Š£ŠŗŃ€Š°Ń—Š½ŃŃŒŠŗŠ°,ę—„ęœ¬čŖž,EspaƱol,PortuguĆŖs do Brasil,PortuguĆŖs de Portugal,Polski,Š‘ŃŠŠ»Š³Š°Ń€ŃŠŗŠø,Italiano,Suomi,Filipino,Esperanto,TürkƧe,ČeÅ”tina,SlovenŔčina,Svenska,ķ•œźµ­ģ–“,Ελληνικά,فارسی,Magyar nyelv,Bahasa Indonesia +;LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pt-PT,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sv-SE,ko-KR,el-GR,fa-IR,hu-HU,id-ID,ml-IN +;NAMES = English,简体中文,ē¹é«”äø­ę–‡ļ¼ˆé¦™ęøÆļ¼‰,ē¹é«”äø­ę–‡ļ¼ˆå°ē£ļ¼‰,Deutsch,FranƧais,Nederlands,LatvieÅ”u,Русский,Š£ŠŗŃ€Š°Ń—Š½ŃŃŒŠŗŠ°,ę—„ęœ¬čŖž,EspaƱol,PortuguĆŖs do Brasil,PortuguĆŖs de Portugal,Polski,Š‘ŃŠŠ»Š³Š°Ń€ŃŠŗŠø,Italiano,Suomi,TürkƧe,ČeÅ”tina,Дрпски,Svenska,ķ•œźµ­ģ–“,Ελληνικά,فارسی,Magyar nyelv,Bahasa Indonesia,ą“®ą“²ą“Æą“¾ą“³ą“‚ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2423,16 +2195,12 @@ LEVEL = Info ;[other] ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;SHOW_FOOTER_BRANDING = false ;; Show version information about Gitea and Go in the footer ;SHOW_FOOTER_VERSION = true ;; Show template execution time in the footer ;SHOW_FOOTER_TEMPLATE_LOAD_TIME = true -;; Show the "powered by" text in the footer -;SHOW_FOOTER_POWERED_BY = true -;; Generate sitemap. Defaults to `true`. -;ENABLE_SITEMAP = true -;; Enable/Disable RSS/Atom feed -;ENABLE_FEED = true + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2441,8 +2209,6 @@ LEVEL = Info ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; Set the maximum number of characters in a mermaid source. (Set to -1 to disable limits) ;MERMAID_MAX_SOURCE_CHARACTERS = 5000 -;; Set the maximum number of lines allowed for a filepreview. (Set to -1 to disable limits; set to 0 to disable the feature) -;FILEPREVIEW_MAX_LINES = 50 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2490,6 +2256,22 @@ LEVEL = Info ;; Enable issue by repository metrics; default is false ;ENABLED_ISSUE_BY_REPOSITORY = false +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;[task] +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +;; +;; Task queue type, could be `channel` or `redis`. +;QUEUE_TYPE = channel +;; +;; Task queue length, available only when `QUEUE_TYPE` is `channel`. +;QUEUE_LENGTH = 1000 +;; +;; Task queue connection string, available only when `QUEUE_TYPE` is `redis`. +;; If there is a password of redis, use `addrs=127.0.0.1:6379 password=123 db=0`. +;QUEUE_CONN_STR = "addrs=127.0.0.1:6379 db=0" + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[migrations] @@ -2515,18 +2297,6 @@ LEVEL = Info ;; Allow private addresses defined by RFC 1918, RFC 1122, RFC 4632 and RFC 4291 (false by default) ;; If a domain is allowed by ALLOWED_DOMAINS, this option will be ignored. ;ALLOW_LOCALNETWORKS = false -;; -;; If set to true, completely ignores server certificate validation errors. This option is unsafe. -;SKIP_TLS_VERIFY = false - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[F3] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; -;; Enable/Disable Friendly Forge Format (F3) -;ENABLED = false ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2566,61 +2336,8 @@ LEVEL = Info ;; Enable/Disable package registry capabilities ;ENABLED = true ;; -;STORAGE_TYPE = local -;; override the minio base path if storage type is minio -;MINIO_BASE_PATH = packages/ -;; ;; Path for chunked uploads. Defaults to APP_DATA_PATH + `tmp/package-upload` ;CHUNKED_UPLOAD_PATH = tmp/package-upload -;; -;; Maximum count of package versions a single owner can have (`-1` means no limits) -;LIMIT_TOTAL_OWNER_COUNT = -1 -;; Maximum size of packages a single owner can use (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_TOTAL_OWNER_SIZE = -1 -;; Maximum size of an Alpine upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_ALPINE = -1 -;; Maximum size of a Cargo upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CARGO = -1 -;; Maximum size of a Chef upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CHEF = -1 -;; Maximum size of a Composer upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_COMPOSER = -1 -;; Maximum size of a Conan upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CONAN = -1 -;; Maximum size of a Conda upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CONDA = -1 -;; Maximum size of a Container upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CONTAINER = -1 -;; Maximum size of a CRAN upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_CRAN = -1 -;; Maximum size of a Debian upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_DEBIAN = -1 -;; Maximum size of a Generic upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_GENERIC = -1 -;; Maximum size of a Go upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_GO = -1 -;; Maximum size of a Helm upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_HELM = -1 -;; Maximum size of a Maven upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_MAVEN = -1 -;; Maximum size of a npm upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_NPM = -1 -;; Maximum size of a NuGet upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_NUGET = -1 -;; Maximum size of a Pub upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_PUB = -1 -;; Maximum size of a PyPI upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_PYPI = -1 -;; Maximum size of a RPM upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_RPM = -1 -;; Maximum size of a RubyGems upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_RUBYGEMS = -1 -;; Maximum size of a Swift upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_SWIFT = -1 -;; Maximum size of a Vagrant upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`) -;LIMIT_SIZE_VAGRANT = -1 -;; Enable RPM re-signing by default. (It will overwrite the old signature ,using v4 format, not compatible with CentOS 6 or older) -;DEFAULT_RPM_SIGN_ENABLED = false ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2632,19 +2349,6 @@ LEVEL = Info ;; storage type ;STORAGE_TYPE = local -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; repo-archive storage will override storage -;; -;[repo-archive] -;STORAGE_TYPE = local -;; -;; Where your lfs files reside, default is data/lfs. -;PATH = data/repo-archive -;; -;; override the minio base path if storage type is minio -;MINIO_BASE_PATH = repo-archive/ - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; settings for repository archives, will override storage setting @@ -2664,19 +2368,6 @@ LEVEL = Info ;; ;; Where your lfs files reside, default is data/lfs. ;PATH = data/lfs -;; -;; override the minio base path if storage type is minio -;MINIO_BASE_PATH = lfs/ - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; settings for Gitea's LFS client (eg: mirroring an upstream lfs endpoint) -;; -;[lfs_client] -;; Limit the number of pointers in each batch request to this number -;BATCH_SIZE = 20 -;; Limit the number of concurrent upload/download operations within a batch -;BATCH_OPERATION_CONCURRENCY = 8 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -2697,10 +2388,7 @@ LEVEL = Info ;; Minio endpoint to connect only available when STORAGE_TYPE is `minio` ;MINIO_ENDPOINT = localhost:9000 ;; -;; Minio accessKeyID to connect only available when STORAGE_TYPE is `minio`. -;; If not provided and STORAGE_TYPE is `minio`, will search for credentials in known -;; environment variables (MINIO_ACCESS_KEY_ID, AWS_ACCESS_KEY_ID), credentials files -;; (~/.mc/config.json, ~/.aws/credentials), and EC2 instance metadata. +;; Minio accessKeyID to connect only available when STORAGE_TYPE is `minio` ;MINIO_ACCESS_KEY_ID = ;; ;; Minio secretAccessKey to connect only available when STORAGE_TYPE is `minio` @@ -2709,19 +2397,11 @@ LEVEL = Info ;; Minio bucket to store the attachments only available when STORAGE_TYPE is `minio` ;MINIO_BUCKET = gitea ;; -;; Url lookup for the minio bucket only available when STORAGE_TYPE is `minio` -;; Available values: auto, dns, path -;; If empty, it behaves the same as "auto" was set -;MINIO_BUCKET_LOOKUP = -;; ;; Minio location to create bucket only available when STORAGE_TYPE is `minio` ;MINIO_LOCATION = us-east-1 ;; ;; Minio enabled ssl only available when STORAGE_TYPE is `minio` ;MINIO_USE_SSL = false -;; -;; Minio skip SSL verification available when STORAGE_TYPE is `minio` -;MINIO_INSECURE_SKIP_VERIFY = false ;[proxy] ;; Enable the proxy, all requests to external via HTTP will be affected @@ -2730,49 +2410,3 @@ LEVEL = Info ;PROXY_URL = ;; Comma separated list of host names requiring proxy. Glob patterns (*) are accepted; use ** to match all hosts. ;PROXY_HOSTS = - -; [actions] -;; Enable/Disable actions capabilities -;ENABLED = true -;; Default address to get action plugins, e.g. the default value means downloading from "https://code.forgejo.org/actions/checkout" for "uses: actions/checkout@v3" -;DEFAULT_ACTIONS_URL = https://code.forgejo.org -;; Logs retention time in days. Old logs will be deleted after this period. -;LOG_RETENTION_DAYS = 365 -;; Log compression type, `none` for no compression, `zstd` for zstd compression. -;; Other compression types like `gzip` are NOT supported, since seekable stream is required for log view. -;; It's always recommended to use compression when using local disk as log storage if CPU or memory is not a bottleneck. -;; And for object storage services like S3, which is billed for requests, it would cause extra 2 times of get requests for each log view. -;; But it will save storage space and network bandwidth, so it's still recommended to use compression. -;LOG_COMPRESSION = zstd -;; Default artifact retention time in days. Artifacts could have their own retention periods by setting the `retention-days` option in `actions/upload-artifact` step. -;ARTIFACT_RETENTION_DAYS = 90 -;; Timeout to stop the task which have running status, but haven't been updated for a long time -;ZOMBIE_TASK_TIMEOUT = 10m -;; Timeout to stop the tasks which have running status and continuous updates, but don't end for a long time -;ENDLESS_TASK_TIMEOUT = 3h -;; Timeout to cancel the jobs which have waiting status, but haven't been picked by a runner for a long time -;ABANDONED_JOB_TIMEOUT = 24h -;; Strings committers can place inside a commit message or PR title to skip executing the corresponding actions workflow -;SKIP_WORKFLOW_STRINGS = [skip ci],[ci skip],[no ci],[skip actions],[actions skip] -;; Limit on inputs for manual / workflow_dispatch triggers, default is 10 -;LIMIT_DISPATCH_INPUTS = 10 - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; settings for action logs, will override storage setting -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[storage.actions_log] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; storage type -;STORAGE_TYPE = local - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; settings for action artifacts, will override storage setting -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;[storage.actions_artifacts] -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -;; storage type -;STORAGE_TYPE = local diff --git a/docker/README.md b/docker/README.md index 709623e290..ef05032ee6 100644 --- a/docker/README.md +++ b/docker/README.md @@ -1,7 +1,7 @@ -# Forgejo - Docker +# Gitea - Docker -The Dockerfile can be found in the root of repository. [Dockerfile](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/Dockerfile) & [Dockerfile.rootless](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/Dockerfile.rootless). +Dockerfile is found in root of repository. -The Docker image can be found on [Codeberg](https://codeberg.org/forgejo/-/packages/container/forgejo/). +Docker image can be found on [docker hub](https://hub.docker.com/r/gitea/gitea) -Documentation on how you can use the docker image can be found on the [Forgejo documentation website](https://forgejo.org/docs/latest/admin/installation/#installation-with-docker). +Documentation on using docker image can be found on [Gitea Docs site](https://docs.gitea.io/en-us/install-with-docker/) diff --git a/docker/manifest.rootless.tmpl b/docker/manifest.rootless.tmpl index 1ebf5b73c8..9559416470 100644 --- a/docker/manifest.rootless.tmpl +++ b/docker/manifest.rootless.tmpl @@ -1,23 +1,19 @@ -image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-rootless +image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}}-rootless {{#if build.tags}} -{{#unless (contains "-rc" build.tag)}} -{{#unless (contains "-dev" build.tag)}} tags: {{#each build.tags}} - {{this}}-rootless {{/each}} - "latest-rootless" -{{/unless}} -{{/unless}} {{/if}} manifests: - - image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-amd64-rootless + image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}}-linux-amd64-rootless platform: architecture: amd64 os: linux - - image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-arm64-rootless + image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}}-linux-arm64-rootless platform: architecture: arm64 os: linux diff --git a/docker/manifest.tmpl b/docker/manifest.tmpl index 08ccf61b57..4cd4ea4ea2 100644 --- a/docker/manifest.tmpl +++ b/docker/manifest.tmpl @@ -1,23 +1,19 @@ -image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}} +image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}} {{#if build.tags}} -{{#unless (contains "-rc" build.tag)}} -{{#unless (contains "-dev" build.tag)}} tags: {{#each build.tags}} - {{this}} {{/each}} - "latest" -{{/unless}} -{{/unless}} {{/if}} manifests: - - image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-amd64 + image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}}-linux-amd64 platform: architecture: amd64 os: linux - - image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}nightly{{/if}}-linux-arm64 + image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}{{#if (hasPrefix "refs/heads/release/v" build.ref)}}{{trimPrefix "refs/heads/release/v" build.ref}}-{{/if}}dev{{/if}}-linux-arm64 platform: architecture: arm64 os: linux diff --git a/docker/root/etc/s6/gitea/setup b/docker/root/etc/s6/gitea/setup index f8d76273c7..958d50a798 100755 --- a/docker/root/etc/s6/gitea/setup +++ b/docker/root/etc/s6/gitea/setup @@ -2,15 +2,7 @@ if [ ! -d /data/git/.ssh ]; then mkdir -p /data/git/.ssh -fi - -# Set the correct permissions on the .ssh directory and authorized_keys file, -# or sshd will refuse to use them and lead to clone/push/pull failures. -# It could happen when users have copied their data to a new volume and changed the file permission by accident, -# and it would be very hard to troubleshoot unless users know how to check the logs of sshd which is started by s6. -chmod 700 /data/git/.ssh -if [ -f /data/git/.ssh/authorized_keys ]; then - chmod 600 /data/git/.ssh/authorized_keys + chmod 700 /data/git/.ssh fi if [ ! -f /data/git/.ssh/environment ]; then diff --git a/docker/root/etc/s6/openssh/setup b/docker/root/etc/s6/openssh/setup index dbb3bafd35..d4b9b9cd37 100755 --- a/docker/root/etc/s6/openssh/setup +++ b/docker/root/etc/s6/openssh/setup @@ -11,7 +11,12 @@ fi if [ ! -f /data/ssh/ssh_host_rsa_key ]; then echo "Generating /data/ssh/ssh_host_rsa_key..." - ssh-keygen -t rsa -b 3072 -f /data/ssh/ssh_host_rsa_key -N "" > /dev/null + ssh-keygen -t rsa -b 2048 -f /data/ssh/ssh_host_rsa_key -N "" > /dev/null +fi + +if [ ! -f /data/ssh/ssh_host_dsa_key ]; then + echo "Generating /data/ssh/ssh_host_dsa_key..." + ssh-keygen -t dsa -f /data/ssh/ssh_host_dsa_key -N "" > /dev/null fi if [ ! -f /data/ssh/ssh_host_ecdsa_key ]; then @@ -31,12 +36,17 @@ if [ -e /data/ssh/ssh_host_ecdsa_cert ]; then SSH_ECDSA_CERT=${SSH_ECDSA_CERT:-"/data/ssh/ssh_host_ecdsa_cert"} fi +if [ -e /data/ssh/ssh_host_dsa_cert ]; then + SSH_DSA_CERT=${SSH_DSA_CERT:-"/data/ssh/ssh_host_dsa_cert"} +fi + if [ -d /etc/ssh ]; then SSH_PORT=${SSH_PORT:-"22"} \ SSH_LISTEN_PORT=${SSH_LISTEN_PORT:-"${SSH_PORT}"} \ SSH_ED25519_CERT="${SSH_ED25519_CERT:+"HostCertificate "}${SSH_ED25519_CERT}" \ SSH_RSA_CERT="${SSH_RSA_CERT:+"HostCertificate "}${SSH_RSA_CERT}" \ SSH_ECDSA_CERT="${SSH_ECDSA_CERT:+"HostCertificate "}${SSH_ECDSA_CERT}" \ + SSH_DSA_CERT="${SSH_DSA_CERT:+"HostCertificate "}${SSH_DSA_CERT}" \ SSH_MAX_STARTUPS="${SSH_MAX_STARTUPS:+"MaxStartups "}${SSH_MAX_STARTUPS}" \ SSH_MAX_SESSIONS="${SSH_MAX_SESSIONS:+"MaxSessions "}${SSH_MAX_SESSIONS}" \ SSH_INCLUDE_FILE="${SSH_INCLUDE_FILE:+"Include "}${SSH_INCLUDE_FILE}" \ diff --git a/docker/root/etc/templates/app.ini b/docker/root/etc/templates/app.ini index 01fb407f49..7e8aa0bd0a 100644 --- a/docker/root/etc/templates/app.ini +++ b/docker/root/etc/templates/app.ini @@ -46,6 +46,7 @@ PATH = /data/gitea/attachments [log] MODE = console LEVEL = info +ROUTER = console ROOT_PATH = /data/gitea/log [security] diff --git a/docker/root/etc/templates/sshd_config b/docker/root/etc/templates/sshd_config index 033c434658..17c2c397bb 100644 --- a/docker/root/etc/templates/sshd_config +++ b/docker/root/etc/templates/sshd_config @@ -16,6 +16,8 @@ HostKey /data/ssh/ssh_host_rsa_key ${SSH_RSA_CERT} HostKey /data/ssh/ssh_host_ecdsa_key ${SSH_ECDSA_CERT} +HostKey /data/ssh/ssh_host_dsa_key +${SSH_DSA_CERT} AuthorizedKeysFile .ssh/authorized_keys AuthorizedPrincipalsFile .ssh/authorized_principals diff --git a/docker/root/usr/bin/entrypoint b/docker/root/usr/bin/entrypoint index 08587fc4f4..0acfec4dbe 100755 --- a/docker/root/usr/bin/entrypoint +++ b/docker/root/usr/bin/entrypoint @@ -7,7 +7,7 @@ if [ ! -x /bin/sh ]; then fi if [ "${USER}" != "git" ]; then - # Rename user + # rename user sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd fi @@ -19,13 +19,13 @@ if [ -z "${USER_UID}" ]; then USER_UID="`id -u ${USER}`" fi -# Change GID for USER? +## Change GID for USER? if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group sed -i -e "s/^${USER}:\([^:]*\):\([0-9]*\):[0-9]*/${USER}:\1:\2:${USER_GID}/" /etc/passwd fi -# Change UID for USER? +## Change UID for USER? if [ -n "${USER_UID}" ] && [ "${USER_UID}" != "`id -u ${USER}`" ]; then sed -i -e "s/^${USER}:\([^:]*\):[0-9]*:\([0-9]*\)/${USER}:\1:${USER_UID}:\2/" /etc/passwd fi @@ -37,5 +37,5 @@ done if [ $# -gt 0 ]; then exec "$@" else - exec /usr/bin/s6-svscan /etc/s6 + exec /bin/s6-svscan /etc/s6 fi diff --git a/docker/root/usr/local/bin/gitea b/docker/root/usr/local/bin/gitea index 3f78d65abd..24d3f91eb1 100644 --- a/docker/root/usr/local/bin/gitea +++ b/docker/root/usr/local/bin/gitea @@ -8,7 +8,7 @@ # # And place the original in /usr/lib/gitea with working files in /data/gitea GITEA="/app/gitea/gitea" -WORK_DIR="/data/gitea" +WORK_DIR="/app/gitea" CUSTOM_PATH="/data/gitea" # Provide docker defaults diff --git a/docker/rootless/etc/templates/app.ini b/docker/rootless/etc/templates/app.ini index 0057635062..f106f01f5e 100644 --- a/docker/rootless/etc/templates/app.ini +++ b/docker/rootless/etc/templates/app.ini @@ -37,7 +37,7 @@ PROVIDER_CONFIG = $GITEA_WORK_DIR/data/sessions [picture] AVATAR_UPLOAD_PATH = $GITEA_WORK_DIR/data/avatars -REPOSITORY_AVATAR_UPLOAD_PATH = $GITEA_WORK_DIR/data/repo-avatars +REPOSITORY_AVATAR_UPLOAD_PATH = $GITEA_WORK_DIR/data/gitea/repo-avatars [attachment] PATH = $GITEA_WORK_DIR/data/attachments diff --git a/docker/rootless/usr/local/bin/docker-entrypoint.sh b/docker/rootless/usr/local/bin/docker-entrypoint.sh index e5fa41cc78..ca509214bf 100755 --- a/docker/rootless/usr/local/bin/docker-entrypoint.sh +++ b/docker/rootless/usr/local/bin/docker-entrypoint.sh @@ -13,10 +13,5 @@ fi if [ $# -gt 0 ]; then exec "$@" else - # TODO: remove on next major version release - # Honour legacy config file if existing - if [ -f ${GITEA_APP_INI_LEGACY} ]; then - GITEA_APP_INI=${GITEA_APP_INI_LEGACY} - fi exec /usr/local/bin/gitea -c ${GITEA_APP_INI} web fi diff --git a/docker/rootless/usr/local/bin/docker-setup.sh b/docker/rootless/usr/local/bin/docker-setup.sh index 09bbeabc63..b480685863 100755 --- a/docker/rootless/usr/local/bin/docker-setup.sh +++ b/docker/rootless/usr/local/bin/docker-setup.sh @@ -11,18 +11,6 @@ mkdir -p ${GITEA_CUSTOM} && chmod 0700 ${GITEA_CUSTOM} mkdir -p ${GITEA_TEMP} && chmod 0700 ${GITEA_TEMP} if [ ! -w ${GITEA_TEMP} ]; then echo "${GITEA_TEMP} is not writable"; exit 1; fi -# TODO: remove on next major version release -# Honour legacy config file if existing, but inform the user -if [ -f ${GITEA_APP_INI_LEGACY} ] && [ ${GITEA_APP_INI} != ${GITEA_APP_INI_LEGACY} ]; then - GITEA_APP_INI_DEFAULT=/var/lib/gitea/custom/conf/app.ini - echo -e \ - "\033[33mWARNING\033[0m: detected configuration file in deprecated default path ${GITEA_APP_INI_LEGACY}." \ - "The new default is ${GITEA_APP_INI_DEFAULT}. To remove this warning, choose one of the options:\n" \ - "* Move ${GITEA_APP_INI_LEGACY} to ${GITEA_APP_INI_DEFAULT} (or to \$GITEA_APP_INI if you want to override this variable)\n" \ - "* Explicitly override GITEA_APP_INI=${GITEA_APP_INI_LEGACY} in the container environment" - GITEA_APP_INI=${GITEA_APP_INI_LEGACY} -fi - #Prepare config file if [ ! -f ${GITEA_APP_INI} ]; then diff --git a/docs/.gitignore b/docs/.gitignore new file mode 100644 index 0000000000..271adbb1da --- /dev/null +++ b/docs/.gitignore @@ -0,0 +1,7 @@ +public/ +templates/swagger/v1_json.tmpl +themes/ +resources/ + +# Temporary lock file while building +/.hugo_build.lock diff --git a/docs/LICENSE b/docs/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/docs/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 0000000000..68afe03e75 --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,34 @@ +THEME := themes/gitea +PUBLIC := public +ARCHIVE := https://dl.gitea.io/theme/master.tar.gz + +.PHONY: all +all: build + +.PHONY: clean +clean: + rm -rf $(PUBLIC) $(THEME) + +.PHONY: trans-copy +trans-copy: + @bash scripts/trans-copy + +.PHONY: server +server: $(THEME) + hugo server + +.PHONY: build +build: $(THEME) + hugo --cleanDestinationDir + +.PHONY: build-offline +build-offline: $(THEME) + hugo --baseURL="/" --cleanDestinationDir + +.PHONY: update +update: $(THEME) + +$(THEME): $(THEME)/theme.toml +$(THEME)/theme.toml: + mkdir -p $$(dirname $@) + curl -L -s $(ARCHIVE) | tar xz -C $$(dirname $@) diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000000..32f8c1d204 --- /dev/null +++ b/docs/README.md @@ -0,0 +1,51 @@ +# Gitea: Docs + +[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea) +[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com") + +## Hosting + +These pages are hosted using [netlifycms](https://www.netlifycms.org/) and get +automatically updated on every push to the `master` branch. + +## Install + +These pages use the [Hugo](https://gohugo.io/) static site generator. +If you are planning to contribute you'll want to download and install Hugo on +your local machine. + +The installation of Hugo is out of the scope of this document, so please take +the [official install instructions](https://gohugo.io/overview/installing/) to +get Hugo up and running. + +## Development + +To generate the website and serve it on [localhost:1313](http://localhost:1313) +just execute this command and stop it with `Ctrl+C`: + +``` +make server +``` + +When you are done with your changes just create a pull request, after merging +the pull request the website will be updated automatically. + +## Contributing + +Fork -> Patch -> Push -> Pull Request + +## Authors + +* [Maintainers](https://github.com/orgs/go-gitea/people) +* [Contributors](https://github.com/go-gitea/docs/graphs/contributors) + +## License + +This project is under the Apache-2.0 License. See the [LICENSE](LICENSE) file +for the full license text. + +## Copyright + +``` +Copyright (c) 2016 The Gitea Authors +``` diff --git a/docs/README_ZH.md b/docs/README_ZH.md new file mode 100644 index 0000000000..407f4cf155 --- /dev/null +++ b/docs/README_ZH.md @@ -0,0 +1,42 @@ +# Gitea: 文攣 + +[![Build Status](http://drone.gitea.io/api/badges/go-gitea/docs/status.svg)](http://drone.gitea.io/go-gitea/docs) +[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea) +[![](https://images.microbadger.com/badges/image/gitea/docs.svg)](http://microbadger.com/images/gitea/docs "Get your own image badge on microbadger.com") + +## å…³äŗŽę‰˜ē®”ę–¹å¼ + +ęœ¬é”µé¢ę‰˜ē®”åœØęˆ‘ä»¬ Docker å®¹å™Øå†…ēš„åŸŗē”€č®¾ę–½äøŠļ¼Œ å®ƒä¼šåœØęÆę¬”ęŽØé€åˆ° `master` åˆ†ę”Æēš„ę—¶å€™č‡ŖåŠØę›“ę–°ļ¼Œå¦‚ęžœä½ ęƒ³č‡Ŗå·±ē®”ē†čæ™äøŖé”µé¢ļ¼Œä½ åÆä»„ä»Žęˆ‘ä»¬ēš„ Docker 镜像 [gitea/docs](https://hub.docker.com/r/gitea/docs/) äø­čŽ·å–å®ƒć€‚ + +## 安装 Hugo + +ęœ¬é”µé¢ä½æē”Øäŗ† [Hugo](https://github.com/spf13/hugo) é™ę€é”µé¢ē”Ÿęˆå·„å…·ļ¼Œå¦‚ęžœę‚Øęœ‰ē»“ęŠ¤å®ƒēš„ę„ę„æļ¼Œåˆ™éœ€č¦åœØęœ¬åœ°č®”ē®—ęœŗäøŠäø‹č½½å¹¶å®‰č£… Hugo怂Hugo ēš„å®‰č£…ę•™ēØ‹äøåœØęœ¬ę–‡ę”£ēš„č®²čæ°čŒƒå›“ä¹‹å†…ļ¼ŒčÆ¦ęƒ…čÆ·å‚č§ [å®˜ę–¹ę–‡ę”£](https://gohugo.io/overview/installing/)怂 + +## å¦‚ä½•éƒØē½² + +在 [localhost:1313](http://localhost:1313) å¤„ęž„å»ŗå’Œčæč”Œē½‘ē«™ēš„å‘½ä»¤å¦‚äø‹ļ¼Œå¦‚ęžœéœ€č¦åœę­¢åÆä»„ä½æē”Øē»„åˆé”® `Ctrl+C`: + +``` +make server +``` + +å®Œęˆę›“ę”¹åŽļ¼ŒåŖéœ€åˆ›å»ŗäø€äøŖ Pull Request (PR),评 PR äø€ē»åˆå¹¶ē½‘ē«™å°†č‡ŖåŠØę›“ę–°ć€‚ + +## å¦‚ä½•č“”ēŒ®ę‚Øēš„ä»£ē  + +Fork -> Patch -> Push -> Pull Request + +## å…³äŗŽęˆ‘ä»¬ + +* [ē»“ęŠ¤č€…äæ”ęÆ](https://github.com/orgs/go-gitea/people) +* [ä»£ē č“”ēŒ®č€…äæ”ęÆ](https://github.com/go-gitea/docs/graphs/contributors) + +## č®øåÆčÆ + +此锹目采用 Apache-2.0 č®øåÆåč®®ļ¼ŒčÆ·å‚č§ [åč®®ę–‡ä»¶](LICENSE) čŽ·å–ę›“å¤šäæ”ęÆć€‚ + +## ē‰ˆęƒå£°ę˜Ž + +``` +Copyright (c) 2016 The Gitea Authors +``` diff --git a/docs/assets/js/search.js b/docs/assets/js/search.js new file mode 100644 index 0000000000..315a5ebd91 --- /dev/null +++ b/docs/assets/js/search.js @@ -0,0 +1,174 @@ +/* global Fuse, Mark */ + +function ready(fn) { + if (document.readyState !== 'loading') { + fn(); + } else { + document.addEventListener('DOMContentLoaded', fn); + } +} + +ready(doSearch); + +const summaryInclude = 60; +const fuseOptions = { + shouldSort: true, + includeMatches: true, + matchAllTokens: true, + threshold: 0, // for parsing diacritics + tokenize: true, + location: 0, + distance: 100, + maxPatternLength: 32, + minMatchCharLength: 1, + keys: [{ + name: 'title', + weight: 0.8 + }, + { + name: 'contents', + weight: 0.5 + }, + { + name: 'tags', + weight: 0.3 + }, + { + name: 'categories', + weight: 0.3 + } + ] +}; + +function param(name) { + return decodeURIComponent((window.location.search.split(`${name}=`)[1] || '').split('&')[0]).replace(/\+/g, ' '); +} + +const searchQuery = param('s'); + +function doSearch() { + if (searchQuery) { + document.getElementById('search-query').value = searchQuery; + executeSearch(searchQuery); + } else { + const para = document.createElement('P'); + para.textContent = 'Please enter a word or phrase above'; + document.getElementById('search-results').appendChild(para); + } +} + +function getJSON(url, fn) { + const request = new XMLHttpRequest(); + request.open('GET', url, true); + request.addEventListener('load', () => { + if (request.status >= 200 && request.status < 400) { + const data = JSON.parse(request.responseText); + fn(data); + } else { + console.error(`Target reached on ${url} with error ${request.status}`); + } + }); + request.addEventListener('error', () => { + console.error(`Connection error ${request.status}`); + }); + request.send(); +} + +function executeSearch(searchQuery) { + getJSON(`/${document.LANG}/index.json`, (data) => { + const pages = data; + const fuse = new Fuse(pages, fuseOptions); + const result = fuse.search(searchQuery); + document.getElementById('search-results').innerHTML = ''; + if (result.length > 0) { + populateResults(result); + } else { + const para = document.createElement('P'); + para.textContent = 'No matches found'; + document.getElementById('search-results').appendChild(para); + } + }); +} + +function populateResults(result) { + for (const [key, value] of result.entries()) { + const content = value.item.contents; + let snippet = ''; + const snippetHighlights = []; + if (fuseOptions.tokenize) { + snippetHighlights.push(searchQuery); + for (const mvalue of value.matches) { + if (mvalue.key === 'tags' || mvalue.key === 'categories') { + snippetHighlights.push(mvalue.value); + } else if (mvalue.key === 'contents') { + const ind = content.toLowerCase().indexOf(searchQuery.toLowerCase()); + const start = ind - summaryInclude > 0 ? ind - summaryInclude : 0; + const end = ind + searchQuery.length + summaryInclude < content.length ? ind + searchQuery.length + summaryInclude : content.length; + snippet += content.substring(start, end); + if (ind > -1) { + snippetHighlights.push(content.substring(ind, ind + searchQuery.length)); + } else { + snippetHighlights.push(mvalue.value.substring(mvalue.indices[0][0], mvalue.indices[0][1] - mvalue.indices[0][0] + 1)); + } + } + } + } + + if (snippet.length < 1) { + snippet += content.substring(0, summaryInclude * 2); + } + // pull template from hugo template definition + const templateDefinition = document.getElementById('search-result-template').innerHTML; + // replace values + const output = render(templateDefinition, { + key, + title: value.item.title, + link: value.item.permalink, + tags: value.item.tags, + categories: value.item.categories, + snippet + }); + document.getElementById('search-results').appendChild(htmlToElement(output)); + + for (const snipvalue of snippetHighlights) { + new Mark(document.getElementById(`summary-${key}`)).mark(snipvalue); + } + } +} + +function render(templateString, data) { + let conditionalMatches, copy; + const conditionalPattern = /\$\{\s*isset ([a-zA-Z]*) \s*\}(.*)\$\{\s*end\s*}/g; + // since loop below depends on re.lastInxdex, we use a copy to capture any manipulations whilst inside the loop + copy = templateString; + while ((conditionalMatches = conditionalPattern.exec(templateString)) !== null) { + if (data[conditionalMatches[1]]) { + // valid key, remove conditionals, leave content. + copy = copy.replace(conditionalMatches[0], conditionalMatches[2]); + } else { + // not valid, remove entire section + copy = copy.replace(conditionalMatches[0], ''); + } + } + templateString = copy; + // now any conditionals removed we can do simple substitution + let key, find, re; + for (key of Object.keys(data)) { + find = `\\$\\{\\s*${key}\\s*\\}`; + re = new RegExp(find, 'g'); + templateString = templateString.replace(re, data[key]); + } + return templateString; +} + +/** + * By Mark Amery: https://stackoverflow.com/a/35385518 + * @param {String} HTML representing a single element + * @return {Element} + */ +function htmlToElement(html) { + const template = document.createElement('template'); + html = html.trim(); // Never return a text node of whitespace as the result + template.innerHTML = html; + return template.content.firstChild; +} diff --git a/docs/config.yaml b/docs/config.yaml new file mode 100644 index 0000000000..66bd379c0c --- /dev/null +++ b/docs/config.yaml @@ -0,0 +1,362 @@ +baseurl: https://docs.gitea.io/ +languageCode: en-us +title: Docs +theme: gitea + +defaultContentLanguage: en-us +defaultContentLanguageInSubdir: true +enableMissingTranslationPlaceholders: true +enableEmoji: true + +permalinks: + post: /:year/:month/:title/ + doc: /:slug/ + page: /:slug/ + default: /:slug/ + +params: + description: Git with a cup of tea + author: The Gitea Authors + website: https://docs.gitea.io + version: 1.17.3 + minGoVersion: 1.18 + goVersion: 1.19 + minNodeVersion: 14 + search: nav + +outputs: + home: + - HTML + - RSS + - JSON + +menu: + page: + - name: Website + url: https://gitea.io/en-us/ + weight: 10 + pre: home + - name: Docs + url: /en-us/ + weight: 20 + pre: question + post: active + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: Blog + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: Shop + url: https://shop.gitea.io/ + weight: 40 + pre: shopping-cart + - name: Translation + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: Downloads + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord Chat + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group + +languages: + en-us: + weight: 0 + languageName: English + + zh-cn: + weight: 1 + languageName: äø­ę–‡(简体) + menu: + page: + - name: 网站 + url: https://gitea.io/zh-cn/ + weight: 10 + pre: home + - name: 文攣 + url: /zh-cn/ + weight: 20 + pre: question + post: active + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: 博客 + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: 导兄 + url: https://code.gitea.io/ + weight: 40 + pre: code + - name: 翻译 + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: äø‹č½½ + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord Chat + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group + + zh-tw: + weight: 2 + languageName: äø­ę–‡(繁體) + menu: + page: + - name: 網站 + url: https://gitea.io/zh-tw/ + weight: 10 + pre: home + - name: ꖇ件 + url: /zh-tw/ + weight: 20 + pre: question + post: active + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: 部落格 + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: 商店 + url: https://shop.gitea.io/ + weight: 40 + pre: shopping-cart + - name: 翻譯 + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: 下載 + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord 聊天室 + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: čØŽč«–å€ + url: https://discourse.gitea.io/ + weight: 80 + pre: group + + pt-br: + weight: 3 + languageName: PortuguĆŖs Brasileiro + menu: + page: + - name: PĆ”gina inicial + url: https://gitea.io/pt-br/ + weight: 10 + pre: home + - name: Documentação + url: /pt-br/ + weight: 20 + pre: question + post: active + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: Blog + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: Código-fonte + url: https://code.gitea.io/ + weight: 40 + pre: code + - name: Translation + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: Downloads + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Chat no Discord + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group + + nl-nl: + weight: 4 + languageName: Nederlands + menu: + page: + - name: Website + url: https://gitea.io/nl-nl/ + weight: 10 + pre: home + - name: Docs + url: /nl-nl/ + weight: 20 + pre: question + post: active + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: Blog + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: Code + url: https://code.gitea.io/ + weight: 40 + pre: code + - name: Translation + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: Downloads + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord Chat + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group + + fr-fr: + weight: 5 + languageName: FranƧais + menu: + page: + - name: Site + url: https://gitea.io/en-us/ + weight: 10 + pre: home + post: active + - name: Documentation + url: /fr-fr/ + weight: 20 + pre: question + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: Blog + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: Code + url: https://code.gitea.io/ + weight: 40 + pre: code + - name: Translation + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: TĆ©lĆ©chargement + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord Chat + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group + + de-de: + weight: 6 + languageName: Deutsch + menu: + page: + - name: Webseite + url: https://gitea.io/en-us/ + weight: 10 + pre: home + post: active + - name: Dokumentation + url: /de-de/ + weight: 20 + pre: question + - name: API + url: https://try.gitea.io/api/swagger + weight: 45 + pre: plug + - name: Blog + url: https://blog.gitea.io/ + weight: 30 + pre: rss + - name: Code + url: https://code.gitea.io/ + weight: 40 + pre: code + - name: Übersetzung + url: https://crowdin.com/project/gitea + weight: 41 + pre: language + - name: Downloads + url: https://dl.gitea.io/ + weight: 50 + pre: download + - name: GitHub + url: https://github.com/go-gitea/ + weight: 60 + pre: github + - name: Discord Chat + url: https://discord.gg/Gitea + weight: 70 + pre: comment + - name: Forum + url: https://discourse.gitea.io/ + weight: 80 + pre: group diff --git a/docs/content/doc/advanced.en-us.md b/docs/content/doc/advanced.en-us.md new file mode 100644 index 0000000000..de2bfeed6f --- /dev/null +++ b/docs/content/doc/advanced.en-us.md @@ -0,0 +1,13 @@ +--- +date: "2016-12-01T16:00:00+02:00" +title: "Advanced" +slug: "advanced" +weight: 30 +toc: false +draft: false +menu: + sidebar: + name: "Advanced" + weight: 40 + identifier: "advanced" +--- diff --git a/docs/content/doc/advanced.fr-fr.md b/docs/content/doc/advanced.fr-fr.md new file mode 100644 index 0000000000..04734a8f81 --- /dev/null +++ b/docs/content/doc/advanced.fr-fr.md @@ -0,0 +1,13 @@ +--- +date: "2017-08-23T09:00:00+02:00" +title: "AvancĆ©" +slug: "advanced" +weight: 30 +toc: false +draft: false +menu: + sidebar: + name: "AvancĆ©" + weight: 40 + identifier: "advanced" +--- diff --git a/docs/content/doc/advanced.zh-cn.md b/docs/content/doc/advanced.zh-cn.md new file mode 100644 index 0000000000..1f7ebf81e7 --- /dev/null +++ b/docs/content/doc/advanced.zh-cn.md @@ -0,0 +1,13 @@ +--- +date: "2016-12-01T16:00:00+02:00" +title: "čæ›é˜¶" +slug: "advanced" +weight: 30 +toc: false +draft: false +menu: + sidebar: + name: "čæ›é˜¶" + weight: 40 + identifier: "advanced" +--- diff --git a/docs/content/doc/advanced.zh-tw.md b/docs/content/doc/advanced.zh-tw.md new file mode 100644 index 0000000000..ebfe519780 --- /dev/null +++ b/docs/content/doc/advanced.zh-tw.md @@ -0,0 +1,13 @@ +--- +date: "2016-12-01T16:00:00+02:00" +title: "進階" +slug: "advanced" +weight: 30 +toc: false +draft: false +menu: + sidebar: + name: "進階" + weight: 40 + identifier: "advanced" +--- diff --git a/docs/content/doc/advanced/adding-legal-pages.en-us.md b/docs/content/doc/advanced/adding-legal-pages.en-us.md new file mode 100644 index 0000000000..5816fdbf3f --- /dev/null +++ b/docs/content/doc/advanced/adding-legal-pages.en-us.md @@ -0,0 +1,38 @@ +--- +date: "2019-12-28" +title: "Adding Legal Pages" +slug: adding-legal-pages +weight: 9 +toc: false +draft: false +menu: + sidebar: + parent: "advanced" + name: "Adding Legal Pages" + identifier: "adding-legal-pages" + weight: 9 +--- + +Some jurisdictions (such as EU), requires certain legal pages (e.g. Privacy Policy) to be added to website. Follow these steps to add them to your Gitea instance. + +## Getting Pages + +Gitea source code ships with sample pages, available in `contrib/legal` directory. Copy them to `custom/public/`. For example, to add Privacy Policy: + +``` +wget -O /path/to/custom/public/privacy.html https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/legal/privacy.html.sample +``` + +Now you need to edit the page to meet your requirements. In particular you must change the email addresses, web addresses and references to "Your Gitea Instance" to match your situation. + +You absolutely must not place a general ToS or privacy statement that implies that the Gitea project is responsible for your server. + +## Make it Visible + +Create or append to `/path/to/custom/templates/custom/extra_links_footer.tmpl`: + +```go +Privacy Policy +``` + +Restart Gitea to see the changes. diff --git a/docs/content/doc/advanced/clone-filter.en-us.md b/docs/content/doc/advanced/clone-filter.en-us.md new file mode 100644 index 0000000000..58675d2e94 --- /dev/null +++ b/docs/content/doc/advanced/clone-filter.en-us.md @@ -0,0 +1,37 @@ +--- +date: "2021-02-02" +title: "Clone filters (partial clone)" +slug: "clone-filters" +weight: 25 +draft: false +toc: false +menu: + sidebar: + parent: "advanced" + name: "Clone filters" + weight: 25 + identifier: "clone-filters" +--- + +# Clone filters (partial clone) + +Git introduces `--filter` option to `git clone` command, which filters out +large files and objects (such as blobs) to create partial clone of a repo. +Clone filters are especially useful for large repo and/or metered connection, +where full clone (without `--filter`) can be expensive (as all history data +must be downloaded). + +This requires Git version 2.22 or later, both on the Gitea server and on the +client. For clone filters to work properly, make sure that Git version +on the client is at least the same as on the server (or later). Login to +Gitea server as admin and head to Site Administration -> Configuration to +see Git version of the server. + +By default, clone filters are enabled, unless `DISABLE_PARTIAL_CLONE` under +`[git]` is set to `true`. + +See [GitHub blog post: Get up to speed with partial clone](https://github.blog/2020-12-21-get-up-to-speed-with-partial-clone-and-shallow-clone/) +for common use cases of clone filters (blobless and treeless clones), and +[GitLab docs for partial clone](https://docs.gitlab.com/ee/topics/git/partial_clone.html) +for more advanced use cases (such as filter by file size and remove +filters to turn partial clone into full clone). diff --git a/docs/content/doc/advanced/cmd-embedded.en-us.md b/docs/content/doc/advanced/cmd-embedded.en-us.md new file mode 100644 index 0000000000..63ab83bd36 --- /dev/null +++ b/docs/content/doc/advanced/cmd-embedded.en-us.md @@ -0,0 +1,121 @@ +--- +date: "2020-01-25T21:00:00-03:00" +title: "Embedded data extraction tool" +slug: "cmd-embedded" +weight: 40 +toc: false +draft: false +menu: + sidebar: + parent: "advanced" + name: "Embedded data extraction tool" + weight: 40 + identifier: "cmd-embedded" +--- + +# Embedded data extraction tool + +**Table of Contents** + +{{< toc >}} + +Gitea's executable contains all the resources required to run: templates, images, style-sheets +and translations. Any of them can be overridden by placing a replacement in a matching path +inside the `custom` directory (see [Customizing Gitea]({{< relref "doc/advanced/customizing-gitea.en-us.md" >}})). + +To obtain a copy of the embedded resources ready for editing, the `embedded` command from the CLI +can be used from the OS shell interface. + +**NOTE:** The embedded data extraction tool is included in Gitea versions 1.12 and above. + +## Listing resources + +To list resources embedded in Gitea's executable, use the following syntax: + +```sh +gitea embedded list [--include-vendored] [patterns...] +``` + +The `--include-vendored` flag makes the command include vendored files, which are +normally excluded; that is, files from external libraries that are required for Gitea +(e.g. [font-awesome](https://fontawesome.com/), [octicons](https://octicons.github.com/), etc). + +A list of file search patterns can be provided. Gitea uses [gobwas/glob](https://github.com/gobwas/glob) +for its glob syntax. Here are some examples: + +- List all template files, in any virtual directory: `**.tmpl` +- List all mail template files: `templates/mail/**.tmpl` +- List all files inside `public/img`: `public/img/**` + +Don't forget to use quotes for the patterns, as spaces, `*` and other characters might have +a special meaning for your command shell. + +If no pattern is provided, all files are listed. + +### Example + +Listing all embedded files with `openid` in their path: + +```sh +$ gitea embedded list '**openid**' +public/img/auth/openid_connect.svg +public/img/openid-16x16.png +templates/user/auth/finalize_openid.tmpl +templates/user/auth/signin_openid.tmpl +templates/user/auth/signup_openid_connect.tmpl +templates/user/auth/signup_openid_navbar.tmpl +templates/user/auth/signup_openid_register.tmpl +templates/user/settings/security_openid.tmpl +``` + +## Extracting resources + +To extract resources embedded in Gitea's executable, use the following syntax: + +```sh +gitea [--config {file}] embedded extract [--destination {dir}|--custom] [--overwrite|--rename] [--include-vendored] {patterns...} +``` + +The `--config` option tells Gitea the location of the `app.ini` configuration file if +it's not in its default location. This option is only used with the `--custom` flag. + +The `--destination` option tells Gitea the directory where the files must be extracted to. +The default is the current directory. + +The `--custom` flag tells Gitea to extract the files directly into the `custom` directory. +For this to work, the command needs to know the location of the `app.ini` configuration +file (`--config`) and, depending of the configuration, be ran from the directory where +Gitea normally starts. See [Customizing Gitea]({{< relref "doc/advanced/customizing-gitea.en-us.md" >}}) for details. + +The `--overwrite` flag allows any existing files in the destination directory to be overwritten. + +The `--rename` flag tells Gitea to rename any existing files in the destination directory +as `filename.bak`. Previous `.bak` files are overwritten. + +At least one file search pattern must be provided; see `list` subcomand above for pattern +syntax and examples. + +### Important notice + +Make sure to **only extract those files that require customization**. Files that +are present in the `custom` directory are not upgraded by Gitea's upgrade process. +When Gitea is upgraded to a new version (by replacing the executable), many of the +embedded files will suffer changes. Gitea will honor and use any files found +in the `custom` directory, even if they are old and incompatible. + +### Example + +Extracting mail templates to a temporary directory: + +```sh +$ mkdir tempdir +$ gitea embedded extract --destination tempdir 'templates/mail/**.tmpl' +Extracting to tempdir: +tempdir/templates/mail/auth/activate.tmpl +tempdir/templates/mail/auth/activate_email.tmpl +tempdir/templates/mail/auth/register_notify.tmpl +tempdir/templates/mail/auth/reset_passwd.tmpl +tempdir/templates/mail/issue/assigned.tmpl +tempdir/templates/mail/issue/default.tmpl +tempdir/templates/mail/notify/collaborator.tmpl +``` diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md new file mode 100644 index 0000000000..03e6566b6f --- /dev/null +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -0,0 +1,1251 @@ +--- +date: "2016-12-26T16:00:00+02:00" +title: "Config Cheat Sheet" +slug: "config-cheat-sheet" +weight: 20 +toc: false +draft: false +menu: + sidebar: + parent: "advanced" + name: "Config Cheat Sheet" + weight: 20 + identifier: "config-cheat-sheet" +--- + +# Configuration Cheat Sheet + +This is a cheat sheet for the Gitea configuration file. It contains most of the settings +that can be configured as well as their default values. + +Any changes to the Gitea configuration file should be made in `custom/conf/app.ini` +or any corresponding location. When installing from a distribution, this will +typically be found at `/etc/gitea/conf/app.ini`. + +The defaults provided here are best-effort (not built automatically). They are +accurately recorded in [app.example.ini](https://github.com/go-gitea/gitea/blob/main/custom/conf/app.example.ini) +(s/main/\). Any string in the format `%(X)s` is a feature powered +by [ini](https://github.com/go-ini/ini/#recursive-values), for reading values recursively. + +Values containing `#` or `;` must be quoted using `` ` `` or `"""`. + +**Note:** A full restart is required for Gitea configuration changes to take effect. + +{{< toc >}} + +## Overall (`DEFAULT`) + +- `APP_NAME`: **Gitea: Git with a cup of tea**: Application name, used in the page title. +- `RUN_USER`: **git**: The user Gitea will run as. This should be a dedicated system + (non-user) account. Setting this incorrectly will cause Gitea to not start. +- `RUN_MODE`: **prod**: Application run mode, affects performance and debugging. Either "dev", "prod" or "test". + +## Repository (`repository`) + +- `ROOT`: **%(APP_DATA_PATH)/gitea-repositories**: Root path for storing all repository data. + A relative path is interpreted as **%(GITEA_WORK_DIR)/%(ROOT)**. +- `SCRIPT_TYPE`: **bash**: The script type this server supports. Usually this is `bash`, + but some users report that only `sh` is available. +- `DETECTED_CHARSETS_ORDER`: **UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, UTF-32LE, ISO-8859, windows-1252, ISO-8859, windows-1250, ISO-8859, ISO-8859, ISO-8859, windows-1253, ISO-8859, windows-1255, ISO-8859, windows-1251, windows-1256, KOI8-R, ISO-8859, windows-1254, Shift_JIS, GB18030, EUC-JP, EUC-KR, Big5, ISO-2022, ISO-2022, ISO-2022, IBM424_rtl, IBM424_ltr, IBM420_rtl, IBM420_ltr**: Tie-break order of detected charsets - if the detected charsets have equal confidence, charsets earlier in the list will be chosen in preference to those later. Adding `defaults` will place the unnamed charsets at that point. +- `ANSI_CHARSET`: **\**: Default ANSI charset to override non-UTF-8 charsets to. +- `FORCE_PRIVATE`: **false**: Force every new repository to be private. +- `DEFAULT_PRIVATE`: **last**: Default private when creating a new repository. + \[last, private, public\] +- `DEFAULT_PUSH_CREATE_PRIVATE`: **true**: Default private when creating a new repository with push-to-create. +- `MAX_CREATION_LIMIT`: **-1**: Global maximum creation limit of repositories per user, + `-1` means no limit. +- `PULL_REQUEST_QUEUE_LENGTH`: **1000**: Length of pull request patch test queue, make it. **DEPRECATED** use `LENGTH` in `[queue.pr_patch_checker]`. + as large as possible. Use caution when editing this value. +- `MIRROR_QUEUE_LENGTH`: **1000**: Patch test queue length, increase if pull request patch + testing starts hanging. **DEPRECATED** use `LENGTH` in `[queue.mirror]`. +- `PREFERRED_LICENSES`: **Apache License 2.0,MIT License**: Preferred Licenses to place at + the top of the list. Name must match file name in options/license or custom/options/license. +- `DISABLE_HTTP_GIT`: **false**: Disable the ability to interact with repositories over the + HTTP protocol. +- `USE_COMPAT_SSH_URI`: **false**: Force ssh:// clone url instead of scp-style uri when + default SSH port is used. +- `ACCESS_CONTROL_ALLOW_ORIGIN`: **\**: Value for Access-Control-Allow-Origin header, + default is not to present. **WARNING**: This maybe harmful to you website if you do not + give it a right value. +- `DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH`: **false**: Close an issue if a commit on a non default branch marks it as closed. +- `ENABLE_PUSH_CREATE_USER`: **false**: Allow users to push local repositories to Gitea and have them automatically created for a user. +- `ENABLE_PUSH_CREATE_ORG`: **false**: Allow users to push local repositories to Gitea and have them automatically created for an org. +- `DISABLED_REPO_UNITS`: **_empty_**: Comma separated list of globally disabled repo units. Allowed values: \[repo.issues, repo.ext_issues, repo.pulls, repo.wiki, repo.ext_wiki, repo.projects\] +- `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects**: Comma separated list of default repo units. Allowed values: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects\]. Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. External wiki and issue tracker can't be enabled by default as it requires additional settings. Disabled repo units will not be added to new repositories regardless if it is in the default list. +- `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository. +- `DISABLE_MIGRATIONS`: **false**: Disable migrating feature. +- `DISABLE_STARS`: **false**: Disable stars feature. +- `DEFAULT_BRANCH`: **main**: Default branch name of all repositories. +- `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories +- `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories +- `DISABLE_DOWNLOAD_SOURCE_ARCHIVES`: **false**: Don't allow download source archive files from UI + +### Repository - Editor (`repository.editor`) + +- `LINE_WRAP_EXTENSIONS`: **.txt,.md,.markdown,.mdown,.mkd,**: List of file extensions for which lines should be wrapped in the Monaco editor. Separate extensions with a comma. To line wrap files without an extension, just put a comma +- `PREVIEWABLE_FILE_MODES`: **markdown**: Valid file modes that have a preview API associated with them, such as `api/v1/markdown`. Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match. + +### Repository - Pull Request (`repository.pull-request`) + +- `WORK_IN_PROGRESS_PREFIXES`: **WIP:,\[WIP\]**: List of prefixes used in Pull Request + title to mark them as Work In Progress. These are matched in a case-insensitive manner. +- `CLOSE_KEYWORDS`: **close**, **closes**, **closed**, **fix**, **fixes**, **fixed**, **resolve**, **resolves**, **resolved**: List of + keywords used in Pull Request comments to automatically close a related issue +- `REOPEN_KEYWORDS`: **reopen**, **reopens**, **reopened**: List of keywords used in Pull Request comments to automatically reopen + a related issue +- `DEFAULT_MERGE_STYLE`: **merge**: Set default merge style for repository creating, valid options: `merge`, `rebase`, `rebase-merge`, `squash` +- `DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT`: **50**: In the default merge message for squash commits include at most this many commits. Set to `-1` to include all commits +- `DEFAULT_MERGE_MESSAGE_SIZE`: **5120**: In the default merge message for squash commits limit the size of the commit messages. Set to `-1` to have no limit. Only used if `POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES` is `true`. +- `DEFAULT_MERGE_MESSAGE_ALL_AUTHORS`: **false**: In the default merge message for squash commits walk all commits to include all authors in the Co-authored-by otherwise just use those in the limited list +- `DEFAULT_MERGE_MESSAGE_MAX_APPROVERS`: **10**: In default merge messages limit the number of approvers listed as `Reviewed-by:`. Set to `-1` to include all. +- `DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY`: **true**: In default merge messages only include approvers who are officially allowed to review. +- `POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES`: **false**: In default squash-merge messages include the commit message of all commits comprising the pull request. +- `ADD_CO_COMMITTER_TRAILERS`: **true**: Add co-authored-by and co-committed-by trailers to merge commit messages if committer does not match author. +- `TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY`: **true**: PR patches are tested using a three-way merge method to discover if there are conflicts. If this setting is set to **true**, conflicting patches will be retested using `git apply` - This was the previous behaviour in 1.18 (and earlier) but is somewhat inefficient. Please report if you find that this setting is required. + +### Repository - Issue (`repository.issue`) + +- `LOCK_REASONS`: **Too heated,Off-topic,Resolved,Spam**: A list of reasons why a Pull Request or Issue can be locked + +### Repository - Upload (`repository.upload`) + +- `ENABLED`: **true**: Whether repository file uploads are enabled +- `TEMP_PATH`: **data/tmp/uploads**: Path for uploads (content gets deleted on Gitea restart) +- `ALLOWED_TYPES`: **\**: Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types. +- `FILE_MAX_SIZE`: **3**: Max size of each file in megabytes. +- `MAX_FILES`: **5**: Max number of files per upload + +### Repository - Release (`repository.release`) + +- `ALLOWED_TYPES`: **\**: Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types. +- `DEFAULT_PAGING_NUM`: **10**: The default paging number of releases user interface +- For settings related to file attachments on releases, see the `attachment` section. + +### Repository - Signing (`repository.signing`) + +- `SIGNING_KEY`: **default**: \[none, KEYID, default \]: Key to sign with. +- `SIGNING_NAME` & `SIGNING_EMAIL`: if a KEYID is provided as the `SIGNING_KEY`, use these as the Name and Email address of the signer. These should match publicized name and email address for the key. +- `INITIAL_COMMIT`: **always**: \[never, pubkey, twofa, always\]: Sign initial commit. + - `never`: Never sign + - `pubkey`: Only sign if the user has a public key + - `twofa`: Only sign if the user is logged in with twofa + - `always`: Always sign + - Options other than `never` and `always` can be combined as a comma separated list. +- `DEFAULT_TRUST_MODEL`: **collaborator**: \[collaborator, committer, collaboratorcommitter\]: The default trust model used for verifying commits. + - `collaborator`: Trust signatures signed by keys of collaborators. + - `committer`: Trust signatures that match committers (This matches GitHub and will force Gitea signed commits to have Gitea as the committer). + - `collaboratorcommitter`: Trust signatures signed by keys of collaborators which match the committer. +- `WIKI`: **never**: \[never, pubkey, twofa, always, parentsigned\]: Sign commits to wiki. +- `CRUD_ACTIONS`: **pubkey, twofa, parentsigned**: \[never, pubkey, twofa, parentsigned, always\]: Sign CRUD actions. + - Options as above, with the addition of: + - `parentsigned`: Only sign if the parent commit is signed. +- `MERGES`: **pubkey, twofa, basesigned, commitssigned**: \[never, pubkey, twofa, approved, basesigned, commitssigned, always\]: Sign merges. + - `approved`: Only sign approved merges to a protected branch. + - `basesigned`: Only sign if the parent commit in the base repo is signed. + - `headsigned`: Only sign if the head commit in the head branch is signed. + - `commitssigned`: Only sign if all the commits in the head branch to the merge point are signed. + +## Repository - Local (`repository.local`) + +- `LOCAL_COPY_PATH`: **tmp/local-repo**: Path for temporary local repository copies. Defaults to `tmp/local-repo` (content gets deleted on Gitea restart) + +## Repository - MIME type mapping (`repository.mimetype_mapping`) + +Configuration for set the expected MIME type based on file extensions of downloadable files. Configuration presents in key-value pairs and file extensions starts with leading `.`. + +The following configuration set `Content-Type: application/vnd.android.package-archive` header when downloading files with `.apk` file extension. + +```ini +.apk=application/vnd.android.package-archive +``` + +## CORS (`cors`) + +- `ENABLED`: **false**: enable cors headers (disabled by default) +- `SCHEME`: **http**: scheme of allowed requests +- `ALLOW_DOMAIN`: **\***: list of requesting domains that are allowed +- `ALLOW_SUBDOMAIN`: **false**: allow subdomains of headers listed above to request +- `METHODS`: **GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS**: list of methods allowed to request +- `MAX_AGE`: **10m**: max time to cache response +- `ALLOW_CREDENTIALS`: **false**: allow request with credentials +- `X_FRAME_OPTIONS`: **SAMEORIGIN**: Set the `X-Frame-Options` header value. + +## UI (`ui`) + +- `EXPLORE_PAGING_NUM`: **20**: Number of repositories that are shown in one explore page. +- `ISSUE_PAGING_NUM`: **20**: Number of issues that are shown in one page (for all pages that list issues, milestones, projects). +- `MEMBERS_PAGING_NUM`: **20**: Number of members that are shown in organization members. +- `FEED_MAX_COMMIT_NUM`: **5**: Number of maximum commits shown in one activity feed. +- `FEED_PAGING_NUM`: **20**: Number of items that are displayed in home feed. +- `SITEMAP_PAGING_NUM`: **20**: Number of items that are displayed in a single subsitemap. +- `GRAPH_MAX_COMMIT_NUM`: **100**: Number of maximum commits shown in the commit graph. +- `CODE_COMMENT_LINES`: **4**: Number of line of codes shown for a code comment. +- `DEFAULT_THEME`: **auto**: \[auto, gitea, arc-green\]: Set the default theme for the Gitea install. +- `SHOW_USER_EMAIL`: **true**: Whether the email of the user should be shown in the Explore Users page. +- `THEMES`: **auto,gitea,arc-green**: All available themes. Allow users select personalized themes. + regardless of the value of `DEFAULT_THEME`. +- `THEME_COLOR_META_TAG`: **#6cc644**: Value of `theme-color` meta tag, used by Android >= 5.0. An invalid color like "none" or "disable" will have the default style. More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android +- `MAX_DISPLAY_FILE_SIZE`: **8388608**: Max size of files to be displayed (default is 8MiB) +- `REACTIONS`: All available reactions users can choose on issues/prs and comments + Values can be emoji alias (:smile:) or a unicode emoji. + For custom reactions, add a tightly cropped square image to public/img/emoji/reaction_name.png +- `CUSTOM_EMOJIS`: **gitea, codeberg, gitlab, git, github, gogs**: Additional Emojis not defined in the utf8 standard. + By default we support Gitea (:gitea:), to add more copy them to public/img/emoji/emoji_name.png and + add it to this config. +- `DEFAULT_SHOW_FULL_NAME`: **false**: Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used. +- `SEARCH_REPO_DESCRIPTION`: **true**: Whether to search within description at repository search on explore page. +- `USE_SERVICE_WORKER`: **false**: Whether to enable a Service Worker to cache frontend assets. +- `ONLY_SHOW_RELEVANT_REPOS`: **false** Whether to only show relevant repos on the explore page when no keyword is specified and default sorting is used. + A repo is considered irrelevant if it's a fork or if it has no metadata (no description, no icon, no topic). + +### UI - Admin (`ui.admin`) + +- `USER_PAGING_NUM`: **50**: Number of users that are shown in one page. +- `REPO_PAGING_NUM`: **50**: Number of repos that are shown in one page. +- `NOTICE_PAGING_NUM`: **25**: Number of notices that are shown in one page. +- `ORG_PAGING_NUM`: **50**: Number of organizations that are shown in one page. + +### UI - Metadata (`ui.meta`) + +- `AUTHOR`: **Gitea - Git with a cup of tea**: Author meta tag of the homepage. +- `DESCRIPTION`: **Gitea (Git with a cup of tea) is a painless self-hosted Git service written in Go**: Description meta tag of the homepage. +- `KEYWORDS`: **go,git,self-hosted,gitea**: Keywords meta tag of the homepage. + +### UI - Notification (`ui.notification`) + +- `MIN_TIMEOUT`: **10s**: These options control how often notification endpoint is polled to update the notification count. On page load the notification count will be checked after `MIN_TIMEOUT`. The timeout will increase to `MAX_TIMEOUT` by `TIMEOUT_STEP` if the notification count is unchanged. Set MIN_TIMEOUT to -1 to turn off. +- `MAX_TIMEOUT`: **60s**. +- `TIMEOUT_STEP`: **10s**. +- `EVENT_SOURCE_UPDATE_TIME`: **10s**: This setting determines how often the database is queried to update notification counts. If the browser client supports `EventSource` and `SharedWorker`, a `SharedWorker` will be used in preference to polling notification endpoint. Set to **-1** to disable the `EventSource`. + +### UI - SVG Images (`ui.svg`) + +- `ENABLE_RENDER`: **true**: Whether to render SVG files as images. If SVG rendering is disabled, SVG files are displayed as text and cannot be embedded in markdown files as images. + +### UI - CSV Files (`ui.csv`) + +- `MAX_FILE_SIZE`: **524288** (512kb): Maximum allowed file size in bytes to render CSV files as table. (Set to 0 for no limit). + +## Markdown (`markdown`) + +- `ENABLE_HARD_LINE_BREAK_IN_COMMENTS`: **true**: Render soft line breaks as hard line breaks in comments, which + means a single newline character between paragraphs will cause a line break and adding + trailing whitespace to paragraphs is not necessary to force a line break. +- `ENABLE_HARD_LINE_BREAK_IN_DOCUMENTS`: **false**: Render soft line breaks as hard line breaks in documents, which + means a single newline character between paragraphs will cause a line break and adding + trailing whitespace to paragraphs is not necessary to force a line break. +- `CUSTOM_URL_SCHEMES`: Use a comma separated list (ftp,git,svn) to indicate additional + URL hyperlinks to be rendered in Markdown. URLs beginning in http and https are + always displayed +- `ENABLE_MATH`: **true**: Enables detection of `\(...\)`, `\[...\]`, `$...$` and `$$...$$` blocks as math blocks. + +## Server (`server`) + +- `PROTOCOL`: **http**: \[http, https, fcgi, http+unix, fcgi+unix\] +- `USE_PROXY_PROTOCOL`: **false**: Expect PROXY protocol headers on connections +- `PROXY_PROTOCOL_TLS_BRIDGING`: **false**: When protocol is https, expect PROXY protocol headers after TLS negotiation. +- `PROXY_PROTOCOL_HEADER_TIMEOUT`: **5s**: Timeout to wait for PROXY protocol header (set to 0 to have no timeout) +- `PROXY_PROTOCOL_ACCEPT_UNKNOWN`: **false**: Accept PROXY protocol headers with Unknown type. +- `DOMAIN`: **localhost**: Domain name of this server. +- `ROOT_URL`: **%(PROTOCOL)s://%(DOMAIN)s:%(HTTP\_PORT)s/**: + Overwrite the automatically generated public URL. + This is useful if the internal and the external URL don't match (e.g. in Docker). +- `STATIC_URL_PREFIX`: **\**: + Overwrite this option to request static resources from a different URL. + This includes CSS files, images, JS files and web fonts. + Avatar images are dynamic resources and still served by Gitea. + The option can be just a different path, as in `/static`, or another domain, as in `https://cdn.example.com`. + Requests are then made as `%(ROOT_URL)s/static/css/index.css` and `https://cdn.example.com/css/index.css` respective. + The static files are located in the `public/` directory of the Gitea source repository. +- `HTTP_ADDR`: **0.0.0.0**: HTTP listen address. + - If `PROTOCOL` is set to `fcgi`, Gitea will listen for FastCGI requests on TCP socket + defined by `HTTP_ADDR` and `HTTP_PORT` configuration settings. + - If `PROTOCOL` is set to `http+unix` or `fcgi+unix`, this should be the name of the Unix socket file to use. Relative paths will be made absolute against the AppWorkPath. +- `HTTP_PORT`: **3000**: HTTP listen port. + - If `PROTOCOL` is set to `fcgi`, Gitea will listen for FastCGI requests on TCP socket + defined by `HTTP_ADDR` and `HTTP_PORT` configuration settings. +- `UNIX_SOCKET_PERMISSION`: **666**: Permissions for the Unix socket. +- `LOCAL_ROOT_URL`: **%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/**: Local + (DMZ) URL for Gitea workers (such as SSH update) accessing web service. In + most cases you do not need to change the default value. Alter it only if + your SSH server node is not the same as HTTP node. Do not set this variable + if `PROTOCOL` is set to `http+unix`. +- `LOCAL_USE_PROXY_PROTOCOL`: **%(USE_PROXY_PROTOCOL)**: When making local connections pass the PROXY protocol header. + This should be set to false if the local connection will go through the proxy. +- `PER_WRITE_TIMEOUT`: **30s**: Timeout for any write to the connection. (Set to -1 to + disable all timeouts.) +- `PER_WRITE_PER_KB_TIMEOUT`: **10s**: Timeout per Kb written to connections. + +- `DISABLE_SSH`: **false**: Disable SSH feature when it's not available. +- `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server. +- `SSH_SERVER_USE_PROXY_PROTOCOL`: **false**: Expect PROXY protocol header on connections to the built-in SSH Server. +- `BUILTIN_SSH_SERVER_USER`: **%(RUN_USER)s**: Username to use for the built-in SSH Server. +- `SSH_USER`: **%(BUILTIN_SSH_SERVER_USER)**: SSH username displayed in clone URLs. This is only for people who configure the SSH server themselves; in most cases, you want to leave this blank and modify the `BUILTIN_SSH_SERVER_USER`. +- `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL. +- `SSH_PORT`: **22**: SSH port displayed in clone URL. +- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server. +- `SSH_LISTEN_PORT`: **%(SSH\_PORT)s**: Port for the built-in SSH server. +- `SSH_ROOT_PATH`: **~/.ssh**: Root path of SSH directory. +- `SSH_CREATE_AUTHORIZED_KEYS_FILE`: **true**: Gitea will create a authorized_keys file by default when it is not using the internal ssh server. If you intend to use the AuthorizedKeysCommand functionality then you should turn this off. +- `SSH_AUTHORIZED_KEYS_BACKUP`: **true**: Enable SSH Authorized Key Backup when rewriting all keys, default is true. +- `SSH_TRUSTED_USER_CA_KEYS`: **\**: Specifies the public keys of certificate authorities that are trusted to sign user certificates for authentication. Multiple keys should be comma separated. E.g.`ssh- ` or `ssh- , ssh- `. For more information see `TrustedUserCAKeys` in the sshd config man pages. When empty no file will be created and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` will default to `off`. +- `SSH_TRUSTED_USER_CA_KEYS_FILENAME`: **`RUN_USER`/.ssh/gitea-trusted-user-ca-keys.pem**: Absolute path of the `TrustedUserCaKeys` file Gitea will manage. If you're running your own ssh server and you want to use the Gitea managed file you'll also need to modify your sshd_config to point to this file. The official docker image will automatically work without further configuration. +- `SSH_AUTHORIZED_PRINCIPALS_ALLOW`: **off** or **username, email**: \[off, username, email, anything\]: Specify the principals values that users are allowed to use as principal. When set to `anything` no checks are done on the principal string. When set to `off` authorized principal are not allowed to be set. +- `SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE`: **false/true**: Gitea will create a authorized_principals file by default when it is not using the internal ssh server and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`. +- `SSH_AUTHORIZED_PRINCIPALS_BACKUP`: **false/true**: Enable SSH Authorized Principals Backup when rewriting all keys, default is true if `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`. +- `SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE`: **{{.AppPath}} --config={{.CustomConf}} serv key-{{.Key.ID}}**: Set the template for the command to passed on authorized keys. Possible keys are: AppPath, AppWorkPath, CustomConf, CustomPath, Key - where Key is a `models/asymkey.PublicKey` and the others are strings which are shellquoted. +- `SSH_SERVER_CIPHERS`: **chacha20-poly1305@openssh.com, aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, aes256-gcm@openssh.com**: For the built-in SSH server, choose the ciphers to support for SSH connections, for system SSH this setting has no effect. +- `SSH_SERVER_KEY_EXCHANGES`: **curve25519-sha256, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1**: For the built-in SSH server, choose the key exchange algorithms to support for SSH connections, for system SSH this setting has no effect. +- `SSH_SERVER_MACS`: **hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1**: For the built-in SSH server, choose the MACs to support for SSH connections, for system SSH this setting has no effect +- `SSH_SERVER_HOST_KEYS`: **ssh/gitea.rsa, ssh/gogs.rsa**: For the built-in SSH server, choose the keypairs to offer as the host key. The private key should be at `SSH_SERVER_HOST_KEY` and the public `SSH_SERVER_HOST_KEY.pub`. Relative paths are made absolute relative to the `APP_DATA_PATH`. If no key exists a 4096 bit RSA key will be created for you. +- `SSH_KEY_TEST_PATH`: **/tmp**: Directory to create temporary files in when testing public keys using ssh-keygen, default is the system temporary directory. +- `SSH_KEYGEN_PATH`: **ssh-keygen**: Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call. +- `SSH_EXPOSE_ANONYMOUS`: **false**: Enable exposure of SSH clone URL to anonymous visitors, default is false. +- `SSH_PER_WRITE_TIMEOUT`: **30s**: Timeout for any write to the SSH connections. (Set to + -1 to disable all timeouts.) +- `SSH_PER_WRITE_PER_KB_TIMEOUT`: **10s**: Timeout per Kb written to SSH connections. +- `MINIMUM_KEY_SIZE_CHECK`: **true**: Indicate whether to check minimum key size with corresponding type. + +- `OFFLINE_MODE`: **false**: Disables use of CDN for static files and Gravatar for profile pictures. +- `CERT_FILE`: **https/cert.pem**: Cert file path used for HTTPS. When chaining, the server certificate must come first, then intermediate CA certificates (if any). This is ignored if `ENABLE_ACME=true`. Paths are relative to `CUSTOM_PATH`. +- `KEY_FILE`: **https/key.pem**: Key file path used for HTTPS. This is ignored if `ENABLE_ACME=true`. Paths are relative to `CUSTOM_PATH`. +- `STATIC_ROOT_PATH`: **./**: Upper level of template and static files path. +- `APP_DATA_PATH`: **data** (**/data/gitea** on docker): Default path for application data. +- `STATIC_CACHE_TIME`: **6h**: Web browser cache time for static resources on `custom/`, `public/` and all uploaded avatars. Note that this cache is disabled when `RUN_MODE` is "dev". +- `ENABLE_GZIP`: **false**: Enable gzip compression for runtime-generated content, static resources excluded. +- `ENABLE_PPROF`: **false**: Application profiling (memory and cpu). For "web" command it listens on `localhost:6060`. For "serv" command it dumps to disk at `PPROF_DATA_PATH` as `(cpuprofile|memprofile)__` +- `PPROF_DATA_PATH`: **data/tmp/pprof**: `PPROF_DATA_PATH`, use an absolute path when you start Gitea as service +- `LANDING_PAGE`: **home**: Landing page for unauthenticated users \[home, explore, organizations, login, **custom**\]. Where custom would instead be any URL such as "/org/repo" or even `https://anotherwebsite.com` +- `LFS_START_SERVER`: **false**: Enables Git LFS support. +- `LFS_CONTENT_PATH`: **%(APP_DATA_PATH)/lfs**: Default LFS content path. (if it is on local storage.) **DEPRECATED** use settings in `[lfs]`. +- `LFS_JWT_SECRET`: **\**: LFS authentication secret, change this a unique string. +- `LFS_HTTP_AUTH_EXPIRY`: **20m**: LFS authentication validity period in time.Duration, pushes taking longer than this may fail. +- `LFS_MAX_FILE_SIZE`: **0**: Maximum allowed LFS file size in bytes (Set to 0 for no limit). +- `LFS_LOCKS_PAGING_NUM`: **50**: Maximum number of LFS Locks returned per page. + +- `REDIRECT_OTHER_PORT`: **false**: If true and `PROTOCOL` is https, allows redirecting http requests on `PORT_TO_REDIRECT` to the https port Gitea listens on. +- `REDIRECTOR_USE_PROXY_PROTOCOL`: **%(USE_PROXY_PROTOCOL)**: expect PROXY protocol header on connections to https redirector. +- `PORT_TO_REDIRECT`: **80**: Port for the http redirection service to listen on. Used when `REDIRECT_OTHER_PORT` is true. +- `SSL_MIN_VERSION`: **TLSv1.2**: Set the minimum version of ssl support. +- `SSL_MAX_VERSION`: **\**: Set the maximum version of ssl support. +- `SSL_CURVE_PREFERENCES`: **X25519,P256**: Set the preferred curves, +- `SSL_CIPHER_SUITES`: **ecdhe_ecdsa_with_aes_256_gcm_sha384,ecdhe_rsa_with_aes_256_gcm_sha384,ecdhe_ecdsa_with_aes_128_gcm_sha256,ecdhe_rsa_with_aes_128_gcm_sha256,ecdhe_ecdsa_with_chacha20_poly1305,ecdhe_rsa_with_chacha20_poly1305**: Set the preferred cipher suites. + - If there is no hardware support for AES suites, by default the ChaCha suites will be preferred over the AES suites. + - supported suites as of Go 1.18 are: + - TLS 1.0 - 1.2 cipher suites + - "rsa_with_rc4_128_sha" + - "rsa_with_3des_ede_cbc_sha" + - "rsa_with_aes_128_cbc_sha" + - "rsa_with_aes_256_cbc_sha" + - "rsa_with_aes_128_cbc_sha256" + - "rsa_with_aes_128_gcm_sha256" + - "rsa_with_aes_256_gcm_sha384" + - "ecdhe_ecdsa_with_rc4_128_sha" + - "ecdhe_ecdsa_with_aes_128_cbc_sha" + - "ecdhe_ecdsa_with_aes_256_cbc_sha" + - "ecdhe_rsa_with_rc4_128_sha" + - "ecdhe_rsa_with_3des_ede_cbc_sha" + - "ecdhe_rsa_with_aes_128_cbc_sha" + - "ecdhe_rsa_with_aes_256_cbc_sha" + - "ecdhe_ecdsa_with_aes_128_cbc_sha256" + - "ecdhe_rsa_with_aes_128_cbc_sha256" + - "ecdhe_rsa_with_aes_128_gcm_sha256" + - "ecdhe_ecdsa_with_aes_128_gcm_sha256" + - "ecdhe_rsa_with_aes_256_gcm_sha384" + - "ecdhe_ecdsa_with_aes_256_gcm_sha384" + - "ecdhe_rsa_with_chacha20_poly1305_sha256" + - "ecdhe_ecdsa_with_chacha20_poly1305_sha256" + - TLS 1.3 cipher suites + - "aes_128_gcm_sha256" + - "aes_256_gcm_sha384" + - "chacha20_poly1305_sha256" + - Aliased names + - "ecdhe_rsa_with_chacha20_poly1305" is an alias for "ecdhe_rsa_with_chacha20_poly1305_sha256" + - "ecdhe_ecdsa_with_chacha20_poly1305" is alias for "ecdhe_ecdsa_with_chacha20_poly1305_sha256" +- `ENABLE_ACME`: **false**: Flag to enable automatic certificate management via an ACME capable Certificate Authority (CA) server (default: Lets Encrypt). If enabled, `CERT_FILE` and `KEY_FILE` are ignored, and the CA must resolve `DOMAIN` to this gitea server. Ensure that DNS records are set and either port `80` or port `443` are accessible by the CA server (the public internet by default), and redirected to the appropriate ports `PORT_TO_REDIRECT` or `HTTP_PORT` respectively. +- `ACME_URL`: **\**: The CA's ACME directory URL, e.g. for a self-hosted [smallstep CA server](https://github.com/smallstep/certificates), it can look like `https://ca.example.com/acme/acme/directory`. If left empty, it defaults to using Let's Encerypt's production CA (check `LETSENCRYPT_ACCEPTTOS` as well). +- `ACME_ACCEPTTOS`: **false**: This is an explicit check that you accept the terms of service of the ACME provider. The default is Lets Encrypt [terms of service](https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf). +- `ACME_DIRECTORY`: **https**: Directory that the certificate manager will use to cache information such as certs and private keys. +- `ACME_EMAIL`: **\**: Email used for the ACME registration. Usually it is to notify about problems with issued certificates. +- `ACME_CA_ROOT`: **\**: The CA's root certificate. If left empty, it defaults to using the system's trust chain. +- `ALLOW_GRACEFUL_RESTARTS`: **true**: Perform a graceful restart on SIGHUP +- `GRACEFUL_HAMMER_TIME`: **60s**: After a restart the parent process will stop accepting new connections and will allow requests to finish before stopping. Shutdown will be forced if it takes longer than this time. +- `STARTUP_TIMEOUT`: **0**: Shutsdown the server if startup takes longer than the provided time. On Windows setting this sends a waithint to the SVC host to tell the SVC host startup may take some time. Please note startup is determined by the opening of the listeners - HTTP/HTTPS/SSH. Indexers may take longer to startup and can have their own timeouts. + +## Database (`database`) + +- `DB_TYPE`: **mysql**: The database type in use \[mysql, postgres, mssql, sqlite3\]. +- `HOST`: **127.0.0.1:3306**: Database host address and port or absolute path for unix socket \[mysql, postgres\] (ex: /var/run/mysqld/mysqld.sock). +- `NAME`: **gitea**: Database name. +- `USER`: **root**: Database username. +- `PASSWD`: **\**: Database user password. Use \`your password\` or """your password""" for quoting if you use special characters in the password. +- `SCHEMA`: **\**: For PostgreSQL only, schema to use if different from "public". The schema must exist beforehand, + the user must have creation privileges on it, and the user search path must be set to the look into the schema first + (e.g. `ALTER USER user SET SEARCH_PATH = schema_name,"$user",public;`). +- `SSL_MODE`: **disable**: SSL/TLS encryption mode for connecting to the database. This option is only applied for PostgreSQL and MySQL. + - Valid values for MySQL: + - `true`: Enable TLS with verification of the database server certificate against its root certificate. When selecting this option make sure that the root certificate required to validate the database server certificate (e.g. the CA certificate) is on the system certificate store of both the database and Gitea servers. See your system documentation for instructions on how to add a CA certificate to the certificate store. + - `false`: Disable TLS. + - `disable`: Alias for `false`, for compatibility with PostgreSQL. + - `skip-verify`: Enable TLS without database server certificate verification. Use this option if you have self-signed or invalid certificate on the database server. + - `prefer`: Enable TLS with fallback to non-TLS connection. + - Valid values for PostgreSQL: + - `disable`: Disable TLS. + - `require`: Enable TLS without any verifications. + - `verify-ca`: Enable TLS with verification of the database server certificate against its root certificate. + - `verify-full`: Enable TLS and verify the database server name matches the given certificate in either the `Common Name` or `Subject Alternative Name` fields. +- `SQLITE_TIMEOUT`: **500**: Query timeout for SQLite3 only. +- `SQLITE_JOURNAL_MODE`: **""**: Change journal mode for SQlite3. Can be used to enable [WAL mode](https://www.sqlite.org/wal.html) when high load causes write congestion. See [SQlite3 docs](https://www.sqlite.org/pragma.html#pragma_journal_mode) for possible values. Defaults to the default for the database file, often DELETE. +- `ITERATE_BUFFER_SIZE`: **50**: Internal buffer size for iterating. +- `CHARSET`: **utf8mb4**: For MySQL only, either "utf8" or "utf8mb4". NOTICE: for "utf8mb4" you must use MySQL InnoDB > 5.6. Gitea is unable to check this. +- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path. +- `LOG_SQL`: **true**: Log the executed SQL. +- `DB_RETRIES`: **10**: How many ORM init / DB connect attempts allowed. +- `DB_RETRY_BACKOFF`: **3s**: time.Duration to wait before trying another ORM init / DB connect attempt, if failure occurred. +- `MAX_OPEN_CONNS` **0**: Database maximum open connections - default is 0, meaning there is no limit. +- `MAX_IDLE_CONNS` **2**: Max idle database connections on connection pool, default is 2 - this will be capped to `MAX_OPEN_CONNS`. +- `CONN_MAX_LIFETIME` **0 or 3s**: Sets the maximum amount of time a DB connection may be reused - default is 0, meaning there is no limit (except on MySQL where it is 3s - see #6804 & #7071). + +Please see #8540 & #8273 for further discussion of the appropriate values for `MAX_OPEN_CONNS`, `MAX_IDLE_CONNS` & `CONN_MAX_LIFETIME` and their +relation to port exhaustion. + +## Indexer (`indexer`) + +- `ISSUE_INDEXER_TYPE`: **bleve**: Issue indexer type, currently supported: `bleve`, `db` or `elasticsearch`. +- `ISSUE_INDEXER_CONN_STR`: ****: Issue indexer connection string, available when ISSUE_INDEXER_TYPE is elasticsearch. i.e. http://elastic:changeme@localhost:9200 +- `ISSUE_INDEXER_NAME`: **gitea_issues**: Issue indexer name, available when ISSUE_INDEXER_TYPE is elasticsearch +- `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: Index file used for issue search; available when ISSUE_INDEXER_TYPE is bleve and elasticsearch. +- The next 4 configuration values are deprecated and should be set in `queue.issue_indexer` however are kept for backwards compatibility: +- `ISSUE_INDEXER_QUEUE_TYPE`: **levelqueue**: Issue indexer queue, currently supports:`channel`, `levelqueue`, `redis`. **DEPRECATED** use settings in `[queue.issue_indexer]`. +- `ISSUE_INDEXER_QUEUE_DIR`: **queues/common**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the path where the queue will be saved. **DEPRECATED** use settings in `[queue.issue_indexer]`. +- `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string. When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of the form `leveldb://path/to/db?option=value&....`, and overrides `ISSUE_INDEXER_QUEUE_DIR`. **DEPRECATED** use settings in `[queue.issue_indexer]`. +- `ISSUE_INDEXER_QUEUE_BATCH_NUMBER`: **20**: Batch queue number. **DEPRECATED** use settings in `[queue.issue_indexer]`. + +- `REPO_INDEXER_ENABLED`: **false**: Enables code search (uses a lot of disk space, about 6 times more than the repository size). +- `REPO_INDEXER_TYPE`: **bleve**: Code search engine type, could be `bleve` or `elasticsearch`. +- `REPO_INDEXER_PATH`: **indexers/repos.bleve**: Index file used for code search. +- `REPO_INDEXER_CONN_STR`: ****: Code indexer connection string, available when `REPO_INDEXER_TYPE` is elasticsearch. i.e. http://elastic:changeme@localhost:9200 +- `REPO_INDEXER_NAME`: **gitea_codes**: Code indexer name, available when `REPO_INDEXER_TYPE` is elasticsearch + +- `REPO_INDEXER_INCLUDE`: **empty**: A comma separated list of glob patterns (see https://github.com/gobwas/glob) to **include** in the index. Use `**.txt` to match any files with .txt extension. An empty list means include all files. +- `REPO_INDEXER_EXCLUDE`: **empty**: A comma separated list of glob patterns (see https://github.com/gobwas/glob) to **exclude** from the index. Files that match this list will not be indexed, even if they match in `REPO_INDEXER_INCLUDE`. +- `REPO_INDEXER_EXCLUDE_VENDORED`: **true**: Exclude vendored files from index. +- `UPDATE_BUFFER_LEN`: **20**: Buffer length of index request. **DEPRECATED** use settings in `[queue.issue_indexer]`. +- `MAX_FILE_SIZE`: **1048576**: Maximum size in bytes of files to be indexed. +- `STARTUP_TIMEOUT`: **30s**: If the indexer takes longer than this timeout to start - fail. (This timeout will be added to the hammer time above for child processes - as bleve will not start until the previous parent is shutdown.) Set to -1 to never timeout. + +## Queue (`queue` and `queue.*`) + +Configuration at `[queue]` will set defaults for queues with overrides for individual queues at `[queue.*]`. (However see below.) + +- `TYPE`: **persistable-channel**: General queue type, currently support: `persistable-channel` (uses a LevelDB internally), `channel`, `level`, `redis`, `dummy` +- `DATADIR`: **queues/**: Base DataDir for storing persistent and level queues. `DATADIR` for individual queues can be set in `queue.name` sections but will default to `DATADIR/`**`common`**. (Previously each queue would default to `DATADIR/`**`name`**.) +- `LENGTH`: **20**: Maximal queue size before channel queues block +- `BATCH_LENGTH`: **20**: Batch data before passing to the handler +- `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. Options can be set using query params. Similarly LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**, and will override `DATADIR` +- `QUEUE_NAME`: **_queue**: The suffix for default redis and disk queue name. Individual queues will default to **`name`**`QUEUE_NAME` but can be overridden in the specific `queue.name` section. +- `SET_NAME`: **_unique**: The suffix that will be added to the default redis and disk queue `set` name for unique queues. Individual queues will default to + **`name`**`QUEUE_NAME`_`SET_NAME`_ but can be overridden in the specific `queue.name` section. +- `WRAP_IF_NECESSARY`: **true**: Will wrap queues with a timeoutable queue if the selected queue is not ready to be created - (Only relevant for the level queue.) +- `MAX_ATTEMPTS`: **10**: Maximum number of attempts to create the wrapped queue +- `TIMEOUT`: **GRACEFUL_HAMMER_TIME + 30s**: Timeout the creation of the wrapped queue if it takes longer than this to create. +- Queues by default come with a dynamically scaling worker pool. The following settings configure this: +- `WORKERS`: **0**: Number of initial workers for the queue. +- `MAX_WORKERS`: **10**: Maximum number of worker go-routines for the queue. +- `BLOCK_TIMEOUT`: **1s**: If the queue blocks for this time, boost the number of workers - the `BLOCK_TIMEOUT` will then be doubled before boosting again whilst the boost is ongoing. +- `BOOST_TIMEOUT`: **5m**: Boost workers will timeout after this long. +- `BOOST_WORKERS`: **1**: This many workers will be added to the worker pool if there is a boost. + +Gitea creates the following non-unique queues: + +- `code_indexer` +- `issue_indexer` +- `notification-service` +- `task` +- `mail` +- `push_update` + +And the following unique queues: + +- `repo_stats_update` +- `repo-archive` +- `mirror` +- `pr_patch_checker` + +Certain queues have defaults that override the defaults set in `[queue]` (this occurs mostly to support older configuration): + +- `[queue.issue_indexer]` + - `TYPE` this will default to `[queue]` `TYPE` if it is set but if not it will appropriately convert `[indexer]` `ISSUE_INDEXER_QUEUE_TYPE` if that is set. + - `LENGTH` will default to `[indexer]` `UPDATE_BUFFER_LEN` if that is set. + - `BATCH_LENGTH` will default to `[indexer]` `ISSUE_INDEXER_QUEUE_BATCH_NUMBER` if that is set. + - `DATADIR` will default to `[indexer]` `ISSUE_INDEXER_QUEUE_DIR` if that is set. + - `CONN_STR` will default to `[indexer]` `ISSUE_INDEXER_QUEUE_CONN_STR` if that is set. +- `[queue.mailer]` + - `LENGTH` will default to **100** or whatever `[mailer]` `SEND_BUFFER_LEN` is. +- `[queue.pr_patch_checker]` + - `LENGTH` will default to **1000** or whatever `[repository]` `PULL_REQUEST_QUEUE_LENGTH` is. +- `[queue.mirror]` + - `LENGTH` will default to **1000** or whatever `[repository]` `MIRROR_QUEUE_LENGTH` is. + +## Admin (`admin`) + +- `DEFAULT_EMAIL_NOTIFICATIONS`: **enabled**: Default configuration for email notifications for users (user configurable). Options: enabled, onmention, disabled +- `DISABLE_REGULAR_ORG_CREATION`: **false**: Disallow regular (non-admin) users from creating organizations. + +## Security (`security`) + +- `INSTALL_LOCK`: **false**: Controls access to the installation page. When set to "true", the installation page is not accessible. +- `SECRET_KEY`: **\**: Global secret key. This key is VERY IMPORTANT, if you lost it, the data encrypted by it (like 2FA secret) can't be decrypted anymore. +- `SECRET_KEY_URI`: ****: Instead of defining SECRET_KEY, this option can be used to use the key stored in a file (example value: `file:/etc/gitea/secret_key`). It shouldn't be lost like SECRET_KEY. +- `LOGIN_REMEMBER_DAYS`: **7**: Cookie lifetime, in days. +- `COOKIE_USERNAME`: **gitea\_awesome**: Name of the cookie used to store the current username. +- `COOKIE_REMEMBER_NAME`: **gitea\_incredible**: Name of cookie used to store authentication + information. +- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy + authentication. +- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy + authentication provided email. +- `REVERSE_PROXY_AUTHENTICATION_FULL_NAME`: **X-WEBAUTH-FULLNAME**: Header name for reverse proxy + authentication provided full name. +- `REVERSE_PROXY_LIMIT`: **1**: Interpret X-Forwarded-For header or the X-Real-IP header and set this as the remote IP for the request. + Number of trusted proxy count. Set to zero to not use these headers. +- `REVERSE_PROXY_TRUSTED_PROXIES`: **127.0.0.0/8,::1/128**: List of IP addresses and networks separated by comma of trusted proxy servers. Use `*` to trust all. +- `DISABLE_GIT_HOOKS`: **true**: Set to `false` to enable users with Git Hook privilege to create custom Git Hooks. + WARNING: Custom Git Hooks can be used to perform arbitrary code execution on the host operating system. + This enables the users to access and modify this config file and the Gitea database and interrupt the Gitea service. + By modifying the Gitea database, users can gain Gitea administrator privileges. + It also enables them to access other resources available to the user on the operating system that is running the + Gitea instance and perform arbitrary actions in the name of the Gitea OS user. + This maybe harmful to you website or your operating system. + Setting this to true does not change existing hooks in git repos; adjust it before if necessary. +- `DISABLE_WEBHOOKS`: **false**: Set to `true` to disable webhooks feature. +- `ONLY_ALLOW_PUSH_IF_GITEA_ENVIRONMENT_SET`: **true**: Set to `false` to allow local users to push to gitea-repositories without setting up the Gitea environment. This is not recommended and if you want local users to push to Gitea repositories you should set the environment appropriately. +- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server. +- `INTERNAL_TOKEN`: **\**: Secret used to validate communication within Gitea binary. +- `INTERNAL_TOKEN_URI`: ****: Instead of defining INTERNAL_TOKEN in the configuration, this configuration option can be used to give Gitea a path to a file that contains the internal token (example value: `file:/etc/gitea/internal_token`) +- `PASSWORD_HASH_ALGO`: **pbkdf2**: The hash algorithm to use \[argon2, pbkdf2, pbkdf2_v1, scrypt, bcrypt\], argon2 and scrypt will spend significant amounts of memory. + - Note: The default parameters for `pbkdf2` hashing have changed - the previous settings are available as `pbkdf2_v1` but are not recommended. + - The hash functions may be tuned by using `$` after the algorithm: + - `argon2$