File gitea.changes of Package gitea

-------------------------------------------------------------------
Mon May 16 20:51:48 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.8:
  * Add changelog for v1.16.8 (#19724)
  * Fix issue overview for teams (#19652) (#19653)
  * Delete user related oauth stuff on user deletion too (#19677) (#19680)
  * Fix oauth setting list bug (#19681)
  * Fix new release from tags list UI (#19670) (#19673)
  * [doctor] Add check/fix for bogus action rows (#19656) (#19669)
  * Revert "Add finalizers to ensure that repos are closed and blobreaders are closed (#19495) (#19496)" (#19659)
  * GetFeeds must always discard actions with dangling repo_id (#19598) (#19629)
  * Only show accessible teams in dashboard dropdown list (#19642) (#19645)
  * Set safe dir for git operations in .drone.yml CI (#19641) (#19643)
  * Prevent NPE when checking repo units if the user is nil (#19625) (#19630)
  * Call MultipartForm.RemoveAll when request finishes (#19606) (#19607)
  * Make .cs highlighting legible on dark themes (#19604) (#19605)
  * Avoid MoreThanOne Error (#19557) (#19591)
  * Fix sending empty notifications (#19589) (#19590)
  * Add finalizers to ensure that repos are closed and blobreaders are closed (#19495) (#19496)
  * ignore DNS error when doing migration allow/block check (#19567)

-------------------------------------------------------------------
Mon May 02 08:14:49 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.7:
  * Add Changelog v1.16.7 (#19575)
  * Dont overwrite err with nil (part #19572) (#19574)
  * Migration: only write commit-graph if wiki clone was successfull (#19563) (#19568)
  * Respect DefaultUserIsRestricted system default when creating new user (#19310 ) (#19560)
  * Don't error when branch's commit doesn't exist (#19547) (#19548)
  * Support `hostname:port` to pass host matcher's check (#19543) (#19544)
  * Prevent intermittent race in attribute reader close (#19537) (#19539)
  * Fix 64-bit atomic operations on 32-bit machines (#19531) (#19532)
  * Fix migrate release from github (#19510) (#19523)
  * When view _Siderbar or _Footer, just display once (#19501) (#19522)
  * Prevent dangling archiver goroutine (#19516) (#19526)
  * Unset git author/committer variables when running integration tests (#19512) (#19519)
  * Fix blame page select range error and some typos (#19503)
  * Add notags to fetch (#19487) (#19490)
  * User specific repoID or xorm builder conditions for issue search (#19475) (#19476)
  * [doctor] authorized-keys: fix displayed check name (backport #19464) (#19484)
  * Mark TemplateLoading error as "UnprocessableEntity" (#19445) (#19446)
  * Prevent dangling cat-file calls (goroutine alternative) (#19454) (#19466)
  * Set correct PR status on 3way on conflict checking (#19457) (#19458)
  * RepoAssignment ensure to close before overwrite (#19449) (#19460)

-------------------------------------------------------------------
Thu Apr 21 07:01:59 UTC 2022 - michael@stroeder.com

- Update to version 1.16.6:
  * ENHANCEMENTS
    - Only request write when necessary (#18657) (#19422)
    - Disable service worker by default (#18914) (#19342)
  * BUGFIXES
    - When dumping trim the standard suffices instead of a random suffix (#19440) (#19447)
    - Fix DELETE request for non-existent public key (#19443) (#19444)
    - Don't panic on ErrEmailInvalid (#19441) (#19442)
    - Add uploadpack.allowAnySHA1InWant to allow --filter=blob:none with older git clients (#19430) (#19438)
    - Warn on SSH connection for incorrect configuration (#19317) (#19437)
    - Search Issues via API, dont show 500 if filter result in empty list (#19244) (#19436)
    - When updating mirror repo intervals by API reschedule next update too (#19429) (#19433)
    - Fix nil error when some pages are rendered outside request context (#19427) (#19428)
    - Fix double blob-hunk on diff page (#19404) (#19405)
    - Don't allow merging PR's which are being conflict checked (#19357) (#19358)
    - Fix middleware function's placements (#19377) (#19378)
    - Fix invalid CSRF token bug, make sure CSRF tokens can be up-to-date (#19338)
    - Restore user autoregistration with email addresses (#19261) (#19312)
    - Move checks for pulls before merge into own function (#19271) (#19277)
    - Granular webhook events in editHook (#19251) (#19257)
    - Only send webhook events to active system webhooks and only deliver to active hooks (#19234) (#19248)
    - Use full output of git show-ref --tags to get tags for PushUpdateAddTag (#19235) (#19236)
    - Touch mirrors on even on fail to update (#19217) (#19233)
    - Hide sensitive content on admin panel progress monitor (#19218 & #19226) (#19231)
    - Fix clone url JS error for the empty repo page (#19209)
    - Bump goldmark to v1.4.11 (#19201) (#19203)
  * TESTING
    - Prevent intermittent failures in RepoIndexerTest (#19225 #19229) (#19228)
  * BUILD
    - Revert the minimal golang version requirement from 1.17 to 1.16 and add a warning in Makefile (#19319)
  * MISC
    - Performance improvement for add team user when org has more than 1000 repositories (#19227) (#19289)
    - Check go and nodejs version by go.mod and package.json (#19197) (#19254)

-------------------------------------------------------------------
Fri Apr  8 15:21:26 UTC 2022 - ecsos <ecsos@opensuse.org>

- Set correct go version >= 1.17.

-------------------------------------------------------------------
Thu Mar 24 08:21:08 UTC 2022 - michael@stroeder.com

- Update to version 1.16.5:
  * BREAKING
    - Bump to build with go1.18 (#19120 et al) (#19127)
  * SECURITY
    - Prevent redirect to Host (2) (#19175) (#19186)
    - Try to prevent autolinking of displaynames by email readers (#19169) (#19183)
    - Clean paths when looking in Storage (#19124) (#19179)
    - Do not send notification emails to inactive users (#19131) (#19139)
    - Do not send activation email if manual confirm is set (#19119) (#19122)
  * ENHANCEMENTS
    - Use the new/choose link for New Issue on project page (#19172) (#19176)
  * BUGFIXES
    - Fix showing issues in your repositories (#18916) (#19191)
    - Fix compare link in active feeds for new branch (#19149) (#19185)
    - Redirect .wiki/* ui link to /wiki (#18831) (#19184)
    - Ensure deploy keys with write access can push (#19010) (#19182)
    - Ensure that setting.LocalURL always has a trailing slash (#19171) (#19177)
    - Cleanup protected branches when deleting users & teams (#19158) (#19174)
    - Use IterateBufferSize whilst querying repositories during adoption check (#19140) (#19160)
    - Fix NPE /repos/issues/search when not signed in (#19154) (#19155)
    - Use custom favicon when viewing static files if it exists (#19130) (#19152)
    - Fix the editor height in review box (#19003) (#19147)
    - Ensure isSSH is set whenever DISABLE_HTTP_GIT is set (#19028) (#19146)
    - Fix wrong scopes caused by empty scope input (#19029) (#19145)
    - Make migrations SKIP_TLS_VERIFY apply to git too (#19132) (#19141)
    - Handle email address not exist (#19089) (#19121)
  * MISC
    - Update json-iterator to allow compilation with go1.18 (#18644) (#19100)
    - Update golang.org/x/crypto (#19097) (#19098)

-------------------------------------------------------------------
Mon Mar 14 22:06:07 UTC 2022 - michael@stroeder.com

- Update to version 1.16.4:
  * SECURITY
    - Restrict email address validation (#17688) (#19085)
    - Fix lfs bug (#19072) (#19080)
  * ENHANCEMENTS
    - Improve SyncMirrors logging (#19045) (#19050)
  * BUGFIXES
    - Refactor mirror code & fix StartToMirror (#18904) (#19075)
    - Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
    - Prevent 500 when there is an error during new auth source post (#19041) (#19059)
    - If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
    - Fix flag validation (#19046) (#19051)
    - Add pam account authorization check (#19040) (#19047)
    - Ignore missing comment for user notifications (#18954) (#19043)
    - Set rel="nofollow noindex" on new issue links (#19023) (#19042)
    - Upgrading binding package (#19034) (#19035)
    - Don't show context cancelled errors in attribute reader (#19006) (#19027)
    - Fix update hint bug (#18996) (#19002)
  * MISC
    - Fix potential assignee query for repo (#18994) (#18999)

-------------------------------------------------------------------
Thu Mar 03 16:08:29 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.3:
  * Changelog for v1.16.3 (#18966)
  * git backend ignore replace objects (#18979) (#18980)
  * Set max text height to prevent overflow (#18862) (#18977)
  * Fix problem when self-assign notification (#18797) (#18976)
  * backport fix of #18973 (#18974)
  * Refactor admin user filter query parameters (#18965) (#18975)
  * Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
  * Send 404 on `/{org}.gpg` (#18959) (#18962)
  * Fix admin user list pagination (#18957) (#18960)
  * Fix lfs management setting (#18947)
  * Backport locales from master (#18944)
  * Fix login with email panic when email is not exist (#18942)
  * Adjust error for already locked db and prevent level db lock on malformed connstr (#18923) (#18938)
  * Update go-org to v1.6.1 (#18932) (#18933)
  * Fix `<strong>` html in translation (#18929) (#18931)
  *  Fix page and missing return on unadopted repos API (#18848) (#18927)
  * Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
  *  Allow adminstrator teams members to see other teams (#18918) (#18919)
  * Correctly link URLs to users/repos with dashes, dots or underscores (#18890) (#18908)
  * Don't update email for organisation (#18905) (#18906)
  * Fix redirect when using lowercase reponame (#18775) (#18902)
  * Fix team management UI (#18887)
  * Fix migration v210 (#18893)
  * BeforeSourcePath should point to base commit (#18880)

-------------------------------------------------------------------
Thu Feb 24 19:58:07 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.2:
  * Add changelog for v1.16.2 (#18840)
  * Fix ldap user sync missed email in email_address table (#18786) (#18876)
  * Don't report signal: killed errors in serviceRPC (#18850) (#18865)
  * Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
  * Fix login with email for ldap users (#18800) (#18836)
  * Fix ldap edit bug (#18859)
  * Fix ldap loginname (#18789) (#18804)
  * In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
  * Fix bug for get user by email (#18834)
  * Update go-org to 1.6.0 (#18824) (#18839)
  * Show fullname on issue edits and gpg/ssh signing info (#18828)
  * Put buttons back in org dashboard (#18817) (#18825)
  * Immediately Hammer if second kill is sent (#18823) (#18826)
  * Fix panic in EscapeReader (#18820) (#18821)
  * remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
  * Allow mermaid render error to wrap (#18791)
  * Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
  * Fix template bug of LFS lock (#18784) (#18787)
  * Various Mermaid improvements (#18776) (#18780)
  * Ensure git tag tests and others create test repos in tmpdir (#18447) (#18767)
  * Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
  * Prevent dangling GetAttribute calls (#18754) (#18755)
  * Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
  * Fix a broken link in `commits_list_small.tmpl` (#18764)
  * Fix isempty detection of git repository (#18746) (#18750)
  * Prevent double encoding of branch names in delete branch (#18714) (#18738)
  * Fix forked repositories missed tags (#18719) (#18735)
  * Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
  * Fix source code line highlighting (#18729) (#18740)
  * Reduce CI go module downloads, add make targets (#18708, #18475, #18443) (#18741)
  * Separate the details links of commit-statuses in headers (#18661) (#18730)
  * Fix release typo (#18728) (#18731)
  * Update object repo with the migrated repository (#18684) (#18726)
  * Fix bug for version update hint (#18701) (#18705)
  * Prevent security failure due to bad APP_ID (#18678) (#18682)
  * Fix issue with docker-rootless shimming script (#18690) (#18699)
  * C preprocessor colors improvement (#18671) (#18696)
  * Let  return correct perm (#18675) (#18689)
  * Restart zero worker if there is still work to do (#18658) (#18672)
  * Backport: fix the missing i18n key for update checker (#18646) (#18665)
  * No longer show the db-downgrade SQL in production (#18654)
  * If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)

-------------------------------------------------------------------
Sun Feb 06 13:59:56 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.1:
  * Add changelog for v1.16.1 (#18614)
  * comments on migrated issues/prs must link to the comment ID (#18637)
  * Stop logging an error when notes are not found (#18626) (#18635)
  * Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
  * Ensure that blob-excerpt links work for wiki (#18587) (#18624)
  * Attempt to prevent intermittent failure TestGit/xxx/BranchProtectMerge/MergePR (#18451) (#18619)
  * Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
  * Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
  * Fix pushing to 1-x-dev docker tag (#18578) (#18579)
  * Collaborator trust model should trust collaborators (#18539) (#18557)
  * Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
  * Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
  * Add dropdown icon to template loading dropdown (#18571)
  * Detect conflicts with 3way merge (#18536) (#18537)
  * Update JS dependencies, fix lint (#18389) (#18540)
  * Add `GetUserTeams` (#18499) (#18531)
  * Fix review excerpt (#18502) (#18530)
  * Fix for AvatarURL database type (#18487) (#18529)
  * In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
  * Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)
  * Use "read" value for General Access (#18496) (#18500)
  * Use `ImagedProvider` for gplus oauth2 provider (#18504) (#18505)
  * point to s3 endpoint directly (#18497) (#18510)
  * Fix OAuth Source Edit Page (#18495) (#18503)
  * Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)

-------------------------------------------------------------------
Fri Feb 04 12:56:15 UTC 2022 - ecsos@opensuse.org

- Update to version 1.16.0:
  * Changelog 1.16.0 (#18468)
  * GitLab reviews may not have the updated_at field set (#18450) (#18461)
  * Fix broken when no commits and default branch is not master (#18423)
  * Fix broken oauth2 authentication source edit page (#18412) (#18419)
  * Only view milestones from current repo (#18414) (#18417)
  * Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403)  (#18404)
  * Fix restore without topic failure (#18387) (#18400)
  * Fix commit's time (#18375) (#18392)
  * Prevent showing webauthn error for every time visiting `/user/settings/security` (#18385) (#18386)
  * Fix partial cloning a repo (#18373) (#18377)
  * Fix mime-type detection for HTTP server (#18371)
  * Backport: Disable content sniffing on `PlainTextBytes` (#18365)
  * Update github.com/duo-labs/webauthn (#18357) (#18364)
  * [skip ci] Updated translations via Crowdin
  * Stop trimming preceding and suffixing spaces from editor filenames (#18334)
  * [skip ci] Updated translations via Crowdin
  * Left-Align text in Unicode warning boxes (#18331)
  * Only warn on bidi but still escape non-bidi (#18333)
  * Fix incorrect OAuth message (#18332)
  * [skip ci] Updated translations via Crowdin
  * Changelog for 1.16.0-rc1 (#18309)
  * Restore propagation of ErrDependenciesLeft (#18325)
  * Fix PR comments UI (#18323)
  * Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
  * Fix commit links on compare page (#18310)
  * Update JS dependencies, remove eslint-plugin-github (#18317)
  * Add MirrorUpdated field to Repository API type (#18267)
  * replace satori/go.uuid with gofrs/uuid (#18311)
  * Place inline diff comment dialogs in the 4th column. (#18321)
  * Use indirect comparison when showing pull requests (#18313)
  * Prevent ambiguous column error in organizations page (#18314)
  * Correctly upload LFS files (#18316)
  * [skip ci] Updated translations via Crowdin
  * update description about vendoring in CONTRIBUTING.md (#18280)
  * Fix CheckRepoStats and reuse it during migration (#18264)
  * Minor tweak to tag list (#18295)
  * show pull link for agit pull request also (#18235)
  * [skip ci] Updated translations via Crowdin
  * Add some .ignore entries (#18296)
  * Remove unneeded debug messages to stdout. (#18298)
  * Handle missing default branch better in owner/repo/branches page (#18290)
  * Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)
  * not show double error response in git hook (#18292)
  * Remove accidental debugging in blob_excerpt.tmpl (#18287)
  * Prevent possible XSS when using jQuery (#18289)
  * Return nicer error if trying to pull from non-existent user (#18288)
  * [skip ci] Updated translations via Crowdin
  * docs: mention client_max_body_size affects LFS (#18291)
  * Add lockfile-check (#18285)
  * Webauthn nits (#18284)
  * Update `package-lock.json` (#18283)
  * Upgrade EasyMDE to 2.16.1 (#18278)
  * Remove golang vendored directory (#18277)
  * Changelog for 1.15.10 (#18274) (#18276)
  * Support webauthn (#17957)
  * [skip ci] Updated translations via Crowdin
  * Improve the comment for 2FA filter in admin panel (#18017)
  * fix regression from #16075 (#18260)
  * Prevent underline hover on cards (#18259)
  * Fix release link broken (#18252)
  * migrations: a deadline at January 1st, 1970 is valid (#18237)
  * Fix documents for development and bug report (#18249)
  * Add/update SMTP auth providers via cli (#18197)
  * Fix NPE on try to get tag reference via API (#18245)
  * Fix update user bug (#18250)
  * [doc] https-setup: explain relative paths for {CERT,KEY}_FILE fields. (#18244)
  * chore: remove unnecessary section (#18209)
  * Fix purple color in suggested label colors (#18241)
  * Prevent NPE when viewing non-rendered files (#18234)
  * Fix collobration template (#18232)
  * Fix identation typo in doc installation with Docker (#18233)
  * [skip ci] Updated translations via Crowdin
  * Fix source typos (#18227)
  * Fix various typos (#18219)
  * Remove `ioutil` (#18222)
  * [skip ci] Updated translations via Crowdin
  * Fix typos in docs/content (#18215)
  * [skip ci] Updated licenses and gitignores
  * In the Organization member page, 2fa column is too narrow for Simplified Chinese and Chinese Traditional. (#18213)
  * Fix new team (#18212)
  * Fix EasyMDE image paste bug during refactoring (#18207)
  * Sort locales according to their names (#18211)
  * Restore setting of ctx.Repo.Mirror (#18205)
  * [skip ci] Updated translations via Crowdin
  * Show OAuth callback error message (#18185)
  * Fix CSS specificity issue with easymde's css (#18201)
  * Fix mermaid rendering in milestone dashboard (#18202)
  * Don't store assets modified time into generated files (#18193)
  * Add warning for BIDI characters in page renders and in diffs (#17562)
  * [skip ci] Updated translations via Crowdin
  * Bump mermaid from 8.13.4 to 8.13.8 (#18198)
  * fix location for custom/options/license (#18194)
  * Enable partial clone by default (#18195)
  * Add option to convert CRLF to LF line endings for sendmail (#18075)
  * Add replay of webhooks. (#18191)
  * Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
  * refactoring nits (#18188)
  * slight optimization for default avatar (#18187)
  * code.gitea.io/sdk/gitea v0.14.0 -> v0.15.1 (#18186)
  * Team permission allow different unit has different permission (#17811)
  * Integration test for migration (#18124)
  * Update `TODOs` badge to reflect new default branch (#18182)
  * Increase Salt randomness  (#18179)
  * Add MP4 as default allowed attachment type (#18170)
  * [skip ci] Updated translations via Crowdin
  * Include folders into size cost (#18158)
  * Don't delete branch if other PRs with this branch are open (#18164)
  * Remove unused route "/tasks/trigger" (#18160)
  * Fix EasyMDE validation (#18161)
  * Fix bug (#18168)
  * tests: add coverage for models migration helpers  (#18162)
  * [skip ci] Updated translations via Crowdin
  * Require codereview to have content (#18156)
  * chore(lint): use golangci-lint to call revive and misspell checker. (#18145)
  * Update owners for 2022 (#18155)
  * Refactor auth package (#17962)
  * Unify and simplify TrN for i18n (#18141)
  * Use correct user when determining max repo limits for error messages (#18153)
  * Add singuliere to MAINTAINERS (#18148)
  * [skip ci] Updated licenses and gitignores
  * Add API to get issue/pull comments and events (timeline) (#17403)
  * Upgrade certmagic from v0.14.1 to v0.15.2 (#18138)
  * Allow admin to associate missing LFS objects for repositories (#18143)
  * Upgrade bleve from v2.0.6 to v2.3.0 (#18132)
  * tests: s/GITEA_UNIT_TESTS_VERBOSE/GITEA_UNIT_TESTS_LOG_SQL/ (#18142)
  * services/repository: fix ListUnadoptedRepositories incorrect total count (#17865)
  * Improve document for developers: Windows CGO, unit test option (#18140)
  * Reset the conflicted files list in testpatch (#18139)
  * Use correct translation key (#18135)
  * [skip ci] Updated translations via Crowdin
  * [Frontport] Changelog v1.15.9 (#18136)
  * Fix wrong redirect on org labels (#18128)
  * Fix performance regression when user has many organization (#18125)
  * docs: add various ways to install from package (#18120)
  * Removed unused method. (#18129)
  * [skip ci] Updated translations via Crowdin
  * Removed unused endpoint. (#18127)
  * Use conditions but not repo ids as query condition (#16839)
  * Set HeadCommit when creating tags. (#18116)
  * Fix: unstable sort skips/duplicates issues across pages (#18094)
  * Handle invalid issues (#18111)
  * [skip ci] Updated translations via Crowdin
  * Fix documents for Windows development (#18109)
  * Enable linter [rule.modifies-value-receiver] and refactor RoleDescriptor (#18093)
  * doc: clarify INSTALL_LOCK behavior (#17945)
  * [skip ci] Updated translations via Crowdin
  * Add issue hyperlinks in the webhook of wechatwork (#18102)
  * Fix a navbar UI bug in Safari (#18092)
  * Instead of using routerCtx just escape the url before routing (#18086)
  * When the git repository on storage is changed, the repository modal should also be updated (#18088)
  * - name: new parameter in CreateForkOption to give the forked repository (#18066)
  * When attempting to subscribe other user to issue report why access denied (#18091)
  * Improve interface when comparing a branch which has created a pull request (#17911)
  * Add API to manage repo tranfers (#17963)
  * Fix various typos of software names (#18083)
  * Prevent NPE if gitea uploader fails to open url (#18080)
  * Do not read or write git reference files directly (#18079)
  * Migrated Repository will show modifications when possible (#17191)
  * Quote references to the user table in consistency checks (#18072)
  * Only create pprof files for gitea serv if explicitly asked for (#18068)
  * Add NotFound handler (#18062)
  * Add API to get file commit history (#17652)
  * [skip ci] Updated translations via Crowdin
  * Add List-Unsubscribe header (#17804)
  * Avoid running go vet twice (#18059)
  * [Frontport] Changelog v1.15.8 (#18052)
  * Fix continuance tests (#18027)
  * update docker image to latest go version (#18048)
  * TestRepository_GetTag intermittently panics due to an NPE (#18043)
  * Ensure that git repository is closed before transfer (#18049)
  * [skip ci] Updated translations via Crowdin
  * Make test work with different default branch config (#18038)
  * Extract CodeMirror styles (#17960)
  * Migration 204 use Sync2 (#18044)
  * Move POST /{username}/action/{action} to simply POST /{username} (#18045)
  * Fix delete u2f keys modal (#18040)
  * Reset Session ID on login (#18018)
  * Add grafana gitea-mixin (#17758)
  * Simplify parameter types (#18006)
  * Update chroma (#18033)
  * Prevent off-by-one error on comments on newly appended lines (#18029)
  * Abort merge if head has been updated before pressing merge (#18032)
  * no need for docker image mirror (#18031)
  * Stop printing 03d after escaped characters in logs (#18030)
  * Reset locale on login (#18023)
  * Add support for ssh commit signing (#17743)
  * Improve TestPatch to use git read-tree -m and implement git-merge-one-file functionality (#18004)
  * [skip ci] Updated licenses and gitignores
  * Change <a> elements to underline on hover (#17898)
  * [skip ci] Updated translations via Crowdin
  * Support open compare page directly (#17975)
  * Add option to define refs in issue templates (#17842)
  * Fix outType on gitea dump (#18000)
  * Fix rename notification bug (#18008)
  * Ensure complexity, minlength and ispwned are checked on password setting (#18005)
  * Use JSON module instead of stdlib json (#18003)
  * Prevent hang in git cat-file if repository is not a valid repository and other fixes (#17991)
  * Prevent double decoding of % in url params  (#17997)
  * Add Reindex buttons to repository settings page (#17494)
  * Set correct language for Dockerfile variants (#17999)
  * Fix TemplateRepo no longer in models.repo (#17993)
  * Make AvatarRenderedSizeFactor configurable and set it to 3 (#17951)
  * [skip ci] Updated translations via Crowdin
  * Fixed emoji alias not parsed in links (#16221)
  * Shorten page title in file view (#17987)
  * Refactor HTTP request context (#17979)
  * Add missing `X-Total-Count` and fix some related bugs (#17968)
  * [skip ci] Updated translations via Crowdin
  * Use non-expiring key. (#17984)
  * Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
  * Return nicer error for ForcePrivate (#17971)
  * Fixed wording. (#17973)
  * [skip ci] Updated translations via Crowdin
  * Prevent deadlock in create issue (#17970)
  * Bump swagger-ui-dist from 4.1.2 to 4.1.3 (#17965)
  * Improve behavior of "Fork" button (#17288)
  * Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
  * Some repository refactors (#17950)
  * [skip ci] Updated licenses and gitignores
  * Fix markdown URL parsing (#17924)
  * Fix overflow in commit graph (#17947)
  * Prevent services/mailer/mailer_test.go tests from deleteing data directory (#17941)
  * Move keys to models/asymkey (#17917)
  * Clean legacy SimpleMDE code (#17926)
  * Move repository model into models/repo (#17933)
  * [skip ci] Updated translations via Crowdin
  * Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)
  * [skip ci] Updated translations via Crowdin
  * Use disable_form_autofill on Codebase and Gitbucket (#17936)
  * Improve checkBranchName (#17901)
  * allways set a message-id on mails (#17900)
  * Support sorting for project board issuses (#17152)
  * Remove unnecessary `X-Remote` HTTP header in AJAX request (#17932)
  * Refactor install page (db type) (#17919)
  * [skip ci] Updated translations via Crowdin
  * Allow default branch to be inferred on compare page (#17908)
  * Apply CSS Variables to all message elements (#17920)
  * Move repo archiver to models/repo (#17913)
  * Replace "unix" by "http+unix" for PROTOCOL (#17771)
  * Fix loading content history on show more (#17819)
  * update xgo to use 1.17 (#17915)
  * [skip ci] Updated translations via Crowdin
  * Test cache during init (#17852)
  * Display issue/comment role even if repo archived (#17907)
  * [skip ci] Updated licenses and gitignores
  * fix i18n (#17906)
  * Fix svg colors in file list table (#17903)
  * Update JS dependencies, adjust eslint config (#17904)
  * [skip ci] Updated translations via Crowdin
  * Fix the bug: no wiki page can be created if the repo didn't have any page yet. (#17894)
  * tests: more integration tests for notifications (#17845)
  * Render issue references in file table (#17897)
  * Improve seek-help documents (#17895)
  * Add hints for special Wiki pages (#17283)
  * Removed SizeFmt. (#17890)
  * Changelog for v1.15.7 (#17871) (#17889)
  * [skip ci] Updated translations via Crowdin
  * Add migrate from Codebase (#16768)
  * Update chi/middleware to chi/v5/middleware (#17888)
  * Use fmt.Sprintf correctly (#17886)
  * Added missing `data-` prefix. (#17884)
  * Check if column exist before rename if exist, just return with no error (#17870)
  * Refactor various strings (#17784)
  * fix 500 error while use a reserved name in org rename (#17878)
  * [skip ci] Updated translations via Crowdin
  * Use shadowing script for docker (#17846)
  * Improve install code to avoid low-level mistakes. (#17779)
  * [skip ci] Updated translations via Crowdin
  * Rework commit page header (#17849)
  * Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
  * Fix position of label color picker colors (#17866)
  * docs: modules do not rely on models, services do (#17861)
  * Refactor commit graph styling to use css variables (#17860)
  * [skip ci] Updated translations via Crowdin
  * Remove whitespace inside rendered code `<td>` (#17859)
  * Switch archive URL code back to href attributes (#17796)
  * Make Co-committed-by and co-authored-by trailers optional (#17848)
  * Fix various typos in docs (#17844)
  * Move more model into models/user (#17826)
  * Docs: replace `gitea` with `Gitea` (#17838)
  * Move accessmode into models/perm (#17828)
  * Disable ref selection dropdown if you don't have permissions to use it (#17837)
  * Fix value of User.IsRestricted to default setting when oauth2 user auto registration; (#17839)
  * Handle relative unix socket paths (#17836)
  * Fix code formating (#17830)
  * Replace regex usage for MIME parsing (#17831)
  * [skip ci] Updated translations via Crowdin
  * Implement Well-Known URL for password change (#17777)
  * Add archived label for code search results in archived repo's (#17817)
  * Fix database inconsistent when admin change user email (#17549)
  * [skip ci] Updated translations via Crowdin
  * org settings -> webhook/labels/deletion should also active the menu (#17809)
  * Fixed org styles. (#17807)
  * Fix org webchatwork webhook (#17810)
  * Detect dark theme via css variable (#17800)
  * Allow forks to org if you can create repos (#17783)
  * Use correct user on releases (#17806)
  * [skip ci] Updated translations via Crowdin
  * Create menus for organization pages (#17802)
  * Preserve color when inverting emojis (#17797)
  * Move user related model into models/user (#17781)
  * Use `*PushUpdateOptions` as receiver (#17724)
  * Move repofiles from modules/repofiles to services/repository/files (#17774)
  * Fix visibility of org avatars (#17789)
  * Use correct Sender on webhook change title (#17791)
  * [skip ci] Updated translations via Crowdin
  * Use new OneDev /milestones endpoint (#17782)
  * Fix keys test (#17776)
  * Add `PULL_LIMIT` and `PUSH_LIMIT` to cron.update_mirror task (#17568)
  * Improve ellipsis buttons (#17773)
  * Harden authorized keys a bit more (#17772)
  * Add copy Commit ID button in commits list (#17759)
  * Add documentation for backend development (#17512)
  * [skip ci] Updated translations via Crowdin
  * More pleasantly handle broken or missing git repositories (#17747)
  * Remove unnecessary attributes of User struct (#17745)
  * Support pagination of organizations on user settings pages (#16083)
  * Make `bind` error more readable (#17750)
  * Improvements to content history (#17746)
  * Fix project board bug and improve documents (#17753)
  * Fix navbar on project view (#17749)
  * Exclude from watching tests (#17744)
  * Add user settings key/value DB table (#16834)
  * Add new JS linter rules (#17699)
  * Use `f` variant to parse formatting (#17751)
  * [skip ci] Updated translations via Crowdin
  * Allow Loading of Diffs that are too large (#17739)
  * Remove NewSession method from db.Engine interface (#17577)
  * Fix close issue but time watcher still running (#17643)
  * [skip ci] Updated licenses and gitignores
  * Reset locale on login (#17734)
  * Extract constant names out for the ReverseProxy and Basic authentication methods (#17735)
  * Enable show more files in diff for git <2.31 (#17733)
  * Make a.add-code-comment click handler an event handler (#17737)
  * Use `hostmatcher` to replace `matchlist`, improve security (#17605)
  * Make SSL cipher suite configurable (#17440)
  * Fix correct usage of teams (#17732)
  * [skip ci] Updated translations via Crowdin
  * Better builtin avatar generator (#17707)
  * Add settings to allow different SMTP envelope from address (#17479)
  * Allow Token API calls be authorized using the reverse-proxy header (#15119)
  * Move attachment into models/repo/ (#17650)
  * Use a standalone struct name for Organization (#17632)
  * Prevent double sanitize (#16386)
  * Added comment for changing issue ref (#17672)
  * Remove unused `user` paramater (#17723)
  * Prepare and check test env during CI (#17725)
  * Fix bug when project board get open issue number (#17703)
  * perf: sent `data-path` once for each file (#17657)
  * Prevent deadlock in TestPersistableChannelQueue (#17717)
  * [skip ci] Updated translations via Crowdin
  * Move user/org deletion to services (#17673)
  * Refactor repo-legacy.js, remove messy global variables. Fix errors. (#17646)
  * Fix Migrate Description (#17692)
  * Add pagination to fork list (#17639)
  * Fix possible panic (#17694)
  * Simplify code for wrting SHA to name-rev (#17696)
  * Prevent NPE due to missing repo in regression in #17551 (#17697)
  * Move task from modules to services (#17680)
  * Move user functions into user.go (#17659)
  * Cleanup and use global style on popups (#17674)
  * Remove unnecessary variable assignments (#17695)
  * [skip ci] Updated translations via Crowdin
  * Fixed commit count. (#17698)
  * Add .gitattribute assisted language detection to blame, diff and render (#17590)
  * Return 400 but not 500 when request archive with wrong format (#17691)
  * Sanitize user-input on file name (#17666)
  * Move some functions into services/repository (#17677)
  * A better go code formatter, and now `make fmt` can run in Windows (#17684)
  * Fix bug when read mysql database max lifetime (#17682)
  * Move user follow and openid into models/user/ (#17613)
  * Enable bidichk (#17610)
  * fix migrations documents (#17679)
  * Update golangci-lint in Makefile (#17647)
  * Set unit test timeout to 20 minutes (#17664)
  * Update for reverse proxying static resources (#17670)
  * [skip ci] Updated translations via Crowdin
  * Allow admins to change user avatars (#17661)
  * Multiple Escaping Improvements (#17551)
  * Move migrations into services and base into modules/migration (#17663)
  * Move some functions into services/repository (#17660)
  * Remove superfluous argument (#17667)
  * Decouple unit test, remove intermediate `unittestbridge` package (#17662)
  * Add copy button to markdown code blocks (#17638)
  * Migrating wiki don't require token, so we should move it out of the require form (#17645)
  * Fix GitBucket icon (#17644)
  * Fix database deadlock when update issue labels (#17649)
  * [skip ci] Updated translations via Crowdin
  * Changed migration text. (#17654)
  * Fix nil checking on typed interface (#17598)
  * Remove unnecassary calls to `filepath.Join` (#17608)
  * Add download button for file viewer (#17640)
  * [skip ci] Updated translations via Crowdin
  * fix typo (#17614)
  * Add icon to vscode clone link (#17641)
  * Add migration from GitBucket (#16767)
  * Fix offBy1 errors (#17606)
  * perf: only generate data-comment-url once (#17618)
  * [skip ci] Updated licenses and gitignores
  * Correctly handle failed migrations (#17575)
  * Minor readability patch. (#17627)
  * Decouple unit test code from business code (#17623)
  * Fix some incorrect async functions, improve frontend document. (#17597)
  * unbind the CheckConsistency for some structs so that they can be moved to sub packages easier (#17612)
  * Move EmailAddress & UserRedirect into models/user/ (#17607)
  * Refactor commentTags functionality (#17558)
  * Remove `golint` as linter (#17609)
  * Update JS dependencies (#17611)
  * Move oauth2 error to oauth2 service package (#17603)
  * Fix 500 when a comment was deleted which has a notification (#17550)
  * Move webhook into models/webhook/ (#17579)
  * Added GetUserByIDCtx. (#17602)
  * [skip ci] Updated translations via Crowdin
  * Move unit into models/unit/ (#17576)
  * tune sqlite3 message (#17601)
  * Remove me from the maintainers (#17599)
  * Fix 500 when review pull request with anonymous (#17594)
  * Move merge-section to `> .content` (#17582)
  * Update `User` model comments about permissions (#17583)
  * Improve async/await usage, and sort init calls in `index.js` (#17386)
  * Use provided database Engine (#17595)
  * Fix bug on detect issue/comment writer (#17591)
  * Allow U2F 2FA without TOTP (#11573)
  * Fix stats upon searching issues (#17566)
  * Only allow returned deleted branche to be on repo (#17570)
  * Avoid double imports (#17569)
  * Remove appSubUrl from pasted images (#17572)
  * Fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16 (#17530)
  * Add @Gusted to maintainers filer (#17581)
  * Make ParsePatch more robust (#17573)
  * Fix bug on admin subcommand (#17533)
  * [skip ci] Updated translations via Crowdin
  * Fix ipv6 parsing for builtin ssh server (#17561)
  * Update locale_en-US.ini (#17553)
  * Escape issue titles in comments list (#17555)
  * Use correct defaultValue for stracktrace (#17552)
  * Fix zero created time bug on commit api (#17546)
  * [skip ci] Updated translations via Crowdin
  * Fix database keyword quote problem on migration v161 (#17522)
  * Hide label comments if labels were added and removed immediately (#17455)
  * Show correct "No" icon (#17537)
  * Use exec -a in the FHS compliant script (#17513)
  * Fix list for options under cli->user->admin->create (#17382)
  * hide note message for pull request template (#17529)
  * Simplify Gothic to use our session store instead of creating a different store (#17507)
  * Add QueryEscape to general funcmap (#17526)
  * fix email with + when active (#17518)
  * Make Repo Code Indexer an Unique Queue (#17515)
  * docs: add SSH passthrough instructions to with-docker-rootless (#17505) (#17508)
  * Only allow webhook to send requests to allowed hosts (#17482)
  * Stop double encoding blame commit messages (#17498)
  * [skip ci] Updated licenses and gitignores
  * Properly determine CSV delimiter (#17459)
  * Rename db Engines related functions (#17481)
  * Quote the table name in CountOrphanedObjects (#17487)
  * [skip ci] Updated translations via Crowdin
  * Run Migrate in Install rather than just SyncTables (#17475)
  * [skip ci] Updated translations via Crowdin
  * Update docs/config.yaml to 1.15.6 (#17472)
  * Move key forms before list and add cancel button (#17432)
  * Fix login redirection links (#17451)
  * Changelog 1.15.6 (#17457) (#17468)
  * Fix mispelling of starred as stared (#17465)
  * Ensure that restricted users can access repos for which they are members (#17460)
  * make commit-statuses popup can be shown correctly. (#17447)
  * Add integration tests for private.NoServCommand and private.ServCommand (#17456)
  * Add appearance section in settings (#17433)
  * Fix a UI error when folding a file content in a commit view (#17446)
  * Show client-side error if wiki page is empty (#17415)
  * Fixes #16559 - Do not trim leading spaces for tab delimited (#17442)
  * Fix docker rootless build (#17441)
  * Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
  * Upgrade go-github to v39 (#17437)
  * Prevent panic in serv.go with Deploy Keys (#17434)
  * chmod executables when copying to the docker (#17423)
  * Upgrade webpack to 5.59.1 to resolve the `waitFor` bug with `watch-frontend` (#17428)
  * fix markdown checkbox rendering (#17425)
  * In many cases user avatar link should be an absolute URL with http host (#17420)
  * Add API to get/edit wiki (#17278)
  * [skip ci] Updated translations via Crowdin
  * Fix CSV render error (#17406)
  * Read expected buffer size (#17409)
  * Add HAProxy Config to reverse-proxies.en-us.md (#17407)
  * [skip ci] Updated translations via Crowdin
  * Fix issue content history problems, improve UI (#17404)
  * Fix issue markdown bugs (#17411)
  * [skip ci] Updated translations via Crowdin
  * Remove deprecated `extendDefaultPlugins` method of svgo (#17399)
  * Frontport Changelog 1.15.5 (#17392) (#17401)
  * Fix context popup error (#17398)
  * Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
  * Stop sanitizing full name in API (#17396)
  * [skip ci] Updated translations via Crowdin
  * Re-separate the color translation strings (#17390)
  * Fix the click behavior for <tr> and <td> with [data-href] (#17388)
  * Refactor update checker to use AppState (#17387)
  * Fix SVG side by side comparison link (#17375)
  * Fix history count failure (#17351)
  * Sync gitea app path for git hooks and authorized keys when starting (#17335)
  * Handle broken references in mirror sync (#17013)
  * Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
  * Fix heatmap test (#17381)
  * [skip ci] Updated translations via Crowdin
  * Ensure correct SSH permissions check for private and restricted users (#17370)
  * Upgrade Bluemonday to v1.0.16 (#17372)
  * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281)
  * Prevent NPE in CSV diff rendering when column removed (#17018)
  * Use a variable but a function for IsProd because of a slight performance increment (#17368)
  *  "Copy branch name" button in pull request (#17323)
  * Rename .air.conf to .air.toml (#17360)
  * Re-allow clipboard copy on non-https sites (#17118)
  * Update JS dependencies (#17357)
  * Fix dashboard repolist alignment and repolisting (#17355)
  * [skip ci] Updated translations via Crowdin
  * Disable form autofill (#17291)
  * Allow mocking timeutil (#17354)
  * docs: add permission notes to `SSH Container Passthrough` (#17347)
  * api: integration test for nodeinfo (#17346)
  * [skip ci] Updated translations via Crowdin
  * Use go1.16+ way of installing binaries (#17342)
  * Fix some lints (#17337)
  * Move session to models/login (#17338)
  * Hide command line merge instructions when user can't push (#17339)
  * fix: repository summary on mobile (#17322)
  * Make the Mirror Queue a queue (#17326)
  * Ensure popup text is aligned left (#17327)
  * [skip ci] Updated translations via Crowdin
  * Fix the PR review form bug during frontend refactor (#17332)
  * Split `index.js` to separate files (#17315)
  * Add RSS/Atom feed support for user actions (#16002)
  * Add simple update checker to Gitea (#17212)
  * Update documents for Gitea behind reverse proxy. Fix some small bugs (some URLs are generated without sub-path) (#17320)
  * fix: issue close/comment buttons on mobile (#17317)
  * fix: code review comments on mobile (#17321)
  * [skip ci] Updated translations via Crowdin
  * Check for context exceeded in WalkGitLog (#17319)
  * Add buttons to allow loading of incomplete diffs (#16829)
  * Multiple tokens support for migrating from github (#17134)
  * Frontend refactor: move Vue related code from `index.js` to `components` dir, and remove unused codes. (#17301)
  * [skip ci] Updated translations via Crowdin
  * Show direct match on top for user search (#17303)
  * Don't panic if we fail to parse U2FRegistration data (#17304)
  * Upgrade chi to v5 (#17298)
  * [skip ci] Updated translations via Crowdin
  * Ensure that git daemon export ok is created for mirrors (#17243)
  * Disable core.protectNTFS (#17300)
  * Use pointer for wrappedConn methods (#17295)
  * Add user status filter to admin user management page (#16770)
  * [API] Add endpount to get user org permissions (#17232)
  * [skip ci] Updated translations via Crowdin
  * AutoRegistration is supposed to be working with disabled registration (#17219)
  * Open markdown image links in new window (#17287)
  * [skip ci] Updated translations via Crowdin
  * Save and view issue/comment content history (#16909)
  * [skip ci] Updated translations via Crowdin
  * [skip ci] Updated translations via Crowdin
  * changelog for 1.15.4 (frontport) (#17273)
  * Add a simple way to rename branch like gh (#15870)
  * Move add deploy key form before the list and add a cancel button (#17228)
  * Defer Last Commit Info (#16467)
  * Remove heads pointing to missing old refs (#17076)
  * Fix incorrect repository count on organization tab of dashboard (#17256)
  * Allow adding multiple issues to a project  (#17226)
  * Fix unwanted team review request deletion (#17257)
  * Handle duplicate keys on GPG key ring (#17242)
  * Fix broken Activities link in team dashboard (#17255)
  * Add protection to disable Gitea when run as root (#17168)
  * API pull's head/base have correct permission (#17214)
  * Fix problem when database ID is not incremented as expected (#17229)
  * fix navbar ui (#17235)
  * CI: migrate from 'plugins/s3:1' to 'woodpeckerci/plugin-s3:latest' (#17234)
  * Avatar refactor, move avatar code from `models` to `models.avatars`, remove duplicated code (#17123)
  * Remove Dashboard/Home button from the navbar (#16844)
  * Redirect on project after issue created (#17211)
  * Add metrics to get issues by repository (#17225)
  * Add specific event type to header (#17222)
  * Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223)
  * [skip ci] Updated translations via Crowdin
  * [skip ci] Updated translations via Crowdin
  * Add metrics to get issues by label (#17201)
  * Fix typo in app.example.ini (#17213)
  * API: don't allow merged PRs to be reopened (#17192)
  * Reference in new issue modal: dont pre-populate issue title (#17208)
  * Add option to copy line permalink (#17145)
  * Add projects and project boards in exposed metrics (#17202)
  * [skip ci] Updated translations via Crowdin
  * Always set a unique Message-ID header. (#17206)
  * [skip ci] Updated translations via Crowdin
  * Prevent NPE on invalid diff (#17197)
  * API: add html urls to notification subjects (#17178)
  * [skip ci] Updated translations via Crowdin
  * Fix missing repo link in issue/pull assigned emails (#17183)
  * Kanban colored boards (#16647)
  * upgrade xorm to v1.2.5 (#17177)
  * Fix wording in issue template (#17176)
  * [skip ci] Updated translations via Crowdin
  * Create pub/priv keypair for federation (#17071)
  * Fix bug of get context user (#17169)
  * Add delvh to MAINTAINERS (#17170)
  * [skip ci] Updated translations via Crowdin
  * Add nodeinfo endpoint for federation purposes (#16953)
  * Don't return binary file changes in raw PR diffs by default (#17158)
  * Nicely handle missing user in collaborations (#17049)
  * Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136)
  * Use light/dark theme based on system preference (#17051)
  * docs: explain where are settings for release files (#17161)
  * Support direct comparison (git diff a..b) as well merge comparison (a...b) (#16635)
  * Allow LDAP Sources to provide Avatars (#16851)
  * Add SkipLocal2FA option to pam and smtp sources (#17078)
  * [skip ci] Updated translations via Crowdin
  * Fix bundle creation (#17079)
  * Fix wrong i18n keys (#17150)
  * Move twofactor to models/login (#17143)
  * Force color-adjust for markdown checkboxes (#17146)
  * [skip ci] Updated translations via Crowdin
  * Prevent panic in Org mode HighlightCodeBlock (#17140)
  * Move login related structs and functions to models/login (#17093)
  * Unify issue and pr subtitles (#17133)
  * DBContext is just a Context (#17100)
  * Fix typo skipping a migration (#17130)
  * Fix commit status index problem (#17061)
  * Fix problem when database id is not increment as expected (#17124)
  * refactor: move from io/ioutil to io and os package (#17109)
  * update docs to 1.15.3
  * Changelog 1.15.3 (#17091) (#17113)
  * Merge endpoints for pull diff/patch (#17104)
  * Add Horizontal scrollbar to inner menu on Chrome (#17086)
  * Ignore Sync errors on pipes when doing `CheckAttributeReader.CheckPath`, fix the hang of `git cat-file` (#17096)
  * Add API to get commit diff/patch (#17095)
  * [skip ci] Updated translations via Crowdin
  * Move db related basic functions to models/db (#17075)
  * [skip ci] Updated licenses and gitignores
  * Open the DingTalk link in browser (#17084)
  * Add left padding for chunk header of split diff view (#13397)
  * Switch migration icon to svg (#15954)
  * Fixed issue where creating a reference of an issue would create a tag with the full name instead of the username if this is the default in the .ini file (#17074)
  * Render full plain readme. (#17083)
  * OpenAPI: correct documentation of issue listing parameters (#17060)
  * Add caller to cat-file batch calls (#17082)
  * [skip ci] Updated translations via Crowdin
  * Notifications API: respond with updated notifications (#17064)
  * Add minimum versions of databases to the docs (#17080)
  * Make LDAP be able to skip local 2FA (#16954)
  * [skip ci] Updated translations via Crowdin
  * Upgrade xorm to v1.2.4 (#17059) (#17068)
  * Clean-up HookPreReceive and restore functionality for pushing non-standard refs (#16705)
  * Issue template form (#16349)
  * Fix bug of migrate comments which only fetch one page (#17055)
  * Improve LDAP synchronization efficiency (#16994)
  * Do not show issue context popup on external issues (#17050)
  * Update template (#17043)
  * [skip ci] Updated translations via Crowdin
  * Add doctor dbconsistency check for release and attachment (#16978)
  * Add `AbsoluteListOptions` (#17028)
  * Decrement Fork Num when converting from Fork (#17035)
  * Correctly rollback in ForkRepository (#17034)
  * Always emit the configuration path (#17036)
  * Update go-chi/session (fixes "race" in tests) (#17031)
  * [skip ci] Updated translations via Crowdin
  * fixed create repo page layout (#17012)
  * Use common sessioner for API and Web (#17027)
  * Fix reset password email template (#17025)
  * Fix overflow label in mobile view (#17020)
  * [skip ci] Updated translations via Crowdin
  * Support unprotected file patterns (#16395)
  * [skip ci] Updated translations via Crowdin
  * Report the associated filter if there is an error in LDAP (#17014)
  * Add skip and limit to git.GetTags (#16897)
  * Add setting to OAuth handlers to skip local 2FA authentication (#16594)
  * Calculate label URL on API  (#16186)
  * Add "new issue" button on project (#17001)
  * Fix missing close in WalkGitLog (#17008)
  * Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
  * doc: Upgrade from an old Gitea (#16918)
  * Use filename as id/class prefix. (#16997)
  * Enable Malayalam, Greek, Persian, Hungarian & Indonesian by default (#16998)
  * [skip ci] Updated translations via Crowdin
  * Return correct error response for agit force-push (#16989)
  * Fix bug of migrated repository not index (#16991)
  * Changes for German language (#16985)
  * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988)
  * Add repo_id for attachment (#16958)
  * Make TestOneDevDownloadRepo work again & more resistant (#16987)
  * Disable Fomantic's CSS tooltips (#16974)
  * Make mirror feature more configurable (#16957)
  * [skip ci] Updated translations via Crowdin
  * Add Cache-Control to avatar redirects (#16973)
  * Resolve TODO: Enable pagination on GiteaDownloader.GetComments() & update another TODO (#16963)
  * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971)
  * Add missing icon set for `ActionRenameRepo` (#16972)
  * Prevent panic on diff generation (#16950)
  * Ensure that rebase conflicts are handled in updates (#16952)
  * Fix issue with issue default mail template (#16956)
  * [skip ci] Updated translations via Crowdin
  * update docs to 1.15.2
  * Changelog 1.15.2 (#16940) (#16944)
  * Doc: Mail-Tempales: Fix AppUrl function name (#16939)
  * Close storage objects before cleaning (#16934)
  * Use immediate queues in integration tests and ensure that immediate (#16927)
  * [skip ci] Updated translations via Crowdin
  * Changelog for 1.14.7 (#16924) (#16928)
  * Changelog 1.15.1 (#16925) (#16929)
  * Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916)
  * Prevent leave changes dialogs due to autofill fields (#16912)
  * [skip ci] Updated translations via Crowdin
  * Fix wrong attachment removal (#16915)
  * Ensure that the testlogger has its final test removal safely (#16907)
  * Ignore review comment when ref commit is missed (#16905)
  * Gitlab Migrator: dont ignore reactions of last request (#16903)
  * Correctly return the number of Repositories for Organizations (#16807)
  * Workaround coverage bug part 2 (#16906)
  * Add option to update pull request by `rebase` (#16125)
  * Test if LFS object is accessible (#16865)
  * Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899)
  * Repare and Improve GetDiffRangeWithWhitespaceBehavior (#16894)
  * Remove ParseQueueConnStr as it is unused (#16878)
  * Fix wiki raw commit diff/patch view (#16891)
  * Fix dump and restore respository (#16698)
  * Prevent coverage break (#16887)
  * Fix report card link (#16885)
  * Ensure wiki repos are all closed (#16886)
  * [API] List limited and private orgs if authentificated (#16866)
  * Timeout on flush in testing (#16864)
  * [skip ci] Updated translations via Crowdin
  * Remove unused Fomantic sidebar module (#16853)
  * update theme doc (#16860)
  * Paginate releases page & set default page size to 10 (#16857)
  * Simplify split diff view generation and remove JS dependency (#16775)
  * Add GoLand configuration in hacking on gitea (#16843)
  * CI: rm unit-test-race step since its now coverd by unit-test too (#16856)
  * [skip ci] Updated translations via Crowdin
  * In Render tolerate not being passed a context (#16842)
  * Ensure that the default visibility is set on the user create page (#16845)
  * Refactor the fork service slightly to take ForkRepoOptions (#16744)
  * Add test to ensure that dumping of login sources remains correct (#16847)
  * Decoupled code from DefaultSigningKey (#16743)
  * Prevent "Race" detected in TestAdmin*User (#16830)
  * Add modals to Organization and Team remove/leave (#16471)
  * [skip ci] Updated translations via Crowdin
  * Enable race detector for CI (#1441)
  * [skip ci] Updated translations via Crowdin
  * Report the correct number of pushes on the feeds (#16811)
  * Add EdDSA JWT signing algorithm (#16786)
  * Actually compute proper foreground color for labels (#16729)
  * Unify migration descriptions (#16781)
  * Use a common quote to instead of check database type (#16817)
  * Add primary_key to issue_index (#16813)
  * Prevent NPE on empty commit (#16812)
  * Fix branch pagination error (#16805)
  * Add information for migrate failure (#16803)
  * Add bundle download for repository (#14538)
  * [skip ci] Updated translations via Crowdin
  * Add missing return to handleSettingRemoteAddrError (#16794)
  * Update caddyserver/certmagic (#16789)
  * Just use a slice when rendering file (#16774)
  * Ensure that template compilation panics are sent to the logs (#16788)
  * [skip ci] Updated translations via Crowdin
  * frontport: 1.15.0 changelog (#16772)
  * Alter issue/comment table TEXT fields to LONGTEXT (#16765)
  * Fix openidConnect source regression from #16544 (#16759)
  * [skip ci] Updated licenses and gitignores
  * Add migrate from OneDev (#16356)
  * Upgrade go.mod go version to 1.16 (#16764)
  * Download lfs in git and web workflow from minio/s3 directly (#16731)
  * when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates (#16762)
  * Added introspection endpoint. (#16752)
  * Fix dependency link rendering in PR sidebar (#16754)
  * Fix dependency translations (#16753)
  * Keep attachments on tasklist update (#16750)
  * Do not use thin scrollbars on Firefox (#16738)
  * Return nil proxy function if proxy not enabled (#16742)
  * Fix wrong user in OpenID response (#16736)
  * Recreate Tables should Recreate indexes on MySQL (#16718)
  * Add edit button to wiki sidebar and footer (#16719)
  * Fix migration svg color (#16715)
  * Add proxy settings and support for migration and webhook (#16704)
  * Refactored and fixed migration tests. (#16714)
  * [skip ci] Updated translations via Crowdin
  * Add API Token Cache (#16547)
  * build with go1.17 (#16707)
  * Use github token URL when fetching oauth token (#16709)
  * Update JS dependencies (#16708)
  * [skip ci] Updated translations via Crowdin
  * [skip ci] Updated translations via Crowdin
  * Upgrade levelqueue 0.4.1 (#16696)
  * [skip ci] Updated translations via Crowdin
  * Improve resource string (#16691)
  *  Fix spelling of HookProcReceiveResult (#16690)
  * [skip ci] Updated translations via Crowdin
  * Ensure empty lines are copiable and final new line too (#16678)
  * Add filter by owner and team to issue/pulls search endpoint (#16662)
  * Update issue_index to finish migration (#16685)
  * [skip ci] Updated translations via Crowdin
  * Upgrade xorm to v1.2.2 (#16663)
  * Fix NPE in fuzzer (#16680)
  * [API] generalize list header (#16551)
  * Add link to vscode to repo header (#16664)
  * Send registration email on user autoregistration (#16523)
  * Improve SMTP authentication and Fix user creation bugs  (#16612)
  * Related refactors to ctx.FormX functions (#16567)
  * Add an api endpoint to fetch git notes (#15373) (#16649)
  * Rename ctx.Form() to ctx.FormString() and move code into own file (#16571)
  * [skip ci] Updated translations via Crowdin
  * Upgrade github.com/google/go-github v32.1.0 -> v37.0.0 (#16661)
  * Replace `list.List` with slices (#16311)
  * Change the implementation of the go-git version of GetNote to mirror the non go-git version when passed a non-existent commit (#16658)
  * [skip ci] Updated translations via Crowdin
  * Add Version info to migrations.go (#16653)
  * Restore compatibility with SQLServer 2008 R2 in migrations (#16627)
  * [skip ci] Updated translations via Crowdin
  * Changelog for 1.15.0-rc3 (#16621) (#16645)
  * Separate open and closed issue in metrics (#16637)
  * Add note about build-time flags for PAM support (#16641)
  * [skip ci] Updated translations via Crowdin
  * Allow setting X-FRAME-OPTIONS (#16643)
  * Prevent 500 on draft releases without tag (#16634)
  * Add microsoft oauth2 providers (#16544)
  * [skip ci] Updated translations via Crowdin
  * Frontport changelog for v1.14.6 (#16632)
  * Restore Accessibility for Dropdown (#16576)
  * Fixes #16557 - duplicate csv import (#16631)
  * Update node tar dependency to 6.1.6 (#16622)
  * Switch back to node 16 (#16624)
  * Set AllowedHeaders on API CORS handler (#16524)
  * Pass down SignedUserName down to AccessLogger context (#16605)
  * [skip ci] Updated translations via Crowdin
  * Upgrade to golang-jwt 3.2.2 (#16590)
  * Clarify where server.LFS_CONTENT_PATH was moved to (#16601)
  * Make PR merge options more intuitive (#5863) (#16582)
  * Fix table alignment in markdown (#16596)
  * [CI] Use node v14 instead of node v16 untill it will pass again (#16595)
  * [skip ci] Updated translations via Crowdin
  * Swagger AccessToken fixes (#16574)
  * Fix 500 on first wiki page (#16586)
  * Fix swagger doc by rename repoAddTopíc to repoAddTopic (#16580)
  * Use node:16.5 for frontend  instead of node:16 (#16591)
  * [skip ci] Updated translations via Crowdin
  * [skip ci] Updated translations via Crowdin
  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564)
  * Pre-fill suggested New File 'name' and 'content' with Query Params (#16556)
  * Show correct text when comparing commits on empty pull request (#16569)
  * Rename context.Query to context.Form (#16562)
  * Add agit flow support in gitea (#14295)
  * Upgrade levelqueue to v0.4.0 (#16560)
  * [skip ci] Updated translations via Crowdin
  * not show private user's repo in explore view (#16550)
  * Fix session bugs (#16552)
  * [skip ci] Updated translations via Crowdin
  * Fix add authentication page (#16543)
  * Handle too long PR titles correctly (#16517)
  * [skip ci] Updated licenses and gitignores
  * bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538)
  * Add an abstract json layout to make it's easier to change json library (#16528)
  * Add Linode as an installation option in docs (#16529)
  * Add snap to docs (#16530)
  * switch to maintained lib (#16532)
  * Refactor: Move login out of models (#16199)
  * Make Mermaid.js limit configurable (#16519)
  * [skip ci] Updated translations via Crowdin
  * Fix issue pasted image missing if no release permission (#16520)
  * Fix typo (#16522)
  * Add support for corporate WeChat webhooks (#15910)
  * [skip ci] Updated translations via Crowdin
  * Changelog for 1.15.0-rc2 (#16511) (#16515)
  * Restore creation of git-daemon-export-ok files (#16508)
  * [skip ci] Updated translations via Crowdin
  * update `user/repos` api description (#16503)
  * Restore CORS on git smart http protocol (#16496)
  * Fix race in log (#16490)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479)
  * Add TestPrepareWikiFileName (#16487)
  * Add basic edit ldap auth test & actually fix #16252 (#16465)
  * Add fluid to ui container class to remove margin (#16396)
  * fix: support delete non-urlencoded wiki page (#16482)
  * [skip ci] Updated translations via Crowdin
  * Fix data race in bleve indexer (#16474)
  * docs: fix various typos and translate to french (#16477)
  * modules/markup/markdown: fix dropped test error (#16438)
  * [skip ci] Updated translations via Crowdin
  * Improve 2FA autofill (#16473)
  * show tag name on dashboard items list (#16466)
  * CI: Add unit-test-race (#16470)
  * Prevent race in TestPersistableChannelQueue (#16468)
  * Update notification table with only latest data (#16445)
  * Retry rename on lock induced failures (re-fix) (#16461)
  * Frontport v1.14.5 (#16454)
  * Extend the fail2ban instructions with a hint on how to make X-Real-IP… (#16446)
  * revert to use alpine 3.13 (#16451)
  * Fix crash following ldap authentication update (#16447)
  * [skip ci] Updated translations via Crowdin
  * cleanup code `issueFullPattern` in modules/markup (#16419)
  * Update documentation to reflect #15219 (#16442)
  * add configuration option to restrict users by default (#16256)
  * Check user instead of organization when creating a repo from a template via API (#16346)
  * microbadger is no more, rm from readme (#16440)
  * Change @every 24h default schedules to @midnight (#16431)

-------------------------------------------------------------------
Sun Jan 30 17:36:15 UTC 2022 - ecsos <ecsos@opensuse.org>

- Update to 1.15.11
  * SECURITY
    - Only view milestones from current repo (#18414) (#18418)
  * BUGFIXES
    - Fix broken when no commits and default branch is not master (#18422) (#18424)
    - Fix commit's time (#18375) (#18409)
    - Fix restore without topic failure (#18387) (#18401)
    - Fix mermaid import in 1.15 (it uses ESModule now) (#18382)
    - Update to go/text 0.3.7 (#18336)
  * MISC
    - Upgrade EasyMDE to 2.16.1 (#18278) (#18279)

-------------------------------------------------------------------
Fri Jan 14 21:01:38 UTC 2022 - Michael Ströder <michael@stroeder.com>

- Update to 1.15.10
  * BUGFIXES
    - Fix inconsistent PR comment counts (#18260) (#18261)
    - Fix release link broken (#18252) (#18253)
    - Fix update user from site administration page bug (#18250) (#18251)
    - Set HeadCommit when creating tags (#18116) (#18173)
    - Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
    - Fix purple color in suggested label colors (#18241) (#18242)
  * SECURITY
    - Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

-------------------------------------------------------------------
Thu Dec 30 21:21:05 UTC 2021 - Michael Ströder <michael@stroeder.com>

- Update to 1.15.9
  * BUGFIXES
    - Fix wrong redirect on org labels (#18128) (#18134)
    - Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
    - Revert "Fix delete u2f keys bug (#18042)" (#18107)
    - Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
    - Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
    - Reset locale on login (#17734) (#18100)
    - Correctly handle failed migrations (#17575) (#18099)
    - Instead of using routerCtx just escape the url before routing (#18086) (#18098)
    - Quote references to the user table in consistency checks (#18072) (#18073)
    - Add NotFound handler (#18062) (#18067)
    - Ensure that git repository is closed before transfer (#18049) (#18057)
    - Use common sessioner for API and web routes (#18114)
  * TRANSLATION
    - Fix code search result hint on zh-CN (#18053)

-------------------------------------------------------------------
Tue Dec 21 07:29:03 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.8
  * BUGFIXES
    - Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
    - Fix delete u2f keys bug (#18040) (#18042)
    - Reset Session ID on login (#18018) (#18041)
    - Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
    - Stop printing 03d after escaped characters in logs (#18030) (#18034)
    - Reset locale on login (#18023) (#18025)
    - Fix reset password email template (#17025) (#18022)
    - Fix outType on gitea dump (#18000) (#18016)
    - Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
    - Fix rename notification bug (#18011)
    - Prevent double decoding of % in url params (#17997) (#18001)
    - Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
    - Prevent deadlock in create issue (#17970) (#17982)
  * TESTING
    - Use non-expiring key. (#17984) (#17985)

-------------------------------------------------------------------
Fri Dec  3 11:10:45 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.7
  * ENHANCEMENTS
    - Only allow webhook to send requests to allowed hosts (#17482) (#17510)
    - Fix login redirection links (#17451) (#17473)
  * BUGFIXES
    - Fix database inconsistent when admin change user email (#17549) (#17840)
    - Use correct user on releases (#17806) (#17818)
    - Fix commit count in tag view (#17698) (#17790)
    - Fix close issue but time watcher still running (#17643) (#17761)
    - Fix Migrate Description (#17692) (#17727)
    - Fix bug when project board get open issue number (#17703) (#17726)
    - Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
    - Fix bug when read mysql database max lifetime (#17682) (#17690)
    - Fix database deadlock when update issue labels (#17649) (#17665)
    - Fix bug on detect issue/comment writer (#17592)
    - Remove appSubUrl from pasted images (#17572) (#17588)
    - Make ParsePatch more robust (#17573) (#17580)
    - Fix stats upon searching issues (#17566) (#17578)
    - Escape issue titles in comments list (#17555) (#17556)
    - Fix zero created time bug on commit api (#17546) (#17547)
    - Fix database keyword quote problem on migration v161 (#17522) (#17523)
    - Fix email with + when active (#17518) (#17520)
    - Stop double encoding blame commit messages (#17498) (#17500)
    - Quote the table name in CountOrphanedObjects (#17487) (#17488)
    - Run Migrate in Install rather than just SyncTables (#17475) (#17486)
  * BUILD
    - Fix golangci-lint warnings (#17598 et al) (#17668)
  * MISC
    - Preserve color when inverting emojis (#17797) (#17799)

-------------------------------------------------------------------
Thu Oct 28 15:26:46 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.6 
  * BUGFIXES
    - Prevent panic in serv.go with Deploy Keys (#17434) (#17435)
    - Fix CSV render error (#17406) (#17431)
    - Read expected buffer size (#17409) (#17430)
    - Ensure that restricted users can access repos for which they are members (#17460) (#17464)
    - Make commit-statuses popup show correctly (#17447) (#17466)
  * TESTING
    - Add integration tests for private.NoServCommand and private.ServCommand (#17456) (#17463)

-------------------------------------------------------------------
Wed Oct 27 08:58:31 UTC 2021 - ecsos <ecsos@opensuse.org>

- Fix wrong nodejs dependencies for Tumbleweed.

-------------------------------------------------------------------
Fri Oct 22 05:34:05 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.5
  * SECURITY
    - Upgrade Bluemonday to v1.0.16 (#17372) (#17374)
    - Ensure correct SSH permissions check for private and restricted users (#17370) (#17373)
  * BUGFIXES
    - Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)
    - Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)
    - Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)
    - Ensure popup text is aligned left (backport for 1.15) (#17343)
    - Ensure that git daemon export ok is created for mirrors (#17243) (#17306)
    - Disable core.protectNTFS (#17300) (#17302)
    - Use pointer for wrappedConn methods (#17295) (#17296)
    - AutoRegistration is supposed to be working with disabled registration (backport) (#17292)
    - Handle duplicate keys on GPG key ring (#17242) (#17284)
    - Fix SVG side by side comparison link (#17375) (#17391)
- Add gitea-nodejs_package.json.patch to install eslint-module-utils version < 2.7.0.
  With newest version gitea will not build.

-------------------------------------------------------------------
Sat Oct  9 07:59:53 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.4
  * BUGFIXES
    - Raw file API: don't try to interpret 40char filenames as commit SHA (#17185) (#17272)
    - Don't allow merged PRs to be reopened (#17192) (#17271)
    - Fix incorrect repository count on organization tab of dashboard (#17256) (#17266)
    - Fix unwanted team review request deletion (#17257) (#17264)
    - Fix broken Activities link in team dashboard (#17255) (#17258)
    - API pull's head/base have correct permission(#17214) (#17245)
    - Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227)
    - Upgrade xorm to v1.2.5 (#17177) (#17188)
    - Fix missing repo link in issue/pull assigned emails (#17183) (#17184)
    - Fix bug of get context user (#17169) (#17172)
    - Nicely handle missing user in collaborations (#17049) (#17166)
    - Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)
    - Fix wrong i18n keys (#17150) (#17153)
    - Fix Archive Creation: correct transaction ending (#17151)
    - Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)
    - Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137)
  * ENHANCEMENT
    - Check user instead of organization when creating a repo from a template via API (#16346) (#17195)
  * TRANSLATION
    - v1.15 fix Sprintf format 'verbs' in locale files (#17187)

-------------------------------------------------------------------
Wed Sep 22 05:08:26 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.3
  * ENHANCEMENTS
    - Add fluid to ui container class to remove margin (#16396) (#16976)
    - Add caller to cat-file batch calls (#17082) (#17089)
  * BUGFIXES
    - Render full plain readme. (#17083) (#17090)
    - Upgrade xorm to v1.2.4 (#17059)
    - Fix bug of migrate comments which only fetch one page (#17055) (#17058)
    - Do not show issue context popup on external issues (#17050) (#17054)
    - Decrement Fork Num when converting from Fork (#17035) (#17046)
    - Correctly rollback in ForkRepository (#17034) (#17045)
    - Fix missing close in WalkGitLog (#17008) (#17009)
    - Add prefix to SVG id/class attributes (#16997) (#17000)
    - Fix bug of migrated repository not index (#16991) (#16996)
    - Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990)
    - Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977)
    - Fix issue with issue default mail template (#16956) (#16975)
    - Ensure that rebase conflicts are handled in updates (#16952) (#16960)
    - Prevent panic on diff generation (#16950) (#16951)

-------------------------------------------------------------------
Fri Sep  3 13:30:00 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.2
  * BUGFIXES
    - Add unique constraint back into issue_index (#16938)
    - Close storage objects before cleaning (#16934) (#16942)

-------------------------------------------------------------------
Fri Sep  3 05:48:01 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.1
  * BUGFIXES
    - Allow BASIC authentication access to /:owner/:repo/releases/download/* (#16916) (#16923)
    - Prevent leave changes dialogs due to autofill fields (#16912) (#16920)
    - Ignore review comment when ref commit is missed (#16905) (#16919)
    - Fix wrong attachment removal (#16915) (#16917)
    - Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)
    - Correctly return the number of Repositories for Organizations (#16807) (#16911)
    - Test if LFS object is accessible (#16865) (#16904)
    - Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) (#16900)
    - Fix dump and restore respository (#16698) (#16898)
    - Repair and Improve GetDiffRangeWithWhitespaceBehavior (#16894) (#16895)
    - Fix wiki raw commit diff/patch view (#16891) (#16892)
    - Ensure wiki repos are all closed (#16886) (#16888)
    - List limited and private orgs if authenticated on API (#16866) (#16879)
    - Simplify split diff view generation and remove JS dependency (#16775) (#16863)
    - Ensure that the default visibility is set on the user create page (#16845) (#16862)
    - In Render tolerate not being passed a context (#16842) (#16858)
    - Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)
    - Report the correct number of pushes on the feeds (#16811) (#16822)
    - Add primary_key to issue_index (#16813) (#16820)
    - Prevent NPE on empty commit (#16812) (#16819)
    - Fix branch pagination error (#16805) (#16816)
    - Add missing return to handleSettingRemoteAddrError (#16794) (#16795)
    - Remove spurious / from issues.opened_by (#16793)
    - Ensure that template compilation panics are sent to the logs (#16788) (#16792)
    - Update caddyserver/certmagic (#16789) (#16790)

-------------------------------------------------------------------
Sun Aug 29 10:38:44 UTC 2021 - ecsos <ecsos@opensuse.org>

- Add missing docs.

-------------------------------------------------------------------
Tue Aug 24 10:29:41 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.15.0
  * BREAKING
    - Make app.ini permissions more restrictive (#16266)
    - Refactor Webhook + Add X-Hub-Signature (#16176)
    - Add asymmetric JWT signing (#16010)
    - Clean-up the settings hierarchy for issue_indexer queue (#16001)
    - Change default queue settings to be low go-routines (#15964)
    - Improve assets handler middleware (#15961)
    - Rename StaticUrlPrefix to AssetUrlPrefix (#15779)
    - Use a generic markup class to display externally rendered files and diffs (#15735)
    - Add frontend testing, require node 12 (#15315)
    - Move (custom) assets into subpath /assets (#15219)
    - Use level config in log section when sub log section not set level (#15176)
    - Links in markdown should be absolute to the repository not the server (#15088)
    - Upgrade to the latest version of golang-jwt (#16590) (#16606)
    - Set minimum supported version of go to 1.16 (#16710)
  * SECURITY
    - Encrypt LDAP bind password in db with SECRET_KEY (#15547)
    - Remove random password in Dockerfiles (#15362)
    - Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
    - Correctly create of git-daemon-export-ok files (#16508) (#16514)
    - Don't show private user's repo in explore view (#16550) (#16554)
    - Update node tar dependency to 6.1.6 (#16622) (#16623)
  * FEATURES
    - Update Go-Git to take advantage of LargeObjectThreshold (#16316)
    - Support custom mime type mapping for text files (#16304)
    - Link to previous blames in file blame page (#16259)
    - Add LRU mem cache implementation (#16226)
    - Localize Email Templates (#16200)
    - Make command in authorized keys a template (#16003)
    - Add possibility to make branch in branch page (#15960)
    - Add email headers (#15939)
    - Make tasklist checkboxes clickable (#15791)
    - Add selecting tags on the compare page (#15723)
    - Add cron job to delete old actions from database (#15688)
    - On open repository open common cat file batch and batch-check (#15667)
    - Add tag protection (#15629)
    - Add push to remote mirror repository (#15157)
    - Add Image Diff for SVG files (#14867)
    - Add dashboard milestone search and repo milestone search by name. (#14866)
    - Add LFS Migration and Mirror (#14726)
    - Improve notifications for WIP draft PR's (#14663)
    - Disable Stars config option (#14653)
    - GPG Key Ownership verification with Signed Token (#14054)
    - OAuth2 auto-register (#5123)
  * API
    - Return updated repository when changing repository using API (#16420)
    - Let branch/tag name be a valid ref to get CI status (#16400)
    - Add endpoint to get commits of PR (#16300)
    - Allow COMMENT reviews to not specify a body (#16229)
    - Add subject-type filter to list notification API endpoints (#16177)
    - ListReleases add filter for draft and pre-releases (#16175)
    - ListIssues add more filters (#16174)
    - Issue Search Add filter for MilestoneNames (#16173)
    - GET / SET User Settings (#16169)
    - Expose repo.GetReviewers() & repo.GetAssignees() (#16168)
    - User expose counters (#16167)
    - Add repoGetTag (#16166)
    - Add repoCreateTag (#16165)
    - Creating a repo from a template repo via API (#15958)
    - Add Active and ProhibitLogin to API (#15689)
    - Add Location, Website and Description to API (#15675)
    - Expose resolver via API (#15167)
    - Swagger AccessToken fixes (#16574) (#16597)
    - Set AllowedHeaders on API CORS handler (#16524) (#16618)
  * ENHANCEMENTS
    - Support HTTP/2 in Let's Encrypt (#16371)
    - Introduce NotifySubjectType (#16320)
    - Add forge emojies (#16296)
    - Implemented head_commit for webhooks (#16282)
    - Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)
    - Add previous/next buttons to review comments (#16273)
    - Review comments: break-word for long file names (#16272)
    - Add configuration to restrict allowed user visibility modes (#16271)
    - Add scroll-margin-top to account for sticky header (#16269)
    - Add --quiet and --verbose to gitea web to control initial logging (#16260)
    - Use gitea logging module for git module (#16243)
    - Add tests for all webhooks (#16214)
    - Add button to delete undeleted repositories from failed migrations (#16197)
    - Speed up git diff highlight generation (#16180)
    - Add OpenID claims "profile" and "email". (#16141)
    - Reintroduce squash merge default comment as a config setting (#16134)
    - Add sanitizer rules per renderer (#16110)
    - Improve performance of dashboard list orgs (#16099)
    - Refactor assert statements in tests (#16089)
    - Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
    - Remove unnecessary goroutine (#16080)
    - Add attachments for PR reviews (#16075)
    - Make the github migration less rate limit waiting to get comment per page from repository but not per issue (#16070)
    - Add Visible modes function from Organisation to Users too (#16069)
    - Add checkbox to delete pull branch after successful merge (#16049)
    - Make commit info cancelable (#16032)
    - Make modules/context.Context a context.Context (#16031)
    - Unified custom config creation (#16012)
    - Make sshd_config more flexible regarding connections (#16009)
    - Append to existing trailers in generated squash commit message (#15980)
    - Always store primary email address into email_address table and also the state (#15956)
    - Load issue/PR context popup data only when needed (#15955)
    - Remove remaining fontawesome usage in templates (#15952)
    - Remove fomantic accordion module (#15951)
    - Small refactoring of modules/private (#15947)
    - Double the avatar size factor (#15941)
    - Add curl to rootless docker image (#15908)
    - Replace clipboard.js with async clipboard api (#15899)
    - Allow custom highlight mapping beyond file extensions (#15808)
    - Add trace logging to SSO methods (#15803)
    - Refactor routers directory (#15800)
    - Allow only internal registration (#15795)
    - Add a new internal hook to save ssh log (#15787)
    - Respect default merge message syntax when parsing item references (#15772)
    - OAuth2 login: Set account link to "login" as default behavior (#15768)
    - Use single shared random string generation function (#15741)
    - Hold the event source when there are no listeners (#15725)
    - Code comments improvements (#15722)
    - Provide OIDC compliant user info endpoint (#15721)
    - Fix webkit calendar icon color on arc-green (#15713)
    - Improve Light Chroma style (#15699)
    - Only use boost workers for leveldb shadow queues (#15696)
    - Add compare tag dropdown to releases page (#15695)
    - Add caret styling CSS (#15651)
    - Remove x-ua-compatible meta tag (#15640)
    - Refactor of link creation (#15619)
    - Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599)
    - Rewrite of the LFS server (#15523)
    - Display more repository type on admin repository management (#15440)
    - Remove usage of some JS globals (#15378)
    - SHA in merged commit comment should be rendered ui sha (#15376)
    - Add well-known config for OIDC (#15355)
    - Use route rather than use thus reducing the number of stack frames (#15301)
    - Code Formats, Nits & Unused Func/Var deletions (#15286)
    - Let package git depend on setting but not opposite (#15241)
    - Fixed sanitize errors (#15240)
    - response simple text message for not html request when 404 (#15229)
    - Remove file-loader dependency (#15196)
    - Refactor renders (#15175)
    - Add mimetype mapping settings (#15133)
    - Add Status Updates whilst Gitea migrations are occurring (#15076)
    - Reload locales in initialisation if needed by utilizing i18n.Reset (#15073)
    - Counterwork seemingly unclickable repo button labels (#15064)
    - Add DefaultMergeStyle option to repository (#14789)
    - Added support for gopher URLs. (#14749)
    - Rework repository archive (#14723)
    - Add links to toggle WIP status (#14677)
    - Add Tabular Diff for CSV files (#14661)
    - Use milestone deadline when sorting issues (#14551)
  * BUGFIXES
    - Fix invalid params and typo of email templates (#16394)
    - Fix activation of primary email addresses (#16385)
    - Fix calculation for finalPage in repo-search component (#16382)
    - Specify user in rootless container numerically (#16361)
    - Detect encoding changes while parsing diff (#16330)
    - Fix U2F error reasons always hidden (#16327)
    - Prevent zombie processes (#16314)
    - Escape reference to user table in models.SearchEmails (#16313)
    - Fix default push instructions on empty repos (#16302)
    - Fix modified files list in webhooks when there is a space (#16288)
    - Fix webhook commits wrong hash on HEAD reset (#16283)
    - Fuzzer finds an NPE due to incorrect URLPrefix (#16249)
    - Don't WARN log UserNotExist errors on ExternalUserLogin failure (#16238)
    - Do not show No match found for tribute (#16231)
    - Fix "Copy Link" for pull requests (#16230)
    - Fix diff expansion is missing final line in a file (#16222)
    - Fix private repo permission problem (#16142)
    - Fix not able to update local created non-urlencoded wiki pages (#16139)
    - More efficiently parse shas for shaPostProcessor (#16101)
    - Fix doctor --run check-db-consistency --fix with label fix (#16094)
    - Prevent webhook action buttons from shifting (#16087)
    - Change default TMPDIR path in rootless containers (#16077)
    - Fix typo and add TODO notice (#16064)
    - Use git log name-status in get last commit (#16059)
    - Fix 500 Error with branch and tag sharing the same name (#16040)
    - Fix get tag when migration (#16014)
    - Add custom emoji support (#16004)
    - Use filepath.ToSlash and Join in indexer defaults and queues (#15971)
    - Add permission check for GenerateRepository (#15946)
    - Ensure settings for Service and Mailer are read on the install page (#15943)
    - Fix layout of milestone view (#15927)
    - Unregister non-matching serviceworkers (#15834)
    - Multiple Queue improvements: LevelDB Wait on empty, shutdown empty shadow level queue, reduce goroutines etc (#15693)
    - Attachment support repository route (#15580)
    - Fix missing icons and colorpicker when mounted on suburl (#15501)
    - Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username (#15304)
    - Prevent double-login for Git HTTP and LFS and simplify login (#15303)
    - Resolve Object { type: "error", data: undefined } in stopwatch.js (#15278)
    - Fix heatmap activity (#15252)
    - Remove vendored copy of fomantic-dropdown (#15193)
    - Update repository size on cron gc task (#15177)
    - Add NeedPostProcess for Parser interface to improve performance of csv parser and some external parser (#15153)
    - Add code block highlight to orgmode back (#14222)
    - Remove User.GetOrganizations() (#14032)
    - Restore Accessibility for Dropdown (#16576) (#16617)
    - Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
    - Fix table alignment in markdown (#16596) (#16602)
    - Fix 500 on first wiki page (#16586) (#16598)
    - Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
    - Upgrade levelqueue to v0.4.0 (#16560) (#16561)
    - Handle too long PR titles correctly (#16517) (#16549)
    - Fix data race in bleve indexer (#16474) (#16509)
    - Restore CORS on git smart http protocol (#16496) (#16506)
    - Fix race in log (#16490) (#16505)
    - Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
    - Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
    - Update notification table with only latest data (#16445) (#16469)
    - Fix crash following ldap authentication update (#16447) (#16448)
    - Fix direct creation of external users on admin page (partial #16612) (#16613)
    - Prevent 500 on draft releases without tag (#16634) (#16636)
    - Restore creation of git-daemon-export-ok files (#16508) (#16514)
    - Fix data race in bleve indexer (#16474) (#16509)
    - Restore CORS on git smart http protocol (#16496) (#16506)
    - Fix race in log (#16490) (#16505)
    - Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
    - Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
    - Update notification table with only latest data (#16445) (#16469)
    - Fix crash following ldap authentication update (#16447) (#16448)
    - Restore compatibility with SQLServer 2008 R2 in migrations (#16638)
    - Fix direct creation of external users on admin page (#16613)
    - Fix go-git implementation of GetNote when passed a non-existent commit (#16658) (#16659)
    - Fix NPE in fuzzer (#16680) (#16682)
    - Set issue_index when finishing migration (#16685) (#16687)
    - Skip patch download when no patch file exists (#16356) (#16681)
    - Ensure empty lines are copiable and final new line too (#16678) (#16692)
    - Fix wrong user in OpenID response (#16736) (#16741)
    - Do not use thin scrollbars on Firefox (#16738) (#16745)
    - Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)
    - Keep attachments on tasklist update (#16750) (#16757)
  * TESTING
    - Bump postgres and mysql versions (#15710)
    - Add tests for clone from wiki (#15513)
    - Fix Benchmark tests, remove a broken one & add two new (#15250)
    - Create Proper Migration tests (#15116)
  * TRANSLATION
    - Use a special name for update default branch on repository setting (#15893)
    - Fix mirror_lfs source string in en-US locale (#15369)
  * BUILD
    - Upgrade xorm to v1.1.1 (#16339)
    - Disable legal comments in esbuild (#15929)
    - Switch to Node 16 to build fronted (#15804)
    - Use esbuild to minify CSS (#15756)
    - Use binary version of revive linter (#15739)
    - Fix: npx webpack make: *** [Makefile:699: public/js/index.js] Error -… (#15465)
    - Stop packaging node_modules in release tarballs (#15273)
    - Introduce esbuild on webpack (#14578)
  * DOCS
    - Update queue workers documentation (#15999)
    - Comment out app.example.ini (#15807)
    - Improve logo customization docs (#15754)
    - Add some response status on api docs (#15399)
    - Rework Token API comments (#15162)
    - Add better errors for disabled account recovery (#15117)
  * MISC
    - Remove utf8 option from installation page (#16126)
    - Use Wants= over Requires= in systemd file (#15897)
- Switch again to download node_modules for myself, because upstream has removed node_mules again.

-------------------------------------------------------------------
Fri Aug  6 06:07:10 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.6
  * SECURITY
    - Bump github.com/markbates/goth from v1.67.1 to v1.68.0 (#16538) (#16540)
    - Switch to maintained JWT lib (#16532) (#16535)
    - Upgrade to latest version of golang-jwt (as forked for 1.14) (#16590) (#16607)
  * BUGFIXES
    - Add basic edit ldap auth test & actually fix #16252 (#16465) (#16495)
    - Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16481)

-------------------------------------------------------------------
Fri Jul 16 08:21:43 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.5
  * SECURITY
    - Hide mirror passwords on repo settings page (#16022) (#16355)
    - Update bluemonday to v1.0.15 (#16379) (#16380)
  * BUGFIXES
    - Retry rename on lock induced failures (#16435) (#16439)
    - Validate issue index before querying DB (#16406) (#16410)
    - Fix crash following ldap authentication update (#16447) (#16449)
  * ENHANCEMENTS
    - Redirect on bad CSRF instead of presenting bad page (#14937) (#16378)

-------------------------------------------------------------------
Tue Jul  6 14:54:49 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.4 
  * BUGFIXES
    - Fix relative links in postprocessed images (#16334) (#16340)
    - Fix list_options GetStartEnd (#16303) (#16305)
    - Fix API to use author for commits instead of committer (#16276) (#16277)
    - Handle misencoding of login_source cfg in mssql (#16268) (#16275)
    - Fixed issues not updated by commits (#16254) (#16261)
    - Improve efficiency in FindRenderizableReferenceNumeric and getReference (#16251) (#16255)
    - Use html.Parse rather than html.ParseFragment (#16223) (#16225)
    - Fix milestone counters on new issue (#16183) (#16224)
    - reqOrgMembership calls need to be preceded by reqToken (#16198) (#16219)

-------------------------------------------------------------------
Sat Jun 19 07:13:40 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.3
  * SECURITY
    - Encrypt migration credentials at rest (#15895) (#16187)
    - Only check access tokens if they are likely to be tokens (#16164) (#16171)
    - Add missing SameSite settings for the i_like_gitea cookie (#16037) (#16039)
    - Fix setting of SameSite on cookies (#15989) (#15991)
  * API
    - Repository object only count releases as releases (#16184) (#16190)
    - EditOrg respect RepoAdminChangeTeamAccess option (#16184) (#16190)
    - Fix overly strict edit pr permissions (#15900) (#16081)
  * BUGFIXES
    - Run processors on whole of text (#16155) (#16185)
    - Class issue-keyword is being incorrectly stripped off spans (#16163) (#16172)
    - Fix language switch for install page (#16043) (#16128)
    - Fix bug on getIssueIDsByRepoID (#16119) (#16124)
    - Set self-adjusting deadline for connection writing (#16068) (#16123)
    - Fix http path bug (#16117) (#16120)
    - Fix data URI scramble (#16098) (#16118)
    - Merge all deleteBranch as one function and also fix bug when
      delete branch don't close related PRs (#16067) (#16097)
    - git migration: don't prompt interactively for clone credentials (#15902) (#16082)
    - Fix case change in ownernames (#16045) (#16050)
    - Don't manipulate input params in email notification (#16011) (#16033)
    - Remove branch URL before IssueRefURL (#15968) (#15970)
    - Fix layout of milestone view (#15927) (#15940)
    - GitHub Migration, migrate draft releases too (#15884) (#15888)
    - Close the gitrepo when deleting the repository (#15876) (#15887)
    - Upgrade xorm to v1.1.0 (#15869) (#15885)
    - Fix blame row height alignment (#15863) (#15883)
    - Fix error message when saving generated LOCAL_ROOT_URL config (#15880) (#15882)
    - Backport Fix LFS commit finder not working (#15856) (#15874)
    - Stop calling WriteHeader in Write (#15862) (#15873)
    - Add timeout to writing to responses (#15831) (#15872)
    - Return go-get info on subdirs (#15642) (#15871)
    - Restore PAM user autocreation functionality (#15825) (#15867)
    - Fix truncate utf8 string (#15828) (#15854)
    - Fix bound address/port for caddy's certmagic library (#15758) (#15848)
    - Upgrade unrolled/render to v1.1.1 (#15845) (#15846)
    - Queue manager FlushAll can loop rapidly - add delay (#15733) (#15840)
    - Tagger can be empty, as can Commit and Author - tolerate this (#15835) (#15839)
    - Set autocomplete off on branches selector (#15809) (#15833)
    - Add missing error to Doctor log (#15813) (#15824)
    - Move restore repo to internal router and invoke from command
      to avoid open the same db file or queues files (#15790) (#15816)
  * ENHANCEMENTS
    - Removable media support to snap package (#16136) (#16138)
    - Move sans-serif fallback font higher than emoji fonts (#15855) (#15892)
  * DOCKER
    - Only write config in environment-to-ini if there are changes (#15861) (#15868)
    - Only offer hostcertificates if they exist (#15849) (#15853)
- Use gitea-src-1.14.3.tar.gz and gitea-docs-1.14.3.tar.gz from github instead of
  source from gitea-fetch_source_and_node_modules.sh.
- Add docs package.

-------------------------------------------------------------------
Sun May  9 10:59:00 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.2
  * API
    - Make change repo settings work on empty repos (#15778) (#15789)
    - Add pull "merged" notification subject status to API (#15344) (#15654)
  * BUGFIXES
    - Ensure that ctx.Written is checked after issues(...) calls (#15797) (#15798)
    - Use pulls in commit graph unless pulls are disabled (#15734 & #15740 & #15774) (#15775)
    - Set GIT_DIR correctly if it is not set (#15751) (#15769)
    - Fix bug where repositories appear unadopted (#15757) (#15767)
    - Not show ref-in-new-issue pop when issue was disabled (#15761) (#15765)
    - Drop back to use IsAnInteractiveSession for SVC (#15749) (#15762)
    - Fix setting version table in dump (#15753) (#15759)
    - Fix close button change on delete in simplemde area (#15737) (#15747)
    - Defer closing the gitrepo until the end of the wrapped context functions (#15653) (#15746)
    - Fix some ui bug about draft release (#15137) (#15745)
    - Only log Error on getLastCommitStatus error to let pull list still be visible (#15716) (#15715)
    - Move tooltip down to allow selection of Remove File on error (#15672) (#15714)
    - Fix setting redis db path (#15698) (#15708)
    - Fix DB session cleanup (#15697) (#15700)
    - Fixed several activation bugs (#15473) (#15685)
    - Delete references if repository gets deleted (#15681) (#15684)
    - Fix orphaned objects deletion bug (#15657) (#15683)
    - Delete protected branch if repository gets removed (#15658) (#15676)
    - Remove spurious set name from eventsource.sharedworker.js (#15643) (#15652)
    - Not update updated uinx for git gc (#15637) (#15641)
    - Fix commit graph author link (#15627) (#15630)
    - Fix webhook timeout bug (#15613) (#15621)
    - Resolve panic on failed interface conversion in migration v156 (#15604) (#15610)
    - Fix missing storage init (#15589) (#15598)
    - If the default branch is not present do not report error on stats indexing (#15546 & #15583) (#15594)
    - Fix lfs management find (#15537) (#15578)
    - Fix NPE on view commit with notes (#15561) (#15573)
    - Fix bug on commit graph (#15517) (#15530)
    - Send size to /avatars if requested (#15459) (#15528)
    - Prevent migration 156 failure if tag commit missing (#15519) (#15527)
  * ENHANCEMENTS
    - Display conflict-free merge messages for pull requests (#15773) (#15796)
    - Exponential Backoff for ByteFIFO (#15724) (#15793)
    - Issue list alignment tweaks (#15483) (#15766)
    - Implement delete release attachments and update release attachments' name (#14130) (#15666)
    - Add placeholder text to deploy key textarea (#15575) (#15576)
    - Project board improvements (#15429) (#15560)
    - Repo branch page: label size, PR ref, new PR button alignment (#15363) (#15365)
  * MISC
    - Fix webkit calendar icon color on arc-green (#15713) (#15728)
    - Performance improvement for last commit cache and show-ref (#15455) (#15701)
    - Bump unrolled/render to v1.1.0 (#15581) (#15608)
    - Add ETag header (#15370) (#15552)

-------------------------------------------------------------------
Fri Apr 16 08:43:33 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.1
  * BUGFIXES
    - Fix bug clone wiki (#15499) (#15502)
    - Github Migration ignore rate limit, if not enabled (#15490) (#15495)
    - Use subdir for URL (#15446) (#15493)
    - Query the DB for the hash before inserting in to email_hash (#15457) (#15491)
    - Ensure review dismissal only dismisses the correct review (#15477) (#15489)
    - Use index of the supported tags to choose user lang (#15452) (#15488)
    - Fix wrong file link in code search page (#15466) (#15486)
    - Quick template fix for built-in SSH server in admin config (#15464) (#15481)
    - Prevent superfluous response.WriteHeader (#15456) (#15476)
    - Fix ambiguous argument error on tags (#15432) (#15474)
    - Add created_unix instead of expiry to migration (#15458) (#15463)
    - Fix repository search (#15428) (#15442)
    - Prevent NPE on avatar direct rendering if federated avatars disabled (#15434) (#15439)
    - Fix wiki clone urls (#15430) (#15431)
    - Fix dingtalk icon url at webhook (#15417) (#15426)
    - Standardise icon on projects PR page (#15387) (#15408)
  * ENHANCEMENTS
    - Add option to skip LFS/attachment files for dump (#15407) (#15492)
    - Clone panel fixes (#15436)
    - Use semantic dropdown for code search query type (#15276) (#15364)
  * BUILD
    - Build go-git variants for windows (#15482) (#15487)
    - Lock down build-images dependencies (Partial #15479) (#15480)
  * MISC
    - Performance improvement for list pull requests (#15447) (#15500)
    - Fix potential copy lfs records failure when fork a repository (#15441) (#15485)

-------------------------------------------------------------------
Sun Apr 11 11:21:24 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.14.0
  * SECURITY
    * Respect approved email domain list for externally validated user registration (#15014)
    * Add reverse proxy configuration support for remote IP address detection (#14959)
    * Ensure validation occurs on clone addresses too (#14994)
  * BREAKING
    * Fix double 'push tag' action feed (#15078) (#15083)
    * Remove possible resource leak (#15067) (#15082)
    * Handle unauthorized user events gracefully (#15071) (#15074)
    * Restore Access.log following migration to Chi framework 
      (Stops access logging of /api/internal routes) (#14475)
    * Migrate from Macaron to Chi framework (#14293)
    * Deprecate building for mips (#14174)
    * Consolidate Logos and update README header (#14136)
    * Inline manifest.json (#14038)
    * Store repository data in data path if not previously set (#13991)
    * Rename "gitea" png to "logo" (#13974)
    * Standardise logging of failed authentication attempts in internal SSH (#13962)
    * Add markdown support in organization description (#13549)
    * Improve users management through the CLI (#6001) (#10492)
  * FEATURES
    * Create a new issue with reference to lines of code from file view (#14863)
    * Repository transfer has to be confirmed, if user can not 
      create repo for new owner (#14792)
    * Allow blocking some email domains from registering an account (#14667)
    * Create a new issue based on reference to an issue comment (#14366)
    * Add support to migrate from gogs (#14342)
    * Add pager to the branches page (#14202)
    * Minimal OpenID Connect implementation (#14139)
    * Display current stopwatch in navbar (#14122)
    * Display SVG files as images instead of text (#14101)
    * Disable SSH key deletion of externally managed Keys (#13985)
    * Add support for ed25519_sk and ecdsa_sk SSH keys (#13462)
    * Add support for Mastodon OAuth2 provider (#13293)
    * Add gitea sendmail command (#13079)
    * Create DB session provider(based on xorm) (#13031)
    * Add dismiss review feature (#12674)
    * Make manual merge autodetection optional and add manual merge
      as merge method (#12543)
    * Dump github/gitlab/gitea repository data to a local directory
      and restore to gitea (#12244)
    * Create Rootless Docker image (#10154)
  * API
    * Speedup issue search (#15179) (#15192)
    * Get pull, return head branch sha, even if deleted (#14931)
    * Export LFS & TimeTracking function status (#14753)
    * Show Gitea version in swagger (#14654)
    * Fix PATCH /repos/{owner}/{repo} panic (#14637)
    * Add Restricted Field to User (#14630)
    * Add support for ref parameter to get raw file API (#14602)
    * Add affected files of commits to commit struct (#14579)
    * Fix CJK fonts again and misc. font issues (#14575)
    * Add delete release by tag & delete tag (#14563) & (#13358)
    * Add pagination to ListBranches (#14524)
    * Add signoff option in commit form (#14516)
    * GetRelease by tag only return release (#14397)
    * Add MirrorInterval to the API (#14163)
    * Make BasicAuth Prefix case insensitive (#14106)
    * Add user filter to issueTrackedTimes, enable usage for issue managers (#14081)
    * Add ref to create/edit issue options & deprecated assignee (#13992)
    * Add Ref to Issue (#13946)
    * Expose default theme in meta and API (#13809)
    * Send error message when CSRF token is missing (#13676)
    * List, Check, Add & delete endpoints for repository teams (#13630)
    * Admin EditUser: Make FullName, Email, Website & Location optional (#13562)
    * Add more filters to issues search (#13514)
    * Add review request api (#11355)
  * BUGFIXES
    * Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15396)
    * Always set the merge base used to merge the commit (#15352) (#15385)
    * Upgrade to bluemonday 1.0.7 (#15379) (#15380)
    * Turn RepoRef and RepoAssignment back into func(*Context) (#15372) (#15377)
    * Move FCGI req.URL.Path fix-up to the FCGI listener (#15292) (#15361)
    * Show diff on rename with diff changes (#15338) (#15339)
    * Fix handling of logout event (#15323) (#15337)
    * Fix CanCreateRepo check (#15311) (#15321)
    * Fix xorm log stack level (#15285) (#15316)
    * Fix bug in Wrap (#15302) (#15309)
    * Drop the event source if we are unauthorized (#15275) (#15280)
    * Backport Fix graph pagination (#15225)  (#15249)
    * Prevent NPE in CommentMustAsDiff if no hunk header (#15199) (#15200)
    * should run RetrieveRepoMetas() for empty pr (#15187) (#15190)
    * Move setting to enable closing issue via commit in non 
      default branch to repo settings (#14965)
    * Show correct issues for team dashboard (#14952)
    * Ensure that new pull request button works on forked forks owned 
      by owner of the root and reduce ambiguity (#14932)
    * Only allow issue labels from owner repository or organization (#14928)
    * Fix alignment of People and Teams right arrow on org homepage (#14924)
    * Fix overdue marking of closed issues and milestones (#14923)
    * Prevent panic when empty MilestoneID in repo/issue/list (#14911)
    * Fix migration context data (#14910)
    * Handle URLs with trailing slash (#14852)
    * Add CORS config on to /login/oauth/access_token endpoint (#14850)
    * Make searching issues by keyword case insensitive on DB (#14848)
    * Prevent use of double sub-path and incorrect asset path in manifest (#14827)
    * Fix link account ui (#14763)
    * Fix preview status switch button on wiki editor (#14742)
    * Fix github download on migration (#14703)
    * Fix svg spacing (#14638)
    * Prevent adding nil label to .AddedLabels or .RemovedLabels (#14623)
    * Truncated organizations name (#14615)
    * Exclude the current dump file from the dump (#14606)
    * Use OldRef instead of CommitSHA for DeleteBranch comments (#14604)
    * Ensure memcache caching works when TTL greater than 30 days (#14592)
    * Remove NULs byte arrays passed to PostProcess (#14587)
    * Restore detection of branches are equal on compare page (#14586)
    * Fix incorrect key name so registerManualConfirm works (#14455)
    * Fix close/reopen with comment (#14436)
    * Allow passcode invalid error to appear (#14371)
    * Escape branch names in compare url (#14364)
    * Label and milestone webhooks on issue/pull creation (#14363)
    * Handle NotifyCreateRef as create branch in feeds (#14245)
    * Prevent clipping input text in Chrome + Segoe UI Font (#14179)
    * Fix UI on edit auth source page (#14137)
    * Fix git.parseTagData (#14105)
    * Refactor get tag to remove unnecessary steps (#14058)
    * Fix integrations test error with space in CURDIR path (#14056)
    * Dropdown triangle fixes (#14028)
    * Fix label of --id in admin delete user (#14005)
    * Cause NotifyMigrateRepository to emit a repo create webhook (#14004)
    * Update HEAD to match defaultBranch in template generation (#13948)
    * Fix action avatar loading (#13909)
    * Fix issue participants (#13893)
    * Fix avatar template error (#13833)
    * Fix review request notification email links when external 
      issue tracker is enabled (#13723)
    * Fix blame line alignment (#13542)
    * Include OriginalAuthor in Reaction constraint (#13505)
    * Comments on review should have the same sha (#13448)
    * Fix whitespace rendering in diff (#13415)
    * Fixed git args duplication (#13411)
    * Fix bug on release publisherid migrations (#13410)
    * Fix --port setting (#13288)
    * Keep database transactions not too big (#13254)
    * Git version check, ignore pre-releases constraints (#13234)
    * Handle and propagate errors when checking if paths are Dirs,
      Files or Exist (#13186)
    * Update Mirror IsEmpty status on synchronize (#13185)
    * Use GO variable in go-check target (#13146) (#13147)
  * ENHANCEMENTS
    * UI style improvements
    * Dropzone styling improvements (#15291) (#15374)
    * Add size to Save function (#15264) (#15270)
    * Monaco improvements (#15333) (#15345)
    * Support .mailmap in code activity stats (#15009)
    * Sort release attachments by name (#15008)
    * Add ui.explore settings to control view of explore pages (#14094)
    * Make internal SSH server host key path configurable (#14918)
    * Hide resync all ssh principals when using internal ssh server (#14904)
    * Add SameSite setting for cookies (#14900)
    * Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781)
    * Add environment-to-ini to docker image (#14762)
    * Add preview support for wiki editor when disable simpleMDE (#14757)
    * Add easyMDE(simpleMDE) support for release content editor (#14744)
    * Organization removal confirmation using name not password (#14738)
    * Make branch names in PR description clickable (#14716)
    * Add Password Algorithm option to install page (#14701)
    * Add fullTextSearch to dropdowns by default (#14694)
    * Fix truncated organization names (#14655)
    * Whitespace in commits (#14650)
    * Sort / move project boards (#14634)
    * Make fileheader sticky in diffs (#14616)
    * Add helper descriptions on new repo page (#14591)
    * Move the stopwatches to the eventsource stream (#14588)
    * Add Content-Length header to HEAD requests (#14542)
    * Add Image Diff options in Diff view (#14450)
    * Improve Description in new/ edit Project template (#14429)
    * Allow ssh-keygen on Windows to detect ssh key type (#14413)
    * Display error if twofaSecret cannot be retrieved (#14372)
    * Sort issue search results by revelance (#14353)
    * Implement ghost comment mitigation (#14349)
    * Upgrade blevesearch dependency to v2.0.1 (#14346)
    * Add edit, delete and reaction support to code review comments on issue page (#14339)
    * Merge default and system webhooks under one menu (#14244)
    * Add option for administrator to reset user 2FA (#14243)
    * Add option to change username to the admin panel (#14229)
    * Check for 'main' as potential default branch name (#14193)
    * Project: show referenced PRs in issue cards (#14183)
    * Use caddy's certmagic library for extensible/robust ACME handling (#14177)
    * CLI support for OAuth sources custom icons (#14166)
    * Custom icons for OAuth sources (#14161)
    * Team dashboards (#14159)
    * KanBan: be able to set default board (#14147)
    * Disable Fomantic's custom scrollbars (#14109)
    * Add UI to delete tracked times (#14100)
    * Rework heatmap permissions (#14080)
    * Issue and pull request filters on organization dashboard (#14072)
    * Fix webhook list styling (#14001)
    * Show dropdown with all statuses for commit (#13977)
    * Show status check for merged PRs (#13975)
    * Diff stat improvements (#13954)
    * Report permissions denied in internal SSH (#13953)
    * Markdown task list improvements (#13952)
    * Heatmap days clickable (#13935)
    * chore: use octicon-mirror for feeds display (#13928)
    * Move diff split code into own template file (#13919)
    * Markdown: Enable wrapping in code blocks and a color tweak (#13894)
    * Do not reload page after adding comments in Pull Request reviews (#13877)
    * Add pull request manually merge instruction (#13840)
    * add thumbnail preview section to issue attachments (#13826)
    * Move Repo APIFormat to convert package (#13787)
    * Move notification APIFormat (#13783)
    * Swap swagger-ui with swagger-ui-dist (#13777)
    * User Settings: Ignore empty language codes & validate (#13755)
    * Improve migrate page and add card CSS (#13751)
    * Add block on official review requests branch protection (#13705)
    * Add review requested filter on pull request overview (#13701)
    * Use chronological commit order in default squash message (#13696)
    * Clickable links in pull request (and issue) titles (#13695)
    * Support shortened commit SHAs in URLs (#13686)
    * Use native git variants by default with go-git variants as build tag (#13673)
    * Don't render dropdown when only 1 merge style is available (#13670)
    * Move webhook type from int to string (#13664)
    * Direct avatar rendering (#13649)
    * Verify password for local-account activation (#13631)
    * Prevent clone protocol button flash on page load (#13626)
    * Remove fetch request from heatmap (#13623)
    * Refactor combine label comments with tests (#13619)
    * Move metrics from macaron to chi (#13601)
    * Issue and Pulls lists rework (#13594)
    * HTTP cache rework and enable caching for storage assets (#13569)
    * Use mount but not register for chi routes (#13555)
    * Use monaco for the git hook editor (#13552)
    * Make heatmap colors more distinct (#13533)
    * Lazy-load issue reviewers and assignees avatars (#13526)
    * Change search and filter icons to SVG (#13473)
    * Create tag on ui (#13467)
    * updateSize when create a repo with init commit (#13441)
    * Added title and action buttons to Project view page (#13437)
    * Override fomantic monospace fonts and set size (#13435)
    * Rework focused comment styling (#13434)
    * Tags cleanup (#13428)
    * Various style tweaks (#13418)
    * Refactor push update (#13381)
    * Comment box tweaks and SVG dropdown triangles (#13376)
    * Various style fixes (#13372)
    * Change repo home page icons to SVG (#13364)
    * Use CSS Vars for primary color (#13361)
    * Refactor image paste code (#13354)
    * Switch from SimpleMDE to EasyMDE (#13333)
    * Group Label Changed Comments in timeline (#13304)
    * Make the logger an interface (#13294)
    * Fix PR/Issue titles on mobile (#13292)
    * Rearrange the order of the merged by etc. in locale (#13284)
    * Replace footer and modal icons with SVG (#13245)
    * Issues overview should not show issues from archived repos (#13220)
    * Show stale label for stale code comment which is marked as resolved (#13213)
    * Use CSS Variables for fonts, remove postcss-loader (#13204)
    * Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198)
    * Move install pages out of main macaron routes (#13195)
    * Update outdated label to use Fomantic UI style (#13181)
    * Added option to disable webhooks (#13176)
    * Change order of possible-owner organizations to alphabetical (#13160)
    * Log IP on SSH authentication failure for Built-in SSH server (#13150)
    * Added option to disable migrations (#13114)
    * New "Add Mirror" Button in the Organization view (#13105)
    * Manually approve new registration (#13083)
    * Cron job to cleanup hook_task table (#13080)
    * Use the headline comment of pull-request as the squash commit's message (#13071)
    * Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999)
    * Slightly simplify the queue settings code to help reduce the risk of problems (#12976)
    * Add precise search type for Elastic Search (#12869)
    * Move APIFormat functions into convert package (#12856)
    * Multiple GitGraph improvements: Exclude PR heads, Add branch/PR links,
      Show only certain branches, (#12766)
    * Add TrN for repository limit (#12492)
    * Refactor doctor (#12264)
    * Add the tag list page to the release page (#12096)
    * Redirect on changed user and org name (#11649)
    * load U2F js only on pages which need it (#11585)
    * Make archival asynchronous (#11296)
    * Introduce go chi web framework as frontend of macaron, so that
      we can move routes from macaron to chi step by step (#7420)
    * Improve vfsgen to not unzip bindata files but send to browser directly (#7109)
    * Enhance release list (#6025)
  * DOCS
    * Swagger show models by default (#14880)
    * Add missing repo.projects unit into swagger (#14876)
    * Update docs and comments to remove macaron (#14491)
    * Issue template addition: Are you using Gitea behind CloudFlare? (#14098)
    * Generate man pages (#13901)
    * Reformat/fine-tune docs (#13897)
    * Added Table of Contents to long documentation pages (#13890)
    * Add docs command (#13429)
    * Update external-renderers.en-us.md (#13165)
  * MISC
    * Add builds for apple M1 (darwin arm64) (#14951)
    * Migrate to use jsoniter instead of encoding/json (#14841)
    * Reduce make verbosity (#13803)
    * Add git command error directory on log (#13194)

-------------------------------------------------------------------
Sun Apr 11 11:08:57 UTC 2021 - ecsos <ecsos@opensuse.org>

- Enable support for sqlite3 database.

-------------------------------------------------------------------
Thu Apr  8 06:19:29 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.7
  * SECURITY
    - Update to bluemonday-1.0.6 (#15294) (#15298)
    - Clusterfuzz found another way (#15160) (#15169)
  * API
    - Fix wrong user returned in API (#15139) (#15150)
  * BUGFIXES
    - Add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
    - Speed up enry.IsVendor (#15213) (#15246)
    - Response 404 for diff/patch of a commit that not exist
     (#15221) (#15238)
    - Prevent NPE in CommentMustAsDiff if no hunk header
     (#15199) (#15201)
  * MISC
    - Add size to Save function (#15264) (#15271)

-------------------------------------------------------------------
Wed Mar 24 06:41:38 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.6
  * SECURITY
    - Fix bug on avatar middleware (#15124) (#15125)
    - Fix another clusterfuzz identified issue (#15096) (#15114)
  * API
    - Fix nil exeption for get pull reviews API #15104 (#15106)
  * BUGFIXES
    - Fix markdown rendering in milestone content (#15056) (#15092)

-------------------------------------------------------------------
Tue Mar 23 10:28:58 UTC 2021 - ecsos <ecsos@opensuse.org>

- Fix build error in Tumbleweed. (npm>10 has problems)

-------------------------------------------------------------------
Sun Mar 21 15:36:17 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.5
  * SECURITY
    - Update to goldmark 1.3.3 (#15059) (#15061)
    - Another clusterfuzz spotted issue (#15032) (#15034)
  * API
    - Fix set milestone on PR creation (#14981) (#15001)
    - Prevent panic when editing forked repos by API (#14960) (#14963)
  * BUGFIXES
    - Fix bug when upload on web (#15042) (#15055)
    - Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
    - Fix postgres ID sequences broken by recreate-table (#15015) (#15029)
    - Fix several render issues (#14986) (#15013)
    - Make sure sibling images get a link too (#14979) (#14995)
    - Fix Anchor jumping with escaped query components (#14969) (#14977)
    - Fix release mail html template (#14976)
    - Fix excluding more than two labels on issues list (#14962) (#14973)
    - Don't mark each comment poster as OP (#14971) (#14972)
    - Add "captcha" to list of reserved usernames (#14930)
    - Re-enable import local paths after reversion from #13610 (#14925) (#14927)

-------------------------------------------------------------------
Sun Mar  7 16:48:24 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.4
  * SECURITY
    - Fix issue popups (#14898) (#14899)
  * BUGFIXES
    - Fix race in LFS ContentStore.Put(...) (#14895) (#14913)
    - Fix a couple of issues with a feeds (#14897) (#14903)
    - When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)
    - Fix race in local storage (#14888) (#14901)
    - Fix 500 on pull view page if user is not loged in (#14885) (#14886)
  * DOCS
    - Fix how lfs data path is set (#14855) (#14884)

-------------------------------------------------------------------
Thu Mar  4 15:32:25 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.3
  * BREAKING & SECURITY
    - Turn default hash password algorithm back to pbkdf2 from argon2 until we find a better one (#14673) (#14675)
  * BUGFIXES
    - Fix paging of file commit logs (#14831) (#14879)
    - Print useful error if SQLite is used in settings but not supported (#14476) (#14874)
    - Fix display since time round (#14226) (#14873)
    - When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)
    - Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)
    - Fix a couple of CommentAsPatch issues. (#14804) (#14820)
    - Disable broken OAuth2 providers at startup (#14802) (#14811)
    - Repo Transfer permission checks (#14792) (#14794)
    - Fix double alert in oauth2 application edit view (#14764) (#14768)
    - Fix broken spans in diffs (#14678) (#14683)
    - Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
    - HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
    - Do not assume all 40 char strings are SHA1s (#14624) (#14648)
    - Allow org labels to be set with issue templates (#14593) (#14647)
    - Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
    - Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
    - Fix GPG key deletion during account deletion (#14561) (#14569)

-------------------------------------------------------------------
Tue Feb  2 07:04:02 UTC 2021 - ecsos <ecsos@opensuse.org>

- Update to 1.13.2
  * SECURITY
    - Prevent panic on fuzzer provided string (#14405) (#14409)
    - Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)
  * API
    - If release publisher is deleted use ghost user (#14375)
  * BUGFIXES
    - Internal ssh server respect Ciphers, MACs and KeyExchanges settings (#14523) (#14530)
    - Set the name Mapper in migrations (#14526) (#14529)
    - Fix wiki preview (#14515)
    - Update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
    - ChangeUserName: rename user files back on DB issue (#14447)
    - Fix lfs preview bug (#14428) (#14433)
    - Ensure timeout error is shown on u2f timeout (#14417) (#14431)
    - Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)
    - Use path not filepath in routers/editor (#14390) (#14396)
    - Check if label template exist first (#14384) (#14389)
    - Fix migration v141 (#14387) (#14388)
    - Use Request.URL.RequestURI() for fcgi (#14347)
    - Use ServerError provided by Context (#14333) (#14345)
    - Fix edit-label form init (#14337)
    - Fix mailIssueCommentBatch for pull request (#14252) (#14296)
    - Render links for commit hashes followed by comma (#14224) (#14227)
    - Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
    - Fix avatar bugs (#14217) (#14220)
    - Ensure that schema search path is set with every connection on postgres (#14131) (#14216)
    - Fix dashboard issues labels filter bug (#14210) (#14214)
    - When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)
    - Fix branch selector on new issue page (#14194) (#14207)
    - Check for notExist on profile repository page (#14197) (#14203)

-------------------------------------------------------------------
Mon Dec 28 19:38:25 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.13.1
  * SECURITY
    - Hide private participation in Orgs (#13994) (#14031)
    - Fix escaping issue in diff (#14153) (#14154)
  * BUGFIXES
    - Fix bug of link query order on markdown render (#14156) (#14171)
    - Drop long repo topics during migration (#14152) (#14155)
    - Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143)
    - Fix storage config implementation (#14091) (#14095)
    - Fix panic in BasicAuthDecode (#14046) (#14048)
    - Always wait for the cmd to finish (#14006) (#14039)
    - Don't use simpleMDE editor on mobile devices for 1.13 (#14029)
    - Fix incorrect review comment diffs (#14002) (#14011)
    - Trim the branch prefix from action.GetBranch (#13981) (#13986)
    - Ensure template renderer is available before storage handler (#13164) (#13982)
    - Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)
    - Enforce setting HEAD in wiki to master (#13950) (#13961)
    - Fix feishu webhook caused by API changed (#13938)
    - Fix Quote Reply button on review diff (#13830) (#13898)
    - Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896)
    - Fix mermaid chart size (#13865)
    - Fix branch/tag notifications in mirror sync (#13855) (#13862)
    - Fix crash in short link processor (#13839) (#13841)
    - Update font stack to bootstrap's latest (#13834) (#13837)
    - Make sure email recipients can see issue (#13820) (#13827)
    - Reply button is not removed when deleting a code review comment (#13824)
    - When reinitialising DBConfig reset the database use flags (#13796) (#13811)
  * ENHANCEMENTS
    - Add emoji in label to project boards (#13978) (#14021)
    - Send webhook when tag is removed via Web UI (#14015) (#14019)
    - Use Process Manager to create own Context (#13792) (#13793)
  * API
    - GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047)
    - Return original URL of Repositories (#13885) (#13886)

-------------------------------------------------------------------
Sun Dec 13 11:08:34 UTC 2020 - ecsos <ecsos@opensuse.org>

- Put apache configuration files in separate subpackage.

-------------------------------------------------------------------
Wed Dec  2 06:21:35 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.13.0
  * SECURITY
  * Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
    - Prevent git operations for inactive users (#13527) (#13536)
    - Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
    - Mitigate Security vulnerability in the git hook feature (#13058)
    - Disable DSA ssh keys by default (#13056)
    - Set TLS minimum version to 1.2 (#12689)
    - Use argon as default password hash algorithm (#12688)
  * BREAKING
    - Set RUN_MODE prod by default (#13765) (#13767)
    - Don't replace underscores in auto-generated IDs in goldmark (#12805)
    - Add Primary Key to Topic and RepoTopic tables (#12639)
    - Disable password complexity check default (#12557)
    - Change PIDFile default from /var/run/gitea.pid to /run/gitea.pid (#12500)
    - Add extension Support to Attachments (allow all types for releases) (#12465)
    - Remove IE11 Support (#11470)
  * FEATURES
    - Adopt repositories (#12920)
    - Check passwords against HaveIBeenPwned (#12716)
    - Gitea 2 Gitea migration (#12657)
    - Support storing Avatars in minio (#12516)
    - Allow addition of gpg keyring with multiple keys (#12487)
    - Add email notify for new release (#12463)
    - Add Access-Control-Expose-Headers (#12446)
    - UserProfile Page: Render Description (#12415)
    - Add command to recreate tables (#12407)
    - Add mermaid JS renderer (#12334)
    - Add ssh certificate support (#12281)
    - Add spent time to referenced issue in commit message (#12220)
    - Initial support for push options (#12169)
    - Provide option to unlink a fork (#11858)
    - Show exact tag for commit on diff view (#11846)
    - Pause, Resume, Release&Reopen, Add and Remove Logging from command line (#11777)
    - Issue templates directory (#11450)
    - Add a storage layer for attachments (#11387)
    - Add hide activity option (#11353)
    - Add push commits history comment on PR time-line (#11167)
    - Support elastic search for code search (#10273)
    - Kanban board (#8346)
  * API
    - If User is Admin, show 500 error message on PROD mode too (#13115)
    - Add Timestamp to Tag list API (#13026)
    - Return sample message for login error in api context (#12994)
    - Add IsTemplate option in create repo ui and api (#12942)
    - GetReleaseByID return 404 if not found (#12933)
    - Get release by tags endpoint (#12932)
    - NotificationSubject show Issue/Pull State (#12901)
    - Expose its limitation settings (#12714)
    - Add Created & Updated to Milestone (#12662)
    - Milestone endpoints accept names too (#12649)
    - Expose Attachment Settings in the API (#12514)
    - Add Issue and Repo info to StopWatch (#12458)
    - Add cron running API (#12421)
    - Add Update Pull HeadBranch Function (#12419)
    - Add TOTP header to Swagger Documentation (#12402)
    - Delete Token accept names too (#12366)
    - Add name filter for GetMilestoneList (#12336)
    - Fixed count of filtered issues when api request. (#12275)
    - Do not override API issue pagination with UI settings (#12068)
    - Expose useful General Repo settings settings (#11758)
    - Return error when trying to create Mirrors but Mirrors are globally disabled (#11757)
    - Provide diff and patch API endpoints (#11751)
    - Allow to create closed milestones (#11745)
    - Add language Statistics endpoint (#11737)
    - Add Endpoint to get GetGeneralUI Settings (#11735) & (#11854)
    - Issue/Pull expose IsLocked Property on API (#11708)
    - Add endpoint for Branch Creation (#11607)
    - Add pagination headers on endpoints that support total count from database (#11145)
  * BUGFIXES
    - Fix bogus http requests on diffs (#13760) (#13761)
    - Show 'owner' tag for real owner (#13689) (#13743)
    - Validate email before inserting/updating (#13475) (#13666)
    - Fix issue/pull request list assignee filter (#13647) (#13651)
    - Gitlab migration support for subdirectories (#13563) (#13591)
    - Fix logic for preferred license setting (#13550) (#13557)
    - Add missed sync branch/tag webhook (#13538) (#13556)
    - Migration won't fail on non-migrated reactions (#13507)
    - Fix Italian language file parsing error (#13156)
    - Show outdated comments in pull request (#13148) (#13162)
    - Fix parsing of pre-release git version (#13169) (#13172)
    - Fix diff skipping lines (#13154) (#13155)
    - When handling errors in storageHandler check underlying error (#13178) (#13193)
    - Fix size and clickable area on file table back link (#13205) (#13207)
    - Add better error checking for inline html diff code (#13251)
    - Fix initial commit page & binary munching problem (#13249) (#13258)
    - Fix migrations from remote Gitea instances when configuration not set (#13229) (#13273)
    - Store task errors following migrations and display them (#13246) (#13287)
    - Fix bug isEnd detection on getIssues/getPullRequests (#13299) (#13301)
    - When the git ref is unable to be found return broken pr (#13218) (#13303)
    - Ensure topics added using the API are added to the repository (#13285) (#13302)
    - Fix avatar autogeneration (#13233) (#13282)
    - Add migrated pulls to pull request task queue (#13331) (#13334)
    - Issue comment reactions should also check pull type on API (#13349) (#13350)
    - Fix links to repositories in /user/setting/repos (#13360) (#13362)
    - Remove obsolete change of email on profile page (#13341) (#13347)
    - Fix scrolling to resolved comment anchors (#13343) (#13371)
    - Storage configuration support [storage] (#13314) (#13379)
    - When creating line diffs do not split within an html entity (#13357) (#13375) (#13425) (#13427)
    - Fix reactions on code comments (#13390) (#13401)
    - Add missing full names when DEFAULT_SHOW_FULL_NAME is enabled (#13424)
    - Replies to outdated code comments should also be outdated (#13217) (#13433)
    - Fix panic bug in handling multiple references in commit (#13486) (#13487)
    - Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13491)
    - Show original author's reviews on pull summary box (#13127)
    - Update golangci-lint to version 1.31.0 (#13102)
    - Fix line break for MS teams webhook (#13081)
    - Fix Issue & Pull Request comment headers on mobile (#13039)
    - Avoid setting the CONN_STR in queues unless it is meant to be set (#13025)
    - Remove code-view class from diff view (#13011)
    - Fix the color of PR comment hyperlinks. (#13009)
    - (Re)Load issue labels when changing them (#13007)
    - Fix Media links in org files not liked to media files (#12997)
    - Always return a list from GetCommitsFromIDs (#12981)
    - Only set the user password if the password field would have been shown (#12980)
    - Fix admin/config page (#12979)
    - Changed width of commit signature avatar (#12961)
    - Completely quote AppPath and CustomConf paths (#12955)
    - Fix handling of migration errors (#12928)
    - Fix anonymous GL migration (#12862)
    - Fix git open close bug (#12834)
    - Fix markdown meta parsing (#12817)
    - Add default storage configurations (#12813)
    - Show PR settings on empty repos (#12808)
    - Disable watch and star if not signed in (#12807)
    - Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804)
    - Set opengraph attributes on org pages (#12803)
    - Return error when creating gitlabdownloader failed (#12790)
    - Add migration for password algorithm change (#12784)
    - Compare SSH_DOMAIN when parsing submodule URLs (#12753)
    - Fix editor.commit_empty_file_text locale string (#12744)
    - Fix wrong poster message for code comment on Pull view (#11721)
    - Escape failed highlighted files (#12685)
    - Ensure that all migration requests are cancellable (#12669)
    - Ensure RepoPath is lowercased in gitea serv (#12668)
    - Do not disable commit changes button on repost (#12644)
    - Dark theme for line numbers in blame view (#12632)
    - Fix message when deleting last owner from an organization (#12628)
    - Use shellquote to unpack arguments to gitea serv (#12624)
    - Fix signing.wont_sign.%!s() if Require Signing commits but not signed in. (#12581)
    - Set utf8mb4 as the default charset on MySQL if CHARSET is unset (#12563)
    - Set context for running CreateArchive to that of the request (#12555)
    - Prevent redirect back to /user/events (#12462)
    - Re-attempt to delete temporary upload if the file is locked by another process (#12447)
    - Mirror System Notice reports are too frequent (#12438)
    - Do not show arrows on comment diffs on pull comment pages (#12434)
    - Fix milestone links (#12405)
    - Increase size of the language column in language_stat (#12396)
    - Use transaction in V102 migration (#12395)
    - Only use --exclude on name-rev with git >= 2.13 (#12347)
    - Add action feed for new release (#12324)
    - Set NoAutoTime when updating is_archived (#12266)
    - Support Force-update in Mirror and improve Tracing in mirror (#12242)
    - Avoid sending "0 new commits" webhooks (#12212)
    - Fix U2F button icon (#12167)
    - models/repo_sign.go: break out of loops (#12159)
    - Ensure that git commit tree continues properly over the page (#12142)
    - Rewrite GitGraph.js (#12137)
    - Fix repo API listing stability (#12057)
    - Add team support for review request (#12039)
    - Fix 500 error on repos with no tags (#11870)
    - Fix nil pointer in default issue mail template (#11862)
    - Fix commit search in all branches (#11849)
    - Don't consider tag refs as valid for branch name (#11847)
    - Don't add same line code comment box twice (#11837)
    - Fix visibility of forked public repos from private orgs (#11717)
    - Fix chardet test and add ordering option (#11621)
    - Fix number of files, total additions, and deletions on Diff pages (#11614)
    - Properly handle and return empty string for dangling commits in GetBranchName (#11587)
    - Include query in sign in redirect (#11579)
    - Fix Enter not working in SimpleMDE (#11564)
    - Fix bug about can't skip commits base on base branch (#11555)
  * ENHANCEMENTS
    - Only Return JSON for responses (#13511) (#13565)
    - Use existing analyzer module for language detection for highlighting (#13522) (#13551)
    - Return the full rejection message and errors in flash errors (#13221) (#13237)
    - Remove PAM from auth dropdown when unavailable (#13276) (#13281)
    - Add HostCertificate to sshd_config in Docker image (#13143)
    - Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
    - Improve error feedback for duplicate deploy keys (#13112)
    - Set appropriate autocomplete attributes on password fields (#13078)
    - Adding visual cue for "Limited" & "Private" organizations. (#13040)
    - Fix Pull Request merge buttons on mobile (#13035)
    - Gitea serv, hooks, manager and the like should always display Fatals (#13032)
    - CSS tweaks to warning/error segments and misc fixes (#13024)
    - Fix formatting of branches ahead-behind on narrow windows (#12989)
    - Add config option to make create-on-push repositories public by default (#12936)
    - Disable migration items when mirror is selected (#12918)
    - Add the checkbox quick button to the comment tool bar also (#12885)
    - Support GH enterprise (#12863)
    - Simplify CheckUnitUser logic (#12854)
    - Fix background of signed-commits on arc-green of timeline commits (#12837)
    - Move git update-server-info to hooks (#12826)
    - Add ui style for "Open a blank issue" button (#12824)
    - Use a simple format for the big number on ui (#12822)
    - Make SVG size argument optional (#12814)
    - Add placeholder text for bio profile text form (#12792)
    - Set language via AJAX (#12785)
    - Show git-pull-request icon for closed pull request (#12742)
    - Migrate version parsing library to hashicorp/go-version (#12719)
    - Only use async pre-empt hack if go < 1.15 (#12718)
    - Inform user about meaning of an hourglass on reviews (#12713)
    - Add a migrate service type switch page (#12697)
    - Migrations: Gitlab Add Reactions Support for Issues & MergeRequests (#12695)
    - Remove duplicate logic in initListSubmits (#12660)
    - Set avatar image dimensions (#12654)
    - Rename models.ProtectedBranchRepoID/PRID to models.EnvRepoID/PRID and ensure EnvPusherEmail is set (#12646)
    - Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752)
    - Add postgres schema to the search_path on database connection (#12634)
    - Git migration UX improvements (#12619)
    - Add link to home page on swagger ui (#12601)
    - hCaptcha Support (#12594)
    - OpenGraph: use repo avatar if exist (#12586)
    - Reaction picker display improvements (#12576)
    - Fix emoji replacements, make emoji images consistent (#12567)
    - Increase clickable area on files table links (#12553)
    - Set z-index for sticky diff box lower (#12537)
    - Report error if API merge is not allowed (#12528)
    - LFS support to be stored on minio (#12518)
    - Show 2FA info on Admin Pannel: Users List (#12515)
    - Milestone Issue/Pull List: Add octicons type (#12499)
    - Make dashboard newsfeed list length a configurable item (#12469)
    - Add placeholder text for send testing email button in admin/config (#12452)
    - Add SVG favicon (#12437)
    - In issue comments, put issue participants also in completion list when hitting @ (#12433)
    - Collapse Swagger UI tags by default (#12428)
    - Detect full references to issues and pulls in commit messages (#12399)
    - Allow common redis and leveldb connections (#12385)
    - Don't use legacy method to send Matrix Webhook (#12348)
    - Remove padding/border-radius on image diffs (#12346)
    - Render the git graph on the server (#12333)
    - Fix clone panel in wiki position not always align right (#12326)
    - Rework 'make generate-images' (#12316)
    - Refactor webhook payload convertion (#12310)
    - Move jquery-minicolors to npm/webpack (#12305)
    - Support use nvarchar for all varchar columns when using mssql (#12269)
    - Update Octicons to v10 (#12240)
    - Disable search box autofocus (#12229)
    - Replace code fold icons with octicons (#12222)
    - Ensure syntax highlighting is the same inside diffs (#12205)
    - Auto-init repo on license, .gitignore select (#12202)
    - Default to showing closed Issues/PR list when there are only closed issues/PRs (#12200)
    - Enable cloning via Git Wire Protocol v2 over HTTP (#12170)
    - Direct SVG rendering (#12157)
    - Improve arc-green code colors (#12111)
    - Allow admin to merge pr with protected file changes (#12078)
    - Show description on individual milestone view (#12055)
    - Update the wiki repository remote origin while update the mirror 
      repository's Clone From URL (#12053)
    - Server-side syntax highlighting for all code (#12047)
    - Use Fomantic's fluid padded for blame full width (#12023)
    - Use custom SVGs for commit signing lock icon (#12017)
    - Make tabs smaller (#12003)
    - Fix sticky diff stats container (#12002)
    - Move fomantic and jQuery to main webpack bundle (#11997)
    - Use enry language type to detect special languages (#11974)
    - Use only first line of commit when creating referenced comment (#11960)
    - Rename custom/conf/app.ini.sample to custom/conf/app.example.ini 
      for better syntax light on editor (#11926)
    - Fix double divider on issue sidebar (#11919)
    - Shorten markdown heading anchors links (#11903)
    - Add org avatar on top of internal repo icon (#11895)
    - Use label to describe repository type (#11891)
    - Make repository size unclickable on repo summary bar (#11887)
    - Rework blame template and styling (#11885)
    - Fix icon alignment for show/hide outdated link on resolved conversation (#11881)
    - Vertically align review icons on repository sidebar (#11880)
    - Better align items using flex within review request box (#11879)
    - Only write to global gitconfig if necessary (#11876)
    - Disable all typographic replacements in markdown renderer (#11871)
    - Improve label edit buttons labels (#11841)
    - Use crispEdges rendering for octicon-internal-repo (#11801)
    - Show update branch item in merge box when it's necessary (#11761)
    - Add compare link to releases (#11752)
    - Allow site admin to disable mirrors (#11740)
    - Export monaco editor on window.codeEditors (#11739)
    - Add configurable Trust Models (#11712)
    - Show full GPG commit status on PR commit history (#11702)
    - Fix align issues and decrease avatar size on PR timeline (#11689)
    - Replace jquery-datetimepicker with native date input (#11684)
    - Change Style of Tags on Comments (#11668)
    - Fix missing styling for shabox on PR commit history (#11625)
    - Apply padding to approval icons on PR list (#11622)
    - Fix message wrapping on PR commit list (#11616)
    - Right-align status icon on pull request commit history (#11594)
    - Add missing padding for multi-commit list on PR view (#11593)
    - Do not show avatar for "{{user}} added X commits" (#11591)
    - Fix styling and padding for commit list on PR view (#11588)
    - Style code review comment for arc-green (#11572)
    - Use default commit message for wiki edits (#11550)
    - Add internal-repo octicon for public repos of private org (#11529)
    - Fix dropzone color on arc-green (#11514)
    - Insert ui divider directly in templates instead of from inside heatmap vue component (#11508)
    - Move tributejs to npm/webpack (#11497)
    - Fix text-transform on wiki revisions page (#11486)
    - Do not show lock icon on repo list for public repos in private org (#11445)
    - Include LFS when calculating repo size (#11060)
    - Add check for LDAP group membership (#10869)
    - When starting new stopwatch stop previous if it is still running (#10533)
    - Add queue for code indexer (#10332)
    - Move all push update operations to a queue (#10133)
    - Cache last commit when pushing for big repository (#10109)
    - Change/remove a branch of an open issue (#9080)
    - Sortable Tables Header By Click (#7980)
  * TESTING
    - Use community codecov drone plugin (#12468)
    - Add more tests for diff highlighting (#12467)
    - Don't put integration test data outside of test folder (#11746)
    - Add debug option to hooks (#11624)
    - Log slow tests (#11487)
  * TRANSLATION
    - Translate two small lables on commit statuse list (#12821)
    - Make issues.force_push_codes message shorter (#11575)
  * BUILD
    - Bump min required golang to 1.13 (#12717)
    - Add 'make watch' (#12636)
    - Extract Swagger CSS to its own file (#12616)
    - Update eslint config (#12609)
    - Avoid unnecessary system-ui expansion (#12522)
    - Make the default PID file compile-time settable (#12485)
    - Add 'watch-backend' (#12330)
    - Detect version of sed in Makefile (#12319)
    - Update gitea-vet to v0.2.1 (#12282)
    - Add logic to build stable and edge builds for gitea snap (#12052)
    - Fix missing CGO_EXTRA_FLAGS build arg for docker (#11782)
    - Alpine 3.12 (#11720)
    - Enable stylelint's shorthand-property-no-redundant-values (#11436)
  * DOCS
    - Change default log configuration (#13088)
    - Add automatic JS license generation (#11810)
    - Remove page size limit comment from swagger (#11806)
    - Narrow down Edge version in browser support docs (#11640)
- Rebase gitea.app.ini.patch.

------------------------------------------------------------------
Mon Nov 16 15:19:59 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.12.6
  * SECURITY
    - Prevent git operations for inactive users (#13527) (#13537)
    - Disallow urlencoded new lines in git protocol paths if there
      is a port (#13521) (#13525)
  * BUGFIXES
    - API should only return Json (#13511) (#13564)
    - Fix before and since query arguments at API (#13559) (#13560)
    - Prevent panic on git blame by limiting lines to 4096 bytes at
      most (#13470) (#13492)
    - Fix link detection in repository description with tailing '_' 
      (#13407) (#13408)
    - Remove obsolete change of email on profile page
      (#13341) (#13348)
    - Fix permission check on get Reactions API endpoints
      (#13344) (#13346)
    - Add migrated pulls to pull request task queue
      (#13331) (#13335)
    - API deny wrong pull creation options (#13308) (#13327)
    - Fix initial commit page & binary munching problem
      (#13249) (#13259)
    - Fix diff parsing (#13157) (#13136) (#13139)
    - Return error 404 not 500 from API if team does not exist
      (#13118) (#13119)
    - Prohibit automatic downgrades (#13108) (#13111)
    - Fix GitLab Migration Option AuthToken (#13101)
    - GitLab Label Color Normalizer (#12793) (#13100)
    - Log the underlying panic in runMigrateTask (#13096) (#13098)
    - Fix attachments list in edit comment (#13036) (#13097)
    - Fix deadlock when deleting team user (#13093)
    - Fix error create comment on outdated file (#13041) (#13042)
    - Fix repository create/delete event webhooks (#13008) (#13027)
    - Fix internal server error on README in submodule
      (#13006) (#13016)

-------------------------------------------------------------------
Thu Oct  1 21:16:12 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.12.5 
  * BUGFIXES
    - Allow U2F with default settings for gitea in subpath
      (#12990) (#13001)
    - Prevent empty div when editing comment (#12404) (#12991)
    - On mirror update also update address in DB (#12964) (#12967)
    - Allow extended config on cron settings (#12939) (#12943)
    - Open transaction when adding Avatar email-hash pairs to the
      DB (#12577) (#12940)
    - Fix internal server error from ListUserOrgs API
      (#12910) (#12915)
    - Update only the repository columns that need updating
      (#12900) (#12912)
    - Fix panic when adding long comment (#12892) (#12894)
    - Add size limit for content of comment on action ui
      (#12881) (#12890)
    - Convert User expose ID each time (#12855) (#12883)
    - Support slashes in release tags (#12864) (#12882)
    - Add missing information to CreateRepo API endpoint
      (#12848) (#12867)
    - On Migration respect old DefaultBranch (#12843) (#12858)
    - Fix notifications page links (#12838) (#12853)
    - Stop cloning unnecessarily on PR update (#12839) (#12852)
    - Escape more things that are passed through str2html
      (#12622) (#12850)
    - Remove double escape on labels addition in comments
      (#12809) (#12810)
    - Fix "only mail on mention" bug (#12775) (#12789)
    - Fix yet another bug with diff file names (#12771) (#12776)
    - RepoInit Respect AlternateDefaultBranch (#12746) (#12751)
    - Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear)
      (#12745) (#12750)
  * ENHANCEMENTS
    - gitea dump: include version & Check InstallLock
    (#12760) (#12762)

-------------------------------------------------------------------
Fri Sep 25 10:10:53 UTC 2020 - ecsos <ecsos@opensuse.org>

- Fix build error in Tumbleweed.
  - Remove macros %{goprep} code.gitea.io/gitea, %{goinstall} and
    %{gosrc}, because not need and it is a bug boo#1163689 in macro
    %{gosrc} from package golang-packaging since version 15.0.12.

-------------------------------------------------------------------
Fri Sep  4 06:55:56 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.12.4
  * SECURITY
    - Escape provider name in oauth2 provider redirect
      (#12648) (#12650)
    - Escape Email on password reset page (#12610) (#12612)
    - When reading expired sessions - expire them
      (#12686) (#12690)
  * ENHANCEMENTS
    - StaticRootPath configurable at compile time (#12371) (#12652)
  * BUGFIXES
    - Fix to show an issue that is related to a deleted issue
      (#12651) (#12692)
    - Expire time acknowledged for cache (#12605) (#12611)
    - Fix diff path unquoting (#12554) (#12575)
    - Improve HTML escaping helper (#12562)
    - models: break out of loop (#12386) (#12561)
    - Default empty merger list to those with write permissions
      (#12535) (#12560)
    - Skip SSPI authentication attempts for /api/internal
      (#12556) (#12559)
    - Prevent NPE on commenting on lines with invalidated comments
      (#12549) (#12550)
    - Remove hardcoded ES indexername (#12521) (#12526)
    - Fix bug preventing transfer to private organization
      (#12497) (#12501)
    - Keys should not verify revoked email addresses
      (#12486) (#12495)
    - Do not add prefix on http/https submodule links
      (#12477) (#12479)
    - Fix ignored login on compare (#12476) (#12478)
    - Fix incorrect error logging in Stats indexer and OAuth2
      (#12387) (#12422)
    - Upgrade google/go-github to v32.1.0 (#12361) (#12390)
    - Render emoji's of Commit message on feed-page (#12373)
    - Fix handling of diff on unrelated branches when Git 2.28 used
      (#12370)

-------------------------------------------------------------------
Wed Jul 29 10:45:16 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.12.3
  - Don't change creation date when updating Release (#12343)
    (#12351)
  - Show 404 page when release not found (#12328) (#12332)
  - Fix emoji detection in certain cases (#12320) (#12327)
  - Reduce emoji size (#12317) (#12327)
  - Fix double-indirection bug in logging IDs (#12294) (#12308)
  - Link to pull list page on sidebar when view pr (#12256)
    (#12263)
  - Extend Notifications API and return pinned notifications 
    by default (#12164) (#12232)

-------------------------------------------------------------------
Tue Jul 14 09:13:18 UTC 2020 - Eric Schirra <ecsos@opensuse.org>

- Cleanup npx section in spec.
- Add gitea-apache-vhost.conf  example in doc.
- Correct README.SUSE and rename gitea.conf in gitea-apache.conf
  in doc.

-------------------------------------------------------------------
Mon Jul 13 08:38:05 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.12.2
  * BUGFIXES
    - When deleting repository decrese user repositry count in 
      cache (#11954) (#12188)
    - Gitea commits API again returns commit summaries, not full
      messages (#12186) (#12187)
    - Properly set HEAD when a repo is created with a non-master
      default branch (#12135) (#12182)
    - Ensure Subkeys are verified (#12155) (#12168)
    - Fix failing to cache last commit with key being to long
      (#12151) (#12161)
    - Multiple small admin dashboard fixes (#12153) (#12156)
    - Remove spurious logging (#12139) (#12148)
    - Fix repository setup instructions when default branch is not
      master (#12122) (#12147)
    - Move EventSource to SharedWorker (#12095) (#12130)
    - Fix ui bug in wiki commit page (#12089) (#12125)
    - Fix gitgraph branch continues after merge (#12044) (#12105)
    - Set the base url when migrating from Gitlab using access token
      or username without password (#11852) (#12104)
    - Ensure BlameReaders close at end of request (#12102) (#12103)
    - Fix comments webhook panic backport (#12058)
  * ENHANCEMENTS
    - Disable dropzone's timeout (#12024) (#12032)
- Changes from 1.12.1
  * BUGFIXES
    - Handle multiple merges in gitgraph.js (#11996) (#12000)
    - Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
    - For language detection do not try to analyze big files by
      content (#11971) (#11975)
  * ENHANCEMENTS
    - Fix scrollable header on dropdowns (#11893) (#11965)
- Changes from 1.12.0
  Too many changes. 
  Please see: https://github.com/go-gitea/gitea/releases/tag/v1.12.0

-------------------------------------------------------------------
Mon Jun 22 08:54:38 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.11.8
  * BUGFIXES
    - Really fix webpack_public_path for 1.11 (#11961)

-------------------------------------------------------------------
Thu Jun 18 17:46:19 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.11.7
  * BUGFIXES
    - Use ID or Where to instead directly use Get when load object
      from database (#11925) (#11935)
    - Fix __webpack_public_path__ for 1.11 (#11907)
    - Fix verification of subkeys of default gpg key
      (#11713) (#11902)
    - Remove unnecessary parentheses in wiki/view template
      (#11781)
    - Doctor fix xorm.Count nil on sqlite error (#11741)
  
-------------------------------------------------------------------
Sun May 31 08:20:23 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.11.6
  * SECURITY
    - Fix missing authorization check on pull for public repos of
      private/limited org (#11656) (#11683)
    - Use session for retrieving org teams (#11438) (#11439)
  * BUGFIXES
    - Return json on 500 error from API (#11574) (#11660)
    - Fix wrong milestone in webhook message (#11596) (#11612)
    - Prevent (caught) panic on login (#11590) (#11598)
    - Fix commit page js error (#11527)
    - Use media links for img in post-process (#10515) (#11504)
    - Ensure public repositories in private organizations are
      visible and fix admin organizations list (#11465) (#11475)
    - Set correct Content-Type value for Gogs/Gitea webhooks
      (#9504) (#10456) (#11461)
    - Allow all members of private orgs to see public repos
      (#11442) (#11459)
    - Whenever the ctx.Session is updated, release it to save it
      before sending the redirect (#11456) (#11457)
    - Forcibly clean and destroy the session on logout
      (#11447) (#11451)
    - Fix /api/v1/orgs/* endpoints by changing parameter to :org 
      from :orgname (#11381)
    - Add tracked time fix to doctor (part of #11111) (#11138)
    - Fix webpack chunk loading with STATIC_URL_PREFIX
      (#11526) (#11544)
    - Remove unnecessary parentheses in wiki/revision.tmpl to allow
      1.11 to build on go1.14 (#11481)

-------------------------------------------------------------------
Sun May 10 08:36:50 UTC 2020 - ecsos <ecsos@opensuse.org>

- Update to 1.11.5
  * BUGFIXES
    - Prevent timer leaks in Workerpool and others 
      (#11333) (#11340)
    - Fix tracked time issues (#11349) (#11354)
    - Add NotifySyncPushCommits to indexer notifier 
      (#11309) (#11338)
    - Allow X in addition to x in tasks (#10979) (#11335)
    - When delete tracked time through the API return 404 not 500
      (#11319) (#11326)
    - Prevent duplicate records in organizations list when creating
      a repository (#11303) (#11325)
    - Manage port in submodule refurl (#11305) (#11323)
    - api.Context.NotFound(...) should tolerate nil
      (#11288) (#11306)
    - Show pull request selection even when unrelated branches
      (#11239) (#11283)
    - Repo: milestone: make /milestone/:id endpoint accessible
      (#11264) (#11282)
    - Fix GetContents(): Dont't ignore Executables
      (#11192) (#11209)
    - Fix submodule paths when AppSubUrl is not root
      (#11098) (#11176)
    - Prevent clones and pushes to disabled wiki
      (#11131) (#11134)
    - Remove errant third closing curly-bracket from account.tmpl
      and send account ID in account.tmpl (#11130)
    - On Repo Deletion: Delete related TrackedTimes too
      (#11110) (#11125)
    - Refresh codemirror on show pull comment tab
      (#11100) (#11122)
    - Fix merge dialog on protected branch with missing required
      statuses (#11074) (#11084)
    - Load pr Issue Poster on API too (#11033) (#11039)
    - Fix release counter on API repository info (#10968) (#10996)
    - Generate Diff and Patch direct from Pull head
      (#10936) (#10938)
    - Fix rebase conflict detection in git 2.26 (#10929) (#10930)
  * ENHANCEMENT
    - Fix 404 and 500 image size in small size screen
      (#11043) (#11049)
    - Multiple Gitea Doctor improvements (#10943) (#10990) (#10064)
      (#9095) (#10991)

-------------------------------------------------------------------
Wed Apr  1 18:44:10 UTC 2020 - ecsos@opensuse.org

- Update to 1.11.4
  * BUGFIXES
    - Only update merge_base if not already merged (#10909)
    - Fix milestones too many SQL variables bug (#10880) (#10904)
    - Protect against NPEs in notifications list (#10879) (#10883)
    - Convert plumbing.ErrObjectNotFound to git.ErrNotExist in 
      getCommit (#10862) (#10868)
    - Convert plumbing.ErrReferenceNotFound to git.ErrNotExist in
      GetRefCommitID (#10676) (#10797)
    - Account for empty lines in receive-hook message 
      (#10773) (#10784)
    - Fix bug on branch API (#10767) (#10775)
    - Migrate to go-git/go-git v5.0.0 (#10735) (#10753)
    - Fix hiding of fields in authorization source page
      (#10734) (#10752)
    - Prevent default for linkAction (#10742) (#10743)

-------------------------------------------------------------------
Wed Mar 11 09:15:30 UTC 2020 - ecsos@opensuse.org

- Update to 1.11.3
  * BUGFIXES
    - Prevent panic in stopwatch (#10670) (#10673)
    - Fix bug on pull view when required status check no ci result
      (#10648) (#10651)
    - Build explicitly with Go 1.13 (#10684)

-------------------------------------------------------------------
Sat Mar  7 11:38:29 UTC 2020 - ecsos@opensuse.org

- Update to 1.11.2
  * BREAKING
    - Various fixes in login sources (#10428) (#10429)
  * SECURITY
    - Ensure only own addresses are updated (#10397) (#10399)
    - Logout POST action (#10582) (#10585)
    - Org action fixes and form cleanup (#10512) (#10514)
    - Change action GETs to POST (#10462) (#10464)
    - Fix admin notices (#10480) (#10483)
    - Change admin dashboard to POST (#10465) (#10466)
    - Update markbates/goth (#10444) (#10445)
    - Update crypto vendors (#10385) (#10398)
  * BUGFIXES
    - Allow users with write permissions to modify issue 
      descriptions and comments. (#10623) (#10626)
    - Handle deleted base branch in PR (#10618) (#10619)
    - Delete dependencies when deleting a repository
      (#10608) (#10616)
    - Ensure executable bit is kept on the web editor
      (#10607) (#10614)
    - Update mergebase in pr checker (#10586) (#10605)
    - Fix release attachments being deleted while upgrading
      (#10572) (#10573)
    - Fix redirection path if Slack webhook channel is invalid
      (#10566)
    - Fix head.tmpl og:image picture location (#10531) (#10556)
    - Fix 404 after activating secondary email (#10547) (#10553)
    - Show Signer in commit lists and add basic trust
      (#10425 & #10511) (#10524)
    - Fix potential bugs (#10513) (#10518)
    - Use [:space:] instead of \s (#10508) (#10509)
    - Avoid mailing users that have explicitly unwatched an issue
      (#10475) (#10500)
    - Handle push rejection message in Merge & Web Editor
      (#10373) (#10497)
    - Fix SQLite concurrency problems by using BEGIN IMMEDIATE
      (#10368) (#10493)
    - Fix double PR notification from API (#10482) (#10486)
    - Show the username as a fallback on feeds if full name is
      blank (#10461)
    - Trigger webhooks on issue label-change via API too
      (#10421) (#10439)
    - Fix git reference type in webhooks (#10427) (#10432)
    - Prevent panic on merge to PR (#10403) (#10408)
    - Fix wrong num closed issues on repository when close issue 
      via commit… (#10364) (#10380)
    - Reading pull attachments should depend on read
      UnitTypePullRequests (#10346) (#10354)
    - Set max-width on review-box comment box (#10348) (#10353)
    - Prevent nil pointer in GetPullRequestCommitStatusState
      (#10342) (#10344)
    - Fix protected branch status check settings (#10341) (#10343)
    - Truncate long commit message header (#10301) (#10319)
    - Set the initial commit status to Success otherwise it will
      always be Pending (#10317) (#10318)
    - Don't manually replace whitespace during render
      (#10291) (#10315)
  * ENHANCEMENTS
    - Admin page for managing user e-mail activation
      (#10557) (#10579)

-------------------------------------------------------------------
Mon Feb 17 17:49:10 UTC 2020 - ecsos@opensuse.org

- Fix generation of arc-green theme.

-------------------------------------------------------------------
Mon Feb 17 07:26:49 UTC 2020 - ecsos@opensuse.org

- Update to 1.11.1
  * BUGFIXES
    - Repo name added to automatically generated commit message 
      when merging (#9997) (#10285)
    - Fix Workerpool deadlock (#10283) (#10284)
    - Divide GetIssueStats query in smaller chunks 
      (#10176) (#10282)
    - Fix reply on code review (#10257)
    - Stop hanging issue indexer initialisation from preventing
      shutdown (#10243) (#10249)
    - Fix filter label emoji width (#10241) (#10244)
    - Fix issue sidebar menus having an infinite height
      (#10239) (#10240)
    - Fix commit between two commits calculation if there is only
      last commit (#10225) (#10226)
    - Only check for conflicts/merging if the PR has not been
       merged in the interim (#10132) (#10206)
    - Blacklist manifest.json & milestones user (#10292) (#10293)

-------------------------------------------------------------------
Sat Feb 15 13:36:15 UTC 2020 - ecsos@opensuse.org

- Fix position-independent-executable-suggested.

-------------------------------------------------------------------
Thu Feb 13 09:40:43 UTC 2020 - ecsos@opensuse.org

- Change AppWorkPath to /var/lib/gitea.
- Set default CustomPath and AppWorkPath in gitea binary.

-------------------------------------------------------------------
Mon Feb 10 13:41:52 UTC 2020 - ecsos@opensuse.org

- Update to 1.11.0
  There are to many changes.
  Please look in CHANGELOG.md or at: 
  https://github.com/go-gitea/gitea/releases/tag/v1.11.0
- New version needs webpack and nodejs modules to run.
  Create a script gitea-fetch_source_and_node_modules.sh to
  generate needed files.
- Run spec-cleaner.

-------------------------------------------------------------------
Sat Jan 18 09:43:29 UTC 2020 - ecsos@opensuse.org

- Update to 1.10.3
  * SECURITY
    - Hide credentials when submitting migration (#9102) (#9704)
    - Never allow an empty password to validate (#9682) (#9684)
    - Prevent redirect to Host (#9678) (#9680)
    - Hide public repos owned by private orgs (#9609) (#9616)
  * BUGFIXES
    - Allow assignee on Pull Creation when Issue Unit is 
      deactivated (#9836) (#9838)
    - Fix download file wrong content-type (#9825) (#9835)
    - Fix wrong identify poster on a migrated pull request when 
      submit review (#9827) (#9831)
    - Fix dump non-exist log directory (#9818) (#9820)
    - Fix compare (#9808) (#9815)
    - Fix missing msteam webhook on organization (#9781) (#9795)
    - Fix add team on collaborator page when same name as 
      organization (#9783)
    - Fix cache problem on dashboard (#9358) (#9703)
    - Send tag create and push webhook when release created on UI 
      (#8671) (#9702)
    - Branches not at ref commit ID should not be listed as Merged
      (#9614) (#9639)

-------------------------------------------------------------------
Thu Jan  2 14:55:41 UTC 2020 - ecsos@opensuse.org

- Update to 1.10.2
  * BUGFIXES
    - Allow only specific Columns to be updated on Issue via API
      (#9539) (#9580)
    - Add ErrReactionAlreadyExist error (#9550) (#9564)
    - Fix bug when migrate from API (#8631) (#9563)
    - Use default avatar for ghost user (#9536) (#9537)
    - Fix repository issues pagination bug when there are more than
      one label filter (#9512) (#9528)
    - Fix deleted branch not removed when push the branch again
      (#9516) (#9524)
    - Fix missing repository status when migrating repository via
      API (#9511)
    - Trigger webhook when deleting a branch after merging a PR
      (#9510)
    - Fix paging on /repos/{owner}/{repo}/git/trees/{sha} API 
      endpoint (#9482)
    - Fix NewCommitStatus (#9434) (#9435)
    - Use OriginalURL instead of CloneAddr in migration logging
      (#9418) (#9420)
    - Fix Slack webhook payload title generation to work with 
      Mattermost (#9404)
    - DefaultBranch needs to be prefixed by BranchPrefix
      (#9356) (#9359)
    - Fix issue indexer not triggered when migrating a repository
      (#9333)
    - Fix bug that release attachment files not deleted when 
      deleting repository (#9322) (#9329)
    - Fix migration releases (#9319) (#9326) (#9328)
    - Fix File Edit: Author/Committer interchanged (#9297) (#9300)

-------------------------------------------------------------------
Thu Dec  5 19:23:01 UTC 2019 - ecsos@opensuse.org

- Update to 1.10.1
  * BUGFIXES
  - Fix max length check and limit in multiple repo forms 
    (#9148) (#9204)
  - Properly fix displaying virtual session provider in admin panel
    (#9137) (#9203)
  - Upgrade levelqueue to 0.1.0 (#9192) (#9199)
  - Fix panic when diff (#9187) (#9193)
  - Smtp logger configuration sendTos should be an array 
    (#9154) (#9157)
  - Always Show Password Field on Link Account Sign-in Page (#9150)
  - Create PR on Current Repository by Default (#8670) (#9141)
  - Fix race on indexer (#9136) (#9139)
  - Fix reCAPTCHA URL (#9119)
  - Hide migrated credentials (#9098)
  - Update golang.org/x/crypto vendor to use acme v2 
    (#9056) (#9085)
  - Fix password checks on admin create/edit user (#9076) (#9081)
  - Fix add search as a reserved username (#9063) (#9065)
  - Fix permission checks for close/reopen from commit 
    (#8875) (#9033)
  - Ensure Written is set in GZIP ProxyResponseWriter 
    (#9018) (#9025)
  - Fix broken link to branch from issue list (#9003) (#9021)
  - Fix wrong system notice when repository is empty (#9020)
  - Shadow password correctly for session config (#8984) (#9002)

-------------------------------------------------------------------
Thu Nov 14 11:48:52 UTC 2019 - ecsos@opensuse.org

- Update to 1.10.0
  Changelog is to long. See instead online:
  https://github.com/go-gitea/gitea/blob/v1.10.0/CHANGELOG.md

- Changes from 1.9.6
  * BUGFIXES
    - Allow to merge if file path contains " or \ (#8629) (#8772)
    - Fix 500 when edit hook (#8782) (#8790)
    - Fix issue with user.fullname (#8904)
    - Update Github Migration Test (#8897) (#8946)
    - Add Close() method to gogitRepository (#8901) (#8958)

- Rebase gitea.app.ini.patch.

-------------------------------------------------------------------
Thu Oct 31 09:15:38 UTC 2019 - ecsos@opensuse.org

- Update to 1.9.5
  * BREAKING
    - Hide some user information via API if user doesn't have 
      enough permission (#8655) (#8658)
  * BUGFIXES
    - Fix milestone close timestamp (#8728) (#8731)
    - Fix deadline on update issue or PR via API (#8699)
    - Fix 'New Issue Missing Milestone Comment' (#8678) (#8682)
    - Fix 500 when getting user as unauthenticated user (#8653) 
      (#8662)
    - Use AppSubUrl for more redirections (#8647) (#8652)
    - Add SubURL to redirect path (#8632) (#8634) (#8640)
    - Fix #8582 by handling empty repos (#8587) (#8593)
    - Fix bug on pull requests when transfer head repository
      (#8571)
    - Add missed close in ServeBlobLFS (#8527) (#8543)
    - Return false if provided branch name is empty for 
      IsBranchExist (#8485) (#8492)
    - Create .ssh dir as necessary (#8369) (#8486) (#8489)
    - Restore functionality for early gits (#7775) (#8476)
    - Add check for empty set when dropping indexes during 
      migration (#8475)
    - Ensure Request Body Readers are closed in LFS server (#8454) 
      (#8459)
    - Ensure that LFS files are relative to the LFS content path 
      (#8455) (#8458)
  * SECURITY
    - Ignore mentions for users with no access (#8395) (#8484)
  * TESTING
    - Update heatmap fixtures to restore tests (#8615) (#8617)  

-------------------------------------------------------------------
Wed Oct  9 05:34:49 UTC 2019 - ecsos@opensuse.org

- Update to 1.9.4
  * BUGFIXES
    - Highlight issue references (#8101) (#8404)
    - Fix bug when migrating a private repository #7917 (#8403)
    - Change general form binding to gogs form (#8334) (#8402)
    - Fix editor commit to new branch if PR disabled
      (#8375) (#8401)
    - Fix milestone num_issues (#8221) (#8400)
    - Allow users with explicit read access to give approvals
      (#8398)
    - Fix commit status in PR #8316 and PR #8321 (#8339)
    - Fix API for edit and delete release attachment (#8290)
    - Fix assets on release webhook (#8283)
    - Fix release API URL generation (#8239)
    - Allow registration when button is hidden (#8238)
    - MS Teams webhook misses commit messages (backport v1.9)
      (#8225)
    - Fix data race (#8206)
    - Fix pull merge 500 error caused by git-fetch breaking 
      behaviors (#8194)
    - Fix the SSH config specification in the authorized_keys
       template (#8193)
    - Fix reading git notes from nested trees (#8189)
    - Fix team user api (#8172) (#8188)
    - Add reviewers as participants (#8124)
  * BUILD
    - Use vendored go-swagger (#8087) (#8165)
    - Fix version-validation for GO 1.13 (go-macaron/cors) (#8389)
  * MISC
    - Make show private icon when repo avatar set (#8144) (#8175)

-------------------------------------------------------------------
Sun Sep  8 08:24:05 UTC 2019 - ecsos@opensuse.org

- Update to 1.9.3
  * BUGFIXES
    - Fix go get from a private repository with Go 1.13 (#8100)
    - Strict name matching for Repository.GetTagID() (#8082)
    - Avoid ambiguity of branch/directory names for the 
      git-diff-tree command (#8070)
    - Add change title notification for issues (#8064)
    - Run CORS handler first for /api routes (#7967) (#8053)
    - Evaluate emojis in commit messages in list view (#8044)
    - Fix failed to synchronize tags to releases for repository 
      (#7990) (#7994)
    - Fix adding default Telegram webhook (#7972) (#7992)
    - Abort synchronization from LDAP source if there is some error
      (#7965)
    - Fix deformed emoji in commit message (#8071)
  * ENHANCEMENT
    - Keep blame view buttons sequence consistent with normal view
      when viewing a file (#8007) (#8009)

-------------------------------------------------------------------
Sat Aug 24 18:53:05 UTC 2019 - ecsos@opensuse.org

- Update to 1.9.2
  * BUGFIXES
    - Fix wrong sender when send slack webhook (#7918) (#7924)
    - Upload support text/plain; charset=utf8 (#7899)
    - Lfs/lock: round locked_at timestamp to second (#7872) (#7875)
    - Fix non existent milestone with 500 error (#7867) (#7873)
  * SECURITY
    - Fix No PGP signature on 1.9.1 tag (#7874)
    - Release built with go 1.12.9 to fix security fixes in golang 
      std lib, ref: https://groups.google.com/forum/#!msg/golang-announce/oeMaeUnkvVE/a49yvTLqAAAJ
  * ENHANCEMENT
    - Fix pull creation with empty changes (#7920) (#7926)
  * BUILD
    - Drone/docker: prepare multi-arch release + 
      provide arm64 image (#7571) (#7884)

-------------------------------------------------------------------
Tue Jun 18 05:36:13 UTC 2019 - ecsos@opensuse.org

- Update to version 1.8.3
  * BUGFIXES
    - Always set userID on LFS authentication
      (#7224) (Part of #6993)
    - Fix LFS Locks over SSH (#6999) (#7223)
    - Fix duplicated file on pull request conflicted files
      (#7211) (#7214)
    - Detect noreply email address as user (#7133) (#7195)
    - Don't get milestone from DB if ID is zero (#7169) (#7174)
    - Allow archived repos to be (un)starred and (un)watched
      (#7163) (#7168)
    - Fix GCArgs load from ini (#7156) (#7157)

-------------------------------------------------------------------
Thu May 30 07:36:18 UTC 2019 - ecsos@opensuse.org

- update to version 1.8.2
  * BUGFIXES
    - Fix possbile mysql invalid connnection error (#7051) (#7071)
    - Handle invalid administrator username on install page 
      (#7060) (#7063)
    - Disable arm7 builds (#7037) (#7042)
    - Fix default for allowing new organization creation for new 
      users (#7017) (#7034)
    - SearchRepositoryByName improvements and unification 
      (#6897) (#7002)
    - Fix u2f registrationlist ToRegistrations() method 
      (#6980) (#6982)
    - Allow collaborators to view repo owned by private org 
      (#6965) (#6968)
    - Use AppURL for Oauth user link (#6894) (#6925)
    - Escape the commit message on issues update (#6901) (#6902)
    - Fix regression for API users search (#6882) (#6885)
    - Handle early git version's lack of get-url (#7065) (#7076)
    - Fix wrong init dependency on markup extensions 
      (#7038) (#7074)

-------------------------------------------------------------------
Sun May 12 08:05:14 UTC 2019 - ecsos@opensuse.org

- update to version 1.8.1
  * BUGFIXES
    - Fix 404 when sending pull requests in some situations
      (#6871) (#6873)
    - Enforce osusergo build tag for releases (#6862) (#6869)
    - Don't post process commit summary in templates 
      (#6842) (#6868)
    - Fix 500 when reviewer is deleted (#6856) (#6860)
    - Fix v78 migration for MSSQL (#6823) (#6854)
    - Added tags pull step to drone config to show correct version
      hashes (#6836) (#6839)
    - Fix double-generation of scratch token (#6833) (#6835)
    - When mirroring we should set the remote to mirror
      (#6824) (#6834)
    - Show scrollbar only when needed (#6802) (#6803)
    - Service worker js is missing a comma (#6788) (#6795)
    - Set user search base field optional in LDAP (simple auth)
      edit page (#6779) (#6789)
    - Fix team edit API panic (#6780) (#6785)
    - Minor CSS cleanup for the navbar (#6553) (#6781)
    - Stricter domain name pattern in email regex (#6739) (#6768)
    - Detect and restore encoding and BOM in content 
      (#6727) (#6765)
    - Fix org visibility bug when git cloning (#6743) (#6762)
    - OAuth2 token can be used in basic auth (#6747) (#6761)
    - Fix missing return (#6751) (#6756)
    - Fix sorting repos on org home page with non-admin login
      (#6741) (#6746)
    - Drop is_bare IDX only when it exists for MySQL and MariaDB 
      (#6736) (#6744)
    - Fix team members API (#6714) (#6729)
    - Load issue attributes when editing an issue with API 
      (#6723) (#6725)
    - Fix config ui error about cache ttl (#6861) (#6865)

-------------------------------------------------------------------
Thu Apr 25 08:31:31 UTC 2019 - ecsos@opensuse.org

- update to version 1.8.0
  * SECURITY
    - Prevent remote code execution vulnerability with mirror repo 
      URL settings (#6593) (#6594)
    - Resolve 2FA bypass on API (#6676) (#6674)
    - Prevent the creation of empty sessions for non-logged in 
      users (#6690) (#6677)
  * BREAKING
    - Add "ghost" and "notifications" to list of reserved user 
      names. (#6208)
    - Change sqlite DB path default to data directory (#6198)
    - Adds MustChangePassword to user create/edit API (#6193)
    - Disable redirect for i18n (#5910)
    - Releases API paging (#5831)
    - Allow Macaron to be set to log through to gitea.log (#5667)
    - Don't close issues via commits on non-default branch (#5622)
  * FEATURE
    - Add regenerate secret feature for oauth2 (#6291)
    - Expose issue stopwatch toggling via API (#5970)
    - Add other session providers (#5963)
    - Pull request conflict files detection (#5951)
    - Integrate OAuth2 Provider (#5378)
    - Implement "conversation lock" for issue comments (#5073)
    - Feature: Archive repos (#5009)
    - Discord Oauth2 support (#4476)
    - Allow to set organization visibility 
      (public, internal, private) (#1763)
    - Added URL mapping for Release attachments like on github.com 
      (#1707)
  * ENHANCEMENT
    - Add support for client basic auth for exchanging access 
      tokens (#6293)
    - Add ability to sort issues by due date (#6206) (#6244)
    - Style tweaks to issue selection (#6196)
    - Increase Username and Orgname MaxSize 35 -> 40 (#6178)
    - Coverage profile with multiple packages (#6167)
    - Split setting.go to multiple files (#6154)
    - Allow labels to contain emoji (#6063)
    - Disable git fsck for mirrored repos by default (#6018)
    - Add default time out for git operations (#6015)
    - Split setting.go as multiple files (#6014)
    - Make dashboard navbar and footer full-width (#6013)
    - Add lang specific font stacks for CJK (#6007)
    - Fix header menu misalignment (#6002)
    - Enhance closed PR and Issue status in the list (#6000)
    - Make navbar full width (#5998)
    - Add option to close issues via commit on a non master branch 
      (#5992)
    - Support n as a line highlight prefix (#5987)
    - Search for org repos (#3031) (#5986)
    - Minor UI tweaks (#5980)
    - Use native golang SSH library but ssh-keygen when enable 
      built-in SSH server to remove dependent on that command lines 
      (#5976)
    - Dashboard tweaks (#5974)
    - Fixes for repo topic editor (#5971)
    - Display the branch name in the commit view (#5950)
    - handle milestone events for issues and PR (#5947)
    - Add label names as filter in issue search api (#5946)
    - Repo header tweaks (#5945)
    - Better support for long repo names (#5932)
    - Fix wrapping long code lines (#5927)
    - Change GPG Validation colors and remove inline CSS
      (#5404) (#5896)
    - Fix "pulls.blocked_by_approvals" text (#5879)
    - Rename reject to 'request changes' (#5858)
    - Move input fields to add members to a team and repos 
      to a team (#5853)
    - Config option to disable automatic repo watching (#5852)
    - New Issue ?body= query (#5851)
    - Add API to list tags (#5850)
    - Pagination for git tree API (#5838)
    - Add InternalTokenURI to load InternalToken from an external
      file (#5812)
    - Allow markdown files to read from the LFS (#5787)
    - Add the ability to use multiple labels as filters (#5786)
    - Adjust log settings when a user is not found. (#5771)
    - Log IP of failed ssh connection (#5766)
    - Moved defaults in defaults.go to setting.go (#5764)
    - Make DB connect more robust (#5738)
    - Add Default Pull Request Title (#5735)
    - Refactor repo.isBare to repo.isEmpty #5629 (#5714)
    - Add flag to skip repository dumping (#5695)
    - Prioritize "readme.md" (#5691)
    - Improve "Fork button" for guests by showing a pop up asking 
      them to log in before forking (#5690)
    - Allow for user specific themes (#5668)
    - Display branch name in delete branch confirmation modal. 
      (#5654)
    - New API routes added (#5594)
    - Refactor notification for indexer (#5111)
    - Refactor mail notification (#5110)
    - Show email if the authenticated user owns the profile page 
      being requested for (#4981)
    - Optimize pulls merging (#4921)
    - Sort Repositories widget by most recently updated
      (#3963) (#4599)
    - Allow markdown table to scroll (#4401)
    - Automatically clear stopwatch on merging a PR (#4327)
    - Add the Owner Name to differentiate when merging (#3807)
    - Add title attributes to all items in the repo list viewer 
      (#6258) (#6650)
  * BUGFIXES
    - Fix dropdown icon padding (#6651) (#6654)
    - Fix wrong GPG expire date (#6643) (#6644)
    - Fix forking an empty repository (#6637) (#6653)
    - Remove call to EscapePound .Link as it is already escaped 
      (#6656) (#6666)
    - Properly escape on the redirect from the web editor 
      (#6657) (#6667)
    - Allow resend of confirmation email when logged in 
      (#6482) (#6486)
    - Fix mail notification when close/reopen issue (#6581) (#6588)
    - Change API commit summary to full message (#6591) (#6592)
    - Add option to disable refresh token invalidation 
      (#6584) (#6587)
    - Fix bug user search API pagesize didn't obey ExplorePagingNum
      (#6579) (#6586)
    - Fix new repo alignment (#6583) (#6585)
    - Prevent server 500 on compare branches with no common history
      (#6555) (#6558)
    - Properly escape release attachment URL (#6512) (#6523)
    - Hacky fix for alignment of the create-organization dialog 
      (#6455) (#6462)
    - Disable benchmarking during tag events on DroneIO 
     (#6365) (#6366)
    - Make sure units of a team are returned (#6379) (#6381)
    - Don't Unescape redirect_to cookie value (#6399) (#6401)
    - Fix dump table name error and add some test for dump database
      (#6394) (#6402)
    - Fix migration v82 to ignore unsynced tags between database 
      and git data; Add missing is_archived column on repository 
      table (#6387) (#6403)
    - Display correct error for invalid mirror interval 
      (#6414) (#6429)
    - Clean up ref name rules (#6437) (#6439)
    - Fix Hook & HookList in Swagger (#6432) (#6440)
    - Change order that PostProcess Processors are run 
      (#6445) (#6447)
    - Clean up various use of escape/unescape functions for URL 
      generation (#6334)
    - Return 409 when creating repo if it already exists. (#6330)
    - Add same changes from issues page to milestone->issues page 
      (#6328)
    - Fix ParsePatch function to work with quoted diff --git 
      strings (#6323)
    - Fix reported issue in repo description (#6306)
    - Use url.PathEscape to escape the branchname (#6304)
    - Add robots.txt as reserved username (#6272)
    - Replace linkRegex with xurls library (#6261)
    - Remove visitLinksForShortLinks features (#6257)
    - Add unit types to repo action URL to correctly show 404 when 
      archived (#6247)
    - Check organization visibility before everything else 
      (#6234) (#6235)
    - Prevent double-close of issues (#6233)
    - Override xorm type mapping for U2F counter (#6232)
    - Add isAdmin to user API response (#6231)
    - Update git vendor to fix wrong release commit id and add 
      migrations (#6224)
    - Fix fork button (#6223)
    - Fix renames over redirects (#6216)
    - Fix display dashboard even if require to change password
      (#6214)
    - Create a repo redirect when transferring ownership (#6210)
      (#6211)
    - Fix issue update race condition (#6194)
    - Fix bug when migrate repository 500 when repo is existed
      (#6188)
    - Fix scrollbar always present on page body (#6177)
    - Fix bug when set indexer as db and add tests (#6173)
    - Modify linkRegex to require http|https (#6171)
    - Fix bug user could change private repository to public when 
      force private enabled. (#6156)
    - Fix admin list user/org API (#6143)
    - Make repo creation for API similar to UI (#6142)
    - Make document body a flexbox (#6139)
    - Refactor issue indexer, add some testing and fix a bug 
      (#6131)
    - Load Issue attributes for API call (#6122)
    - Fix bug when update owner team then visit team's repo 
      return 404 (#6119)
    - Fix heatmap and repository menu display in 
      Internet Explorer 9+ (#6117)
    - Show private organization for admin, fix #6111 (#6112)
    - Fix prohibit login check on authorization (#6106)
    - Move to ldap.v3 to fix #5928 (#6105)
    - Remove use MakeAssigneeList in webhooks to fix deadlock 
      (#6102)
    - Allow display of LFS stored Readme.md on directory page 
      (#6073) (#6099)
    - Make sure labels are actually returned (#6053)
    - Fix panic: template: repo/issue/list:210: unexpected "=" in 
      operand (#6041)
    - After deleting a repo on admin panel, UI should remember the 
      last sort type (#6033)
    - Default create repository on organisation on its dashboard 
      (#6026)
    - Swagger: Remove spaces in MergePullRequestOption enum (#6016)
    - Fix metrics auth token detection (#6006)
    - Fix repo header issues (#5995)
    - Fix bug when deleting a linked account will removed all 
      (#5989)
    - Make organization dropdown scrollable when using mouse wheel 
      (#5988)
    - Fix empty ssh key importing in ldap (#5984)
    - Admin config page mailertype setting option update (#5973)
    - Fix redirect loop during forced password change (#5965)
    - Show user who created the repository instead of the 
      organisation in action feed (#5948)
    - Remove all CommitStatus when a repo is deleted (#5940)
    - Fix ssh deploy and user key constraints (#1357) (#5939)
    - Fix log output (#5938)
    - Set PusherName and PusherID to owner on deploy key to fix 
      pushing with deploy keys (#5935)
    - Fix compare button (#5929)
    - Fix bug when read public repo lfs file (#5912)
    - Only allow local login if password is non-empty (#5906)
    - Recover panic in orgmode.Render if bad orgfile (#4982) 
      (#5903)
    - Provide better panic handling (#5902)
    - Respect value of REQUIRE_SIGNIN_VIEW (#5901)
    - Show a 404 not a 500 if a repo does not exist (#5900)
    - Ensure repo is loaded in mailer (Completely fix #5891) 
      (#5895)
    - Ensure issue.Poster is loaded in 
      mailIssueCommentToParticipants (#5891)
    - Correct footer height if screen-width is to small 
      (fixes #5878) (#5889)
    - In gitea serv switch off console logger to fix #5866 (#5887)
    - Don't allow pull requests to be created on an archived 
      repository (#5883)
    - Support reviews on a deleted file path (#5880)
    - Fix compare button on upstream repo leading to 404 (#5877)
    - Fix null pointer on not logged in attempt to Sudo (#5872)
    - Fix new release creation API to allow empty target (#5870)
    - Fix an error while adding a dependency via UI. (#5862)
    - Fix failing migration v67 (#5849)
    - Fix delete correct temp directory (#5839)
    - Make sure .git/info is created before generating 
      .git/info/sparse-che… (#5825)
    - Fix topics saving internal error and disable for archived 
      repos (#5821)
    - Fix TLS errors when using acme/autocert for local connections
      (#5820)
    - When creating new repository fsck option should be enabled
      (#5817)
    - Request for public keys only if LDAP attribute is set (#5816)
    - Fix serving of raw wiki files other than .md (#5814)
    - Fix migration 78 error mssql (#5791)
    - Disallow empty titles (#5785)
    - Fix the v78 migration script (#5776)
    - Ensure valid git author names passed in signatures (#5774)
    - Fix wrong assumption where a user is always said to have 
      unassigned (her)himself (#5769)
    - Upgrade go-sql-driver/mysql to fix invalid connection error 
      (#5748)
    - Fixing PostgreSQL dump creation (#5747)
    - Add proper CORS preflight origin validation (#5740)
    - Disable auto-migrate in docker container (#5730)
    - In basic auth check for tokens before call UserSignIn (#5725)
    - Pooled and buffered gzip implementation (#5722)
    - Ensure that sessions are passed into queries that could use 
      the database to prevent deadlocks (#5718)
    - Keep file permissions during database migration (#5707)
    - Use correct value for "MSpan Structures Obtained" #4742 
      (#5706)
    - Refactor editor upload, update and delete to use git plumbing
      and add LFS support (#5702)
    - Update xorm to fix issue #5659 and #5651 (#5680)
    - Fix public will not be reused as public key after deleting as
      deploy key (#5671)
    - When redirecting, clean the path (#5669)
    - Don't list an issue on its own dependency list UI. (#5658)
    - Fix commit page showing status for current default branch 
      (#5649) (#5650)
    - Only count users own actions for heatmap contributions 
      (#5647)
    - Fix sqlite deadlock when assigning to a PR (#5640)
    - Refactor issue indexer (#5363)
  * TESTING
    - Run benchmark at tag to track performances (#6035)
    - Add test environment for MySQL8 (#5234)
  * BUILD
    - Use go 1.12 for tests and deprecate go 1.9 (#6186)
    - Makefile changes for Windows and easier development (#6103)
    - Update bleve dependency to latest master revision (#6100)
    - Switch to more recent build of xgo (#6070)
    - Add autoprefixer to css build (#6029)
    - Update the version of less (#6010)
    - Make log mailer for testing (#5893)
  * DOCS
    - Add more tests and docs for issue indexer, add db indexer 
      type for searching from database (#6144)
    - update default value of --must-change-password cli flag 
      (#6032)
    - Update and expand information about building Gitea (#6019)
    - Update U2F Section of app.ini.sample (#5994)
    - Update swagger for release API pagination (#5841)
    - Added docs for the tree api (#5834)
  * MISC
   - Add single commit API support (#5843)
   - Add missing GET teams endpoints (#5382)
   - Migrate database if app.ini found (#5290)

-------------------------------------------------------------------
Sat Apr 20 08:07:53 UTC 2019 - ecsos@opensuse.org

- update to version 1.7.6
  * SECURITY
    - Prevent remote code execution vulnerability with mirror repo
      URL settings (#6593) (#6595)
  * BUGFIXES
    - Allow resend of confirmation email when logged in 
      (#6482) (#6487)

-------------------------------------------------------------------
Sun Mar 31 08:57:58 UTC 2019 - ecsos@opensuse.org

- update to version 1.7.5
  * BUGFIXES
    - Fix unitTypeCode not being used in accessLevelUnit 
      (#6419) (#6423)
    - Fix bug where manifest.json was being requested without 
      cookies and continuously creating new sessions 
      (#6372) (#6383)·
    - Fix ParsePatch function to work with quoted 
      diff --git strings (#6323) (#6332)

-------------------------------------------------------------------
Wed Mar 20 08:37:57 UTC 2019 - ecsos@opensuse.org

- update to version 1.7.4
  * SECURITY
    - Fix potential XSS vulnerability in repository description. 
      (#6306) (#6308)
  * BUGFIXES
    - Fix wrong release commit id (#6224) (#6300)
    - Fix panic on empty signed commits (#6292) (#6300)
    - Fix organization dropdown not being scrollable when using 
      mouse wheel (#5988) (#6246)
    - Fix displaying dashboard even if required to change password 
      (#6214) (#6215)

-------------------------------------------------------------------
Mon Mar  4 14:41:20 UTC 2019 - ecsos@opensuse.org

- update to version 1.7.3
  * BUGFIXES
    - Fix server 500 when trying to migrate to an already existing 
      repository (#6188) (#6197)
    - Load Issue attributes for API 
      /repos/{owner}/{repo}/issues/{index} (#6122) (#6185)
    - Fix bug whereby user could change private repository to
      public when force private enabled. (#6156) (#6165)
    - Fix bug when update owner team then visit team's repo return 
      404 (#6119) (#6166)
    - Fix heatmap and repository menu display in 
      Internet Explorer 9+ (#6117) (#6137)
    - Fix prohibit login check on authorization (#6106) (#6115)
    - Fix LDAP protocol error regression by moving to ldap.v3 
      (#6105) (#6107)
    - Fix deadlock in webhook PullRequest (#6102) (#6104)
    - Fix redirect loop when password change is required and Gitea 
      is installed as a suburl (#5965) (#6101)
    - Fix compare button regression (#5929) (#6098)
    - Recover panic in orgmode.Render if bad orgfile (#4982) 
      (#5903) (#6097)

-------------------------------------------------------------------
Thu Feb 21 14:47:22 UTC 2019 - ecsos@opensuse.org

- update to version 1.7.2
  * BUGFIXES
    - Remove all CommitStatus when a repo is deleted
      (#5940) (#5941)
    - Fix notifications on pushing with deploy keys by setting 
      hook environment variables (#5935) (#5944)
    - Silence console logger in gitea serv (#5887) (#5943)
    - Handle milestone webhook events for issues and PR 
      (#5947) (#5955)
    - Show user who created the repository instead of the 
      organization in action feed (#5948) (#5956)
    - Fix ssh deploy and user key constraints (#1357) (#5939) 
      (#5966)
    - Fix bug when deleting a linked account will removed all 
      (#5989) (#5990)
    - Fix empty ssh key importing in ldap (#5984) (#6009)
    - Fix metrics auth token detection (#6006) (#6017)
    - Create repository on organisation by default on its dashboard
      (#6026) (#6048)
    - Make sure labels are actually returned in API (#6053) (#6059)
    - Switch to more recent build of xgo (#6070) (#6072)
    - In basic auth check for tokens before call UserSignIn (#5725)
      (#6083)

-------------------------------------------------------------------
Fri Feb  1 13:40:03 UTC 2019 - info@paolostivanin.com

- update to version 1.7.1
  * security:
    - Disable redirect for i18n (#5910) (#5916)
    - Only allow local login if password is non-empty 
      (#5906) (#5908)
    - Fix go-get URL generation (#5905) (#5907)
  * bugfixes:
    - Fix TLS errors when using acme/autocert for local connections 
      (#5820) (#5826)
    - Request for public keys only if LDAP attribute is set 
      (#5816) (#5819)
    - Fix delete correct temp directory (#5840) (#5839)
    - Fix an error while adding a dependency via UI (#5862) (#5876)
    - Fix null pointer in attempt to Sudo if not logged in 
      (#5872) (#5884)
    - When creating new repository fsck option should be enabled 
      (#5817) (#5885)
    - Prevent nil dereference in mailIssueCommentToParticipants 
      (#5891) (#5895) (#5894)
    - Fix bug when read public repo lfs file (#5913) (#5912)
    - Respect value of REQUIRE_SIGNIN_VIEW (#5901) (#5915)
    - Fix compare button on upstream repo leading to 404
      (#5877) (#5914)
  * docs:
    - Added docs for the tree api (#5835)
  * misc:
    - Include Go toolchain to --version (#5832) (#5830)

-------------------------------------------------------------------
Fri Jan 25 10:22:33 UTC 2019 - ecsos@opensuse.org

- Add missing directories.

-------------------------------------------------------------------
Thu Jan 24 12:56:26 UTC 2019 - ecsos@opensuse.org

- Conflicts with git-web.

-------------------------------------------------------------------
Wed Jan 23 12:57:07 UTC 2019 - ecsos@opensuse.org

- Update to 1.7.0
  To many changes to list here. See:
  https://github.com/go-gitea/gitea/releases/tag/v1.7.0

-------------------------------------------------------------------
Wed Jan 16 07:51:35 UTC 2019 - ecsos@opensuse.org

- Update to 1.6.4
  * BUGFIX
    - Fix SSH key now can be reused as public key after deleting as 
      deploy key (#5671) (#5685)
    - When redirecting clean the path to avoid redirecting to 
      external site (#5669) (#5703)
    - Fix to use correct value for MSpan Structures Obtained 
      (#5706) (#5715)

-------------------------------------------------------------------
Mon Jan  7 16:43:29 UTC 2019 - ecsos@opensuse.org

- Update to 1.6.3
  * SECURITY
    - Prevent DeleteFilePost doing arbitrary deletion (#5631)
  * BUGFIX
    - Fix wrong text getting saved on editing second comment on an 
      issue (#5608)
- Change source name.

-------------------------------------------------------------------
Fri Dec 21 18:58:27 UTC 2018 - ecsos@opensuse.org

- Update to 1.6.2
  * SECURITY
    - Sanitize uploaded file names (#5571) (#5573)
    - HTMLEncode user added text (#5570) (#5575)
  * BUGFIXES
    - Fix indexer reindex bug when gitea restart (#5563) (#5564)
    - Remove a double slash in the HTTPS redirect with 
      Let's Encrypt (#5537) (#5539)
    - Fix bug when a read perm user to edit his issue (#5516) 
      (#5534)
    - Detect force push failure on deletion of protected branches 
      (#5522) (#5531)
    - Let's Encrypt handler listens on correct port for certificate
      validation (#5525) (#5527)
    - Fix forgot deletion of notification when delete repository 
      (#5506) (#5514)
    - Fix undeleted content when deleting user (#5429) (#5509)
    - Fix empty wiki (#5504) (#5508)

-------------------------------------------------------------------
Tue Dec 11 11:42:40 UTC 2018 - ecsos@opensuse.org

- Update to 1.6.1
  * BUGFIXES
    - Fix dependent issue searching when gitea is run in subpath 
      (#5392) (#5400)
    - API: '/orgs/:org/repos': return private repos with read 
      access (#5393)
    - Fix repository deletion when there is large number of issues 
      in it (#5426) (#5434)
    - Word-break the WebHook url to prevent a ui-break (#5445)
    - Admin should be able to delete repos via the API even if they
      are not a member of the organization (#5443) (#5447)
    - Ensure that the closed_at is set for closed (#5450)
    - Fix topic name length on database (#5493) (#5495)

-------------------------------------------------------------------
Tue Nov 27 10:57:45 UTC 2018 - ecsos@opensuse.org

- Update to 1.6.0
  * BREAKING
    - Respect email privacy option in user search via API (#4512)
    - Simply remove tidb and deps (#3993)
    - Swagger.v1.json template (#3572)
  * SECURITY
    - Add CSRF checking to reqToken and add reqToken to admin API 
      routes (#5272) (#5250)
    - Improve URL validation for external wiki  and external issues
      (#4710)
    - Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)
    - Don't disclose emails of all users when sending out emails
      (#4664)
    - Check that repositories can only be migrated to own user or 
      organizations (#4366)
  * FEATURE
    - Add comment replies (#5147) (#5104)
    - Pull request review/approval and comment on code (#3748)
    - Added dependencies for issues (#2196) (#2531)
    - Add the ability to have built in themes in Gitea and provide 
      dark theme arc-green (#4198)
    - Add sudo functionality to the API (#4809)
    - Add oauth providers via cli (#4591)
    - Disable merging a WIP Pull request (#4529)
    - Force user to change password (#4489)
    - Add letsencrypt to Gitea (#4189)
    - Add push webhook support for mirrored repositories (#4127)
    - Add csv file render support defaultly (#4105)
    - Add Recaptcha functionality to Gitea (#4044)
  * ENHANCEMENT
    - Fix milestones sorted wrongly (#4987)
    - Allow api to create tags for releases if they don't exist
      (#4890)
    - Fix #4877 to follow the OpenID Connect Audiences spec (#4878)
    - Enforce token on api routes [fixed critical security issue 
      #4357] (#4840)
    - Update legacy branch and tag URLs in dashboard to new format
      (#4812)
    - Slack webhook channel name cannot be empty or just contain 
      an hashtag (#4786)
    - Add whitespace handling to PR-comparsion (#4683)
    - Make reverse proxy auth optional (#4643)
    - MySQL TLS (#4642)
    - Make sure to set PR split view when creating/previewing 
      a pull request  (#4617)
    - Log user in after a successful sign up (#4615)
    - Fix typo IsPullReuqestBroken -> IsPullRequestBroken (#4578)
    - Allow admin toggle forcing a password change for newly 
      created users (#4563)
    - Update jQuery to v1.12.4 (#4551)
    - Env var GITEA_PUSHER_EMAIL (#4516)
    - Feat(repo): support search repository by topic name (#4505)
    - Small improvements to dependency UI (#4503)
    - Make max commits in graph configurable (#4498)
    - Add valid for lfs oid (#4461)
    - Add shortcut to save wiki page (#4452)
    - Allow administrator to create repository for any organization 
      (#4368)
    - Fix repository last updated time update when delete a user 
      who watched the repo (#4363)
    - Switch plaintext scratch tokens to use hash instead (#4331)
    - Increase default TOTP secret size to 320 bits (#4287)
    - Keep preseeded database password (#4284)
    - Implemented hover text showing user FullName (#4261)
    - Add ability to delete a token (#4235)
    - Fix typos in i18n variable names. (#4080)
    - Api: repos/search: add parameters to control the sort order
      (#3964)
    - Add missing path in the Docker app.ini template (#2181)
    - Add file name and branch to page title (#4902)
    - Offline use of google fonts (#4872)
    - Add missing History link to directory listings v2 (#4829)
    - Locale for Edit and Remove due date issue (#4802)
    - Disable 'May Import Local Repository' when is disabled by
      setting (Is… (#4780)
    - API /admin/users/{username} missing parameter (#4775)
    - Display error when adding a user to a team twice (#4746)
    - Remove UsePrivilegeSeparation from the Docker sshd_config,
       see #2876 (#4722)
    - Focus title input when clicking helper link (#4696)
    - Add vendor to user reserved words and format words list 
      according alphabet (#4685)
    - Add gitea/issues link to 500 page (#4654)
    - Hide home button when landing page is not set to home (#4651)
    - Remove link to GitHub issues in 404 template (#4639)
    - Cmd/serve: pprof cpu and memory profile dumps to disk (#4560)
    - Add flash message after an account has been successfully 
      activated (#4510)
    - Prevent html entity escaping on delete branch (#4471)
    - Locale for button Edit on protected branch (#4442)
    - Update notification icon (#4343)
    - Added front-end topics validation (#4316)
    - Don't display buttons if there are no system notifications
      (#4280)
    - Issue due date api (#3890)
  * BUGFIXES
    - dont' send assign webhooks when creating issue (#5365)
    - Fix create team, update team missing units (#5188)
    - Fix file edit change preview functionality (#5300)
    - *ix bug when users have serval teams with different units on 
      different repositories (#5307)
    - Fix U2F if gitea is configured in subpath (#5302)
    - Fix markdown image with link (#4675)
    - Remove maxlines option for file logger (#5282)
    - Fix wrong api request url for instances running in subfolders
      (#5261) (#5247)
    - Accept web-command cli flags if web-command is commited 
      (#5245) (#5200)
    - Reduce join star, repo_topic, topic tables on repo search,
      to resolve extra columns problem on MSSQL (#5136) (#5229)
    - Fix data race on migrate repository (#5224) (#5230)
    - Add secret to all webhook's payload where it has been missing
      (#5208) (#5199)
    - Fix sqlite and MSSQL lock (#5210) (#5223) (#5214) (#5218)
      (#5176) (#5179)
    - Fix race on updatesize (#5190) (#5215)
    - Fix filtering issues by tags on main screen issues (#5219) 
      (#3824)
    - Fix SQL quoting (#5137) (#5117)
    - Fix regex to support optional end line of old section in diff 
      hunk (#5097) (#5096)
    - Fix release creation via API (#5076)
    - Remove links from topics in edit mode  (#5026)
    - Fix missing AppSubUrl in few more templates (fixup) (#5021)
    - Fix missing AppSubUrl in some templates (#5020)
    - Hide outdated comments in file view (#5017)
    - Upgrade gopkg.in/testfixtures.v2 (#4999)
    - Disable debug routes unless PPROF is enabled in configuration
      (#4995)
    - Fix user menu item styling (#4985)
    - Fix layout of the topics editing form (#4971)
    - Fix null pointer dereference in ParseCommitWithSignature 
      (#4962)
    - Fix url in discord webhook (#4953)
    - Detect charset and convert non UTF-8 files for display 
      (#4950)
    - Make sure to catch the right error so it is displayed on 
      the UI (#4945)
    - Fix(topics): don't redirect to explore page. (#4938)
    - Fix bug forget to remove Stopwatch when remove repository 
      (#4928)
    - Fix bug when repo remained bare if multiple branches pushed 
      in single push (#4923)
    - Fix: Crippled diff (#4726) (#4900)
    - Fix trimming of markup section names (#4863)
    - Issues api allow pulls and fix #4832 (#4852)
    - Do not autocreate directory for new users/orgs (#4828)
      (#4849)
    - Fix redirect with non-ascii branch names (#4764) (#4810)
    - Fix missing release title in webhook (#4783) (#4796)
    - User shouldn't be able to approve or reject his/her own PR
      (#4729)
    - Make sure to reset commit count in the cache on mirror 
      syncing (#4720)
    - Fixed bug where team with admin privelege type doesn't get 
      any unit  (#4719)
    - Fix incorrect caption of webhook setting (#4701) (#4717)
    - Allow WIP marker to contains < or > (#4709)
    - Hide org/create menu item in Dashboard if user has no rights
      (#4678) (#4680)
    - Site admin could create repos even MAX_CREATION_LIMIT=0
      (#4645)
    - Fix custom templates being ignored (#4638)
    - Fix starring icon after semantic ui update (#4628)
    - Fix Split-View line adjustment (#4622)
    - Fix integer constant overflows in tests (#4616)
    - Push whitelist now doesn't apply to branch deletion (#4601) 
      (#4607)
    - Fix bugs when too many IN variables (#4594)
    - Fix failure on creating pull request with assignees (#4419)
      (#4583)
    - Fix panic issue on update avatar email (#4580) (#4581)
    - Fix status code label for a successful webhook (#4540)
    - An inactive user shouldn't be able to be added as 
      a collaborator (#4535)
    - Don't fail silently if trying to add a collaborator twice 
      (#4533)
    - Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge
      function (#4519) (#4525)
    - Fix out-of-transaction query in removeOrgUser (#4521) (#4522)
    - Fix migration from older releases (#4495)
    - Accept 'Data:' in commit graph (#4487)
    - Update xorm to latest version and fix correct `user` table 
      referencing in sql (#4473)
    - Relative URLs for LibreJS page (#4460)
    - Redirect to correct page after using scratch token (#4458)
    - Fix column droping for MSSQL that need new transaction for 
      that (#4440)
    - Replace src with raw to fix image paths (#4377)
    - Add default merge options when creating new repository (#4369)
    - Fix docker build (#4358)
    - Fixes repo membership check in API (#4341)
    - Dep upgrade mysql lib (#4161)
    - Fix some issues with special chars in branch names (#3767)
    - Responsive design fixes (#4508)
  * TRANSLATION
    - Fix punctuation in English translation (#4958)
    - Fix translation (#4355)
- rebase gitea.app.ini.patch

-------------------------------------------------------------------
Mon Nov 12 10:52:25 UTC 2018 - ecsos@opensuse.org

- Fix problems with use of ssh.
  - Move .ssh from etc to gitea path.
  - Change rights for /usr/share/gitea
  - Update README.SUSE

-------------------------------------------------------------------
Thu Nov  1 23:48:14 UTC 2018 - ecsos@opensuse.org

- update to 1.5.3
  * SECURITY
    - Fix remote command execution vulnerability in upstream
      library (#5177) (#5196)

-------------------------------------------------------------------
Mon Oct 15 12:58:36 UTC 2018 - ecsos@opensuse.org

- update to 1.5.2
  * SECURITY
    - Enforce token on api routes (#4840) (#4905)
  * BUGFIXES
    - Remove links from topics in edit mode (#5030)
    - Detect charset and convert non UTF-8 files for display 
      (#4950) (#4994)
    - Fix layout of the topics editing form (#4971) (#4993)
    - Fix null pointer dereference in ParseCommitWithSignature 
      (#4964)
    - Fix url in discord webhook (#4951)
    - Fix font-cropping UI bug in diff (#4726) (#4929)
    - Fix bug forget to remove Stopwatch when remove repository 
      (#4933)
    - Fix bug when repo remained bare if multiple branches pushed 
      (#4927)
    - Fix redirect with non-ascii branch names (#4764) (#4887)
    - Fix issues api allow pulls (#4852) (#4862)
    - Fix trimming of markup section names (#4864)

-------------------------------------------------------------------
Mon Sep  3 11:47:33 UTC 2018 - ecsos@opensuse.org

- update 1.5.1
  * SECURITY
    - Don't disclose emails of all users when sending out emails 
      (#4784)
    - Improve URL validation for external wiki and external issues 
      (#4710) (#4740)
    - Make cookies HttpOnly and obey COOKIE_SECURE flag 
      (#4706) (#4707)
  * BUGFIXES
    - Fix missing release title in webhook (#4783) (#4800)
    - Make sure to reset commit count in the cache on mirror 
      syncing (#4770)
    - Fixed bug where team with admin privelege type doesn't get 
      any unit (#4759)
    - Fix failure on creating pull request with assignees 
      (#4583) (#4727)
    - Hide org/create menu item in Dashboard if user has no rights 
      (#4678) (#4686)
  * TRANSLATION
    - Fix incorrect caption of webhook setting (#4701) (#4718)

-------------------------------------------------------------------
Sat Aug 11 17:47:31 UTC 2018 - ecsos@opensuse.org

- update to 1.5.0
  * SECURITY
    - Check that repositories can only be migrated to own user or 
      organizations (#4366) (#4370)
    - Limit uploaded avatar image-size to 4096px x 3072px by
      default (#4353)
    - Do not allow to reuse TOTP passcode (#3878)
  * BUGFIXES
    - Fix column droping for MSSQL that need new transaction for 
      that (#4440) (#4484)
    - Redirect to correct page after using scratch token (#4458)
      (#4472)
    - Replace src with raw to fix image paths (#4377) (#4386)
    - Fixes repo membership check in API (#4341) (#4379)
    - Add default merge options when adding new repository (#4369) 
      (#4373)
    - Fix repository last updated time update when delete a user
      who watched the repo (#4363) (#4371)
    - Fix html entity escaping in branch deletion message (#4471) 
      (#4485)
    - Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
    - Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge 
      function (#4519)
    - Fix panic issue on update avatar email (#4580) (#4590)
    - Fix bugs when too many IN variables (#4594) (#4597)
    - Push whitelist now doesn't apply to branch deletion (#4601) 
      (#4640)
    - Site admin could create repos even MAX_CREATION_LIMIT=0 
      (#4645) (#4650)
  * FEATURE
    - Add cli commands to regen hooks & keys (#3979)
    - Add support for FIDO U2F (#3971)
    - Added user language setting (#3875)
    - LDAP Public SSH Keys synchronization (#1844)
    - Add topic support (#3711)
    - Multiple assignees (#3705)
    - Add protected branch whitelists for merging (#3689)
    - Global code search support (#3664)
    - Add label descriptions (#3662)
    - Add issue search via API (#3612)
    - Add repository setting to enable/disable health checks 
      (#3607)
    - Emoji Autocomplete (#3433)
    - Implements generator cli for secrets (#3531)
  * ENHANCEMENT
    - Add more webhooks support and refactor webhook templates
      directory (#3929)
    - Add new option to allow only OAuth2/OpenID user registration
      (#3910)
    - Add option to use paged LDAP search when synchronizing users
      (#3895)
    - Symlink icons (#1416)
    - Improve release page UI (#3693)
    - Add admin dashboard option to run health checks (#3606)
    - Add branch link in branch list (#3576)
    - Reduce sql query times in retrieveFeeds (#3547)
    - Option to enable or disable swagger endpoints (#3502)
    - Add missing licenses (#3497)
    - Reduce repo indexer disk usage (#3452)
    - Enable caching on assets and avatars (#3376)
    - Add repository search ordered by stars/forks. 
      Forks column in admin repo list (#3969)
    - Add Environment Variables to Docker template (#4012)
    - LFS: make HTTP auth period configurable (#4035)
    - Add config path as an optionial flag when changing pass via
      CLI (#4184)
    - Refactor User Settings sections (#3900)
    - Allow square brackets in external issue patterns (#3408)
    - Add Attachment API (#3478)
    - Add EnableTimetracking option to app settings (#3719)
    - Add config option to enable or disable log executed SQL 
      (#3726)
    - Shows total tracked time in issue and milestone list (#3341)
  * TRANSLATION
    - Improve English grammar and consistency (#3614)
  * DEPLOYMENT
    - Allow Gitea to run as different USER in Docker (#3961)
    - Provide compressed release binaries (#3991)
    - Sign release binaries (#4188)
- rebase gitea.app.ini.patch

-------------------------------------------------------------------
Sat Aug  4 09:42:13 UTC 2018 - ecsos@opensuse.org

- add conf for apache to reach gitea under git location in docdir.

-------------------------------------------------------------------
Wed Jun 27 16:58:01 UTC 2018 - ecsos@opensuse.org

- update to 1.4.3
  * SECURITY
    - HTML-escape plain-text READMEs (#4192) (#4214)
    - Fix open redirect vulnerability on login screen 
      (#4312) (#4312)
  * BUGFIXES
    - Fix broken monitoring page when running processes are shown 
      (#4203) (#4208)
    - Fix delete comment bug (#4216) (#4228)
    - Delete reactions added to issues and comments when deleting
      repository (#4232) (#4237)
    - Fix wiki URL encoding bug (#4091) (#4254)
    - Fix code tab link when viewing tags (#3908) (#4263)
    - Fix webhook type conflation (#4285) (#4285)

-------------------------------------------------------------------
Wed Jun  6 13:39:07 UTC 2018 - ecsos@opensuse.org

- update to 1.4.2
  * BUGFIXES
    - Adjust z-index for floating labels (#3939) (#3950)
    - Add missing token validation on application settings page 
      (#3976) #3978
    - Webhook and hook_task clean up (#4006)
    - Fix webhook bug of response info is not displayed in UI 
      (#4023)
    - Fix writer cannot read bare repo guide (#4033) (#4039)
    - Don’t force due date to current time (#3830) (#4057)
    - Fix wiki redirects (#3919) (#4065)
    - Fix attachment ENABLED (#4064) (#4066)
    - Added deletion of an empty line at the end of file 
      (#4054) (#4074)
    - Use ResolveReference instead of path.Join (#4073)
    - Fix #4081 Check for leading / in base before removing it 
      (#4083)
    - Respository’s home page not updated after first push (#4075)
- fix wrong version in main.go
- add firewall configurations for susefirewall2 ( < 1500 ) and 
  firewalld ( >= 1500 )

-------------------------------------------------------------------
Sat Jun  2 16:13:19 UTC 2018 - ecsos@opensuse.org

- initial version 1.4.1
- add patch gitea.app.ini.patch to set some variables
openSUSE Build Service is sponsored by