2024-04-25 04:47:42 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Apr 25 02:27:22 UTC 2024 - Richard Rahl <rrahl0@disroot.org>
|
|
|
|
|
|
|
|
- update to 7.0.0:
|
|
|
|
This is only an excerpt from the full changelog, which you can find
|
|
|
|
in your RELEASE-NOTES.md or at
|
|
|
|
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#7-0-0
|
|
|
|
* MySQL 8.0 or PostgreSQL 12 are the minimum supported versions.
|
|
|
|
The database must be migrated before upgrading.
|
|
|
|
The requirements regarding SQLite did not change.
|
|
|
|
* The per_page parameter is no longer a synonym for limit in the
|
|
|
|
/repos/{owner}/{repo}/releases API endpoint.
|
|
|
|
* The date format of the created and last_update fields of the
|
|
|
|
/repos/{owner}/{repo}/push_mirrors and /repos/{owner}/{repo}/push_mirrors
|
|
|
|
API endpoint changed to be timestamps instead of numbers.
|
|
|
|
* Labels used by pprof endpoint have been changed
|
|
|
|
* The fogejo admin user create CLI command requires a password change
|
|
|
|
by default when creating the first user
|
|
|
|
|
2024-04-20 16:15:17 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Apr 20 12:39:56 UTC 2024 - Richard Rahl <rrahl0@disroot.org>
|
|
|
|
|
|
|
|
- update to 1.21.11-1:
|
|
|
|
* error 500 on tag creation when a workflow exists
|
|
|
|
|
|
|
|
- update to 1.21.11-0:
|
|
|
|
* Fixed a privilege escalation through git push options that
|
|
|
|
allows any user to change the visibility of any repository they can see,
|
|
|
|
regardless of their level of access.
|
|
|
|
* Fixed a bug that allows user-supplied, non-sandboxed JavaScript to be run
|
|
|
|
from the same domain as the forge, via
|
|
|
|
/{owner}/{repo}/render/branch/{branch}/{filename} URLs.
|
|
|
|
* Close file in upload function
|
|
|
|
* Prevent registering runners for deleted repositories.
|
|
|
|
Prevents 500 Internal Server Error in admin interface.
|
|
|
|
* More reliable pagination support when migrating from gitbucket
|
|
|
|
* Fix automerge when used with actions
|
|
|
|
|
|
|
|
- fix apparmor profile
|
|
|
|
|
2024-04-05 21:02:52 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 5 18:39:07 UTC 2024 - Richard Rahl <rrahl0@proton.me>
|
|
|
|
|
|
|
|
- update to 1.21.10-0:
|
|
|
|
* CVE-2023-45288 which permits an attacker to cause an HTTP/2 endpoint to
|
|
|
|
read arbitrary amounts of header data
|
|
|
|
* Fix to not remove repository avatars when the doctor runs with --fix
|
|
|
|
on the repository archives.
|
|
|
|
* Detect protected branch on branch rename.
|
|
|
|
* Don't delete inactive emails explicitly.
|
|
|
|
* Fix user interface when a review is deleted without refreshing.
|
|
|
|
* Fix paths when finding files via the web interface that were not escaped.
|
|
|
|
* Respect DEFAULT_ORG_MEMBER_VISIBLE setting when adding creator to org.
|
|
|
|
* Fix duplicate migrated milestones.
|
|
|
|
* Fix inline math blocks can't be preceeded/followed by alphanumerical
|
|
|
|
characters.
|
|
|
|
|
2024-04-04 10:14:51 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 28 06:58:20 UTC 2024 - Richard Rahl <rrahl0@proton.me>
|
|
|
|
|
|
|
|
- increase golang dep to 1.22, to imitate the CI/CD of forgejo
|
|
|
|
- revise how the apparmor package gets build + add selinux
|
|
|
|
|
2024-03-23 22:36:41 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Mar 23 21:21:28 UTC 2024 - Richard Rahl <user@localhost>
|
|
|
|
|
|
|
|
- update to 1.21.8-0:
|
|
|
|
* Fix /api/v1/{owner}/{repo}/issue_templates which was always failing with a
|
|
|
|
500 error.
|
|
|
|
* Prevent error 500 on /user/settings/security when SignedUser has a linked
|
|
|
|
account from a deactivated authentication source.
|
|
|
|
* Fix error 500 when pushing release to an empty repo.
|
|
|
|
* Fix incorrect rendering csv file when file size is larger than UI.CSV.MaxFileSize.
|
|
|
|
* Fix error 500 when deleting account with incorrect password or unsupported login type.
|
|
|
|
* handle user-defined name anchors like [Link](#link) linking to <a name="link"></a>Link.
|
|
|
|
* Use correct head commit for CODEOWNER.
|
|
|
|
* Fix manual merge button.
|
|
|
|
* Make meilisearch do exact search for issues.
|
|
|
|
* Fix PR creation via api between branches of same repo with head field namespaced.
|
|
|
|
|
2024-03-08 08:39:42 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 8 07:35:29 UTC 2024 - Richard Rahl <rrahl0@proton.me>
|
|
|
|
|
|
|
|
- add apparmor profile leeched off of the gitea packaging
|
|
|
|
|
|
|
|
- update to 1.21.7-0:
|
|
|
|
* Fix tarball/zipball download bug.
|
|
|
|
* Ensure HasIssueContentHistory takes into account comment_id.
|
|
|
|
* The google.golang.org/protobuf module was bumped to version v1.33.0 to fix
|
|
|
|
a bug in the google.golang.org/protobuf/encoding/protojson package which
|
|
|
|
could cause the Unmarshal function to enter an infinite loop when handling
|
|
|
|
some invalid inputs
|
|
|
|
|
2024-02-25 09:22:07 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Feb 9 10:07:58 UTC 2024 - Richard Rahl <rrahl0@proton.me>
|
|
|
|
|
|
|
|
- initial packaging
|