Releases: go-gitea/gitea
Releases · go-gitea/gitea
v1.16.4
- SECURITY
- ENHANCEMENTS
- BUGFIXES
- Refactor mirror code & fix
StartToMirror(#18904) (#19075) - Update the webauthn_credential_id_sequence in Postgres (#19048) (#19060)
- Prevent 500 when there is an error during new auth source post (#19041) (#19059)
- If rendering has failed due to a net.OpError stop rendering (attempt 2) (#19049) (#19056)
- Fix flag validation (#19046) (#19051)
- Add pam account authorization check (#19040) (#19047)
- Ignore missing comment for user notifications (#18954) (#19043)
- Set
rel="nofollow noindex"on new issue links (#19023) (#19042) - Upgrading binding package (#19034) (#19035)
- Don't show context cancelled errors in attribute reader (#19006) (#19027)
- Fix update hint bug (#18996) (#19002)
- Refactor mirror code & fix
- MISC
v1.16.3
1.16.3 - 2022-03-02
- SECURITY
- Git backend ignore replace objects (#18979) (#18980) CVE-2022-27313
- ENHANCEMENTS
- BUGFIXES
- Set max text height to prevent overflow (#18862) (#18977)
- Fix newAttachmentPaths deletion for DeleteRepository() (#18973) (#18974)
- Accounts with WebAuthn only (no TOTP) now exist ... fix code to handle that case (#18897) (#18964)
- Send 404 on
/{org}.gpg(#18959) (#18962) - Fix admin user list pagination (#18957) (#18960)
- Fix lfs management setting (#18947) (#18946)
- Fix login with email panic when email is not exist (#18942)
- Update go-org to v1.6.1 (#18932) (#18933)
- Fix
<strong>html in translation (#18929) (#18931) - Fix page and missing return on unadopted repos API (#18848) (#18927)
- Allow adminstrator teams members to see other teams (#18918) (#18919)
- Don't treat BOM escape sequence as hidden character. (#18909) (#18910)
- Correctly link URLs to users/repos with dashes, dots or underscores (… (#18908)
- Fix redirect when using lowercase repo name (#18775) (#18902)
- Fix migration v210 (#18893) (#18892)
- Fix team management UI (#18887) (18886)
- BeforeSourcePath should point to base commit (#18880) (#18799)
- TRANSLATION
- Backport locales from master (#18944)
- MISC
v1.16.2
1.16.2 - 2022-02-24
- ENHANCEMENTS
- BUGFIXES
- Fix ldap user sync missed email in email_address table (#18786) (#18876)
- Update assignees check to include any writing team and change org sidebar (#18680) (#18873)
- Don't report signal: killed errors in serviceRPC (#18850) (#18865)
- Fix bug where certain LDAP settings were reverted (#18859)
- Update go-org to 1.6.0 (#18824) (#18839)
- Fix login with email for ldap users (#18800) (#18836)
- Fix bug for get user by email (#18834)
- Fix panic in EscapeReader (#18820) (#18821)
- Fix ldap loginname (#18789) (#18804)
- Remove redundant call to UpdateRepoStats during migration (#18591) (#18794)
- In disk_channel queues synchronously push to disk on shutdown (#18415) (#18788)
- Fix template bug of LFS lock (#18784) (#18787)
- Attempt to fix the webauthn migration again - part 3 (#18770) (#18771)
- Send mail to issue/pr assignee/reviewer also when OnMention is set (#18707) (#18765)
- Fix a broken link in commits_list_small.tmpl (#18763) (#18764)
- Increase the size of the webauthn_credential credential_id field (#18739) (#18756)
- Prevent dangling GetAttribute calls (#18754) (#18755)
- Fix isempty detection of git repository (#18746) (#18750)
- Fix source code line highlighting on external tracker (#18729) (#18740)
- Prevent double encoding of branch names in delete branch (#18714) (#18738)
- Always set PullRequestWorkInProgressPrefixes in PrepareViewPullInfo (#18713) (#18737)
- Fix forked repositories missed tags (#18719) (#18735)
- Fix release typo (#18728) (#18731)
- Separate the details links of commit-statuses in headers (#18661) (#18730)
- Update object repo with the migrated repository (#18684) (#18726)
- Fix bug for version update hint (#18701) (#18705)
- Fix issue with docker-rootless shimming script (#18690) (#18699)
- Let
MinUnitAccessModereturn correct perm (#18675) (#18689) - Prevent security failure due to bad APP_ID (#18678) (#18682)
- Restart zero worker if there is still work to do (#18658) (#18672)
- If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
- TESTING
- BUILD
- MISC
v1.16.1
1.16.1 - 2022-02-06
- SECURITY
- ENHANCEMENTS
- BUGFIXES
- Comments on migrated issues/prs must link to the comment ID (#18630) (#18637)
- Stop logging an error when notes are not found (#18626) (#18635)
- Ensure that blob-excerpt links work for wiki (#18587) (#18624)
- Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
- Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
- Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
- Prevent panic on prohibited user login with oauth2 (#18562) (#18563)
- Collaborator trust model should trust collaborators (#18539) (#18557)
- Detect conflicts with 3way merge (#18536) (#18537)
- In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
- Add
GetUserTeams(#18499) (#18531) - Fix review excerpt (#18502) (#18530)
- Fix for AvatarURL database type (#18487) (#18529)
- Use
ImagedProviderfor gplus oauth2 provider (#18504) (#18505) - Fix OAuth Source Edit Page (#18495) (#18503)
- Use "read" value for General Access (#18496) (#18500)
- Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
- BUILD
- DOCS
v1.16.0
1.16.0 - 2022-01-30
- BREAKING
- SECURITY
- FEATURES
- Add/update SMTP auth providers via cli (#18197)
- Support webauthn (#17957)
- Team permission allow different unit has different permission (#17811)
- Implement Well-Known URL for password change (#17777)
- Add support for ssh commit signing (#17743)
- Allow Loading of Diffs that are too large (#17739)
- Add copy button to markdown code blocks (#17638)
- Add .gitattribute assisted language detection to blame, diff and render (#17590)
- Add
PULL_LIMITandPUSH_LIMITto cron.update_mirror task (#17568) - Add Reindex buttons to repository settings page (#17494)
- Make SSL cipher suite configurable (#17440)
- Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
- Add simple update checker to Gitea (#17212)
- Migrated Repository will show modifications when possible (#17191)
- Create pub/priv keypair for federation (#17071)
- Make LDAP be able to skip local 2FA (#16954)
- Add nodeinfo endpoint for federation purposes (#16953)
- Save and view issue/comment content history (#16909)
- Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
- Add migrate from Codebase (#16768)
- Add migration from GitBucket (#16767)
- Add OAuth2 introspection endpoint (#16752)
- Add proxy settings and support for migration and webhook (#16704)
- Add microsoft oauth2 providers (#16544)
- Send registration email on user autoregistration (#16523)
- Defer Last Commit Info (#16467)
- Support unprotected file patterns (#16395)
- Add migrate from OneDev (#16356)
- Add option to update pull request by
rebase(#16125) - Add RSS/Atom feed support for user actions (#16002)
- Add support for corporate WeChat webhooks (#15910)
- Add a simple way to rename branch like gh (#15870)
- Add bundle download for repository (#14538)
- Add agit flow support in gitea (#14295)
- API
- Add MirrorUpdated field to Repository API type (#18267)
- Adjust Fork API to allow setting a custom repository name (#18066)
- Add API to manage repo tranfers (#17963)
- Add API to get file commit history (#17652)
- Add API to get issue/pull comments and events (timeline) (#17403)
- Add API to get/edit wiki (#17278)
- Add API for get user org permissions (#17232)
- Add HTML urls to notification API (#17178)
- Add API to get commit diff/patch (#17095)
- Respond with updated notifications in API (#17064)
- Add API to fetch git notes (#16649)
- Generalize list header for API (#16551)
- Add API Token Cache (#16547)
- Allow Token API calls be authorized using the reverse-proxy header (#15119)
- ENHANCEMENTS
- Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
- Return nicer error if trying to pull from non-existent user (#18288)
- Show pull link for agit pull request also (#18235)
- Enable partial clone by default (#18195)
- Added replay of webhooks (#18191)
- Show OAuth callback error message (#18185)
- Increase Salt randomness (#18179)
- Add MP4 as default allowed attachment type (#18170)
- Include folders into size cost (#18158)
- Remove
/email2userendpoint (#18127) - Handle invalid issues (#18111)
- Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
- Support open compare page directly (#17975)
- Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
- Clean legacy SimpleMDE code (#17926)
- Refactor install page (db type) (#17919)
- Improve interface when comparing a branch which has created a pull request (#17911)
- Allow default branch to be inferred on compare page (#17908)
- Display issue/comment role even if repo archived (#17907)
- Always set a message-id on mails (#17900)
- Change
<a>elements to underline on hover (#17898) - Render issue references in file table (#17897)
- Handle relative unix socket paths (#17836)
- Move accessmode into models/perm (#17828)
- Fix some org style problems (#17807)
- Add List-Unsubscribe header (#17804)
- Create menus for organization pages (#17802)
- Switch archive URL code back to href attributes (#17796)
- Refactor "refs/*" string usage by using constants (#17784)
- Allow forks to org if you can create repos (#17783)
- Improve install code to avoid low-level mistakes. (#17779)
- Improve ellipsis buttons (#17773)
- Add restrict and no-user-rc to authorized_keys (#17772)
- Add copy Commit ID button in commits list (#17759)
- Make
binderror more readable (#17750) - Fix navbar on project view (#17749)
- More pleasantly handle broken or missing git repositories (#17747)
- Use
*PushUpdateOptionsas receiver (#17724) - Remove unused
userparamater (#17723) - Better builtin avatar generator (#17707)
- Cleanup and use global style on popups (#17674)
- Move user/org deletion to services (#17673)
- Added comment for changing issue ref (#17672)
- Allow admins to change user avatars (#17661)
- Only set
data-pathonce for each file in diff pages (#17657) - Add icon to vscode clone link (#17641)
- Add download button for file viewer (#17640)
- Add pagination to fork list (#17639)
- Use a standalone struct name for Organization (#17632)
- Minor readability patch. (#17627)
- Add context support for GetUserByID (#17602)
- Move merge-section to
> .content(#17582) - Remove NewSession method from db.Engine interface (#17577)
- Move unit into models/unit/ (#17576)
- Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
- Refactor commentTags functionality (#17558)
- Make Repo Code Indexer an Unique Queue (#17515)
- Simplify Gothic to use our session store instead of creating a different store (#17507)
- Add settings to allow different SMTP envelope from address (#17479)
- Properly determine CSV delimiter (#17459)
- Hide label comments if labels were added and removed immediately (#17455)
- Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
- Add appearance section in settings (#17433)
- Move key forms before list and add cancel button (#17432)
- When copying executables to the docker chmod them (#17423)
- Remove deprecated
extendDefaultPluginsmethod of svgo (#17399) - Fix the click behavior for and with [data-href] (#17388)
- Refactor update checker to use AppState (#17387)
- Improve async/await usage, and sort init calls in
index.js(#17386) - Use a variable but a function for IsProd because of a slight performance increment (#17368)
- Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
- Hide command line merge instructions when user can't push (#17339)
- Move session to models/login (#17338)
- Sync gitea app path for git hooks and authorized keys when starting (#17335)
- Make the Mirror Queue a queue (#17326)
- Add "Copy branch name" button to pull request page (#17323)
- Fix repository summary on mobile (#17322)
- Split
index.jsto separate files (#17315) - Show direct match on top for user search (#17303)
- Frontend refactor: move Vue related code from
index.jstocomponentsdir, and remove unused codes. (#17301) - Upgrade chi to v5 (#17298)
- Disable form autofill (#17291)
- Improve behavior of "Fork" button (#17288)
- Open markdown image links in new window (#17287)
- Add hints for special Wiki pages (#17283)
- Move add deploy key form before the list and add a cancel button (#17228)
- Allow adding multiple issues to a project (#17226)
- Add metrics to get issues by repository (#17225)
- Add specific event type to header (#17222)
- Redirect on project after issue created (#17211)
- Reference in new issue modal: dont pre-populate issue title (#17208)
- Always set a unique Message-ID header (#17206)
- Add projects and project boards in exposed metrics (#17202)
- Add metrics to get issues by label (#17201)
- Add protection to disable Gitea when run as root (#17168)
- Don't return binary file changes in raw PR diffs by default (#17158)
- Support sorting for project board issuses (#17152)
- Force color-adjust for markdown checkboxes (#17146)
- Add option to copy line permalink (#17145)
- Move twofactor to models/login (#17143)
- Multiple tokens support for migrating from github (#17134)
- Unify issue and PR subtitles (#17133)
- Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
- Fix problem when database id is not increment as expected (#17124)
- Avatar refactor, move avatar code from
modelstomodels.avatars, remove duplicated code (#17123) - Re-allow clipboard copy on non-https sites (#17118)
- DBContext is just a Context (#17100)
- Move login related structs and functions to models/login (#17093)
- Add SkipLocal2FA option to pam and smtp sources (#17078)
- Move db related basic functions to models/db (#17075)
- Fixes username tagging in "Reference in new issue" (#17074)
- Use light/dark theme based on system preference (#17051)
- Always emit the configuration path (#17036)
- Add
AbsoluteListOptions(#17028) - Use common sessioner for API and Web (#17027)
- Fix overflow label in small view (#17020)
- Report the associated fil...
v1.15.11
v1.16.0-rc1
1.16.0-rc1 - 2022-01-19
- BREAKING
- SECURITY
- FEATURES
- Add/update SMTP auth providers via cli (#18197)
- Support webauthn (#17957)
- Team permission allow different unit has different permission (#17811)
- Implement Well-Known URL for password change (#17777)
- Add support for ssh commit signing (#17743)
- Allow Loading of Diffs that are too large (#17739)
- Add copy button to markdown code blocks (#17638)
- Add .gitattribute assisted language detection to blame, diff and render (#17590)
- Add
PULL_LIMITandPUSH_LIMITto cron.update_mirror task (#17568) - Add Reindex buttons to repository settings page (#17494)
- Make SSL cipher suite configurable (#17440)
- Add groups scope/claim to OIDC/OAuth2 Provider (#17367)
- Add simple update checker to Gitea (#17212)
- Migrated Repository will show modifications when possible (#17191)
- Create pub/priv keypair for federation (#17071)
- Make LDAP be able to skip local 2FA (#16954)
- Add nodeinfo endpoint for federation purposes (#16953)
- Save and view issue/comment content history (#16909)
- Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
- Add migrate from Codebase (#16768)
- Add migration from GitBucket (#16767)
- Add OAuth2 introspection endpoint (#16752)
- Add proxy settings and support for migration and webhook (#16704)
- Add microsoft oauth2 providers (#16544)
- Send registration email on user autoregistration (#16523)
- Defer Last Commit Info (#16467)
- Support unprotected file patterns (#16395)
- Add migrate from OneDev (#16356)
- Add option to update pull request by
rebase(#16125) - Add RSS/Atom feed support for user actions (#16002)
- Add support for corporate WeChat webhooks (#15910)
- Add a simple way to rename branch like gh (#15870)
- Add bundle download for repository (#14538)
- Add agit flow support in gitea (#14295)
- API
- Add MirrorUpdated field to Repository API type (#18267)
- Adjust Fork API to allow setting a custom repository name (#18066)
- Add API to manage repo tranfers (#17963)
- Add API to get file commit history (#17652)
- Add API to get issue/pull comments and events (timeline) (#17403)
- Add API to get/edit wiki (#17278)
- Add API for get user org permissions (#17232)
- Add HTML urls to notification API (#17178)
- Add API to get commit diff/patch (#17095)
- Respond with updated notifications in API (#17064)
- Add API to fetch git notes (#16649)
- Generalize list header for API (#16551)
- Add API Token Cache (#16547)
- Allow Token API calls be authorized using the reverse-proxy header (#15119)
- ENHANCEMENTS
- Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
- Return nicer error if trying to pull from non-existent user (#18288)
- Show pull link for agit pull request also (#18235)
- Enable partial clone by default (#18195)
- Added replay of webhooks (#18191)
- Show OAuth callback error message (#18185)
- Increase Salt randomness (#18179)
- Add MP4 as default allowed attachment type (#18170)
- Include folders into size cost (#18158)
- Remove
/email2userendpoint (#18127) - Handle invalid issues (#18111)
- Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)
- Support open compare page directly (#17975)
- Prefer "Hiragino Kaku Gothic ProN" in system-ui-ja (#17954)
- Clean legacy SimpleMDE code (#17926)
- Refactor install page (db type) (#17919)
- Improve interface when comparing a branch which has created a pull request (#17911)
- Allow default branch to be inferred on compare page (#17908)
- Display issue/comment role even if repo archived (#17907)
- Always set a message-id on mails (#17900)
- Change
<a>elements to underline on hover (#17898) - Render issue references in file table (#17897)
- Handle relative unix socket paths (#17836)
- Move accessmode into models/perm (#17828)
- Fix some org style problems (#17807)
- Add List-Unsubscribe header (#17804)
- Create menus for organization pages (#17802)
- Switch archive URL code back to href attributes (#17796)
- Refactor "refs/*" string usage by using constants (#17784)
- Allow forks to org if you can create repos (#17783)
- Improve install code to avoid low-level mistakes. (#17779)
- Improve ellipsis buttons (#17773)
- Add restrict and no-user-rc to authorized_keys (#17772)
- Add copy Commit ID button in commits list (#17759)
- Make
binderror more readable (#17750) - Fix navbar on project view (#17749)
- More pleasantly handle broken or missing git repositories (#17747)
- Use
*PushUpdateOptionsas receiver (#17724) - Remove unused
userparamater (#17723) - Better builtin avatar generator (#17707)
- Cleanup and use global style on popups (#17674)
- Move user/org deletion to services (#17673)
- Added comment for changing issue ref (#17672)
- Allow admins to change user avatars (#17661)
- Only set
data-pathonce for each file in diff pages (#17657) - Add icon to vscode clone link (#17641)
- Add download button for file viewer (#17640)
- Add pagination to fork list (#17639)
- Use a standalone struct name for Organization (#17632)
- Minor readability patch. (#17627)
- Add context support for GetUserByID (#17602)
- Move merge-section to
> .content(#17582) - Remove NewSession method from db.Engine interface (#17577)
- Move unit into models/unit/ (#17576)
- Restrict GetDeletedBranchByID to the repositories deleted branches (#17570)
- Refactor commentTags functionality (#17558)
- Make Repo Code Indexer an Unique Queue (#17515)
- Simplify Gothic to use our session store instead of creating a different store (#17507)
- Add settings to allow different SMTP envelope from address (#17479)
- Properly determine CSV delimiter (#17459)
- Hide label comments if labels were added and removed immediately (#17455)
- Tune UI alignment for nav bar notification icon, avatar image, issue label (#17438)
- Add appearance section in settings (#17433)
- Move key forms before list and add cancel button (#17432)
- When copying executables to the docker chmod them (#17423)
- Remove deprecated
extendDefaultPluginsmethod of svgo (#17399) - Fix the click behavior for and with [data-href] (#17388)
- Refactor update checker to use AppState (#17387)
- Improve async/await usage, and sort init calls in
index.js(#17386) - Use a variable but a function for IsProd because of a slight performance increment (#17368)
- Frontend refactor, PascalCase to camelCase, remove unused code (#17365)
- Hide command line merge instructions when user can't push (#17339)
- Move session to models/login (#17338)
- Sync gitea app path for git hooks and authorized keys when starting (#17335)
- Make the Mirror Queue a queue (#17326)
- Add "Copy branch name" button to pull request page (#17323)
- Fix repository summary on mobile (#17322)
- Split
index.jsto separate files (#17315) - Show direct match on top for user search (#17303)
- Frontend refactor: move Vue related code from
index.jstocomponentsdir, and remove unused codes. (#17301) - Upgrade chi to v5 (#17298)
- Disable form autofill (#17291)
- Improve behavior of "Fork" button (#17288)
- Open markdown image links in new window (#17287)
- Add hints for special Wiki pages (#17283)
- Move add deploy key form before the list and add a cancel button (#17228)
- Allow adding multiple issues to a project (#17226)
- Add metrics to get issues by repository (#17225)
- Add specific event type to header (#17222)
- Redirect on project after issue created (#17211)
- Reference in new issue modal: dont pre-populate issue title (#17208)
- Always set a unique Message-ID header (#17206)
- Add projects and project boards in exposed metrics (#17202)
- Add metrics to get issues by label (#17201)
- Add protection to disable Gitea when run as root (#17168)
- Don't return binary file changes in raw PR diffs by default (#17158)
- Support sorting for project board issuses (#17152)
- Force color-adjust for markdown checkboxes (#17146)
- Add option to copy line permalink (#17145)
- Move twofactor to models/login (#17143)
- Multiple tokens support for migrating from github (#17134)
- Unify issue and PR subtitles (#17133)
- Make Requests Processes and create process hierarchy. Associate OpenRepository with context. (#17125)
- Fix problem when database id is not increment as expected (#17124)
- Avatar refactor, move avatar code from
modelstomodels.avatars, remove duplicated code (#17123) - Re-allow clipboard copy on non-https sites (#17118)
- DBContext is just a Context (#17100)
- Move login related structs and functions to models/login (#17093)
- Add SkipLocal2FA option to pam and smtp sources (#17078)
- Move db related basic functions to models/db (#17075)
- Fixes username tagging in "Reference in new issue" (#17074)
- Use light/dark theme based on system preference (#17051)
- Always emit the configuration path (#17036)
- Add
AbsoluteListOptions(#17028) - Use common sessioner for API and Web (#17027)
- Fix overflow label in small view (#17020)
- Report the associated filter if there is an error in LDAP (#17014)
- Add "new issue" btn on project (#17001)
- Add doctor dbconsistency check...
v1.15.10
1.15.10 - 2022-01-14
- BUGFIXES
- Fix inconsistent PR comment counts (#18260) (#18261)
- Fix release link broken (#18252) (#18253)
- Fix update user from site administration page bug (#18250) (#18251)
- Set HeadCommit when creating tags (#18116) (#18173)
- Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
- Fix purple color in suggested label colors (#18241) (#18242)
- SECURITY
v1.15.9
- BUGFIXES
- Fix wrong redirect on org labels (#18128) (#18134)
- Fix: unstable sort skips/duplicates issues across pages (#18094) (#18095)
- Revert "Fix delete u2f keys bug (#18042)" (#18107)
- Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
- Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
- Reset locale on login (#17734) (#18100)
- Correctly handle failed migrations (#17575) (#18099)
- Instead of using routerCtx just escape the url before routing (#18086) (#18098)
- Quote references to the user table in consistency checks (#18072) (#18073)
- Add NotFound handler (#18062) (#18067)
- Ensure that git repository is closed before transfer (#18049) (#18057)
- Use common sessioner for API and web routes (#18114)
- TRANSLATION
- Fix code search result hint on zh-CN (#18053)
v1.15.8
v1.15.8
This tag was signed with the committer’s verified signature.
The key has expired.
- BUGFIXES
- Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
- Fix delete u2f keys bug (#18040) (#18042)
- Reset Session ID on login (#18018) (#18041)
- Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
- Stop printing 03d after escaped characters in logs (#18030) (#18034)
- Reset locale on login (#18023) (#18025)
- Fix reset password email template (#17025) (#18022)
- Fix outType on gitea dump (#18000) (#18016)
- Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
- Fix rename notification bug (#18011)
- Prevent double decoding of % in url params (#17997) (#18001)
- Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
- Prevent deadlock in create issue (#17970) (#17982)
- TESTING