Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2019-04-28 18:41:30 by Benny Siegert | Files touched by this commit (4) | Package updated
Log message:
Pullup ticket #5947 - requested by nia
www/gitea: security fix

Revisions pulled up:
- www/gitea/Makefile                                            1.2
- www/gitea/PLIST                                               1.2
- www/gitea/distinfo                                            1.2
- www/gitea/options.mk                                          1.2

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Apr 23 06:04:41 UTC 2019

   Modified Files:
   	pkgsrc/www/gitea: Makefile PLIST distinfo options.mk

   Log message:
   gitea: Update to 1.8.0

   Changes from 1.7.5:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL \ 
settings (#6593) (#6594)
           Resolve 2FA bypass on API (#6676) (#6674)
           Prevent the creation of empty sessions for non-logged in users \ 
(#6690) (#6677)
       BREAKING
           Add "ghost" and "notifications" to list of \ 
reserved user names. (#6208)
           Change sqlite DB path default to data directory (#6198)
           Adds MustChangePassword to user create/edit API (#6193)
           Disable redirect for i18n (#5910)
           Releases API paging (#5831)
           Allow Macaron to be set to log through to gitea.log (#5667)
           Don't close issues via commits on non-default branch (#5622)
       FEATURE
           Add regenerate secret feature for oauth2 (#6291)
           Expose issue stopwatch toggling via API (#5970)
           Add other session providers (#5963)
           Pull request conflict files detection (#5951)
           Integrate OAuth2 Provider (#5378)
           Implement "conversation lock" for issue comments (#5073)
           Feature: Archive repos (#5009)
           Discord Oauth2 support (#4476)
           Allow to set organization visibility (public, internal, private) (#1763)
           Added URL mapping for Release attachments like on github.com (#1707)
       ENHANCEMENT
           Add support for client basic auth for exchanging access tokens (#6293)
           Add ability to sort issues by due date (#6206) (#6244)
           Style tweaks to issue selection (#6196)
           Increase Username and Orgname MaxSize 35 -> 40 (#6178)
           Coverage profile with multiple packages (#6167)
           Split setting.go to multiple files (#6154)
           Allow labels to contain emoji (#6063)
           Disable git fsck for mirrored repos by default (#6018)
           Add default time out for git operations (#6015)
           Split setting.go as multiple files (#6014)
           Make dashboard navbar and footer full-width (#6013)
           Add lang specific font stacks for CJK (#6007)
           Fix header menu misalignment (#6002)
           Enhance closed PR and Issue status in the list (#6000)
           Make navbar full width (#5998)
           Add option to close issues via commit on a non master branch (#5992)
           Support n as a line highlight prefix (#5987)
           Search for org repos (#3031) (#5986)
           Minor UI tweaks (#5980)
           Use native golang SSH library but ssh-keygen when enable built-in SSH \ 
server to remove dependent on that command lines (#5976)
           Dashboard tweaks (#5974)
           Fixes for repo topic editor (#5971)
           Display the branch name in the commit view (#5950)
           handle milestone events for issues and PR (#5947)
           Add label names as filter in issue search api (#5946)
           Repo header tweaks (#5945)
           Better support for long repo names (#5932)
           Fix wrapping long code lines (#5927)
           Change GPG Validation colors and remove inline CSS (#5404) (#5896)
           Fix "pulls.blocked_by_approvals" text (#5879)
           Rename reject to 'request changes' (#5858)
           Move input fields to add members to a team and repos to a team (#5853)
           Config option to disable automatic repo watching (#5852)
           New Issue ?body= query (#5851)
           Add API to list tags (#5850)
           Pagination for git tree API (#5838)
           Add InternalTokenURI to load InternalToken from an external file (#5812)
           Allow markdown files to read from the LFS (#5787)
           Add the ability to use multiple labels as filters (#5786)
           Adjust log settings when a user is not found. (#5771)
           Log IP of failed ssh connection (#5766)
           Moved defaults in defaults.go to setting.go (#5764)
           Make DB connect more robust (#5738)
           Add Default Pull Request Title (#5735)
           Refactor repo.isBare to repo.isEmpty #5629 (#5714)
           Add flag to skip repository dumping (#5695)
           Prioritize "readme.md" (#5691)
           Improve "Fork button" for guests by showing a pop up asking \ 
them to log in before forking (#5690)
           Allow for user specific themes (#5668)
           Display branch name in delete branch confirmation modal. (#5654)
           New API routes added (#5594)
           Refactor notification for indexer (#5111)
           Refactor mail notification (#5110)
           Show email if the authenticated user owns the profile page being \ 
requested for (#4981)
           Optimize pulls merging (#4921)
           Sort Repositories widget by most recently updated (#3963) (#4599)
           Allow markdown table to scroll (#4401)
           Automatically clear stopwatch on merging a PR (#4327)
           Add the Owner Name to differentiate when merging (#3807)
           Add title attributes to all items in the repo list viewer (#6258) (#6650)
       BUGFIXES
           Fix dropdown icon padding (#6651) (#6654)
           Fix wrong GPG expire date (#6643) (#6644)
           Fix forking an empty repository (#6637) (#6653)
           Remove call to EscapePound .Link as it is already escaped (#6656) (#6666)
           Properly escape on the redirect from the web editor (#6657) (#6667)
           Allow resend of confirmation email when logged in (#6482) (#6486)
           Fix mail notification when close/reopen issue (#6581) (#6588)
           Change API commit summary to full message (#6591) (#6592)
           Add option to disable refresh token invalidation (#6584) (#6587)
           Fix bug user search API pagesize didn't obey ExplorePagingNum (#6579) \ 
(#6586)
           Fix new repo alignment (#6583) (#6585)
           Prevent server 500 on compare branches with no common history (#6555) \ 
(#6558)
           Properly escape release attachment URL (#6512) (#6523)
           Hacky fix for alignment of the create-organization dialog (#6455) (#6462)
           Disable benchmarking during tag events on DroneIO (#6365) (#6366)
           Make sure units of a team are returned (#6379) (#6381)
           Don't Unescape redirect_to cookie value (#6399) (#6401)
           Fix dump table name error and add some test for dump database (#6394) \ 
(#6402)
           Fix migration v82 to ignore unsynced tags between database and git \ 
data; Add missing is_archived column on repository table (#6387) (#6403)
           Display correct error for invalid mirror interval (#6414) (#6429)
           Clean up ref name rules (#6437) (#6439)
           Fix Hook & HookList in Swagger (#6432) (#6440)
           Change order that PostProcess Processors are run (#6445) (#6447)
           Clean up various use of escape/unescape functions for URL generation \ 
(#6334)
           Return 409 when creating repo if it already exists. (#6330)
           Add same changes from issues page to milestone->issues page (#6328)
           Fix ParsePatch function to work with quoted diff --git strings (#6323)
           Fix reported issue in repo description (#6306)
           Use url.PathEscape to escape the branchname (#6304)
           Add robots.txt as reserved username (#6272)
           Replace linkRegex with xurls library (#6261)
           Remove visitLinksForShortLinks features (#6257)
           Add unit types to repo action URL to correctly show 404 when archived \ 
(#6247)
           Check organization visibility before everything else (#6234) (#6235)
           Prevent double-close of issues (#6233)
           Override xorm type mapping for U2F counter (#6232)
           Add isAdmin to user API response (#6231)
           Update git vendor to fix wrong release commit id and add migrations \ 
(#6224)
           Fix fork button (#6223)
           Fix renames over redirects (#6216)
           Fix display dashboard even if require to change password (#6214)
           Create a repo redirect when transferring ownership (#6210) (#6211)
           Fix issue update race condition (#6194)
           Fix bug when migrate repository 500 when repo is existed (#6188)
           Fix scrollbar always present on page body (#6177)
           Fix bug when set indexer as db and add tests (#6173)
           Modify linkRegex to require http|https (#6171)
           Fix bug user could change private repository to public when force \ 
private enabled. (#6156)
           Fix admin list user/org API (#6143)
           Make repo creation for API similar to UI (#6142)
           Make document body a flexbox (#6139)
           Refactor issue indexer, add some testing and fix a bug (#6131)
           Load Issue attributes for API call (#6122)
           Fix bug when update owner team then visit team's repo return 404 (#6119)
           Fix heatmap and repository menu display in Internet Explorer 9+ (#6117)
           Show private organization for admin, fix #6111 (#6112)
           Fix prohibit login check on authorization (#6106)
           Move to ldap.v3 to fix #5928 (#6105)
           Remove use MakeAssigneeList in webhooks to fix deadlock (#6102)
           Allow display of LFS stored Readme.md on directory page (#6073) (#6099)
           Make sure labels are actually returned (#6053)
           Fix panic: template: repo/issue/list:210: unexpected "=" in \ 
operand (#6041)
           After deleting a repo on admin panel, UI should remember the last \ 
sort type (#6033)
           Default create repository on organisation on its dashboard (#6026)
           Swagger: Remove spaces in MergePullRequestOption enum (#6016)
           Fix metrics auth token detection (#6006)
           Fix repo header issues (#5995)
           Fix bug when deleting a linked account will removed all (#5989)
           Make organization dropdown scrollable when using mouse wheel (#5988)
           Fix empty ssh key importing in ldap (#5984)
           Admin config page mailertype setting option update (#5973)
           Fix redirect loop during forced password change (#5965)
           Show user who created the repository instead of the organisation in \ 
action feed (#5948)
           Remove all CommitStatus when a repo is deleted (#5940)
           Fix ssh deploy and user key constraints (#1357) (#5939)
           Fix log output (#5938)
           Set PusherName and PusherID to owner on deploy key to fix pushing \ 
with deploy keys (#5935)
           Fix compare button (#5929)
           Fix bug when read public repo lfs file (#5912)
           Only allow local login if password is non-empty (#5906)
           Recover panic in orgmode.Render if bad orgfile (#4982) (#5903)
           Provide better panic handling (#5902)
           Respect value of REQUIRE_SIGNIN_VIEW (#5901)
           Show a 404 not a 500 if a repo does not exist (#5900)
           Ensure repo is loaded in mailer (Completely fix #5891) (#5895)
           Ensure issue.Poster is loaded in mailIssueCommentToParticipants (#5891)
           Correct footer height if screen-width is to small (fixes #5878) (#5889)
           In gitea serv switch off console logger to fix #5866 (#5887)
           Don't allow pull requests to be created on an archived repository (#5883)
           Support reviews on a deleted file path (#5880)
           Fix compare button on upstream repo leading to 404 (#5877)
           Fix null pointer on not logged in attempt to Sudo (#5872)
           Fix new release creation API to allow empty target (#5870)
           Fix an error while adding a dependency via UI. (#5862)
           Fix failing migration v67 (#5849)
           Fix delete correct temp directory (#5839)
           Make sure .git/info is created before generating \ 
.git/info/sparse-cheā€¦ (#5825)
           Fix topics saving internal error and disable for archived repos (#5821)
           Fix TLS errors when using acme/autocert for local connections (#5820)
           When creating new repository fsck option should be enabled (#5817)
           Request for public keys only if LDAP attribute is set (#5816)
           Fix serving of raw wiki files other than .md (#5814)
           Fix migration 78 error mssql (#5791)
           Disallow empty titles (#5785)
           Fix the v78 migration script (#5776)
           Ensure valid git author names passed in signatures (#5774)
           Fix wrong assumption where a user is always said to have unassigned \ 
(her)himself (#5769)
           Upgrade go-sql-driver/mysql to fix invalid connection error (#5748)
           Fixing PostgreSQL dump creation (#5747)
           Add proper CORS preflight origin validation (#5740)
           Disable auto-migrate in docker container (#5730)
           In basic auth check for tokens before call UserSignIn (#5725)
           Pooled and buffered gzip implementation (#5722)
           Ensure that sessions are passed into queries that could use the \ 
database to prevent deadlocks (#5718)
           Keep file permissions during database migration (#5707)
           Use correct value for "MSpan Structures Obtained" #4742 (#5706)
           Refactor editor upload, update and delete to use git plumbing and add \ 
LFS support (#5702)
           Update xorm to fix issue #5659 and #5651 (#5680)
           Fix public will not be reused as public key after deleting as deploy \ 
key (#5671)
           When redirecting, clean the path (#5669)
           Don't list an issue on its own dependency list UI. (#5658)
           Fix commit page showing status for current default branch (#5649) (#5650)
           Only count users own actions for heatmap contributions (#5647)
           Fix sqlite deadlock when assigning to a PR (#5640)
           Refactor issue indexer (#5363)
       TESTING
           Run benchmark at tag to track performances (#6035)
           Add test environment for MySQL8 (#5234)
       BUILD
           Use go 1.12 for tests and deprecate go 1.9 (#6186)
           Makefile changes for Windows and easier development (#6103)
           Update bleve dependency to latest master revision (#6100)
           Switch to more recent build of xgo (#6070)
           Add autoprefixer to css build (#6029)
           Update the version of less (#6010)
           Make log mailer for testing (#5893)
       DOCS
           Add more tests and docs for issue indexer, add db indexer type for \ 
searching from database (#6144)
           update default value of --must-change-password cli flag (#6032)
           Update and expand information about building Gitea (#6019)
           Update U2F Section of app.ini.sample (#5994)
           Update swagger for release API pagination (#5841)
           Added docs for the tree api (#5834)
       MISC
           Add single commit API support (#5843)
           Add missing GET teams endpoints (#5382)
           Migrate database if app.ini found (#5290)

   Changes from 1.7.4:

       SECURITY
           Prevent remote code execution vulnerability with mirror repo URL \ 
settings (#6593) (#6595)
       BUGFIXES
           Allow resend of confirmation email when logged in (#6482) (#6487)

Next | Query returned 1 messages, browsing 1 to 10 | previous