正文

Gitea 1.18.0 | API、表单、PR、数学公式、代码搜索、包管理等 18 项重大更新如约而至

admin
admin V管理员 /0 评论 /305 阅读
1231
此篇文章发布距今已超过694天,您需要注意文章的内容或图片是否可用!

经过数月的开发,我们自豪地推出了正式版的 Gitea 1.18.0。新的系统整合了日积月累的535个PR,包含修复补丁以及功能更改,我们建议管理员升级系统前创建快照、备份数据,确保切换到新版本时能平稳过渡。

安装方法

您可以下载预编译的二进制文件:

 https://dl.gitea.io/gitea/1.18.0/
  • ☕ Gitea 文档中心
  • 🚀 安装方法
    • 🐧 Linux
    • ☸ Kubernetes
    • 🪟 Windows
    • 🐳 Docker

报告安全问题

任何涉及安全问题的信息请发送邮件到 [email protected]

提名感谢 pboguslawski、zeripath、appleboy、silverwind 在解决系统安全问题方面的努力。

周边商品

在此,我们感谢所有在 Open Collective 给予我们资金支持的贡献者。

您可以在官方商店 shop.gitea.io 购买周边来支持我们。

全新功能

🚀 支持在 Markdown 中渲染色彩代码 (#21474)

现在您可以使用一对反勾号 ` ` 在 Markdown 文本中书写HEX、RGB、HSL颜色代码。当页面渲染时,会呈现出指定的颜色。

🚀 Package registry: 支持管理更多类型的软件包 (#21393,#20930,#20688,#20560)

Gitea 1.18 新增了以下软件包管理功能:

  • Chocolatey/NuGet v2 API (.NET)
  • Vagrant packages (language agnostic)
  • npm unpublish (JS/TS)
  • Pub packages (Dart)

目前总体支持的软件包管理器多达 12 种:

  • Composer (PHP)
  • Conan (C++)
  • Container Images
  • Generic (raw binaries)
  • Helm Charts
  • Maven (Java)
  • npm (JavaScript)
  • NuGet (.NET, C#/VB)
  • Pub (Dart)
  • PyPI (Python)
  • RubyGems (Ruby)
  • Vagrant Boxes

🚀 支持通过API查询PR的文件更改 (#21177)

Gitea 扩展了现有的 API 能力,使用 API 查询 PR 时可以获取到文件更改记录。

🚀 PR中支持使用树形文件导航菜单 (#21012)

现在支持在 PR 中使用树形结构的文件导航查看所有文件的变更状态:

如图所示,文件树的是按字母顺序排布的,你可以很自然地根据目录的层次结构依次评审代码。

🚀 支持表单化创建工单和PR (#20987)

相比于以往的纯 Markdown 格式,使用预置表单创建工单和PR在组织内容上更加方便和直观

🚀 支持在 Markdown 内容中嵌入 LaTeX 数学公式 (#20571)

现在你可以在任何 Markdown 文本中使用 LaTeX 语法编写和渲染数学公式。Gitea 支持使用 $$…$$\[…\] 以及 \(…\) 包装 LaTeX 语法。

🚀 支持自动切换多语言的 README (#20508)

如果您的仓库中存在多种语言的 README 文件,Gitea 能够自动根据当前语言环境切换到对应的 README。

例如仓库下面有以下 README 文件,当用户将语言环境切换到简体中文时,会优先按语言顺序优先呈现 README.zh-CN.md

  1. README.zh-CN.md
  2. README.zh-CN.md
  3. README.zh_CN.md
  4. README.md
  5. README.ru-RU.md

🚀 通过邮件邀请未注册账号的成员加入组织 (#20307)

现在,您可以通过电子邮件向他人发送团队加入邀请。新成员可以通过邀请链接注册并直接加入团队。

🚀 更好的 Unicode 字符检查机制 (#19990)

此前,Gitea 使用了一个相当复杂的机制来检测代码中容易混淆和不可见的的 Unicode 字符。
现在,我们从 Visual Studio Code 的算法行为中吸取了经验,减少了系统复杂性和异常状态。

🚀 支持用户/组织范围代码搜索 (#19977)

支持在整个用户或组织范围中使用代码搜索功能。启用方法:在配置文件中启用 Repository Indexer settings

🚀 支持发布站点地图 (#18407)

Gitea 支持自动发布站点地图。对于公开在互联网上的 Gitea 服务器,搜索引擎可以利用站点地图快速收录网站内容。

🚀 数据库中新增系统设置表 (#18058)

此前的所有系统配置都固定保存于 app.ini,修改系统全局的配置必须更改该文件。
新版本在数据库中使用了 system_setting 作为设置存放的数据表。这有两个好处:

  1. 降低维护 app.ini 的难度
  2. 数据库可以随时更新,无需重启实例,便于修改系统配置

目前,该功能只是实验性的,因此只有两个设置(picture.disable_gravatar 和 picture.enable_federated_avatar)迁移到了该数据库表中。

🚀 推送提交时向上游同步代码 (#19411)

在“镜像设置”中开启“推送提交时同步”功能后,推送到仓库的代码可以被立即同步到上游仓库中。

🚀 彻底清理垃圾账号 (#18064)

对于互联网上提供公开注册功能的 Gitea 服务器,可能会遭遇攻击者使用脚本批量注册垃圾账号的问题。过去,管理员即便手动删除了这些账号也会在系统中留下使用记录。

现在我们提供了彻底删除此类账号的手段,管理员可以在管理面板使用 Purge User 或者命令行工具 gitea admin user delete --purge $USER 彻底删除账号,清除一切痕迹。

重大变更

❗ 电子邮件: 重新设计了电子邮件配置参数 (#18982)

弃用 代替
mailer.PROTOCOL MAILER_TYPE+PROTOCOL
mailer.HOST mailer.SMTP_ADDR + mailer.SMTP_PORT
mailer.IS_TLS_ENABLED mailer.PROTOCOL (该选项明确接受 smtpsmtpssmtp+startls 或 smtp+unix
mailer.DISABLE_HELO (默认 false) mailer.ENABLE_HELO (默认 true)
mailer.SKIP_VERIFY mailer.FORCE_TRUST_SERVER_CERT
mailer.USE_CERTIFICATEmailer.CERT_FILE 、mailer.KEY_FILE mailer.USE_CLIENT_CERTmailer.CLIENT_CERT_FILE 、 mailer.CLIENT_KEY_FILE

另外,如果使用了不受支持的邮件服务器凭据,Gitea 服务器将无法启动

❗ 认证: 移除 U2F (#20141)

Gitea 1.18 完全移除了 U2F 支持。 用户应该迁移到 webauthn。

❗ 重构模板i18n 更名为 locale (#20153)

使用自定义模板的用户会受此更改影响,需要将 .i18n 替换为 .locale

❗ 模板函数: 移除 MD5 函数 (#20813)

MD5 函数因缺乏安全性而被删除,使用自定义模板的用户可能会受此更改影响。

Changelog

1.18.0 - 2022-12-29

  • SECURITY
    • Remove ReverseProxy authentication from the API (#22219) (#22251)
    • Support Go Vulnerability Management (#21139)
    • Forbid HTML string tooltips (#20935)
  • BREAKING
    • Rework mailer settings (#18982)
    • Remove U2F support (#20141)
    • Refactor i18n to locale (#20153)
    • Enable contenthash in filename for dynamic assets (#20813)
  • FEATURES
    • Add color previews in markdown (#21474)
    • Allow package version sorting (#21453)
    • Add support for Chocolatey/NuGet v2 API (#21393)
    • Add API endpoint to get changed files of a PR (#21177)
    • Add filetree on left of diff view (#21012)
    • Support Issue forms and PR forms (#20987)
    • Add support for Vagrant packages (#20930)
    • Add support for npm unpublish (#20688)
    • Add badge capabilities to users (#20607)
    • Add issue filter for Author (#20578)
    • Add KaTeX rendering to Markdown. (#20571)
    • Add support for Pub packages (#20560)
    • Support localized README (#20508)
    • Add support mCaptcha as captcha provider (#20458)
    • Add team member invite by email (#20307)
    • Added email notification option to receive all own messages (#20179)
    • Switch Unicode Escaping to a VSCode-like system (#19990)
    • Add user/organization code search (#19977)
    • Only show relevant repositories on explore page (#19361)
    • User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
    • Add sitemap support (#18407)
    • Allow creation of OAuth2 applications for orgs (#18084)
    • Add system setting table with cache and also add cache supports for user setting (#18058)
    • Add pages to view watched repos and subscribed issues/PRs (#17156)
    • Support Proxy protocol (#12527)
    • Implement sync push mirror on commit (#19411)
  • API
    • Allow empty assignees on pull request edit (#22150) (#22214)
    • Make external issue tracker regexp configurable via API (#21338)
    • Add name field for org api (#21270)
    • Show teams with no members if user is admin (#21204)
    • Add latest commit's SHA to content response (#20398)
    • Add allow_rebase_update, default_delete_branch_after_merge to repository api response (#20079)
    • Add new endpoints for push mirrors management (#19841)
  • ENHANCEMENTS
    • Add setting to disable the git apply step in test patch (#22130) (#22170)
    • Multiple improvements for comment edit diff (#21990) (#22007)
    • Fix button in branch list, avoid unexpected page jump before restore branch actually done (#21562) (#21928)
    • Fix flex layout for repo list icons (#21896) (#21920)
    • Fix vertical align of committer avatar rendered by email address (#21884) (#21918)
    • Fix setting HTTP headers after write (#21833) (#21877)
    • Color and Style enhancements (#21784, #21799) (#21868)
    • Ignore line anchor links with leading zeroes (#21728) (#21776)
    • Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738)
    • Use CSS color-scheme instead of invert (#21616) (#21623)
    • Respect user's locale when rendering the date range in the repo activity page (#21410)
    • Change commits-table column width (#21564)
    • Refactor git command arguments and make all arguments to be safe to be used (#21535)
    • CSS color enhancements (#21534)
    • Add link to user profile in markdown mention only if user exists (#21533, #21554)
    • Add option to skip index dirs (#21501)
    • Diff file tree tweaks (#21446)
    • Localize all timestamps (#21440)
    • Add code highlighting in issue titles (#21432)
    • Use Name instead of DisplayName in LFS Lock (#21415)
    • Consolidate more CSS colors into variables (#21402)
    • Redirect to new repository owner (#21398)
    • Use ISO date format instead of hard-coded English date format for date range in repo activity page (#21396)
    • Use weighted algorithm for string matching when finding files in repo (#21370)
    • Show private data in feeds (#21369)
    • Refactor parseTreeEntries, speed up tree list (#21368)
    • Add GET and DELETE endpoints for Docker blob uploads (#21367)
    • Add nicer error handling on template compile errors (#21350)
    • Add stat to ToCommit function for speed (#21337)
    • Support instance-wide OAuth2 applications (#21335)
    • Record OAuth client type at registration (#21316)
    • Add new CSS variables --color-accent and --color-small-accent (#21305)
    • Improve error descriptions for unauthorized_client (#21292)
    • Case-insensitive "find files in repo" (#21269)
    • Consolidate more CSS rules, fix inline code on arc-green (#21260)
    • Log real ip of requests from ssh (#21216)
    • Save files in local storage as group readable (#21198)
    • Enable fluid page layout on medium size viewports (#21178)
    • File header tweaks (#21175)
    • Added missing headers on user packages page (#21172)
    • Display image digest for container packages (#21170)
    • Skip dirty check for team forms (#21154)
    • Keep path when creating a new branch (#21153)
    • Remove fomantic image module (#21145)
    • Make labels clickable in the comments section. (#21137)
    • Sort branches and tags by date descending (#21136)
    • Better repo API unit checks (#21130)
    • Improve commit status icons (#21124)
    • Limit length of repo description and repo url input fields (#21119)
    • Show .editorconfig errors in frontend (#21088)
    • Allow poster to choose reviewers (#21084)
    • Remove black labels and CSS cleanup (#21003)
    • Make e-mail sanity check more precise (#20991)
    • Use native inputs in whitespace dropdown (#20980)
    • Enhance package date display (#20928)
    • Display total blob size of a package version (#20927)
    • Show language name on hover (#20923)
    • Show instructions for all generic package files (#20917)
    • Refactor AssertExistsAndLoadBean to use generics (#20797)
    • Move the official website link at the footer of gitea (#20777)
    • Add support for full name in reverse proxy auth (#20776)
    • Remove useless JS operation for relative time tooltips (#20756)
    • Replace some icons with SVG (#20741)
    • Change commit status icons to SVG (#20736)
    • Improve single repo action for issue and pull requests (#20730)
    • Allow multiple files in generic packages (#20661)
    • Add option to create new issue from /issues page (#20650)
    • Background color of private list-items updated (#20630)
    • Added search input field to issue filter (#20623)
    • Increase default item listing size ISSUE_PAGING_NUM to 20 (#20547)
    • Modify milestone search keywords to be case insensitive again (#20513)
    • Show hint to link package to repo when viewing empty repo package list (#20504)
    • Add Tar ZSTD support (#20493)
    • Make code review checkboxes clickable (#20481)
    • Add "X-Gitea-Object-Type" header for GET /raw/ & /media/ API (#20438)
    • Display project in issue list (#20434)
    • Prepend commit message to template content when opening a new PR (#20429)
    • Replace fomantic popup module with tippy.js (#20428)
    • Allow to specify colors for text in markup (#20363)
    • Allow access to the Public Organization Member lists with minimal permissions (#20330)
    • Use default values when provided values are empty (#20318)
    • Vertical align navbar avatar at middle (#20302)
    • Delete cancel button in repo creation page (#21381)
    • Include login_name in adminCreateUser response (#20283)
    • fix: icon margin in user/settings/repos (#20281)
    • Remove blue text on migrate page (#20273)
    • Modify milestone search keywords to be case insensitive (#20266)
    • Move some files into models' sub packages (#20262)
    • Add tooltip to repo icons in explore page (#20241)
    • Remove deprecated licenses (#20222)
    • Webhook for Wiki changes (#20219)
    • Share HTML template renderers and create a watcher framework (#20218)
    • Allow enable LDAP source and disable user sync via CLI (#20206)
    • Adds a checkbox to select all issues/PRs (#20177)
    • Refactor i18n to locale (#20153)
    • Disable status checks in template if none found (#20088)
    • Allow manager logging to set SQL (#20064)
    • Add order by for assignee no sort issue (#20053)
    • Take a stab at porting existing components to Vue3 (#20044)
    • Add doctor command to write commit-graphs (#20007)
    • Add support for authentication based on reverse proxy email (#19949)
    • Enable spellcheck for EasyMDE, use contenteditable mode (#19776)
    • Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
    • Rework mailer settings (#18982)
    • Add option to purge users (#18064)
    • Add author search input (#21246)
    • Make rss/atom identifier globally unique (#21550)
  • BUGFIXES
    • Auth interface return error when verify failure (#22119) (#22259)
    • Use complete SHA to create and query commit status (#22244) (#22257)
    • Update bleve and zapx to fix unaligned atomic (#22031) (#22218)
    • Prevent panic in doctor command when running default checks (#21791) (#21807)
    • Load GitRepo in API before deleting issue (#21720) (#21796)
    • Ignore line anchor links with leading zeroes (#21728) (#21776)
    • Set last login when activating account (#21731) (#21755)
    • Fix UI language switching bug (#21597) (#21749)
    • Quick fixes monaco-editor error: "vs.editor.nullLanguage" (#21734) (#21738)
    • Allow local package identifiers for PyPI packages (#21690) (#21727)
    • Deal with markdown template without metadata (#21639) (#21654)
    • Fix opaque background on mermaid diagrams (#21642) (#21652)
    • Fix repository adoption on Windows (#21646) (#21650)
    • Sync git hooks when config file path changed (#21619) (#21626)
    • Fix 500 on PR files API (#21602) (#21607)
    • Fix Timestamp.IsZero (#21593) (#21603)
    • Fix viewing user subscriptions (#21482)
    • Fix mermaid-related bugs (#21431)
    • Fix branch dropdown shifting on page load (#21428)
    • Fix default theme-auto selector when nologin (#21346)
    • Fix and improve incorrect error messages (#21342)
    • Fix formatted link for PR review notifications to matrix (#21319)
    • Center-aligning content of WebAuthN page (#21127)
    • Remove follow from commits by file (#20765)
    • Fix commit status popup (#20737)
    • Fix init mail render logic (#20704)
    • Use correct page size for link header pagination (#20546)
    • Preserve unix socket file (#20499)
    • Use tippy.js for context popup (#20393)
    • Add missing parameter for error in log message (#20144)
    • Do not allow organisation owners add themselves as collaborator (#20043)
    • Rework file highlight rendering and fix yaml copy-paste (#19967)
    • Improve code diff highlight, fix incorrect rendered diff result (#19958)
  • TESTING
    • Improve OAuth integration tests (#21390)
    • Add playwright tests (#20123)
  • BUILD
    • Switch to building with go1.19 (#20695)
    • Update JS dependencies, adjust eslint (#20659)
    • Add more linters to improve code readability (#19989)

 

ZhouSa.com-宙飒天下网