Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Map OIDC groups to Orgs/Teams #21441

Merged
merged 21 commits into from
Feb 8, 2023
Merged

Conversation

KN4CK3R
Copy link
Member

@KN4CK3R KN4CK3R commented Oct 13, 2022

Fixes #19555

Test-Instructions: #21441 (comment)

This PR implements the mapping of user groups provided by OIDC providers to orgs teams in Gitea. The main part is a refactoring of the existing LDAP code to make it usable from different providers.

Refactorings:

  • Moved the router auth code from module to service because of import cycles
  • Changed some model methods to take a Context parameter
  • Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The JSON mapping format is the same as for LDAP.

grafik

@KN4CK3R KN4CK3R added type/feature Completely new functionality. Can only be merged if feature freeze is not active. type/refactoring Existing code has been cleaned up. There should be no new functionality. labels Oct 13, 2022
@KN4CK3R KN4CK3R added this to the 1.18.0 milestone Oct 13, 2022
@garymoon
Copy link
Contributor

This is awesome, thanks @KN4CK3R! 💙

I can confirm this works with OKTA. It should be noted that it requires the filtering in the app's "SignOn" tab under "Groups claim filter" to match the relevant groups (see this document).

Any other reviewers note that the error UpdateExternalUser failed: external login user link does not exists is a red herring (see this issue).

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Oct 18, 2022
@KN4CK3R
Copy link
Member Author

KN4CK3R commented Oct 18, 2022

Thank you for the review! I noticed that error too, didn't know there was an issue already. I will have a look...

Fixed in #21504

@lunny lunny modified the milestones: 1.18.0, 1.19.0 Oct 26, 2022
@Morriz
Copy link

Morriz commented Jan 9, 2023

@KN4CK3R was a docker compatible image created from this PR? I would like to test this...

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Jan 9, 2023

I don't think so.

@Morriz
Copy link

Morriz commented Jan 9, 2023

Then I will have to wait with testing I guess. I would say the current standard for packaging k8s native apps is in a docker compatible image...

@Morriz
Copy link

Morriz commented Jan 9, 2023

@lunny is this PR mergeable?

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Feb 6, 2023

To help and speed up testing here are instructions for Keycloak:

  1. create a new realm gitea-test
    grafik

  2. create a new client in this realm
    grafik
    grafik

  3. copy the client id and credentials
    grafik

  4. configure the group mapper (client > client scopes > select scope > add mapper) choose Group Membership
    grafik
    grafik
    grafik

  5. add a new group in the realm with the name TestOrgGroup

  6. add a new user in the realm
    grafik

  7. create a new authentication source with the name keycloak
    grafik
    Use <keycloak url>/realms/gitea-test/.well-known/openid-configuration as auto discovery url.
    Use {"/TestOrgGroup":{"TestOrg":["OpenIDTeam"]}} as mapping. /TestOrgGroup = name of Keycloak group (with slash) TestOrg = existing Gitea organization OpenIDTeam = existing team in organziation

  8. set the redirect url in the Keycloak client setting
    grafik

  9. login with the authentication source and the keycloak_user and check the organizations of that user
    grafik

routers/web/auth/oauth.go Outdated Show resolved Hide resolved
@kdumontnu
Copy link
Contributor

Has anybody tried this with an Azure OIDC application? I am not able to make this work and I am not sure if the Azure configuration is correct. I will also try to push the docker image we are using to test this feature just in case it is useful for someone that wants to test this out.

@dloez Were you able to get this sorted out?

Copy link
Contributor

@kdumontnu kdumontnu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯 We've tested and confirmed working with Okta

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Feb 6, 2023
@garymoon
Copy link
Contributor

garymoon commented Feb 6, 2023

I can confirm that addition to and removal from teams is still working with OKTA groups.

I had a shot at doing it with Azure AD, but couldn't for the life of me get it to send me groups. If anyone has any hints about what specifically I need to change I'm happy to try further.
Failed OAuth callback: (invalid_client) AADSTS650053: The application 'Gitea' asked for scope 'groups' that doesn't exist on the resource '00000003-0000-0000-c000-000000000000'. Contact the app vendor.

@KN4CK3R
Copy link
Member Author

KN4CK3R commented Feb 7, 2023

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 7, 2023
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Feb 8, 2023
@lunny lunny modified the milestones: 1.20.0, 1.19.0 Feb 8, 2023
@lunny
Copy link
Member

lunny commented Feb 8, 2023

LG-TM bot

@lunny lunny merged commit e8186f1 into go-gitea:main Feb 8, 2023
@lunny lunny removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Feb 8, 2023
@KN4CK3R KN4CK3R deleted the feature-oidc-group-mapping branch February 8, 2023 07:18
zjjhot added a commit to zjjhot/gitea that referenced this pull request Feb 9, 2023
* upstream/main:
  change org_type.go to visible_type.go and fix the notes (go-gitea#22752)
  Improve notification and stopwatch styles (go-gitea#22169)
  Fix blame view missing lines (go-gitea#22826)
  Load issue before accessing index in merge message (go-gitea#22822)
  include build info in Prometheus metrics (go-gitea#22819)
  Fix rerun button of Actions (go-gitea#22798)
  Map OIDC groups to Orgs/Teams (go-gitea#21441)
  Fix links for the menus in the view file page (go-gitea#22795)
@kousu
Copy link
Contributor

kousu commented Feb 14, 2023

This is excellent! Does anyone know what I need to fill in in https://gitea.example.org/admin/auths/${login_source_id} to make this work with GitHub?

@13tm3nt3r
Copy link

@dloez and I have finally made this work using Azure. Thank you!
Below I'll explain all the required steps to achieve the mapping of Azure user groups to different teams in Gitea, without having on-premise AD, just in case there is someone that wants to do this like us.

AZURE CONFIGURATION

  1. Create an application in App Registrations. The Redirect URI is not needed to be configured at this point.
    image
    As you can see, there is one Enterprise Application that has been created linked to this App Registration.
    image

  2. In the registered app, in the Authentication section, enable public client flows:
    image

  3. In the registered app, in the Certificates & secrets section, create a new secret and SAVE the Secret ID given, as this will disappear when you close this section.
    image

  4. In the registered app, in the Token configuration section, click on Add groups claim and select the option that will assign only groups that are assigned to the application (this step will be completed in the step 7).
    image

  5. In the registered app, in the API permissions section, add a delegated permission called "Group.Read.All". You will have to grant admin consent.
    image

  6. In the Enterprise Application created, in Properties, change the Assignment requirement? option to YES. This will allow every user to sign in or register without admin permission.
    image

  7. In the Enterprise Application created, in Users and groups section, add the group/groups that you want to map to teams in Gitea. In our case, the group is called "ce-operations".
    image

GITEA CONFIGURATION

  1. In the site configuration, under Authentication Sources section, create a new OAuth2 one.
    Give it an Authentication Name and use OpenID Connect as the OAuth2 Provider.
    Take the "Application (client) ID" of the registered app from Azure and put it in the Client ID (Key) option.
    Use the secret that you created previously and put it in the Client Secret option.
    image

  2. For the "OpenID Connect Auto Discovery URL" option, go to Azure and in the registered app Overview, click on "Endpoints" and copy the OpenID Connect metadata document.
    image

  3. In "Addition Scopes" you can add "openid email profile".

  4. In "Claim name providing group names for this source.", type "groups".

  5. And finally, in "Map claimed groups to Organization teams.", write the Object ID of the group that you want to map from Azure (in our case, the Object ID of the Azure group "ce-operations"), the name of the organization where you want users to be added automatically (in our case "creamteam"), and the team of the organization (in our case "Developers"). NOTE: organization and team HAVE TO BE ALREADY CREATED.
    image

  6. Update the Authentication Source and test it with OpenID login option. Your user should be added to the organization and team specified.
    image

Hope this helps anyone that wants to use SSO with Azure and add automatically their users to an organization team 😃.

@techknowlogick
Copy link
Member

@13tm3nt3r I hope you don't mind, but I didn't want to lose your instructions to a closed ticket so I copied your instructions and put them in a draft blog post: https://gitea.com/gitea/blog/pulls/239 I put you as the author for the blog post to ensure your credits are kept. Please let me know if I should adjust anything in it.

Sh4kE added a commit to Sh4kE/k8s-projects that referenced this pull request Mar 22, 2023
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [gitea/gitea](https://github.com/go-gitea/gitea) | minor | `1.18.5-rootless` -> `1.19.0-rootless` |

---

### Release Notes

<details>
<summary>go-gitea/gitea</summary>

### [`v1.19.0`](https://github.com/go-gitea/gitea/blob/HEAD/CHANGELOG.md#&#8203;1190-httpsgithubcomgo-giteagiteareleasestag1190---2023-03-19)

[Compare Source](go-gitea/gitea@v1.18.5...v1.19.0)

-   BREAKING
    -   Add loading yaml label template files ([#&#8203;22976](go-gitea/gitea#22976)) ([#&#8203;23232](go-gitea/gitea#23232))
    -   Make issue and code search support camel case for Bleve ([#&#8203;22829](go-gitea/gitea#22829))
    -   Repositories: by default disable all units except code and pulls on forks ([#&#8203;22541](go-gitea/gitea#22541))
    -   Support template for merge message description ([#&#8203;22248](go-gitea/gitea#22248))
    -   Remove ONLY_SHOW_RELEVANT_REPOS setting ([#&#8203;21962](go-gitea/gitea#21962))
    -   Implement actions ([#&#8203;21937](go-gitea/gitea#21937))
    -   Remove deprecated DSA host key from Docker Container ([#&#8203;21522](go-gitea/gitea#21522))
    -   Improve valid user name check ([#&#8203;20136](go-gitea/gitea#20136))
-   SECURITY
    -   Return 404 instead of 403 if user can not access the repo ([#&#8203;23155](go-gitea/gitea#23155)) ([#&#8203;23158](go-gitea/gitea#23158))
    -   Support scoped access tokens ([#&#8203;20908](go-gitea/gitea#20908))
-   FEATURES
    -   Add support for commit cross references ([#&#8203;22645](go-gitea/gitea#22645))
    -   Scoped labels ([#&#8203;22585](go-gitea/gitea#22585))
    -   Add Chef package registry ([#&#8203;22554](go-gitea/gitea#22554))
    -   Support asciicast files as new markup ([#&#8203;22448](go-gitea/gitea#22448))
    -   cgo cross-compile for freebsd ([#&#8203;22397](go-gitea/gitea#22397))
    -   Add cron method to gc LFS MetaObjects ([#&#8203;22385](go-gitea/gitea#22385))
    -   Add new captcha: cloudflare turnstile ([#&#8203;22369](go-gitea/gitea#22369))
    -   Enable `@<user>`- completion popup on the release description textarea ([#&#8203;22359](go-gitea/gitea#22359))
    -   make /{username}.png redirect to user/org avatar ([#&#8203;22356](go-gitea/gitea#22356))
    -   Add Conda package registry ([#&#8203;22262](go-gitea/gitea#22262))
    -   Support org/user level projects ([#&#8203;22235](go-gitea/gitea#22235))
    -   Add Mermaid copy button ([#&#8203;22225](go-gitea/gitea#22225))
    -   Add user secrets ([#&#8203;22191](go-gitea/gitea#22191))
    -   Secrets storage with SecretKey encrypted ([#&#8203;22142](go-gitea/gitea#22142))
    -   Preview images for Issue cards in Project Board view ([#&#8203;22112](go-gitea/gitea#22112))
    -   Add support for incoming emails ([#&#8203;22056](go-gitea/gitea#22056))
    -   Add Cargo package registry ([#&#8203;21888](go-gitea/gitea#21888))
    -   Add option to prohibit fork if user reached maximum limit of repositories ([#&#8203;21848](go-gitea/gitea#21848))
    -   Add attention blocks within quote blocks for `Note` and `Warning` ([#&#8203;21711](go-gitea/gitea#21711))
    -   Add Feed for Releases and Tags ([#&#8203;21696](go-gitea/gitea#21696))
    -   Add package registry cleanup rules ([#&#8203;21658](go-gitea/gitea#21658))
    -   Add "Copy" button to file view of raw text ([#&#8203;21629](go-gitea/gitea#21629))
    -   Allow disable sitemap ([#&#8203;21617](go-gitea/gitea#21617))
    -   Add package registry quota limits ([#&#8203;21584](go-gitea/gitea#21584))
    -   Map OIDC groups to Orgs/Teams ([#&#8203;21441](go-gitea/gitea#21441))
    -   Keep languages defined in .gitattributes ([#&#8203;21403](go-gitea/gitea#21403))
    -   Add Webhook authorization header ([#&#8203;20926](go-gitea/gitea#20926))
    -   Supports wildcard protected branch ([#&#8203;20825](go-gitea/gitea#20825))
    -   Copy citation file content, in APA and BibTex format, on repo home page ([#&#8203;19999](go-gitea/gitea#19999))
-   API
    -   Match api migration behavior to web behavior ([#&#8203;23552](go-gitea/gitea#23552)) ([#&#8203;23573](go-gitea/gitea#23573))
    -   Purge API comment ([#&#8203;23451](go-gitea/gitea#23451)) ([#&#8203;23452](go-gitea/gitea#23452))
    -   User creation API: allow custom "created" timestamps ([#&#8203;22549](go-gitea/gitea#22549))
    -   Add `updated_at` field to PullReview API object ([#&#8203;21812](go-gitea/gitea#21812))
    -   Add API management for issue/pull and comment attachments ([#&#8203;21783](go-gitea/gitea#21783))
    -   Add API endpoint to get latest release ([#&#8203;21267](go-gitea/gitea#21267))
    -   Support system hook API ([#&#8203;14537](go-gitea/gitea#14537))
-   ENHANCEMENTS
    -   Add `.patch` to `attachment.ALLOWED_TYPES` ([#&#8203;23580](go-gitea/gitea#23580)) ([#&#8203;23582](go-gitea/gitea#23582))
    -   Fix sticky header in diff view ([#&#8203;23554](go-gitea/gitea#23554)) ([#&#8203;23568](go-gitea/gitea#23568))
    -   Refactor merge/update git command calls ([#&#8203;23366](go-gitea/gitea#23366)) ([#&#8203;23544](go-gitea/gitea#23544))
    -   Fix review comment context menu clipped bug ([#&#8203;23523](go-gitea/gitea#23523)) ([#&#8203;23543](go-gitea/gitea#23543))
    -   Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) ([#&#8203;23513](go-gitea/gitea#23513)) ([#&#8203;23540](go-gitea/gitea#23540))
    -   Increase horizontal page padding ([#&#8203;23507](go-gitea/gitea#23507)) ([#&#8203;23537](go-gitea/gitea#23537))
    -   Use octicon-verified for gpg signatures ([#&#8203;23529](go-gitea/gitea#23529)) ([#&#8203;23536](go-gitea/gitea#23536))
    -   Make time tooltips interactive ([#&#8203;23526](go-gitea/gitea#23526)) ([#&#8203;23527](go-gitea/gitea#23527))
    -   Replace Less with CSS ([#&#8203;23508](go-gitea/gitea#23508))
    -   Fix 'View File' button in code search ([#&#8203;23478](go-gitea/gitea#23478)) ([#&#8203;23483](go-gitea/gitea#23483))
    -   Convert GitHub event on actions and fix some pull_request events. ([#&#8203;23037](go-gitea/gitea#23037)) ([#&#8203;23471](go-gitea/gitea#23471))
    -   Support reflogs ([#&#8203;22451](go-gitea/gitea#22451)) ([#&#8203;23438](go-gitea/gitea#23438))
    -   Fix actions frontend bugs (pagination, long name alignment) and small simplify ([#&#8203;23370](go-gitea/gitea#23370)) ([#&#8203;23436](go-gitea/gitea#23436))
    -   Scoped label display and documentation tweaks ([#&#8203;23430](go-gitea/gitea#23430)) ([#&#8203;23433](go-gitea/gitea#23433))
    -   Add missing tabs to org projects page ([#&#8203;22705](go-gitea/gitea#22705)) ([#&#8203;23412](go-gitea/gitea#23412))
    -   Fix and move "Use this template" button ([#&#8203;23398](go-gitea/gitea#23398)) ([#&#8203;23408](go-gitea/gitea#23408))
    -   Handle OpenID discovery URL errors a little nicer when creating/editing sources ([#&#8203;23397](go-gitea/gitea#23397)) ([#&#8203;23403](go-gitea/gitea#23403))
    -   Rename `canWriteUnit` to `canWriteProjects` ([#&#8203;23386](go-gitea/gitea#23386)) ([#&#8203;23399](go-gitea/gitea#23399))
    -   Refactor and tidy-up the merge/update branch code ([#&#8203;22568](go-gitea/gitea#22568)) ([#&#8203;23365](go-gitea/gitea#23365))
    -   Refactor `setting.Database.UseXXX` to methods ([#&#8203;23354](go-gitea/gitea#23354)) ([#&#8203;23356](go-gitea/gitea#23356))
    -   Fix incorrect project links and use symlink icon for org-wide projects ([#&#8203;23325](go-gitea/gitea#23325)) ([#&#8203;23336](go-gitea/gitea#23336))
    -   Fix PR view misalignment caused by long name file ([#&#8203;23321](go-gitea/gitea#23321)) ([#&#8203;23335](go-gitea/gitea#23335))
    -   Scoped labels: don't require holding alt key to remove ([#&#8203;23303](go-gitea/gitea#23303)) ([#&#8203;23331](go-gitea/gitea#23331))
    -   Add context when rendering labels or emojis ([#&#8203;23281](go-gitea/gitea#23281)) ([#&#8203;23319](go-gitea/gitea#23319))
    -   Change interactiveBorder to fix popup preview  ([#&#8203;23169](go-gitea/gitea#23169)) ([#&#8203;23314](go-gitea/gitea#23314))
    -   Scoped labels: set aria-disabled on muted Exclusive option for a11y ([#&#8203;23306](go-gitea/gitea#23306)) ([#&#8203;23311](go-gitea/gitea#23311))
    -   update to mermaid v10 ([#&#8203;23178](go-gitea/gitea#23178)) ([#&#8203;23299](go-gitea/gitea#23299))
    -   Fix code wrap for unbroken lines ([#&#8203;23268](go-gitea/gitea#23268)) ([#&#8203;23293](go-gitea/gitea#23293))
    -   Use async await to fix empty quote reply at first time ([#&#8203;23168](go-gitea/gitea#23168)) ([#&#8203;23256](go-gitea/gitea#23256))
    -   Fix switched citation format ([#&#8203;23250](go-gitea/gitea#23250)) ([#&#8203;23253](go-gitea/gitea#23253))
    -   Allow `<video>` in MarkDown ([#&#8203;22892](go-gitea/gitea#22892)) ([#&#8203;23236](go-gitea/gitea#23236))
    -   Order pull request conflict checking by recently updated, for each push ([#&#8203;23220](go-gitea/gitea#23220)) ([#&#8203;23225](go-gitea/gitea#23225))
    -   Fix Fomantic UI's `touchstart` fastclick, always use `click` for click events ([#&#8203;23065](go-gitea/gitea#23065)) ([#&#8203;23195](go-gitea/gitea#23195))
    -   Add word-break to sidebar-item-link ([#&#8203;23146](go-gitea/gitea#23146)) ([#&#8203;23180](go-gitea/gitea#23180))
    -   Add InsecureSkipVerify to Minio Client for Storage ([#&#8203;23166](go-gitea/gitea#23166)) ([#&#8203;23177](go-gitea/gitea#23177))
    -   Fix height for sticky head on large screen on PR page ([#&#8203;23111](go-gitea/gitea#23111)) ([#&#8203;23123](go-gitea/gitea#23123))
    -   Change style to improve whitespaces trimming inside inline markdown code ([#&#8203;23093](go-gitea/gitea#23093)) ([#&#8203;23120](go-gitea/gitea#23120))
    -   Avoid warning for system setting when start up ([#&#8203;23054](go-gitea/gitea#23054)) ([#&#8203;23116](go-gitea/gitea#23116))
    -   Add accessibility to the menu on the navbar ([#&#8203;23059](go-gitea/gitea#23059)) ([#&#8203;23095](go-gitea/gitea#23095))
    -   Improve accessibility for issue comments ([#&#8203;22612](go-gitea/gitea#22612)) ([#&#8203;23083](go-gitea/gitea#23083))
    -   Remove delete button for review comment ([#&#8203;23036](go-gitea/gitea#23036))
    -   Remove dashes between organization member avatars on hover ([#&#8203;23034](go-gitea/gitea#23034))
    -   Use `gt-relative` class instead of the ambiguous `gt-pr` class  ([#&#8203;23008](go-gitea/gitea#23008))
    -   handle deprecated settings ([#&#8203;22992](go-gitea/gitea#22992))
    -   Add scopes to API to create token and display them ([#&#8203;22989](go-gitea/gitea#22989))
    -   Improve PR Review Box UI ([#&#8203;22986](go-gitea/gitea#22986))
    -   Improve issues.LoadProject ([#&#8203;22982](go-gitea/gitea#22982))
    -   Add all units to the units permission list in org team members sidebar ([#&#8203;22971](go-gitea/gitea#22971))
    -   Rename `GetUnits` to `LoadUnits` ([#&#8203;22970](go-gitea/gitea#22970))
    -   Rename `repo.GetOwner` to `repo.LoadOwner` ([#&#8203;22967](go-gitea/gitea#22967))
    -   Rename "People" to "Members" in organization page and use a better icon ([#&#8203;22960](go-gitea/gitea#22960))
    -   Fix avatar misalignment ([#&#8203;22955](go-gitea/gitea#22955))
    -   Sort issues and pulls by recently updated in user and organization home ([#&#8203;22925](go-gitea/gitea#22925))
    -   Add `title` to PR file tree items ([#&#8203;22918](go-gitea/gitea#22918))
    -   First step to refactor the `.hide` to `.gt-hidden` ([#&#8203;22916](go-gitea/gitea#22916))
    -   Add tooltip to issue reference ([#&#8203;22913](go-gitea/gitea#22913))
    -   Always show the `command line instructions` button even if there are conflicts ([#&#8203;22909](go-gitea/gitea#22909))
    -   Fix dark-colored description text in arc-green theme ([#&#8203;22908](go-gitea/gitea#22908))
    -   Remove Fomantic-UI's `.hidden` CSS class for menu elements ([#&#8203;22895](go-gitea/gitea#22895))
    -   Move helpers to be prefixed with `gt-` ([#&#8203;22879](go-gitea/gitea#22879))
    -   Move `IsReadmeFile*` from `modules/markup/` to `modules/util` ([#&#8203;22877](go-gitea/gitea#22877))
    -   Highlight focused diff file ([#&#8203;22870](go-gitea/gitea#22870))
    -   Add some headings to repo views ([#&#8203;22869](go-gitea/gitea#22869))
    -   Fix milestone title font problem ([#&#8203;22863](go-gitea/gitea#22863))
    -   Pull Requests: setting to allow edits by maintainers by default, tweak UI ([#&#8203;22862](go-gitea/gitea#22862))
    -   Introduce customized HTML elements, fix incorrect AppUrl usages in templates ([#&#8203;22861](go-gitea/gitea#22861))
    -   Add `/$count` endpoints for NuGet v2 ([#&#8203;22855](go-gitea/gitea#22855))
    -   Remove Fomantic-UI's `.hidden` CSS class for checkbox elements ([#&#8203;22851](go-gitea/gitea#22851))
    -   Fix notification and stopwatch empty states ([#&#8203;22845](go-gitea/gitea#22845))
    -   Always go full width in PR view ([#&#8203;22844](go-gitea/gitea#22844))
    -   Improve AppUrl/ROOT_URL checking ([#&#8203;22836](go-gitea/gitea#22836))
    -   Fix style of actions rerun button ([#&#8203;22835](go-gitea/gitea#22835))
    -   Fix more HTMLURL in templates ([#&#8203;22831](go-gitea/gitea#22831))
    -   Fix inconsistent Filter Project name in issue list ([#&#8203;22827](go-gitea/gitea#22827))
    -   include build info in Prometheus metrics ([#&#8203;22819](go-gitea/gitea#22819))
    -   Make clone URL use current page's host ([#&#8203;22808](go-gitea/gitea#22808))
    -   Refactor legacy strange git operations ([#&#8203;22756](go-gitea/gitea#22756))
    -   Improve error report when user passes a private key ([#&#8203;22726](go-gitea/gitea#22726))
    -   set user dashboard org visibility to basic ([#&#8203;22706](go-gitea/gitea#22706))
    -   Fix diff UI for unexpandable items ([#&#8203;22700](go-gitea/gitea#22700))
    -   Remove 'primary' class from tab counter labels ([#&#8203;22687](go-gitea/gitea#22687))
    -   Add more events details supports for actions ([#&#8203;22680](go-gitea/gitea#22680))
    -   Refactor git command package to improve security and maintainability ([#&#8203;22678](go-gitea/gitea#22678))
    -   Use relative url in actions view ([#&#8203;22675](go-gitea/gitea#22675))
    -   set user visibility class to basic ([#&#8203;22674](go-gitea/gitea#22674))
    -   Add repository setting to enable/disable releases unit ([#&#8203;22671](go-gitea/gitea#22671))
    -   Remove label color from global issue filters ([#&#8203;22660](go-gitea/gitea#22660))
    -   Fix poor alignment of organization description on organization home page ([#&#8203;22656](go-gitea/gitea#22656))
    -   Small refactor for loading PRs ([#&#8203;22652](go-gitea/gitea#22652))
    -   Allow setting access token scope by CLI ([#&#8203;22648](go-gitea/gitea#22648))
    -   Improve accessibility of navigation bar and footer ([#&#8203;22635](go-gitea/gitea#22635))
    -   Fixes accessibility behavior of Watching, Staring and Fork buttons ([#&#8203;22634](go-gitea/gitea#22634))
    -   Fixes accessibility of empty repository commit status ([#&#8203;22632](go-gitea/gitea#22632))
    -   Pull request yaml template support for including commit body in a field ([#&#8203;22629](go-gitea/gitea#22629))
    -   Show migration validation error ([#&#8203;22619](go-gitea/gitea#22619))
    -   set org visibility class to basic in header ([#&#8203;22605](go-gitea/gitea#22605))
    -   Fix cache-control header clearing comment text when editing issue ([#&#8203;22604](go-gitea/gitea#22604))
    -   Add ARIA support for Fomantic UI checkboxes ([#&#8203;22599](go-gitea/gitea#22599))
    -   Add templates to customize text when creating and migrating repositories ([#&#8203;22597](go-gitea/gitea#22597))
    -   Allow setting `redirect_to` cookie on OAuth login ([#&#8203;22594](go-gitea/gitea#22594))
    -   Improve checkbox accessibility a bit by adding the title attribute ([#&#8203;22593](go-gitea/gitea#22593))
    -   Allow issue templates to not render title ([#&#8203;22589](go-gitea/gitea#22589))
    -   Webhooks: for issue close/reopen action, add commit ID that caused it ([#&#8203;22583](go-gitea/gitea#22583))
    -   Fix missing title and filter in issue sidebar project menu ([#&#8203;22557](go-gitea/gitea#22557))
    -   Issues: support setting issue template field values with query ([#&#8203;22545](go-gitea/gitea#22545))
    -   Issues: add Project filter to issues list and search ([#&#8203;22544](go-gitea/gitea#22544))
    -   Pull Requests: add color to approved/reject icon in pull requests list ([#&#8203;22543](go-gitea/gitea#22543))
    -   Mute all links in issue timeline ([#&#8203;22533](go-gitea/gitea#22533))
    -   Dropzone: Add "Copy link" button for new uploads ([#&#8203;22517](go-gitea/gitea#22517))
    -   Support importing comment types ([#&#8203;22510](go-gitea/gitea#22510))
    -   Load asciicast css async ([#&#8203;22502](go-gitea/gitea#22502))
    -   Move delete user to service ([#&#8203;22478](go-gitea/gitea#22478))
    -   Change use of Walk to WalkDir to improve disk performance ([#&#8203;22462](go-gitea/gitea#22462))
    -   Add reply hint to mail text ([#&#8203;22459](go-gitea/gitea#22459))
    -   fix wrong theme class when logged out if default theme is changed ([#&#8203;22408](go-gitea/gitea#22408))
    -   Refactor the setting to make unit test easier ([#&#8203;22405](go-gitea/gitea#22405))
    -   Improve utils of slices ([#&#8203;22379](go-gitea/gitea#22379))
    -   Use context parameter in models/git ([#&#8203;22367](go-gitea/gitea#22367))
    -   Always reuse transaction ([#&#8203;22362](go-gitea/gitea#22362))
    -   Fix unstable emoji sort ([#&#8203;22346](go-gitea/gitea#22346))
    -   Add context cache as a request level cache ([#&#8203;22294](go-gitea/gitea#22294))
    -   Reminder for no more logs to console ([#&#8203;22282](go-gitea/gitea#22282))
    -   Support estimated count with multiple schemas ([#&#8203;22276](go-gitea/gitea#22276))
    -   Move `convert` package to services ([#&#8203;22264](go-gitea/gitea#22264))
    -   Use dynamic package type list ([#&#8203;22263](go-gitea/gitea#22263))
    -   Hide file borders on sticky diff box ([#&#8203;22217](go-gitea/gitea#22217))
    -   Improve notification and stopwatch styles ([#&#8203;22169](go-gitea/gitea#22169))
    -   Fixed Project view .board-column height for tall screens. ([#&#8203;22108](go-gitea/gitea#22108))
    -   Use multi reader instead to concat strings ([#&#8203;22099](go-gitea/gitea#22099))
    -   Use git command instead of exec.Cmd in blame ([#&#8203;22098](go-gitea/gitea#22098))
    -   Fix autofilled text visibility in dark mode ([#&#8203;22088](go-gitea/gitea#22088))
    -   Rename almost all Ctx functions ([#&#8203;22071](go-gitea/gitea#22071))
    -   Rename actions to operations on UI ([#&#8203;22067](go-gitea/gitea#22067))
    -   refactor bind functions based on generics ([#&#8203;22055](go-gitea/gitea#22055))
    -   Support disabling database auto migration ([#&#8203;22053](go-gitea/gitea#22053))
    -   remove duplicated read file code ([#&#8203;22042](go-gitea/gitea#22042))
    -   Use link in UI which returned a relative url but not html_url which contains an absolute url ([#&#8203;21986](go-gitea/gitea#21986))
    -   Skip initing disabled storages ([#&#8203;21985](go-gitea/gitea#21985))
    -   Add doctor command for full GC of LFS ([#&#8203;21978](go-gitea/gitea#21978))
    -   Util type to parse ref name ([#&#8203;21969](go-gitea/gitea#21969))
    -   Replace fmt.Sprintf with hex.EncodeToString ([#&#8203;21960](go-gitea/gitea#21960))
    -   Use random bytes to generate access token ([#&#8203;21959](go-gitea/gitea#21959))
    -   Add index for access_token ([#&#8203;21908](go-gitea/gitea#21908))
    -   Move all remaining colors into CSS variables ([#&#8203;21903](go-gitea/gitea#21903))
    -   Webhook list enhancements ([#&#8203;21893](go-gitea/gitea#21893))
    -   Embed Matrix icon as SVG ([#&#8203;21890](go-gitea/gitea#21890))
    -   Remove useless "Cancel" buttons ([#&#8203;21872](go-gitea/gitea#21872))
    -   fix(web): keep the pages of the navigation in the center ([#&#8203;21867](go-gitea/gitea#21867))
    -   fix(web): reduce page jitter on browsers that support overlay scrollbar ([#&#8203;21850](go-gitea/gitea#21850))
    -   Improvements for Content Copy ([#&#8203;21842](go-gitea/gitea#21842))
    -   Tweak katex options ([#&#8203;21828](go-gitea/gitea#21828))
    -   Show syntax lexer name in file view/blame ([#&#8203;21814](go-gitea/gitea#21814))
    -   Remove `href="javascript:;"` in "save topics (Done)" button ([#&#8203;21813](go-gitea/gitea#21813))
    -   Render number of commits in repo page in a user friendly way ([#&#8203;21786](go-gitea/gitea#21786))
    -   Adjust clone timeout error to suggest increasing timeout ([#&#8203;21769](go-gitea/gitea#21769))
    -   Update message of reach_limit_of_creation ([#&#8203;21757](go-gitea/gitea#21757))
    -   Allow detect whether it's in a database transaction for a context.Context ([#&#8203;21756](go-gitea/gitea#21756))
    -   Add configuration for CORS allowed headers ([#&#8203;21747](go-gitea/gitea#21747))
    -   Move svg html render to modules/svg ([#&#8203;21716](go-gitea/gitea#21716))
    -   Release and Tag List tweaks ([#&#8203;21712](go-gitea/gitea#21712))
    -   Remove template previewer ([#&#8203;21701](go-gitea/gitea#21701))
    -   Clean up formatting on install page ([#&#8203;21668](go-gitea/gitea#21668))
    -   Configure update checker on installation page ([#&#8203;21655](go-gitea/gitea#21655))
    -   Merge db.Iterate and IterateObjects ([#&#8203;21641](go-gitea/gitea#21641))
    -   Add option to enable CAPTCHA validation for login ([#&#8203;21638](go-gitea/gitea#21638))
    -   Allow disable RSS/Atom feed ([#&#8203;21622](go-gitea/gitea#21622))
    -   Use CSS color-scheme instead of invert ([#&#8203;21616](go-gitea/gitea#21616))
    -   Localize time units on activity heatmap ([#&#8203;21570](go-gitea/gitea#21570))
    -   Fix UI column width, button overflow Fomantic's grid ([#&#8203;21559](go-gitea/gitea#21559))
    -   feat: notify doers of a merge when automerging ([#&#8203;21553](go-gitea/gitea#21553))
    -   Split migrations folder ([#&#8203;21549](go-gitea/gitea#21549))
    -   feat: add button to quickly clear merge message ([#&#8203;21548](go-gitea/gitea#21548))
    -   Add `context.Context` to more methods ([#&#8203;21546](go-gitea/gitea#21546))
    -   Add index for hook_task table ([#&#8203;21545](go-gitea/gitea#21545))
    -   Allow disable code tab ([#&#8203;20805](go-gitea/gitea#20805))
-   BUGFIXES
    -   Fix template error when reference Project ([#&#8203;23584](go-gitea/gitea#23584))
    -   Fix dropdown icon misalignment when using fomantic icon ([#&#8203;23558](go-gitea/gitea#23558)) ([#&#8203;23577](go-gitea/gitea#23577))
    -   Fix diff detail buttons wrapping, use tippy for review box ([#&#8203;23271](go-gitea/gitea#23271)) ([#&#8203;23546](go-gitea/gitea#23546))
    -   Handle missing `README` in create repos API ([#&#8203;23387](go-gitea/gitea#23387)) ([#&#8203;23510](go-gitea/gitea#23510))
    -   Disable sending email after push a commit to a closed PR ([#&#8203;23462](go-gitea/gitea#23462)) ([#&#8203;23492](go-gitea/gitea#23492))
    -   Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem ([#&#8203;23450](go-gitea/gitea#23450)) ([#&#8203;23486](go-gitea/gitea#23486))
    -   Fix due date being wrong on issue list ([#&#8203;23475](go-gitea/gitea#23475)) ([#&#8203;23477](go-gitea/gitea#23477))
    -   Remove wrongly added column on migration test fixtures ([#&#8203;23456](go-gitea/gitea#23456)) ([#&#8203;23470](go-gitea/gitea#23470))
    -   Make branches list page operations remember current page ([#&#8203;23420](go-gitea/gitea#23420)) ([#&#8203;23460](go-gitea/gitea#23460))
    -   Fix missing commit status in PR which from forked repo ([#&#8203;23351](go-gitea/gitea#23351)) ([#&#8203;23453](go-gitea/gitea#23453))
    -   Show edit/close/delete button on organization wide repositories ([#&#8203;23388](go-gitea/gitea#23388)) ([#&#8203;23429](go-gitea/gitea#23429))
    -   Preserve file size when creating attachments ([#&#8203;23406](go-gitea/gitea#23406)) ([#&#8203;23426](go-gitea/gitea#23426))
    -   Fix broken Chroma CSS styles ([#&#8203;23174](go-gitea/gitea#23174)) ([#&#8203;23402](go-gitea/gitea#23402))
    -   Fix incorrect NotFound conditions in org/projects.go ([#&#8203;23384](go-gitea/gitea#23384)) ([#&#8203;23395](go-gitea/gitea#23395))
    -   Set `X-Gitea-Debug` header once ([#&#8203;23361](go-gitea/gitea#23361)) ([#&#8203;23381](go-gitea/gitea#23381))
    -   Pass context to avatar for projects view ([#&#8203;23359](go-gitea/gitea#23359)) ([#&#8203;23378](go-gitea/gitea#23378))
    -   Fix panic when getting notes by ref ([#&#8203;23372](go-gitea/gitea#23372)) ([#&#8203;23377](go-gitea/gitea#23377))
    -   Do not recognize text files as audio ([#&#8203;23355](go-gitea/gitea#23355)) ([#&#8203;23368](go-gitea/gitea#23368))
    -   Fix adding of empty class name ([#&#8203;23352](go-gitea/gitea#23352)) ([#&#8203;23360](go-gitea/gitea#23360))
    -   Fix various ImageDiff/SVG bugs ([#&#8203;23312](go-gitea/gitea#23312)) ([#&#8203;23358](go-gitea/gitea#23358))
    -   Fix incorrect display for comment context menu ([#&#8203;23343](go-gitea/gitea#23343)) ([#&#8203;23344](go-gitea/gitea#23344))
    -   Remove unnecessary space on link ([#&#8203;23334](go-gitea/gitea#23334)) ([#&#8203;23340](go-gitea/gitea#23340))
    -   Fix incorrect redirect link of delete org project ([#&#8203;23327](go-gitea/gitea#23327)) ([#&#8203;23339](go-gitea/gitea#23339))
    -   Fix cannot reopen after pushing commits to a closed PR ([#&#8203;23189](go-gitea/gitea#23189)) ([#&#8203;23324](go-gitea/gitea#23324))
    -   Fix broken code editor diff preview ([#&#8203;23307](go-gitea/gitea#23307)) ([#&#8203;23320](go-gitea/gitea#23320))
    -   Support sanitising the URL by removing extra slashes in the URL ([#&#8203;21333](go-gitea/gitea#21333)) ([#&#8203;23300](go-gitea/gitea#23300))
    -   Avoid panic caused by broken payload when creating commit status ([#&#8203;23216](go-gitea/gitea#23216)) ([#&#8203;23294](go-gitea/gitea#23294))
    -   Fill head commit to in payload when notifying push commits for mirroring ([#&#8203;23215](go-gitea/gitea#23215)) ([#&#8203;23292](go-gitea/gitea#23292))
    -   Fix various bugs for "install" page ([#&#8203;23194](go-gitea/gitea#23194)) ([#&#8203;23286](go-gitea/gitea#23286))
    -   Fix GetFilesChangedBetween if the file name may be escaped ([#&#8203;23272](go-gitea/gitea#23272)) ([#&#8203;23279](go-gitea/gitea#23279))
    -   Revert relative links to absolute links in mail templates ([#&#8203;23267](go-gitea/gitea#23267)) ([#&#8203;23269](go-gitea/gitea#23269))
    -   Fix commit retrieval by tag ([#&#8203;21804](go-gitea/gitea#21804)) ([#&#8203;23266](go-gitea/gitea#23266))
    -   Use correct README link to render the README ([#&#8203;23152](go-gitea/gitea#23152)) ([#&#8203;23264](go-gitea/gitea#23264))
    -   Close the temp file when dumping database to make the temp file can be deleted on Windows ([#&#8203;23249](go-gitea/gitea#23249)) ([#&#8203;23251](go-gitea/gitea#23251))
    -   Use the correct selector to hide the checkmark of selected labels on clear ([#&#8203;23224](go-gitea/gitea#23224)) ([#&#8203;23228](go-gitea/gitea#23228))
    -   Fix incorrect checkbox behaviors in the dashboard repolist's filter ([#&#8203;23147](go-gitea/gitea#23147)) ([#&#8203;23205](go-gitea/gitea#23205))
    -   Properly flush unique queues on startup ([#&#8203;23154](go-gitea/gitea#23154)) ([#&#8203;23201](go-gitea/gitea#23201))
    -   Pass `--global` when calling `git config --get`, for consistency with `git config --set` ([#&#8203;23157](go-gitea/gitea#23157)) ([#&#8203;23199](go-gitea/gitea#23199))
    -   Make `gitea serv` respect git binary home ([#&#8203;23138](go-gitea/gitea#23138)) ([#&#8203;23197](go-gitea/gitea#23197))
    -   Change button text for commenting and closing an issue at the same time ([#&#8203;23135](go-gitea/gitea#23135)) ([#&#8203;23182](go-gitea/gitea#23182))
    -   Fix DBConsistency checks on MSSQL ([#&#8203;23132](go-gitea/gitea#23132)) ([#&#8203;23134](go-gitea/gitea#23134))
    -   Show empty repos in Admin Repository Management page ([#&#8203;23114](go-gitea/gitea#23114)) ([#&#8203;23130](go-gitea/gitea#23130))
    -   Redirect to the commit page after applying patch ([#&#8203;23056](go-gitea/gitea#23056)) ([#&#8203;23127](go-gitea/gitea#23127))
    -   Fix nil context in RenderMarkdownToHtml ([#&#8203;23092](go-gitea/gitea#23092)) ([#&#8203;23108](go-gitea/gitea#23108))
    -   Make issue meta dropdown support Enter, confirm before reloading ([#&#8203;23014](go-gitea/gitea#23014)) ([#&#8203;23102](go-gitea/gitea#23102))
    -   Fix SyncOnCommit always return false in API of push_mirrors ([#&#8203;23088](go-gitea/gitea#23088)) ([#&#8203;23100](go-gitea/gitea#23100))
    -   Fix commit name in Apply Patch page ([#&#8203;23086](go-gitea/gitea#23086)) ([#&#8203;23099](go-gitea/gitea#23099))
    -   Fix some more hidden problems ([#&#8203;23074](go-gitea/gitea#23074)) ([#&#8203;23075](go-gitea/gitea#23075))
    -   Bump golang.org/x/net from 0.4.0 to 0.7.0 ([#&#8203;22980](go-gitea/gitea#22980))
    -   Get rules by id when editing branch protection rule ([#&#8203;22932](go-gitea/gitea#22932))
    -   Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) ([#&#8203;22921](go-gitea/gitea#22921))
    -   Increase Content field size of gpg_import_key to MEDIUMTEXT ([#&#8203;22897](go-gitea/gitea#22897))
    -   Fix hidden commit status on multiple checks ([#&#8203;22889](go-gitea/gitea#22889))
    -   Fix update by rebase being wrongly disabled by protected base branch ([#&#8203;22825](go-gitea/gitea#22825))
    -   Make issue title edit buttons focusable and fix incorrect ajax requests ([#&#8203;22807](go-gitea/gitea#22807))
    -   Fix rerun button of Actions ([#&#8203;22798](go-gitea/gitea#22798))
    -   remove update language in ProfilePost ([#&#8203;22748](go-gitea/gitea#22748))
    -   Do not overwrite empty DefaultBranch ([#&#8203;22708](go-gitea/gitea#22708))
    -   Fix ref to trigger Actions ([#&#8203;22679](go-gitea/gitea#22679))
    -   Fix time to NotifyPullRequestSynchronized ([#&#8203;22650](go-gitea/gitea#22650))
    -   Show all projects, not just repo projects and open/closed projects  ([#&#8203;22640](go-gitea/gitea#22640))
    -   Project links should use parent link methods ([#&#8203;22587](go-gitea/gitea#22587))
    -   Fix group filter for ldap source sync ([#&#8203;22506](go-gitea/gitea#22506))
    -   Check quota limits for container uploads ([#&#8203;22450](go-gitea/gitea#22450))
    -   Fix halfCommitter and WithTx ([#&#8203;22366](go-gitea/gitea#22366))
    -   Attempt to fix TestExportUserGPGKeys ([#&#8203;22159](go-gitea/gitea#22159))
    -   Fix heatmap first color being unused ([#&#8203;22157](go-gitea/gitea#22157))
    -   Fix scroll over mermaid frame ([#&#8203;21925](go-gitea/gitea#21925))
    -   Move migration test fixtures to the correct directories ([#&#8203;21901](go-gitea/gitea#21901))
    -   fix(web): add `alt` for logo in home page ([#&#8203;21887](go-gitea/gitea#21887))
    -   Fix webhook attachment text is not set in review comment ([#&#8203;21763](go-gitea/gitea#21763))
    -   Alter package_version.metadata_json to LONGTEXT ([#&#8203;21667](go-gitea/gitea#21667))
    -   Ensure that Webhook tasks are not double delivered ([#&#8203;21558](go-gitea/gitea#21558))
-   TESTING
    -   Make CI use a dummy password hasher for all tests ([#&#8203;22983](go-gitea/gitea#22983))
    -   Disable test for incoming email ([#&#8203;22686](go-gitea/gitea#22686))
    -   Move fuzz tests into tests/fuzz ([#&#8203;22376](go-gitea/gitea#22376))
    -   Test views of LFS files ([#&#8203;22196](go-gitea/gitea#22196))
    -   Specify ID in `TestAPITeam` ([#&#8203;22192](go-gitea/gitea#22192))
    -   verify nodeinfo response by schema  ([#&#8203;22137](go-gitea/gitea#22137))
    -   Skip GitHub migration tests if the API token is undefined ([#&#8203;21824](go-gitea/gitea#21824))
    -   Add a simple test for external renderer ([#&#8203;20033](go-gitea/gitea#20033))
-   TRANSLATION
    -   Use "Title Case" for text "Reference in new issue" ([#&#8203;22936](go-gitea/gitea#22936))
-   BUILD
    -   Wrap unless-check in docker manifests ([#&#8203;23079](go-gitea/gitea#23079)) ([#&#8203;23081](go-gitea/gitea#23081))
    -   Adjust manifest to prevent tagging latest on rcs ([#&#8203;22811](go-gitea/gitea#22811))
    -   update to build with go1.20 ([#&#8203;22732](go-gitea/gitea#22732))
    -   Add Bash and Zsh completion scripts ([#&#8203;22646](go-gitea/gitea#22646))
    -   Add Contributed backport command ([#&#8203;22643](go-gitea/gitea#22643))
    -   Remove deprecated packages & staticcheck fixes ([#&#8203;22012](go-gitea/gitea#22012))
    -   Update to Alpine 3.17 ([#&#8203;21904](go-gitea/gitea#21904))
    -   Fix webpack license warning ([#&#8203;21815](go-gitea/gitea#21815))
-   DOCS
    -   Update documentation for the new YAML label file format  ([#&#8203;23020](go-gitea/gitea#23020)) ([#&#8203;23341](go-gitea/gitea#23341))
    -   Update hacking-on-gitea-zh_cn documentation ([#&#8203;23315](go-gitea/gitea#23315)) ([#&#8203;23323](go-gitea/gitea#23323))
    -   Add basic documentation for labels, including scoped labels ([#&#8203;23304](go-gitea/gitea#23304)) ([#&#8203;23309](go-gitea/gitea#23309))
    -   Re-add accidentally removed `hacking-on-gitea.zh-cn.md` ([#&#8203;23297](go-gitea/gitea#23297)) ([#&#8203;23305](go-gitea/gitea#23305))
    -   Fix secrets overview page missing from docs sidebar ([#&#8203;23143](go-gitea/gitea#23143)) ([#&#8203;23145](go-gitea/gitea#23145))
    -   Add some guidelines for refactoring ([#&#8203;22880](go-gitea/gitea#22880))
    -   Explain that the no-access team unit does not affect public repositories ([#&#8203;22661](go-gitea/gitea#22661))
    -   Fix incorrect Redis URL snippets in the example app.ini ([#&#8203;22573](go-gitea/gitea#22573))
    -   docs: add swagger.json file location to FAQ ([#&#8203;22489](go-gitea/gitea#22489))
    -   Update index.de-de.md ([#&#8203;22363](go-gitea/gitea#22363))
    -   Update Gmail mailer configuration ([#&#8203;22291](go-gitea/gitea#22291))
    -   Add missed reverse proxy authentication documentation ([#&#8203;22250](go-gitea/gitea#22250))
    -   Add plural definitions for German translations ([#&#8203;21802](go-gitea/gitea#21802))
    -   Attempt clarify AppWorkPath etc. ([#&#8203;21656](go-gitea/gitea#21656))
    -   Add some documentation to packages ([#&#8203;21648](go-gitea/gitea#21648))
-   MISC
    -   Use `<nav>` instead of `<div>` in the global navbar ([#&#8203;23125](go-gitea/gitea#23125)) ([#&#8203;23533](go-gitea/gitea#23533))
    -   Do not create commit graph for temporary repos ([#&#8203;23219](go-gitea/gitea#23219)) ([#&#8203;23229](go-gitea/gitea#23229))
    -   Update button is shown when a Pull Request is marked WIP - Issue [#&#8203;21740](go-gitea/gitea#21740) ([#&#8203;22683](go-gitea/gitea#22683))
    -   Add main landmark to templates and adjust titles ([#&#8203;22670](go-gitea/gitea#22670))
    -   Fix error on account activation with wrong passwd ([#&#8203;22609](go-gitea/gitea#22609))
    -   Update JS dependencies ([#&#8203;22538](go-gitea/gitea#22538))
    -   Display unreferenced packages total size in package admin panel ([#&#8203;22498](go-gitea/gitea#22498))
    -   Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. ([#&#8203;22152](go-gitea/gitea#22152))
    -   Update chroma to v2.4.0 ([#&#8203;22000](go-gitea/gitea#22000))
    -   Hide collapse icon in diff with no lines ([#&#8203;21094](go-gitea/gitea#21094))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNC4wIiwidXBkYXRlZEluVmVyIjoiMzUuMTQuMCJ9-->

Co-authored-by: Michael Wittig <michael.wittig@posteo.de>
Reviewed-on: https://gitea.sh4ke.rocks/sh4ke/k8s-projects/pulls/115
Sh4kE added a commit to Sh4kE/k8s-projects that referenced this pull request Mar 22, 2023
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [gitea/gitea](https://github.com/go-gitea/gitea) | minor | `1.18.5-rootless` -> `1.19.0-rootless` |

---

### Release Notes

<details>
<summary>go-gitea/gitea</summary>

### [`v1.19.0`](https://github.com/go-gitea/gitea/blob/HEAD/CHANGELOG.md#&#8203;1190-httpsgithubcomgo-giteagiteareleasestag1190---2023-03-19)

[Compare Source](go-gitea/gitea@v1.18.5...v1.19.0)

-   BREAKING
    -   Add loading yaml label template files ([#&#8203;22976](go-gitea/gitea#22976)) ([#&#8203;23232](go-gitea/gitea#23232))
    -   Make issue and code search support camel case for Bleve ([#&#8203;22829](go-gitea/gitea#22829))
    -   Repositories: by default disable all units except code and pulls on forks ([#&#8203;22541](go-gitea/gitea#22541))
    -   Support template for merge message description ([#&#8203;22248](go-gitea/gitea#22248))
    -   Remove ONLY_SHOW_RELEVANT_REPOS setting ([#&#8203;21962](go-gitea/gitea#21962))
    -   Implement actions ([#&#8203;21937](go-gitea/gitea#21937))
    -   Remove deprecated DSA host key from Docker Container ([#&#8203;21522](go-gitea/gitea#21522))
    -   Improve valid user name check ([#&#8203;20136](go-gitea/gitea#20136))
-   SECURITY
    -   Return 404 instead of 403 if user can not access the repo ([#&#8203;23155](go-gitea/gitea#23155)) ([#&#8203;23158](go-gitea/gitea#23158))
    -   Support scoped access tokens ([#&#8203;20908](go-gitea/gitea#20908))
-   FEATURES
    -   Add support for commit cross references ([#&#8203;22645](go-gitea/gitea#22645))
    -   Scoped labels ([#&#8203;22585](go-gitea/gitea#22585))
    -   Add Chef package registry ([#&#8203;22554](go-gitea/gitea#22554))
    -   Support asciicast files as new markup ([#&#8203;22448](go-gitea/gitea#22448))
    -   cgo cross-compile for freebsd ([#&#8203;22397](go-gitea/gitea#22397))
    -   Add cron method to gc LFS MetaObjects ([#&#8203;22385](go-gitea/gitea#22385))
    -   Add new captcha: cloudflare turnstile ([#&#8203;22369](go-gitea/gitea#22369))
    -   Enable `@<user>`- completion popup on the release description textarea ([#&#8203;22359](go-gitea/gitea#22359))
    -   make /{username}.png redirect to user/org avatar ([#&#8203;22356](go-gitea/gitea#22356))
    -   Add Conda package registry ([#&#8203;22262](go-gitea/gitea#22262))
    -   Support org/user level projects ([#&#8203;22235](go-gitea/gitea#22235))
    -   Add Mermaid copy button ([#&#8203;22225](go-gitea/gitea#22225))
    -   Add user secrets ([#&#8203;22191](go-gitea/gitea#22191))
    -   Secrets storage with SecretKey encrypted ([#&#8203;22142](go-gitea/gitea#22142))
    -   Preview images for Issue cards in Project Board view ([#&#8203;22112](go-gitea/gitea#22112))
    -   Add support for incoming emails ([#&#8203;22056](go-gitea/gitea#22056))
    -   Add Cargo package registry ([#&#8203;21888](go-gitea/gitea#21888))
    -   Add option to prohibit fork if user reached maximum limit of repositories ([#&#8203;21848](go-gitea/gitea#21848))
    -   Add attention blocks within quote blocks for `Note` and `Warning` ([#&#8203;21711](go-gitea/gitea#21711))
    -   Add Feed for Releases and Tags ([#&#8203;21696](go-gitea/gitea#21696))
    -   Add package registry cleanup rules ([#&#8203;21658](go-gitea/gitea#21658))
    -   Add "Copy" button to file view of raw text ([#&#8203;21629](go-gitea/gitea#21629))
    -   Allow disable sitemap ([#&#8203;21617](go-gitea/gitea#21617))
    -   Add package registry quota limits ([#&#8203;21584](go-gitea/gitea#21584))
    -   Map OIDC groups to Orgs/Teams ([#&#8203;21441](go-gitea/gitea#21441))
    -   Keep languages defined in .gitattributes ([#&#8203;21403](go-gitea/gitea#21403))
    -   Add Webhook authorization header ([#&#8203;20926](go-gitea/gitea#20926))
    -   Supports wildcard protected branch ([#&#8203;20825](go-gitea/gitea#20825))
    -   Copy citation file content, in APA and BibTex format, on repo home page ([#&#8203;19999](go-gitea/gitea#19999))
-   API
    -   Match api migration behavior to web behavior ([#&#8203;23552](go-gitea/gitea#23552)) ([#&#8203;23573](go-gitea/gitea#23573))
    -   Purge API comment ([#&#8203;23451](go-gitea/gitea#23451)) ([#&#8203;23452](go-gitea/gitea#23452))
    -   User creation API: allow custom "created" timestamps ([#&#8203;22549](go-gitea/gitea#22549))
    -   Add `updated_at` field to PullReview API object ([#&#8203;21812](go-gitea/gitea#21812))
    -   Add API management for issue/pull and comment attachments ([#&#8203;21783](go-gitea/gitea#21783))
    -   Add API endpoint to get latest release ([#&#8203;21267](go-gitea/gitea#21267))
    -   Support system hook API ([#&#8203;14537](go-gitea/gitea#14537))
-   ENHANCEMENTS
    -   Add `.patch` to `attachment.ALLOWED_TYPES` ([#&#8203;23580](go-gitea/gitea#23580)) ([#&#8203;23582](go-gitea/gitea#23582))
    -   Fix sticky header in diff view ([#&#8203;23554](go-gitea/gitea#23554)) ([#&#8203;23568](go-gitea/gitea#23568))
    -   Refactor merge/update git command calls ([#&#8203;23366](go-gitea/gitea#23366)) ([#&#8203;23544](go-gitea/gitea#23544))
    -   Fix review comment context menu clipped bug ([#&#8203;23523](go-gitea/gitea#23523)) ([#&#8203;23543](go-gitea/gitea#23543))
    -   Imrove scroll behavior to hash issuecomment(scroll position, auto expand if file is folded, and on refreshing) ([#&#8203;23513](go-gitea/gitea#23513)) ([#&#8203;23540](go-gitea/gitea#23540))
    -   Increase horizontal page padding ([#&#8203;23507](go-gitea/gitea#23507)) ([#&#8203;23537](go-gitea/gitea#23537))
    -   Use octicon-verified for gpg signatures ([#&#8203;23529](go-gitea/gitea#23529)) ([#&#8203;23536](go-gitea/gitea#23536))
    -   Make time tooltips interactive ([#&#8203;23526](go-gitea/gitea#23526)) ([#&#8203;23527](go-gitea/gitea#23527))
    -   Replace Less with CSS ([#&#8203;23508](go-gitea/gitea#23508))
    -   Fix 'View File' button in code search ([#&#8203;23478](go-gitea/gitea#23478)) ([#&#8203;23483](go-gitea/gitea#23483))
    -   Convert GitHub event on actions and fix some pull_request events. ([#&#8203;23037](go-gitea/gitea#23037)) ([#&#8203;23471](go-gitea/gitea#23471))
    -   Support reflogs ([#&#8203;22451](go-gitea/gitea#22451)) ([#&#8203;23438](go-gitea/gitea#23438))
    -   Fix actions frontend bugs (pagination, long name alignment) and small simplify ([#&#8203;23370](go-gitea/gitea#23370)) ([#&#8203;23436](go-gitea/gitea#23436))
    -   Scoped label display and documentation tweaks ([#&#8203;23430](go-gitea/gitea#23430)) ([#&#8203;23433](go-gitea/gitea#23433))
    -   Add missing tabs to org projects page ([#&#8203;22705](go-gitea/gitea#22705)) ([#&#8203;23412](go-gitea/gitea#23412))
    -   Fix and move "Use this template" button ([#&#8203;23398](go-gitea/gitea#23398)) ([#&#8203;23408](go-gitea/gitea#23408))
    -   Handle OpenID discovery URL errors a little nicer when creating/editing sources ([#&#8203;23397](go-gitea/gitea#23397)) ([#&#8203;23403](go-gitea/gitea#23403))
    -   Rename `canWriteUnit` to `canWriteProjects` ([#&#8203;23386](go-gitea/gitea#23386)) ([#&#8203;23399](go-gitea/gitea#23399))
    -   Refactor and tidy-up the merge/update branch code ([#&#8203;22568](go-gitea/gitea#22568)) ([#&#8203;23365](go-gitea/gitea#23365))
    -   Refactor `setting.Database.UseXXX` to methods ([#&#8203;23354](go-gitea/gitea#23354)) ([#&#8203;23356](go-gitea/gitea#23356))
    -   Fix incorrect project links and use symlink icon for org-wide projects ([#&#8203;23325](go-gitea/gitea#23325)) ([#&#8203;23336](go-gitea/gitea#23336))
    -   Fix PR view misalignment caused by long name file ([#&#8203;23321](go-gitea/gitea#23321)) ([#&#8203;23335](go-gitea/gitea#23335))
    -   Scoped labels: don't require holding alt key to remove ([#&#8203;23303](go-gitea/gitea#23303)) ([#&#8203;23331](go-gitea/gitea#23331))
    -   Add context when rendering labels or emojis ([#&#8203;23281](go-gitea/gitea#23281)) ([#&#8203;23319](go-gitea/gitea#23319))
    -   Change interactiveBorder to fix popup preview  ([#&#8203;23169](go-gitea/gitea#23169)) ([#&#8203;23314](go-gitea/gitea#23314))
    -   Scoped labels: set aria-disabled on muted Exclusive option for a11y ([#&#8203;23306](go-gitea/gitea#23306)) ([#&#8203;23311](go-gitea/gitea#23311))
    -   update to mermaid v10 ([#&#8203;23178](go-gitea/gitea#23178)) ([#&#8203;23299](go-gitea/gitea#23299))
    -   Fix code wrap for unbroken lines ([#&#8203;23268](go-gitea/gitea#23268)) ([#&#8203;23293](go-gitea/gitea#23293))
    -   Use async await to fix empty quote reply at first time ([#&#8203;23168](go-gitea/gitea#23168)) ([#&#8203;23256](go-gitea/gitea#23256))
    -   Fix switched citation format ([#&#8203;23250](go-gitea/gitea#23250)) ([#&#8203;23253](go-gitea/gitea#23253))
    -   Allow `<video>` in MarkDown ([#&#8203;22892](go-gitea/gitea#22892)) ([#&#8203;23236](go-gitea/gitea#23236))
    -   Order pull request conflict checking by recently updated, for each push ([#&#8203;23220](go-gitea/gitea#23220)) ([#&#8203;23225](go-gitea/gitea#23225))
    -   Fix Fomantic UI's `touchstart` fastclick, always use `click` for click events ([#&#8203;23065](go-gitea/gitea#23065)) ([#&#8203;23195](go-gitea/gitea#23195))
    -   Add word-break to sidebar-item-link ([#&#8203;23146](go-gitea/gitea#23146)) ([#&#8203;23180](go-gitea/gitea#23180))
    -   Add InsecureSkipVerify to Minio Client for Storage ([#&#8203;23166](go-gitea/gitea#23166)) ([#&#8203;23177](go-gitea/gitea#23177))
    -   Fix height for sticky head on large screen on PR page ([#&#8203;23111](go-gitea/gitea#23111)) ([#&#8203;23123](go-gitea/gitea#23123))
    -   Change style to improve whitespaces trimming inside inline markdown code ([#&#8203;23093](go-gitea/gitea#23093)) ([#&#8203;23120](go-gitea/gitea#23120))
    -   Avoid warning for system setting when start up ([#&#8203;23054](go-gitea/gitea#23054)) ([#&#8203;23116](go-gitea/gitea#23116))
    -   Add accessibility to the menu on the navbar ([#&#8203;23059](go-gitea/gitea#23059)) ([#&#8203;23095](go-gitea/gitea#23095))
    -   Improve accessibility for issue comments ([#&#8203;22612](go-gitea/gitea#22612)) ([#&#8203;23083](go-gitea/gitea#23083))
    -   Remove delete button for review comment ([#&#8203;23036](go-gitea/gitea#23036))
    -   Remove dashes between organization member avatars on hover ([#&#8203;23034](go-gitea/gitea#23034))
    -   Use `gt-relative` class instead of the ambiguous `gt-pr` class  ([#&#8203;23008](go-gitea/gitea#23008))
    -   handle deprecated settings ([#&#8203;22992](go-gitea/gitea#22992))
    -   Add scopes to API to create token and display them ([#&#8203;22989](go-gitea/gitea#22989))
    -   Improve PR Review Box UI ([#&#8203;22986](go-gitea/gitea#22986))
    -   Improve issues.LoadProject ([#&#8203;22982](go-gitea/gitea#22982))
    -   Add all units to the units permission list in org team members sidebar ([#&#8203;22971](go-gitea/gitea#22971))
    -   Rename `GetUnits` to `LoadUnits` ([#&#8203;22970](go-gitea/gitea#22970))
    -   Rename `repo.GetOwner` to `repo.LoadOwner` ([#&#8203;22967](go-gitea/gitea#22967))
    -   Rename "People" to "Members" in organization page and use a better icon ([#&#8203;22960](go-gitea/gitea#22960))
    -   Fix avatar misalignment ([#&#8203;22955](go-gitea/gitea#22955))
    -   Sort issues and pulls by recently updated in user and organization home ([#&#8203;22925](go-gitea/gitea#22925))
    -   Add `title` to PR file tree items ([#&#8203;22918](go-gitea/gitea#22918))
    -   First step to refactor the `.hide` to `.gt-hidden` ([#&#8203;22916](go-gitea/gitea#22916))
    -   Add tooltip to issue reference ([#&#8203;22913](go-gitea/gitea#22913))
    -   Always show the `command line instructions` button even if there are conflicts ([#&#8203;22909](go-gitea/gitea#22909))
    -   Fix dark-colored description text in arc-green theme ([#&#8203;22908](go-gitea/gitea#22908))
    -   Remove Fomantic-UI's `.hidden` CSS class for menu elements ([#&#8203;22895](go-gitea/gitea#22895))
    -   Move helpers to be prefixed with `gt-` ([#&#8203;22879](go-gitea/gitea#22879))
    -   Move `IsReadmeFile*` from `modules/markup/` to `modules/util` ([#&#8203;22877](go-gitea/gitea#22877))
    -   Highlight focused diff file ([#&#8203;22870](go-gitea/gitea#22870))
    -   Add some headings to repo views ([#&#8203;22869](go-gitea/gitea#22869))
    -   Fix milestone title font problem ([#&#8203;22863](go-gitea/gitea#22863))
    -   Pull Requests: setting to allow edits by maintainers by default, tweak UI ([#&#8203;22862](go-gitea/gitea#22862))
    -   Introduce customized HTML elements, fix incorrect AppUrl usages in templates ([#&#8203;22861](go-gitea/gitea#22861))
    -   Add `/$count` endpoints for NuGet v2 ([#&#8203;22855](go-gitea/gitea#22855))
    -   Remove Fomantic-UI's `.hidden` CSS class for checkbox elements ([#&#8203;22851](go-gitea/gitea#22851))
    -   Fix notification and stopwatch empty states ([#&#8203;22845](go-gitea/gitea#22845))
    -   Always go full width in PR view ([#&#8203;22844](go-gitea/gitea#22844))
    -   Improve AppUrl/ROOT_URL checking ([#&#8203;22836](go-gitea/gitea#22836))
    -   Fix style of actions rerun button ([#&#8203;22835](go-gitea/gitea#22835))
    -   Fix more HTMLURL in templates ([#&#8203;22831](go-gitea/gitea#22831))
    -   Fix inconsistent Filter Project name in issue list ([#&#8203;22827](go-gitea/gitea#22827))
    -   include build info in Prometheus metrics ([#&#8203;22819](go-gitea/gitea#22819))
    -   Make clone URL use current page's host ([#&#8203;22808](go-gitea/gitea#22808))
    -   Refactor legacy strange git operations ([#&#8203;22756](go-gitea/gitea#22756))
    -   Improve error report when user passes a private key ([#&#8203;22726](go-gitea/gitea#22726))
    -   set user dashboard org visibility to basic ([#&#8203;22706](go-gitea/gitea#22706))
    -   Fix diff UI for unexpandable items ([#&#8203;22700](go-gitea/gitea#22700))
    -   Remove 'primary' class from tab counter labels ([#&#8203;22687](go-gitea/gitea#22687))
    -   Add more events details supports for actions ([#&#8203;22680](go-gitea/gitea#22680))
    -   Refactor git command package to improve security and maintainability ([#&#8203;22678](go-gitea/gitea#22678))
    -   Use relative url in actions view ([#&#8203;22675](go-gitea/gitea#22675))
    -   set user visibility class to basic ([#&#8203;22674](go-gitea/gitea#22674))
    -   Add repository setting to enable/disable releases unit ([#&#8203;22671](go-gitea/gitea#22671))
    -   Remove label color from global issue filters ([#&#8203;22660](go-gitea/gitea#22660))
    -   Fix poor alignment of organization description on organization home page ([#&#8203;22656](go-gitea/gitea#22656))
    -   Small refactor for loading PRs ([#&#8203;22652](go-gitea/gitea#22652))
    -   Allow setting access token scope by CLI ([#&#8203;22648](go-gitea/gitea#22648))
    -   Improve accessibility of navigation bar and footer ([#&#8203;22635](go-gitea/gitea#22635))
    -   Fixes accessibility behavior of Watching, Staring and Fork buttons ([#&#8203;22634](go-gitea/gitea#22634))
    -   Fixes accessibility of empty repository commit status ([#&#8203;22632](go-gitea/gitea#22632))
    -   Pull request yaml template support for including commit body in a field ([#&#8203;22629](go-gitea/gitea#22629))
    -   Show migration validation error ([#&#8203;22619](go-gitea/gitea#22619))
    -   set org visibility class to basic in header ([#&#8203;22605](go-gitea/gitea#22605))
    -   Fix cache-control header clearing comment text when editing issue ([#&#8203;22604](go-gitea/gitea#22604))
    -   Add ARIA support for Fomantic UI checkboxes ([#&#8203;22599](go-gitea/gitea#22599))
    -   Add templates to customize text when creating and migrating repositories ([#&#8203;22597](go-gitea/gitea#22597))
    -   Allow setting `redirect_to` cookie on OAuth login ([#&#8203;22594](go-gitea/gitea#22594))
    -   Improve checkbox accessibility a bit by adding the title attribute ([#&#8203;22593](go-gitea/gitea#22593))
    -   Allow issue templates to not render title ([#&#8203;22589](go-gitea/gitea#22589))
    -   Webhooks: for issue close/reopen action, add commit ID that caused it ([#&#8203;22583](go-gitea/gitea#22583))
    -   Fix missing title and filter in issue sidebar project menu ([#&#8203;22557](go-gitea/gitea#22557))
    -   Issues: support setting issue template field values with query ([#&#8203;22545](go-gitea/gitea#22545))
    -   Issues: add Project filter to issues list and search ([#&#8203;22544](go-gitea/gitea#22544))
    -   Pull Requests: add color to approved/reject icon in pull requests list ([#&#8203;22543](go-gitea/gitea#22543))
    -   Mute all links in issue timeline ([#&#8203;22533](go-gitea/gitea#22533))
    -   Dropzone: Add "Copy link" button for new uploads ([#&#8203;22517](go-gitea/gitea#22517))
    -   Support importing comment types ([#&#8203;22510](go-gitea/gitea#22510))
    -   Load asciicast css async ([#&#8203;22502](go-gitea/gitea#22502))
    -   Move delete user to service ([#&#8203;22478](go-gitea/gitea#22478))
    -   Change use of Walk to WalkDir to improve disk performance ([#&#8203;22462](go-gitea/gitea#22462))
    -   Add reply hint to mail text ([#&#8203;22459](go-gitea/gitea#22459))
    -   fix wrong theme class when logged out if default theme is changed ([#&#8203;22408](go-gitea/gitea#22408))
    -   Refactor the setting to make unit test easier ([#&#8203;22405](go-gitea/gitea#22405))
    -   Improve utils of slices ([#&#8203;22379](go-gitea/gitea#22379))
    -   Use context parameter in models/git ([#&#8203;22367](go-gitea/gitea#22367))
    -   Always reuse transaction ([#&#8203;22362](go-gitea/gitea#22362))
    -   Fix unstable emoji sort ([#&#8203;22346](go-gitea/gitea#22346))
    -   Add context cache as a request level cache ([#&#8203;22294](go-gitea/gitea#22294))
    -   Reminder for no more logs to console ([#&#8203;22282](go-gitea/gitea#22282))
    -   Support estimated count with multiple schemas ([#&#8203;22276](go-gitea/gitea#22276))
    -   Move `convert` package to services ([#&#8203;22264](go-gitea/gitea#22264))
    -   Use dynamic package type list ([#&#8203;22263](go-gitea/gitea#22263))
    -   Hide file borders on sticky diff box ([#&#8203;22217](go-gitea/gitea#22217))
    -   Improve notification and stopwatch styles ([#&#8203;22169](go-gitea/gitea#22169))
    -   Fixed Project view .board-column height for tall screens. ([#&#8203;22108](go-gitea/gitea#22108))
    -   Use multi reader instead to concat strings ([#&#8203;22099](go-gitea/gitea#22099))
    -   Use git command instead of exec.Cmd in blame ([#&#8203;22098](go-gitea/gitea#22098))
    -   Fix autofilled text visibility in dark mode ([#&#8203;22088](go-gitea/gitea#22088))
    -   Rename almost all Ctx functions ([#&#8203;22071](go-gitea/gitea#22071))
    -   Rename actions to operations on UI ([#&#8203;22067](go-gitea/gitea#22067))
    -   refactor bind functions based on generics ([#&#8203;22055](go-gitea/gitea#22055))
    -   Support disabling database auto migration ([#&#8203;22053](go-gitea/gitea#22053))
    -   remove duplicated read file code ([#&#8203;22042](go-gitea/gitea#22042))
    -   Use link in UI which returned a relative url but not html_url which contains an absolute url ([#&#8203;21986](go-gitea/gitea#21986))
    -   Skip initing disabled storages ([#&#8203;21985](go-gitea/gitea#21985))
    -   Add doctor command for full GC of LFS ([#&#8203;21978](go-gitea/gitea#21978))
    -   Util type to parse ref name ([#&#8203;21969](go-gitea/gitea#21969))
    -   Replace fmt.Sprintf with hex.EncodeToString ([#&#8203;21960](go-gitea/gitea#21960))
    -   Use random bytes to generate access token ([#&#8203;21959](go-gitea/gitea#21959))
    -   Add index for access_token ([#&#8203;21908](go-gitea/gitea#21908))
    -   Move all remaining colors into CSS variables ([#&#8203;21903](go-gitea/gitea#21903))
    -   Webhook list enhancements ([#&#8203;21893](go-gitea/gitea#21893))
    -   Embed Matrix icon as SVG ([#&#8203;21890](go-gitea/gitea#21890))
    -   Remove useless "Cancel" buttons ([#&#8203;21872](go-gitea/gitea#21872))
    -   fix(web): keep the pages of the navigation in the center ([#&#8203;21867](go-gitea/gitea#21867))
    -   fix(web): reduce page jitter on browsers that support overlay scrollbar ([#&#8203;21850](go-gitea/gitea#21850))
    -   Improvements for Content Copy ([#&#8203;21842](go-gitea/gitea#21842))
    -   Tweak katex options ([#&#8203;21828](go-gitea/gitea#21828))
    -   Show syntax lexer name in file view/blame ([#&#8203;21814](go-gitea/gitea#21814))
    -   Remove `href="javascript:;"` in "save topics (Done)" button ([#&#8203;21813](go-gitea/gitea#21813))
    -   Render number of commits in repo page in a user friendly way ([#&#8203;21786](go-gitea/gitea#21786))
    -   Adjust clone timeout error to suggest increasing timeout ([#&#8203;21769](go-gitea/gitea#21769))
    -   Update message of reach_limit_of_creation ([#&#8203;21757](go-gitea/gitea#21757))
    -   Allow detect whether it's in a database transaction for a context.Context ([#&#8203;21756](go-gitea/gitea#21756))
    -   Add configuration for CORS allowed headers ([#&#8203;21747](go-gitea/gitea#21747))
    -   Move svg html render to modules/svg ([#&#8203;21716](go-gitea/gitea#21716))
    -   Release and Tag List tweaks ([#&#8203;21712](go-gitea/gitea#21712))
    -   Remove template previewer ([#&#8203;21701](go-gitea/gitea#21701))
    -   Clean up formatting on install page ([#&#8203;21668](go-gitea/gitea#21668))
    -   Configure update checker on installation page ([#&#8203;21655](go-gitea/gitea#21655))
    -   Merge db.Iterate and IterateObjects ([#&#8203;21641](go-gitea/gitea#21641))
    -   Add option to enable CAPTCHA validation for login ([#&#8203;21638](go-gitea/gitea#21638))
    -   Allow disable RSS/Atom feed ([#&#8203;21622](go-gitea/gitea#21622))
    -   Use CSS color-scheme instead of invert ([#&#8203;21616](go-gitea/gitea#21616))
    -   Localize time units on activity heatmap ([#&#8203;21570](go-gitea/gitea#21570))
    -   Fix UI column width, button overflow Fomantic's grid ([#&#8203;21559](go-gitea/gitea#21559))
    -   feat: notify doers of a merge when automerging ([#&#8203;21553](go-gitea/gitea#21553))
    -   Split migrations folder ([#&#8203;21549](go-gitea/gitea#21549))
    -   feat: add button to quickly clear merge message ([#&#8203;21548](go-gitea/gitea#21548))
    -   Add `context.Context` to more methods ([#&#8203;21546](go-gitea/gitea#21546))
    -   Add index for hook_task table ([#&#8203;21545](go-gitea/gitea#21545))
    -   Allow disable code tab ([#&#8203;20805](go-gitea/gitea#20805))
-   BUGFIXES
    -   Fix template error when reference Project ([#&#8203;23584](go-gitea/gitea#23584))
    -   Fix dropdown icon misalignment when using fomantic icon ([#&#8203;23558](go-gitea/gitea#23558)) ([#&#8203;23577](go-gitea/gitea#23577))
    -   Fix diff detail buttons wrapping, use tippy for review box ([#&#8203;23271](go-gitea/gitea#23271)) ([#&#8203;23546](go-gitea/gitea#23546))
    -   Handle missing `README` in create repos API ([#&#8203;23387](go-gitea/gitea#23387)) ([#&#8203;23510](go-gitea/gitea#23510))
    -   Disable sending email after push a commit to a closed PR ([#&#8203;23462](go-gitea/gitea#23462)) ([#&#8203;23492](go-gitea/gitea#23492))
    -   Fix aria.js bugs: incorrect role element problem, mobile focus problem, tippy problem ([#&#8203;23450](go-gitea/gitea#23450)) ([#&#8203;23486](go-gitea/gitea#23486))
    -   Fix due date being wrong on issue list ([#&#8203;23475](go-gitea/gitea#23475)) ([#&#8203;23477](go-gitea/gitea#23477))
    -   Remove wrongly added column on migration test fixtures ([#&#8203;23456](go-gitea/gitea#23456)) ([#&#8203;23470](go-gitea/gitea#23470))
    -   Make branches list page operations remember current page ([#&#8203;23420](go-gitea/gitea#23420)) ([#&#8203;23460](go-gitea/gitea#23460))
    -   Fix missing commit status in PR which from forked repo ([#&#8203;23351](go-gitea/gitea#23351)) ([#&#8203;23453](go-gitea/gitea#23453))
    -   Show edit/close/delete button on organization wide repositories ([#&#8203;23388](go-gitea/gitea#23388)) ([#&#8203;23429](go-gitea/gitea#23429))
    -   Preserve file size when creating attachments ([#&#8203;23406](go-gitea/gitea#23406)) ([#&#8203;23426](go-gitea/gitea#23426))
    -   Fix broken Chroma CSS styles ([#&#8203;23174](go-gitea/gitea#23174)) ([#&#8203;23402](go-gitea/gitea#23402))
    -   Fix incorrect NotFound conditions in org/projects.go ([#&#8203;23384](go-gitea/gitea#23384)) ([#&#8203;23395](go-gitea/gitea#23395))
    -   Set `X-Gitea-Debug` header once ([#&#8203;23361](go-gitea/gitea#23361)) ([#&#8203;23381](go-gitea/gitea#23381))
    -   Pass context to avatar for projects view ([#&#8203;23359](go-gitea/gitea#23359)) ([#&#8203;23378](go-gitea/gitea#23378))
    -   Fix panic when getting notes by ref ([#&#8203;23372](go-gitea/gitea#23372)) ([#&#8203;23377](go-gitea/gitea#23377))
    -   Do not recognize text files as audio ([#&#8203;23355](go-gitea/gitea#23355)) ([#&#8203;23368](go-gitea/gitea#23368))
    -   Fix adding of empty class name ([#&#8203;23352](go-gitea/gitea#23352)) ([#&#8203;23360](go-gitea/gitea#23360))
    -   Fix various ImageDiff/SVG bugs ([#&#8203;23312](go-gitea/gitea#23312)) ([#&#8203;23358](go-gitea/gitea#23358))
    -   Fix incorrect display for comment context menu ([#&#8203;23343](go-gitea/gitea#23343)) ([#&#8203;23344](go-gitea/gitea#23344))
    -   Remove unnecessary space on link ([#&#8203;23334](go-gitea/gitea#23334)) ([#&#8203;23340](go-gitea/gitea#23340))
    -   Fix incorrect redirect link of delete org project ([#&#8203;23327](go-gitea/gitea#23327)) ([#&#8203;23339](go-gitea/gitea#23339))
    -   Fix cannot reopen after pushing commits to a closed PR ([#&#8203;23189](go-gitea/gitea#23189)) ([#&#8203;23324](go-gitea/gitea#23324))
    -   Fix broken code editor diff preview ([#&#8203;23307](go-gitea/gitea#23307)) ([#&#8203;23320](go-gitea/gitea#23320))
    -   Support sanitising the URL by removing extra slashes in the URL ([#&#8203;21333](go-gitea/gitea#21333)) ([#&#8203;23300](go-gitea/gitea#23300))
    -   Avoid panic caused by broken payload when creating commit status ([#&#8203;23216](go-gitea/gitea#23216)) ([#&#8203;23294](go-gitea/gitea#23294))
    -   Fill head commit to in payload when notifying push commits for mirroring ([#&#8203;23215](go-gitea/gitea#23215)) ([#&#8203;23292](go-gitea/gitea#23292))
    -   Fix various bugs for "install" page ([#&#8203;23194](go-gitea/gitea#23194)) ([#&#8203;23286](go-gitea/gitea#23286))
    -   Fix GetFilesChangedBetween if the file name may be escaped ([#&#8203;23272](go-gitea/gitea#23272)) ([#&#8203;23279](go-gitea/gitea#23279))
    -   Revert relative links to absolute links in mail templates ([#&#8203;23267](go-gitea/gitea#23267)) ([#&#8203;23269](go-gitea/gitea#23269))
    -   Fix commit retrieval by tag ([#&#8203;21804](go-gitea/gitea#21804)) ([#&#8203;23266](go-gitea/gitea#23266))
    -   Use correct README link to render the README ([#&#8203;23152](go-gitea/gitea#23152)) ([#&#8203;23264](go-gitea/gitea#23264))
    -   Close the temp file when dumping database to make the temp file can be deleted on Windows ([#&#8203;23249](go-gitea/gitea#23249)) ([#&#8203;23251](go-gitea/gitea#23251))
    -   Use the correct selector to hide the checkmark of selected labels on clear ([#&#8203;23224](go-gitea/gitea#23224)) ([#&#8203;23228](go-gitea/gitea#23228))
    -   Fix incorrect checkbox behaviors in the dashboard repolist's filter ([#&#8203;23147](go-gitea/gitea#23147)) ([#&#8203;23205](go-gitea/gitea#23205))
    -   Properly flush unique queues on startup ([#&#8203;23154](go-gitea/gitea#23154)) ([#&#8203;23201](go-gitea/gitea#23201))
    -   Pass `--global` when calling `git config --get`, for consistency with `git config --set` ([#&#8203;23157](go-gitea/gitea#23157)) ([#&#8203;23199](go-gitea/gitea#23199))
    -   Make `gitea serv` respect git binary home ([#&#8203;23138](go-gitea/gitea#23138)) ([#&#8203;23197](go-gitea/gitea#23197))
    -   Change button text for commenting and closing an issue at the same time ([#&#8203;23135](go-gitea/gitea#23135)) ([#&#8203;23182](go-gitea/gitea#23182))
    -   Fix DBConsistency checks on MSSQL ([#&#8203;23132](go-gitea/gitea#23132)) ([#&#8203;23134](go-gitea/gitea#23134))
    -   Show empty repos in Admin Repository Management page ([#&#8203;23114](go-gitea/gitea#23114)) ([#&#8203;23130](go-gitea/gitea#23130))
    -   Redirect to the commit page after applying patch ([#&#8203;23056](go-gitea/gitea#23056)) ([#&#8203;23127](go-gitea/gitea#23127))
    -   Fix nil context in RenderMarkdownToHtml ([#&#8203;23092](go-gitea/gitea#23092)) ([#&#8203;23108](go-gitea/gitea#23108))
    -   Make issue meta dropdown support Enter, confirm before reloading ([#&#8203;23014](go-gitea/gitea#23014)) ([#&#8203;23102](go-gitea/gitea#23102))
    -   Fix SyncOnCommit always return false in API of push_mirrors ([#&#8203;23088](go-gitea/gitea#23088)) ([#&#8203;23100](go-gitea/gitea#23100))
    -   Fix commit name in Apply Patch page ([#&#8203;23086](go-gitea/gitea#23086)) ([#&#8203;23099](go-gitea/gitea#23099))
    -   Fix some more hidden problems ([#&#8203;23074](go-gitea/gitea#23074)) ([#&#8203;23075](go-gitea/gitea#23075))
    -   Bump golang.org/x/net from 0.4.0 to 0.7.0 ([#&#8203;22980](go-gitea/gitea#22980))
    -   Get rules by id when editing branch protection rule ([#&#8203;22932](go-gitea/gitea#22932))
    -   Fix panic when call api (/repos/{owner}/{repo}/pulls/{index}/files) ([#&#8203;22921](go-gitea/gitea#22921))
    -   Increase Content field size of gpg_import_key to MEDIUMTEXT ([#&#8203;22897](go-gitea/gitea#22897))
    -   Fix hidden commit status on multiple checks ([#&#8203;22889](go-gitea/gitea#22889))
    -   Fix update by rebase being wrongly disabled by protected base branch ([#&#8203;22825](go-gitea/gitea#22825))
    -   Make issue title edit buttons focusable and fix incorrect ajax requests ([#&#8203;22807](go-gitea/gitea#22807))
    -   Fix rerun button of Actions ([#&#8203;22798](go-gitea/gitea#22798))
    -   remove update language in ProfilePost ([#&#8203;22748](go-gitea/gitea#22748))
    -   Do not overwrite empty DefaultBranch ([#&#8203;22708](go-gitea/gitea#22708))
    -   Fix ref to trigger Actions ([#&#8203;22679](go-gitea/gitea#22679))
    -   Fix time to NotifyPullRequestSynchronized ([#&#8203;22650](go-gitea/gitea#22650))
    -   Show all projects, not just repo projects and open/closed projects  ([#&#8203;22640](go-gitea/gitea#22640))
    -   Project links should use parent link methods ([#&#8203;22587](go-gitea/gitea#22587))
    -   Fix group filter for ldap source sync ([#&#8203;22506](go-gitea/gitea#22506))
    -   Check quota limits for container uploads ([#&#8203;22450](go-gitea/gitea#22450))
    -   Fix halfCommitter and WithTx ([#&#8203;22366](go-gitea/gitea#22366))
    -   Attempt to fix TestExportUserGPGKeys ([#&#8203;22159](go-gitea/gitea#22159))
    -   Fix heatmap first color being unused ([#&#8203;22157](go-gitea/gitea#22157))
    -   Fix scroll over mermaid frame ([#&#8203;21925](go-gitea/gitea#21925))
    -   Move migration test fixtures to the correct directories ([#&#8203;21901](go-gitea/gitea#21901))
    -   fix(web): add `alt` for logo in home page ([#&#8203;21887](go-gitea/gitea#21887))
    -   Fix webhook attachment text is not set in review comment ([#&#8203;21763](go-gitea/gitea#21763))
    -   Alter package_version.metadata_json to LONGTEXT ([#&#8203;21667](go-gitea/gitea#21667))
    -   Ensure that Webhook tasks are not double delivered ([#&#8203;21558](go-gitea/gitea#21558))
-   TESTING
    -   Make CI use a dummy password hasher for all tests ([#&#8203;22983](go-gitea/gitea#22983))
    -   Disable test for incoming email ([#&#8203;22686](go-gitea/gitea#22686))
    -   Move fuzz tests into tests/fuzz ([#&#8203;22376](go-gitea/gitea#22376))
    -   Test views of LFS files ([#&#8203;22196](go-gitea/gitea#22196))
    -   Specify ID in `TestAPITeam` ([#&#8203;22192](go-gitea/gitea#22192))
    -   verify nodeinfo response by schema  ([#&#8203;22137](go-gitea/gitea#22137))
    -   Skip GitHub migration tests if the API token is undefined ([#&#8203;21824](go-gitea/gitea#21824))
    -   Add a simple test for external renderer ([#&#8203;20033](go-gitea/gitea#20033))
-   TRANSLATION
    -   Use "Title Case" for text "Reference in new issue" ([#&#8203;22936](go-gitea/gitea#22936))
-   BUILD
    -   Wrap unless-check in docker manifests ([#&#8203;23079](go-gitea/gitea#23079)) ([#&#8203;23081](go-gitea/gitea#23081))
    -   Adjust manifest to prevent tagging latest on rcs ([#&#8203;22811](go-gitea/gitea#22811))
    -   update to build with go1.20 ([#&#8203;22732](go-gitea/gitea#22732))
    -   Add Bash and Zsh completion scripts ([#&#8203;22646](go-gitea/gitea#22646))
    -   Add Contributed backport command ([#&#8203;22643](go-gitea/gitea#22643))
    -   Remove deprecated packages & staticcheck fixes ([#&#8203;22012](go-gitea/gitea#22012))
    -   Update to Alpine 3.17 ([#&#8203;21904](go-gitea/gitea#21904))
    -   Fix webpack license warning ([#&#8203;21815](go-gitea/gitea#21815))
-   DOCS
    -   Update documentation for the new YAML label file format  ([#&#8203;23020](go-gitea/gitea#23020)) ([#&#8203;23341](go-gitea/gitea#23341))
    -   Update hacking-on-gitea-zh_cn documentation ([#&#8203;23315](go-gitea/gitea#23315)) ([#&#8203;23323](go-gitea/gitea#23323))
    -   Add basic documentation for labels, including scoped labels ([#&#8203;23304](go-gitea/gitea#23304)) ([#&#8203;23309](go-gitea/gitea#23309))
    -   Re-add accidentally removed `hacking-on-gitea.zh-cn.md` ([#&#8203;23297](go-gitea/gitea#23297)) ([#&#8203;23305](go-gitea/gitea#23305))
    -   Fix secrets overview page missing from docs sidebar ([#&#8203;23143](go-gitea/gitea#23143)) ([#&#8203;23145](go-gitea/gitea#23145))
    -   Add some guidelines for refactoring ([#&#8203;22880](go-gitea/gitea#22880))
    -   Explain that the no-access team unit does not affect public repositories ([#&#8203;22661](go-gitea/gitea#22661))
    -   Fix incorrect Redis URL snippets in the example app.ini ([#&#8203;22573](go-gitea/gitea#22573))
    -   docs: add swagger.json file location to FAQ ([#&#8203;22489](go-gitea/gitea#22489))
    -   Update index.de-de.md ([#&#8203;22363](go-gitea/gitea#22363))
    -   Update Gmail mailer configuration ([#&#8203;22291](go-gitea/gitea#22291))
    -   Add missed reverse proxy authentication documentation ([#&#8203;22250](go-gitea/gitea#22250))
    -   Add plural definitions for German translations ([#&#8203;21802](go-gitea/gitea#21802))
    -   Attempt clarify AppWorkPath etc. ([#&#8203;21656](go-gitea/gitea#21656))
    -   Add some documentation to packages ([#&#8203;21648](go-gitea/gitea#21648))
-   MISC
    -   Use `<nav>` instead of `<div>` in the global navbar ([#&#8203;23125](go-gitea/gitea#23125)) ([#&#8203;23533](go-gitea/gitea#23533))
    -   Do not create commit graph for temporary repos ([#&#8203;23219](go-gitea/gitea#23219)) ([#&#8203;23229](go-gitea/gitea#23229))
    -   Update button is shown when a Pull Request is marked WIP - Issue [#&#8203;21740](go-gitea/gitea#21740) ([#&#8203;22683](go-gitea/gitea#22683))
    -   Add main landmark to templates and adjust titles ([#&#8203;22670](go-gitea/gitea#22670))
    -   Fix error on account activation with wrong passwd ([#&#8203;22609](go-gitea/gitea#22609))
    -   Update JS dependencies ([#&#8203;22538](go-gitea/gitea#22538))
    -   Display unreferenced packages total size in package admin panel ([#&#8203;22498](go-gitea/gitea#22498))
    -   Mobile fix for Project view: Add delay to Sortable.js on mobile, to ensure scrolling is possible. ([#&#8203;22152](go-gitea/gitea#22152))
    -   Update chroma to v2.4.0 ([#&#8203;22000](go-gitea/gitea#22000))
    -   Hide collapse icon in diff with no lines ([#&#8203;21094](go-gitea/gitea#21094))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNC4wIiwidXBkYXRlZEluVmVyIjoiMzUuMTQuMCJ9-->

Co-authored-by: Michael Wittig <michael.wittig@posteo.de>
Reviewed-on: https://gitea.sh4ke.rocks/sh4ke/k8s-projects/pulls/113
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/feature Completely new functionality. Can only be merged if feature freeze is not active. type/refactoring Existing code has been cleaned up. There should be no new functionality.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

GroupClaimName not used to map user to team