1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-01-04 14:48:59 -05:00
forgejo/release-notes-published/9.0.0.md
Earl Warren 8dbd2da593
chore(release-notes): keep release notes in release-notes-published
As of Forgejo 8.0.1 the release notes were only available in the
description of the corresponding milestone which is problematic for:

- searching
- safekeeping

The release-notes-published directory is created to remedy those problems:

- a copy of all those release notes from the milestones descriptions
  is added.
- a reference is added to the RELEASE-NOTES.md file which will no
  longer be used.
- a symbolic link to the RELEASE-NOTES.md is added for completeness.
- the release process will be updated to populate release-notes-published.

The RELEASE-NOTES.md file is kept where it is because it is referenced
by a number of URLs.

The release-notes directory would have been a better name but it is
already used for in flight release notes waiting for the next
release. Renaming this directory or changing it is rather involved.
2024-12-05 17:46:14 +01:00

44 KiB

A companion blog post provides additional context on this major release.

  • Breaking changes
    • PR: OIDC integrations that POST to /login/oauth/introspect without sending HTTP basic authentication will now fail with a 401 HTTP Unauthorized error. To fix the error, the client must begin sending HTTP basic authentication with a valid client ID and secret. This endpoint was previously authenticated via the introspection token itself, which is less secure.
    • PR (backported): Fixing this bug is a breaking change because existing tokens with a public scope will no longer return private resources. They have to be deleted and re-created without the public scope to restore their original behavior. The public scope of an application token does not filter out private repositories, organizations or packages in some cases. This scope is not the default, it has to be manually set via the web UI or the API. When the public scope is explicitly added to an application token that is allowed to list the repositories and packages of a user or an organization, it is meant as a restriction. For instance if a user has two repositories, one private and the other publicly visible, a token with the public scope used with the API endpoint listing the repositories that belong to this user must only return the publicly visible one and not reveal the existence of the private one.
    • PR: Drop support to build Forgejo with the optional go-git Git backend. It only affects users who built Forgejo manually using TAGS=gogits, which no longer has any effect. Moving forward, we only support the default backend using the git binary. Please get in touch if you used the go-git backend and require any assistance moving away from it.
  • User Interface features
  • User Interface bug fixes
    • PR: Bad spacing on new release page.
    • PR: Milestone assignment in new issue.
    • PR: git-grep: ensure bounded default for MatchesPerFile.
    • PR: Incorrect go to citation button.
    • PR: Incorrect HTMX support for profile card.
    • PR: Accessibility keyboard support for test actions.
    • PR: Update pull request icons.
  • Features
    • PR (backported): "Assign to me" button on PR and Issues.
    • PR (backported): Add architecture-specific removal support for arch package.
    • PR (backported): commit Add bin to Composer Metadata.
    • PR: Internationalization user experience improvements on team permissions and issue closing.
    • PR: commit Support allowed hosts for migrations to work with proxy.
    • PR: Trivial default quota configuration.
    • PR: Language detection in the repository learned about the following languages: Luau, BQN, Cron table, NMODL, Pkl, templ, FIRRTL, Julia REPL, Caddyfile.
    • PR: The following extensions or filenames in a repository are associated with the matching language: .sublime-color-scheme, MODULE.bazel.lock, Cargo.toml.orig, tsx, justfile, .zig.zon, .envrc.
    • PR: Remove support for Couchbase as a session provider; it instead will now fallback to the file provider. The rationale for removing Couchbase support is that it's not free software, https://www.couchbase.com/blog/couchbase-adopts-bsl-license/, and therefore cannot be tested in Forgejo and neither should be supported.
    • PR: git-grep: allow searching for words with initial dashes.
    • PR: git-grep: skip binary files.
    • PR: commit Forgejo Actions logs are compressed by default. It can be disabled by setting [actions].LOG_COMPRESSION=none.
    • PR: Support grouping by any path for arch package.
    • PR: Remove expensive nearest branch calculatations ($.BranchName) from commit diff view (/:owner/:repo/commit/:commit).
    • PR: Allow push mirrors to use a SSH key as the authentication method for the mirroring action instead of using user:password authentication. The SSH keypair is created by Forgejo and the destination repository must be configured with the public key to allow for push over SSH.
    • PR: commit Use UTC as a timezone when running scheduled actions tasks.
    • PR: commit The actions logs older than [actions].LOG_RETENTION_DAYS days are removed (the default is 365).
    • PR: Add signature support for the RPM module.
    • PR: Allow color and background-color style properties for table cells.
    • PR: commit: support pull_request_target event for commit status.
    • PR: commit: support delete user email in admin panel.
    • PR: Notify owner about TOTP enrollment.
    • PR: Email notifications are now sent when account security changes are made: password changed, primary email changed (email sent to old primary mail), TOTP disabled or a security key removed.
    • PR: Enable INVALIDATE_REFRESH_TOKENS.
    • PR: Sort milestones by name by default instead of the due date.
    • PR: commit allow synchronizing user status from OAuth2 login providers.
    • PR: commit add option to change mail from user display name.
    • PR: commit issue Templates: add option to have dropdown printed list.
    • PR: the default setting attachment.ALLOWED_TYPES was adjusted to allow .webp attachments in issues - a more efficient format for images like screenshots. All attachments are treated as normal files and are not re-encoded by Forgejo. If you have customized this setting, you may also want to add .webp to it for the benefit of your users, as well as to reduce server traffic and storage usage.
    • PR: Convert milestone to HTMX.
    • PR: Use the full user name in emails to address the recipient, when available.
    • PR: Enhancing OAuth2 Provider with Granular Scopes for Resource Access.
    • PR: Display URLs in .sh-session files.
    • PR: The caching of contributor stats was improved (the data used by /<user>/<repo>/activity/recent-commits) to use the configured cache TTL from the config ([cache].ITEM_TTL) instead of a hardcoded TTL of ten minutes. The computation of this operation is computationally heavy and makes a lot of requests to the database and Git on repositories with a lot of commits. It should be cached for longer than what was previously hardcoded, ten minutes.
    • PR: Add support for LFS server implementations which have batch API responses in an older/deprecated schema.
    • PR: Forgejo Actions artifacts support range requests to resume a download.
    • PR: Added the foundations of a flexible, configurable quota system.
    • PR: Logs journald integration.
    • PR: A release asset can be a URL instead of a file.
  • Bug fixes
    • PR (backported): Don't allow owner team with incorrect unit access (includes doctor fix).
    • PR (backported): Schedule workflows are canceled when pushing to the default branch.
    • PR (backported): Incorrect Discord webhook JSON for issue events.
    • PR (backported): commit wrong last modify time.
    • PR (backported): commit Repo Activity: count new issues that were closed.
    • PR (backported): commit incorrect /tokens API.
    • PR (backported): commit Do not escape relative path in RPM primary index.
    • PR: commit Handle invalid target when creating releases using API.
    • PR: commit /repos/{owner}/{repo}/pulls/{index}/files endpoint not populating previous_filename.
    • PR: Improve textarea paste.
    • PR: commit Handle "close" actionable references for manual merges.
    • PR: commit Team admins are allowed to search team members via the API.
    • PR: commit Don't return 500 if mirror url contains special chars.
    • PR: commit Agit automerge is not working properly.
    • PR: Improve the display of PR & issue short links.
    • PR: Migrate scoped GitLab labels as scoped Forgejo labels.
    • PR: commit /repos/{owner}/{repo}/pulls/{index} requested_reviewers contains null for teams.
    • PR: Validate title length when updating an issue.
    • PR: commit Hide the "Details" link of commit status when the user cannot access actions.
    • PR: commit The API endpoint to get the actions registration token is GET /repos/{owner}/{repo}/actions/runners/registration-token and not GET /repos/{owner}/{repo}/runners/registration-token.
    • PR: commit Runner registration token via API is broken for repo level runners.
    • PR: commit Deleted projects causes bad popover text on issues.
    • PR: commit Distinguish LFS object errors to ignore missing objects during migration.
    • PR: commit When viewing the revision history of wiki pages, the pagination links are broken: instead of org/repo/wiki/Page?action=_revision&page=2, the link is only org/repo/wiki/Page?page=2, thus bringing the user back to the wiki page.
    • PR: commit Also rename the head branch of open pull requests when renaming a branch.
    • PR: commit: add return type to GetRawFileOrLFS and GetRawFile.
    • PR: commit: properly filter issue list given no assignees filter.
    • PR: Cron task to cleanup dangling container images with version sha256:*.
    • PR: Allow updates to runners' secrets.
    • PR: Do not fire webhook notifications for updates and deletions of comments that are part of an ongoing review (a review that is still in draft). Also, content history will not be saved for such comments, to avoid exposing fixing embarrassing typos you've have made while the review was still pending.
    • PR: Fixed social media previews for links to wiki pages.
  • Localization
    • Updates of translations from Codeberg Translate.
    • PR: Improve the clarity of confirmation in email messages.
    • PR (backported): Fine tune language for units.
    • PR (backported): Improve translation strings for webhook events.
    • PR: Allow different translations of creation links and titles.
    • PR: English strings improvements for internationalization.
    • PR: Encourage participation in the localization of Forgejo in language settings.