209 Commits

Author SHA1 Message Date
Lunny Xiao
a084bdb556 Update zh tw languages and fix some broken links 2026-07-01 14:47:51 -07:00
TheFox0x7
9558006c39 update binary verification section (#449)
---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/449
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
2026-07-01 17:22:39 +00:00
Lunny Xiao
1033f033bc Add 1.27 rc0 documentation (#453)
Reviewed-on: https://gitea.com/gitea/docs/pulls/453
Reviewed-by: Zettat123 <39446+zettat123@noreply.gitea.com>
2026-07-01 17:14:52 +00:00
Renovate Bot
24fdff218d fix(deps): update dependency @mui/material to v9.1.2 (#450)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@mui/material](https://mui.com/material-ui/) ([source](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material)) | [`9.1.1` → `9.1.2`](https://renovatebot.com/diffs/npm/@mui%2fmaterial/9.1.1/9.1.2) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@mui%2fmaterial/9.1.2?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@mui%2fmaterial/9.1.1/9.1.2?slim=true) |

---

### Release Notes

<details>
<summary>mui/material-ui (@&#8203;mui/material)</summary>

### [`v9.1.2`](https://github.com/mui/material-ui/blob/HEAD/CHANGELOG.md#912)

[Compare Source](https://github.com/mui/material-ui/compare/v9.1.1...v9.1.2)

<!-- generated comparing v9.1.1..master -->

*Jun 23, 2026*

A big thanks to the 5 contributors who made this release possible.

##### `@mui/material@9.1.2`

- \[autocomplete] Don't submit forms when committing `freeSolo` value with Enter key ([#&#8203;48679](https://github.com/mui/material-ui/issues/48679)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[transitions] Fix RTG import in ESM ([#&#8203;48645](https://github.com/mui/material-ui/issues/48645)) [@&#8203;mj12albert](https://github.com/mj12albert)

##### `@mui/system@9.1.2`

- \[InitColorSchemeScript] Fix script tag warning in Next.js 16 dev mode ([#&#8203;48671](https://github.com/mui/material-ui/issues/48671)) [@&#8203;siriwatknp](https://github.com/siriwatknp)

##### Docs

- Fix typos in release instructions ([#&#8203;48687](https://github.com/mui/material-ui/issues/48687)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- Update [@&#8203;mui/x-](https://github.com/mui/x-)\* packages to latest ([#&#8203;48661](https://github.com/mui/material-ui/issues/48661)) [@&#8203;Janpot](https://github.com/Janpot)

##### Core

- \[code-infra] Convert leaf [@&#8203;mui/system](https://github.com/mui/system) .js+.d.ts pairs to TypeScript (part 1) ([#&#8203;48578](https://github.com/mui/material-ui/issues/48578)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Bump to latest code-infra packages ([#&#8203;48672](https://github.com/mui/material-ui/issues/48672)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[code-infra] Resolve remaining minimatch advisory ([#&#8203;48662](https://github.com/mui/material-ui/issues/48662)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Bump nx to resolve minimatch advisory ([#&#8203;48658](https://github.com/mui/material-ui/issues/48658)) [@&#8203;Janpot](https://github.com/Janpot)
- \[core] Drop @&#8203;babel/\* pnpm overrides ([#&#8203;48710](https://github.com/mui/material-ui/issues/48710)) [@&#8203;Janpot](https://github.com/Janpot)
- \[docs-infra] Revert "Pin StackBlitz demo vite to v7 and plugin-react to v5" ([#&#8203;48709](https://github.com/mui/material-ui/issues/48709)) [@&#8203;Janpot](https://github.com/Janpot)
- \[docs-infra] Fix code-block copy button broken on direct page load ([#&#8203;48653](https://github.com/mui/material-ui/issues/48653)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[test] Stabilize Data Grid demo data in Argos screenshots ([#&#8203;48654](https://github.com/mui/material-ui/issues/48654)) [@&#8203;LukasTy](https://github.com/LukasTy)

All contributors of this release in alphabetical order: [@&#8203;brijeshb42](https://github.com/brijeshb42), [@&#8203;Janpot](https://github.com/Janpot), [@&#8203;LukasTy](https://github.com/LukasTy), [@&#8203;mj12albert](https://github.com/mj12albert), [@&#8203;siriwatknp](https://github.com/siriwatknp)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/450
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
2026-07-01 03:30:52 +00:00
Nicolas
7aae398e37 docs: Update as we now support continue-on-error in 1.27 (#452)
Reviewed-on: https://gitea.com/gitea/docs/pulls/452
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Nicolas <bircni@icloud.com>
2026-07-01 03:20:59 +00:00
Renovate Bot
09bde5a387 chore(deps): update pnpm to v11.9.0 (#446)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [pnpm](https://pnpm.io) ([source](https://github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`11.7.0` → `11.9.0`](https://renovatebot.com/diffs/npm/pnpm/11.7.0/11.9.0) | ![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/11.9.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/11.7.0/11.9.0?slim=true) |

---

### Release Notes

<details>
<summary>pnpm/pnpm (pnpm)</summary>

### [`v11.9.0`](https://github.com/pnpm/pnpm/releases/tag/v11.9.0): pnpm 11.9

[Compare Source](https://github.com/pnpm/pnpm/compare/v11.8.0...v11.9.0)

#### Minor Changes

- [`bae694f`](https://github.com/pnpm/pnpm/commit/bae694f): Some registries generate tarballs on-demand and cannot provide an integrity checksum in their package metadata. In that case pnpm now computes the integrity from the downloaded tarball and stores it in the lockfile, so the entry is verifiable on subsequent installs instead of being written without an integrity (which would fail the next install). This also applies to `--lockfile-only`: the tarball is downloaded so its integrity can be computed. A lockfile entry that is still missing its integrity is rejected as a `ERR_PNPM_MISSING_TARBALL_INTEGRITY` lockfile verification violation (the install fails closed) rather than being silently re-fetched.
- [`6c35a43`](https://github.com/pnpm/pnpm/commit/6c35a43): Added `--exclude-peers` to `pnpm sbom`. With `auto-install-peers` (the default), peer dependencies resolve into the lockfile and are otherwise indistinguishable from the package's own dependencies. The flag drops peer dependencies (and any transitive subtree reachable only through them) from the SBOM. CycloneDX 1.7 has no scope or relationship that expresses "consumer-provided peer", so omission is the only spec-clean handling. The flag name matches `pnpm list --exclude-peers`; note the SBOM flag prunes a peer's exclusive subtree, which is stricter than `pnpm list` (which only hides leaf peers).

#### Patch Changes

- [`25a829e`](https://github.com/pnpm/pnpm/commit/25a829e): `pnpm audit --fix` now writes a single combined `minimumReleaseAgeExclude` entry per package (e.g. `axios@0.18.1 || 0.21.1`) instead of one entry per version, matching the format documented for the setting. Existing per-version entries in `pnpm-workspace.yaml` are merged into the combined form rather than left as duplicates. Installs that auto-collect immature versions into `minimumReleaseAgeExclude` now report the same combined entries, so the "Added N entries" message matches what is written to the manifest [#&#8203;12534](https://github.com/pnpm/pnpm/issues/12534).

- [`1cbb5f2`](https://github.com/pnpm/pnpm/commit/1cbb5f2): Fixed non-deterministic peer resolution that could add or remove an optional transitive peer — for example `@babel/core`, reached through `styled-jsx` — from a package's peer-dependency suffix across otherwise identical installs, churning the lockfile and causing intermittent `pnpm dedupe --check` failures in CI. When a package's children are resolved by one occurrence (the "owner") and reused by a deeper consumer, whether that consumer inherited the owner's missing peers depended on whether the owner's resolution had finished yet — a race under concurrent resolution. The decision is now a function of the dependency graph's structure rather than resolution-completion order.

- [`d577eea`](https://github.com/pnpm/pnpm/commit/d577eea): Fixed a Windows flakiness in `pnpm dlx` where a failed install could surface a spurious `EBUSY: resource busy or locked` error. The cleanup of a partially-populated dlx cache is now best-effort with retries and no longer masks the original error.

- [`ec7cf70`](https://github.com/pnpm/pnpm/commit/ec7cf70): Shortened the `pnpm dlx` cache path so deep dependency trees no longer overflow Windows' `MAX_PATH`, which could make a dependency's lifecycle script fail with `spawn cmd.exe ENOENT`.

- [`05b95ab`](https://github.com/pnpm/pnpm/commit/05b95ab): Fixed `pnpm` hanging (and crashing with an unhandled promise rejection) when a non-retryable network error such as `SELF_SIGNED_CERT_IN_CHAIN` occurs while fetching from a registry. The error is now rejected through the returned promise instead of being thrown inside the detached retry callback.

- [`d3f68e2`](https://github.com/pnpm/pnpm/commit/d3f68e2): Fix a `pnpm audit` performance regression on lockfiles that contain dependency cycles. The reachable-vulnerability pruning added in pnpm 11.5.1 only memoized acyclic subtrees, so any node whose subtree touched a cycle — together with all of its ancestors — was recomputed on every query, making the path walk quadratic. Reachability is now computed once per node using Tarjan's strongly-connected-components algorithm, so cyclic graphs are handled in linear time [#&#8203;12212](https://github.com/pnpm/pnpm/issues/12212).

  The audit path walk also no longer recurses, so a deeply nested dependency graph can no longer overflow the call stack, and the install path to each finding is tracked without per-node copying, keeping memory linear in the graph depth.

- [`322f88f`](https://github.com/pnpm/pnpm/commit/322f88f): Fix failed optional dependency updates so they don't rewrite unrelated dependency specs [#&#8203;11267](https://github.com/pnpm/pnpm/issues/11267).

- [`1488db1`](https://github.com/pnpm/pnpm/commit/1488db1): When `enableGlobalVirtualStore` is toggled on for a project that was previously installed without it, stale hoisted symlinks under `node_modules/.pnpm/node_modules` are now replaced instead of being left pointing at the old per-project virtual store location [#&#8203;9739](https://github.com/pnpm/pnpm/issues/9739).

- [`6545793`](https://github.com/pnpm/pnpm/commit/6545793): Fixed `pnpm install --ignore-workspace` overwriting the `allowBuilds` map in `pnpm-workspace.yaml`. The ignored builds of a package with a build script were auto-populated into `allowBuilds` even though `--ignore-workspace` was passed, clobbering committed `true`/`false` values with the `set this to true or false` placeholder [#&#8203;12469](https://github.com/pnpm/pnpm/issues/12469).

- [`fbdc0eb`](https://github.com/pnpm/pnpm/commit/fbdc0eb): Fixed `minimumReleaseAgeExclude` and `trustPolicyExclude` so multiple exact-version entries for the same package behave the same as a single `||` disjunction entry. Previously only the first matching rule's versions were honored, so a config like `[form-data@4.0.6, form-data@2.5.6]` could still flag `form-data@2.5.6` as violating `minimumReleaseAge`, while `[form-data@4.0.6 || 2.5.6]` worked as expected [#&#8203;12463](https://github.com/pnpm/pnpm/issues/12463).

- [`fa7004b`](https://github.com/pnpm/pnpm/commit/fa7004b): The in-memory package metadata cache is now populated on the exact-version disk fast path, so repeated resolutions of the same package within one install no longer re-read and re-parse the on-disk metadata. In large monorepos this brings the time for adding a new package down from minutes to seconds. The in-memory cache key now also includes the registry, so a package of the same name served by two different registries in a single install can no longer share a cache slot and resolve the wrong tarball.

- [`0a154b1`](https://github.com/pnpm/pnpm/commit/0a154b1): Fixed `pnpm patch` dropping the package name (and leaking internal option fields) when the patched dependency resolves to a single git-hosted version.

- [`4d3fe4b`](https://github.com/pnpm/pnpm/commit/4d3fe4b): The pnpr resolver endpoints moved under the reserved `/-/pnpr` namespace: `POST /v1/resolve` is now `POST /-/pnpr/v0/resolve` and `POST /v1/verify-lockfile` is now `POST /-/pnpr/v0/verify-lockfile`. The capability handshake at `GET /-/pnpr` advertises protocol version `0` to match. This keeps every pnpr-proprietary route in npm's reserved namespace, so it can never collide with a package path.

- [`0ec878d`](https://github.com/pnpm/pnpm/commit/0ec878d): Removing a runtime dependency now removes the matching `devEngines.runtime` or `engines.runtime` entry that was materialized from it. Blank runtime selectors are normalized to `latest`.

- [`17e7f2c`](https://github.com/pnpm/pnpm/commit/17e7f2c): `pnpm sbom` now emits a CycloneDX `issue-tracker` external reference for components (and the root) whose `package.json` declares a `bugs` URL. Email-only `bugs` entries are skipped, since the reference requires a URL.

- [`a84d2a1`](https://github.com/pnpm/pnpm/commit/a84d2a1): Add `@pnpm/resolving.tarball-url`, which builds and recognizes the canonical npm tarball URL of a package. It vendors `getNpmTarballUrl` (previously the external `get-npm-tarball-url` package) and adds `isCanonicalRegistryTarballUrl`, the predicate the lockfile writer uses to decide whether a tarball URL is derivable from name+version+registry (and can therefore be omitted from `pnpm-lock.yaml`).

  Exposing `isCanonicalRegistryTarballUrl` lets a custom resolver (pnpmfile `resolvers`) fronting a proxy that serves tarballs on a non-canonical path (e.g. an ephemeral `localhost:<port>`) rewrite the resolved tarball to the canonical form, so nothing host-specific is persisted to the lockfile. Previously this logic was private to `@pnpm/lockfile.utils`.

  Two correctness fixes are included while consolidating the logic: the scoped-package unescape now handles uppercase `%2F` as well as `%2f` (percent-encoding is case-insensitive), and protocol-insensitive comparison strips only a leading `http(s)://` scheme instead of splitting on the first `://` (which could truncate URLs containing a later `://`).

- [`852d537`](https://github.com/pnpm/pnpm/commit/852d537): Lockfile verification no longer reports a registry metadata fetch failure (for example a `403`/`401` on a private registry, or a network error) as `ERR_PNPM_TARBALL_URL_MISMATCH`. When the registry can't be reached to verify an entry, the install now aborts with the registry's own fetch error (such as `ERR_PNPM_FETCH_403`, which already explains the authentication situation) instead of mislabeling a transport failure as lockfile tampering. Registry fetch errors no longer leak basic-auth credentials embedded in the registry URL (`https://user:pass@host/`) into their message.

<!-- sponsors -->

#### Platinum Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://bit.cloud/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer"><img src="https://pnpm.io/img/users/bit.svg" width="80" alt="Bit"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://openai.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/openai_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/openai_light.svg" />
            <img src="https://pnpm.io/img/users/openai_dark.svg" width="160" alt="OpenAI" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

#### Gold Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://sanity.io/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/sanity.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/sanity_light.svg" />
            <img src="https://pnpm.io/img/users/sanity.svg" width="120" alt="Sanity" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://discord.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/discord.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/discord_light.svg" />
            <img src="https://pnpm.io/img/users/discord.svg" width="220" alt="Discord" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://vite.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer"><img src="https://pnpm.io/img/users/vitejs.svg" width="42" alt="Vite"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://serpapi.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/serpapi_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/serpapi_light.svg" />
            <img src="https://pnpm.io/img/users/serpapi_dark.svg" width="160" alt="SerpApi" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://coderabbit.ai/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/coderabbit.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/coderabbit_light.svg" />
            <img src="https://pnpm.io/img/users/coderabbit.svg" width="220" alt="CodeRabbit" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://stackblitz.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/stackblitz.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/stackblitz_light.svg" />
            <img src="https://pnpm.io/img/users/stackblitz.svg" width="190" alt="Stackblitz" />
          </picture>
        </a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://workleap.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/workleap.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/workleap_light.svg" />
            <img src="https://pnpm.io/img/users/workleap.svg" width="190" alt="Workleap" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://nx.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/nx.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/nx_light.svg" />
            <img src="https://pnpm.io/img/users/nx.svg" width="50" alt="Nx" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

<!-- sponsors end -->

### [`v11.8.0`](https://github.com/pnpm/pnpm/releases/tag/v11.8.0): pnpm 11.8

[Compare Source](https://github.com/pnpm/pnpm/compare/v11.7.0...v11.8.0)

#### Minor Changes

- [`c112b61`](https://github.com/pnpm/pnpm/commit/c112b61): Added a `--dry-run` option to `pnpm install`. It runs a full dependency resolution and reports what an install would change, but writes nothing to disk (no lockfile, no `node_modules`) and always exits with code 0. This mirrors the preview semantics of `npm install --dry-run` [#&#8203;7340](https://github.com/pnpm/pnpm/issues/7340).
- [`179ebc4`](https://github.com/pnpm/pnpm/commit/179ebc4): `pnpm run --no-bail` now exits with a non-zero exit code when any of the executed scripts fail, while still running every matched script to completion. This makes the exit-code behavior of `--no-bail` consistent between recursive and non-recursive runs (recursive runs already failed at the end). Previously, a non-recursive `pnpm run --no-bail` always exited with code 0, even when a script failed [#&#8203;8013](https://github.com/pnpm/pnpm/issues/8013).
- [`0474a9c`](https://github.com/pnpm/pnpm/commit/0474a9c): Added support for generating Node.js package maps at `node_modules/.package-map.json` during isolated and hoisted installs. Added the `node-experimental-package-map` setting to inject the generated map into pnpm-managed Node.js script environments, and the `node-package-map-type` setting to choose between `standard` and `loose` package maps.
- [`dcededc`](https://github.com/pnpm/pnpm/commit/dcededc): `pnpm sbom` now marks components reachable only through `devDependencies` with CycloneDX `scope: "excluded"` and the `cdx:npm:package:development` property. The `excluded` scope documents "component usage for test and other non-runtime purposes", which matches the semantics of a devDependency; the property is the CycloneDX npm-taxonomy marker emitted by `@cyclonedx/cyclonedx-npm`, so both modern (scope) and existing (property) consumers are covered. Components reachable at runtime (including installed `optionalDependencies`) omit `scope` and default to `required`.
- [`1495cb0`](https://github.com/pnpm/pnpm/commit/1495cb0): Added per-package SBOM generation with `--out` and `--split` flags. Use `--out out/%s.cdx.json` to write one SBOM per workspace package to individual files, or `--split` for NDJSON output to stdout. When `--filter` selects a single package, the SBOM root component now uses that package's metadata. Workspace inter-dependencies (`workspace:` protocol) and their transitive dependencies are included. Author, repository, and license fall back to the root manifest when the package doesn't define them.
- [`293921a`](https://github.com/pnpm/pnpm/commit/293921a): feat(view): support searching project manifest upward when package name is omitted

  When running `pnpm view` without a package name, the command now searches
  upward for the nearest project manifest (`package.json`, `package.yaml`, or `package.json5`) and uses its `name` field.
  If the manifest exists but lacks a `name` field, an error is thrown.

  This change also replaces the `find-up` dependency with `empathic` for
  improved performance and consistency across workspace tools.

#### Patch Changes

- [`29ab905`](https://github.com/pnpm/pnpm/commit/29ab905): Fixed `pnpm update` overriding the version range policy of a named catalog whose name parses as a version (e.g. `catalog:express4-21`). The `catalog:` reference carries no pinning of its own, so the prefix from the catalog entry (such as `~`) is now preserved instead of being widened to `^` [#&#8203;10321](https://github.com/pnpm/pnpm/issues/10321).

- [`bee4bf4`](https://github.com/pnpm/pnpm/commit/bee4bf4): Security: validate config dependency names and versions from the env lockfile (`pnpm-lock.yaml`) before using them to build filesystem paths. A committed lockfile with a traversal-shaped `configDependencies` name (such as `../../PWNED`) or version (such as `../../../PWNED`) could previously cause `pnpm install` to create symlinks or write package files outside `node_modules/.pnpm-config` and the store. Names must now be valid npm package names and versions must be exact semver versions; the same validation is applied to optional subdependencies of config dependencies, and to the legacy workspace-manifest format before any lockfile is written. See [GHSA-qrv3-253h-g69c](https://github.com/pnpm/pnpm/security/advisories/GHSA-qrv3-253h-g69c).

- [`96bdd57`](https://github.com/pnpm/pnpm/commit/96bdd57): Fix `link:` workspace protocol switching to `file:` after `pnpm rm` is run from inside a workspace package whose target workspace dependency has its own dependencies, when `injectWorkspacePackages: true` is set. Follow-up to [#&#8203;10575](https://github.com/pnpm/pnpm/pull/10575), which fixed the same symptom for workspace packages without dependencies.

- [`302a2f7`](https://github.com/pnpm/pnpm/commit/302a2f7): No longer warn about using both `packageManager` and `devEngines.packageManager` when the two fields pin the same package manager at the same version with the same integrity hash (e.g. both `pnpm@11.5.1+sha512.…`). Previously the hash was stripped from the legacy `packageManager` field but not from `devEngines.packageManager`, so even identical specifications looked like a mismatch [#&#8203;12028](https://github.com/pnpm/pnpm/issues/12028).

  The warning still fires on any genuine divergence, and several cases now state the specific reason instead of a single generic message: a different package manager, a different version, or contradictory integrity hashes for the same version.

- [`3f0fb21`](https://github.com/pnpm/pnpm/commit/3f0fb21): Fixed the progress line showing leftover characters from external processes that write to the terminal between progress updates (e.g. an SSH passphrase prompt would leave a fragment like `added 0sa':`). The interactive reporter now redraws each frame in place, erasing to the end of the display before reprinting, so any such remnants are cleared [#&#8203;12350](https://github.com/pnpm/pnpm/issues/12350).

- [`564619f`](https://github.com/pnpm/pnpm/commit/564619f): Fixed `pnpm approve-builds` reporting "no packages awaiting approval" when a build-script dependency whose approval was revoked (e.g. after `git stash` drops the `allowBuilds` from `pnpm-workspace.yaml`) is re-added. The revoked packages are now correctly recorded in `.modules.yaml` so `approve-builds` can find them. [#&#8203;12221](https://github.com/pnpm/pnpm/issues/12221)

- [`3d1fd20`](https://github.com/pnpm/pnpm/commit/3d1fd20): Skip the redundant "target bin directory already contains an exe called node" warning on Windows when the existing `node.exe` already matches the target (same hard link or identical content) [pnpm/pnpm#12203](https://github.com/pnpm/pnpm/issues/12203).

- [`1b02b47`](https://github.com/pnpm/pnpm/commit/1b02b47): Fix macOS Gatekeeper blocking native binaries (`.node`, `.dylib`, `.so`) by removing the `com.apple.quarantine` extended attribute after importing them from the store.

  When pnpm imports files from its content-addressable store into `node_modules`, macOS preserves extended attributes, including `com.apple.quarantine`. If this xattr is present on a store blob (e.g. it was first written under a Gatekeeper-enabled app such as a Git client), it propagates to `node_modules`, and Gatekeeper blocks the native binary from loading even though pnpm already verified the file's integrity against the lockfile.

  After importing a package, pnpm now strips `com.apple.quarantine` from its native binaries, matching Homebrew's behaviour of dropping quarantine from verified downloads. The cleanup is macOS-only, runs in a single batched `xattr` call per package, is restricted to native binaries (other files are untouched), and is non-fatal (it logs a warning on unexpected errors).

  Fixes [#&#8203;11056](https://github.com/pnpm/pnpm/issues/11056)

- [`61969fb`](https://github.com/pnpm/pnpm/commit/61969fb): Fix `pnpm install` with `optimisticRepeatInstall` incorrectly reporting `Already up to date` when `pnpm-lock.yaml` changed but project manifests did not. This affected workflows such as checking out or restoring only the lockfile [#&#8203;12100](https://github.com/pnpm/pnpm/issues/12100).

  Also fixes `checkDepsStatus` to use the correct lockfile path when `useGitBranchLockfile` is enabled, so the optimistic fast-path and lockfile modification detection work with `pnpm-lock.<branch>.yaml` files instead of always stat'ing `pnpm-lock.yaml`. Merge-conflict detection now reads the resolved lockfile name as well, and with `mergeGitBranchLockfiles` enabled every `pnpm-lock.*.yaml` is scanned for modifications and conflicts. The git branch is now resolved by reading `.git/HEAD` directly (no process spawn) and uses the workspace directory rather than `process.cwd()`.

- [`5c12968`](https://github.com/pnpm/pnpm/commit/5c12968): Fix recursive updates of transitive dependencies when the update command mixes transitive dependency patterns with direct dependency selectors. For example, `pnpm up -r "@&#8203;babel/core" uuid` now updates matching transitive `@babel/core` dependencies even when `uuid` is a direct dependency selector [#&#8203;12103](https://github.com/pnpm/pnpm/issues/12103).

- [`9d79ba1`](https://github.com/pnpm/pnpm/commit/9d79ba1): Register the `pnpm update --no-save` flag in the CLI help and option parser.

- [`0474a9c`](https://github.com/pnpm/pnpm/commit/0474a9c): Fixed `pnpm import` for Yarn v2 lockfiles when `js-yaml` v4 is installed.

- [`9e0c375`](https://github.com/pnpm/pnpm/commit/9e0c375): Fixed `pnpm install` repeatedly prompting to remove and reinstall `node_modules` in a workspace package when `enableGlobalVirtualStore` is enabled. The post-install build step recorded a per-project `node_modules/.pnpm` virtual store directory in `node_modules/.modules.yaml`, overwriting the global `<storeDir>/links` value the install step had written. The next install then detected a virtual-store mismatch (`ERR_PNPM_UNEXPECTED_VIRTUAL_STORE`). The build step now derives the same global virtual store directory as the install step [#&#8203;12307](https://github.com/pnpm/pnpm/issues/12307).

- [`223d060`](https://github.com/pnpm/pnpm/commit/223d060): Document the `--cpu`, `--os` and `--libc` flags in the output of `pnpm install --help`. These flags were already supported but were only documented on the website [#&#8203;12359](https://github.com/pnpm/pnpm/issues/12359).

- [`e85aea2`](https://github.com/pnpm/pnpm/commit/e85aea2): Avoid reading `README.md` from disk when publishing if the publish manifest already provides a `readme` field. The README is now only read lazily, inside `createExportableManifest`, when it is actually needed.

- [`3188ae7`](https://github.com/pnpm/pnpm/commit/3188ae7): Fixed `pnpm peers check` to accept loose peer dependency ranges such as `>=3.16.0 || >=4.0.0-` when the installed peer version satisfies the range [#&#8203;12149](https://github.com/pnpm/pnpm/issues/12149).

- [`531f2a3`](https://github.com/pnpm/pnpm/commit/531f2a3): Fixed `pnpm update` rewriting a `workspace:` dependency that points at a local path (e.g. `workspace:../packages/foo/dist`) into a normalized `link:` or version-range specifier. Such specifiers are now preserved verbatim when the workspace protocol is preserved [#&#8203;3902](https://github.com/pnpm/pnpm/issues/3902).

- [`fe66535`](https://github.com/pnpm/pnpm/commit/fe66535): Fixed a lockfile non-convergence bug where an incremental install kept a duplicate transitive dependency that a fresh install would not produce. When a package is reused from the lockfile, its child edges are taken verbatim and bypass the preferred-versions walk, so a transitive dependency could stay pinned to an older version even after a direct dependency resolved to a higher version that satisfies the same range. The resolver now refreshes such a stale pin to the higher direct-dependency version during resolution — so the older version is never resolved or fetched, and the incremental result converges to the fresh one.

- [`6d35338`](https://github.com/pnpm/pnpm/commit/6d35338): `pnpm install` detects changes inside local file dependencies again. The optimistic repeat-install fast path only tracks manifest and lockfile modification times, so edits inside a local dependency's directory (or a repacked local tarball) were reported as "Already up to date". Projects with local file dependencies (`file:` and bare local path or tarball specifiers, declared directly or through `pnpm.overrides`) now always run a full install, which refetches those dependencies, matching pnpm v10 behavior [#&#8203;11795](https://github.com/pnpm/pnpm/issues/11795).

- [`4ca9247`](https://github.com/pnpm/pnpm/commit/4ca9247): Preserve the existing Node.js runtime version prefix when resolving `node@runtime:<range>` to a concrete version.

- [`30c7590`](https://github.com/pnpm/pnpm/commit/30c7590): Create shorter CAFS temporary package directories to leave room for lifecycle scripts that create IPC socket paths under TMPDIR.

- [`13815ad`](https://github.com/pnpm/pnpm/commit/13815ad): Reporter output (warnings, progress) for `pnpm store` and `pnpm config` subcommands now goes to stderr instead of stdout. This fixes scripts that capture their stdout (e.g. `PNPM_STORE=$(pnpm store path)`, `pnpm config list --json | jq`) from getting warnings mixed into the result.

- [`1c05876`](https://github.com/pnpm/pnpm/commit/1c05876): Avoid relinking unchanged child dependencies and remove stale child links during warm installs.

- [`817f99d`](https://github.com/pnpm/pnpm/commit/817f99d): Fixed lockfile churn where a package's `transitivePeerDependencies` could be dropped (and shift between packages) when the package participates in a dependency cycle. A cycle re-entry resolves against truncated children, so it must not be cached as "pure"; otherwise sibling occurrences of the same package short-circuit and lose transitive peers depending on traversal order [#&#8203;5108](https://github.com/pnpm/pnpm/issues/5108).

- [`eba03e0`](https://github.com/pnpm/pnpm/commit/eba03e0): Fix `pnpm install` reporting "Already up to date" after a catalog entry in `pnpm-workspace.yaml` was reverted to a previous version. After an update modified a catalog, the workspace state cache stored the pre-update catalog versions, so reverting the entry back to its original version was not detected as an outdated state [#&#8203;12418](https://github.com/pnpm/pnpm/issues/12418).

- [`3b54d79`](https://github.com/pnpm/pnpm/commit/3b54d79): `pnpm update` now keeps lockfile `overrides` that resolve through a catalog in sync with the catalog. Previously, when an override referenced a catalog (e.g. `overrides: { foo: 'catalog:' }`) and `pnpm update` bumped that catalog entry, the lockfile's `catalogs` advanced while the resolved `overrides` kept the old version. The resulting lockfile was internally inconsistent, so a later `pnpm install --frozen-lockfile` failed with `ERR_PNPM_LOCKFILE_CONFIG_MISMATCH`.

- [`9d0a300`](https://github.com/pnpm/pnpm/commit/9d0a300): Fixed `pnpm version --recursive` so it honors the workspace selection. In recursive mode the version bump now applies to the packages resolved from the workspace filter (`selectedProjectsGraph`), matching the behavior of `pnpm publish --recursive`, instead of always bumping every workspace package [#&#8203;11348](https://github.com/pnpm/pnpm/issues/11348).

<!-- sponsors -->

#### Platinum Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://bit.cloud/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer"><img src="https://pnpm.io/img/users/bit.svg" width="80" alt="Bit"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://openai.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/openai_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/openai_light.svg" />
            <img src="https://pnpm.io/img/users/openai_dark.svg" width="160" alt="OpenAI" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

#### Gold Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://sanity.io/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/sanity.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/sanity_light.svg" />
            <img src="https://pnpm.io/img/users/sanity.svg" width="120" alt="Sanity" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://discord.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/discord.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/discord_light.svg" />
            <img src="https://pnpm.io/img/users/discord.svg" width="220" alt="Discord" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://vite.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer"><img src="https://pnpm.io/img/users/vitejs.svg" width="42" alt="Vite"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://serpapi.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/serpapi_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/serpapi_light.svg" />
            <img src="https://pnpm.io/img/users/serpapi_dark.svg" width="160" alt="SerpApi" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://coderabbit.ai/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/coderabbit.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/coderabbit_light.svg" />
            <img src="https://pnpm.io/img/users/coderabbit.svg" width="220" alt="CodeRabbit" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://stackblitz.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/stackblitz.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/stackblitz_light.svg" />
            <img src="https://pnpm.io/img/users/stackblitz.svg" width="190" alt="Stackblitz" />
          </picture>
        </a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://workleap.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/workleap.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/workleap_light.svg" />
            <img src="https://pnpm.io/img/users/workleap.svg" width="190" alt="Workleap" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://nx.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank" rel="noopener noreferrer">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/nx.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/nx_light.svg" />
            <img src="https://pnpm.io/img/users/nx.svg" width="50" alt="Nx" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

<!-- sponsors end -->

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: https://gitea.com/gitea/docs/pulls/446
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-29 21:25:48 +00:00
Zettat123
1fb481c186 docs: add docs for scoped workflows (#447)
Related: https://github.com/go-gitea/gitea/pull/38154
---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/447
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-committed-by: Zettat123 <zettat123@gmail.com>
2026-06-28 09:32:51 +00:00
Lunny Xiao
7fe73e351f release to cloudflare as well (#448)
Reviewed-on: https://gitea.com/gitea/docs/pulls/448
2026-06-28 03:29:01 +00:00
Renovate Bot
c9216685d5 chore(deps): update actions/checkout action to v7 (#445)
Reviewed-on: https://gitea.com/gitea/docs/pulls/445
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-23 00:05:55 +00:00
Nicolas
f455b38c06 update 1.26.4 (#443)
Reviewed-on: https://gitea.com/gitea/docs/pulls/443
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Nicolas <bircni@icloud.com>
Co-committed-by: Nicolas <bircni@icloud.com>
2026-06-21 22:28:28 +00:00
Lunny Xiao
c677b5da29 update 1.26.3 (#442)
Reviewed-on: https://gitea.com/gitea/docs/pulls/442
Reviewed-by: Nicolas <bircni@icloud.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2026-06-21 07:50:31 +00:00
Renovate Bot
6d5451918d fix(deps): update dependency @mui/material to v9.1.1 (#439)
Reviewed-on: https://gitea.com/gitea/docs/pulls/439
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-19 17:20:46 +00:00
silverwind
3842dd1f55 build: update pnpm to v11 and pin exact dependencies (#441)
- bump `packageManager` to `pnpm@11.7.0`, move settings to `pnpm-workspace.yaml`, drop the npm-only `.npmrc`
- pin all dependencies to exact versions

Reviewed-on: https://gitea.com/gitea/docs/pulls/441
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-06-18 09:14:55 +00:00
Renovate Bot
4b2bcc99a2 chore(deps): update pnpm to v10.34.3 (#440)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [pnpm](https://pnpm.io) ([source](https://github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`10.34.2` → `10.34.3`](https://renovatebot.com/diffs/npm/pnpm/10.34.2/10.34.3) | ![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/10.34.3?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/10.34.2/10.34.3?slim=true) |

---

### Release Notes

<details>
<summary>pnpm/pnpm (pnpm)</summary>

### [`v10.34.3`](https://github.com/pnpm/pnpm/releases/tag/v10.34.3): pnpm 10.34.3

[Compare Source](https://github.com/pnpm/pnpm/compare/v10.34.2...v10.34.3)

##### ⚠️ Security fix — environment variables in a project `.npmrc` (action may be required)

Following [GHSA-3qhv-2rgh-x77r](https://github.com/pnpm/pnpm/security/advisories/GHSA-3qhv-2rgh-x77r), pnpm no longer expands `${ENV_VAR}` placeholders that come from a **repository-controlled** config file, because a malicious repository could otherwise use them to leak your environment secrets (npm tokens, CI job tokens, etc.) to an attacker-controlled registry during install. This applies to:

- the project/workspace `.npmrc` — `registry`, `@scope:registry`, proxy URLs, URL-scoped keys (`//host/…`), and credential values (`_authToken`, `_auth`, `_password`, `username`, `tokenHelper`, `cert`, `key`);
- registry URLs in `pnpm-workspace.yaml`.

This release also closes a bypass where a project `.npmrc` could set `userconfig`, `globalconfig`, or `prefix` to make pnpm load a repo-supplied file as *trusted* config (via `@pnpm/npm-conf@3.0.3`).

Environment variables are **still** expanded in trusted config: your user-level `~/.npmrc`, the global config, CLI options, and environment config.

**If your authentication broke after upgrading**, move the token out of the committed `.npmrc`:

```sh

# Writes to your user/global config, not the repository:
pnpm config set "//registry.npmjs.org/:_authToken" "$NPM_TOKEN"
```

Or keep the `${NPM_TOKEN}` line but put it in your user-level `~/.npmrc` instead of the repo. In **GitHub Actions**, `actions/setup-node` with `registry-url` already writes a user-level `.npmrc`, so `NODE_AUTH_TOKEN` keeps working. For other CI where editing each pipeline is hard, set `NPM_CONFIG_USERCONFIG=.npmrc` in the CI environment to declare the project `.npmrc` trusted.

See <https://pnpm.io/npmrc> for full migration details.

#### Patch Changes

- Improved the warning printed when a project `.npmrc` uses an environment variable in a registry/proxy URL or in registry credentials. The message now explains why the setting was ignored and how to migrate it to a trusted source — for example by running `pnpm config set "<key>" <value>` to store it in the global config, or by keeping the `${...}` line in the user-level `~/.npmrc` — with a link to <https://pnpm.io/npmrc>.
- A repository-controlled project or workspace `.npmrc` can no longer redirect which files pnpm loads as its trusted user and global configuration. Previously such a file could set `userconfig`, `globalconfig`, or `prefix` to point at an attacker-supplied file shipped in the repository, and pnpm would load it as a trusted config source — bypassing the protection that prevents repository config from expanding environment variables into registry request destinations and credentials, and allowing it to set `tokenHelper`. The user/global config file locations are now resolved only from trusted sources (CLI options, environment config, the npm builtin config, and defaults) before the project and workspace `.npmrc` files are read. Fixed by upgrading `@pnpm/npm-conf` to `3.0.3`.

<!-- sponsors -->

#### Platinum Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://bit.cloud/?utm_source=pnpm&utm_medium=release_notes" target="_blank"><img src="https://pnpm.io/img/users/bit.svg" width="80" alt="Bit"></a>
      </td>
    </tr>
  </tbody>
</table>

#### Gold Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://sanity.io/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/sanity.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/sanity_light.svg" />
            <img src="https://pnpm.io/img/users/sanity.svg" width="120" alt="Sanity" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://discord.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/discord.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/discord_light.svg" />
            <img src="https://pnpm.io/img/users/discord.svg" width="220" alt="Discord" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://vite.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank"><img src="https://pnpm.io/img/users/vitejs.svg" width="42" alt="Vite"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://serpapi.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/serpapi_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/serpapi_light.svg" />
            <img src="https://pnpm.io/img/users/serpapi_dark.svg" width="160" alt="SerpApi" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://coderabbit.ai/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/coderabbit.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/coderabbit_light.svg" />
            <img src="https://pnpm.io/img/users/coderabbit.svg" width="220" alt="CodeRabbit" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://stackblitz.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/stackblitz.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/stackblitz_light.svg" />
            <img src="https://pnpm.io/img/users/stackblitz.svg" width="190" alt="Stackblitz" />
          </picture>
        </a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://workleap.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/workleap.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/workleap_light.svg" />
            <img src="https://pnpm.io/img/users/workleap.svg" width="190" alt="Workleap" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://nx.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/nx.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/nx_light.svg" />
            <img src="https://pnpm.io/img/users/nx.svg" width="50" alt="Nx" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

<!-- sponsors end -->

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: https://gitea.com/gitea/docs/pulls/440
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-17 07:05:14 +00:00
Renovate Bot
49dec05ddd chore(deps): update pnpm to v10.34.2 (#438)
Reviewed-on: https://gitea.com/gitea/docs/pulls/438
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-16 16:51:52 +00:00
Nicolas
eb65e671a2 Runner docs v1.0.8 (#435)
Adds a versioned docs snapshot for Gitea Runner v1.0.8 (latest stable),
updates lastVersion and navbar to point to the new version while keeping
0.2.11 in the dropdown for historical reference.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/435
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Nicolas <bircni@icloud.com>
Co-committed-by: Nicolas <bircni@icloud.com>
2026-06-14 00:30:30 +00:00
Renovate Bot
7737ef98a4 chore(deps): update dependency @mui/material to v9.1.0 (#437)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@mui/material](https://mui.com/material-ui/) ([source](https://github.com/mui/material-ui/tree/HEAD/packages/mui-material)) | [`9.0.1` → `9.1.0`](https://renovatebot.com/diffs/npm/@mui%2fmaterial/9.0.1/9.1.0) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@mui%2fmaterial/9.1.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@mui%2fmaterial/9.0.1/9.1.0?slim=true) |

---

### Release Notes

<details>
<summary>mui/material-ui (@&#8203;mui/material)</summary>

### [`v9.1.0`](https://github.com/mui/material-ui/blob/HEAD/CHANGELOG.md#910)

[Compare Source](https://github.com/mui/material-ui/compare/v9.0.1...v9.1.0)

<!-- generated comparing v9.0.1..master -->

*Jun 8, 2026*

A big thanks to the 15 contributors who made this release possible. Here are some highlights :

- ⚙️ Support for the [prefers-reduced-motion](https://mui.com/material-ui/transitions/#reduced-motion) setting.
- ️ Improved support for Windows High Contrast mode with the [enhanceHighContrast](https://mui.com/material-ui/customization/palette/#windows-high-contrast-mode) theme wrapper.

##### `@mui/material@9.1.0`

- \[autocomplete] Enable clearing highlight when mouse leaves popup ([#&#8203;48354](https://github.com/mui/material-ui/issues/48354)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[autocomplete] Fix `freeSolo` controlled values cleared by initial `null` ([#&#8203;48611](https://github.com/mui/material-ui/issues/48611)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[autocomplete] Fix item removal when it receives focus from VoiceOver before using Backspace ([#&#8203;48572](https://github.com/mui/material-ui/issues/48572)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[autocomplete] Fix `resetHighlightOnMouseLeave` JSdoc ([#&#8203;48536](https://github.com/mui/material-ui/issues/48536)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[autocomplete] Guard against null inputRef during unmount ([#&#8203;48617](https://github.com/mui/material-ui/issues/48617)) [@&#8203;noam3127](https://github.com/noam3127)
- \[badge] Add `aria-hidden` to badge content and polish docs demos ([#&#8203;48471](https://github.com/mui/material-ui/issues/48471)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[badge] Use inline CSS variables for anchorOrigin/overlap positioning ([#&#8203;48549](https://github.com/mui/material-ui/issues/48549)) [@&#8203;siriwatknp](https://github.com/siriwatknp)
- \[button] Fix customized flex gap styles ([#&#8203;48542](https://github.com/mui/material-ui/issues/48542)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[dialog] Fix unwanted `DialogPaper` focus ring ([#&#8203;48535](https://github.com/mui/material-ui/issues/48535)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[focus trap] Fix incorrect tab order when `tabIndex >= 1` ([#&#8203;48546](https://github.com/mui/material-ui/issues/48546)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[progress] Show runtime errors only once ([#&#8203;48591](https://github.com/mui/material-ui/issues/48591)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[select] Allow spacebar to select elements ([#&#8203;48615](https://github.com/mui/material-ui/issues/48615)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[select] Support typeahead when closed ([#&#8203;48563](https://github.com/mui/material-ui/issues/48563)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[step button] Choose higher contrast ripple color for dark mode focus ([#&#8203;48612](https://github.com/mui/material-ui/issues/48612)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[stepper] Include StepConnector inside Step element ([#&#8203;48492](https://github.com/mui/material-ui/issues/48492)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[stepper] Proper support for vertical alternativeLabel ([#&#8203;48485](https://github.com/mui/material-ui/issues/48485)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[tabs] Fix React 18 roving tabindex and dedupe invalid-value warning ([#&#8203;48605](https://github.com/mui/material-ui/issues/48605)) [@&#8203;Janpot](https://github.com/Janpot)
- \[theme] Add HighContrast theme enhancer ([#&#8203;48319](https://github.com/mui/material-ui/issues/48319)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[timeline item] Fix extra ::before spacing when TimelineOppositeContent is present ([#&#8203;46663](https://github.com/mui/material-ui/issues/46663)) [@&#8203;tyalau](https://github.com/tyalau)
- \[tooltip] Prevent stuck-open tooltip when child becomes disabled ([#&#8203;48606](https://github.com/mui/material-ui/issues/48606)) [@&#8203;Janpot](https://github.com/Janpot)
- \[transitions] Custom `Transition` component ([#&#8203;48325](https://github.com/mui/material-ui/issues/48325)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[transitions] Support `prefers-reduced-motion` ([#&#8203;48357](https://github.com/mui/material-ui/issues/48357)) [@&#8203;mj12albert](https://github.com/mj12albert)

##### `@mui/utils@9.1.0`

- \[utils] Prevent prototype pollution in fastDeepAssign ([#&#8203;48580](https://github.com/mui/material-ui/issues/48580)) [@&#8203;Janpot](https://github.com/Janpot)

##### Docs

- \[docs] Add function `slotProps` documentation ([#&#8203;48574](https://github.com/mui/material-ui/issues/48574)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[docs] Clarify styled-components version compatibility ([#&#8203;48533](https://github.com/mui/material-ui/issues/48533)) [@&#8203;nightt5879](https://github.com/nightt5879)
- \[docs] Fix broken URLs ([#&#8203;48520](https://github.com/mui/material-ui/issues/48520)) [@&#8203;oliviertassinari](https://github.com/oliviertassinari)
- \[docs] Fix invalid JSON in Zed MCP setup example ([#&#8203;48490](https://github.com/mui/material-ui/issues/48490)) [@&#8203;pavan-sh](https://github.com/pavan-sh)
- \[docs] Mention release version for enhanceHighContrast ([#&#8203;48609](https://github.com/mui/material-ui/issues/48609)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[docs] Remove outdated MUI X v8 notification ([#&#8203;48600](https://github.com/mui/material-ui/issues/48600)) [@&#8203;cherniavskii](https://github.com/cherniavskii)
- \[docs] Remove redundant enhanceHighContrast information ([#&#8203;48632](https://github.com/mui/material-ui/issues/48632)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[docs-infra] Decrease loaded bundle size on docs ([#&#8203;48584](https://github.com/mui/material-ui/issues/48584)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[docs-infra] Drop multi-locale plumbing from API pages ([#&#8203;48370](https://github.com/mui/material-ui/issues/48370)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[docs-infra] Fix Cookie banner heading ([#&#8203;48529](https://github.com/mui/material-ui/issues/48529)) [@&#8203;oliviertassinari](https://github.com/oliviertassinari)
- \[docs-infra] Infinitely cache all static assets ([#&#8203;48627](https://github.com/mui/material-ui/issues/48627)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[docs-infra] Remove outdated noSEOadvantage entries ([#&#8203;48527](https://github.com/mui/material-ui/issues/48527)) [@&#8203;oliviertassinari](https://github.com/oliviertassinari)
- \[docs-infra] Restore build-only invariant throws via `NEXT_RUNTIME` guard ([#&#8203;48475](https://github.com/mui/material-ui/issues/48475)) [@&#8203;Janpot](https://github.com/Janpot)
- \[docs-infra] Test HTML validation in broken links checker ([#&#8203;48088](https://github.com/mui/material-ui/issues/48088)) [@&#8203;Janpot](https://github.com/Janpot)
- \[docs]\[icons] Fix Font Awesome Chip demo in dark mode ([#&#8203;48576](https://github.com/mui/material-ui/issues/48576)) [@&#8203;siriwatknp](https://github.com/siriwatknp)
- \[docs]\[icons] Remove redundant font awesome demo ([#&#8203;48493](https://github.com/mui/material-ui/issues/48493)) [@&#8203;ZeeshanTamboli](https://github.com/ZeeshanTamboli)
- \[docs]\[modal] Add nested modal guidance ([#&#8203;46507](https://github.com/mui/material-ui/issues/46507)) [@&#8203;JakeSaterlay](https://github.com/JakeSaterlay)
- \[docs]\[stepper] Fix focus management in examples ([#&#8203;48494](https://github.com/mui/material-ui/issues/48494)) [@&#8203;silviuaavram](https://github.com/silviuaavram)

##### Core

- Eslint markdown ([#&#8203;48371](https://github.com/mui/material-ui/issues/48371)) [@&#8203;Janpot](https://github.com/Janpot)
- \[agents] Fix some docs links ([#&#8203;48561](https://github.com/mui/material-ui/issues/48561)) [@&#8203;silviuaavram](https://github.com/silviuaavram)
- \[blog] Copy editing improvement on v9 announcement blog posts ([#&#8203;48543](https://github.com/mui/material-ui/issues/48543)) [@&#8203;joserodolfofreitas](https://github.com/joserodolfofreitas)
- \[code-infra] Cleanup unused jss packages ([#&#8203;48590](https://github.com/mui/material-ui/issues/48590)) [@&#8203;brijeshb42](https://github.com/brijeshb42)
- \[code-infra] Collapse canary workflows into nightly and nightly-cron ([#&#8203;48556](https://github.com/mui/material-ui/issues/48556)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Convert [@&#8203;mui/private-theming](https://github.com/mui/private-theming) to TypeScript ([#&#8203;48565](https://github.com/mui/material-ui/issues/48565)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Convert [@&#8203;mui/styled-engine](https://github.com/mui/styled-engine) to TypeScript ([#&#8203;48544](https://github.com/mui/material-ui/issues/48544)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Convert [@&#8203;mui/styled-engine-sc](https://github.com/mui/styled-engine-sc) to TypeScript ([#&#8203;48577](https://github.com/mui/material-ui/issues/48577)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Fix duplicate resource\_class in test\_regressions CI job ([#&#8203;48601](https://github.com/mui/material-ui/issues/48601)) [@&#8203;LukasTy](https://github.com/LukasTy)
- \[code-infra] Make [@&#8203;mui/internal-docs-utils](https://github.com/mui/internal-docs-utils) compatible with TypeScript 6 ([#&#8203;48594](https://github.com/mui/material-ui/issues/48594)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Migrate CircleCI jobs to Gen2 resource classes ([#&#8203;48593](https://github.com/mui/material-ui/issues/48593)) [@&#8203;LukasTy](https://github.com/LukasTy)
- \[code-infra] Parallelize visual regression screenshots ([#&#8203;48557](https://github.com/mui/material-ui/issues/48557)) [@&#8203;Janpot](https://github.com/Janpot)
- \[code-infra] Run nightly-cron on v7.x ([#&#8203;48579](https://github.com/mui/material-ui/issues/48579)) [@&#8203;Janpot](https://github.com/Janpot)
- \[core] Fix typescript\@&#8203;next typecheck ([#&#8203;48587](https://github.com/mui/material-ui/issues/48587)) [@&#8203;Janpot](https://github.com/Janpot)
- \[pnpm] Add security settings to pnpm-workspace.yaml ([#&#8203;48582](https://github.com/mui/material-ui/issues/48582)) [@&#8203;Janpot](https://github.com/Janpot)
- \[styled-engine-sc] Fix compatibility with Vite and Vitest ([#&#8203;48558](https://github.com/mui/material-ui/issues/48558)) [@&#8203;mj12albert](https://github.com/mj12albert)
- \[test] Add axe-core tests for mui-material ([#&#8203;48341](https://github.com/mui/material-ui/issues/48341)) [@&#8203;siriwatknp](https://github.com/siriwatknp)
- \[test] Configure Tailwind CSS in the visual-regression app ([#&#8203;48575](https://github.com/mui/material-ui/issues/48575)) [@&#8203;Janpot](https://github.com/Janpot)

All contributors of this release in alphabetical order: [@&#8203;brijeshb42](https://github.com/brijeshb42), [@&#8203;cherniavskii](https://github.com/cherniavskii), [@&#8203;JakeSaterlay](https://github.com/JakeSaterlay), [@&#8203;Janpot](https://github.com/Janpot), [@&#8203;joserodolfofreitas](https://github.com/joserodolfofreitas), [@&#8203;LukasTy](https://github.com/LukasTy), [@&#8203;mj12albert](https://github.com/mj12albert), [@&#8203;nightt5879](https://github.com/nightt5879), [@&#8203;noam3127](https://github.com/noam3127), [@&#8203;oliviertassinari](https://github.com/oliviertassinari), [@&#8203;pavan-sh](https://github.com/pavan-sh), [@&#8203;silviuaavram](https://github.com/silviuaavram), [@&#8203;siriwatknp](https://github.com/siriwatknp), [@&#8203;tyalau](https://github.com/tyalau), [@&#8203;ZeeshanTamboli](https://github.com/ZeeshanTamboli)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: https://gitea.com/gitea/docs/pulls/437
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-14 00:26:19 +00:00
Nicolas
98c4aa4bd0 fix: correct typo in FAQ regarding Configuration Summary (#436)
Reviewed-on: https://gitea.com/gitea/docs/pulls/436
Reviewed-by: TheFox0x7 <95654+thefox0x7@noreply.gitea.com>
Co-authored-by: Nicolas <bircni@icloud.com>
Co-committed-by: Nicolas <bircni@icloud.com>
2026-06-13 17:07:13 +00:00
wxiaoguang
88f92b0698 Add CONTENT_SECURITY_POLICY_GENERAL (#434)
Reviewed-on: https://gitea.com/gitea/docs/pulls/434
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
2026-06-12 01:27:20 +00:00
Renovate Bot
45165ceb22 chore(deps): update pnpm to v10.34.1 (#430)
Reviewed-on: https://gitea.com/gitea/docs/pulls/430
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-10 15:01:24 +00:00
Renovate Bot
fb856b8432 chore(deps): update dependency @easyops-cn/docusaurus-search-local to v0.55.2 (#431)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@easyops-cn/docusaurus-search-local](https://github.com/easyops-cn/docusaurus-search-local) ([source](https://github.com/easyops-cn/docusaurus-search-local/tree/HEAD/packages/docusaurus-search-local)) | [`0.55.1` → `0.55.2`](https://renovatebot.com/diffs/npm/@easyops-cn%2fdocusaurus-search-local/0.55.1/0.55.2) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@easyops-cn%2fdocusaurus-search-local/0.55.2?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@easyops-cn%2fdocusaurus-search-local/0.55.1/0.55.2?slim=true) |

---

### Release Notes

<details>
<summary>easyops-cn/docusaurus-search-local (@&#8203;easyops-cn/docusaurus-search-local)</summary>

### [`v0.55.2`](https://github.com/easyops-cn/docusaurus-search-local/releases/tag/v0.55.2)

[Compare Source](https://github.com/easyops-cn/docusaurus-search-local/compare/v0.55.1...v0.55.2)

##### Bug Fixes

- some languages need lunr wordcut ([1e60641](1e60641f5d))
- some languages need lunr wordcut ([d871555](d87155582f)), closes [#&#8203;438](https://github.com/easyops-cn/docusaurus-search-local/issues/438)

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE5MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: https://gitea.com/gitea/docs/pulls/431
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-10 02:17:40 +00:00
Renovate Bot
8bb0e9f105 chore(deps): update react monorepo to v19.2.7 (#432)
Reviewed-on: https://gitea.com/gitea/docs/pulls/432
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-06-09 14:01:39 +00:00
nico-i
eb5204f658 Added project config to issue template example (#428)
I have updated the docs since this feature is now supported.

Reviewed-on: https://gitea.com/gitea/docs/pulls/428
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: nico-i <nico@ismaili.de>
Co-committed-by: nico-i <nico@ismaili.de>
2026-05-29 16:52:56 +00:00
Zettat123
95106c08e9 docs: split MAX_CREATION_LIMIT into USER_MAX_CREATION_LIMIT and ORG_MAX_CREATION_LIMIT (#427)
Related https://github.com/go-gitea/gitea/pull/37872

Reviewed-on: https://gitea.com/gitea/docs/pulls/427
Reviewed-by: Nicolas <bircni@icloud.com>
Co-authored-by: Zettat123 <39446+zettat123@noreply.gitea.com>
Co-committed-by: Zettat123 <39446+zettat123@noreply.gitea.com>
2026-05-28 17:29:35 +00:00
wxiaoguang
478059a7ed Update SSH_PORT comment 2026-05-27 06:01:42 +00:00
harryzcy
69e92d33ec docs: update conan login command for conan v2 (#426)
Conan v1 reached end-of-life. https://blog.conan.io/2024/09/30/Conan-Center-will-stop-receiving-updates-for-Conan-1.html
The command for conan v2 login has changed to `conan remote login`. https://docs.conan.io/2/reference/commands/remote.html#conan-remote-login

I briefly looked at Gitea codebase. Gitea supports conan v2 cli (given functions like `DeleteRecipeV2` and `SearchPackagesV2`)

---------

Co-authored-by: Chongyi Zheng <git@zcy.dev>
Reviewed-on: https://gitea.com/gitea/docs/pulls/426
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: harryzcy <37645+harryzcy@noreply.gitea.com>
Co-committed-by: harryzcy <37645+harryzcy@noreply.gitea.com>
2026-05-26 07:53:05 +00:00
Lunny Xiao
21aad7f5d1 update 1.26.2 (#424)
Reviewed-on: https://gitea.com/gitea/docs/pulls/424
Reviewed-by: Nicolas <bircni@icloud.com>
2026-05-20 21:59:25 +00:00
wxiaoguang
8b31adbc6f fix: make DEFAULT_TITLE_SOURCE default to auto 2026-05-19 08:07:42 +00:00
Renovate Bot
eea1d90216 chore(deps): update react monorepo to v19.2.6 (#423)
Reviewed-on: https://gitea.com/gitea/docs/pulls/423
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-05-14 16:52:34 +00:00
Renovate Bot
19c2342e2f chore(deps): update dependency @mui/material to v9.0.1 (#422)
Reviewed-on: https://gitea.com/gitea/docs/pulls/422
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-05-14 16:36:03 +00:00
Renovate Bot
d9effabc6c chore(deps): update pnpm to v10.33.4 (#418)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [pnpm](https://pnpm.io) ([source](https://github.com/pnpm/pnpm/tree/HEAD/pnpm)) | [`10.33.2` → `10.33.4`](https://renovatebot.com/diffs/npm/pnpm/10.33.2/10.33.4) | ![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/10.33.4?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/10.33.2/10.33.4?slim=true) |

---

> ⚠️ **Warning**
>
> Some dependencies could not be looked up. Check the [Dependency Dashboard](issues/114) for more information.

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNjAuNiIsInVwZGF0ZWRJblZlciI6IjQzLjE2NS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/418
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-05-07 17:23:56 +00:00
Lunny Xiao
54af905d63 rename act runner to runner (#390)
Depends on gitea/runner#850

---------

Co-authored-by: Nicolas <bircni@icloud.com>
Co-authored-by: silverwind <me@silverwind.io>
Reviewed-on: https://gitea.com/gitea/docs/pulls/390
Reviewed-by: techknowlogick <9+techknowlogick@noreply.gitea.com>
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-by: Nicolas <bircni@icloud.com>
2026-05-07 17:18:58 +00:00
wxiaoguang
b6b8dbcc64 Update SQLITE_TIMEOUT (#419)
Reviewed-on: https://gitea.com/gitea/docs/pulls/419
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
2026-05-07 12:59:34 +00:00
silverwind
5bab08db10 Note OpenSearch compatibility for elasticsearch indexer (#417)
https://github.com/go-gitea/gitea/pull/37411

---
This PR was written with the help of Claude Opus 4.7

Reviewed-on: https://gitea.com/gitea/docs/pulls/417
Reviewed-by: Nicolas <bircni@icloud.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-05-04 11:38:21 +00:00
Renovate Bot
173bc20908 chore(deps): update docusaurus monorepo to v3.10.1 (#392)
This PR contains the following updates:

| Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [@docusaurus/core](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus)) | [`3.10.0` → `3.10.1`](https://renovatebot.com/diffs/npm/@docusaurus%2fcore/3.10.0/3.10.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fcore/3.10.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fcore/3.10.0/3.10.1?slim=true) |
| [@docusaurus/faster](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-faster)) | [`3.10.0` → `3.10.1`](https://renovatebot.com/diffs/npm/@docusaurus%2ffaster/3.10.0/3.10.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2ffaster/3.10.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2ffaster/3.10.0/3.10.1?slim=true) |
| [@docusaurus/module-type-aliases](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-module-type-aliases)) | [`3.10.0` → `3.10.1`](https://renovatebot.com/diffs/npm/@docusaurus%2fmodule-type-aliases/3.10.0/3.10.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fmodule-type-aliases/3.10.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fmodule-type-aliases/3.10.0/3.10.1?slim=true) |
| [@docusaurus/plugin-content-docs](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-plugin-content-docs)) | [`3.10.0` → `3.10.1`](https://renovatebot.com/diffs/npm/@docusaurus%2fplugin-content-docs/3.10.0/3.10.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fplugin-content-docs/3.10.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fplugin-content-docs/3.10.0/3.10.1?slim=true) |
| [@docusaurus/preset-classic](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic)) | [`3.10.0` → `3.10.1`](https://renovatebot.com/diffs/npm/@docusaurus%2fpreset-classic/3.10.0/3.10.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fpreset-classic/3.10.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fpreset-classic/3.10.0/3.10.1?slim=true) |

---

### Release Notes

<details>
<summary>facebook/docusaurus (@&#8203;docusaurus/core)</summary>

### [`v3.10.1`](https://github.com/facebook/docusaurus/blob/HEAD/CHANGELOG.md#3101-2026-04-30)

[Compare Source](https://github.com/facebook/docusaurus/compare/v3.10.0...v3.10.1)

##### 🐛 Bug Fix

- `docusaurus-bundler`
  - [#&#8203;11981](https://github.com/facebook/docusaurus/pull/11981) fix(bundler): fix v3 webpackbar bug due to webpack breaking change ([@&#8203;slorber](https://github.com/slorber))

##### 🔧 Maintenance

- `docusaurus`
  - [#&#8203;11982](https://github.com/facebook/docusaurus/pull/11982) chore: cherry-pick commits for v3.10.1 patch release ([@&#8203;slorber](https://github.com/slorber))

##### Committers: 1

- Sébastien Lorber ([@&#8203;slorber](https://github.com/slorber))

</details>

---

Reviewed-on: https://gitea.com/gitea/docs/pulls/392
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-05-02 02:05:18 +00:00
Lunny Xiao
14b76120b4 update webhook documentation (#393)
Reviewed-on: https://gitea.com/gitea/docs/pulls/393
2026-05-01 16:40:27 +00:00
wxiaoguang
f550d33ad7 Update SSH_ROOT_PATH / attachment comment (#373)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/373
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
2026-04-28 21:56:14 +00:00
0xGREG
e0fcc861f2 Document DEFAULT_TITLE_SOURCE pull request title setting (#391)
Adds documentation for the `DEFAULT_TITLE_SOURCE` setting.

- Added `DEFAULT_TITLE_SOURCE` to the config cheat sheet under `[repository.pull-request]`
- Added a "Default pull request title" section to the pull request usage docs explaining both modes (`first-commit` and `auto`)

---------

Co-authored-by: Nicolas <bircni@icloud.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/391
Reviewed-by: Nicolas <bircni@icloud.com>
Co-authored-by: 0xGREG <gitea@freespeech.work>
Co-committed-by: 0xGREG <gitea@freespeech.work>
2026-04-28 21:45:22 +00:00
Renovate Bot
a0802c6748 chore(deps): update pnpm to v10.33.2 (#388)
Reviewed-on: https://gitea.com/gitea/docs/pulls/388
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-04-28 16:31:48 +00:00
Lunny Xiao
49a6f7649a update 1.26.1 2026-04-25 11:28:59 -07:00
Zettat123
3ef08b184a Add MAX_RERUN_ATTEMPTS to config cheat sheet (#383)
Related https://github.com/go-gitea/gitea/pull/37119

Reviewed-on: https://gitea.com/gitea/docs/pulls/383
Reviewed-by: Nicolas <bircni@icloud.com>
Co-authored-by: Zettat123 <39446+zettat123@noreply.gitea.com>
Co-committed-by: Zettat123 <39446+zettat123@noreply.gitea.com>
2026-04-25 18:25:14 +00:00
silverwind
58d5c6c5e3 Add X_CONTENT_TYPE_OPTIONS (#389)
https://github.com/go-gitea/gitea/pull/37354

---
This PR was written with the help of Claude Opus 4.7

---------

Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/389
Reviewed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-04-24 10:54:21 +00:00
wxiaoguang
76b9c25b6d Add CUSTOM_SCHEMES (#387)
https://github.com/go-gitea/gitea/pull/37356
Reviewed-on: https://gitea.com/gitea/docs/pulls/387
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
2026-04-22 22:10:57 +00:00
Lunny Xiao
fd5cb8bb44 Follow blog to use blue color for links (#385)
Reviewed-on: https://gitea.com/gitea/docs/pulls/385
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
2026-04-20 17:36:38 +00:00
Lunny Xiao
b5e28002f4 release 1.26.0 (#384)
Reviewed-on: https://gitea.com/gitea/docs/pulls/384
Reviewed-by: techknowlogick <9+techknowlogick@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2026-04-19 00:46:51 +00:00
Renovate Bot
9fe613c7de chore(deps): update react monorepo to v19.2.5 (#379)
Reviewed-on: https://gitea.com/gitea/docs/pulls/379
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-04-15 15:29:34 +00:00
Renovate Bot
3c6ead6e59 chore(deps): update pnpm/action-setup action to v6 (#382)
Reviewed-on: https://gitea.com/gitea/docs/pulls/382
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-04-15 15:17:51 +00:00
Renovate Bot
c2b6f71085 chore(deps): update docusaurus monorepo to v3.10.0 (#374)
Reviewed-on: https://gitea.com/gitea/docs/pulls/374
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-04-15 15:17:27 +00:00
techknowlogick
4a63d1ea7f update deprecated config option 2026-04-15 14:51:35 +00:00
wxiaoguang
a939f44e37 fix typo
# Conflicts:
#	docs/administration/reverse-proxies.md
2026-04-14 16:09:39 +08:00
silverwind
128cbae023 Sync zh-cn/zh-tw config cheat sheet with English (#381)
Sync the zh-cn and zh-tw `config-cheat-sheet.md` translations with the English source for current and 1.26 versions.

Changes:
- Add 17 missing sections (`qos`, `mailer.override_header`, `markup.external-render-name`, `lfs_client`, `storage_minio`, `storage_azureblob`, `storage_override`, and 10 cron task subsections including the `Actions` cron tasks group)
- Add ~30 missing individual settings across existing sections
- Restructure storage sections to match English (separate Minio/Azure/Override subsections)
- Remove stale settings (`TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY`, old inline MINIO duplicates, removed git timeout settings)
- Fix `MERMAID_MAX_SOURCE_CHARACTERS` default value (5000 -> 50000)
- Replace full-width Unicode punctuation (U+FF1A, U+FF08, U+FF09) with ASCII equivalents

All 4 i18n files now have 745 settings matching the English source.

---
This PR was written with the help of Claude Opus 4.6

Reviewed-on: https://gitea.com/gitea/docs/pulls/381
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-04-10 17:39:20 +00:00
silverwind
59bd79347e Document REVERSE_PROXY_LOGOUT_REDIRECT setting (#380)
Add documentation for the new `REVERSE_PROXY_LOGOUT_REDIRECT` setting in the `[security]` section, which allows redirecting users to an external URL or relative path after logout when using reverse proxy authentication.

For Gitea 1.26, ref https://github.com/go-gitea/gitea/pull/36085.

---
This PR was written with the help of Claude Opus 4.6

Reviewed-on: https://gitea.com/gitea/docs/pulls/380
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-04-10 16:50:43 +00:00
Lunny Xiao
a7ab7af00f Add v1.26 documentation (#376)
Co-authored-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/376
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
2026-04-09 19:27:32 +00:00
Renovate Bot
b339770f3c fix(deps): update dependency @mui/material to v9 (#375)
Reviewed-on: https://gitea.com/gitea/docs/pulls/375
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-04-09 14:15:29 +00:00
silverwind
5e4cd3b577 Remove obsolete actions concurrency notes (#377)
`concurrency` is fully supported as of v1.26 via https://github.com/go-gitea/gitea/pull/32751, so remove the unsupported entry and the different-behavior note.

Closes #340

---
This PR was written with the help of Claude Opus 4.6

Reviewed-on: https://gitea.com/gitea/docs/pulls/377
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-04-08 23:08:20 +00:00
wxiaoguang
57fc84f003 remove "rootful" from title 2026-04-07 17:33:41 +08:00
kmanwar89
9cc5cfd388 Updated various docker compose commands & references (#361)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: kmanwar89 <139654+kmanwar89@noreply.gitea.com>
Co-committed-by: kmanwar89 <139654+kmanwar89@noreply.gitea.com>
2026-04-07 09:24:36 +00:00
TheFox0x7
1568bfa1e9 terraform state registry docs (#357)
https://github.com/go-gitea/gitea/pull/36710
Reviewed-on: https://gitea.com/gitea/docs/pulls/357
Reviewed-by: Nicolas <173651+bircni@noreply.gitea.com>
Co-authored-by: TheFox0x7 <95654+thefox0x7@noreply.gitea.com>
Co-committed-by: TheFox0x7 <95654+thefox0x7@noreply.gitea.com>
2026-04-06 20:41:42 +00:00
wxiaoguang
efa6607558 GitHub-like theme-based image display (#372) 2026-04-03 18:25:12 +00:00
silverwind
25dce1df62 Add pre-defined variables reference to Actions docs (#369)
Add comprehensive reference tables for pre-defined variables available in Gitea Actions workflows, derived from the Gitea and act_runner source code.

## Context variables (`${{ gitea.<name> }}`)

All context variables with their `github.*` aliases and descriptions, sourced from `services/actions/context.go`.

## Environment variables

- **Standard**: `CI`, `GITEA_ACTIONS`, `GITEA_ACTIONS_RUNNER_VERSION`, `GITHUB_*`, and the 5 `GITEA_*` aliases for workflow file commands (`GITEA_ENV`, `GITEA_OUTPUT`, `GITEA_PATH`, `GITEA_STATE`, `GITEA_STEP_SUMMARY`)
- **Runner**: `RUNNER_OS`, `RUNNER_ARCH`, `RUNNER_TEMP`, `RUNNER_TOOL_CACHE`
- **Internal**: `ACTIONS_CACHE_URL`, `ACTIONS_RUNTIME_*`, etc.

Closes https://gitea.com/gitea/docs/issues/350

Reviewed-on: https://gitea.com/gitea/docs/pulls/369
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-03-28 09:27:06 +00:00
TheFox0x7
8660c68d8c add actions cron tasks (#371)
fixes: https://github.com/go-gitea/gitea/issues/37009 for docs
Reviewed-on: https://gitea.com/gitea/docs/pulls/371
Reviewed-by: Nicolas <173651+bircni@noreply.gitea.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2026-03-27 23:38:53 +00:00
Renovate Bot
c39f423da6 chore(deps): update pnpm to v10.33.0 (#370)
Reviewed-on: https://gitea.com/gitea/docs/pulls/370
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-26 21:37:00 +00:00
wxiaoguang
9a00f8ea0c Sync docs/administration/config-cheat-sheet.md (#368)
Reviewed-on: https://gitea.com/gitea/docs/pulls/368
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Co-authored-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
2026-03-24 15:44:11 +00:00
Excellencedev
0c17ed264d Add docs for configurable permissions for Actions automatic tokens (#366)
Docs for https://github.com/go-gitea/gitea/pull/36173

Reviewed-on: https://gitea.com/gitea/docs/pulls/366
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-by: Nicolas <173651+bircni@noreply.gitea.com>
Co-authored-by: Excellencedev <ademiluyisuccessandexcellence@gmail.com>
Co-committed-by: Excellencedev <ademiluyisuccessandexcellence@gmail.com>
2026-03-24 11:11:25 +00:00
Renovate Bot
74c1904736 chore(deps): update pnpm/action-setup action to v5 (#365)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [pnpm/action-setup](https://github.com/pnpm/action-setup) | action | major | `v4` → `v5` |

---

### Release Notes

<details>
<summary>pnpm/action-setup (pnpm/action-setup)</summary>

### [`v5`](https://github.com/pnpm/action-setup/compare/v4...v5)

[Compare Source](https://github.com/pnpm/action-setup/compare/v4...v5)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My43Ni41IiwidXBkYXRlZEluVmVyIjoiNDMuNzYuNSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

---------

Co-authored-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/365
Reviewed-by: silverwind <2021+silverwind@noreply.gitea.com>
Reviewed-by: Nicolas <173651+bircni@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-24 11:11:06 +00:00
silverwind
47ef41da3b Add DEFAULT_DELETE_BRANCH_AFTER_MERGE to config cheat sheet (#367)
Add documentation for the new `[repository.pull-request]` `DEFAULT_DELETE_BRANCH_AFTER_MERGE` config option added in https://github.com/go-gitea/gitea/pull/36917.

*This comment was written by Claude.*

Reviewed-on: https://gitea.com/gitea/docs/pulls/367
Reviewed-by: TheFox0x7 <95654+thefox0x7@noreply.gitea.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-03-23 19:12:49 +00:00
silverwind
eb8ade10c7 Update environment variable docs, remove environment-to-ini references (#355)
The standalone `environment-to-ini` tool was removed in https://github.com/go-gitea/gitea/pull/35735 and its functionality is now built into the Gitea binary. This PR:

- Removes outdated links to the removed `contrib/environment-to-ini` directory
- Updates the "Use environment variables to setup Gitea" section in the config cheat sheet
- Adds examples showing how env vars map to `app.ini` settings and the `__FILE` suffix for secrets

*This PR was authored by Claude.*

Reviewed-on: https://gitea.com/gitea/docs/pulls/355
Reviewed-by: wxiaoguang <29147+wxiaoguang@noreply.gitea.com>
Reviewed-by: TheFox0x7 <95654+thefox0x7@noreply.gitea.com>
2026-03-17 18:19:18 +00:00
Lunny Xiao
162127170b upgrade to 1.25.5 2026-03-16 17:06:04 -07:00
brlin
e7ddef6ed3 docs(usage/packages/storage): Fix grammar in the Deduplication section (#360)
Refer to the content diff for the change.

Reviewed-on: https://gitea.com/gitea/docs/pulls/360
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: brlin <buo.ren.lin@gmail.com>
Co-committed-by: brlin <buo.ren.lin@gmail.com>
2026-03-13 22:10:47 +00:00
acrewgame
51d28e66eb Relaxed requirements for mirroring to GitHub (#362)
I just tried mirroring a repo from the Gitea demo instance to a GitHub repo with a completely different name and commit history, and it succeeded.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/362
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: acrewgame <183300+acrewgame@noreply.gitea.com>
Co-committed-by: acrewgame <183300+acrewgame@noreply.gitea.com>
2026-03-13 16:43:56 +00:00
Renovate Bot
243178ce69 chore(deps): update pnpm to v10.32.1 (#363)
Reviewed-on: https://gitea.com/gitea/docs/pulls/363
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-12 14:52:51 +00:00
Renovate Bot
22834c60c8 chore(deps): update dependency @mui/material to v7.3.9 (#356)
Reviewed-on: https://gitea.com/gitea/docs/pulls/356
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-10 20:00:46 +00:00
Renovate Bot
29908bd89a chore(deps): update pnpm to v10.32.0 (#358)
Reviewed-on: https://gitea.com/gitea/docs/pulls/358
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-10 20:00:36 +00:00
crrdean
6cd29ccce0 Fixed pull_request action name (#359)
synchronize should be synchronized

Reviewed-on: https://gitea.com/gitea/docs/pulls/359
Reviewed-by: techknowlogick <9+techknowlogick@noreply.gitea.com>
Co-authored-by: crrdean <183013+crrdean@noreply.gitea.com>
Co-committed-by: crrdean <183013+crrdean@noreply.gitea.com>
2026-03-10 20:00:25 +00:00
silverwind
8809db41d8 Fix signed pushes documentation (#351)
Now actually tested and working. All that's needed is the nonce in the gitea config.

Reviewed-on: https://gitea.com/gitea/docs/pulls/351
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
2026-03-08 18:20:51 +00:00
Renovate Bot
4ca96900ee chore(deps): update pnpm to v10.31.0 (#345)
Reviewed-on: https://gitea.com/gitea/docs/pulls/345
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-08 15:31:11 +00:00
Renovate Bot
9aac00df18 chore(deps): update dependency @easyops-cn/docusaurus-search-local to v0.55.1 (#354)
Reviewed-on: https://gitea.com/gitea/docs/pulls/354
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-03-08 15:30:58 +00:00
Zettat123
dc136aa31b Add never option to PUBLIC_URL_DETECTION configuration (#353)
https://github.com/go-gitea/gitea/pull/36785
Reviewed-on: https://gitea.com/gitea/docs/pulls/353
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-committed-by: Zettat123 <zettat123@gmail.com>
2026-03-01 19:00:35 +00:00
iqre8
d6bd3c6fb9 Update docs/installation/with-docker.md (#352)
Removed version, and changed the command from `docker-compose` to `docker compose` and changed the tool `docker-compose` to the docker `compose`-plugin

Reviewed-on: https://gitea.com/gitea/docs/pulls/352
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: silverwind <silverwind@noreply.gitea.com>
Co-authored-by: iqre8 <iqre8@noreply.gitea.com>
Co-committed-by: iqre8 <iqre8@noreply.gitea.com>
2026-02-25 20:20:32 +00:00
silverwind
44c6a0fa20 Move X_FRAME_OPTIONS from cors to security section (#349)
## Summary
- Move `X_FRAME_OPTIONS` setting from `[cors]` to `[security]` section in the config cheat sheet
- Document the new `unset` value option and clarify the header applies to web responses only

Ref: https://github.com/go-gitea/gitea/pull/30256
Reviewed-on: https://gitea.com/gitea/docs/pulls/349
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-02-22 20:27:19 +00:00
TheFox0x7
d26bbc9794 add new config options for releases (#348)
https://github.com/go-gitea/gitea/pull/36697
Reviewed-on: https://gitea.com/gitea/docs/pulls/348
Reviewed-by: wxiaoguang <wxiaoguang@noreply.gitea.com>
Reviewed-by: silverwind <silverwind@noreply.gitea.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2026-02-22 07:39:17 +00:00
silverwind
84bc4f138d Add actions.WORKFLOW_DIRS setting to config cheat sheet (#347)
Add documentation for the new `actions.WORKFLOW_DIRS` setting introduced in https://github.com/go-gitea/gitea/pull/36619 for v1.26.

Reviewed-on: https://gitea.com/gitea/docs/pulls/347
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-02-19 19:02:58 +00:00
Renovate Bot
6c587e819f fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.55.0 (#344)
Reviewed-on: https://gitea.com/gitea/docs/pulls/344
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-14 15:32:03 +00:00
Renovate Bot
4b8bf4a2cd chore(deps): update dependency @mui/material to v7.3.8 (#343)
Reviewed-on: https://gitea.com/gitea/docs/pulls/343
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-13 00:50:51 +00:00
Renovate Bot
d071d5ed50 chore(deps): update pnpm to v10.29.3 (#342)
Reviewed-on: https://gitea.com/gitea/docs/pulls/342
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-12 17:30:02 +00:00
Renovate Bot
d5e2f3ed5b chore(deps): update dependency @easyops-cn/docusaurus-search-local to v0.54.1 (#341)
Reviewed-on: https://gitea.com/gitea/docs/pulls/341
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-11 06:48:54 +00:00
techknowlogick
1d21543b66 update ssh signing docs to reference draft RFC 2026-02-10 17:31:10 +00:00
Renovate Bot
672ae2ae2f chore(deps): update pnpm to v10.29.2 (#339)
Reviewed-on: https://gitea.com/gitea/docs/pulls/339
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-09 05:23:25 +00:00
Renovate Bot
2357df4a5d fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.54.0 (#338)
Reviewed-on: https://gitea.com/gitea/docs/pulls/338
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-09 05:23:12 +00:00
Renovate Bot
be69b0e820 chore(deps): update pnpm to v10.29.1 (#335)
Reviewed-on: https://gitea.com/gitea/docs/pulls/335
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-08 21:05:52 +00:00
Lunny Xiao
066080cf7b Add documentation for ssh keys for http access (#336)
Fix #331

Reviewed-on: https://gitea.com/gitea/docs/pulls/336
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-committed-by: Lunny Xiao <xiaolunwen@gmail.com>
2026-02-08 21:05:42 +00:00
osndok
2b96323137 Note differing default value for concurrency.cancel-in-progress (#337)
Whereas this bit me pretty hard, and [I don't seem to be the only one](https://forum.gitea.com/t/job-stopping-on-new-push/8142), the least we could do is let people know.

---------

Co-authored-by: Robert Hailey <git@osndok.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/337
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: osndok <osndok@noreply.gitea.com>
Co-committed-by: osndok <osndok@noreply.gitea.com>
2026-02-08 03:08:05 +00:00
Renovate Bot
28c7352a3a fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.53.0 (#334)
Reviewed-on: https://gitea.com/gitea/docs/pulls/334
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-06 04:34:43 +00:00
Renovate Bot
4ae4299d5c chore(deps): update aws-actions/configure-aws-credentials action to v6 (#333)
Reviewed-on: https://gitea.com/gitea/docs/pulls/333
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-05 00:03:37 +00:00
Renovate Bot
bff1114ff6 chore(deps): update pnpm to v10.28.2 (#332)
Reviewed-on: https://gitea.com/gitea/docs/pulls/332
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-04 00:12:12 +00:00
techknowlogick
2fe3b3a114 switch to use pnpm (#330)
Reviewed-on: https://gitea.com/gitea/docs/pulls/330
Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-committed-by: techknowlogick <techknowlogick@gitea.com>
2026-02-03 03:29:59 +00:00
Peter Ryszkiewicz
8a40822acd Fix act runner doc typos and errors and simplify some grammar. (#328)
Fix act runner doc typos and errors and simplify some grammar.

Co-authored-by: Peter Ryszkiewicz <prizz@noreply.gitea.com>
Co-committed-by: Peter Ryszkiewicz <prizz@noreply.gitea.com>
2026-02-03 00:52:06 +00:00
Renovate Bot
ed033ac9ed chore(deps): update dependency node to v24 (#329)
Reviewed-on: https://gitea.com/gitea/docs/pulls/329
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-03 00:49:30 +00:00
silverwind
516a0af047 Add FOLDER_ICON_THEME (#326)
Available in 1.26 with https://github.com/go-gitea/gitea/pull/36496

Reviewed-on: https://gitea.com/gitea/docs/pulls/326
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2026-02-02 15:50:25 +00:00
Renovate Bot
91f0151966 fix(deps): update dependency @easyops-cn/docusaurus-search-local to v0.52.3 (#325)
Reviewed-on: https://gitea.com/gitea/docs/pulls/325
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-02-02 15:49:53 +00:00
TheFox0x7
c0384ba59a update autocompletion help for v1.25 up (#327)
addresses: https://github.com/go-gitea/gitea/issues/36501
Reviewed-on: https://gitea.com/gitea/docs/pulls/327
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2026-01-30 23:32:03 +00:00
Thomas Beutlich
96940ee764 Bump Online3DViewer and mention curl as option (#320)
Reviewed-on: https://gitea.com/gitea/docs/pulls/320
Co-authored-by: Thomas Beutlich <thbeu@noreply.gitea.com>
Co-committed-by: Thomas Beutlich <thbeu@noreply.gitea.com>
2026-01-27 19:31:16 +00:00
Renovate Bot
ac0bb5e71d fix(deps): update react monorepo to v19.2.4 (#324)
Reviewed-on: https://gitea.com/gitea/docs/pulls/324
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-01-27 19:23:19 +00:00
Renovate Bot
228b6be436 fix(deps): update dependency @mui/material to v7.3.7 (#319)
Reviewed-on: https://gitea.com/gitea/docs/pulls/319
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2026-01-26 20:04:30 +00:00
Lunny Xiao
feca0d2d17 Update to 1.25.4 2026-01-22 12:18:11 -08:00
dosenpils
49cc18e096 fixed broken link (#322)
There's a broken link in the documentation in the chapter [Use environment variables to setup Gitea](https://docs.gitea.com/administration/config-cheat-sheet#use-environment-variables-to-setup-gitea) (Docs >> Administration >> Configuration Cheat Sheet).

This pull requests will fix this.

Reviewed-on: https://gitea.com/gitea/docs/pulls/322
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: dosenpils <dosenpils@donotdevelopmyapp.com>
Co-committed-by: dosenpils <dosenpils@donotdevelopmyapp.com>
2026-01-21 01:55:21 +00:00
wxiaoguang
8550cc4de1 remove unused git timeout config options 2026-01-21 01:36:27 +00:00
techknowlogick
f5141b5e65 remove passthrough from the docs 2026-01-15 15:35:57 +00:00
techknowlogick
0709ce3d44 remove passthrough from the docs 2026-01-15 15:35:34 +00:00
techknowlogick
56c7d4ee30 remove passthrough from the docs 2026-01-15 15:35:12 +00:00
techknowlogick
6f2a1a40a3 remove passthrough from the docs 2026-01-15 15:34:56 +00:00
techknowlogick
4086fa5d93 remove passthrough from the docs 2026-01-15 15:34:20 +00:00
techknowlogick
8c018493b7 remove passthrough from the docs 2026-01-15 15:33:54 +00:00
techknowlogick
1172e40117 remove passthrough from the docs 2026-01-15 15:33:23 +00:00
techknowlogick
211fa624b3 Update versioned_docs/version-1.25/installation/with-docker-rootless.md 2026-01-15 15:32:56 +00:00
techknowlogick
6fe333ba07 remove passthrough from the docs 2026-01-15 15:32:21 +00:00
techknowlogick
9fbcdbbd60 remove passthrough from the docs 2026-01-15 15:31:47 +00:00
Renovate Bot
188314ea14 chore(deps): update actions/cache action to v5 (#314)
Reviewed-on: https://gitea.com/gitea/docs/pulls/314
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-12-19 18:02:17 +00:00
Renovate Bot
44db30edac fix(deps): update react monorepo to v19.2.3 (#313)
Reviewed-on: https://gitea.com/gitea/docs/pulls/313
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-12-19 17:57:09 +00:00
Lunny Xiao
0b31573d47 upgrade 1.25.2 -> 1.25.3 2025-12-18 11:09:05 -08:00
silverwind
18d05903c7 Add DIFF_RENAME_SIMILARITY_THRESHOLD (#316)
Co-authored-by: silverwind <me@silverwind.io>
Co-committed-by: silverwind <me@silverwind.io>
2025-12-17 10:57:54 +00:00
andriibratanin
5ee3dd40ff Fix env-to-ini link (#315)
Original Gitea's repository no longer contains "Environment to INI" document referenced in "Managing Deployments With Environment Variables" section.

This commit fixes the reference by pointing the link to the last commit where needed doc was still present.

Reviewed-on: https://gitea.com/gitea/docs/pulls/315
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: andriibratanin <andriibratanin@noreply.gitea.com>
Co-committed-by: andriibratanin <andriibratanin@noreply.gitea.com>
2025-12-17 02:42:07 +00:00
Renovate Bot
d62d758d36 fix(deps): update dependency @easyops-cn/docusaurus-search-local to v0.52.2 (#310)
Reviewed-on: https://gitea.com/gitea/docs/pulls/310
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-12-04 16:33:52 +00:00
Renovate Bot
4c7d0220c9 fix(deps): update dependency @mui/material to v7.3.6 (#311)
Reviewed-on: https://gitea.com/gitea/docs/pulls/311
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-12-04 16:33:20 +00:00
Renovate Bot
e0888b2130 fix(deps): update react monorepo to v19.2.1 (#312)
Reviewed-on: https://gitea.com/gitea/docs/pulls/312
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-12-04 16:33:16 +00:00
wxiaoguang
b3335013da Update docs/administration/mail-templates.md (#309)
Reviewed-on: https://gitea.com/gitea/docs/pulls/309
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@noreply.gitea.com>
Co-committed-by: wxiaoguang <wxiaoguang@noreply.gitea.com>
2025-11-28 19:24:29 +00:00
Lunny Xiao
d4181abf75 Upgrade to 1.25.2 (#306)
Reviewed-on: https://gitea.com/gitea/docs/pulls/306
2025-11-23 19:23:37 +00:00
Lunny Xiao
d3d546fa3b Fix updating swagger failure caused by no content to change 2025-11-23 10:59:46 -08:00
Lunny Xiao
cd0347dc76 make update_api_docs.sh work for macOS 2025-11-23 10:53:03 -08:00
TheFox0x7
e3cc4ec689 update api docs (#297)
script is now standalone instead of being CI only.
Added a post 1.25 rule for templates since the variables in template changed after https://gitea.com/gitea/gitea-mirror/commit/3533263ced8
Fixes: https://github.com/go-gitea/gitea/issues/35964

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/297
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
Co-committed-by: TheFox0x7 <thefox0x7@gmail.com>
2025-11-23 18:43:58 +00:00
Lunny Xiao
826ff60fd4 Add missing translations (#305)
Reviewed-on: https://gitea.com/gitea/docs/pulls/305
2025-11-23 07:13:19 +00:00
Lunny Xiao
2e86ec6898 Fix ci 2025-11-22 21:09:13 -08:00
Lunny Xiao
ce76fd3b2e Fix ci 2025-11-22 21:04:31 -08:00
Lunny Xiao
4ddfcd6aaf Remove outdated versions and keep the latest 5 versions(include the current developing version and latest 4 stable versions (#304)
Resolve #302

Reviewed-on: https://gitea.com/gitea/docs/pulls/304
Reviewed-by: delvh <dev.lh@web.de>
2025-11-22 05:36:55 +00:00
Renovate Bot
8ba2066894 chore(deps): update actions/checkout action to v6 (#303)
Reviewed-on: https://gitea.com/gitea/docs/pulls/303
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-11-21 21:30:18 +00:00
FrostKiwi
072331ecae Clarify package permissions and tokens scopes as discussed in https://github.com/go-gitea/gitea/issues/32048 (#72)
This adds explanations, that were missing regarding Token scopes and the packages feature requiring a token with said scope. Also added a missing explanation, that tokens can be created in the user interface, not just the API. The reason this PR is created was due to misunderstandings around the package feature, that arose during the discussion in https://github.com/go-gitea/gitea/issues/32048 .
This PR aims to clarify the misunderstood points around tokens, scopes and the package feature.

During the creation of this PR bug https://github.com/go-gitea/gitea/issues/32078 was found, the scopes are always reported as `null` during the response of the initial `POST` to create the token.

Co-authored-by: Wladislav ヴラド Artsimovich <wladislav.artsimovich@dmgmori.co.jp>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/72
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: FrostKiwi <frostkiwi@noreply.gitea.com>
Co-committed-by: FrostKiwi <frostkiwi@noreply.gitea.com>
2025-11-20 22:16:00 +00:00
gabriel_radureau
98a7ea3f53 correct mentionned "gitea-repositories" directory with actual folder "repositories" (#266)
The mentionned gitea-repositories folder doesn't exist in the recent version. Correct it to the existing repositories folder.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/266
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: gabriel_radureau <gabriel_radureau@noreply.gitea.com>
Co-committed-by: gabriel_radureau <gabriel_radureau@noreply.gitea.com>
2025-11-20 22:09:30 +00:00
Lunny Xiao
df8b7a7581 Upgrade docusarus and fix broken links (#301)
Reviewed-on: https://gitea.com/gitea/docs/pulls/301
2025-11-20 22:02:05 +00:00
Schallbert
0868bd41a4 Minor update for act_runner documentation: Update execution options, clarify docker run (#256)
- add act_runner options (host, docker, DinD)
- modify `docker run` command to include volume
- minor formulation updates

Reviewed-on: https://gitea.com/gitea/docs/pulls/256
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Schallbert <schallbert@mailbox.org>
Co-committed-by: Schallbert <schallbert@mailbox.org>
2025-11-20 21:52:54 +00:00
Vladimir Vitkov
c117cba701 add static resource config to the apache section (#81)
Add a section showing how to avoid proxying of static resources by Apache HTTPD

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/81
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Vladimir Vitkov <vvitkov@gmail.com>
Co-committed-by: Vladimir Vitkov <vvitkov@gmail.com>
2025-11-20 21:43:40 +00:00
Zettat123
2b99f48d47 Share actions and reusable workflows from private repositories (#107)
Update docs for https://github.com/go-gitea/gitea/pull/32562

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/107
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-committed-by: Zettat123 <zettat123@gmail.com>
2025-11-20 19:57:50 +00:00
SnowballXueQiu
f12e3675b1 更新 i18n/zh-cn/docusaurus-plugin-content-docs/version-1.24/usage/actions/act-runner.md (#234)
Signed-off-by: SnowballXueQiu <snowballxueqiu@noreply.gitea.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/234
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: SnowballXueQiu <snowballxueqiu@noreply.gitea.com>
Co-committed-by: SnowballXueQiu <snowballxueqiu@noreply.gitea.com>
2025-11-20 19:51:36 +00:00
Lunny Xiao
9baa98ec3f Move usage directories (#300)
Reviewed-on: https://gitea.com/gitea/docs/pulls/300
2025-11-20 19:49:24 +00:00
Renovate Bot
00a36086b0 fix(deps): update docusaurus monorepo to v3.9.2 (#276)
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [@docusaurus/core](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus)) | [`3.8.1` -> `3.9.2`](https://renovatebot.com/diffs/npm/@docusaurus%2fcore/3.8.1/3.9.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fcore/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fcore/3.8.1/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |
| [@docusaurus/faster](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-faster)) | [`3.8.1` -> `3.9.2`](https://renovatebot.com/diffs/npm/@docusaurus%2ffaster/3.8.1/3.9.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2ffaster/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2ffaster/3.8.1/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |
| [@docusaurus/module-type-aliases](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-module-type-aliases)) | [`3.8.1` -> `3.9.2`](https://renovatebot.com/diffs/npm/@docusaurus%2fmodule-type-aliases/3.8.1/3.9.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fmodule-type-aliases/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fmodule-type-aliases/3.8.1/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |
| [@docusaurus/preset-classic](https://github.com/facebook/docusaurus) ([source](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic)) | [`3.8.1` -> `3.9.2`](https://renovatebot.com/diffs/npm/@docusaurus%2fpreset-classic/3.8.1/3.9.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@docusaurus%2fpreset-classic/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@docusaurus%2fpreset-classic/3.8.1/3.9.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

---

### Release Notes

<details>
<summary>facebook/docusaurus (@&#8203;docusaurus/core)</summary>

### [`v3.9.2`](https://github.com/facebook/docusaurus/blob/HEAD/CHANGELOG.md#392-2025-10-17)

[Compare Source](https://github.com/facebook/docusaurus/compare/v3.9.1...v3.9.2)

##### 🐛 Bug Fix

- `docusaurus-plugin-content-docs`
  - [#&#8203;11490](https://github.com/facebook/docusaurus/pull/11490) fix(docs): add support for missing `sidebar_key` front matter attribute ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-cssnano-preset`
  - [#&#8203;11487](https://github.com/facebook/docusaurus/pull/11487) fix(cssnano-preset): disable CSS counter minification ([@&#8203;YDKK](https://github.com/YDKK))
- `docusaurus-theme-search-algolia`
  - [#&#8203;11468](https://github.com/facebook/docusaurus/pull/11468) fix(theme-search-algolia): Fix Algolia AskAI validation logic ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-translations`
  - [#&#8203;11431](https://github.com/facebook/docusaurus/pull/11431) fix(theme-translation): add missing Polish (pl) theme translations ([@&#8203;mariuszkrzaczkowski](https://github.com/mariuszkrzaczkowski))
- `docusaurus-theme-classic`, `docusaurus-theme-common`
  - [#&#8203;11466](https://github.com/facebook/docusaurus/pull/11466) fix(theme): Fix CSS `scroll-margin-top` when clicking footnote items, factorize code ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus`
  - [#&#8203;11452](https://github.com/facebook/docusaurus/pull/11452) fix(core): allow `i18n.localeConfigs.translate` in validation ([@&#8203;trofim24](https://github.com/trofim24))
- `docusaurus-theme-mermaid`
  - [#&#8203;11437](https://github.com/facebook/docusaurus/pull/11437) fix(theme-mermaid): Fix Mermaid ELK layout dependency required bug on v3.9 ([@&#8203;slorber](https://github.com/slorber))

##### :running\_woman: Performance

- `docusaurus-theme-mermaid`
  - [#&#8203;11438](https://github.com/facebook/docusaurus/pull/11438) perf(theme-mermaid): lazy load the Mermaid library ([@&#8203;slorber](https://github.com/slorber))

##### :nail\_care: Polish

- `docusaurus-theme-classic`
  - [#&#8203;11463](https://github.com/facebook/docusaurus/pull/11463) fix(theme): remove "Edit this page" button from print view ([@&#8203;richk21](https://github.com/richk21))

##### 🤖 Dependencies

- [#&#8203;11479](https://github.com/facebook/docusaurus/pull/11479) chore(deps): bump stefanzweifel/git-auto-commit-action from 6 to 7 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11480](https://github.com/facebook/docusaurus/pull/11480) chore(deps): bump github/codeql-action from 3.26.5 to 4.30.8 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11481](https://github.com/facebook/docusaurus/pull/11481) chore(deps): bump actions/dependency-review-action from 4.8.0 to 4.8.1 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11446](https://github.com/facebook/docusaurus/pull/11446) chore(deps): bump actions/dependency-review-action from 4.7.3 to 4.8.0 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))

##### :globe\_with\_meridians: Translations

- `docusaurus-theme-translations`
  - [#&#8203;11484](https://github.com/facebook/docusaurus/pull/11484) fix(translations): improve Arabic theme translations ([@&#8203;maysara-elshewehy](https://github.com/maysara-elshewehy))

##### Committers: 9

- Alexander Trofimov ([@&#8203;trofim24](https://github.com/trofim24))
- Dan Roscigno ([@&#8203;DanRoscigno](https://github.com/DanRoscigno))
- Eleni Grosdouli ([@&#8203;egrosdou01](https://github.com/egrosdou01))
- Ethan ([@&#8203;ethanppl](https://github.com/ethanppl))
- Mariusz Krzaczkowski ([@&#8203;mariuszkrzaczkowski](https://github.com/mariuszkrzaczkowski))
- Maysara ([@&#8203;maysara-elshewehy](https://github.com/maysara-elshewehy))
- Richa Kiran ([@&#8203;richk21](https://github.com/richk21))
- Sébastien Lorber ([@&#8203;slorber](https://github.com/slorber))
- [@&#8203;YDKK](https://github.com/YDKK)

### [`v3.9.1`](https://github.com/facebook/docusaurus/blob/HEAD/CHANGELOG.md#391-2025-09-26)

[Compare Source](https://github.com/facebook/docusaurus/compare/v3.9.0...v3.9.1)

##### 🐛 Bug Fix

- `docusaurus`
  - [#&#8203;11434](https://github.com/facebook/docusaurus/pull/11434) fix(core): fix Docusaurus outDir for sites using baseUrl ([@&#8203;slorber](https://github.com/slorber))

##### Committers: 1

- Sébastien Lorber ([@&#8203;slorber](https://github.com/slorber))

### [`v3.9.0`](https://github.com/facebook/docusaurus/blob/HEAD/CHANGELOG.md#390-2025-09-25)

[Compare Source](https://github.com/facebook/docusaurus/compare/v3.8.1...v3.9.0)

##### 🚀 New Feature

- `docusaurus-theme-search-algolia`
  - [#&#8203;11421](https://github.com/facebook/docusaurus/pull/11421) feat(theme-search-algolia): use DocSearch v4.1, optimize integration ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-plugin-content-blog`, `docusaurus-theme-classic`
  - [#&#8203;11425](https://github.com/facebook/docusaurus/pull/11425) feat(blog): Add support for email social icon + resize default social icon a bit ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`, `docusaurus-theme-common`
  - [#&#8203;11426](https://github.com/facebook/docusaurus/pull/11426) feat(theme): Add theme-tabs-container stable className ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`, `docusaurus-theme-search-algolia`, `docusaurus-theme-translations`
  - [#&#8203;11327](https://github.com/facebook/docusaurus/pull/11327) feat(search): add runtime support for DocSearch v4 ([@&#8203;dylantientcheu](https://github.com/dylantientcheu))
- `docusaurus-faster`, `docusaurus`
  - [#&#8203;11415](https://github.com/facebook/docusaurus/pull/11415) feat(faster): upgrade Rspack to 1.5, use lazyBarrel experiment, remove deprecated option ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11294](https://github.com/facebook/docusaurus/pull/11294) feat(faster): Upgrade to Rspack 1.4 ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-utils`
  - [#&#8203;11397](https://github.com/facebook/docusaurus/pull/11397) feat(mdx): resolve `@site/*` markdown links, fix resolution priority bugs ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-mermaid`
  - [#&#8203;11357](https://github.com/facebook/docusaurus/pull/11357) feat(mermaid): support elk layout ([@&#8203;Feez2403](https://github.com/Feez2403))
- `docusaurus-plugin-pwa`, `docusaurus-theme-classic`, `docusaurus-theme-common`, `docusaurus-types`, `docusaurus-utils`, `docusaurus`
  - [#&#8203;11316](https://github.com/facebook/docusaurus/pull/11316) feat(core): Add `i18n.localeConfigs[locale].{url,baseUrl}` config options, fix multi-domain deployments ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-plugin-content-blog`, `docusaurus-plugin-content-docs`, `docusaurus-plugin-content-pages`, `docusaurus-types`, `docusaurus-utils`, `docusaurus`
  - [#&#8203;11304](https://github.com/facebook/docusaurus/pull/11304) feat(core): add `i18n.localeConfigs.translate` + skip translation process if `i18n/<locale>` dir doesn't exist ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-plugin-content-docs`
  - [#&#8203;11228](https://github.com/facebook/docusaurus/pull/11228) feat(docs): sidebar item `key` attribute - fix docs translations key conflicts ([@&#8203;slorber](https://github.com/slorber))
- `create-docusaurus`
  - [#&#8203;11293](https://github.com/facebook/docusaurus/pull/11293) feat(create-docusaurus): use respectPrefersColorScheme in init template ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-mdx-loader`, `docusaurus-types`, `docusaurus`
  - [#&#8203;11282](https://github.com/facebook/docusaurus/pull/11282) feat(core): add `siteConfig.markdown.emoji` config option to disable `remark-emoji` ([@&#8203;slorber](https://github.com/slorber))
- `create-docusaurus`, `docusaurus-mdx-loader`, `docusaurus-plugin-content-blog`, `docusaurus-plugin-content-docs`, `docusaurus-types`, `docusaurus`
  - [#&#8203;11283](https://github.com/facebook/docusaurus/pull/11283) feat(core): Add `siteConfig.markdown.hooks`, deprecate `siteConfig.onBrokenMarkdownLinks` ([@&#8203;slorber](https://github.com/slorber))

##### 🐛 Bug Fix

- `docusaurus-theme-classic`, `docusaurus`
  - [#&#8203;11422](https://github.com/facebook/docusaurus/pull/11422) fix(theme): fix copy of indented code blocks, replace copy-text-to-clipboard by clipboard API ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`
  - [#&#8203;11407](https://github.com/facebook/docusaurus/pull/11407) fix(theme): remove hardcoded fill from Bluesky and LinkedIn icons ([@&#8203;Simek](https://github.com/Simek))
  - [#&#8203;11389](https://github.com/facebook/docusaurus/pull/11389) fix(theme): render sidebar category index with unlisted children as a simple doc/link item ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11360](https://github.com/facebook/docusaurus/pull/11360) fix(theme): Add translate no to heading anchors and blog authors ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11356](https://github.com/facebook/docusaurus/pull/11356) fix(theme): Doc sidebar links/categories with long labels should display properly ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11338](https://github.com/facebook/docusaurus/pull/11338) fix(theme-classic): fix collapsed sidebar category expansion when navigating to another link within that category ([@&#8203;qqq614](https://github.com/qqq614))
  - [#&#8203;11289](https://github.com/facebook/docusaurus/pull/11289) fix(theme): Fix footnote ref scrolling behind the navbar when footnote back reference clicked ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus`
  - [#&#8203;11410](https://github.com/facebook/docusaurus/pull/11410) fix(deps): upgrade webpack-dev-server to v5, fix security warning ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11347](https://github.com/facebook/docusaurus/pull/11347) fix(core): Fix docusaurus start on macOS when exec throws a synchronous error ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11271](https://github.com/facebook/docusaurus/pull/11271) fix(dev-server): use correct dev server HTML lang attribute ([@&#8203;enumura1](https://github.com/enumura1))
- `docusaurus-theme-common`
  - [#&#8203;11405](https://github.com/facebook/docusaurus/pull/11405) fix(theme): fix `useColorMode()` visual glitches due to provider unmounts/remounts ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11280](https://github.com/facebook/docusaurus/pull/11280) fix(theme-common): Export FooterColumnItem type ([@&#8203;stubinubin](https://github.com/stubinubin))
- `docusaurus-bundler`, `docusaurus-faster`
  - [#&#8203;11383](https://github.com/facebook/docusaurus/pull/11383) fix(ssg): HTML minifier should preserve `<head>` for `og:image` crawlers ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`, `docusaurus-theme-translations`
  - [#&#8203;11331](https://github.com/facebook/docusaurus/pull/11331) fix(theme): Add `aria-label` to `IconExternalLink` with value `'(opens in new tab)'` ([@&#8203;WestonThayer](https://github.com/WestonThayer))
- `docusaurus-plugin-content-docs`
  - [#&#8203;11281](https://github.com/facebook/docusaurus/pull/11281) fix(docs): Fix empty sidebar item category `className` lost when post-processed to a doc ([@&#8203;slorber](https://github.com/slorber))
  - [#&#8203;11251](https://github.com/facebook/docusaurus/pull/11251) fix(docs): prevent docs ids conflicts within a version ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`, `docusaurus-theme-common`
  - [#&#8203;11263](https://github.com/facebook/docusaurus/pull/11263) fix(theme): make `useHistorySelector()` hydration-safe + use it read search/hash in theme ([@&#8203;slorber](https://github.com/slorber))

##### 📝 Documentation

- [#&#8203;11339](https://github.com/facebook/docusaurus/pull/11339) docs: clarify impact of document ID on the URL ([@&#8203;shanti2530](https://github.com/shanti2530))

##### 🤖 Dependencies

- [#&#8203;11402](https://github.com/facebook/docusaurus/pull/11402) chore(deps): bump actions/github-script from 7.0.1 to 8.0.0 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11401](https://github.com/facebook/docusaurus/pull/11401) chore(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11403](https://github.com/facebook/docusaurus/pull/11403) chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11373](https://github.com/facebook/docusaurus/pull/11373) chore(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11365](https://github.com/facebook/docusaurus/pull/11365) chore(deps): bump actions/checkout from 4 to 5 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11342](https://github.com/facebook/docusaurus/pull/11342) chore(deps): bump form-data from 4.0.1 to 4.0.4 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11341](https://github.com/facebook/docusaurus/pull/11341) chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.3 to 2.9.4 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11285](https://github.com/facebook/docusaurus/pull/11285) chore(deps): bump marocchino/sticky-pull-request-comment from 2.9.2 to 2.9.3 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11272](https://github.com/facebook/docusaurus/pull/11272) chore(deps): bump stefanzweifel/git-auto-commit-action from 5 to 6 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))
- [#&#8203;11273](https://github.com/facebook/docusaurus/pull/11273) chore(deps): bump treosh/lighthouse-ci-action from 12.1.0 to 12.6.1 ([@&#8203;dependabot\[bot\]](https://github.com/apps/dependabot))

##### 🔧 Maintenance

- `create-docusaurus`, `docusaurus-babel`, `docusaurus-bundler`, `docusaurus-cssnano-preset`, `docusaurus-faster`, `docusaurus-logger`, `docusaurus-mdx-loader`, `docusaurus-plugin-client-redirects`, `docusaurus-plugin-content-blog`, `docusaurus-plugin-content-docs`, `docusaurus-plugin-content-pages`, `docusaurus-plugin-css-cascade-layers`, `docusaurus-plugin-debug`, `docusaurus-plugin-google-analytics`, `docusaurus-plugin-google-gtag`, `docusaurus-plugin-google-tag-manager`, `docusaurus-plugin-ideal-image`, `docusaurus-plugin-pwa`, `docusaurus-plugin-rsdoctor`, `docusaurus-plugin-sitemap`, `docusaurus-plugin-svgr`, `docusaurus-plugin-vercel-analytics`, `docusaurus-preset-classic`, `docusaurus-remark-plugin-npm2yarn`, `docusaurus-theme-classic`, `docusaurus-theme-common`, `docusaurus-theme-live-codeblock`, `docusaurus-theme-mermaid`, `docusaurus-theme-search-algolia`, `docusaurus-theme-translations`, `docusaurus-utils-common`, `docusaurus-utils-validation`, `docusaurus-utils`, `docusaurus`, `eslint-plugin`, `lqip-loader`
  - [#&#8203;11408](https://github.com/facebook/docusaurus/pull/11408) chore: drop support for Node 18, that reached End-of-Life ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-theme-classic`
  - [#&#8203;11317](https://github.com/facebook/docusaurus/pull/11317) chore: minor reduction to inline svg/js code ([@&#8203;SethFalco](https://github.com/SethFalco))
- `docusaurus-plugin-content-docs`
  - [#&#8203;11307](https://github.com/facebook/docusaurus/pull/11307) test(docs): fix docs tests issues ([@&#8203;slorber](https://github.com/slorber))
- `docusaurus-bundler`
  - [#&#8203;11290](https://github.com/facebook/docusaurus/pull/11290) chore: upgrade website to Rspack 1.4 + fix Rspack internal performance tracing ([@&#8203;slorber](https://github.com/slorber))
- Other
  - [#&#8203;11287](https://github.com/facebook/docusaurus/pull/11287) chore(website): split changelog per version + adjust changelog plugin implementation ([@&#8203;slorber](https://github.com/slorber))

##### :globe\_with\_meridians: Translations

- `docusaurus-theme-translations`
  - [#&#8203;11315](https://github.com/facebook/docusaurus/pull/11315) fix(theme-translations): Add missing Portuguese (pt-BR) theme translations and improve some of it. ([@&#8203;marcelocell](https://github.com/marcelocell))
  - [#&#8203;11305](https://github.com/facebook/docusaurus/pull/11305) fix(translations): Add missing Ukrainian translations ([@&#8203;maluke](https://github.com/maluke))

##### Committers: 18

- Akshat Sinha ([@&#8203;akshatsinha0](https://github.com/akshatsinha0))
- Bartosz Kaszubowski ([@&#8203;Simek](https://github.com/Simek))
- Dylan Tientcheu ([@&#8203;dylantientcheu](https://github.com/dylantientcheu))
- Guo Ci ([@&#8203;guoci](https://github.com/guoci))
- Jaime Iniesta ([@&#8203;jaimeiniesta](https://github.com/jaimeiniesta))
- Joshua Chen ([@&#8203;Josh-Cena](https://github.com/Josh-Cena))
- Marcelo Junior ([@&#8203;marcelocell](https://github.com/marcelocell))
- Maria Stellini ([@&#8203;shanti2530](https://github.com/shanti2530))
- Riccardo ([@&#8203;3v0k4](https://github.com/3v0k4))
- Sergey Schetinin ([@&#8203;maluke](https://github.com/maluke))
- Seth Falco ([@&#8203;SethFalco](https://github.com/SethFalco))
- Sébastien Lorber ([@&#8203;slorber](https://github.com/slorber))
- Weston Thayer ([@&#8203;WestonThayer](https://github.com/WestonThayer))
- [@&#8203;Feez2403](https://github.com/Feez2403)
- [@&#8203;stubinubin](https://github.com/stubinubin)
- [@&#8203;ya-dvorovenko](https://github.com/ya-dvorovenko)
- enumura ([@&#8203;enumura1](https://github.com/enumura1))
- hjcho ([@&#8203;qqq614](https://github.com/qqq614))

</details>

---

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/276
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-11-20 18:22:17 +00:00
Lunny Xiao
c05b0cec34 Add protected branches usage documentation (#298)
Fix https://github.com/go-gitea/gitea/issues/35972

Reviewed-on: https://gitea.com/gitea/docs/pulls/298
2025-11-20 18:07:29 +00:00
Lunny Xiao
dcb9b9b450 Use category instead of place holder markdown file as directory (#299)
Reviewed-on: https://gitea.com/gitea/docs/pulls/299
2025-11-20 18:02:34 +00:00
Renovate Bot
0787ea1fbe chore(deps): update dependency ubuntu to v24 (#172)
Reviewed-on: https://gitea.com/gitea/docs/pulls/172
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-11-15 21:06:23 +00:00
Renovate Bot
4ca7e068c2 fix(deps): update dependency @mui/material to v7.3.5 (#294)
Reviewed-on: https://gitea.com/gitea/docs/pulls/294
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-11-15 21:03:07 +00:00
dangjinghao
fd8beed04d Fix formatting for Mailer.FROM address example in configuration cheat sheet (#296)
This example is incorrect.

wrong:

<img width="1058" alt="wrong-1.png" src="attachments/1cb3b95b-c3e4-4213-aeff-13e518021536">

<img width="442" alt="wrong-2.png" src="attachments/212aa79f-bbb7-457a-a0b8-fc7572f6d497">

<img width="1201" alt="wrong-3.png" src="attachments/32fde98a-d987-475c-9f88-d563c177ad24">

correct:

<img width="1034" alt="correct-1.png" src="attachments/b4993846-eec2-4e7c-8adc-11fc335216dc">

<img width="410" alt="correct-2.png" src="attachments/419ad32c-4080-462e-af5e-8fc9f63727a7">

Reviewed-on: https://gitea.com/gitea/docs/pulls/296
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: dangjinghao <dangjinghaoemail@163.com>
Co-committed-by: dangjinghao <dangjinghaoemail@163.com>
2025-11-15 03:43:02 +00:00
kairosys-dev
ffc8c044a3 Correct port 465 for SMTPS, not 587 for STARTTLS (#295)
The SMTPS protocol uses port 465, not 587. Port 587 is instead used for STARTTLS.
Helps getting administrators stuck in cryptic errors such as:

Failed to send a testing email to "user@mydomain.com": could not initiate SMTP session: tls: first record does not look like a TLS handshake

Reviewed-on: https://gitea.com/gitea/docs/pulls/295
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: kairosys-dev <me@arch-on.top>
Co-committed-by: kairosys-dev <me@arch-on.top>
2025-11-11 19:35:01 +00:00
Cory Sanin
a77b0937cf Corrections for Arch package registry page (#291)
pairs nicely with https://github.com/go-gitea/gitea/pull/35825

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/291
Reviewed-by: silverwind <silverwind@noreply.gitea.com>
Co-authored-by: Cory Sanin <corysanin@outlook.com>
Co-committed-by: Cory Sanin <corysanin@outlook.com>
2025-11-05 17:26:38 +00:00
Lunny Xiao
7e8cd4df86 upgrade to 1.25.1 2025-11-04 13:21:39 -08:00
dangjinghao
0c7fce4512 Remove run-name section from Comparison to GitHub Actions (#290)
Since `run-name` support was added in [v1.25.0](https://github.com/go-gitea/gitea/releases/tag/v1.25.0), I've removed the outdated `run-name` section from `usage/actions/comparison.md`.

Reviewed-on: https://gitea.com/gitea/docs/pulls/290
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: dangjinghao <dangjinghaoemail@163.com>
Co-committed-by: dangjinghao <dangjinghaoemail@163.com>
2025-11-01 21:11:55 +00:00
Lunny Xiao
7d50e32ba8 Add 1.25.0 documentation (#289)
Reviewed-on: https://gitea.com/gitea/docs/pulls/289
2025-11-01 06:48:53 +00:00
Snowball_233
d5eac4f23d chore(docker-compose): remove obsolete version parament & remove useless default external=false (#288)
- Removed deprecated `version` key from docker-compose.yaml
- Cleaned up unnecessary `external: false` declarations for networks/volumes

Signed-off-by: Snowball_233 <snowballxueqiu@noreply.gitea.com>

Reviewed-on: https://gitea.com/gitea/docs/pulls/288
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Snowball_233 <snowballxueqiu@noreply.gitea.com>
Co-committed-by: Snowball_233 <snowballxueqiu@noreply.gitea.com>
2025-10-30 14:07:06 +00:00
drabart
f954c6e7b8 Fix typo in CAD preview supported extensions list (#286) (#287)
Fixes small typo that caused copied code to not work.

Reviewed-on: https://gitea.com/gitea/docs/pulls/287
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: drabart <drabart@noreply.gitea.com>
Co-committed-by: drabart <drabart@noreply.gitea.com>
2025-10-28 01:40:09 +00:00
Lunny Xiao
cf9b8dce28 uprade 1.24.7 2025-10-25 21:03:20 -07:00
wxiaoguang
12293b604e Update docs/administration/config-cheat-sheet.md (#285)
Reviewed-on: https://gitea.com/gitea/docs/pulls/285
2025-10-25 03:47:14 +00:00
dangjinghao
bb7b7fe5bf Add frontmatter and TOC rendering support for markdown files (#284)
<https://github.com/go-gitea/gitea/issues/14411#issuecomment-764871702>

Reviewed-on: https://gitea.com/gitea/docs/pulls/284
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: dangjinghao <dangjinghaoemail@163.com>
Co-committed-by: dangjinghao <dangjinghaoemail@163.com>
2025-10-23 17:55:14 +00:00
juls0730
b6af199508 Clarify Setting up a push mirror from Gitea to GitHub in repo mirror docs (#275)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/275
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: juls0730 <juls0730@noreply.gitea.com>
Co-committed-by: juls0730 <juls0730@noreply.gitea.com>
2025-10-16 22:09:44 +00:00
Renovate Bot
dedfbf1f27 chore(deps): update dependency cross-env to v10.1.0 (#277)
Reviewed-on: https://gitea.com/gitea/docs/pulls/277
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-10-16 14:53:32 +00:00
Renovate Bot
f9ff323873 fix(deps): update dependency @mui/material to v7.3.4 (#278)
Reviewed-on: https://gitea.com/gitea/docs/pulls/278
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-10-16 14:51:56 +00:00
Renovate Bot
1046625638 fix(deps): update react monorepo to v19.2.0 (#279)
Reviewed-on: https://gitea.com/gitea/docs/pulls/279
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-10-16 14:50:44 +00:00
Renovate Bot
200479a1a3 chore(deps): update actions/setup-node action to v6 (#282)
Reviewed-on: https://gitea.com/gitea/docs/pulls/282
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-10-16 14:44:29 +00:00
DiegoBM
bd38456e4b Fix home reference (#281)
~ points to the logged user's home, not to /home

Co-authored-by: Diego de Blas Mateo <1613216+DiegoBM@users.noreply.github.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/281
Reviewed-by: TheFox0x7 <thefox0x7@noreply.gitea.com>
Co-authored-by: DiegoBM <diegobm@noreply.gitea.com>
Co-committed-by: DiegoBM <diegobm@noreply.gitea.com>
2025-10-16 14:43:55 +00:00
vincentkersten
3578007c38 Update docs/administration/reverse-proxies.md (#280)
Using a full certificate chain will prevent errors from using git directly on the URL to be pulled/cloned.
 (Error: 'fatal: unable to access 'https://git.example.net/git/sarah/test.git': server certificate verification failed. CAfile: none CRLfile: none')

Reviewed-on: https://gitea.com/gitea/docs/pulls/280
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: vincentkersten <vincentkersten@noreply.gitea.com>
Co-committed-by: vincentkersten <vincentkersten@noreply.gitea.com>
2025-10-08 16:30:48 +00:00
johny-mnemonic
c586a396b8 Add Nginx Proxy Manager instructions (#274)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/274
Co-authored-by: johny-mnemonic <johny-mnemonic@noreply.gitea.com>
Co-committed-by: johny-mnemonic <johny-mnemonic@noreply.gitea.com>
2025-09-15 03:09:06 +00:00
Lunny Xiao
de6d4374b0 Upgrade to 1.24.6 2025-09-11 20:20:46 -07:00
Johan Van de Wauw
c9bf137a23 Add TWO_FACTOR_AUTH documentation (#273)
Reviewed-on: https://gitea.com/gitea/docs/pulls/273
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Johan Van de Wauw <johanvdw@noreply.gitea.com>
Co-committed-by: Johan Van de Wauw <johanvdw@noreply.gitea.com>
2025-09-10 20:48:36 +00:00
Renovate Bot
83da675c59 chore(deps): update actions/setup-node action to v5 (#270)
Reviewed-on: https://gitea.com/gitea/docs/pulls/270
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-07 11:11:18 +00:00
Renovate Bot
135f34d09a chore(deps): update aws-actions/configure-aws-credentials action to v5 (#271)
Reviewed-on: https://gitea.com/gitea/docs/pulls/271
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-07 11:11:07 +00:00
baikuarch
3eda094305 更新 i18n/zh-cn/docusaurus-plugin-content-docs/current/administration/backup-and-restore.md (#272)
Reviewed-on: https://gitea.com/gitea/docs/pulls/272
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: baikuarch <baikuarch@sina.com>
Co-committed-by: baikuarch <baikuarch@sina.com>
2025-09-06 00:57:20 +00:00
Renovate Bot
312cbc2a6e fix(deps): update dependency @mdx-js/react to v3.1.1 (#267)
Reviewed-on: https://gitea.com/gitea/docs/pulls/267
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-03 21:01:10 +00:00
Renovate Bot
4164f4df06 fix(deps): update dependency @mui/material to v7.3.2 (#268)
Reviewed-on: https://gitea.com/gitea/docs/pulls/268
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-03 21:00:45 +00:00
ifurther
cb462089e9 docs: update zh-tw (#265)
Reviewed-on: https://gitea.com/gitea/docs/pulls/265
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: ifurther <55025025+ifurther@users.noreply.github.com>
Co-committed-by: ifurther <55025025+ifurther@users.noreply.github.com>
2025-09-03 21:00:35 +00:00
desysoft
908a27589d Update versioned_docs/version-1.24/development/api-usage.md (#269)
Fix JSON syntax error in token creation request

The previous JSON was malformed:

{"name":test_token","scopes":[...]}

The value of "name" was missing opening quotes, causing the error:
invalid character 't' looking for beginning of value

Fixed by enclosing the string in double quotes:

{"name":"test_token","scopes":[...]}

Reviewed-on: https://gitea.com/gitea/docs/pulls/269
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: desysoft <desysoft@noreply.gitea.com>
Co-committed-by: desysoft <desysoft@noreply.gitea.com>
2025-09-03 21:00:09 +00:00
Renovate Bot
6b64b97e3b chore(deps): update actions/checkout action to v5 (#261)
Reviewed-on: https://gitea.com/gitea/docs/pulls/261
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-09-01 01:38:35 +00:00
Renovate Bot
90ab1c20c2 fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.52.0 (#230)
Reviewed-on: https://gitea.com/gitea/docs/pulls/230
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-29 18:47:35 +00:00
Renovate Bot
d61eaecbb1 fix(deps): update docusaurus monorepo to v3.8.1 (#225)
Reviewed-on: https://gitea.com/gitea/docs/pulls/225
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-27 16:12:37 +00:00
Renovate Bot
b30993162c fix(deps): update dependency @mui/material to v7.3.1 (#242)
Reviewed-on: https://gitea.com/gitea/docs/pulls/242
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-27 16:11:50 +00:00
Renovate Bot
004bebe6b4 fix(deps): update react monorepo to v19.1.1 (#254)
Reviewed-on: https://gitea.com/gitea/docs/pulls/254
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-08-27 16:11:08 +00:00
techknowlogick
ed59125e25 Enable v4 future 2025-08-27 16:10:19 +00:00
Lunny Xiao
c699d12a55 upgrade to 1.24.5 2025-08-14 18:52:32 -07:00
kmanwar89
4d5fd1f6fb Clarified GPG signature validation instructions to be more clear (#262)
Added instructions on how to download the signature file using wget, and fixed a typo in the wget commands that would have caused the command to fail when copied/pasted.

Reviewed-on: https://gitea.com/gitea/docs/pulls/262
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: kmanwar89 <kmanwar89@noreply.gitea.com>
Co-committed-by: kmanwar89 <kmanwar89@noreply.gitea.com>
2025-08-14 21:51:45 +00:00
Lunny Xiao
c13d82ccc3 Update gpg check command to use hkps by default (#260)
Fix #255

Reviewed-on: https://gitea.com/gitea/docs/pulls/260
2025-08-12 16:57:24 +00:00
nero-dv
0552f4523c Update versioned_docs/version-1.24/installation/from-binary.md (#259)
The main branch is missing the directory where the autocompletion scripts were in. Version 1.24 does still have the scripts, so linked directly to them.

Reviewed-on: https://gitea.com/gitea/docs/pulls/259
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: nero-dv <nero-dv@noreply.gitea.com>
Co-committed-by: nero-dv <nero-dv@noreply.gitea.com>
2025-08-08 21:55:21 +00:00
Lunny Xiao
03c98878cf upgrade to 1.24.4 2025-08-04 17:00:13 -07:00
Christopher Homberger
cf33eee47f Initial Ephemeral Runners Documentation (#239)
Document this feature for 1.24 onwards.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/239
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Co-committed-by: Christopher Homberger <christopher.homberger@web.de>
2025-07-28 20:40:59 +00:00
Christopher Homberger
201f0f3ef8 Document workflow_dispatch workflow_run (#238)
Document missing workflow triggers of 1.23..1.25-dev

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/238
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Co-committed-by: Christopher Homberger <christopher.homberger@web.de>
2025-07-28 20:39:01 +00:00
Christopher Homberger
e8a6c4281d Add ssh commit signing to docs of 1.25-dev (#241)
Documentation for my changes to ssh commit signing in <https://github.com/go-gitea/gitea/pull/34341>.

* Renames "GPG Commit Signatures" to "GPG/SSH Commit Signatures", since the url is called just signing and creating a new page would duplicate a lot
* _"The default option and repository specific signing keys are not supported for ssh keys"_
   * the original draft implementation did support this for ssh keys
   * this warning should avoid people expecting this gitconfig style things to work for ssh keys, since verifying is disabled in this case (e.g. pre 1.25 undocumented behavior preserved).

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/241
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Christopher Homberger <christopher.homberger@web.de>
Co-committed-by: Christopher Homberger <christopher.homberger@web.de>
2025-07-28 20:37:52 +00:00
Karthik-Bhandary
641977c93a Updated the docs and versioned_docs (#253)
This closes #251

Co-authored-by: karthik.bhandary <karthik.bhandary@kfintech.com>
Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/253
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-by: techknowlogick <techknowlogick@noreply.gitea.com>
Co-authored-by: Karthik-Bhandary <karthik-bhandary@noreply.gitea.com>
Co-committed-by: Karthik-Bhandary <karthik-bhandary@noreply.gitea.com>
2025-07-28 19:46:12 +00:00
Renovate Bot
fbd73fd263 chore(deps): update dependency cross-env to v10 (#250)
Reviewed-on: https://gitea.com/gitea/docs/pulls/250
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-07-28 19:45:22 +00:00
dr-1
a6fc8044b0 Make language adjustments on index page (#244)
Some minor adjustments on the landing page.

- Fix grammatical errors
- Fix a capitalization error and inconsistent capitalization in a heading
- Remove a redundant sentence

Co-authored-by: Dominik Rubo <dominik.rubo@posteo.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/244
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: dr-1 <dr-1@noreply.gitea.com>
Co-committed-by: dr-1 <dr-1@noreply.gitea.com>
2025-07-18 03:18:05 +00:00
ChristopherHX
fa11851d67 Fix formatting of email setup (#249)
Sorry I incorrectly used the :::note syntax in one PR merged recently, missing `:::` to end the quote

CC @lunny

Picture of the bug I introduced appended.

Reviewed-on: https://gitea.com/gitea/docs/pulls/249
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-committed-by: ChristopherHX <christopher.homberger@web.de>
2025-07-18 03:10:58 +00:00
ChristopherHX
f9ff184ee3 Mention smtp+starttls not only in the config cheat sheet (#247)
I almost entered STARTTLS under PROTOCOLS, better to mention the correct solution without needing to check the config cheat sheet.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/247
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-committed-by: ChristopherHX <christopher.homberger@web.de>
2025-07-16 17:48:45 +00:00
ChristopherHX
cbbf31f1d5 Provide a hint for ENABLE_NOTIFY_MAIL in email setup (#246)
* some people like me might wonder why the email-setup didn't work

While reviewing https://github.com/go-gitea/gitea/pull/34982#pullrequestreview-3013995449, I enabled the mailer the first time and found this solution in the debugger not in the docs.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Reviewed-on: https://gitea.com/gitea/docs/pulls/246
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-committed-by: ChristopherHX <christopher.homberger@web.de>
2025-07-16 17:48:12 +00:00
Lunny Xiao
47594bba97 upgrade gitea to 1.24.3 2025-07-15 09:44:13 -07:00
Renovate Bot
63c75a97c6 fix(deps): update dependency @emotion/styled to v11.14.1 (#240)
Reviewed-on: https://gitea.com/gitea/docs/pulls/240
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-30 16:06:46 +00:00
Renovate Bot
50aad0431b fix(deps): update dependency @mui/material to v7.1.2 (#233)
Reviewed-on: https://gitea.com/gitea/docs/pulls/233
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-30 16:06:40 +00:00
paultibbetts
164f1c837f Update URL for Caddy reverse proxy HTTPS guide (#236)
Reviewed-on: https://gitea.com/gitea/docs/pulls/236
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: paultibbetts <paultibbetts@noreply.gitea.com>
Co-committed-by: paultibbetts <paultibbetts@noreply.gitea.com>
2025-06-25 14:17:33 +00:00
Lunny Xiao
870f30e886 upgrade to 1.24.2 2025-06-21 10:13:34 -07:00
Lunny Xiao
33ec7a49df upgrade to 1.24.1 2025-06-19 15:31:41 -07:00
gnscc
bc606bd422 Fix typo in api-usage.md (#232)
Fix breaking typo in api-usage.

Reviewed-on: https://gitea.com/gitea/docs/pulls/232
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: gnscc <gnscc@noreply.gitea.com>
Co-committed-by: gnscc <gnscc@noreply.gitea.com>
2025-06-17 19:38:09 +00:00
recoolcz
3a82ab51f3 bugfix: Fix O3DV script since it broke in 1.24.0 (#231)
Reviewed-on: https://gitea.com/gitea/docs/pulls/231
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: recoolcz <recoolcz@noreply.gitea.com>
Co-committed-by: recoolcz <recoolcz@noreply.gitea.com>
2025-06-16 17:10:30 +00:00
Lunny Xiao
c8ebd4e896 Fix latest stable version 2025-06-10 15:46:23 -07:00
techknowlogick
a320f53087 1.24.0 2025-06-10 15:21:23 +00:00
Renovate Bot
95544e7847 fix(deps): update dependency @mui/material to v7.1.1 (#228)
Reviewed-on: https://gitea.com/gitea/docs/pulls/228
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-10 15:20:44 +00:00
Renovate Bot
af373024a0 fix(deps): update dependency @easyops-cn/docusaurus-search-local to ^0.50.0 (#229)
Reviewed-on: https://gitea.com/gitea/docs/pulls/229
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
2025-06-10 15:19:21 +00:00
techknowlogick
57ed041528 bump to 1.24.0 2025-06-10 15:08:01 +00:00
1980 changed files with 134192 additions and 82644 deletions

View File

@@ -8,36 +8,31 @@ on:
jobs:
build-docs:
runs-on: ubuntu-22.04
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- uses: actions/checkout@v7
- uses: pnpm/action-setup@v6
- uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
node-version: 24
cache: pnpm
- name: install necessary tools
run: |
apt update -y && apt install -y rsync python3 python3-pip python-is-python3
pip install awscli
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
- name: prepare awesome list
run: |
make prepare-awesome-latest prepare-awesome\#23 prepare-awesome\#22 prepare-awesome\#21 prepare-awesome\#20 prepare-awesome\#19
- name: Cache ~/.npm for npm ci
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-node
make prepare-awesome-latest prepare-awesome\#25 prepare-awesome\#24 prepare-awesome\#23 prepare-awesome\#22
- name: Install dependencies
run: npm ci
run: pnpm install --frozen-lockfile
#- uses: tats-u/docuactions-cache@v1
- name: build site
run: |
make build
- name: aws credential configure
uses: aws-actions/configure-aws-credentials@v4
uses: aws-actions/configure-aws-credentials@v6
with:
aws-access-key-id: ${{ secrets.AWS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY}}
@@ -46,3 +41,11 @@ jobs:
run: |
aws s3 sync build/ s3://docs-gitea-com
aws cloudfront create-invalidation --distribution-id ${{ secrets.AWS_DISTRIBUTION}} --paths '/*'
- name: Copy files to Cloudflare Pages
env:
CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
run: |
pnpm dlx wrangler@4 pages deploy build \
--project-name docs-gitea-com \
--branch main

View File

@@ -7,23 +7,17 @@ jobs:
build-docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- uses: actions/checkout@v7
- uses: pnpm/action-setup@v6
- uses: actions/setup-node@v6
with:
node-version: 20
cache: npm
node-version: 24
cache: pnpm
- name: prepare awesome list
run: |
make prepare-awesome-latest prepare-awesome\#23 prepare-awesome\#22 prepare-awesome\#21 prepare-awesome\#20 prepare-awesome\#19
- name: Cache ~/.npm for npm ci
uses: actions/cache@v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-node
make prepare-awesome-latest prepare-awesome\#25 prepare-awesome\#24 prepare-awesome\#23 prepare-awesome\#22
- name: Install dependencies
run: npm ci
run: pnpm install --frozen-lockfile
#- uses: tats-u/docuactions-cache@v1
- name: build site

View File

@@ -9,28 +9,20 @@ jobs:
update-swagger:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v7
- run: |
wget https://raw.githubusercontent.com/go-gitea/gitea/refs/heads/main/templates/swagger/v1_json.tmpl
sed -i "$@" 's\"version": "{{AppVer | JSEscape}}"\"version": "dev"\' v1_json.tmpl
sed -i "$@" 's\"basePath": "{{AppSubUrl | JSEscape}}/api/v1"\"basePath": "https://gitea.com/api/v1"\' v1_json.tmpl
mv v1_json.tmpl static/swagger-latest.json
set -euo pipefail
for ver in '1.24.0-rc0' '1.23.8' '1.22.6' '1.21.11' '1.20.6' '1.19.4'; do
wget https://raw.githubusercontent.com/go-gitea/gitea/refs/tags/v${ver}/templates/swagger/v1_json.tmpl
sed -i "$@" "s|\"version\": \"{{AppVer \| JSEscape}}\"|\"version\": \"${ver}\"|" v1_json.tmpl
sed -i "$@" 's\"basePath": "{{AppSubUrl | JSEscape}}/api/v1"\"basePath": "https://gitea.com/api/v1"\' v1_json.tmpl
# for version < 1.21.11
sed -i "$@" "s|\"version\": \"{{AppVer \| JSEscape \| Safe}}\"|\"version\": \"${ver}\"|" v1_json.tmpl
sed -i "$@" 's\"basePath": "{{AppSubUrl | JSEscape | Safe}}/api/v1"\"basePath": "https://gitea.com/api/v1"\' v1_json.tmpl
minor=$(echo "$ver" | cut -d '.' -f 2)
mv v1_json.tmpl static/swagger-$minor.json
done
make update-api-docs
if ! [[ $(git diff --shortstat) ]]; then exit 0; fi
git config --global user.name "Gitea Bot"
git config --global user.email "teabot@gitea.io"
git remote set-url origin https://x-access-token:${{ secrets.DEPLOY_TOKEN }}@gitea.com/gitea/docs.git
git add --all
git commit -m "[skip ci] Updated swagger files"
git push
if git status --porcelain | grep -q .; then
git add --all
git commit -m "[skip ci] Updated swagger files"
git push
else
echo "No API doc changes detected; skipping commit"
fi

1
.gitignore vendored
View File

@@ -20,4 +20,5 @@ yarn-debug.log*
yarn-error.log*
.tmp/
awesome/
awesome.md

5
.npmrc
View File

@@ -1,5 +0,0 @@
audit=false
fund=false
update-notifier=false
package-lock=true
lockfile-version=3

View File

@@ -8,7 +8,7 @@ all: build
.PHONY: create_dir
create_dir:
mkdir -p .tmp awesome
mkdir -p .tmp
.PHONY: clone_awesome
clone_awesome: create_dir
@@ -24,22 +24,22 @@ prepare-awesome\#%:
.PHONY: install
install:
npm install
pnpm install
.PHONY: prepare-docs
prepare-docs: install prepare-awesome-latest prepare-awesome\#19 prepare-awesome\#20 prepare-awesome\#21 prepare-awesome\#22 prepare-awesome\#23 prepare-awesome\#24
.PHONY: build
build:
npm run build
pnpm run build
.PHONY: serve
serve: prepare-docs
npm run start
pnpm run start
.PHONY: serve-zh
serve-zh: prepare-docs
npm run start -- --locale zh-cn
pnpm run start -- --locale zh-cn
.PHONY: clean
clean:
@@ -52,3 +52,7 @@ clean:
rm -rf static/swagger-22.json
rm -rf static/swagger-23.json
rm -rf static/swagger-24.json
.PHONY: update-api-docs
update-api-docs:
./update_api_docs.sh

View File

@@ -19,5 +19,5 @@ make serve
## Test en version
```shell
npm run start
pnpm run start
```

View File

@@ -1,3 +0,0 @@
module.exports = {
presets: [require.resolve('@docusaurus/core/lib/babel/preset')],
};

View File

@@ -0,0 +1,9 @@
{
"label": "Administration",
"position": 30,
"link": {
"type": "generated-index",
"slug": "/administration",
"title": "Administration"
}
}

View File

@@ -24,7 +24,7 @@ directory. There should be some output similar to the following:
```log
2016/12/27 22:32:09 Creating tmp work dir: /tmp/gitea-dump-417443001
2016/12/27 22:32:09 Dumping local repositories.../home/git/gitea-repositories
2016/12/27 22:32:09 Dumping local repositories.../home/git/repositories
2016/12/27 22:32:22 Dumping database...
2016/12/27 22:32:22 Packing dump files...
2016/12/27 22:32:34 Removing tmp work dir: /tmp/gitea-dump-417443001
@@ -83,7 +83,7 @@ cd gitea-dump-1610949662
mv app.ini /etc/gitea/conf/app.ini
mv data/* /var/lib/gitea/data/
mv log/* /var/lib/gitea/log/
mv repos/* /var/lib/gitea/data/gitea-repositories/
mv repos/* /var/lib/gitea/data/repositories/
chown -R gitea:gitea /etc/gitea/conf/app.ini /var/lib/gitea
# mysql
@@ -119,7 +119,7 @@ cd gitea-dump-1610949662
# restore the gitea data
mv data/* /data/gitea
# restore the repositories itself
mv repos/* /data/git/gitea-repositories/
mv repos/* /data/git/repositories/
# adjust file permissions
chown -R git:git /data
# Regenerate Git Hooks
@@ -143,7 +143,7 @@ mv data/conf/app.ini /etc/gitea/app.ini
# restore the gitea data
mv data/* /var/lib/gitea
# restore the repositories itself
mv repos/* /var/lib/gitea/git/gitea-repositories
mv repos/* /var/lib/gitea/git/repositories
# adjust file permissions
chown -R git:git /etc/gitea/app.ini /var/lib/gitea
# Regenerate Git Hooks
@@ -173,4 +173,4 @@ gitea=# \i gitea-db.sql
Disabling `synchronous_commit` makes PostgreSQL less resilient to crashes, but makes the import a lot faster. Since we already have a backup of the original database and we can check that the import completes successfully, it should be a good trade-off.
After the import is completed, set up Gitea to use PostgreSQL and start the Gitea server again. Good luck!
After the import is completed, set up Gitea to use PostgreSQL and start the Gitea server again. Good luck!

View File

@@ -1,5 +1,5 @@
---
date: "2016-12-26T16:00:00+02:00"
date: "2025-10-26T00:00:00+00:00"
slug: "config-cheat-sheet"
sidebar_position: 30
aliases:
@@ -34,8 +34,34 @@ A full restart is required for Gitea configuration changes to take effect.
## Use environment variables to setup Gitea
There is [environment-to-ini](https://github.com/go-gitea/gitea/tree/main/contrib/environment-to-ini) to help to
generate Gitea's `app.ini` from environment variables.
Gitea supports setting `app.ini` values via environment variables of the form `GITEA__<section>__<KEY>`. These require running `gitea config edit-ini --in-place --apply-env` before starting Gitea to write them into `app.ini`. The official Docker images do this automatically on container startup.
For example, to configure the database connection via environment variables:
```
GITEA__database__DB_TYPE=postgres
GITEA__database__HOST=127.0.0.1:5432
GITEA__database__NAME=gitea
GITEA__database__USER=gitea
GITEA__database__PASSWD=secret
```
This is equivalent to the following `app.ini` configuration:
```ini
[database]
DB_TYPE = postgres
HOST = 127.0.0.1:5432
NAME = gitea
USER = gitea
PASSWD = secret
```
You can also load values from files by appending `__FILE` to the variable name. This is useful for Docker secrets:
```
GITEA__database__PASSWD__FILE=/run/secrets/db_password
```
## Default Internal Variables (non-`app.ini` configuration)
@@ -85,8 +111,13 @@ In addition, there is _`StaticRootPath`_ which can be set as a built-in at build
- `FORCE_PRIVATE`: **false**: Force every new repository to be private.
- `DEFAULT_PRIVATE`: **last**: Default private when creating a new repository: `last`, `private`, `public`
- `DEFAULT_PUSH_CREATE_PRIVATE`: **true**: Default private when creating a new repository with push-to-create.
- `MAX_CREATION_LIMIT`: **-1**: Global maximum creation limit of repositories per user,
`-1` means no limit.
- `MAX_CREATION_LIMIT`: **-1**: Global maximum creation limit of repositories per user/org,
`-1` means no limit. Acts as a shortcut: sets the default value for both
`USER_MAX_CREATION_LIMIT` and `ORG_MAX_CREATION_LIMIT` when those are not configured.
- `USER_MAX_CREATION_LIMIT`: **-1**: Global maximum creation limit of repositories per user,
applied at creation time. `-1` means no limit. Takes precedence over `MAX_CREATION_LIMIT` when set.
- `ORG_MAX_CREATION_LIMIT`: **-1**: Global maximum creation limit of repositories per organization,
applied at creation time. `-1` means no limit. Takes precedence over `MAX_CREATION_LIMIT` when set.
- `PREFERRED_LICENSES`: **Apache License 2.0,MIT License**: Preferred Licenses to place at
the top of the list. Name must match file name in options/license or custom/options/license.
- `DISABLE_HTTP_GIT`: **false**: Disable the ability to interact with repositories over the
@@ -99,7 +130,7 @@ In addition, there is _`StaticRootPath`_ which can be set as a built-in at build
default is not to present.
:::warning
This maybe harmful to you website if you do not give it a right value.
This maybe harmful to your website if you do not give it a right value.
:::
- `DEFAULT_CLOSE_ISSUES_VIA_COMMITS_IN_ANY_BRANCH`: **false**: Close an issue if a commit on a non default branch marks it as closed.
@@ -141,8 +172,11 @@ In addition, there is _`StaticRootPath`_ which can be set as a built-in at build
- `DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY`: **true**: In default merge messages only include approvers who are officially allowed to review.
- `POPULATE_SQUASH_COMMENT_WITH_COMMIT_MESSAGES`: **false**: In default squash-merge messages include the commit message of all commits comprising the pull request.
- `ADD_CO_COMMITTER_TRAILERS`: **true**: Add co-authored-by and co-committed-by trailers to merge commit messages if committer does not match author.
- `TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY`: **false**: PR patches are tested using a three-way merge method to discover if there are conflicts. If this setting is set to **true**, conflicting patches will be retested using `git apply` - This was the previous behaviour in 1.18 (and earlier) but is somewhat inefficient. Please report if you find that this setting is required.
- `RETARGET_CHILDREN_ON_MERGE`: **true**: Retarget child pull requests to the parent pull request branch target on merge of parent pull request. It only works on merged PRs where the head and base branch target the same repo.
- `DEFAULT_DELETE_BRANCH_AFTER_MERGE`: **false**: Set the default value for "Delete pull request branch after merge by default" for new repositories.
- `DEFAULT_TITLE_SOURCE`: **auto**: Default source for the pull request title when opening a new PR. Valid options:
- `first-commit`: Uses the oldest commit's summary as the title. If there are multiple commits, still uses the first commit's message.
- `auto`: Uses the commit's summary when the PR contains a single commit; when there are multiple commits, converts the branch name into a human-readable title by normalizing separators and casing.
### Repository - Issue (`repository.issue`)
@@ -159,9 +193,11 @@ In addition, there is _`StaticRootPath`_ which can be set as a built-in at build
### Repository - Release (`repository.release`)
- `ALLOWED_TYPES`: **_empty_**: Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
- `ALLOWED_TYPES`: **_empty_**: Comma-separated list of allowed release attachment file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
- `DEFAULT_PAGING_NUM`: **10**: The default paging number of releases user interface
- For settings related to file attachments on releases, see the `attachment` section.
- `FILE_MAX_SIZE`: **2048**: Max filesize limit for release attachments (MB)
- `MAX_FILES`: **5**: Maximum number of release attachments that can be uploaded at once for a release.
- For other settings related to file attachments on releases, see the `attachment` section.
### Repository - Signing (`repository.signing`)
@@ -209,7 +245,6 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `MAX_AGE`: **10m**: max time to cache response
- `ALLOW_CREDENTIALS`: **false**: allow request with credentials
- `HEADERS`: **Content-Type,User-Agent**: additional headers that are permitted in requests
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: Set the `X-Frame-Options` header value.
## UI (`ui`)
@@ -224,7 +259,8 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `DEFAULT_THEME`: **gitea-auto**: Set the default theme for the Gitea installation, custom themes could be provided by `{CustomPath}/public/assets/css/theme-*.css`.
- `SHOW_USER_EMAIL`: **true**: Whether the email of the user should be shown in the Explore Users page.
- `THEMES`: **_empty_**: All available themes by `{CustomPath}/public/assets/css/theme-*.css`. Allow users select personalized themes.
- `FILE_ICON_THEME`: **material**: The icons for file list (basic/material).
- `FILE_ICON_THEME`: **material**: The icon theme for files (basic/material).
- `FOLDER_ICON_THEME`: **basic**: The icon theme for folders (basic/material).
- `MAX_DISPLAY_FILE_SIZE`: **8388608**: Max size of files to be displayed (default is 8MiB)
- `AMBIGUOUS_UNICODE_DETECTION`: **true**: Detect ambiguous unicode characters in file contents and show warnings on the UI
- `REACTIONS`: All available reactions users can choose on issues/prs and comments
@@ -234,6 +270,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `CUSTOM_EMOJIS`: **gitea, codeberg, gitlab, git, github, gogs**: Additional Emojis not defined in the utf8 standard.
By default, we support Gitea (:gitea:), to add more copy them to public/assets/img/emoji/emoji_name.png and
add it to this config.
- `ENABLED_EMOJIS`: **_empty_**: Comma separated list of enabled emojis, for example: "smile, thumbsup, thumbsdown". Leave it empty to enable all emojis.
- `DEFAULT_SHOW_FULL_NAME`: **false**: Whether the full name of the users should be shown where possible. If the full name isn't set, the username will be used.
- `SEARCH_REPO_DESCRIPTION`: **true**: Whether to search within description at repository search on explore page.
- `ONLY_SHOW_RELEVANT_REPOS`: **false**: Whether to only show relevant repos on the explore page when no keyword is specified and default sorting is used.
@@ -308,11 +345,11 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `ROOT_URL`: **`{PROTOCOL}://{DOMAIN}:{HTTP_PORT}/`**:
Overwrite the automatically generated public URL.
This is useful if the internal and the external URL don't match (e.g. behind a reverse proxy).
- `PUBLIC_URL_DETECTION`: **`legacy`**: Controls how to generate the public URL.
Although it defaults to "legacy" (to avoid breaking existing users), most instances should use the "auto" behavior,
- `PUBLIC_URL_DETECTION`: **`auto`**: Controls how to generate the public URL. Most instances should use the "auto" behavior,
especially when the Gitea instance needs to be accessed in a container network.
- "legacy": generate the public URL by "Host" header if "X-Forwarded-Proto" header exists, otherwise use "ROOT_URL".
- "auto": always use "Host" header, and also use "X-Forwarded-Proto" header if it exists. If no "Host" header, use "ROOT_URL".
- "never": always use "ROOT_URL", never detect from request headers.
- `STATIC_URL_PREFIX`: **_empty_**:
Overwrite this option to request static resources from a different URL.
This includes CSS files, images, JS files and web fonts.
@@ -361,16 +398,16 @@ The following configuration set `Content-Type: application/vnd.android.package-a
This option is only for some advanced users who have configured their SSH reverse-proxy and need to use different usernames for git SSH clone.
Most users should just leave it blank and/or modify the `BUILTIN_SSH_SERVER_USER`.
- `SSH_DOMAIN`: **`{DOMAIN}`**: Domain name of this server, used for displayed clone URL.
- `SSH_PORT`: **22**: SSH port displayed in clone URL.
- `SSH_PORT`: **22**: SSH port displayed in clone URL. If you need a different "SSH clone port" from the real "SSH listen port", set the SSH_LISTEN_PORT separately.
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server.
- `SSH_LISTEN_PORT`: **`{SSH_PORT}`**: Port for the built-in SSH server.
- `SSH_ROOT_PATH`: **~/.ssh**: Root path of SSH directory.
- `SSH_CREATE_AUTHORIZED_KEYS_FILE`: **true**: Gitea will create a authorized_keys file by default when it is not using the internal ssh server. If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
- `SSH_ROOT_PATH`: **_empty_**: Root path of SSH user directory for the system's standalone SSH server if Gitea is not using its builtin SSH server. Default is the '.ssh' directory in the run user's home directory.
- `SSH_CREATE_AUTHORIZED_KEYS_FILE`: **true**: Gitea will create an authorized_keys file by default when it is not using the builtin SSH server. If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
- `SSH_AUTHORIZED_KEYS_BACKUP`: **false**: Enable SSH Authorized Key Backup when rewriting all keys, default is false.
- `SSH_TRUSTED_USER_CA_KEYS`: **_empty_**: Specifies the public keys of certificate authorities that are trusted to sign user certificates for authentication. Multiple keys should be comma separated. E.g.`ssh-<algorithm> <key>` or `ssh-<algorithm> <key1>, ssh-<algorithm> <key2>`. For more information see `TrustedUserCAKeys` in the sshd config man pages. When empty no file will be created and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` will default to `off`.
- `SSH_TRUSTED_USER_CA_KEYS_FILENAME`: **`RUN_USER`/.ssh/gitea-trusted-user-ca-keys.pem**: Absolute path of the `TrustedUserCaKeys` file Gitea will manage. If you're running your own ssh server and you want to use the Gitea managed file you'll also need to modify your sshd_config to point to this file. The official docker image will automatically work without further configuration.
- `SSH_AUTHORIZED_PRINCIPALS_ALLOW`: **off** or **username, email**: \[off, username, email, anything\]: Specify the principals values that users are allowed to use as principal. When set to `anything` no checks are done on the principal string. When set to `off` authorized principal are not allowed to be set.
- `SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE`: **false/true**: Gitea will create a authorized_principals file by default when it is not using the internal ssh server and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`.
- `SSH_CREATE_AUTHORIZED_PRINCIPALS_FILE`: **false/true**: Gitea will create an authorized_principals file by default when it is not using the builtin SSH server and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`.
- `SSH_AUTHORIZED_PRINCIPALS_BACKUP`: **false/true**: Enable SSH Authorized Principals Backup when rewriting all keys, default is true if `SSH_AUTHORIZED_PRINCIPALS_ALLOW` is not `off`.
- `SSH_AUTHORIZED_KEYS_COMMAND_TEMPLATE`: **`{{.AppPath}} --config={{.CustomConf}} serv key-{{.Key.ID}}`**: Set the template for the command to passed on authorized keys. Possible keys are: AppPath, AppWorkPath, CustomConf, CustomPath, Key - where Key is a `models/asymkey.PublicKey` and the others are strings which are shellquoted.
- `SSH_SERVER_CIPHERS`: **`chacha20-poly1305@openssh.com`, `aes128-ctr`, `aes192-ctr`, `aes256-ctr`, `aes128-gcm@openssh.com`, `aes256-gcm@openssh.com`**: For the built-in SSH server, choose the ciphers to support for SSH connections, for system SSH this setting has no effect.
@@ -477,7 +514,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `require`: Enable TLS without any verifications.
- `verify-ca`: Enable TLS with verification of the database server certificate against its root certificate.
- `verify-full`: Enable TLS and verify the database server name matches the given certificate in either the `Common Name` or `Subject Alternative Name` fields.
- `SQLITE_TIMEOUT`: **500**: Query timeout for SQLite3 only.
- `SQLITE_TIMEOUT`: **20000**: Query timeout in milliseconds, for SQLite3 only.
- `SQLITE_JOURNAL_MODE`: **""**: Change journal mode for SQlite3. Can be used to enable [WAL mode](https://www.sqlite.org/wal.html) when high load causes write congestion. See [SQlite3 docs](https://www.sqlite.org/pragma.html#pragma_journal_mode) for possible values. Defaults to the default for the database file, often DELETE.
- `ITERATE_BUFFER_SIZE`: **50**: Internal buffer size for iterating.
- `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
@@ -497,14 +534,14 @@ relation to port exhaustion.
## Indexer (`indexer`)
- `ISSUE_INDEXER_TYPE`: **bleve**: Issue indexer type, currently supported: `bleve`, `db`, `elasticsearch` or `meilisearch`.
- `ISSUE_INDEXER_TYPE`: **bleve**: Issue indexer type, currently supported: `bleve`, `db`, `elasticsearch` (also compatible with OpenSearch) or `meilisearch`.
- `ISSUE_INDEXER_CONN_STR`: ****: Issue indexer connection string, available when ISSUE_INDEXER_TYPE is elasticsearch (e.g. `http://elastic:password@localhost:9200`) or meilisearch (e.g. `http://:apikey@localhost:7700`)
- `ISSUE_INDEXER_NAME`: **gitea_issues**: Issue indexer name, available when ISSUE_INDEXER_TYPE is elasticsearch or meilisearch.
- `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: Index file used for issue search; available when ISSUE_INDEXER_TYPE is bleve and elasticsearch. Relative paths will be made absolute against _`AppWorkPath`_.
- `REPO_INDEXER_ENABLED`: **false**: Enables code search (uses a lot of disk space, about 6 times more than the repository size).
- `REPO_INDEXER_REPO_TYPES`: **sources,forks,mirrors,templates**: Repo indexer units. The items to index could be `sources`, `forks`, `mirrors`, `templates` or any combination of them separated by a comma. If empty then it defaults to `sources` only, as if you'd like to disable fully please see `REPO_INDEXER_ENABLED`.
- `REPO_INDEXER_TYPE`: **bleve**: Code search engine type, could be `bleve` or `elasticsearch`.
- `REPO_INDEXER_TYPE`: **bleve**: Code search engine type, could be `bleve` or `elasticsearch` (also compatible with OpenSearch).
- `REPO_INDEXER_PATH`: **indexers/repos.bleve**: Index file used for code search.
- `REPO_INDEXER_CONN_STR`: ****: Code indexer connection string, available when `REPO_INDEXER_TYPE` is elasticsearch. i.e. `http://elastic:password@localhost:9200`
- `REPO_INDEXER_NAME`: **gitea_codes**: Code indexer name, available when `REPO_INDEXER_TYPE` is elasticsearch
@@ -573,6 +610,7 @@ And the following unique queues:
- `LOGIN_REMEMBER_DAYS`: **31**: How long to remember that a user is logged in before requiring relogin (in days).
- `COOKIE_REMEMBER_NAME`: **gitea\_incredible**: Name of cookie used to store authentication
information.
- `REVERSE_PROXY_LOGOUT_REDIRECT`: **_empty_**: URL or relative path to redirect users to after logout when authentication is handled by a reverse proxy or SSO. For example: `/my-sso/logout?return=/my-sso/home`.
- `REVERSE_PROXY_AUTHENTICATION_USER`: **X-WEBAUTH-USER**: Header name for reverse proxy
authentication.
- `REVERSE_PROXY_AUTHENTICATION_EMAIL`: **X-WEBAUTH-EMAIL**: Header name for reverse proxy
@@ -582,6 +620,9 @@ And the following unique queues:
- `REVERSE_PROXY_LIMIT`: **1**: Interpret X-Forwarded-For header or the X-Real-IP header and set this as the remote IP for the request.
Number of trusted proxy count. Set to zero to not use these headers.
- `REVERSE_PROXY_TRUSTED_PROXIES`: **127.0.0.0/8,::1/128**: List of IP addresses and networks separated by comma of trusted proxy servers. Use `*` to trust all.
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: Set the `X-Frame-Options` header value for all HTTP responses. Set to `unset` to not send the header. Previously located in `[cors]`.
- `X_CONTENT_TYPE_OPTIONS`: **nosniff**: Set the `X-Content-Type-Options` header value for all HTTP responses. Set to `unset` to not send the header.
- `CONTENT_SECURITY_POLICY_GENERAL`: **_empty_**: The value of the general Content-Security-Policy for most web pages. Leave it empty to apply the default policy, or set it to "unset" to disable Content-Security-Polic.
- `DISABLE_GIT_HOOKS`: **true**: Set to `false` to enable users with Git Hook privilege to create custom Git Hooks.
:::warning
@@ -626,6 +667,7 @@ And the following unique queues:
- `PASSWORD_CHECK_PWN`: **false**: Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed.
- `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**: Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security.
- `DISABLE_QUERY_AUTH_TOKEN`: **false**: Reject API tokens sent in URL query string (Accept Header-based API tokens only). This setting will default to `true` in Gitea 1.23 and be deprecated in Gitea 1.24.
- `TWO_FACTOR_AUTH`: **_empty_**: set to enforced to enforce two factor authentication. Only available in Gitea 1.24 and later.
## Camo (`camo`)
@@ -817,7 +859,7 @@ and
- Please note: authentication is only supported when the SMTP server communication is encrypted with TLS (this can be via `STARTTLS`) or SMTP host is localhost. See [Email Setup](email-setup.md) for more information.
- `ENABLE_HELO`: **true**: Enable HELO operation.
- `HELO_HOSTNAME`: **(retrieved from system)**: HELO hostname.
- `FROM`: **_empty_**: Mail from address, RFC 5322. This can be just an email address, or the "Name" `\<email@example.com\>` format.
- `FROM`: **_empty_**: Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format.
- `ENVELOPE_FROM`: **_empty_**: Address set as the From address on the SMTP mail envelope. Set to `<>` to send an empty address.
- `FROM_DISPLAY_NAME_FORMAT`: **`{{ .DisplayName }}`**: If gitea sends mails on behave of users, it will just use the name also displayed in the WebUI. If you want e.g. `Mister X (by CodeIt) <gitea@codeit.net>`, set it to `{{ .DisplayName }} (by {{ .AppName }})`. Available Variables: `.DisplayName`, `.AppName` and `.Domain`.
- `SUBJECT_PREFIX`: **_empty_**: Prefix to be placed before e-mail subject lines.
@@ -917,12 +959,15 @@ Default templates for project board view:
- `PROJECT_BOARD_BASIC_KANBAN_TYPE`: **To Do, In Progress, Done**
- `PROJECT_BOARD_BUG_TRIAGE_TYPE`: **Needs Triage, High Priority, Low Priority, Closed**
## Issue and pull request attachments (`attachment`)
## Issue, pull-request and release attachments (`attachment`)
- `ENABLED`: **true**: Whether issue and pull request attachments are enabled.
- `ALLOWED_TYPES`: **.avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.webp,.xls,.xlsx,.zip**: Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
- `MAX_SIZE`: **2048**: Maximum size (MB).
- `MAX_FILES`: **5**: Maximum number of attachments that can be uploaded at once.
ALLOWED_TYPES/MAX_SIZE/MAX_FILES in this section only affect issue and pull-request attachments, not release attachments.
Release attachment has its own config options in `[repository.release]` section.
- `ENABLED`: **true**: Whether issue, pull-request and release attachments are enabled.
- `ALLOWED_TYPES`: **.avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.webp,.xls,.xlsx,.zip**: Comma-separated list of allowed issue/pull-request attachment file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
- `MAX_SIZE`: **100**: Max size of each issue/pull-request attachment file in MB.
- `MAX_FILES`: **5**: Maximum number of issue/pull-request attachments that can be uploaded at once.
- `STORAGE_TYPE`: **local**: Storage type for attachments, it could be `<blank>`, `local`, `minio`, `azureblob` or `xxx` which defined in another section with `[storage.xxx]`.
For `STORAGE_TYPE = ` or there is no this configuration item, all storages will be derived from `[storage]` if configured or defult values.
@@ -931,7 +976,7 @@ Default templates for project board view:
- `PATH`: **attachments**: Path to store attachments only available when STORAGE_TYPE is `local`, relative paths will be resolved to `{AppDataPath}/{attachment.PATH}`.
For `STORAGE_TYPE = minio`, the configurations can be found at [Storage Minio](#storage_minio), you can override some configurations like below.
For `STORAGE_TYPE = minio`, the configurations can be found at `Storage Minio`, you can override some configurations like below.
- `MINIO_BASE_PATH`: **attachments/**: Minio base path on the bucket only available when STORAGE_TYPE is `minio`
@@ -1094,6 +1139,13 @@ Synchronize external user data (only LDAP user synchronization is supported)
- `SCHEDULE`: **@midnight**: Cron syntax for scheduling deleted branches cleanup.
- `OLDER_THAN`: **24h**: Branches deleted OLDER_THAN ago will be cleaned up.
#### Cron - Synchronize repository licenses (`cron.sync_repo_licenses`)
- `ENABLED`: **false**: Enable deleted branches cleanup.
- `RUN_AT_START`: **false**: Run job at start time (if ENABLED).
- `NOTICE_ON_SUCCESS`: **false**: Set to true to log a success message.
- `SCHEDULE`: **@annually*: Cron syntax for scheduling synchronization of repository licenses
### Extended cron tasks
#### Cron - Delete all repository archives (`cron.delete_repo_archives`)
@@ -1117,7 +1169,14 @@ Synchronize external user data (only LDAP user synchronization is supported)
- `ENABLED`: **false**: Enable service.
- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
- `NOTICE_ON_SUCCESS`: **false**: Set to true to switch on success notices.
- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling synchronization of gitea ssh keys, e.g. `@every 1h`.
#### Cron - Update the '.ssh/authorized_principals' file (`cron.resync_all_sshprincipals`)
- `ENABLED`: **false**: Enable service.
- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
- `NOTICE_ON_SUCCESS`: **false**: Set to true to switch on success notices.
- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling update of authorized_principals, e.g. `@every 1h`.
#### Cron - Resynchronize pre-receive, update and post-receive hooks of all repositories (`cron.resync_all_hooks`)
@@ -1181,6 +1240,43 @@ Synchronize external user data (only LDAP user synchronization is supported)
- `NUMBER_TO_CHECK_PER_REPO`: **100**: Minimum number of stale LFSMetaObjects to check per repo. Set to `0` to always check all.
- `PROPORTION_TO_CHECK_PER_REPO`: **0.6**: Check at least this proportion of LFSMetaObjects per repo. (This may cause all stale LFSMetaObjects to be checked.)
### Actions cron tasks
#### Cron - Rebuild issue index (`cron.rebuild_issue_indexer`)
- `ENABLED`: **true**: Enable service.
- `RUN_AT_START`: **true**: Run tasks at start up time (if ENABLED).
- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
- `SCHEDULE`: **@annually**: Cron syntax to set how often to rebuild
#### Cron - Stop running tasks which haven't been updated for a long time (`cron.stop_zombie_tasks`)
- `ENABLED`: **true**: Enable service.
- `RUN_AT_START`: **true**: Run tasks at start up time (if ENABLED).
- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
- `SCHEDULE`: **@every 5m**: Cron syntax to set how often tasks to run the check
#### Cron - Stop running tasks which have running status and continuous updates but don't end for a long time (`cron.stop_endless_tasks`)
- `ENABLED`: **true**: Enable service.
- `RUN_AT_START`: **true**: Run tasks at start up time (if ENABLED).
- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
- `SCHEDULE`: **@every 30m**: Cron syntax to set how often to run the check.
#### Cron - Cancel jobs which haven't been picked up for a long time (`cron.cancel_abandoned_jobs`)
- `ENABLED`: **true**: Enable service.
- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
- `SCHEDULE`: **@every 6h**: Cron syntax to set how often to run the check.
#### Cron - Start cron based actions (`cron.start_schedule_tasks`)
- `ENABLED`: **true**: Enable service.
- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
- `SCHEDULE`: **@every 1m**: Cron syntax to set how often to schedule tasks
## Git (`git`)
- `PATH`: **""**: The path of Git executable. If empty, Gitea searches through the PATH environment.
@@ -1201,14 +1297,12 @@ Synchronize external user data (only LDAP user synchronization is supported)
- `LARGE_OBJECT_THRESHOLD`: **1048576**: (Go-Git only), don't cache objects greater than this in memory. (Set to 0 to disable.)
- `DISABLE_CORE_PROTECT_NTFS`: **false** Set to true to forcibly set `core.protectNTFS` to false.
- `DISABLE_PARTIAL_CLONE`: **false** Disable the usage of using partial clones for git.
- `DIFF_RENAME_SIMILARITY_THRESHOLD`: **50%** Set the similarity threshold passed to git commands via `--find-renames=<threshold>`. Default is 50%, the same as git. Must be a integer percentage between 0% and 100%.
### Git - Timeout settings (`git.timeout`)
- `DEFAULT`: **360**: Git operations default timeout seconds.
- `MIGRATE`: **600**: Migrate external repositories timeout seconds.
- `MIRROR`: **300**: Mirror external repositories timeout seconds.
- `CLONE`: **300**: Git clone from internal repositories timeout seconds.
- `PULL`: **300**: Git pull from internal repositories timeout seconds.
- `GC`: **60**: Git repository GC timeout seconds.
### Git - Config options (`git.config`)
@@ -1247,6 +1341,9 @@ This section only does "set" config, a removed config key from this section won'
- `JWT_SIGNING_PRIVATE_KEY_FILE`: **jwt/private.pem**: Private key file path used to sign OAuth2 tokens. The path is relative to `APP_DATA_PATH`. This setting is only needed if `JWT_SIGNING_ALGORITHM` is set to `RS256`, `RS384`, `RS512`, `ES256`, `ES384` or `ES512`. The file must contain a RSA or ECDSA private key in the PKCS8 format. If no key exists a 4096 bit key will be created for you.
- `MAX_TOKEN_LENGTH`: **32767**: Maximum length of token/cookie to accept from OAuth2 provider
- `DEFAULT_APPLICATIONS`: **git-credential-oauth, git-credential-manager, tea**: Pre-register OAuth applications for some services on startup. See the [OAuth2 documentation](/development/oauth2-provider.md) for the list of available options.
- `CUSTOM_SCHEMES`: **_empty_**: By default, OAuth2 applications can only use "http" and "https" as their redirect URI schemes.
If you need to use other schemes (e.g. for desktop applications), you can specify them here as a comma-separated list.
For example: set "my-scheme, com.example.app" to support "my-scheme://..." and "com.example.app://..." redirect URIs.
## i18n (`i18n`)
@@ -1258,6 +1355,8 @@ This section only does "set" config, a removed config key from this section won'
- `MERMAID_MAX_SOURCE_CHARACTERS`: **50000**: Set the maximum size of a Mermaid source. (Set to -1 to disable)
## Markup External Render (`markup.external-render-name`)
Gitea can support Markup using external tools. The example below will add a markup named `asciidoc`.
```ini
@@ -1270,7 +1369,6 @@ IS_INPUT_FILE = false
```
- ENABLED: **false** Enable markup support; set to **true** to enable this renderer.
- NEED\_POSTPROCESS: **true** set to **true** to replace links / sha1 and etc.
- FILE\_EXTENSIONS: **_empty_** List of file extensions that should be rendered by an external
command. Multiple extensions needs a comma as splitter.
- RENDER\_COMMAND: External command to render all matching extensions.
@@ -1279,6 +1377,10 @@ IS_INPUT_FILE = false
- sanitized: Sanitize the content and render it inside current page, default to only allow a few HTML tags and attributes. Customized sanitizer rules can be defined in `[markup.sanitizer.*]`.
- no-sanitizer: Disable the sanitizer and render the content inside current page. It's **insecure** and may lead to XSS attack if the content contains malicious code.
- iframe: Render the content in a separate standalone page and embed it into current page by iframe. The iframe is in sandbox mode with same-origin disabled, and the JS code are safely isolated from parent page.
- RENDER_CONTENT_SANDBOX: **_empty_** The sandbox applied to the iframe and Content-Security-Policy header when RENDER_CONTENT_MODE is `iframe`. It defaults to a safe set of "allow-*" restrictions (space separated). You can also set it by your requirements or use "disabled" to disable the sandbox completely. When set it, make sure there is no security risk:
- PDF-only content: generally safe to use "disabled", and it needs to be "disabled" because PDF only renders with no sandbox.
- HTML content with JS: if the "RENDER_COMMAND" can guarantee there is no XSS, then it is safe, otherwise, you need to fine tune the "allow-*" restrictions.
- NEED_POST_PROCESS: **false** Whether post-process the rendered HTML content, including: resolve relative links and image sources, recognizing issue/commit references, escaping invisible characters, mentioning users, rendering permlink code blocks, replacing emoji shorthands, etc. By default, this is true when RENDER_CONTENT_MODE is `sanitized`, otherwise false.
Two special environment variables are passed to the render command:
@@ -1369,6 +1471,7 @@ in this mapping or the filetype using heuristics.
- `LIMIT_SIZE_RUBYGEMS`: **-1**: Maximum size of a RubyGems upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
- `LIMIT_SIZE_SWIFT`: **-1**: Maximum size of a Swift upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
- `LIMIT_SIZE_VAGRANT`: **-1**: Maximum size of a Vagrant upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
- `LIMIT_SIZE_TERRAFORM_STATE``: **-1**: Maximum size of a Terraform state upload (`-1` means no limits, format `1000`, `1 MB`, `1 GiB`)
## Mirror (`mirror`)
@@ -1392,7 +1495,7 @@ is `data/lfs` and the default of `MINIO_BASE_PATH` is `lfs/`.
- `PATH`: **./data/lfs**: Where to store LFS files, only available when `STORAGE_TYPE` is `local`. If not set it fall back to deprecated LFS_CONTENT_PATH value in [server] section.
For `STORAGE_TYPE = minio`, the configurations can be found at [Storage Minio](#storage_minio), you can also define configurations like below to override derived or default values.
For `STORAGE_TYPE = minio`, the configurations can be found at `Storage Minio`, you can also define configurations like below to override derived or default values.
- `MINIO_BASE_PATH`: **attachments/**: Minio base path on the bucket only available when STORAGE_TYPE is `minio`
@@ -1543,7 +1646,7 @@ is `data/repo-archive` and the default of `MINIO_BASE_PATH` is `repo-archive/`.
- `PATH`: **./data/repo-archive**: Where to store archive files, only available when `STORAGE_TYPE` is `local`.
For `STORAGE_TYPE = minio`, the configurations can be found at [Storage Minio](#storage_minio), you can override some configurations like below.
For `STORAGE_TYPE = minio`, the configurations can be found at `Storage Minio`, you can override some configurations like below.
- `MINIO_BASE_PATH`: **repo-archive/**: Minio base path on the bucket only available when `STORAGE_TYPE` is `minio`
@@ -1588,6 +1691,9 @@ PROXY_HOSTS = *.github.com
- `ENDLESS_TASK_TIMEOUT`: **3h**: Timeout to stop the tasks which have running status and continuous updates, but don't end for a long time
- `ABANDONED_JOB_TIMEOUT`: **24h**: Timeout to cancel the jobs which have waiting status, but haven't been picked by a runner for a long time
- `SKIP_WORKFLOW_STRINGS`: **[skip ci],[ci skip],[no ci],[skip actions],[actions skip]**: Strings committers can place inside a commit message or PR title to skip executing the corresponding actions workflow
- `WORKFLOW_DIRS`: **.gitea/workflows,.github/workflows**: Comma-separated list of workflow directories, the first one to exist in a repo is used to find Actions workflow files.
- `SCOPED_WORKFLOW_DIRS`: **.gitea/scoped_workflows**: Comma-separated list of directories holding [scoped workflows](usage/actions/scoped-workflows.md) (workflows defined in a central source repository that run on other repositories). Must not overlap with `WORKFLOW_DIRS`. Leave empty so no directory is scanned for scoped workflows; none are found or run.
- `MAX_RERUN_ATTEMPTS`: **50**: Maximum number of attempts a single workflow run can have (initial run + reruns). Defaults value is 50. Set any positive value that fits your workflow needs.
`DEFAULT_ACTIONS_URL` indicates where the Gitea Actions runners should find the actions with relative path.
For example, `uses: actions/checkout@v4` means `https://github.com/actions/checkout@v4` since the value of `DEFAULT_ACTIONS_URL` is `github`.

View File

@@ -9,7 +9,7 @@ aliases:
# Customizing Gitea
Customizing Gitea is typically done using the `CustomPath` folder - by default this is
the `custom` folder from the working directory (WorkPath), but may be different if your [installation](../installation/installation.md) has
the `custom` folder from the working directory (WorkPath), but may be different if your [installation](../installation/from-binary.md) has
set this differently. This is the central place to override configuration settings,
templates, etc. You can check the `CustomPath` using `gitea help`. You can also find
the path on the _Configuration_ tab in the _Site Administration_ page. You can override
@@ -23,7 +23,7 @@ the Linux Filesystem Standard. Gitea will attempt to create required folders, in
`custom/`. Distributions may provide a symlink for `custom` using `/etc/gitea/`.
Application settings can be found in file `CustomConf` which is by default,
`$GITEA_CUSTOM/conf/app.ini` but may be different if your [installation](../installation/installation.md) has set this differently.
`$GITEA_CUSTOM/conf/app.ini` but may be different if your [installation](../installation/from-binary.md) has set this differently.
Again `gitea help` will allow you review this variable and you can override it using the
`--config` option on the `gitea` binary.
@@ -180,9 +180,13 @@ In $GITEA_CUSTOM we need to add our template.
This template needs to be saved in "$GITEA_CUSTOM/templates/custom/".
Here create file "footer.tmpl" and add following text into it:
```
nano $GITEA_CUSTOM/templates/custom/footer.tmpl
```
```html
<script>
document.addEventListener('DOMContentLoaded', () => {
function onPageChange() {
// Supported 3D file types
const fileTypes = ['3dm', '3ds', '3mf', 'amf', 'bim', 'brep', 'dae', 'fbx', 'fcstd', 'glb', 'gltf', 'ifc', 'igs', 'iges', 'stp', 'step', 'stl', 'obj', 'off', 'ply', 'wrl'];
@@ -193,47 +197,112 @@ Here create file "footer.tmpl" and add following text into it:
return href.includes('/raw/') && fileTypes.some(ext => href.endsWith(`.${ext}`));
});
if (link3D) {
const script = document.createElement('script');
script.onload = () => {
const fileUrl = link3D.getAttribute('href');
// Prepare the container for the viewer
const fileView = document.querySelector('.file-view');
if (fileView) {
fileView.setAttribute('id', 'view-3d');
fileView.style.padding = '0';
fileView.style.margin = '0';
fileView.style.height = '400px';
fileView.style.width = '100%';
fileView.innerHTML = '';
}
// Initialize viewer
const parentDiv = document.getElementById('view-3d');
if (parentDiv) {
const viewer = new OV.EmbeddedViewer(parentDiv, {
backgroundColor: new OV.RGBAColor(59, 68, 76, 0), // Transparent
defaultColor: new OV.RGBColor(200, 200, 200),
edgeSettings: new OV.EdgeSettings(false, new OV.RGBColor(0, 0, 0), 1),
environmentSettings: new OV.EnvironmentSettings([
'/assets/o3dv/envmaps/fishermans_bastion/negx.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posx.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posy.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/negy.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posz.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/negz.jpg'
], false)
});
// Load the model
viewer.LoadModelFromUrlList([fileUrl]);
}
};
script.src = '/assets/o3dv/o3dv.min.js';
document.head.appendChild(script);
if (link3D) {
const existingScript = document.querySelector('script[src="/assets/o3dv/o3dv.min.js"]');
const initializeViewer = () => {
const fileUrl = link3D.getAttribute('href');
const fileView = document.querySelector('.file-view');
if (!fileView) return;
// Remove only the old viewer container if it exists
const oldView3D = document.getElementById('view-3d');
if (oldView3D) {
oldView3D.remove(); // safely remove old viewer container div
} else {
// No #view-3d, so remove all children inside .file-view
while (fileView.firstChild) {
fileView.removeChild(fileView.firstChild);
}
}
// Create a new container for the viewer
const newView3D = document.createElement('div');
newView3D.id = 'view-3d';
newView3D.style.padding = '0';
newView3D.style.margin = '0';
newView3D.style.flexGrow = '1';
newView3D.style.minHeight = '0';
newView3D.style.width = '100%';
const header = document.querySelector('header');
const headerHeight = header ? header.offsetHeight : 0;
newView3D.style.height = `calc(100vh - ${headerHeight}px)`;
// Append the new container inside fileView
fileView.appendChild(newView3D);
const parentDiv = document.getElementById('view-3d');
if (parentDiv) {
const viewer = new OV.EmbeddedViewer(parentDiv, {
backgroundColor: new OV.RGBAColor(59, 68, 76, 0),
defaultColor: new OV.RGBColor(200, 200, 200),
edgeSettings: new OV.EdgeSettings(false, new OV.RGBColor(0, 0, 0), 1),
environmentSettings: new OV.EnvironmentSettings([
'/assets/o3dv/envmaps/fishermans_bastion/negx.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posx.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posy.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/negy.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/posz.jpg',
'/assets/o3dv/envmaps/fishermans_bastion/negz.jpg'
], false)
});
viewer.LoadModelFromUrlList([fileUrl]);
}
};
if (typeof OV === 'undefined') {
if (!existingScript) {
const script = document.createElement('script');
script.onload = initializeViewer;
script.src = '/assets/o3dv/o3dv.min.js';
document.head.appendChild(script);
} else {
// Script is loading but OV not yet ready — wait for it
existingScript.addEventListener('load', initializeViewer);
}
} else {
// OV already loaded
initializeViewer();
}
}
};
// Run when the page is fully loaded
document.addEventListener('DOMContentLoaded', onPageChange);
const targetSelector = 'a.ui.mini.basic.button[href*="/raw/"]';
let lastHref = null;
let timeoutId = null;
const checkAndRun = () => {
const rawLink = document.querySelector(targetSelector);
if (!rawLink) return;
const currentHref = rawLink.getAttribute('href');
if (currentHref !== lastHref) {
lastHref = currentHref;
const fileName = currentHref.split('/').pop();
console.log('New Raw file link detected after delay:', fileName);
onPageChange();
}
};
const observer = new MutationObserver(() => {
// Delay execution by 300ms after last mutation
clearTimeout(timeoutId);
timeoutId = setTimeout(checkAndRun, 300);
});
observer.observe(document.body, {
childList: true,
subtree: true,
});
</script>
```
@@ -248,11 +317,17 @@ mkdir o3dv
cd o3dv
```
Copy latest release zip link from [`GitHub`](https://github.com/kovacsv/Online3DViewer/releases) (v0.15.0 as of now).
Here use e.g. wget to download the file:
Copy latest release zip link from [`GitHub`](https://github.com/kovacsv/Online3DViewer/releases) (v0.18.0 as of now).
Here use e.g. wget or curl to download the file:
```
wget https://github.com/kovacsv/Online3DViewer/releases/download/0.15.0/o3dv.zip
wget https://github.com/kovacsv/Online3DViewer/releases/download/0.18.0/o3dv.zip
```
or
```
curl -L -O https://github.com/kovacsv/Online3DViewer/releases/download/0.18.0/o3dv.zip
```
Use e.g. unzip to unzip the archive:
@@ -262,20 +337,14 @@ unzip o3dv.zip
#### Part 3: Folder permissions
Now the last thing. Change permissions on the "footer.tmpl":
```
chown git:git $GITEA_CUSTOM/templates/custom/footer.tmpl
chmod 770 $GITEA_CUSTOM/templates/custom/footer.tmpl
```
And on the public folder:
Now the last thing. Change permissions on the public folder:
```
chown -R git:git $GITEA_CUSTOM/public
```
Now we have everything ready! Restart your gitea instance to apply these changes and test it in your browser.
You should end-up with a folder structure similar to this:
Sanity check. You should end-up with a folder structure similar to this:
```
$GITEA_CUSTOM/templates
@@ -284,7 +353,7 @@ $GITEA_CUSTOM/templates
$GITEA_CUSTOM/public/assets/
-- o3dv
|-- o3dv_0.15.0.zip
|-- o3dv.zip
|-- o3dv.license.md
|-- o3dv.min.js
|-- envmaps
@@ -325,15 +394,16 @@ Starting with Gitea 1.20, you can customize the git configuration via the `git.c
### Enabling signed git pushes
To enable signed git pushes, set these two options:
[Signed pushes](https://git-scm.com/docs/git-push#Documentation/git-push.txt---signedtruefalseif-asked) allow clients to cryptographically sign the push operation itself (not just individual commits). To enable signed pushes, add the following to `app.ini`:
```ini
[git.config]
receive.advertisePushOptions = true
receive.certNonceSeed = <randomstring>
```
`certNonceSeed` should be set to a random string and be kept secret.
`certNonceSeed` should be set to a random string and be kept secret. It is used to generate anti-replay nonces. Gitea already sets `receive.advertisePushOptions = true` by default, so no additional configuration is needed. Note that Gitea does not read `/etc/gitconfig`, so this option must be set via `app.ini` as shown above.
On the client side, pushes can be signed via `git push --signed` or enabled permanently using `git config --global push.gpgSign if-asked`.
### Labels
@@ -351,7 +421,7 @@ The [legacy file format](https://github.com/go-gitea/gitea/blob/main/options/lab
`#hex-color label name ; label description`
For more information, see the [labels documentation](usage/labels.md).
For more information, see the [labels documentation](../usage/issues-prs/labels.md).
### Licenses

View File

@@ -10,6 +10,10 @@ aliases:
Gitea has mailer functionality for sending transactional emails (such as registration confirmation). It can be configured to either use Sendmail (or compatible MTAs like Postfix and msmtp) or directly use SMTP server.
:::note
Be sure to set ENABLE_NOTIFY_MAIL=true to allow Gitea to send email notifications. Check the [Config Cheat Sheet](../administration/config-cheat-sheet.md#service-service) for details.
:::
## Using Sendmail
Use `sendmail` command as mailer.
@@ -41,7 +45,7 @@ ENABLED = true
FROM = gitea@mydomain.com
PROTOCOL = smtps
SMTP_ADDR = mail.mydomain.com
SMTP_PORT = 587
SMTP_PORT = 465
USER = gitea@mydomain.com
PASSWD = `password`
```
@@ -56,7 +60,7 @@ For the full list of options check the [Config Cheat Sheet](../administration/co
Authentication is only supported when the SMTP server communication is encrypted with TLS or `HOST=localhost`. TLS encryption can be through:
:::
- STARTTLS (also known as Opportunistic TLS) via port 587. Initial connection is done over cleartext, but then be upgraded over TLS if the server supports it.
- STARTTLS (also known as Opportunistic TLS) via port 587 with `PROTOCOL=smtp+starttls`. Initial connection is done over cleartext, but then be upgraded over TLS if the server supports it.
- SMTPS connection (SMTP over TLS) via the default port 465. Connection to the server use TLS from the beginning.
- Forced SMTPS connection with `PROTOCOL=smtps`. (These are both known as Implicit TLS.)
This is due to protections imposed by the Go internal libraries against STRIPTLS attacks.

View File

@@ -257,7 +257,6 @@ the messages. Here's a list of some of them:
| `AppDomain` | - | Any | Gitea's host name |
| `EllipsisString` | string, int | Any | Truncates a string to the specified length; adds ellipsis as needed |
| `SanitizeHTML` | string | Body only | Sanitizes text by removing any dangerous HTML tags from it |
| `SafeHTML` | string | Body only | Takes the input as HTML, can be used for outputing raw HTML content |
These are _functions_, not metadata, so they have to be used:

View File

@@ -13,7 +13,8 @@ aliases:
1. Set `[server] ROOT_URL = https://git.example.com/` in your `app.ini` file.
2. Make the reverse-proxy pass `https://git.example.com/foo` to `http://gitea:3000/foo`.
3. Make sure the reverse-proxy does not decode the URI. The request `https://git.example.com/a%2Fb` should be passed as `http://gitea:3000/a%2Fb`.
4. Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea to make Gitea see the real URL being visited.
4. Make sure `Host` and `X-Forwarded-Proto` headers are correctly passed to Gitea to make Gitea see the real URL being visited.
5. Make sure your webserver has a certificate, including all intermediate and RootCA certificates, for `git clone` and `git pull` to work.
### Use a sub-path
@@ -149,6 +150,20 @@ server {
}
```
## Nginx Proxy Manager
If you are using Nginx Proxy Manager to serve your Gitea instance it differs slighly from the raw Nginx.
It is [adding some directives](https://github.com/NginxProxyManager/nginx-proxy-manager/blob/master/docker/rootfs/etc/nginx/conf.d/include/proxy.conf) for a custom location by default, so you have to skip these from the above mentioned Nginx config. Otherwise Nginx will produce `400 bad request` error due to duplicated directives (`proxy_set_header Host $host` is the particularly problematic one).
So while creating the `/` Custom location, just add the following lines to it's configuration:
```nginx
client_max_body_size 512M;
proxy_set_header Connection $http_connection;
proxy_set_header Upgrade $http_upgrade;
```
## Apache HTTPD
If you want Apache HTTPD to serve your Gitea instance, you can add the following to your Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
@@ -195,6 +210,50 @@ Then you **MUST** set something like `[server] ROOT_URL = http://git.example.com
The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`.
:::
## Apache HTTPD and serve static resources directly
We can tune the performance in splitting requests into categories static and dynamic.
CSS files, JavaScript files, images and web fonts are static content.
The front page, a repository view or issue list is dynamic content.
Apache HTTPD can serve static resources directly and proxy only the dynamic requests to Gitea.
Download a snapshot of the Gitea source repository to `/path/to/gitea/`.
After this, run `make frontend` in the repository directory to generate the static resources. We are only interested in the `public/` directory for this task, so you can delete the rest.
(You will need to have [Node with npm](https://nodejs.org/en/download/) and `make` installed to generate the static resources)
Depending on the scale of your user base, you might want to split the traffic to two distinct servers,
or use a cdn for the static files.
### Single node and single domain
Set `[server] STATIC_URL_PREFIX = /_/static` in your configuration.
```apacheconf
<VirtualHost *:80>
...
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass /_/static/ !
Alias /_/static/ /path/to/gitea/public/
<Directory /path/to/gitea/public/>
Options FollowSymlinks
AllowOverride None
Require all granted
</Directory>
AllowEncodedSlashes NoDecode
# Note: no trailing slash after either /git or port
ProxyPass / http://localhost:3000/ nocanon
ProxyPreserveHost On
RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}
</VirtualHost>
```
## Caddy
If you want Caddy to serve your Gitea instance, you can add the following server block to your Caddyfile:

View File

@@ -6,12 +6,14 @@ aliases:
- /en-us/signing
---
# GPG Commit Signatures
# GPG/SSH Commit Signatures
Gitea will verify GPG commit signatures in the provided tree by
Gitea will verify gpg/ssh commit signatures in the provided tree by
checking if the commits are signed by a key within the Gitea database,
or if the commit matches the default key for Git.
Additionally Gitea will verify commits signed by ssh keys, which public keys are part of [`TRUSTED_SSH_KEYS`](#general-configuration).
Keys are not checked to determine if they have expired or revoked.
Keys are also not checked with keyservers.
@@ -46,6 +48,11 @@ for GPG - in particular it is probably advisable to only install a
signing secret subkey without the master signing and certifying secret
key.
## Installing and generating a SSH key for Gitea
You can run `ssh-keygen -t ed25519 -f gitea-signing-key` to generate the private/public keypair for commit signing without any password. Usually you would store the key next to the gitea configuration, then point `SIGNING_KEY` to the generated public key `/path/to/gitea-signing-key.pub`. Gitea generates all its commits using the server `git` command at present - and therefore the server `ssh-keygen` will be used for
signing (if configured.)
## General Configuration
Gitea's configuration for signing can be found with the
@@ -65,16 +72,41 @@ MERGES = pubkey, twofa, basesigned, commitssigned
...
```
---
For SSH commit signing, you need to specify the `SIGNING_FORMAT` to `ssh` instead of the default `openpgp`. `SIGNING_NAME` and `SIGNING_EMAIL` are required for verifing the signatures.
This looks like this:
```ini
...
[repository.signing]
SIGNING_KEY = /path/to/gitea-signing-key.pub
SIGNING_NAME =
SIGNING_EMAIL =
SIGNING_FORMAT = ssh
INITIAL_COMMIT = always
CRUD_ACTIONS = pubkey, twofa, parentsigned
WIKI = never
MERGES = pubkey, twofa, basesigned, commitssigned
...
```
- `/path/to/gitea-signing-key` is expected to be the private key for `/path/to/gitea-signing-key.pub` [see here how to generate a new ssh keypair](#installing-and-generating-a-ssh-key-for-gitea).
- `TRUSTED_SSH_KEYS = ssh-<algorithm> <key>` or `TRUSTED_SSH_KEYS = ssh-<algorithm> <key1>, ssh-<algorithm> <key2>` can be used for rotating the global ssh signing key to continue verifying commits signed by the previous keys.
### `SIGNING_KEY`
The first option to discuss is the `SIGNING_KEY`. There are three main
options:
- `none` - this prevents Gitea from signing any commits
- `default` - Gitea will default to the key configured within `git config`
- `default` - Gitea will default to the gpg key configured within `git config`
- `KEYID` - Gitea will sign commits with the gpg key with the ID
`KEYID`. In this case you should provide a `SIGNING_NAME` and
`SIGNING_EMAIL` to be displayed for this key.
- `/path/to/gitea-signing-key.pub` - Gitea will sign commits with the ssh key without the `.pub` suffix `/path/to/gitea-signing-key`. In this case you should provide a `SIGNING_NAME` and
`SIGNING_EMAIL` to be displayed for this key and set `SIGNING_FORMAT` to `ssh`.
The `default` option will interrogate `git config` for
`commit.gpgsign` option - if this is set, then it will use the results
@@ -97,6 +129,10 @@ Related home files for git command (like `.gnupg`) should also be put in Gitea's
If you like to keep the `.gnupg` directory outside of `{[git].HOME_PATH}/`, consider setting the `$GNUPGHOME` environment variable to your preferred location, otherwise Gitea will use the gpg keys only under `{[git].HOME_PATH}/.gnupg`.
:::
:::warning
The default option and repository specific signing keys are not supported for ssh keys
:::
### `INITIAL_COMMIT`
This option determines whether Gitea should sign the initial commit
@@ -168,3 +204,9 @@ In cases where there is a repository specific key this can be obtained from:
```sh
/api/v1/repos/:username/:reponame/signing-key.gpg
```
For ssh commit signing the default ssh public key can be obtained via the API at:
```sh
/api/v1/signing-key.pub
```

View File

@@ -0,0 +1,9 @@
{
"label": "Contributing",
"position": 35,
"link": {
"type": "generated-index",
"slug": "/contributing",
"title": "Contributing"
}
}

View File

@@ -0,0 +1,76 @@
---
slug: "contributing"
sidebar_position: 1
---
# Contributing to Gitea
Thank you for your interest in contributing to Gitea! This guide will help you understand how to contribute to the project effectively.
## Getting Started
Before you start contributing, please read our [Hacking on Gitea](../development/hacking-on-gitea) guide to set up your development environment.
## Contribution Guidelines
We have specific guidelines for different types of contributions:
### Backend Development
If you're working on backend code (Go), please follow our [Guidelines for Backend Development](./guidelines-backend). This includes:
- Package design and dependencies
- Database operations and migrations
- Testing strategies
- Code organization
### Frontend Development
For frontend contributions (JavaScript, CSS, Vue), refer to our [Guidelines for Frontend Development](./guidelines-frontend). This covers:
- Framework usage (Vue3, Fomantic-UI)
- Code style and best practices
- Accessibility requirements
- TypeScript usage
### Refactoring
When refactoring existing code, follow our [Guidelines for Refactoring](./guidelines-refactoring) to ensure:
- Clear refactoring objectives
- Proper review process
- Maintaining backward compatibility
- Incremental improvements
### Localization
To contribute translations or localization improvements, see our [Localization Guide](./localization) which explains:
- How to contribute translations via Crowdin
- Supported languages
- Translation workflow
## Code of Conduct
Please be respectful and constructive in all interactions with the community. We are committed to providing a welcoming and inclusive environment for all contributors.
## Getting Help
If you need help with your contribution:
- Join our [Discord](https://discord.gg/gitea) #Develop channel
- Visit our [Forum](https://forum.gitea.com/)
- Check existing [GitHub Issues](https://github.com/go-gitea/gitea/issues)
## Submitting Your Contribution
1. Fork the repository
2. Create a feature branch
3. Make your changes following the relevant guidelines
4. Write tests for your changes
5. Ensure all tests pass
6. Submit a pull request
For more details, see our [CONTRIBUTING.md](https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md) in the main repository.
Thank you for helping make Gitea better!

View File

@@ -0,0 +1,9 @@
{
"label": "Development",
"position": 40,
"link": {
"type": "generated-index",
"slug": "/development",
"title": "Development"
}
}

View File

@@ -20,14 +20,33 @@ Gitea supports these methods of API authentication:
- `token=...` parameter in URL query string
- `access_token=...` parameter in URL query string
- `Authorization: token ...` header in HTTP headers
- HTTP signatures using an SSH public key or SSH certificate
All of these methods accept the same API key token type. You can
better understand this by looking at the code -- as of this writing,
Gitea parses queries and headers to find the token in
[modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
Gitea can also authenticate API requests using an SSH key or SSH certificate via
HTTP signatures. The SSH public key (or certificate) must be registered to the
user account in Gitea, and the client signs requests with the corresponding
private key. The client signs requests using the SSH private key following the
[draft-cavage-http-signatures](https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures)
specification (not RFC 9421). The signature is sent in the `Signature` header,
and SSH certificates additionally include an `x-ssh-certificate` header. The
official [go-sdk](https://gitea.com/gitea/go-sdk) implements this flow if you
need a reference implementation.
## Generating and listing API tokens
API tokens can be created either in the user interface or via the API. Tokens have by default limited permissions and it is important to create tokens with the correct permissions for your task.
### User Interface
Tokens can be created via the `Manage Access Tokens` dialog, accessed via `User Settings` / `Applications` or via the link `gitea-domain.example/user/settings/applications`. The interface allows you to create tokens and manage their permissions via the `Select permissions` sub-menu.
Once created, the token is displayed in a toast message above the `Manage Access Tokens` dialog. Please note, that you can view this toast only once and it is not possible to redisplay the token for security reasons.
### Token API
A new token can be generated with a `POST` request to
`/users/:name/tokens`.
@@ -35,7 +54,8 @@ Note that `/users/:name/tokens` is a special endpoint and requires you
to authenticate using `BasicAuth` and a password, as follows:
```sh
$ curl -H "Content-Type: application/json" -d '{"name":test_token","scopes":["read:activitypub","read:issue", "write:misc", "read:notification", "read:organization", "read:package", "read:repository", "read:user"]}'
$ curl -H "Content-Type: application/json" \
-d '{"name":"test_token","scopes":["read:activitypub","read:issue", "write:misc", "read:notification", "read:organization", "read:package", "read:repository", "read:user"]}' \
-u 'username:password' "https://gitea.your.host/api/v1/users/{username}/tokens"
{"id":1,"name":"test_token","sha1":"9fcb1158165773dd010fca5f0cf7174316c3e37d","token_last_eight":"16c3e37d"}
```
@@ -49,6 +69,25 @@ $ curl --url https://yourusername:password@gitea.your.host/api/v1/users/<usernam
[{"name":"test","sha1":"","token_last_eight:"........":},{"name":"dev","sha1":"","token_last_eight":"........"}]
```
By default, this creates a token with very limited permissions. To complete your tasks, your token may require extra permissions. These permissions are created via the json variable `scopes`, which takes an array of permissions as strings. Eg.: `"scopes":["all"]`. Possible permissions, as reflected in the user interface are:
- `activitypub`
- `admin`
- `issue`
- `misc`
- `notification`
- `organization`
- `package`
- `repository`
- `user`
Each permission may be set to `read` or `write`. `write` implies both Read & Write. To set permissions you write the permissions string as `<read or write>:<permission name>`, eg.: `write:package` or `read:notification`. A properly formatted API call may look like:
```sh
$ curl -H "Content-Type: application/json" -d '{"name":"test", "scopes":["write:package", "read:notification"]}' -u username:password https://gitea.your.host/api/v1/users/<username>/tokens
```
Special permissions `all` may be specified as `"scopes":["all"]`, which sets all permissions to both Read & Write.
To use the API with basic authentication with two factor authentication
enabled, you'll need to send an additional header that contains the one
time password (6 digitrotating token).

View File

@@ -174,7 +174,7 @@ server as mentioned above.
### Working on JS and CSS
Frontend development should follow [Guidelines for Frontend Development](contributing/guidelines-frontend.md)
Frontend development should follow [Guidelines for Frontend Development](../contributing/guidelines-frontend.md)
To build with frontend resources, either use the `watch-frontend` target mentioned above or just build once:

View File

@@ -58,7 +58,7 @@ By default, if the third party sets the scopes to `openid`, `email`, `profile`,
## Granular Scopes
As of version v1.23, Gitea supports granular scopes, allowing third parties to request more limited access. These scopes, previously available only for [Personal Access Tokens](#scopes), enable users to restrict access to specific URL routes.
As of version v1.23, Gitea supports granular scopes, allowing third parties to request more limited access. These scopes, previously available only for [Personal Access Tokens](api-usage), enable users to restrict access to specific URL routes.
Scopes are grouped by high-level API routes and further refined as follows:
@@ -206,7 +206,7 @@ This example does not use PKCE.
The `REDIRECT_URI` in the `access_token` request must match the `REDIRECT_URI` in the `authorize` request.
3. Use the `access_token` to make [API requests](development/api-usage.md#oauth2-provider) to access the user's resources.
3. Use the `access_token` to make [API requests](api-usage) to access the user's resources.
### Public client (PKCE)
@@ -268,4 +268,4 @@ After you have generated this values, you can continue with your request.
The `REDIRECT_URI` in the `access_token` request must match the `REDIRECT_URI` in the `authorize` request.
3. Use the `access_token` to make [API requests](development/api-usage.md#oauth2-provider) to access the user's resources.
3. Use the `access_token` to make [API requests](api-usage) to access the user's resources.

View File

@@ -0,0 +1,9 @@
{
"label": "Help",
"position": 5,
"link": {
"type": "generated-index",
"slug": "/help",
"title": "Help"
}
}

View File

@@ -33,7 +33,7 @@ then the config file (app.ini) should exists in the "custom/conf" directory of y
Some package vendors might use "/etc/gitea" to store the config file, while some others don't.
You could manually find the config file (app.ini) by checking Gitea's startup logs
or reading the Gitea Web's Site Administrator -> Confugiraton Summary.
or reading the Gitea Web's Site Administrator -> Configuration Summary.
If you are using some isolated enviroments like container (docker),
the path you see usually is not what it is in the host's filesystem.

View File

@@ -13,7 +13,7 @@ Gitea was originally forked from [Gogs](https://gogs.io) and almost all the code
:::warning
Gitea does not sent or cherry-picked commits from upstream, so there is no guarantee it will work if you upgrade from Gogs to Gitea. The recommended method is to migrate repositories from Gogs to Gitea.
Gitea does not send commits to upstream or cherry-pick commits from it, so there is no guarantee it will work if you upgrade from Gogs to Gitea. The recommended method is to migrate repositories from Gogs to Gitea.
:::
@@ -31,11 +31,11 @@ You can try it out using [the online demo](https://demo.gitea.com).
- **Code Hosting**
Gitea supports creating and managing repositories, browsing commit history and code files, reviewing and merging code submissions, managing collaborators, handling branches, and more. It also supports many common Git features such as tags, Cherry-pick, hooks, integrated collaboration tools, and more.
Gitea supports creating and managing repositories, browsing commit history and code files, reviewing and merging code submissions, managing collaborators, handling branches, and more. It also supports many common Git features such as tags, cherry-picking, hooks, integrated collaboration tools, and more.
- **Lightweight and Fast**
One of Gitea's design goals is to be lightweight and fast in response. Unlike some large code hosting platforms, it remains lean, performs well in terms of speed, and is suitable for resource-limited server environments. Due to its lightweight design, Gitea has relatively low resource consumption and performs well in resource-constrained environments.
One of Gitea's design goals is to be lightweight and fast in response. Unlike some large code hosting platforms, it remains lean, performs well in terms of speed, and is suitable for resource-limited server environments.
- **Easy Deployment and Maintenance**
@@ -105,6 +105,6 @@ For more detailed information, please refer to: https://docs.gitea.com/installat
- [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3)
- [github.com/denisenkom/go-mssqldb](https://github.com/denisenkom/go-mssqldb)
## Integrated support
## Integrated Support
Please visit [Awesome Gitea](https://gitea.com/gitea/awesome-gitea/) to get more third-party integrated support

View File

@@ -0,0 +1,9 @@
{
"label": "Installation",
"position": 10,
"link": {
"type": "generated-index",
"slug": "/installation",
"title": "Installation"
}
}

View File

@@ -40,19 +40,37 @@ chmod +x gitea
Note that the above command will download Gitea @version@ for 64-bit Linux.
## Verify GPG signature
## Verify signature
### Sigstore
Starting with v1.27 Gitea signs all binaries using [sigstore](https://sigstore.dev/) to prevent against unwanted modification of binaries.
To validate the binary, download the bundle file which ends in `sigstore.json` for the binary you downloaded and use the [cosign](https://docs.sigstore.dev/cosign/system_config/installation/) command line tool.
```sh
cosign verify-blob gitea-@version@-linux-amd64 --bundle gitea-@version@-linux-amd64.sigstore.json --certificate-oidc-issuer=https://token.actions.githubusercontent.com --certificate-identity-regexp="https://github.com/go-gitea/gitea/.github/workflows/release-.*"
```
If the command outputs `Verified OK`, binary was not modified.
:::note
The above command will match any release workflow. You may choose to restrict the identity further by requiring a specific branch or workflow to be matched. For example this url will match only nightly builds made on main branch: `https://github.com/go-gitea/gitea/.github/workflows/release-nightly.yml@refs/heads/main`
:::
### GPG
Gitea signs all binaries with a [GPG key](https://keys.openpgp.org/search?q=teabot%40gitea.io) to prevent against unwanted modification of binaries.
To validate the binary, download the signature file which ends in `.asc` for the binary you downloaded and use the GPG command line tool.
```sh
gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
gpg --keyserver hkps://keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
gpg --verify gitea-@version@-linux-amd64.asc gitea-@version@-linux-amd64
```
Look for the text `Good signature from "Teabot <teabot@gitea.io>"` to assert a good binary,
despite warnings like `This key is not certified with a trusted signature!`.
## Recommended server configuration
:::note
@@ -139,15 +157,15 @@ export GITEA_WORK_DIR=/var/lib/gitea/
cp gitea /usr/local/bin/gitea
```
### Adding bash/zsh autocompletion (from 1.19)
A script to enable bash-completion can be found at [`contrib/autocompletion/bash_autocomplete`](https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/bash_autocomplete). This can be copied to `/usr/share/bash-completion/completions/gitea`
or sourced within your `.bashrc`.
### Adding shell autocompletion (from 1.25)
Similarly a script for zsh-completion can be found at [`contrib/autocompletion/zsh_autocomplete`](https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/zsh_autocomplete). This can be copied to `/usr/share/zsh/_gitea` or sourced within your
`.zshrc`.
Shell completion can be generated directly from binary with:
```sh
gitea completion <shell>
```
YMMV and these scripts may need further improvement.
Supported values for `<shell>` are `bash`, `fish`, `pwsh` and `zsh`. Details on how to load the completion for your shell can be found in the completion command help.
## Running Gitea
@@ -214,9 +232,7 @@ As of v1.8, there is a problem with the arm7 version of Gitea, and it doesn't ru
It is recommended to switch to the arm6 version, which has been tested and shown to work on Raspberry Pis and similar devices.
<!---
please remove after fixing the arm7 bug
--->
{/* please remove after fixing the arm7 bug */}
### Git error after updating to a new version of Gitea
If during the update, the binary file name has been changed to a new version of Gitea,

View File

@@ -178,15 +178,14 @@ LDFLAGS="-linkmode external -extldflags '-static' $LDFLAGS" TAGS="netgo osusergo
This can be combined with `CC`, `GOOS`, and `GOARCH` as above.
### Adding bash/zsh autocompletion (from 1.19)
### Adding shell autocompletion (from 1.25)
A script to enable bash-completion can be found at [`contrib/autocompletion/bash_autocomplete`](https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/bash_autocomplete). This should be altered as appropriate and can be `source` in your `.bashrc`
or copied as `/usr/share/bash-completion/completions/gitea`.
Shell completion can be generated directly from binary with:
```sh
gitea completion <shell>
```
Similarly, a script for zsh-completion can be found at [`contrib/autocompletion/zsh_autocomplete`](https://raw.githubusercontent.com/go-gitea/gitea/main/contrib/autocompletion/zsh_autocomplete). This can be copied to `/usr/share/zsh/_gitea` or sourced within your
`.zshrc`.
YMMV and these scripts may need further improvement.
Supported values for `<shell>` are `bash`, `fish`, `pwsh` and `zsh`. Details on how to load the completion for your shell can be found in the completion command help.
## Compile or cross-compile using Linux with Zig

View File

@@ -8,15 +8,19 @@ aliases:
# Installation with Docker (rootless)
Gitea provides automatically updated Docker images within its Docker Hub organization. It is
possible to always use the latest stable tag or to use another service that handles updating
Docker images.
## Relation to rootful image
The rootless image uses Gitea internal SSH to provide Git protocol and doesn't support OpenSSH.
* Rootless image doesn't require "root" privilege on the host, while it may have stricter UID/GID requirement.
* Rootless image must use its bulitin SSH server, while the rootful one must its managed standalone OpenSSH server.
* The volume mapping and directory layout is different between them.
This reference setup guides users through the setup based on `docker-compose`, but the installation
of `docker-compose` is out of scope of this documentation. To install `docker-compose` itself, follow
the official [install instructions](https://docs.docker.com/compose/install/).
Except the differences above, the rootless image shares the same mechanism with rootful image,
including: port mapping, custimzation, upgrading, environment variables, etc.
Read more in "[Installation with Docker (rootful)](./with-docker.md)"
ATTENTION: the rootful/rootless images are not compatible with the other.
If you have chosen one, you should always use the same one,
don't switch to the other one by changing the compose file's `image` value.
## Basics
@@ -34,8 +38,6 @@ touch docker-compose.yml
Then paste the following content into a file named `docker-compose.yml`:
```yaml
version: "2"
services:
server:
image: docker.gitea.com/gitea:@dockerVersion@-rootless
@@ -56,116 +58,16 @@ Note that the volume should be owned by the user/group with the UID/GID specifie
sudo chown 1000:1000 config/ data/
```
> If you don't give the volume correct permissions, the container may not start.
> If you don't give the volume correct permissions, the container may present the following errors in the logs:
```sh
server-1 | 2026-03-11T12:57:50.794102045Z mkdir: can't create directory '/var/lib/gitea/git': Permission denied
server-1 | 2026-03-11T12:57:50.796198843Z /var/lib/gitea/git is not writable
server-1 | 2026-03-11T12:57:50.796235667Z docker setup failed
```
For a stable release you could use `:latest-rootless`, `:1-rootless` or specify a certain release like `:@dockerVersion@-rootless`, but if you'd like to use the latest development version then `:nightly-rootless` would be an appropriate tag. If you'd like to run the latest commit from a release branch you can use the `:1.x-nightly-rootless` tag, where x is the minor version of Gitea. (e.g. `:1.16-nightly-rootless`)
## Custom port
To bind the integrated ssh and the webserver on a different port, adjust
the port section. It's common to just change the host port and keep the ports within
the container like they are.
```diff
version: "2"
services:
server:
image: docker.gitea.com/gitea:@dockerVersion@-rootless
restart: always
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- - "3000:3000"
- - "2222:2222"
+ - "80:3000"
+ - "22:2222"
```
## MySQL database
To start Gitea in combination with a MySQL database, apply these changes to the
`docker-compose.yml` file created above.
```diff
version: "2"
services:
server:
image: docker.gitea.com/gitea:@dockerVersion@-rootless
+ environment:
+ - GITEA__database__DB_TYPE=mysql
+ - GITEA__database__HOST=db:3306
+ - GITEA__database__NAME=gitea
+ - GITEA__database__USER=gitea
+ - GITEA__database__PASSWD=gitea
restart: always
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:2222"
+ depends_on:
+ - db
+
+ db:
+ image: docker.io/library/mysql:8
+ restart: always
+ environment:
+ - MYSQL_ROOT_PASSWORD=gitea
+ - MYSQL_USER=gitea
+ - MYSQL_PASSWORD=gitea
+ - MYSQL_DATABASE=gitea
+ volumes:
+ - ./mysql:/var/lib/mysql
```
## PostgreSQL database
To start Gitea in combination with a PostgreSQL database, apply these changes to
the `docker-compose.yml` file created above.
```diff
version: "2"
services:
server:
image: docker.gitea.com/gitea:@dockerVersion@-rootless
environment:
+ - GITEA__database__DB_TYPE=postgres
+ - GITEA__database__HOST=db:5432
+ - GITEA__database__NAME=gitea
+ - GITEA__database__USER=gitea
+ - GITEA__database__PASSWD=gitea
restart: always
volumes:
- ./data:/var/lib/gitea
- ./config:/etc/gitea
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- "3000:3000"
- "2222:2222"
+ depends_on:
+ - db
+
+ db:
+ image: docker.io/library/postgres:14
+ restart: always
+ environment:
+ - POSTGRES_USER=gitea
+ - POSTGRES_PASSWORD=gitea
+ - POSTGRES_DB=gitea
+ volumes:
+ - ./postgres:/var/lib/postgresql/data
```
## Named volumes
To use named volumes instead of host volumes, define and use the named volume
@@ -174,8 +76,6 @@ create the required volume. You don't need to worry about permissions with
named volumes; Docker will deal with that automatically.
```diff
version: "2"
+volumes:
+ gitea-data:
+ driver: local
@@ -207,8 +107,6 @@ As an example to clone the host user `git` definition use the command `id -u git
Please make sure that the mounted folders are writable by the user.
```diff
version: "2"
services:
server:
image: docker.gitea.com/gitea:@dockerVersion@-rootless
@@ -223,143 +121,3 @@ services:
- "3000:3000"
- "2222:2222"
```
## Startup
:::note
From July 2023 Compose V1 stopped receiving updates. It's also no longer available in new releases of Docker Desktop.
Compose V2 is included with all currently supported versions of Docker Desktop. Please use V2 to do below operations.
:::
To start this setup based on `docker-compose`, execute `docker-compose up -d`,
to launch Gitea in the background. Using `docker-compose ps` will show if Gitea
started properly. Logs can be viewed with `docker-compose logs`.
To shut down the setup, execute `docker-compose down`. This will stop
and kill the containers. The volumes will still exist.
:::note
If using a non-3000 port on http, change app.ini to match
`LOCAL_ROOT_URL = http://localhost:3000/`.
:::
## Install
After starting the Docker setup via `docker-compose`, Gitea should be available using a
favorite browser to finalize the installation. Visit http://server-ip:3000 and follow the
installation wizard. If the database was started with the `docker-compose` setup as
documented above, please note that `db` must be used as the database hostname.
## Customization
Customization files described [here](../administration/customizing-gitea.md) should
be placed in `/var/lib/gitea/custom` directory. If using host volumes, it's quite easy to access these
files; for named volumes, this is done through another container or by direct access at
`/var/lib/docker/volumes/gitea_gitea/_/var_lib_gitea`. The configuration file will be saved at
`/etc/gitea/app.ini` after the installation.
## Upgrading
:::warning
:exclamation::exclamation: **Make sure you have volumed data to somewhere outside Docker container** :exclamation::exclamation:
:::
To upgrade your installation to the latest release:
```bash
# Edit `docker-compose.yml` to update the version, if you have one specified
# Pull new images
docker-compose pull
# Start a new container, automatically removes old one
docker-compose up -d
```
## Upgrading from standard image
- Backup your setup
- Change volume mountpoint from /data to /var/lib/gitea
- If you used a custom app.ini move it to a new volume mounted to /etc/gitea
- Rename folder (inside volume) gitea to custom
- Edit app.ini if needed
- Set START_SSH_SERVER = true
- Use image docker.gitea.com/gitea:@dockerVersion@-rootless
## Managing Deployments With Environment Variables
In addition to the environment variables above, any settings in `app.ini` can be set
or overridden with an environment variable of the form: `GITEA__SECTION_NAME__KEY_NAME`.
These settings are applied each time the docker container starts, and won't be passed into Gitea's sub-processes.
Full information [here](https://github.com/go-gitea/gitea/tree/main/contrib/environment-to-ini).
These environment variables can be passed to the docker container in `docker-compose.yml`.
The following example will enable a smtp mail server if the required env variables
`GITEA__mailer__FROM`, `GITEA__mailer__HOST`, `GITEA__mailer__PASSWD` are set on the host
or in a `.env` file in the same directory as `docker-compose.yml`.
The settings can be also set or overridden with the content of a file by defining an environment variable of the form:
`GITEA__section_name__KEY_NAME__FILE` that points to a file.
```bash
...
services:
server:
environment:
- GITEA__mailer__ENABLED=true
- GITEA__mailer__FROM=${GITEA__mailer__FROM:?GITEA__mailer__FROM not set}
- GITEA__mailer__PROTOCOL=smtp
- GITEA__mailer__HOST=${GITEA__mailer__HOST:?GITEA__mailer__HOST not set}
- GITEA__mailer__IS_TLS_ENABLED=true
- GITEA__mailer__USER=${GITEA__mailer__USER:-apikey}
- GITEA__mailer__PASSWD="""${GITEA__mailer__PASSWD:?GITEA__mailer__PASSWD not set}"""
```
To set required TOKEN and SECRET values, consider using Gitea's built-in [generate utility functions](../administration/command-line.md#generate).
# SSH Container Passthrough
Since SSH is running inside the container, SSH needs to be passed through from the host to the container if SSH support is desired. One option would be to run the container SSH on a non-standard port (or moving the host port to a non-standard port). Another option which might be more straightforward is to forward SSH commands from the host to the container. This setup is explained in the following.
This guide assumes that you have created a user on the host called `git` with permission to run `docker exec`, and that the Gitea container is called `gitea`. You will need to modify that user's shell to forward the commands to the `sh` executable inside the container, using `docker exec`.
First, create the file `/usr/local/bin/gitea-shell` on the host, with the following contents:
```bash
#!/bin/sh
/usr/bin/docker exec -i --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" gitea sh "$@"
```
Note that `gitea` in the docker command above is the name of the container. If you named yours differently, don't forget to change that.
You should also make sure that youve set the permissions of the shell wrapper correctly:
```bash
sudo chmod +x /usr/local/bin/gitea-shell
```
Once the wrapper is in place, you can make it the shell for the `git` user:
```bash
sudo usermod -s /usr/local/bin/gitea-shell git
```
Now that all the SSH commands are forwarded to the container, you need to set up the SSH authentication on the host. This is done by leveraging the [SSH AuthorizedKeysCommand](../administration/command-line.md#keys) to match the keys against those accepted by Gitea. Add the following block to `/etc/ssh/sshd_config`, on the host:
```bash
Match User git
AuthorizedKeysCommandUser git
AuthorizedKeysCommand /usr/bin/docker exec -i gitea /usr/local/bin/gitea keys -c /etc/gitea/app.ini -e git -u %u -t %t -k %k
```
(From 1.16.0 you will not need to set the `-c /etc/gitea/app.ini` option.)
All that is left to do is restart the SSH server:
```bash
sudo systemctl restart sshd
```
**Notes**
This isn't actually using the docker SSH - it is simply using the commands around it.
You could theoretically not run the internal SSH server.

View File

@@ -12,9 +12,16 @@ Gitea provides automatically updated Docker images within its Docker Hub organiz
possible to always use the latest stable tag or to use another service that handles updating
Docker images.
This reference setup guides users through the setup based on `docker-compose`, but the installation
of `docker-compose` is out of scope of this documentation. To install `docker-compose` itself, follow
the official [install instructions](https://docs.docker.com/compose/install/).
This reference setup guides users through the setup based on `docker compose`.
Docker compose has been included in the Docker Engine since the shift to Compose v2.
If, for some reason, compose is not available on your system, follow the official [install instructions](https://docs.docker.com/compose/install/).
This document targets for the default rootful image. For the rootless image,
see "[Installation with Docker (rootless)](./with-docker-rootless.md)"
ATTENTION: the rootful/rootless images are not compatible with the other.
If you have chosen one, you should always use the same one,
don't switch to the other one by changing the compose file's `image` value.
## Basics
@@ -26,8 +33,6 @@ If you don't give the volume correct permissions, the container may not start.
For a stable release you can use `:latest`, `:1` or specify a certain release like `:@dockerVersion@`, but if you'd like to use the latest development version of Gitea then you could use the `:nightly` tag. If you'd like to run the latest commit from a release branch you can use the `:1.x-nightly` tag, where x is the minor version of Gitea. (e.g. `:1.16-nightly`)
```yaml
version: "3"
networks:
gitea:
external: false
@@ -58,8 +63,6 @@ the port section. It's common to just change the host port and keep the ports wi
the container like they are.
```diff
version: "3"
networks:
gitea:
external: false
@@ -93,8 +96,6 @@ To start Gitea in combination with a MySQL database, apply these changes to the
`docker-compose.yml` file created above.
```diff
version: "3"
networks:
gitea:
external: false
@@ -144,8 +145,6 @@ To start Gitea in combination with a PostgreSQL database, apply these changes to
the `docker-compose.yml` file created above.
```diff
version: "3"
networks:
gitea:
external: false
@@ -196,8 +195,6 @@ create the required volume. You don't need to worry about permissions with
named volumes; Docker will deal with that automatically.
```diff
version: "3"
networks:
gitea:
external: false
@@ -227,17 +224,11 @@ MySQL or PostgreSQL containers will need to be created separately.
## Startup
:::note
From July 2023 Compose V1 stopped receiving updates. It's also no longer available in new releases of Docker Desktop.
To start this setup based on `docker compose`, execute `docker compose up -d`,
to launch Gitea in the background. Using `docker compose ps` will show if Gitea
started properly. Logs can be viewed with `docker compose logs`.
Compose V2 is included with all currently supported versions of Docker Desktop. Please use V2 to do below operations.
:::
To start this setup based on `docker-compose`, execute `docker-compose up -d`,
to launch Gitea in the background. Using `docker-compose ps` will show if Gitea
started properly. Logs can be viewed with `docker-compose logs`.
To shut down the setup, execute `docker-compose down`. This will stop
To shut down the setup, execute `docker compose down`. This will stop
and kill the containers. The volumes will still exist.
:::note
@@ -247,9 +238,9 @@ If using a non-3000 port on http, change app.ini to match
## Installation
After starting the Docker setup via `docker-compose`, Gitea should be available using a
After starting the Docker setup via `docker compose`, Gitea should be available using a
favorite browser to finalize the installation. Visit http://server-ip:3000 and follow the
installation wizard. If the database was started with the `docker-compose` setup as
installation wizard. If the database was started with the `docker compose` setup as
documented above, please note that `db` must be used as the database hostname.
## Configure the user inside Gitea using environment variables
@@ -279,17 +270,18 @@ To upgrade your installation to the latest release:
```bash
# Edit `docker-compose.yml` to update the version, if you have one specified
# Pull new images
docker-compose pull
docker compose pull
# Start a new container, automatically removes old one
docker-compose up -d
docker compose up -d
```
## Managing Deployments With Environment Variables
In addition to the environment variables above, any settings in `app.ini` can be set
or overridden with an environment variable of the form: `GITEA__SECTION_NAME__KEY_NAME`.
These settings are applied each time the docker container starts, and won't be passed into Gitea's sub-processes.
Full information [here](https://github.com/go-gitea/gitea/tree/master/contrib/environment-to-ini).
or overridden with an environment variable of the form: `GITEA__section_name__KEY_NAME=value`.
These settings are applied each time the docker container starts by `environment-to-ini` command
(a warpper of `gitea config edit-ini`), and won't be passed into Gitea's sub-processes.
See `./gitea config edit-ini --help` for more details.
These environment variables can be passed to the docker container in `docker-compose.yml`.
The following example will enable an smtp mail server if the required env variables
@@ -331,320 +323,7 @@ services:
- GITEA__security__INTERNAL_TOKEN=[value returned by generate secret INTERNAL_TOKEN]
```
## SSH Container Passthrough
Since SSH is running inside the container, SSH needs to be passed through from the host to the container if SSH support is desired. One option would be to run the container SSH on a non-standard port (or moving the host port to a non-standard port). Another option which might be more straightforward is for Gitea users to ssh to a Gitea user on the host which will then relay those connections to the docker. Alternatively, if the host machine has more than one IP address, the host can listen on one and Gitea on another.
### Understanding SSH access to Gitea (without passthrough)
To understand what needs to happen, you first need to understand what happens without passthrough. So we will try to explain this:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea will add an entry for this key to the `.ssh/authorized_keys` file of its running user, `git`.
3. This entry has the public key, but also has a `command=` option. It is this command that Gitea uses to match this key to the client user and manages authentication.
4. The client then makes an SSH request to the SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
5. The client will attempt to authenticate with the server, passing one or more public keys one at a time to the server.
6. For each key the client provides, the SSH server will first check its configuration for an `AuthorizedKeysCommand` to see if the public key matches, and then the `git` user's `authorized_keys` file.
7. The first entry that matches will be selected, and assuming this is a Gitea entry, the `command=` will now be executed.
8. The SSH server creates a user session for the `git` user, and using the shell for the `git` user runs the `command=`
9. This runs `gitea serv` which takes over control of the rest of the SSH session and manages gitea authentication & authorization of the git commands.
Now, for the SSH passthrough to work, we need the host SSH to match the public keys and then run the `gitea serv` on the docker. There are multiple ways of doing this. However, all of these require some information about the docker being passed to the host.
### SSHing Shim (with authorized_keys)
In this option, the idea is that the host simply uses the `authorized_keys` that gitea creates but at step 9 the `gitea` command that the host runs is a shim that actually runs ssh to go into the docker and then run the real docker `gitea` itself.
- To make the forwarding work, the SSH port of the container (22) needs to be mapped to the host port 2222 in `docker-compose.yml` . Since this port does not need to be exposed to the outside world, it can be mapped to the `localhost` of the host machine:
```yaml
ports:
# [...]
- "127.0.0.1:2222:22"
```
- Next on the host create the `git` user which shares the same `UID`/ `GID` as the container values `USER_UID`/ `USER_GID`. These values can be set as environment variables in the `docker-compose.yml`:
```yaml
environment:
- USER_UID=1000
- USER_GID=1000
```
- Mount `/home/git/.ssh` of the host into the container. This ensures that the `authorized_keys` file is shared between the host `git` user and the container `git` user otherwise the SSH authentication cannot work inside the container.
```yaml
volumes:
- /home/git/.ssh/:/data/git/.ssh
```
- Now a SSH key pair needs to be created on the host. This key pair will be used to authenticate the `git` user on the host to the container. As an administrative user on the host run: (by administrative user we mean a user that can sudo to root)
```bash
sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key"
```
- Please note depending on the local version of ssh you may want to consider using `-t ecdsa` here.
- `/home/git/.ssh/authorized_keys` on the host now needs to be modified. It needs to act in the same way as `authorized_keys` within the Gitea container. Therefore add the public key of the key you created above ("Gitea Host Key") to `~/git/.ssh/authorized_keys`. As an administrative user on the host run:
```bash
sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys
sudo -u git chmod 600 /home/git/.ssh/authorized_keys
```
Important: The pubkey from the `git` user needs to be added "as is" while all other pubkeys added via the Gitea web interface will be prefixed with `command="/usr [...]`.
`/home/git/.ssh/authorized_keys` should then look somewhat like
```bash
# SSH pubkey from git user
ssh-rsa <Gitea Host Key>
# other keys from users
command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty <user pubkey>
```
- The next step is to create the fake host `gitea` command that will forward commands from the host to the container. The name of this file depends on your version of Gitea:
- For Gitea v1.16.0+. As an administrative user on the host run:
```bash
cat <<"EOF" | sudo tee /usr/local/bin/gitea
#!/bin/sh
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
EOF
sudo chmod +x /usr/local/bin/gitea
```
Here is a detailed explanation what is happening when a SSH request is made:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea in the container will add an entry for this key to the `.ssh/authorized_keys` file of its running user, `git`.
- However, because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key has been added to the host `git` user's `authorized_keys` file too.
3. This entry has the public key, but also has a `command=` option.
- This command matches the location of the Gitea binary on the container, but also the location of the shim on the host.
4. The client then makes an SSH request to the host SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
5. The client will attempt to authenticate with the server, passing one or more public keys in turn to the host.
6. For each key the client provides, the host SSH server will first check its configuration for an `AuthorizedKeysCommand` to see if the public key matches, and then the host `git` user's `authorized_keys` file.
- Because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key they added to the Gitea web will be found
7. The first entry that matches will be selected, and assuming this is a Gitea entry, the `command=` will now be executed.
8. The host SSH server creates a user session for the `git` user, and using the shell for the host `git` user runs the `command=`
9. This means that the host runs the host `/usr/local/bin/gitea` shim that opens an SSH from the host to container passing the rest of the command arguments directly to `/usr/local/bin/gitea` on the container.
10. Meaning that the container `gitea serv` is run, taking over control of the rest of the SSH session and managing gitea authentication & authorization of the git commands.
**Notes**
SSH container passthrough using `authorized_keys` will work only if
- `opensshd` is used in the container
- if `AuthorizedKeysCommand` is _not used_ in combination with `SSH_CREATE_AUTHORIZED_KEYS_FILE=false` to disable authorized files key generation
- `LOCAL_ROOT_URL` is not changed (depending on the changes)
If you try to run `gitea` on the host, you will attempt to ssh to the container and thence run the `gitea` command there.
Never add the `Gitea Host Key` as a SSH key to a user on the Gitea interface.
### SSHing Shell (with authorized_keys)
In this option, the idea is that the host simply uses the `authorized_keys` that gitea creates but at step 8 above we change the shell that the host runs to ssh directly into the docker and then run the shell there. This means that the `gitea` that is then run is the real docker `gitea`.
- In this case we setup as per SSHing Shim except instead of creating `/usr/local/bin/gitea`
we create a new shell for the git user. As an administrative user on the host run:
```bash
cat <<"EOF" | sudo tee /home/git/ssh-shell
#!/bin/sh
shift
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $@"
EOF
sudo chmod +x /home/git/ssh-shell
sudo usermod -s /home/git/ssh-shell git
```
Be careful here - if you try to login as the git user in future you will ssh directly to the docker.
Here is a detailed explanation what is happening when a SSH request is made:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea in the container will add an entry for this key to the `.ssh/authorized_keys` file of its running user, `git`.
- However, because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key has been added to the host `git` user's `authorized_keys` file too.
3. This entry has the public key, but also has a `command=` option.
- This command matches the location of the Gitea binary on the container.
4. The client then makes an SSH request to the host SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
5. The client will attempt to authenticate with the server, passing one or more public keys in turn to the host.
6. For each key the client provides, the host SSH server will first check its configuration for an `AuthorizedKeysCommand` to see if the public key matches, and then the host `git` user's `authorized_keys` file.
- Because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key they added to the Gitea web will be found
7. The first entry that matches will be selected, and assuming this is a Gitea entry, the `command=` will now be executed.
8. The host SSH server creates a user session for the `git` user, and using the shell for the host `git` user runs the `command=`
9. The shell of the host `git` user is now our `ssh-shell` which opens an SSH connection from the host to container, (which opens a shell on the container for the container `git`).
10. The container shell now runs the `command=` option meaning that the container `gitea serv` is run, taking over control of the rest of the SSH session and managing gitea authentication & authorization of the git commands.
**Notes**
SSH container passthrough using `authorized_keys` will work only if
- `opensshd` is used in the container
- if `AuthorizedKeysCommand` is _not used_ in combination with `SSH_CREATE_AUTHORIZED_KEYS_FILE=false` to disable authorized files key generation
- `LOCAL_ROOT_URL` is not changed (depending on the changes)
If you try to login as the `git` user on the host in future you will ssh directly to the docker.
Never add the `Gitea Host Key` as a SSH key to a user on the Gitea interface.
### Docker Shell (with authorized_keys)
Similar to the above ssh shell technique we can use a shell which simply uses `docker exec`. As an administrative user on the host run:
```bash
cat <<"EOF" | sudo tee /home/git/docker-shell
#!/bin/sh
/usr/bin/docker exec -i -u git --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" gitea sh "$@"
EOF
sudo chmod +x /home/git/docker-shell
sudo usermod -s /home/git/docker-shell git
```
Here is a detailed explanation what is happening when a SSH request is made:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea in the container will add an entry for this key to the `.ssh/authorized_keys` file of its running user, `git`.
- However, because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key has been added to the host `git` user's `authorized_keys` file too.
3. This entry has the public key, but also has a `command=` option.
- This command matches the location of the Gitea binary on the container.
4. The client then makes an SSH request to the host SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
5. The client will attempt to authenticate with the server, passing one or more public keys in turn to the host.
6. For each key the client provides, the host SSH server will first check its configuration for an `AuthorizedKeysCommand` to see if the public key matches, and then the host `git` user's `authorized_keys` file.
- Because `/home/git/.ssh/` on the host is mounted as `/data/git/.ssh` this means that the key they added to the Gitea web will be found
7. The first entry that matches will be selected, and assuming this is a Gitea entry, the `command=` will now be executed.
8. The host SSH server creates a user session for the `git` user, and using the shell for the host `git` user runs the `command=`
9. The shell of the host `git` user is now our `docker-shell` which uses `docker exec` to open a shell for the `git` user on the container.
10. The container shell now runs the `command=` option meaning that the container `gitea serv` is run, taking over control of the rest of the SSH session and managing gitea authentication & authorization of the git commands.
Note that `gitea` in the docker command above is the name of the container. If you named yours differently, don't forget to change that. The host `git` user also has to have
permission to run `docker exec`.
**Notes**
Docker shell passthrough using `authorized_keys` will work only if
- `opensshd` is used in the container
- if `AuthorizedKeysCommand` is _not used_ in combination with `SSH_CREATE_AUTHORIZED_KEYS_FILE=false` to disable authorized files key generation
- `LOCAL_ROOT_URL` is not changed (depending on the changes)
If you try to login as the `git` user on the host in future you will `docker exec` directly to the docker.
A Docker execing shim could be created similarly to above.
### Docker Shell with AuthorizedKeysCommand
The AuthorizedKeysCommand route provides another option that does not require many changes to the compose file or the `authorized_keys` - but does require changes to the host `/etc/sshd_config`.
In this option, the idea is that the host SSH uses an `AuthorizedKeysCommand` instead of relying on sharing the `authorized_keys` file that gitea creates. We continue to use a special shell at step 8 above to exec into the docker and then run the shell there. This means that the `gitea` that is then run is the real docker `gitea`.
- On the host create a `git` user with permission to run `docker exec`.
- We will again assume that the Gitea container is called `gitea`.
- Modify the `git` user's shell to forward commands to the `sh` executable inside the container using `docker exec`. As an administrative user on the host run:
```bash
cat <<"EOF" | sudo tee /home/git/docker-shell
#!/bin/sh
/usr/bin/docker exec -i -u git --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" gitea sh "$@"
EOF
sudo chmod +x /home/git/docker-shell
sudo usermod -s /home/git/docker-shell git
```
Now all attempts to login as the `git` user on the host will be forwarded to the docker - including the `SSH_ORIGINAL_COMMAND`. We now need to set-up SSH authentication on the host.
We will do this by leveraging the [SSH AuthorizedKeysCommand](../administration/command-line.md#keys) to match the keys against those accepted by Gitea.
Add the following block to `/etc/ssh/sshd_config`, on the host:
```bash
Match User git
AuthorizedKeysCommandUser git
AuthorizedKeysCommand /usr/bin/docker exec -i -u git gitea /usr/local/bin/gitea keys -c /data/gitea/conf/app.ini -e git -u %u -t %t -k %k
```
(From 1.16.0 you will not need to set the `-c /data/gitea/conf/app.ini` option.)
Finally restart the SSH server. As an administrative user on the host run:
```bash
sudo systemctl restart sshd
```
Here is a detailed explanation what is happening when a SSH request is made:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea in the container will add an entry for this key to its database.
3. The client then makes an SSH request to the host SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
4. The client will attempt to authenticate with the server, passing one or more public keys in turn to the host.
5. For each key the client provides, the host SSH server will checks its configuration for an `AuthorizedKeysCommand`.
6. The host runs the above `AuthorizedKeysCommand`, which execs in to the docker and then runs the `gitea keys` command.
7. Gitea on the docker will look in it's database to see if the public key matches and will return an entry like that of an `authorized_keys` command.
8. This entry has the public key, but also has a `command=` option which matches the location of the Gitea binary on the container.
9. The host SSH server creates a user session for the `git` user, and using the shell for the host `git` user runs the `command=`.
10. The shell of the host `git` user is now our `docker-shell` which uses `docker exec` to open a shell for the `git` user on the container.
11. The container shell now runs the `command=` option meaning that the container `gitea serv` is run, taking over control of the rest of the SSH session and managing gitea authentication & authorization of the git commands.
**Notes**
Docker shell passthrough using `AuthorizedKeysCommand` will work only if
- The host `git` user is allowed to run the `docker exec` command.
If you try to login as the `git` user on the host in future you will `docker exec` directly to the docker.
A Docker execing shim could be created similarly to above.
### SSH Shell with AuthorizedKeysCommand
Create a key for the host `git` user as above, add it to the docker `/data/git/.ssh/authorized_keys` then finally create and set the `ssh-shell` as above.
Add the following block to `/etc/ssh/sshd_config`, on the host:
```bash
Match User git
AuthorizedKeysCommandUser git
AuthorizedKeysCommand /usr/bin/ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 /usr/local/bin/gitea keys -c /data/gitea/conf/app.ini -e git -u %u -t %t -k %k
```
(From 1.16.0 you will not need to set the `-c /data/gitea/conf/app.ini` option.)
Finally restart the SSH server. As an administrative user on the host run:
```bash
sudo systemctl restart sshd
```
Here is a detailed explanation what is happening when a SSH request is made:
1. The client adds their SSH public key to Gitea using the webpage.
2. Gitea in the container will add an entry for this key to its database.
3. The client then makes an SSH request to the host SSH server using the `git` user, e.g. `git clone git@domain:user/repo.git`.
4. The client will attempt to authenticate with the server, passing one or more public keys in turn to the host.
5. For each key the client provides, the host SSH server will checks its configuration for an `AuthorizedKeysCommand`.
6. The host runs the above `AuthorizedKeysCommand`, which will SSH in to the docker and then run the `gitea keys` command.
7. Gitea on the docker will look in it's database to see if the public key matches and will return an entry like that of an `authorized_keys` command.
8. This entry has the public key, but also has a `command=` option which matches the location of the Gitea binary on the container.
9. The host SSH server creates a user session for the `git` user, and using the shell for the host `git` user runs the `command=`.
10. The shell of the host `git` user is now our `git-shell` which uses SSH to open a shell for the `git` user on the container.
11. The container shell now runs the `command=` option meaning that the container `gitea serv` is run, taking over control of the rest of the SSH session and managing gitea authentication & authorization of the git commands.
**Notes**
SSH container passthrough using `AuthorizedKeysCommand` will work only if
- `opensshd` is running on the container
If you try to login as the `git` user on the host in future you will `ssh` directly to the docker.
Never add the `Gitea Host Key` as a SSH key to a user on the Gitea interface.
SSHing shims could be created similarly to above.
### SSH with multiple IP addresses
This assumes that the host machine has more than one reachable IP address: `192.168.1.1` (host) `192.168.1.2` (gitea)
On the host machine, configure SSHD in `/etc/ssh/sshd_config` to listen on one IP address `ListenAddress 192.168.1.1`. In the compose file the SSH port forwarding then needs to be changed to `"192.168.1.2:22:22"`. The port forwarding needs to be adjusted similarily for all other forwarded ports to avoid problems with DNS.

View File

@@ -0,0 +1,9 @@
{
"label": "Usage",
"position": 35,
"link": {
"type": "generated-index",
"slug": "/usage",
"title": "Usage"
}
}

View File

@@ -0,0 +1,9 @@
{
"label": "Access Control",
"position": 100,
"link": {
"type": "generated-index",
"slug": "/usage/access-control",
"description": "Permissions, security, and access control features"
}
}

View File

@@ -0,0 +1,47 @@
---
date: "2024-01-31T00:00:00+00:00"
slug: "blocking-user"
sidebar_position: 25
aliases:
- /blocking-user
---
# Blocking a user
Gitea supports blocking of users to restrict how they can interact with you and your content.
You can block a user in your account settings, from the user's profile or from comments created by the user.
The user is not directly notified about the block, but they can notice they are blocked when they attempt to interact with you.
Organization owners can block anyone who is not a member of the organization too.
If a blocked user has admin permissions, they can still perform all actions even if blocked.
### When you block a user
- the user stops following you
- you stop following the user
- the user's stars are removed from your repositories
- your stars are removed from their repositories
- the user stops watching your repositories
- you stop watching their repositories
- the user's issue assignments are removed from your repositories
- your issue assignments are removed from their repositories
- the user is removed as a collaborator on your repositories
- you are removed as a collaborator on their repositories
- any pending repository transfers to or from the blocked user are canceled
### When you block a user, the user cannot
- follow you
- watch your repositories
- star your repositories
- fork your repositories
- transfer repositories to you
- open issues or pull requests on your repositories
- comment on issues or pull requests you've created
- comment on issues or pull requests on your repositories
- react to your comments on issues or pull requests
- react to comments on issues or pull requests on your repositories
- assign you to issues or pull requests
- add you as a collaborator on their repositories
- send you notifications by @mentioning your username
- be added as team member (if blocked by an organization)

View File

@@ -1,11 +1,10 @@
---
date: "2021-12-13:10:10+08:00"
slug: "permissions"
sidebar_position: 14
aliases:
- /en-us/permissions
- /permissions
---
# Permissions
@@ -41,7 +40,7 @@ With different permissions, people could do different things with these units.
| Wiki | View wiki pages. Clone the wiki repository. | Create/Edit wiki pages, push | - |
| ExternalWiki | Link to an external wiki | - | - |
| ExternalTracker | Link to an external issue tracker | - | - |
| Projects | View the boards | Change issues across boards | - |
| Projects | View the columns of projects | Change issues across columns | - |
| Packages | View the packages | Upload/Delete packages | - |
| Actions | View the Actions logs | Approve / Cancel / Restart | - |
| Settings | - | - | Manage the repository |

View File

@@ -0,0 +1,90 @@
---
date: "2025-11-20T00:00:00-07:00"
slug: "protected-branches"
sidebar_position: 44
aliases:
- /en-us/protected-branches
- /en-us/protected-branch
- /protected-branches
---
# Protected branches
Protected branches prevent unwanted changes by enforcing push and merge policies on selected branches. The rules are enforced for every Git protocol (HTTP(S), SSH), the web editor, the API, and background jobs such as auto-merge. Only repository owners and administrators can manage the rules, and the Branches page is read-only while a repository is archived.
## Creating or editing a rule
1. Open the repository and select **Settings → Branches** (repository admin permission required).
2. Select **Add new rule** or **Edit** next to an existing rule.
3. Fill in the **Protected branch name pattern** and optional file patterns, then configure the push, merge, and review options described below.
4. Select **Save rule**.
The rule immediately applies to all matching branches, even if the branches are created in the future.
## Rule matching and priorities
- The **Protected branch name pattern** accepts [glob](https://github.com/gobwas/glob) expressions and matches the entire branch name. Patterns are case-sensitive. Using a simple name such as `main` without glob special characters always matches that specific branch (case-insensitive).
- If multiple rules match the same branch, only the first rule is used. Reorder the list on the **Branches** page by dragging the grab handle. The first entry (priority 1) has the highest priority, so place patterns such as `main` or `release/*` before generic fallbacks such as `*`.
Example patterns:
| Pattern | Matches |
| -------------- | ------------------------------- |
| `main` | The `main` branch only |
| `release/*` | `release/v1.0`, `release/april` |
| `hotfix/**` | Nested branches such as `hotfix/security/CVE` |
| `*` | Every branch (use as a fallback) |
### File-level pattern controls
- **Protected file patterns** block changes to sensitive files (for example `.drone.yml` or `/docs/**/*.txt`). Patterns are case-insensitive and separated by semicolons. Commits and merge attempts that touch one of the files are rejected.
- **Unprotected file patterns** do the opposite: if pushes are blocked, users with write access can still push commits that modify only the listed files. This is useful for letting contributors update documentation while still requiring pull requests for code.
Both fields use the same `glob` syntax and match paths relative to the repository root.
## Controlling direct pushes
The **Push** section controls direct pushes (including the web editor and API).
- **Disable push** makes the branch read-only. Any attempt to push directly fails, and changes must be merged through pull requests.
- **Enable push** allows anyone with [write access](permissions) to push (force pushes are still blocked unless explicitly allowed).
- **Allowlist restricted push** requires being on the allowlist. Choose users and, for organization-owned repositories, teams. Deploy keys that already have write access can also be allowlisted.
When a push is blocked, the server-side hook rejects the update with an explanation.
### Force pushes
Force pushes have their own set of options:
- **Disable force push** completely forbids rewriting history on the branch.
- **Enable force push** allows anyone who can push to also force push.
- **Allowlist restricted force push** limits force pushes to a separate allowlist (users, teams, and optionally deploy keys) **and** requires the person to already have regular push access.
## Pull request merges and approvals
- **Merge allowlist**: keep the default to let anyone with write access merge pull requests, or enable the allowlist to restrict merges to selected users/teams.
- **Required approvals**: specify how many approvals are needed before a merge is allowed. Reviews from users with write access count, unless the **Restrict approvals to allowlisted users or teams** option is enabled.
- **Dismiss stale approvals** removes existing approvals whenever new commits that change the pull request content are pushed.
- **Ignore stale approvals** keeps approvals but does not count reviews that were made on older commits. This option is disabled while dismissal of stale approvals is enabled.
- **Block merge on rejected reviews** prevents merging while any official reviewer has requested changes.
- **Block merge on official review requests** blocks merges while there are outstanding review requests (for example when CODEOWNERS requires a review).
- **Block merge if the pull request is outdated** makes sure the head branch is up to date with the base branch before it can be merged.
- **Administrators must follow branch protection rules** removes the ability for repository administrators to bypass the rules with the "Force merge" button.
Protected file patterns apply to pull requests as well. When a pull request changes one of the protected files, the pull request banner shows the affected paths and merging stays disabled.
## Status checks
Enable status checks to require one or more CI jobs to succeed before merging:
1. Check **Enable status check**.
2. Enter one pattern per line in **Status check patterns**. Each pattern is a `glob` expression that matches the context name reported by Actions, Drone, Woodpecker, or another Check API client (for example `actions/test-*`).
3. Pick contexts from the table of jobs that have reported results in the last week to verify their names.
When the option is active, Gitea requires at least one context that matches each pattern to report success on the pull request head commit. An empty list is not allowed; use `*` to require the latest commit to be successful regardless of the context name.
## Signed commits and other safeguards
- **Require signed commits** rejects pushes that contain unsigned or unverifiable commits. The check runs inside the server hook before the push is accepted.
- **Protected file patterns** (see above) prevent both pushes and merges that modify sensitive files.
- **Unprotected file patterns** allow limited pushes while keeping the branch protected.

View File

@@ -4,6 +4,7 @@ slug: "protected-tags"
sidebar_position: 45
aliases:
- /en-us/protected-tags
- /protected-tags
---
# Protected tags

View File

@@ -0,0 +1,9 @@
{
"label": "Actions",
"position": 30,
"link": {
"type": "generated-index",
"slug": "/usage/actions",
"description": "Automating workflows with Actions"
}
}

View File

@@ -26,38 +26,6 @@ Github Actions doesn't support that. https://docs.github.com/en/actions/using-wo
## Unsupported workflows syntax
### `concurrency`
It's used to run a single job at a time.
See [Using concurrency](https://docs.github.com/en/actions/using-jobs/using-concurrency).
It's ignored by Gitea Actions now.
### `run-name`
The name for workflow runs generated from the workflow.
See [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#run-name).
It's ignored by Gitea Actions now.
### `permissions` and `jobs.<job_id>.permissions`
See [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions).
It's ignored by Gitea Actions now.
### `jobs.<job_id>.timeout-minutes`
See [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idtimeout-minutes).
It's ignored by Gitea Actions now.
### `jobs.<job_id>.continue-on-error`
See [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idcontinue-on-error).
It's ignored by Gitea Actions now.
### `jobs.<job_id>.environment`
See [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idenvironment).
@@ -107,6 +75,15 @@ Services steps don't have their own section in the job log user interface.
## Different behavior
### Job token permissions (`permissions`)
Gitea supports `permissions` and `jobs.<job_id>.permissions` to control the default `GITEA_TOKEN` permissions.
The effective permissions are clamped by the repository/owner settings and are further restricted for fork pull requests and cross-repository access.
GitHub-only scopes such as `statuses`, `checks`, `deployments`, `id-token`, `security-events`, and `pages` are not supported, while Gitea-specific scopes such as `code`, `releases`, `wiki`, and `projects` are available.
See [Actions job token permissions](token-permissions.md).
### Downloading actions
Previously (Pre 1.21.0), `[actions].DEFAULT_ACTIONS_URL` defaulted to `https://gitea.com`.

View File

@@ -8,33 +8,9 @@ sidebar_position: 140
Gitea Actions has multiple components. This document describes them individually.
## Act
## Gitea Runner
The [nektos/act](https://github.com/nektos/act) project is an excellent tool that allows you to run your GitHub Actions locally.
We were inspired by this and wondered if it would be possible to run actions for Gitea.
However, while [nektos/act](https://github.com/nektos/act) is designed as a command line tool, what we actually needed was a Go library with modifications specifically for Gitea.
So we forked it as [gitea/act](https://gitea.com/gitea/act).
This is a soft fork that will periodically follow the upstream.
Although some custom commits have been added, we will try our best to avoid changing too much of the original code.
The forked act is just a shim or adapter for Gitea's specific usage.
There are some additional commits that have been made, such as:
- Outputting execution logs to logger hook so they can be reported to Gitea
- Disabling the GraphQL URL, since Gitea doesn't support it
- Starting a new container for every job instead of reusing to ensure isolation.
These modifications have no reason to be merged into the upstream.
They don't make sense if the user just wants to run trusted actions locally.
However, there may be overlaps in the future, such as a required bug fix or new feature needed by both projects.
In these cases, we will contribute the changes back to the upstream repository.
## Act runner
Gitea's runner is called act runner because it's based on act.
Gitea Runner is based on a hard fork of [nektos/act](https://github.com/nektos/act).
Like other CI runners, we designed it as an external part of Gitea, which means it should run on a different server than Gitea.
@@ -47,7 +23,7 @@ That's why when you add custom labels during registration, you will need to inpu
This means that the runner can take the job which needs to run on `my_custom_label`, and it will run it via a docker container with the image `centos:7`.
Docker isn't the only option, though.
The act also supports running jobs directly on the host.
The runner also supports running jobs directly on the host.
This is achieved through labels like `linux_arm:host`.
This label indicates that the runner can take a job that needs to run on `linux_arm` and run it directly on the host.
@@ -62,7 +38,7 @@ So,
## Communication protocol
As act runner is an independent part of Gitea, we needed a protocol for runners to communicate with the Gitea instance.
As the runner is an independent part of Gitea, we needed a protocol for runners to communicate with the Gitea instance.
However, we did not think it was a good idea to have Gitea listen on a new port.
Instead, we wanted to reuse the HTTP port, which means we needed a protocol that is compatible with HTTP.
We chose to use gRPC over HTTP.
@@ -79,9 +55,9 @@ This will help you troubleshoot some problems and explain why it's a bad idea to
There are four network connections marked in the picture, and the direction of the arrows indicates the direction of establishing the connections.
### Connection 1, act runner to Gitea instance
### Connection 1, runner to Gitea instance
The act runner must be able to connect to Gitea to receive tasks and send back the execution results.
The runner must be able to connect to Gitea to receive tasks and send back the execution results.
### Connection 2, job containers to Gitea instance
@@ -92,9 +68,9 @@ Fetching code is not always necessary to run some jobs, but it is required in mo
If you use a loopback address to register a runner, the runner can connect to Gitea when it is on the same machine.
However, if a job container tries to fetch code from localhost, it will fail because Gitea is not in the same container.
### Connection 3, act runner to internet
### Connection 3, runner to internet
When you use some actions like `actions/checkout@v4`, the act runner downloads the scripts, not the job containers.
When you use some actions like `actions/checkout@v4`, the runner downloads the scripts, not the job containers.
By default, it downloads from [github.com](http://github.com/), so it requires access to the internet. If you configure the `DEFAULT_ACTIONS_URL` to `self`, then it will download from your Gitea instance by default. Then it will not connect to internet when downloading the action itself.
It also downloads some docker images from Docker Hub by default, which also requires internet access.

View File

@@ -55,7 +55,7 @@ If you want to give more permissions to the runner, allowing it to access more p
Refined permission control to Actions is a complicated job.
In the future, we will add more options to Gitea to make it more configurable, such as allowing more write access to repositories or read access to all repositories in the same organization.
## Which operating systems are supported by act runner?
## Which operating systems are supported by Gitea Runner?
We released official binaries for Linux, macOS, and Windows.
While other operating systems are theoretically supported if it is supported by golang and docker(docker mode enabled).
@@ -101,7 +101,7 @@ It is exciting to be able to reuse them.
This is valid syntax.
It means that it should run on runners that have both the `label_a` **and** `label_b` labels, see [Workflow syntax for GitHub Actions](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idruns-on).
Unfortunately, act runner does not work this way until v0.2.11.
Unfortunately, the runner does not work this way until v0.2.11.
As mentioned, we map labels to environments:
- `ubuntu``ubuntu:22.04`
@@ -117,9 +117,9 @@ We also need to re-design how tasks are assigned to runners.
A runner with `ubuntu`, `centos`, or `with-gpu` does not necessarily indicate that it can accept jobs with `[centos, with-gpu]`.
Therefore, the runner should inform the Gitea instance that it can only accept jobs with `[ubuntu]`, `[centos]`, `[with-gpu]`, and `[ubuntu, with-gpu]`.
This is not a technical problem, it was just overlooked in the early design.
See [runtime.go#L65](https://gitea.com/gitea/act_runner/src/commit/90b8cc6a7a48f45cc28b5ef9660ebf4061fcb336/runtime/runtime.go#L65).
See [runtime.go#L65](https://gitea.com/gitea/runner/src/commit/90b8cc6a7a48f45cc28b5ef9660ebf4061fcb336/runtime/runtime.go#L65).
Currently, the act runner attempts to match everyone in the labels and uses the first match it finds.
Currently, the runner attempts to match everyone in the labels and uses the first match it finds.
## What is the difference between agent labels and custom labels for a runner?
@@ -132,17 +132,17 @@ However, the design here needs improvement, as it currently has some rough edges
You can add a custom label such as `centos` to a registered runner, which means the runner will receive jobs with `runs-on: centos`.
However, the runner may not know which environment to use for this label, resulting in it using a default image or leading to a logical dead end.
This default may not match user expectations.
See [runtime.go#L71](https://gitea.com/gitea/act_runner/src/commit/90b8cc6a7a48f45cc28b5ef9660ebf4061fcb336/runtime/runtime.go#L71).
See [runtime.go#L71](https://gitea.com/gitea/runner/src/commit/90b8cc6a7a48f45cc28b5ef9660ebf4061fcb336/runtime/runtime.go#L71).
In the meantime, we suggest that you re-register your runner if you want to change its labels.
## Will there be more implementations for Gitea Actions runner?
Although we would like to provide more options, our limited manpower means that act runner will be the only officially supported runner at the moment.
Although we would like to provide more options, our limited manpower means that Gitea Runner will be the only officially supported runner at the moment.
However, both Gitea and act runner are completely open source under MIT License, so anyone can modify the code to satisfy their requirements.
However, both Gitea and Gitea Runner are completely open source under MIT License, so anyone can modify the code to satisfy their requirements.
In case you fork act runner to create your own version: Please contribute the changes back if you can and if you think your changes will help others as well.
In case you fork Gitea Runner to create your own version: Please contribute the changes back if you can and if you think your changes will help others as well.
## What workflow trigger events does Gitea support?
@@ -158,11 +158,18 @@ For events supported only by GitHub, see GitHub's [documentation](https://docs.g
| push | not applicable |
| issues | `opened`, `edited`, `closed`, `reopened`, `assigned`, `unassigned`, `milestoned`, `demilestoned`, `labeled`, `unlabeled` |
| issue_comment | `created`, `edited`, `deleted` |
| pull_request | `opened`, `edited`, `closed`, `reopened`, `assigned`, `unassigned`, `synchronize`, `labeled`, `unlabeled` |
| pull_request | `opened`, `edited`, `closed`, `reopened`, `assigned`, `unassigned`, `synchronized`, `labeled`, `unlabeled` |
| pull_request_review | `submitted`, `edited` |
| pull_request_review_comment | `created`, `edited` |
| release | `published`, `edited` |
| registry_package | `published` |
| workflow_dispatch | not applicable |
| workflow_run | `requested`, `completed` |
> For `pull_request` events, in [GitHub Actions](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request), the `ref` is `refs/pull/:prNumber/merge`, which is a reference to the merge commit preview. However, Gitea has no such reference.
> Therefore, the `ref` in Gitea Actions is `refs/pull/:prNumber/head`, which points to the head of pull request rather than the preview of the merge commit.
## How to share actions and reusable workflows from private repositories?
Go to the repository's **Settings** > **Actions** > **General** page and add collaborative owners.
The private repositories of collaborative owners are allowed to access the actions and workflows in the current repository.

View File

@@ -21,8 +21,8 @@ To avoid confusion, we have clarified the spelling here:
## Runners
Just like other CI/CD solutions, Gitea doesn't run the jobs itself, but delegates the jobs to runners.
The runner of Gitea Actions is called [act runner](https://gitea.com/gitea/act_runner), it is a standalone program and also written in Go.
An important part of the application comes from a [fork](https://gitea.com/gitea/act) of [nektos/act](http://github.com/nektos/act).
The runner of Gitea Actions is called [Gitea Runner](https://gitea.com/gitea/runner), it is a standalone program and also written in Go.
An important part of the application comes from a hard fork of [nektos/act](http://github.com/nektos/act).
Because the runner is deployed independently, there could be potential security issues.
To avoid them, please follow two simple rules:

View File

@@ -25,10 +25,10 @@ If you want to learn more or encounter any problems while configuring it, please
### Set up runner
Gitea Actions requires [act runner](https://gitea.com/gitea/act_runner) to run the jobs.
Gitea Actions requires [Gitea Runner](https://gitea.com/gitea/runner) to run the jobs.
In order to avoid consuming too many resources and affecting the Gitea instance, it is recommended to start runners on separate machines from the Gitea instance.
You can use the [pre-built binaries](http://dl.gitea.com/act_runner) or the [docker images](https://hub.docker.com/r/gitea/act_runner/tags) to set up the runner.
You can use the [pre-built binaries](http://dl.gitea.com/gitea-runner) or the [docker images](https://hub.docker.com/r/gitea/runner/tags) to set up the runner.
Before proceeding any further, we suggest running it as a command line with pre-built binaries to ensure that it works with your environment, especially if you are running a runner on your localhost.
And it could be easier to debug if something goes wrong.
@@ -40,7 +40,7 @@ However, it is recommended to use Docker to run the jobs, because it is more sec
Before running a runner, you should first register it to your Gitea instance using the following command:
```bash
./act_runner register --no-interactive --instance <instance> --token <token>
./runner register --no-interactive --instance <instance> --token <token>
```
There are two arguments required, `instance` and `token`.
@@ -69,14 +69,14 @@ If this file is missing or corrupted, you can simply remove it and register agai
Finally, it's time to start the runner:
```bash
./act_runner daemon
./runner daemon
```
And you can see the new runner in the management page:
![view runner](/images/usage/actions/view-runner.png)
You can find more information by visiting [Act runner](usage/actions/act-runner.md).
You can find more information by visiting [Gitea Runner](runner.mdx).
### Use Actions

View File

@@ -0,0 +1,459 @@
---
date: "2023-04-27T15:00:00+08:00"
slug: "runner"
sidebar_position: 20
---
# Gitea Runner
This page will introduce the [Gitea Runner](https://gitea.com/gitea/runner) in detail, which is the runner for Gitea Actions.
## Requirements
Currently the runner supports three modes in which it can be run.
1. Host: runner will run as an application on the host. This provides no encapsulation.
2. Docker (recommended): Runs jobs in a [Docker](https://docker.com) container. If you choose this mode, you need to [install Docker](https://docs.docker.com/engine/install/) first and make sure that the Docker daemon is running.
3. Docker-in-Docker (DinD): Puts the runner into rootless mode. It then runs in a Docker container with its own Docker daemon that has fewer privileges. It will spawn job containers from there. Best security but more complex setup.
Other OCI container engines which are compatible with Docker's API should also work, but are untested.
However, if you are sure that you want to run jobs directly on the host only, then Docker is not required.
There are multiple ways to install the runner.
## Installation with binary
### Download the binary
You can download the binary from the [release page](https://gitea.com/gitea/runner/releases).
However, if you want to use the latest nightly build, you can download it from the [download page](https://dl.gitea.com/gitea-runner/).
When you download the binary, please make sure that you have downloaded the correct one for your platform.
You can check it by running the following command if you are in a Unix-style OS.
```bash
chmod +x runner
./runner --version
```
If you see the version information, it means that you have downloaded the correct binary.
### Obtain a registration token
You can register a runner at different levels. It can be:
- Instance level: The runner will run jobs for all repositories in the instance.
- Organization level: The runner will run jobs for all repositories in the organization.
- Repository level: The runner will run jobs for the repository it belongs to.
Note that the repository may still use instance-level or organization-level runners even if it has its own repository-level runners. A future release may provide an option to allow more control over this.
Before registering the runner and running it, you need a registration token. The level of the runner determines where to obtain the registration token.
- Instance level: The admin settings page, like `<your_gitea.com>/-/admin/actions/runners`.
- Organization level: The organization settings page, like `<your_gitea.com>/<org>/settings/actions/runners`.
- Repository level: The repository settings page, like `<your_gitea.com>/<owner>/<repo>/settings/actions/runners`.
If you cannot see the settings page, please make sure that you have the right permissions and that Actions have been enabled.
The format of the registration token is a random string `D0gvfu2iHfUjNqCYVljVyRV14fISpJxxxxxxxxxx`.
A registration token can also be obtained from the Gitea [command-line interface](/administration/command-line#actions-generate-runner-token):
```
gitea --config /etc/gitea/app.ini actions generate-runner-token
```
You can also use `GITEA_RUNNER_REGISTRATION_TOKEN`/`GITEA_RUNNER_REGISTRATION_TOKEN_FILE` environment variables to set a global runner registration token when Gitea starts, for example:
```
openssl rand -hex 24 > /some-dir/runner-token
export GITEA_RUNNER_REGISTRATION_TOKEN_FILE=/some-dir/runner-token
./gitea --config ...
```
The token from the environment is valid until you reset the token (re-create a new one) via the web UI or API.
Tokens are valid for registering multiple runners, until they are revoked and replaced by a new token using the token reset link in the web interface.
### Configuration
Configuration is done via a configuration file. It is optional, and the default configuration will be used when no configuration file is specified. You can generate a configuration file by running the following command:
```bash
./runner generate-config
```
The default configuration is safe to use without any modification, so you can just use it directly.
```bash
./runner generate-config > config.yaml
./runner --config config.yaml [command]
```
### Register the runner
Registration is required before running Gitea Runner, because the runner needs to know where to get jobs from. It is also important for the Gitea instance to identify the runner.
If this has been installed using the binary package, the runner can be registered by running the following command.
```bash
./runner register
```
Alternatively, you can use the `--config` option to specify the configuration file mentioned in the previous section.
```bash
./runner --config config.yaml register
```
You will be asked to input the registration information step by step. This includes:
- The Gitea instance URL, like `https://gitea.com/` or `http://192.168.8.8:3000/`.
- The registration token.
- The runner name, which is optional. If you leave it blank, the hostname will be used.
- The runner labels, which is optional. If you leave it blank, the default labels will be used.
You may be confused about the runner labels, which will be explained later.
If you want to register the runner in a non-interactive way, you can use arguments to do it.
```bash
./runner register --no-interactive --instance <instance_url> --token <registration_token> --name <runner_name> --labels <runner_labels>
```
When you have registered the runner, you can find a new file named `.runner` in the current directory.
This file stores the registration information.
Please do not edit it manually.
If this file is missing or corrupted, you can simply remove it and register again.
If you want to store the registration information in another place, you can specify it in the configuration file,
and don't forget to specify the `--config` option.
#### Ephemeral Runners
Ephemeral runners provide a security hardening mechanism for enabling organization- or instance-wide runners without requiring full user trust. Once a job is assigned within a spot VM or container, the runner's exposed credentials are automatically revoked—blocking it from polling further jobs before any untrusted code runs, while still allowing it to report progress until completion by either Gitea or the runner.
Gitea Runner **0.2.12+** is required.
The updated commands for registering the runner as ephemeral are listed below. Refer to the previous section for detailed information on registering the runner.
```bash
./runner register --ephemeral
```
```bash
./runner --config config.yaml register --ephemeral
```
```bash
./runner register --no-interactive --ephemeral --instance <instance_url> --token <registration_token> --name <runner_name> --labels <runner_labels>
```
The runner must be registered each time it is intended to receive a job. After completing the single job it is designed to execute, the runner terminates.
To automate the registration and startup of new runners when a job is queued, use the `workflow_job` webhook.
### Start the runner from the command line
After you have registered the runner, you can run it with the following command:
```shell
./runner daemon
```
or
```bash
./runner daemon --config config.yaml
```
The runner will fetch jobs from the Gitea instance and run them automatically.
### Start the runner with Systemd
It is also possible to run Gitea Runner as a [systemd](https://en.wikipedia.org/wiki/Systemd) service. Create an unprivileged `runner` user on your system, and create the following file in `/etc/systemd/system/runner.service`. The paths in `ExecStart` and `WorkingDirectory` may need to be adjusted depending on where you installed the `runner` binary, its configuration file, and the home directory of the `runner` user.
```ini
[Unit]
Description=Gitea Actions runner
Documentation=https://gitea.com/gitea/runner
After=docker.service
[Service]
ExecStart=/usr/local/bin/runner daemon --config /etc/runner/config.yaml
ExecReload=/bin/kill -s HUP $MAINPID
WorkingDirectory=/var/lib/runner
TimeoutSec=0
RestartSec=10
Restart=always
User=runner
[Install]
WantedBy=multi-user.target
```
Then:
```bash
# load the new systemd unit file
sudo systemctl daemon-reload
# start the service and enable it at boot
sudo systemctl enable runner --now
```
If using Docker, the `runner` user should also be added to the `docker` group before starting the service. Keep in mind that this effectively gives `runner` root access to the system [[1]](https://docs.docker.com/engine/security/#docker-daemon-attack-surface).
### Start the runner with LaunchDaemon (macOS)
Mac uses `launchd` in place of systemd for registering daemon processes. By default, daemons run as the root user, so if desired an unprivileged `_runner` user can be created via the `dscl` tool. The following file should then be created in the directory `/Library/LaunchDaemon/com.gitea.runner.plist`. The paths for `WorkingDirectory`, `ProgramArguments`, `StandardOutPath`, `StandardErrPath`, and the `HOME` environment variable may need to be updated to reflect your installation. Also note that any executables outside of the example `PATH` shown will need to be explicitly included and will not be inherited from existing configurations.
```xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.gitea.runner</string>
<key>ProgramArguments</key>
<array>
<string>/usr/local/bin/runner</string>
<string>daemon</string>
<string>--config</string>
<string>/etc/runner/config.yaml</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<true/>
<key>WorkingDirectory</key>
<string>/var/lib/runner</string>
<key>StandardOutPath</key>
<string>/var/lib/runner/runner.log</string>
<key>StandardErrorPath</key>
<string>/var/lib/runner/runner.err</string>
<key>EnvironmentVariables</key>
<dict>
<key>PATH</key>
<string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin</string>
<key>HOME</key>
<string>/var/lib/runner</string>
</dict>
<key>UserName</key>
<string>_runner</string>
</dict>
</plist>
```
Then:
```bash
sudo launchctl load /Library/LaunchDaemon/com.gitea.runner.plist
```
You can also set up a Linux or Windows service to let the runner run automatically.
## Install with the docker image
### Pull the image
You can use the docker image from [Docker Hub](https://hub.docker.com/r/gitea/runner/tags).
Just like the binary, you can use the latest nightly build by using the `nightly` tag, while the `latest` tag is the latest stable release.
```bash
docker pull docker.io/gitea/runner:latest # for the latest stable release
```
If you want to use the newest or experimental features, you can also use the nightly image.
```bash
docker pull docker.io/gitea/runner:nightly # for the latest nightly build
```
### Configuration
Configuration is optional, but you can also generate a config file with docker:
```bash
docker run --entrypoint="" --rm -it docker.io/gitea/runner:latest runner generate-config > config.yaml
```
When you are using the docker image, you can specify the configuration file by using the `CONFIG_FILE` environment variable. Make sure that the file is mounted into the container as a volume:
```bash
docker run -v $PWD/config.yaml:/config.yaml -e CONFIG_FILE=/config.yaml ...
```
You may notice the commands above are incomplete because it is not time to run the runner yet.
Before running the runner, we need to register it to your Gitea instance first.
### Start the runner with docker
If you are using the docker image, behavior will be slightly different. Registration and running are combined into one step in this case, so you need to specify the registration information when running the runner.
A quick start with docker run along with a minimal parameter set is shown below. You need to get the `<registration_token>` from the above step, and set a unique name for `<gitea_runner_name>` and for `<container_name>`.
```bash
docker run \
-e GITEA_INSTANCE_URL=<instance_url> \
-e GITEA_RUNNER_REGISTRATION_TOKEN=<registration_token> \
-e GITEA_RUNNER_NAME=<gitea_runner_name> \
--name <container_name> \
-v /var/run/docker.sock:/var/run/docker.sock \
-d docker.io/gitea/runner:latest
```
You can add more parameters to use a custom config, add a `data` directory for non-volatile file storage, etc.
```bash
docker run \
-v $PWD/config.yaml:/config.yaml \
-v $PWD/data:/data \
-v /var/run/docker.sock:/var/run/docker.sock \
-e CONFIG_FILE=/config.yaml \
-e GITEA_INSTANCE_URL=<instance_url> \
-e GITEA_RUNNER_REGISTRATION_TOKEN=<registration_token> \
-e GITEA_RUNNER_NAME=<gitea_runner_name> \
-e GITEA_RUNNER_LABELS=<runner_labels> \
--name <container_name> \
-d docker.io/gitea/runner:latest
```
You may notice that we have mounted `/var/run/docker.sock` into the container.
This is because with this setup, the runner will execute jobs in temporary Docker containers, so it needs to communicate with the Docker daemon.
As mentioned, you can remove it if you want to run jobs on the host directly.
To be clear, the "host" actually means the container that is running the runner now, instead of the host machine.
---
To enable ephemeral runners, set the environment variable `GITEA_RUNNER_EPHEMERAL=1` in the runner image. This setup doesn't use a `/data` volume because the credentials are single-use and not intended to be reused. You can find more details about this mode under [Ephemeral runners](#ephemeral-runners).
```bash
docker run \
-e GITEA_INSTANCE_URL=<instance_url> \
-e GITEA_RUNNER_REGISTRATION_TOKEN=<registration_token> \
-e GITEA_RUNNER_EPHEMERAL=1 \
-e GITEA_RUNNER_NAME=<runner_name> \
--name my_runner \
-d docker.io/gitea/runner:nightly
```
```bash
docker run \
-v $PWD/config.yaml:/config.yaml \
-v /var/run/docker.sock:/var/run/docker.sock \
-e CONFIG_FILE=/config.yaml \
-e GITEA_INSTANCE_URL=<instance_url> \
-e GITEA_RUNNER_REGISTRATION_TOKEN=<registration_token> \
-e GITEA_RUNNER_EPHEMERAL=1 \
-e GITEA_RUNNER_NAME=<runner_name> \
-e GITEA_RUNNER_LABELS=<runner_labels> \
--name my_runner \
-d docker.io/gitea/runner:nightly
```
Mounting the host's Docker socket using `/var/run/docker.sock:/var/run/docker.sock` introduces a potential security vulnerability. If a job can access this socket, the reusable `GITEA_RUNNER_REGISTRATION_TOKEN` could be exposed through Docker inspect data.
### Start the runner using docker compose
You could also set up the runner using the following `docker-compose.yml`:
```yml
version: "3.8"
services:
runner:
image: docker.io/gitea/runner:nightly
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME}"
GITEA_RUNNER_LABELS: "${RUNNER_LABELS}"
volumes:
- ./config.yaml:/config.yaml
- ./data:/data
- /var/run/docker.sock:/var/run/docker.sock
```
When using docker, there is no requirement to enter the container and manually run `./runner daemon` command as shown below. Once the container has been started successfully, it will show up as an active runner in your Gitea instance.
---
To enable ephemeral runners, set the environment variable `GITEA_RUNNER_EPHEMERAL=1` in the runner image. This setup doesn't use a `/data` volume because the credentials are single-use and not intended to be reused. You can find more details about this mode under [Ephemeral runners](#ephemeral-runners).
```yml
version: "3.8"
services:
runner:
image: docker.io/gitea/runner:nightly
environment:
CONFIG_FILE: /config.yaml
GITEA_INSTANCE_URL: "${INSTANCE_URL}"
GITEA_RUNNER_REGISTRATION_TOKEN: "${REGISTRATION_TOKEN}"
GITEA_RUNNER_NAME: "${RUNNER_NAME}"
GITEA_RUNNER_LABELS: "${RUNNER_LABELS}"
GITEA_RUNNER_EPHEMERAL: "1"
volumes:
- ./config.yaml:/config.yaml
- /var/run/docker.sock:/var/run/docker.sock
```
Mounting the host's Docker socket using `/var/run/docker.sock:/var/run/docker.sock` introduces a potential security vulnerability. If a job can access this socket, the reusable `GITEA_RUNNER_REGISTRATION_TOKEN` could be exposed through Docker inspect data.
### More start examples
A couple more usage examples can be found in the [runner](https://gitea.com/gitea/runner/src/branch/main/examples) repository.
## Advanced Configurations
### Configuring cache when starting a runner using the docker image
If you do not intend to use `actions/cache` in your workflow, you can ignore this section.
If you use `actions/cache` without any additional configuration, it will return the following error:
> Failed to restore: getCacheEntry failed: connect ETIMEDOUT IP:PORT
The error occurs because the runner container and job container are on different networks, so the job container cannot access the runner container.
Therefore, it is essential to configure the cache action to ensure its proper functioning. Follow these steps:
- 1. Obtain the LAN IP address of the host machine where the runner container is running.
- 2. Find an available port number on the host machine where the runner container is running.
- 3. Configure the following settings in the configuration file:
```yaml
cache:
enabled: true
dir: ""
# Use the LAN IP obtained in step 1
host: "192.168.8.17"
# Use the port number obtained in step 2
port: 8088
```
- 4. When starting the container, map the cache port to the host machine:
```bash
docker run \
--name gitea-docker-runner \
-p 8088:8088 \
-d docker.io/gitea/runner:nightly
```
### Labels
The labels of a runner are used to determine which jobs the runner can run, and how to run them.
The default labels are `ubuntu-latest:docker://node:16-bullseye,ubuntu-22.04:docker://node:16-bullseye,ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster`.
It is a comma-separated list, and each item is a label.
Let's take `ubuntu-22.04:docker://node:16-bullseye` as an example.
It means that the runner can run jobs with `runs-on: ubuntu-22.04`, and the job will be run in a docker container with the image `node:16-bullseye`.
If the default image is insufficient for your needs, and you have enough disk space to use a better and bigger one, you can change it to `ubuntu-22.04:docker://<the image you like>`.
You can find more useful images on [act images](https://github.com/nektos/act/blob/master/IMAGES.md).
If you want to run jobs on the host directly, you can change it to `ubuntu-22.04:host` or just `ubuntu-22.04`; `:host` is optional.
However, we suggest you use a special name like `linux_amd64:host` or `windows:host` to avoid misusing it.
Starting with Gitea 1.21, you can change labels by modifying `runners.labels` in the runner configuration file (if you don't have a configuration file, please refer to [configuration tutorials](#configuration)).
The runner will use these new labels as soon as you restart it, i.e., by calling `./runner daemon --config config.yaml`.

View File

@@ -0,0 +1,119 @@
---
date: "2026-06-26T00:00:00+00:00"
slug: "scoped-workflows"
sidebar_position: 60
---
# Scoped Workflows
Scoped workflows let you maintain Actions workflows in one central **source** repository and have them run automatically on many other repositories, without copying the workflow files into each one.
A workflow file committed under a source repository's scoped-workflow directory runs on every repository that the source applies to (a "consuming" repository). Each run executes **in the consuming repository's own context**: its runners, secrets, `GITEA_TOKEN`, and branch, while the workflow **content is read from the source repository**. This is useful for mandating shared CI across an organization or instance: linting, security scans, compliance or policy checks, and similar.
## Levels
A source repository can be registered at two levels:
- **Owner level**: registered by an organization or user. The source's workflows run on every repository owned by that organization or user.
- **Instance level**: registered by a site administrator. The source's workflows run on **every** repository on the instance.
The same repository may be registered at both levels; it is still evaluated once per matching event.
:::note
Instance-level sources apply to **every** repository on the instance, and a required one cannot be opted out. Detection runs on every repository's events. Register them deliberately.
:::
## Configuration
Scoped workflows live in a directory that is separate from regular workflows. It is controlled by `SCOPED_WORKFLOW_DIRS` in the `[actions]` section of `app.ini`:
```ini
[actions]
SCOPED_WORKFLOW_DIRS = .gitea/scoped_workflows
```
- The default is `.gitea/scoped_workflows`.
- It may list multiple directories (comma-separated).
- It **must not overlap** with `WORKFLOW_DIRS` (the regular workflow directories, by default `.gitea/workflows` and `.github/workflows`).
- Leaving it empty means no directory holds scoped workflows, so none are found or run. The settings page still appears and sources can still be registered, but no scoped workflow runs.
Keeping scoped workflows in their own directory means a source repository's *own* Actions are unaffected: only files under `SCOPED_WORKFLOW_DIRS` are treated as scoped workflows.
## Providing scoped workflows from a repository
1. In the would-be source repository, commit your workflow files under the scoped-workflow directory on its **default branch**, for example `.gitea/scoped_workflows/lint.yaml`:
```yaml
name: Lint
on: [push, pull_request]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: echo "lint the consuming repository here"
```
2. Register the repository as a source:
- **Organization**: *Organization Settings -> Actions -> Scoped Workflows*
- **User**: *User Settings -> Actions -> Scoped Workflows*
- **Instance (admin)**: *Site Administration -> Actions -> Scoped Workflows*
Search for and add the repository. From then on, its scoped workflows apply to the consuming repositories at that level.
The source repository is within its own scope, so it runs these workflows on itself like any other consumer.
## How scoped workflows run
- The run belongs to the **consuming** repository and uses its runners, secrets, `GITEA_TOKEN`, and ref. It behaves like a normal run there, including rerun, logs, and commit statuses.
- The workflow **content is read from the source** repository, pinned to the source's default-branch commit at the time of the event.
- Detection uses the consuming repository's event, so the workflow's `on:` triggers (such as `push` and `pull_request`) must match that event.
## Opting out
A consuming repository can disable a scoped workflow it does not want, from its **Actions** page (the workflow appears under its source). A workflow that has been marked **required** (see below) can never be disabled or opted out by a consuming repository.
## Required workflows and the merge gate
On the Scoped Workflows settings page you can mark individual workflows as **required** and give each one or more **status-check patterns** (one glob per line). A required scoped workflow:
- Cannot be disabled by consuming repositories.
- Gates pull-request merges: a consuming pull request can only be merged once a commit status matching **every** pattern has **passed** (must-present-and-pass). A required check that never posts a status **blocks** the merge rather than being silently skipped, so disabling Actions on the consumer cannot bypass it.
The status-check context a scoped run posts has the form:
```
<source repo full name>: <workflow display name> / <job> (<event>)
```
The settings page previews these "Expected status checks" for each workflow and marks the ones your patterns match, so you can confirm a pattern is correct. A common pattern wildcards the job and event, for example `my-org/ci-repo: Lint / *`.
Enforcement scope:
- A required check is enforced on any target branch that has a **branch protection rule**, even one whose own status checks are disabled.
- A target branch with **no** protection rule is not gated.
:::warning
Only a workflow that runs on an event that posts a commit status (`push`, `pull_request`, `pull_request_target`, `release`) can be required. A workflow that runs only on events like `workflow_dispatch`, `schedule` or `workflow_call` posts no status, so marking it required would block every consuming pull request forever. The settings page warns you in this case.
:::
## Reusable workflows (`uses:`)
Scoped workflows can call reusable workflows:
- A **local** reference (`uses: ./...`) resolves against the **source** repository: the repository the calling workflow's content came from, not the consuming repository.
- A **cross-repository** reference (`uses: owner/repo/...@ref`) is resolved with the **consuming repository's** read permission. If it points to a private repository, make sure every consuming repository can read it; otherwise the workflow will fail there.
A reusable workflow can live under `SCOPED_WORKFLOW_DIRS` (or `WORKFLOW_DIRS`) of the source repository.
## Security considerations
A source repository's workflow content is executed in every repository it applies to, and its step scripts and their output are written to that repository's Actions logs, readable by anyone who can view the consuming repository's Actions.
- Registering a **private** repository as a source therefore discloses its workflow logic through those logs. Only register repositories whose workflow content may be shared with every consuming repository.
## Limitations
- `on: schedule` and `on: workflow_run` are currently not supported as scoped workflow triggers.
- Scoped workflow content is read from the source's default branch; other branches of the source are not used.

View File

@@ -0,0 +1,115 @@
---
date: "2026-03-19T00:00:00+01:00"
slug: "token-permissions"
sidebar_position: 30
---
# Actions job token permissions (`GITEA_TOKEN`)
Every Actions job receives a built-in token (`GITEA_TOKEN`) which can be used to access Gitea (Git over HTTP(S), API requests, etc.).
This page documents how Gitea decides what the token is allowed to do.
In workflows, it is available as `${{ secrets.GITEA_TOKEN }}`. These settings and `permissions:` only affect `GITEA_TOKEN` (not other secrets like personal access tokens). For API calls, see [API authentication](development/api-usage.md).
## Where permissions come from
Gitea determines the job token permissions in this order:
1. Job-level `permissions:` (`jobs.<job_id>.permissions`)
2. Workflow-level `permissions:` (top-level)
3. Default permissions from settings (owner or repository)
The result is then **clamped** by the configured maximum token permissions (see below).
## Supported workflow syntax
Gitea supports the GitHub Actions-compatible `permissions:` keyword.
### Scalar values
```yaml
permissions: read-all # or: write-all
```
### Scoped mapping
```yaml
permissions:
contents: read
issues: write
pull-requests: none
```
Valid access mode values for each scope are `read`, `write`, and `none`.
### Supported scopes
- `contents` (applies to `code` and `releases`)
- `code`
- `releases`
- `issues`
- `pull-requests`
- `actions`
- `wiki`
- `projects`
- `packages` (if supported by the target feature)
If you specify both `contents` and a more granular scope (like `code` or `releases`), the granular scope wins for that unit.
### Compatibility notes
Gitea supports a subset of GitHub Actions permission scopes.
GitHub-only scopes such as `statuses`, `checks`, `deployments`, `id-token`, `security-events`, and `pages` are not currently supported by Gitea Actions.
Gitea also exposes repository-unit scopes that do not exist as separate scopes in GitHub Actions:
- `code`
- `releases`
- `wiki`
- `projects`
## Default permission mode
If neither the workflow nor the job defines `permissions:`, Gitea uses the configured default mode:
- **Permissive**: read and write permissions for most units in the job's repository (backwards-compatible default).
- **Restricted**: read-only permissions for `code`, `releases`, and `packages` in the job's repository, and no access to other units by default.
## Maximum token permissions (clamping)
You can configure a maximum permission per repository unit.
The job's effective permissions are computed as:
`effective = min(requested, maximum)`
This means workflows can reduce permissions for a job, but cannot exceed your configured maximum.
If you don't configure a maximum, the maximum defaults to `write` for all scopes.
## Where to configure
You can configure defaults and maximums at:
- **User / Organization**: `Settings``Actions``General`
- **Repository**: `Settings``Actions``General`
- For repositories in an organization, the repository can follow the owner-level configuration, or opt out with **Override owner-level configuration**.
Note: Repository-level token permission settings are only shown once **Repository Actions** are enabled.
## Fork pull requests
For security reasons, workflows triggered by pull requests from forks are always restricted to read-only permissions for repository contents, regardless of workflow `permissions:` or settings.
## Cross-repository access
By default, `GITEA_TOKEN` only has access to:
- The job's repository (according to the computed permissions)
- Public repositories (read-only)
Access to other private repositories is denied by default.
A user or organization can allow read-only access to selected private repositories via **Settings → Actions → General → Cross-Repository Access**.
Private repositories can also allow selected collaborative owners via **Settings → Actions → General**.
This allows the private repositories of those owners to read the current private repository for Actions use, such as private actions and reusable workflows.
Fork pull request workflows never gain cross-repository access to private repositories, even if those repositories are listed.

View File

@@ -6,11 +6,13 @@ sidebar_position: 25
# Variables
## User-defined variables
You can create configuration variables on the user, organization and repository level.
The level of the variable depends on where you created it. When creating a variable, the
key will be converted to uppercase. You need use uppercase on the yaml file.
## Naming conventions
### Naming conventions
The following rules apply to variable names:
@@ -21,12 +23,118 @@ The following rules apply to variable names:
- Variable names must be unique at the level they are created at.
- Variable names must not start with `CI`.
## Using variable
### Using variables
After creating configuration variables, they will be automatically filled in the `vars` context.
They can be accessed through expressions like `${{ vars.VARIABLE_NAME }}` in the workflow.
## Precedence
### Precedence
If a variable with the same name exists at multiple levels, the variable at the lowest level takes precedence:
A repository variable will always be chosen over an organization/user variable.
## Pre-defined context variables
These variables are available in workflow expressions via `${{ gitea.<name> }}`. For compatibility, `${{ github.<name> }}` works as an alias.
| Name | Description | Example |
|---|---|---|
| `gitea.action`<br/>`github.action` | The name of the action currently running, or the `id` of a step. | `__run` |
| `gitea.action_path`<br/>`github.action_path` | The path where an action is located. Only supported in composite actions. | `/home/runner/work/_actions/actions/checkout/v4` |
| `gitea.action_ref`<br/>`github.action_ref` | The ref of the action being executed. | `v4` |
| `gitea.action_repository`<br/>`github.action_repository` | The owner and repository name of the action. | `actions/checkout` |
| `gitea.action_status`<br/>`github.action_status` | The current result of a composite action. | `success` |
| `gitea.actor`<br/>`github.actor` | The username of the user that triggered the initial workflow run. | `silverwind` |
| `gitea.api_url`<br/>`github.api_url` | The URL of the REST API. | `https://gitea.com/api/v1` |
| `gitea.base_ref`<br/>`github.base_ref` | The target branch of a pull request. Only set for `pull_request` and `pull_request_target` events. | `main` |
| `gitea.env`<br/>`github.env` | Path on the runner to the file that sets environment variables from workflow commands. Unique to each step. | `/home/runner/work/_temp/_runner_file_commands/set_env_***` |
| `gitea.event`<br/>`github.event` | The full event webhook payload as an object. | `{...}` |
| `gitea.event_name`<br/>`github.event_name` | The name of the event that triggered the workflow run. | `push` |
| `gitea.event_path`<br/>`github.event_path` | Path on the runner to the file containing the full event webhook payload. | `/home/runner/work/_temp/_github_workflow/event.json` |
| `gitea.head_ref`<br/>`github.head_ref` | The source branch of a pull request. Only set for `pull_request` and `pull_request_target` events. | `feature-branch` |
| `gitea.job`<br/>`github.job` | The `job_id` of the current job. | `build` |
| `gitea.ref`<br/>`github.ref` | The fully-formed ref that triggered the workflow. | `refs/heads/main` |
| `gitea.ref_name`<br/>`github.ref_name` | The short ref name. | `main` |
| `gitea.ref_protected`<br/>`github.ref_protected` | `true` if branch protections are configured for the ref that triggered the workflow run. | `true` |
| `gitea.ref_type`<br/>`github.ref_type` | The type of ref: `branch` or `tag`. | `branch` |
| `gitea.path`<br/>`github.path` | Path on the runner to the file that sets system `PATH` variables from workflow commands. Unique to each step. | `/home/runner/work/_temp/_runner_file_commands/add_path_***` |
| `gitea.repository`<br/>`github.repository` | The owner and repository name. | `gitea/docs` |
| `gitea.repository_owner`<br/>`github.repository_owner` | The repository owner's username. | `gitea` |
| `gitea.repositoryUrl`<br/>`github.repositoryUrl` | The HTML URL to the repository. | `https://gitea.com/gitea/docs` |
| `gitea.retention_days`<br/>`github.retention_days` | The number of days that workflow run logs and artifacts are kept. | `90` |
| `gitea.run_id`<br/>`github.run_id` | A unique number for each workflow run within a repository. Does not change on re-run. | `1234` |
| `gitea.run_number`<br/>`github.run_number` | A unique number for each run of a particular workflow. Starts at 1 and increments with each new run. | `42` |
| `gitea.run_attempt`<br/>`github.run_attempt` | A unique number for each re-run attempt. Starts at 1 and increments with each re-run. | `1` |
| `gitea.secret_source`<br/>`github.secret_source` | The source of a secret used in a workflow. Always `Actions` in Gitea. | `Actions` |
| `gitea.server_url`<br/>`github.server_url` | The URL of the Gitea instance. | `https://gitea.com` |
| `gitea.sha`<br/>`github.sha` | The commit SHA that triggered the workflow. | `a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2` |
| `gitea.token`<br/>`github.token` | A token to authenticate on behalf of the Gitea App installed on the repository. See [Token permissions](token-permissions.md). | `ghs_***` |
| `gitea.triggering_actor`<br/>`github.triggering_actor` | The username of the user that initiated the workflow run. May differ from `actor` on re-runs. | `silverwind` |
| `gitea.workflow`<br/>`github.workflow` | The name of the workflow. If unnamed, the full path of the workflow file. | `CI` |
| `gitea.workspace`<br/>`github.workspace` | The default working directory on the runner and the default location of your repository when using the `checkout` action. | `/workspace/gitea/docs` |
| `gitea.gitea_default_actions_url` | The default URL for downloading actions. Gitea-specific. | `https://github.com` |
## Pre-defined environment variables
These environment variables are set automatically in every workflow run and can be accessed directly (e.g. `$CI` in shell scripts).
### Standard environment variables
| Name | Description | Example |
|---|---|---|
| `CI` | Always set to `true`. | `true` |
| `GITEA_ACTIONS` | Always set to `true`. Useful to distinguish Gitea Actions from other CI systems. | `true` |
| `GITEA_ACTIONS_RUNNER_VERSION` | The version of the runner executing the workflow. | `1.0.8` |
| `GITEA_ENV`<br/>`GITHUB_ENV` | Path to the file that sets environment variables for subsequent steps. | `/home/runner/work/_temp/_runner_file_commands/set_env_***` |
| `GITEA_OUTPUT`<br/>`GITHUB_OUTPUT` | Path to the file that sets step output parameters. | `/home/runner/work/_temp/_runner_file_commands/set_output_***` |
| `GITEA_PATH`<br/>`GITHUB_PATH` | Path to the file that adds system `PATH` entries for subsequent steps. | `/home/runner/work/_temp/_runner_file_commands/add_path_***` |
| `GITEA_STATE`<br/>`GITHUB_STATE` | Path to the file that sets step state variables. | `/home/runner/work/_temp/_runner_file_commands/save_state_***` |
| `GITEA_STEP_SUMMARY`<br/>`GITHUB_STEP_SUMMARY` | Path to the file for writing job summaries. | `/home/runner/work/_temp/_runner_file_commands/step_summary_***` |
| `GITHUB_ACTIONS` | Always set to `true`. | `true` |
| `GITHUB_ACTION` | The name of the action currently running, or the step `id`. | `__run` |
| `GITHUB_ACTION_PATH` | The path where the action is located. | `/home/runner/work/_actions/actions/checkout/v4` |
| `GITHUB_ACTION_REF` | The ref of the action being executed. | `v4` |
| `GITHUB_ACTION_REPOSITORY` | The owner and repository of the action. | `actions/checkout` |
| `GITHUB_ACTOR` | The username of the user that triggered the workflow. | `silverwind` |
| `GITHUB_API_URL` | The URL of the REST API. | `https://gitea.com/api/v1` |
| `GITHUB_BASE_REF` | The target branch of a pull request. | `main` |
| `GITHUB_EVENT_NAME` | The name of the event that triggered the workflow. | `push` |
| `GITHUB_EVENT_PATH` | Path to the file containing the event webhook payload. | `/home/runner/work/_temp/_github_workflow/event.json` |
| `GITHUB_GRAPHQL_URL` | Empty in Gitea (GraphQL is not supported). | _(empty)_ |
| `GITHUB_HEAD_REF` | The source branch of a pull request. | `feature-branch` |
| `GITHUB_JOB` | The `job_id` of the current job. | `build` |
| `GITHUB_REF` | The fully-formed ref that triggered the workflow. | `refs/heads/main` |
| `GITHUB_REF_NAME` | The short ref name. | `main` |
| `GITHUB_REF_TYPE` | The type of ref: `branch` or `tag`. | `branch` |
| `GITHUB_REPOSITORY` | The owner and repository name. | `gitea/docs` |
| `GITHUB_REPOSITORY_OWNER` | The repository owner's username. | `gitea` |
| `GITHUB_RETENTION_DAYS` | The number of days that workflow run logs and artifacts are kept. | `90` |
| `GITHUB_RUN_ATTEMPT` | The attempt number of the workflow run. | `1` |
| `GITHUB_RUN_ID` | A unique number for each workflow run. | `1234` |
| `GITHUB_RUN_NUMBER` | A unique number for each run of a particular workflow. | `42` |
| `GITHUB_SERVER_URL` | The URL of the Gitea instance. | `https://gitea.com` |
| `GITHUB_SHA` | The commit SHA that triggered the workflow. | `a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2` |
| `GITHUB_WORKFLOW` | The name of the workflow. | `CI` |
| `GITHUB_WORKSPACE` | The default working directory on the runner. | `/workspace/gitea/docs` |
### Runner environment variables
| Name | Description | Example |
|---|---|---|
| `RUNNER_ARCH` | The architecture of the runner. | `X64` |
| `RUNNER_OS` | The operating system of the runner. | `Linux` |
| `RUNNER_TEMP` | Path to a temporary directory on the runner. | `/tmp` |
| `RUNNER_TOOL_CACHE` | Path to the tool cache directory on the runner. | `/opt/hostedtoolcache` |
### Internal environment variables
These are used internally by the runner and actions. They are typically not needed in workflows directly.
| Name | Description | Example |
|---|---|---|
| `ACTIONS_CACHE_URL` | URL for the actions cache service. | `http://192.168.1.10:8088/` |
| `ACTIONS_ID_TOKEN_REQUEST_TOKEN` | Token for OIDC requests. Only set when configured. | `***` |
| `ACTIONS_ID_TOKEN_REQUEST_URL` | URL to request OIDC tokens. Only set when configured. | `https://gitea.com/login/oauth/access_token` |
| `ACTIONS_RESULTS_URL` | URL for storing artifacts. | `https://gitea.com` |
| `ACTIONS_RUNTIME_TOKEN` | Authentication token for the Actions pipeline API. | `***` |
| `ACTIONS_RUNTIME_URL` | URL for the Gitea Actions pipeline API. | `https://gitea.com/api/actions_pipeline/` |

View File

@@ -0,0 +1,9 @@
{
"label": "Issues & Pull Requests",
"position": 20,
"link": {
"type": "generated-index",
"slug": "/usage/issues-prs",
"description": "Issues and Pull Requests workflow, templates, and collaboration features"
}
}

View File

@@ -4,9 +4,11 @@ slug: "agit"
sidebar_position: 12
aliases:
- /en-us/agit-setup
- /agit-setup
- /agit
---
# AGit Setup
# AGit
In Gitea `1.13`, support for [AGit](https://git-repo.info/en/2020/03/agit-flow-and-git-repo/) was added. AGit enables users to create pull requests directly, even without write permissions of the repository, eliminating the need to fork it. This helps reduce the number of duplicated repositories and minimizes unnecessary disk usage.
@@ -27,19 +29,21 @@ git push origin HEAD:refs/for/main
The command has the following structure:
- `HEAD`: The target branch
- `refs/<for|draft|for-review>/<branch>`: The target PR type
- `origin`: The target repository (not a fork!)
- `HEAD`: The local branch containing the changes you are proposing
- `refs/<for|draft|for-review>/<branch>`: The target PR type and configuration
- `for`: Create a normal PR with `<branch>` as the target branch
- `draft`/ `for-review`: Currently ignored silently
- `<branch>/<session>`: The target branch to open the PR
- `draft`/`for-review`: Currently ignored silently
- `<branch>/`: The branch you want your changes to be merged into
- `-o <topic|title|description>`: Options for the PR
- `title`: The PR title
- `topic`: The branch name the PR should be opened for
- `description`: The PR description
- `topic`: The topic of this change. It will become the name of the branch holding the changes waiting for review. This is REQUIRED to trigger a pull request.
- `title`: The PR title (optional but recommended), only used for topics not already having an associated PR.
- `description`: The PR description (optional but recommended), only used for topics not already having an associated PR.
- `force-push=true`: Specifies whether to force-update the target branch.
- Note: omitting the value and using just `-o force-push` will not work.
- Note: omitting the value and using just `-o force-push` will also work.
Here's another advanced example for creating a new PR targeting `main` with `topic`, `title`, and `description`:
```shell
git push origin HEAD:refs/for/main -o topic="Topic of my PR" -o title="Title of the PR" -o description="# The PR Description\nThis can be **any** markdown content.\n- [x] Ok"
git push origin HEAD:refs/for/main -o topic="topic_of_my_PR" -o title="Title of the PR" -o description="# The PR Description\nThis can be **any** markdown content.\n- [x] Ok"
```

View File

@@ -10,9 +10,10 @@ aliases:
Some projects have a standard list of questions that users need to answer
when creating an issue or pull request. Gitea supports adding templates to the
main branch of the repository so that they can autopopulate the form when users are
**default branch of the repository** so that they can autopopulate the form when users are
creating issues and pull requests. This will cut down on the initial back and forth
of getting some clarifying details.
It is currently not possible to provide generic issue/pull-request templates globally.
Additionally, the New Issue page URL can be suffixed with `?title=Issue+Title&body=Issue+Text` and the form will be populated with those strings. Those strings will be used instead of the template if there is one.
@@ -98,6 +99,9 @@ name: "Template Name"
about: "This template is for testing!"
title: "[TEST] "
ref: "main"
assignees: ["user1"]
projects:
- Example Project
labels:
- bug
@@ -110,7 +114,10 @@ This is the template!
In the above example, when a user is presented with the list of issues they can submit, this would show as `Template Name` with the description
`This template is for testing!`. When submitting an issue with the above example, the issue title would be pre-populated with
`[TEST] ` while the issue body would be pre-populated with `This is the template!`. The issue would also be assigned two labels,
`[TEST] ` while the issue body would be pre-populated with `This is the template!`.
The issue would be assigned to `user1`.
The issue would be assigned to the project `Example Project`.
The issue would also be assigned two labels,
`bug` and `help needed`, and the issue will have a reference to `main`.
## Syntax for yaml template
@@ -126,6 +133,12 @@ body:
attributes:
value: |
Thanks for taking the time to fill out this bug report!
# some markdown that will only be visible once the issue has been created
- type: markdown
attributes:
value: |
This issue was created by an issue **template** :)
visible: [content]
- type: input
id: contact
attributes:
@@ -173,15 +186,21 @@ body:
id: terms
attributes:
label: Code of Conduct
hide_label: true
description: By submitting this issue, you agree to follow our [Code of Conduct](https://example.com)
options:
- label: I agree to follow this project's Code of Conduct
required: true
- label: I have also read the CONTRIBUTION.MD
required: true
visible: [form]
- label: This is a TODO only visible after issue creation
visible: [content]
```
### Markdown
You can use a `markdown` element to display Markdown in your form that provides extra context to the user, but is not submitted.
You can use a `markdown` element to display Markdown in your form that provides extra context to the user, but is not submitted by default.
Attributes:
@@ -189,19 +208,22 @@ Attributes:
|-------|--------------------------------------------------------------|----------|--------|---------|--------------|
| value | The text that is rendered. Markdown formatting is supported. | Required | String | - | - |
visible: Default is **[form]**
### Textarea
You can use a `textarea` element to add a multi-line text field to your form. Contributors can also attach files in `textarea` fields.
Attributes:
| Key | Description | Required | Type | Default | Valid values |
|-------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|--------|--------------|---------------------------|
| label | A brief description of the expected user input, which is also displayed in the form. | Required | String | - | - |
| description | A description of the text area to provide context or guidance, which is displayed in the form. | Optional | String | Empty String | - |
| placeholder | A semi-opaque placeholder that renders in the text area when empty. | Optional | String | Empty String | - |
| value | Text that is pre-filled in the text area. | Optional | String | - | - |
| render | If a value is provided, submitted text will be formatted into a codeblock. When this key is provided, the text area will not expand for file attachments or Markdown editing. | Optional | String | - | Languages known to Gitea. |
| Key | Description | Required | Type | Default | Valid values |
|-------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|---------|--------------|---------------------------|
| label | A brief description of the expected user input, which is also displayed in the form. | Required | String | - | - |
| hide_label | If true, the label normally used as a headline is not visible. | Optional | Boolean | false | - |
| description | A description of the text area to provide context or guidance, which is displayed in the form. | Optional | String | Empty String | - |
| placeholder | A semi-opaque placeholder that renders in the text area when empty. | Optional | String | Empty String | - |
| value | Text that is pre-filled in the text area. | Optional | String | - | - |
| render | If a value is provided, submitted text will be formatted into a codeblock. When this key is provided, the text area will not expand for file attachments or Markdown editing. | Optional | String | - | Languages known to Gitea. |
Validations:
@@ -209,18 +231,21 @@ Validations:
|----------|------------------------------------------------------|----------|---------|---------|--------------|
| required | Prevents form submission until element is completed. | Optional | Boolean | false | - |
visible: Default is **[form, content]**
### Input
You can use an `input` element to add a single-line text field to your form.
Attributes:
| Key | Description | Required | Type | Default | Valid values |
|-------------|--------------------------------------------------------------------------------------------|----------|--------|--------------|--------------|
| label | A brief description of the expected user input, which is also displayed in the form. | Required | String | - | - |
| description | A description of the field to provide context or guidance, which is displayed in the form. | Optional | String | Empty String | - |
| placeholder | A semi-transparent placeholder that renders in the field when empty. | Optional | String | Empty String | - |
| value | Text that is pre-filled in the field. | Optional | String | - | - |
| Key | Description | Required | Type | Default | Valid values |
|-------------|--------------------------------------------------------------------------------------------|----------|---------|--------------|--------------|
| label | A brief description of the expected user input, which is also displayed in the form. | Required | String | - | - |
| hide_label | If true, the label normally used as a headline is not visible. | Optional | Boolean | false | - |
| description | A description of the field to provide context or guidance, which is displayed in the form. | Optional | String | Empty String | - |
| placeholder | A semi-transparent placeholder that renders in the field when empty. | Optional | String | Empty String | - |
| value | Text that is pre-filled in the field. | Optional | String | - | - |
Validations:
@@ -230,6 +255,8 @@ Validations:
| is_number | Prevents form submission until element is filled with a number. | Optional | Boolean | false | - |
| regex | Prevents form submission until element is filled with a value that match the regular expression. | Optional | String | - | a [regular expression](https://en.wikipedia.org/wiki/Regular_expression) |
visible: Default is **[form, content]**
### Dropdown
You can use a `dropdown` element to add a dropdown menu in your form.
@@ -239,8 +266,10 @@ Attributes:
| Key | Description | Required | Type | Default | Valid values |
|-------------|-----------------------------------------------------------------------------------------------------|----------|--------------|--------------|--------------|
| label | A brief description of the expected user input, which is displayed in the form. | Required | String | - | - |
| hide_label | If true, the label normally used as a headline is not visible. | Optional | Boolean | false | - |
| description | A description of the dropdown to provide extra context or guidance, which is displayed in the form. | Optional | String | Empty String | - |
| multiple | Determines if the user can select more than one option. | Optional | Boolean | false | - |
| list | If true, display as a list. If false, print items on one line with commas. | Optional | Boolean | false | - |
| options | An array of options the user can choose from. Cannot be empty and all choices must be distinct. | Required | String array | - | - |
Validations:
@@ -249,24 +278,30 @@ Validations:
|----------|------------------------------------------------------|----------|---------|---------|--------------|
| required | Prevents form submission until element is completed. | Optional | Boolean | false | - |
visible: Default is **[form, content]**
### Checkboxes
You can use the `checkboxes` element to add a set of checkboxes to your form.
Attributes:
| Key | Description | Required | Type | Default | Valid values |
|-------------|-------------------------------------------------------------------------------------------------------|----------|--------|--------------|--------------|
| label | A brief description of the expected user input, which is displayed in the form. | Required | String | - | - |
| description | A description of the set of checkboxes, which is displayed in the form. Supports Markdown formatting. | Optional | String | Empty String | - |
| options | An array of checkboxes that the user can select. For syntax, see below. | Required | Array | - | - |
| Key | Description | Required | Type | Default | Valid values |
|-------------|-------------------------------------------------------------------------------------------------------|----------|---------|--------------|--------------|
| label | A brief description of the expected user input, which is displayed in the form. | Required | String | - | - |
| hide_label | If true, the label normally used as a headline is not visible. | Optional | Boolean | false | - |
| description | A description of the set of checkboxes, which is displayed in the form. Supports Markdown formatting. | Optional | String | Empty String | - |
| options | An array of checkboxes that the user can select. For syntax, see below. | Required | Array | - | - |
For each value in the options array, you can set the following keys.
| Key | Description | Required | Type | Default | Options |
|----------|------------------------------------------------------------------------------------------------------------------------------------------|----------|---------|---------|---------|
| label | The identifier for the option, which is displayed in the form. Markdown is supported for bold or italic text formatting, and hyperlinks. | Required | String | - | - |
| required | Prevents form submission until element is completed. | Optional | Boolean | false | - |
| Key | Description | Required | Type | Default | Options |
|--------------|------------------------------------------------------------------------------------------------------------------------------------------|----------|--------------|---------|---------|
| label | The identifier for the option, which is displayed in the form. Markdown is supported for bold or italic text formatting, and hyperlinks. | Required | String | - | - |
| required | Prevents form submission until element is completed. | Optional | Boolean | false | - |
| visible | Whether a specific checkbox appears in the form only, in the created issue only, or both. Valid options are "form" and "content". | Optional | String array | false | - |
visible: Default is **[form, content]**
## Syntax for issue config
@@ -276,21 +311,21 @@ This is a example for a issue config file
blank_issues_enabled: true
contact_links:
- name: Gitea
url: https://gitea.io
url: https://gitea.com
about: Visit the Gitea Website
```
### Possible Options
| Key | Description | Type | Default |
|----------------------|-------------------------------------------------------------------------------------------------------|--------------------|----------------|
| blank_issues_enabled | If set to false, the User is forced to use a Template | Boolean | true |
| contact_links | Custom Links to show in the Choose Box | Contact Link Array | Empty Array |
| Key | Description | Type | Default |
|----------------------|-------------------------------------------------------|--------------------|-------------|
| blank_issues_enabled | If set to false, the User is forced to use a Template | Boolean | true |
| contact_links | Custom Links to show in the Choose Box | Contact Link Array | Empty Array |
### Contact Link
| Key | Description | Type | Required |
|----------------------|-------------------------------------------------------------------------------------------------------|---------|----------|
| name | the name of your link | String | true |
| url | The URL of your Link | String | true |
| about | A short description of your Link | String | true |
| Key | Description | Type | Required |
|-------|----------------------------------|--------|----------|
| name | the name of your link | String | true |
| url | The URL of your Link | String | true |
| about | A short description of your Link | String | true |

View File

@@ -18,7 +18,7 @@ For organizations, you can define organization-wide labels that are shared with
Labels have a mandatory name, a mandatory color, an optional description, and must either be exclusive or not (see `Scoped Labels` below).
When you create a repository, you can ensure certain labels exist by using the `Issue Labels` option. This option lists a number of available label sets that are [configured globally on your instance](../administration/customizing-gitea.md#labels). Its contained labels will all be created as well while creating the repository.
When you create a repository, you can ensure certain labels exist by using the `Issue Labels` option. This option lists a number of available label sets that are [configured globally on your instance](../../administration/customizing-gitea.md#labels). Its contained labels will all be created as well while creating the repository.
## Scoped Labels

View File

@@ -85,7 +85,7 @@ Sometimes a commit or pull request may fix or bring back a problem documented
in a particular issue. Gitea supports closing and reopening the referenced
issues by preceding the reference with a particular _keyword_. Common keywords
include "closes", "fixes", "reopens", etc. This list can be
[customized](../administration/config-cheat-sheet.md) by the
[customized](../../administration/config-cheat-sheet) by the
site administrator.
Example:

View File

@@ -1,12 +1,9 @@
---
date: "2018-06-01T19:00:00+02:00"
slug: "pull-request"
sidebar_position: 13
aliases:
- /en-us/pull-request
---
# Pull Request
@@ -58,6 +55,22 @@ WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
The first value of the list will be used in helpers.
## Default pull request title
When opening a new pull request, Gitea pre-fills the title field. The source of that title is controlled by the `DEFAULT_TITLE_SOURCE` setting in `app.ini`:
```ini
[repository.pull-request]
DEFAULT_TITLE_SOURCE = first-commit
```
Two modes are available:
- **`first-commit`** (default): The title is taken from the summary line of the oldest commit in the branch. This applies regardless of how many commits are included in the PR.
- **`auto`**: When the PR contains a single commit, its summary line is used as the title (same as `first-commit` for one commit). When the PR contains multiple commits, Gitea converts the branch name into a human-readable sentence: dashes, underscores, and `camelCase` word boundaries are replaced with spaces, and the first letter is capitalized.
Example: branch name `fix-user-login-flow` with multiple commits produces the title `Fix user login flow` under `auto`, but would use the oldest commit's message under `first-commit`.
## Pull Request Templates
You can find more information about pull request templates at the page [Issue and Pull Request templates](usage/issue-pull-request-templates.md).
You can find more information about pull request templates at the page [Issue and Pull Request templates](issue-pull-request-templates).

View File

@@ -0,0 +1,9 @@
{
"label": "Packages",
"position": 40,
"link": {
"type": "generated-index",
"slug": "/usage/packages",
"description": "Managing packages and package registries"
}
}

View File

@@ -28,7 +28,7 @@ https://gitea.example.com/api/packages/{owner}/alpine/<branch>/<repository>
| `branch` | The branch to use. |
| `repository` | The repository to use. |
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md#authentication):
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md):
```
https://{username}:{your_password_or_token}@gitea.example.com/api/packages/{owner}/alpine/<branch>/<repository>
@@ -68,7 +68,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/alpine/v3.17/main
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a file with the same name twice to a package. You must delete the existing package file first.

View File

@@ -36,23 +36,24 @@ pacman-key --lsign-key {key id}
Now add the registry configuration to `/etc/pacman.conf`.
```conf
[{owner}.gitea.example.com]
[{repository}]
SigLevel = Required
Server = https://gitea.example.com/api/packages/{owner}/arch/{repository}/{architecture}
Server = https://gitea.example.com/api/packages/{owner}/arch/$repo/$arch
```
| Placeholder | Description |
| -------------- | ----------- |
| `owner` | The owner of the packages. |
| `repository` | The repository to use. |
| `architecture` | The architecture to use. |
Consult the owners package overview to see what `repository` and `architecture` is available.
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md#authentication):
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md):
```
Server = https://{username}:{your_password_or_token}@gitea.example.com/api/packages/{owner}/arch/{repository}/{architecture}
[{repository}]
SigLevel = Required
Server = https://{username}:{your_password_or_token}@gitea.example.com/api/packages/{owner}/arch/$repo/$arch
```
## Publish a package
@@ -76,7 +77,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/arch/core
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a file with the same name twice to a package. You must delete the existing package file first.

View File

@@ -62,7 +62,7 @@ token = "Bearer {token}"
| Parameter | Description |
| --------- | ----------- |
| `token` | Your [personal access token](development/api-usage.md#authentication) |
| `token` | Your [personal access token](development/api-usage.md) |
## Git vs Sparse

View File

@@ -49,7 +49,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/composer?version=1.0.3
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
The server responds with the following HTTP Status codes.

View File

@@ -18,21 +18,21 @@ To register the package registry you need to configure a new Conan remote:
```shell
conan remote add {remote} https://gitea.example.com/api/packages/{owner}/conan
conan user --remote {remote} --password {password} {username}
conan remote login {remote} {username} --password {password}
```
| Parameter | Description |
| -----------| ----------- |
| `remote` | The remote name. |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
| `owner` | The owner of the package. |
For example:
```shell
conan remote add gitea https://gitea.example.com/api/packages/testuser/conan
conan user --remote gitea --password password123 testuser
conan remote login gitea testuser --password password123
```
## Publish a package

View File

@@ -54,7 +54,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/conda/package-1.0.conda
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first.

View File

@@ -22,7 +22,7 @@ To push an image or if the image is in a private registry, you have to authentic
docker login gitea.example.com
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
## Image naming convention

View File

@@ -60,7 +60,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/cran/bin?platform=windows&rversion=4.2
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first.

View File

@@ -28,7 +28,7 @@ echo "deb [signed-by=/etc/apt/keyrings/gitea-{owner}.asc] https://gitea.example.
| `distribution` | The distribution to use. |
| `component` | The component to use. |
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md#authentication):
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md):
```shell
echo "deb [signed-by=/etc/apt/keyrings/gitea-{owner}.asc] https://{username}:{your_password_or_token}@gitea.example.com/api/packages/{owner}/debian {distribution} {component}" | sudo tee -a /etc/apt/sources.list.d/gitea.list
@@ -68,7 +68,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/debian/pool/bionic/main/upload
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a package if a package of the same name, version, distribution, component and architecture already exists. You must delete the existing package first.

View File

@@ -10,7 +10,7 @@ Publish generic files, like release binaries or other output, for your user or o
## Authenticate to the package registry
To authenticate to the Package Registry, you need to provide [custom HTTP headers or use HTTP Basic authentication](development/api-usage.md#authentication).
To authenticate to the Package Registry, you need to provide [custom HTTP headers or use HTTP Basic authentication](development/api-usage.md).
## Publish a package
@@ -36,7 +36,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/generic/test_package/1.0.0/file.bin
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
The server responds with the following HTTP Status codes.

View File

@@ -22,7 +22,7 @@ PUT https://gitea.example.com/api/packages/{owner}/go/upload
| --------- | ----------- |
| `owner` | The owner of the package. |
To authenticate to the package registry, you need to provide [custom HTTP headers or use HTTP Basic authentication](development/api-usage.md#authentication):
To authenticate to the package registry, you need to provide [custom HTTP headers or use HTTP Basic authentication](development/api-usage.md):
```shell
curl --user your_username:your_password_or_token \
@@ -30,7 +30,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/go/upload
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a package if a package of the same name and version already exists. You must delete the existing package first.

View File

@@ -30,7 +30,7 @@ helm cm-push ./{chart_file}.tgz {repo}
| Parameter | Description |
| ------------ | ----------- |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
| `repo` | The name for the repository. |
| `chart_file` | The Helm Chart archive. |
| `owner` | The owner of the package. |

View File

@@ -58,7 +58,7 @@ Afterwards add the following sections to your project `pom.xml` file:
| Parameter | Description |
| -------------- | ----------- |
| `access_token` | Your [personal access token](development/api-usage.md#authentication). |
| `access_token` | Your [personal access token](development/api-usage.md). |
| `owner` | The owner of the package. |
### Gradle variant

View File

@@ -29,7 +29,7 @@ npm config set -- '//gitea.example.com/api/packages/{owner}/npm/:_authToken' "{t
| ------------ | ----------- |
| `scope` | The scope of the packages. |
| `owner` | The owner of the package. |
| `token` | Your [personal access token](development/api-usage.md#authentication). |
| `token` | Your [personal access token](development/api-usage.md). With `package` permissions. |
For example:

View File

@@ -26,7 +26,7 @@ dotnet nuget add source --name {source_name} --username {username} --password {p
| ------------- | ----------- |
| `source_name` | The desired source name. |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
| `owner` | The owner of the package. |
For example:
@@ -35,7 +35,7 @@ For example:
dotnet nuget add source --name gitea --username testuser --password password123 https://gitea.example.com/api/packages/testuser/nuget/index.json
```
You can add the source without credentials and use the [`--api-key`](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-nuget-push) parameter when publishing packages. In this case you need to provide a [personal access token](development/api-usage.md#authentication).
You can add the source without credentials and use the [`--api-key`](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-nuget-push) parameter when publishing packages. In this case you need to provide a [personal access token](development/api-usage.md).
## Publish a package

View File

@@ -35,6 +35,7 @@ The following package managers are currently supported:
| [RPM](usage/packages/rpm.md) | - | `yum`, `dnf`, `zypper` |
| [RubyGems](usage/packages/rubygems.md) | Ruby | `gem`, `Bundler` |
| [Swift](usage/packages/swift.md) | Swift | `swift` |
| [Terraform](usage/packages/terraform.md) | - | `terraform` |
| [Vagrant](usage/packages/vagrant.md) | - | `vagrant` |
**The following paragraphs only apply if Packages are not globally disabled!**
@@ -56,6 +57,8 @@ and shows a link to the repository on the package site (as well as a link to the
| **read** access | public, if user is public too; otherwise for this user only | public, if org is public, otherwise for org members only |
| **write** access | owner only | org members with admin or write access to the org |
Please note, that your respective package manager needs to have a [personal access token](development/api-usage.md) with the permissions `package` set to either Read or Read & Write to download and publish packages respectively.
N.B.: These access restrictions are [subject to change](https://github.com/go-gitea/gitea/issues/19270), where more finegrained control will be added via a dedicated organization team permission.
## Create or upload a package

View File

@@ -26,7 +26,7 @@ dart pub token add https://gitea.example.com/api/packages/{owner}/pub
| ------------ | ----------- |
| `owner` | The owner of the package. |
You need to provide your [personal access token](development/api-usage.md#authentication).
You need to provide your [personal access token](development/api-usage.md).
## Publish a package

View File

@@ -30,7 +30,7 @@ password = {password}
| ------------ | ----------- |
| `owner` | The owner of the package. |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
## Publish a package

View File

@@ -37,7 +37,7 @@ dnf config-manager --add-repo https://gitea.example.com/api/packages/testuser/rp
dnf config-manager --add-repo https://gitea.example.com/api/packages/testuser/rpm/centos/el7.repo
```
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md#authentication):
If the registry is private, provide credentials in the url. You can use a password or a [personal access token](development/api-usage.md):
```shell
dnf config-manager --add-repo https://{username}:{your_password_or_token}@gitea.example.com/api/packages/{owner}/rpm/{group}.repo
@@ -72,7 +72,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/rpm/centos/el7/upload
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a file with the same name twice to a package. You must delete the existing package version first.
The server responds with the following HTTP Status codes.

View File

@@ -24,7 +24,7 @@ https://gitea.example.com/api/packages/{owner}/rubygems: Bearer {token}
| Parameter | Description |
| ------------- | ----------- |
| `owner` | The owner of the package. |
| `token` | Your [personal access token](development/api-usage.md#authentication). |
| `token` | Your [personal access token](development/api-usage.md). |
For example:

View File

@@ -25,7 +25,7 @@ swift package-registry login https://gitea.example.com/api/packages/{owner}/swif
| ------------ | ----------- |
| `owner` | The owner of the package. |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
The login is optional and only needed if the package registry is private.
@@ -50,7 +50,7 @@ curl -X PUT --user {username}:{password} \
| Placeholder | Description |
| ----------- | ----------- |
| `username` | Your Gitea username. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password. |
| `password` | Your Gitea password. If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password. |
| `owner` | The owner of the package. |
| `scope` | The package scope. |
| `name` | The package name. |

View File

@@ -0,0 +1,99 @@
---
date: "2026-03-04T00:00:00+00:00"
slug: "terraform"
sidebar_position: 118
---
# Terraform State Registry
Publish terraform states to sync it between multiple users or CI system.
## Requirements
To work with the Terraform State registry, you need to use [Terraform](https://www.terraform.io/) or [OpenTofu](https://opentofu.org/).
## Configuring the package registry
To use the Gitea Terraform State registry, you need to configure the `http` backend in your Terraform configuration.
```hcl
terraform {
backend "http" {
address = "https://gitea.example.com/api/packages/{owner}/terraform/state/{name}"
lock_address = "https://gitea.example.com/api/packages/{owner}/terraform/state/{name}/lock"
unlock_address = "https://gitea.example.com/api/packages/{owner}/terraform/state/{name}/lock"
lock_method = "POST"
unlock_method = "DELETE"
username = "{username}"
password = "{password_or_token}"
}
}
```
| Placeholder | Description |
| ----------- | ----------- |
| `owner` | The owner of the state (user or organization). |
| `name` | The name of the state. |
| `username` | Your Gitea username. |
| `password` | Your Gitea password or [personal access token](development/api-usage.md). |
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
## Initialize the backend
After configuring the backend, you can initialize it with:
```shell
terraform init
```
Terraform will prompt you to migrate your state if you already have one locally.
## State Locking
Gitea supports state locking to prevent concurrent modifications. The `lock_address` and `unlock_address` should point to the `/lock` sub-route of your state URL.
- **Locking**: Performed via a `POST` request to `{address}/lock`.
- **Unlocking**: Performed via a `DELETE` request to `{address}/lock`.
Terraform handles these requests automatically when configured as shown above.
## Encrypted state
The state registry supports [encrypted state](https://opentofu.org/docs/language/state/encryption/).
## State Versions and Management
Gitea keeps track of your Terraform state versions. You can use the API to retrieve or delete specific versions.
### Fetch state
To fetch the latest version of a state:
```shell
curl --user {username}:{password_or_token} \
https://gitea.example.com/api/packages/{owner}/terraform/state/{name}
```
To fetch a specific version by its serial number:
```shell
curl --user {username}:{password_or_token} \
https://gitea.example.com/api/packages/{owner}/terraform/state/{name}/versions/{serial}
```
### Delete state
To delete the entire state and all its versions:
```shell
curl --user {username}:{password_or_token} -X DELETE \
https://gitea.example.com/api/packages/{owner}/terraform/state/{name}
```
To delete a specific version by its serial number:
```shell
curl --user {username}:{password_or_token} -X DELETE \
https://gitea.example.com/api/packages/{owner}/terraform/state/{name}/versions/{serial}
```

View File

@@ -35,7 +35,7 @@ curl --user your_username:your_password_or_token \
https://gitea.example.com/api/packages/testuser/vagrant/test_system/1.0.0/hyperv.box
```
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md#authentication) instead of the password.
If you are using 2FA or OAuth use a [personal access token](development/api-usage.md) instead of the password.
You cannot publish a box if a box of the same name, version and provider already exists. You must delete the existing package first.
@@ -67,7 +67,7 @@ vagrant box add "https://gitea.example.com/api/packages/testuser/vagrant/test_sy
```
This will install the latest version of the package. To add a specific version, use the `--box-version` parameter.
If the registry is private you can pass your [personal access token](development/api-usage.md#authentication) in the `VAGRANT_CLOUD_TOKEN` environment variable.
If the registry is private you can pass your [personal access token](development/api-usage.md) in the `VAGRANT_CLOUD_TOKEN` environment variable.
## Supported commands

View File

@@ -0,0 +1,9 @@
{
"label": "Repository",
"position": 10,
"link": {
"type": "generated-index",
"slug": "/usage/repository",
"description": "Repository management, Git operations, and content features"
}
}

View File

@@ -1,12 +1,10 @@
---
date: "2023-08-14T00:00:00+00:00"
slug: "blame"
sidebar_position: 13
aliases:
- /en-us/blame
- /blame
---
# Blame File View

View File

@@ -1,11 +1,10 @@
---
date: "2021-02-02"
slug: "clone-filters"
sidebar_position: 25
aliases:
- /en-us/clone-filters
- /clone-filters
---
# Clone filters (partial clone)

View File

@@ -1,12 +1,10 @@
---
date: "2023-05-24T16:00:00+00:00"
slug: "code-owners"
sidebar_position: 30
aliases:
- /en-us/code-owners
- /code-owners
---
# Code Owners

View File

@@ -1,11 +1,10 @@
---
date: "2022-12-01T00:00:00+00:00"
slug: "incoming-email"
sidebar_position: 13
sidebar_position: 130
aliases:
- /en-us/incoming-email
- /incoming-email
---
# Incoming Email

View File

@@ -0,0 +1,155 @@
---
date: "2025-04-05T00:00:00+08:00"
slug: "markdown"
aliases:
- /markdown
sidebar_position: 4
---
# Markdown
Gitea uses MarkDown structured text in many places, you can recognise it by the `.md` file extension.
Markdown is plain text format for writing structured documents, allowing one to write
"plain" text files that nonetheless have _"fancy"_ **formatting**, while still keeping the plain-text version readable.
Unfortunately, due to historical implementation differences, many subtle dialects exist.
To avoid adding to the confusion, Gitea tries to follow "[GitHub Flavoured Markdown (GFM)](https://help.github.com/articles/github-flavored-markdown/)" as close as possible.
"GFM" is an extension on top of the rigorously-specified [CommonMark](https://commonmark.org/) standard.
CommonMark flavours are used by most major web platforms (e.g. Reddit, Stack Overflow, Discourse)
and git forges (GitHub, GitLab and our very own Gitea), thus you shouldn't run into any surprises with Gitea.
For a quick introduction to the syntax and features of GitHub Flavoured Markdown, see the GitHub documentation:
- [Basic formatting](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax)
- [Advanced formatting](https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting)
For a deeper history about CommonMark, its spec, and its reason for existence, see [CommonMark.org](https://commonmark.org/).
## Rendering options
Some Gitea's markdown rendering behaviors can be fine-tuned by global config options, see the `[markdown]` config section in the `app.example.ini`
## Link path resolving
When rendering links for `<a href>`, `<img src>` and `<video src>`, Gitea resolves the link paths in the rendering context.
- If the link is an absolute path with scheme, the link is kept as-is.
- If the link is an URL path, it is resolved with the base path of current rendering context.
- In a comment-like context (issues, pull-requests, commit message), the base path is current repository's home link: `/owner-name/repo-name`.
- In a repository file context (markdown files in the repository), the base path is current git ref path.
### Special link tokens
To make users easier to resolve a link to the Gitea instance's root path, Gitea has a special `/:root` path syntax.
This will always resolve to Gitea's ROOT_URL.
Gitea also supports GitHub's `?raw=1` query parameter.
A request to `/owner-name/repo-name/src/branch/main/file?raw=1` will be redirected to
`/owner-name/repo-name/raw/branch/main/file`. This makes it possible to target raw contents from relative links
(normally, the `src/` section of the path is provided automatically by Gitea and cannot be overriden).
### Link handling examples
For example, when rendering a markdown file in `/owner-name/repo-name/src/branch/main/dir`:
1) Absolute with scheme: Link `https://example.org` will be rendered as-is.
2) Relative from current file: Link `sub/file`is resolved to `/owner-name/repo-name/src/branch/main/dir/sub/file`
3) Relative from repo root: Link `/sub/file` (note leading slash) is resolved to `/owner-name/repo-name/src/branch/main/sub/file`
4) Raw media: If the link is used as `src` of an image or video, then it is resolved to `/owner-name/repo-name/raw/...`
5) Raw relative: `sub/file?raw=1` will resolve to `/owner-name/repo-name/src/branch/main/dir/sub/file?raw=1`,
which will redirect to `/owner-name/repo-name/raw/branch/main/dir/sub/file`.
6) explicit root: Link `/:root/any-path` is always resolved to `$ROOT_URL/any-path` without any further processing.
## Issue and pull-request reference
Using issue/pull-request numbers in a list:
```
* #123
* #456
```
It will be rendered with issue titles to:
```
* the issue title (#123)
* the other issue title (#456)
```
## Theme-based image display
Gitea supports the GitHub-like theme-based image display. Supported syntax:
* Use Markdown image
```
![My-Light](my-light.png#gh-light-mode-only)![My-Dark](my-dark.png#gh-dark-mode-only)
```
* Use `<img>` HTML tag
```
<img src="my-light.png#gh-light-mode-only" height="120" width="120"/>
<img src="my-dark.png#gh-dark-mode-only" height="120" width="120"/>
```
* Use `<picture>` with `<source media>` (only works for themes with "auto" color preference)
```
<picture>
<source media="(prefers-color-scheme: dark)" srcset="my-dark.png">
<source media="(prefers-color-scheme: light)" srcset="my-light.png">
<img src="my-light.png">
</picture>
```
## Math expressions
Gitea supports GitHub-like math expression formatting.
### Inline expression
- ``` $\alpha$ ```: quoted by single-dollar `$`
- ``` $$\alpha$$ ```: quoted by double-dollar `$$`
- ``` $`\alpha`$ ```: quoted by dollar with backquotes, the backquotes could repeat like normal code blocks.
### Block expression
Using `$$`:
````
$$
\alpha
$$
````
Using code-block with language:
````
```math
\alpha
```
````
## Frontmatter
Gitea supports frontmatter and Table of Contents (TOC) rendering. By default, frontmatter rendering is enabled, and TOC rendering is disabled.
### Enabling TOC rendering
To enable TOC rendering for a markdown file, add `include_toc: true` to its frontmatter section.
### Disabling frontmatter
To disable frontmatter rendering for a markdown file, add `gitea: none` to its frontmatter section.
### Example
```yaml
---
include_toc: true
gitea: none
---
```
Then, when you preview this markdown file in Gitea, the frontmatter section will not be rendered, and a Table of Contents will be generated at the top of the content.

View File

@@ -0,0 +1,55 @@
---
date: "2024-09-11T09:30:00+08:00"
slug: "migration"
sidebar_position: 40
aliases:
- /migration
---
# Migration
You can migrate repositories from other Git services to your Gitea instance.
## How to migrate from Gogs/GitHub/GitLab to Gitea
To migrate from Gogs to Gitea:
- [Gogs version 0.11.46.0418](https://github.com/go-gitea/gitea/issues/4286)
To migrate from GitHub to Gitea, you can use Gitea's built-in migration form.
In order to migrate items such as issues, pull requests, etc. you will need to input at least your username.
[Example (requires login)](https://demo.gitea.com/repo/migrate)
To migrate from GitLab to Gitea, you can use this non-affiliated tool:
https://github.com/loganinak/MigrateGitlabToGogs
## How to migrate from AWS CodeCommit to Gitea
- To use the AWS CodeCommit API, Gitea requires an access key ID and a secret access key. For security reasons, we recommend creating a new user with the minimum necessary permissions and generating an access key ID and secret access key for the migration. The minimum permissions required for this user are as follows:
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:GetRepository",
"codecommit:GitPull",
"codecommit:ListPullRequests",
"codecommit:GetPullRequest",
"codecommit:GetCommentsForPullRequest"
],
"Resource": [
"arn:aws:codecommit:<region>:<account>:<Repo-to-Migrate>
}
]
}
```
- If you do not need to migrate pull requests, you can remove the `ListPullRequests`, `GetPullRequest`, and `GetCommentsForPullRequest` actions.
- For instructions on how to create an IAM user and assign permissions, you can refer to this [AWS documentation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html).
- To clone this repository, Gitea requires HTTPS Git credentials. You can create HTTPS Git credentials according to this [AWS documentation](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html).

View File

@@ -1,7 +1,9 @@
---
date: "2023-03-02T21:00:00+05:00"
slug: "profile-readme"
sidebar_position: 12
sidebar_position: 42
aliases:
- /profile-readme
---
# Profile READMEs

View File

@@ -5,6 +5,7 @@ sidebar_position: 15
aliases:
- /en-us/push-to-create
- /en-us/push-options
- /push
---
# Push
@@ -44,7 +45,7 @@ Push to create is a feature that allows you to push to a repository that does no
### Enabling Push To Create
In the `app.ini` file, set `ENABLE_PUSH_CREATE_USER` to `true` and `ENABLE_PUSH_CREATE_ORG` to `true` if you want to allow users to create repositories in their own user account and in organizations they are a member of respectively. Restart Gitea for the changes to take effect. You can read more about these two options in the [Configuration Cheat Sheet](../administration/config-cheat-sheet.md#repository-repository).
In the `app.ini` file, set `ENABLE_PUSH_CREATE_USER` to `true` and `ENABLE_PUSH_CREATE_ORG` to `true` if you want to allow users to create repositories in their own user account and in organizations they are a member of respectively. Restart Gitea for the changes to take effect. You can read more about these two options in the [Configuration Cheat Sheet](../../administration/config-cheat-sheet#repository-repository).
### Using Push To Create

View File

@@ -4,9 +4,10 @@ slug: "repo-mirror"
sidebar_position: 45
aliases:
- /en-us/repo-mirror
- /repo-mirror
---
# Repository Mirror
# Mirror Repository
Repository mirroring allows for the mirroring of repositories to and from external sources. You can use it to mirror branches, tags, and commits between repositories.

View File

@@ -1,27 +1,30 @@
---
date: "2019-11-28:00:00+02:00"
slug: "template-repositories"
sidebar_position: 14
sidebar_position: 44
aliases:
- /en-us/template-repositories
- /template-repositories
---
# Template Repositories
# Template Repository
Gitea `1.11.0` and above includes template repositories, and one feature implemented with them is auto-expansion of specific variables within your template files.
Since Gitea `1.11`, you can create template repositories.
When creating a repo based on a template, you can copy most of its content, and even auto-inject variables into it.
To tell Gitea which files to expand, you must include a `template` file inside the `.gitea` directory of the template repository.
By default, variables will not be expanded in any file.
Only files contained in a pattern inside the `.gitea/template` file will be checked for if they contain variables.
When creating the template, all files are included except for this `.gitea/template` file.
Gitea uses [gobwas/glob](https://github.com/gobwas/glob) for its glob syntax. It closely resembles a traditional `.gitignore`, however there may be slight differences.
Gitea uses [gobwas/glob](https://github.com/gobwas/glob) for its glob syntax.
It closely resembles a traditional `.gitignore`, however there may be slight differences.
## Example `.gitea/template` file
All paths are relative to the base of the repository
```gitignore
# All .go files, anywhere in the repository
# Expand all .go files, anywhere in the repository
**.go
# All text files in the text directory
@@ -34,20 +37,23 @@ a/b/c/d.json
**.[bB][aA][tT]
```
:::note
The `template` file will be removed from the `.gitea` directory when a repository is generated from the template.
:::
## Variable Expansion
In any file matched by the above globs, certain variables will be expanded.
In any file matched by the above globs, the variables below will be expanded.
Matching filenames and paths can also be expanded, and are conservatively sanitized to support cross-platform filesystems.
All variables must be of the form `$VAR` or `${VAR}`. To escape an expansion, use a double `$$`, such as `$$VAR` or `$${VAR}`
You can use variables by prefixing them with `$` or surrounding them with `${}`, so both `$VAR` and `${VAR}` insert the value of `VAR` at this location.
To escape an expansion, use `$$`, such as `$$VAR` or `$${VAR}`.
These are the variables Gitea currently recognizes:
| Variable | Expands To | Transformable |
| -------------------- | --------------------------------------------------- | ------------- |
| YEAR | The year of generating the repository (i.e. `2024`) | ✘ |
| MONTH | The month of generating the repository (i.e. `03`) | ✘ |
| MONTH_ENGLISH | The month but in English (i.e. `March`) | ✓ |
| DAY | The day of generating the repository (i.e. `02`) | ✘ |
| REPO_NAME | The name of the generated repository | ✓ |
| TEMPLATE_NAME | The name of the template repository | ✓ |
| REPO_DESCRIPTION | The description of the generated repository | ✘ |
@@ -63,11 +69,12 @@ All variables must be of the form `$VAR` or `${VAR}`. To escape an expansion, us
## Transformers :robot:
Gitea `1.12.0` adds a few transformers to some of the applicable variables above.
Since Gitea `1.12.0`, variables marked as transformable in the table above also have alternative versions where the given transformer has been applied.
For example, to get `REPO_NAME` in `PASCAL`-case, your template would use `${REPO_NAME_PASCAL}`
Transformed variables can be called by appending the transformer name to the variable name.
For example, to get `REPO_NAME` in `PASCAL`-case, you should use the variable `${REPO_NAME_PASCAL}`.
Feeding `go-sdk` to the available transformers yields...
The following transformers are available (assuming `go-sdk` is the input):
| Transformer | Effect |
| ----------- | ------ |

View File

@@ -0,0 +1,732 @@
---
date: "2016-12-01T16:00:00+02:00"
slug: "webhooks"
sidebar_position: 30
aliases:
- /en-us/webhooks
- /webhooks
---
# Webhooks
Gitea can send outbound webhooks for repository activity. Repository webhooks are
configured at `/:username/:reponame/settings/hooks` by a repository admin.
Equivalent webhook pages also exist for organizations, users, and system
administration.
Webhook configuration is available at four scopes:
- `Repository webhooks`: Trigger only for activity in one repository.
- `Organization webhooks`: Trigger for activity in repositories owned by that
organization.
- `User webhooks`: Trigger for activity in repositories owned by that user.
- `System webhooks`: Trigger for all eligible activity on the instance.
Gitea also supports admin-defined `default webhooks`. These are not an extra
delivery scope. Instead, they are copied into newly created repositories and
then behave like ordinary repository webhooks.
Gitea supports these outgoing webhook integrations:
- Gitea
- Gogs
- Slack
- Discord
- Dingtalk
- Telegram
- Microsoft Teams
- Feishu
- Matrix
- Wechatwork
- Packagist
The `Gitea` and `Gogs` webhook types send generic webhook payloads. The chat and
service integrations listed above transform the same internal event into a
service-specific request body.
## Configuration
This section covers the webhook settings you choose when creating or editing a
webhook.
### Configuring a webhook
When creating a webhook, the main options are:
- `Target URL`: The endpoint that receives the delivery.
- `HTTP Method`: Usually `POST` for generic webhooks.
- `POST Content Type`: `application/json` or
`application/x-www-form-urlencoded` for generic webhooks.
- `Secret`: Used to sign the raw request body with HMAC.
- `Authorization Header`: Optional custom `Authorization` header to send with
each request.
- `Branch Filter`: Optional glob filter for branch and tag related events.
- `Trigger On`: `Push Events`, `All Events`, or a custom event selection.
- `Active`: Whether the webhook is enabled.
:::note
Older examples may still show a `secret` field inside the JSON payload. Current
Gitea versions do not send the webhook secret in the payload body. Always verify
the request by checking the signature headers instead.
:::
### Branch filters
The branch filter uses glob syntax compatible with
[`github.com/gobwas/glob`](https://pkg.go.dev/github.com/gobwas/glob#Compile).
- Empty, `*`, or `**` matches everything.
- A plain branch name such as `main` matches that branch.
- Full refs such as `refs/tags/v*` are also supported.
- Brace expressions such as `{main,release/*}` are supported.
- The filter only applies to events that carry a git ref, such as `create`,
`delete`, and `push`.
- Events without a ref, such as issues or releases, ignore the branch filter.
Examples:
- `main`
- `{main,feature/*}`
- `{refs/heads/feature/*,refs/tags/release/*}`
### Authorization header
Gitea can be configured to send a custom
[Authorization header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization)
with each webhook delivery. This is independent from the webhook secret:
- Use the secret to verify integrity with HMAC.
- Use the `Authorization` header when the receiving endpoint requires
application-level authentication.
## Delivery
This section describes how Gitea sends webhook deliveries and how receivers can
identify and verify them.
### Delivery behavior
- Webhooks are delivered asynchronously over HTTP.
- Generic `Gitea` and `Gogs` webhooks support `POST` and `GET`; `POST` is the
normal choice.
- For `POST` requests, the payload can be sent either as JSON
(`application/json`) or as a form field named `payload`
(`application/x-www-form-urlencoded`).
- Provider-specific integrations may use the HTTP method and body format
required by that provider.
### Delivery headers
Every delivery includes a unique delivery ID and event headers. For
GitHub-compatible integrations, Gitea also sends the corresponding GitHub and
Gogs header names.
| Header | Description |
| --- | --- |
| `X-Gitea-Delivery` | Unique delivery UUID for this attempt. |
| `X-Gitea-Event` | Normalized event name, such as `push`, `issues`, or `pull_request`. |
| `X-Gitea-Event-Type` | More specific event type, such as `issue_assign` or `pull_request_review_comment`. |
| `X-Gitea-Signature` | Hex-encoded HMAC-SHA256 of the raw request body, without a prefix. |
| `X-Gitea-Hook-Installation-Target-Type` | Where the webhook is defined: typically `repository`, `organization`, `user`, or `system`. Default webhooks are copied into repositories before delivery, so they are typically delivered as `repository`. |
| `X-Gogs-Delivery`, `X-Gogs-Event`, `X-Gogs-Event-Type`, `X-Gogs-Signature` | Compatibility headers with the same values as the Gitea variants. |
| `X-GitHub-Delivery`, `X-GitHub-Event`, `X-GitHub-Event-Type` | GitHub-style compatibility headers. |
| `X-GitHub-Hook-Installation-Target-Type` | GitHub-style compatibility header for the webhook scope. |
| `X-Hub-Signature` | GitHub-compatible HMAC-SHA1 header in the form `sha1=<digest>`. |
| `X-Hub-Signature-256` | GitHub-compatible HMAC-SHA256 header in the form `sha256=<digest>`. |
If no secret is configured, the signature headers are still present, but their
digest values are empty.
#### `Event` versus `Event-Type`
Some Gitea webhook subscriptions are grouped together under one normalized event
name. For example, an issue assignment delivery uses the issue event group:
```http
X-Gitea-Event: issues
X-Gitea-Event-Type: issue_assign
X-GitHub-Event: issues
X-GitHub-Event-Type: issue_assign
```
Use `X-Gitea-Event-Type` when you need the exact trigger that fired the webhook.
#### Validating deliveries
Gitea signs the raw request body with your webhook secret. To validate a
delivery:
1. Read the request body exactly as it was received.
2. Compute the HMAC-SHA256 digest with your webhook secret.
3. Compare the result with `X-Gitea-Signature` or with the GitHub-compatible
`X-Hub-Signature-256` header.
4. Use a constant-time comparison when possible.
Important details:
- `X-Gitea-Signature` contains only the lowercase hexadecimal SHA-256 digest.
- `X-Hub-Signature-256` contains the same digest with a `sha256=` prefix.
- `X-Hub-Signature` is also sent for compatibility and uses SHA-1.
- The body must be verified before JSON parsing or any other modification.
##### PHP example
The following example verifies a generic `Gitea` webhook sent as
`application/json`.
```php
<?php
$secret = '123';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
exit('Only POST is allowed');
}
$payload = file_get_contents('php://input');
$signature = $_SERVER['HTTP_X_GITEA_SIGNATURE'] ?? '';
if ($payload === false || $signature === '') {
http_response_code(400);
exit('Missing payload or signature');
}
$expected = hash_hmac('sha256', $payload, $secret);
if (!hash_equals($expected, $signature)) {
http_response_code(401);
exit('Invalid signature');
}
$event = $_SERVER['HTTP_X_GITEA_EVENT'] ?? '';
$eventType = $_SERVER['HTTP_X_GITEA_EVENT_TYPE'] ?? '';
$data = json_decode($payload, true);
if (!is_array($data)) {
http_response_code(400);
exit('Invalid JSON payload');
}
http_response_code(204);
```
## Events
This section follows the same event-by-event style used by GitHub's webhook
documentation: each event describes when it occurs and what the top-level
payload contains.
The event groups match the webhook settings UI: `Repository Events`,
`Issue Events`, `Pull Request Events`, and `Workflow Events`.
### Repository Events
- `create`, `delete`, `fork`, `push`, `wiki`, `repository`, `release`, `package`, `status`
#### `create`
This event occurs when a branch or tag is created.
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `sha` | `string` | **Required.** The object ID of the created reference. |
| `ref` | `string` | **Required.** The created branch or tag name. |
| `ref_type` | `string` | **Required.** The reference type, such as `branch` or `tag`. |
| `repository` | `object` | **Required.** The repository where the reference was created. |
| `sender` | `object` | **Required.** The user who created the reference. |
#### `delete`
This event occurs when a branch or tag is deleted.
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `ref` | `string` | **Required.** The deleted branch or tag name. |
| `ref_type` | `string` | **Required.** The reference type, such as `branch` or `tag`. |
| `pusher_type` | `string` | **Required.** The actor type that deleted the ref. Current Gitea payloads use `user`. |
| `repository` | `object` | **Required.** The repository where the reference was deleted. |
| `sender` | `object` | **Required.** The user who deleted the reference. |
#### `fork`
This event occurs when a repository is forked.
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `forkee` | `object` | **Required.** The newly created fork repository. |
| `repository` | `object` | **Required.** The original repository that was forked. |
| `sender` | `object` | **Required.** The user who created the fork. |
#### `push`
This event occurs when commits are pushed to a branch or tag.
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `ref` | `string` | **Required.** The full pushed ref, such as `refs/heads/main`. |
| `before` | `string` | **Required.** The commit SHA before the push. |
| `after` | `string` | **Required.** The commit SHA after the push. |
| `compare_url` | `string` | **Required.** URL to compare `before` and `after`. |
| `commits` | `array` | **Required.** Commits included in the push. |
| `total_commits` | `integer` | **Required.** Number of commits in the push. |
| `head_commit` | `object` | The most recent commit in the push. |
| `repository` | `object` | **Required.** The repository that received the push. |
| `pusher` | `object` | **Required.** The user who performed the push. |
| `sender` | `object` | **Required.** The user who triggered the webhook. |
#### `wiki`
This event occurs when a wiki page is created, edited, or deleted.
**Action type:** `created`, `edited`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The wiki page action. |
| `repository` | `object` | **Required.** The repository that owns the wiki. |
| `sender` | `object` | **Required.** The user who changed the wiki page. |
| `page` | `string` | **Required.** The wiki page name. |
| `comment` | `string` | The wiki commit message or comment. |
#### `repository`
This event occurs when a repository is created or deleted.
**Action type:** `created`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The repository action. |
| `repository` | `object` | **Required.** The repository that was created or deleted. |
| `organization` | `object` | Present when the repository belongs to an organization. |
| `sender` | `object` | **Required.** The user who performed the action. |
#### `release`
This event occurs when a release is published, updated, or deleted.
**Action type:** `published`, `updated`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The release action. |
| `release` | `object` | **Required.** The release that was acted on. |
| `repository` | `object` | **Required.** The repository containing the release. |
| `sender` | `object` | **Required.** The user who performed the action. |
#### `package`
This event occurs when a package is created or deleted.
**Action type:** `created`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The package action. |
| `repository` | `object` | The repository associated with the package, when applicable. |
| `package` | `object` | **Required.** The package that was acted on. |
| `organization` | `object` | Present when the package owner is an organization. |
| `sender` | `object` | **Required.** The user who performed the action. |
#### `status`
This event occurs when a commit status is created or updated through the API.
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `commit` | `object` | The commit associated with the status. |
| `context` | `string` | **Required.** The status context, such as `ci/build`. |
| `created_at` | `string` | **Required.** The time the status was created. |
| `description` | `string` | Status description text. |
| `id` | `integer` | **Required.** The status identifier. |
| `repository` | `object` | **Required.** The repository containing the commit. |
| `sender` | `object` | **Required.** The user who created the status. |
| `sha` | `string` | **Required.** The commit SHA. |
| `state` | `string` | **Required.** The state, such as `pending`, `success`, `error`, or `failure`. |
| `target_url` | `string` | Target URL associated with the status. |
| `updated_at` | `string` | The time the status was last updated. |
Unlike most other payloads, this event does not use an `action` field. The
state transition is represented by `state`.
### Issue Events
- `issues`, `issue_assign`, `issue_label`, `issue_milestone`, `issue_comment`
#### `issues`
This event occurs when an issue is opened, closed, reopened, edited, or deleted.
**Action type:** `opened`, `closed`, `reopened`, `edited`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The issue action. |
| `number` | `integer` | **Required.** The issue number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `issue` | `object` | **Required.** The issue that was acted on. |
| `repository` | `object` | **Required.** The repository containing the issue. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the issue action, if applicable. |
#### `issue_assign`
This event occurs when an issue is assigned or unassigned.
**Action type:** `assigned`, `unassigned`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The assignment action. |
| `number` | `integer` | **Required.** The issue number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `issue` | `object` | **Required.** The issue that was acted on. |
| `repository` | `object` | **Required.** The repository containing the issue. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the issue action, if applicable. |
#### `issue_label`
This event occurs when issue labels are updated or cleared.
**Action type:** `label_updated`, `label_cleared`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The label update action. |
| `number` | `integer` | **Required.** The issue number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `issue` | `object` | **Required.** The issue that was acted on. |
| `repository` | `object` | **Required.** The repository containing the issue. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the issue action, if applicable. |
#### `issue_milestone`
This event occurs when an issue is milestoned or demilestoned.
**Action type:** `milestoned`, `demilestoned`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The milestone action. |
| `number` | `integer` | **Required.** The issue number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `issue` | `object` | **Required.** The issue that was acted on. |
| `repository` | `object` | **Required.** The repository containing the issue. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the issue action, if applicable. |
#### `issue_comment`
This event occurs when a comment on an issue is created, edited, or deleted.
**Action type:** `created`, `edited`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The comment action. |
| `issue` | `object` | **Required.** The issue that the comment belongs to. |
| `pull_request` | `object` | Present only when the comment is on a pull request timeline. |
| `comment` | `object` | **Required.** The comment that was created, edited, or deleted. |
| `changes` | `object` | Optional. Previous comment body when the action is `edited`. |
| `repository` | `object` | **Required.** The repository containing the issue. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `is_pull` | `boolean` | **Required.** Whether the comment is on a pull request timeline. |
### Pull Request Events
- `pull_request`, `pull_request_assign`, `pull_request_label`, `pull_request_milestone`, `pull_request_comment`, `pull_request_review`, `pull_request_review_approved`, `pull_request_review_rejected`, `pull_request_review_comment`, `pull_request_sync`, `pull_request_review_request`
#### `pull_request`
This event occurs when a pull request is opened, closed, reopened, edited, or deleted.
**Action type:** `opened`, `closed`, `reopened`, `edited`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The pull request action. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was acted on. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the pull request action, if applicable. |
| `review` | `object` | Present for pull request review events. |
#### `pull_request_assign`
This event occurs when a pull request is assigned or unassigned.
**Action type:** `assigned`, `unassigned`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The assignment action. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was acted on. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the pull request action, if applicable. |
| `review` | `object` | Present for pull request review events. |
#### `pull_request_label`
This event occurs when pull request labels are updated or cleared.
**Action type:** `label_updated`, `label_cleared`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The label update action. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was acted on. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the pull request action, if applicable. |
| `review` | `object` | Present for pull request review events. |
#### `pull_request_milestone`
This event occurs when a pull request is milestoned or demilestoned.
**Action type:** `milestoned`, `demilestoned`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The milestone action. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was acted on. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the pull request action, if applicable. |
| `review` | `object` | Present for pull request review events. |
#### `pull_request_comment`
This event occurs when a timeline comment on a pull request is created, edited, or deleted.
**Action type:** `created`, `edited`, `deleted`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The comment action. |
| `issue` | `object` | **Required.** The related issue record for the pull request. |
| `pull_request` | `object` | **Required.** The pull request the timeline comment belongs to. |
| `comment` | `object` | **Required.** The comment that was created, edited, or deleted. |
| `changes` | `object` | Optional. Previous comment body when the action is `edited`. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `is_pull` | `boolean` | **Required.** Always `true` for this event. |
#### `pull_request_review`
This is a subscription-only umbrella event in the webhook settings UI.
It does not have its own delivery payload. When selected, Gitea delivers the
more specific events `pull_request_review_approved`,
`pull_request_review_rejected`, and `pull_request_review_comment`.
#### `pull_request_review_approved`
This event occurs when a pull request review is submitted with approval.
**Action type:** `reviewed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** Always `reviewed`. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was reviewed. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who submitted the review. |
| `commit_id` | `string` | The commit SHA associated with the review event, if applicable. |
| `review` | `object` | **Required.** The review payload. For this event, `review.type` is `approved`. |
#### `pull_request_review_rejected`
This event occurs when a pull request review is submitted with a rejection or a
request for changes.
**Action type:** `reviewed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** Always `reviewed`. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was reviewed. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who submitted the review. |
| `commit_id` | `string` | The commit SHA associated with the review event, if applicable. |
| `review` | `object` | **Required.** The review payload. For this event, `review.type` is `rejected`. |
#### `pull_request_review_comment`
This event occurs when a pull request review is submitted as a comment.
**Action type:** `reviewed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** Always `reviewed`. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was reviewed. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who submitted the review. |
| `commit_id` | `string` | The commit SHA associated with the review event, if applicable. |
| `review` | `object` | **Required.** The review payload. For this event, `review.type` is `comment`. |
#### `pull_request_sync`
This event occurs when a pull request is synchronized after new commits are pushed.
**Action type:** `synchronized`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** Always `synchronized`. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was synchronized. |
| `requested_reviewer` | `object` | Present for review request events. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the synchronization. |
| `commit_id` | `string` | The commit SHA associated with the synchronization event, if applicable. |
| `review` | `object` | Present for pull request review events. |
#### `pull_request_review_request`
This event occurs when a reviewer is requested or a review request is removed.
**Action type:** `review_requested`, `review_request_removed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The review request action. |
| `number` | `integer` | **Required.** The pull request number. |
| `changes` | `object` | Optional. Previous values for edited fields or label deltas. |
| `pull_request` | `object` | **Required.** The pull request that was acted on. |
| `requested_reviewer` | `object` | The reviewer that was requested or removed. |
| `repository` | `object` | **Required.** The repository containing the pull request. |
| `sender` | `object` | **Required.** The user who performed the action. |
| `commit_id` | `string` | The commit SHA associated with the pull request action, if applicable. |
| `review` | `object` | Present for pull request review events. |
### Workflow Events
- `workflow_run`, `workflow_job`
#### `workflow_run`
This event occurs when a Gitea Actions workflow run changes status.
**Action type:** `queued`, `waiting`, `in_progress`, `completed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The workflow run status transition. |
| `workflow` | `object` | **Required.** The workflow definition. |
| `workflow_run` | `object` | **Required.** The workflow run that was acted on. |
| `pull_request` | `object` | Present when the workflow run is associated with a pull request. |
| `organization` | `object` | Present when the repository owner is an organization. |
| `repository` | `object` | **Required.** The repository containing the workflow. |
| `sender` | `object` | **Required.** The user who triggered the workflow run update. |
#### `workflow_job`
This event occurs when a Gitea Actions workflow job changes status.
**Action type:** `queued`, `waiting`, `in_progress`, `completed`
##### Payload parameters
| Name | Type | Description |
| --- | --- | --- |
| `action` | `string` | **Required.** The workflow job status transition. |
| `workflow_job` | `object` | **Required.** The workflow job that was acted on. |
| `pull_request` | `object` | Present when the workflow job is associated with a pull request. |
| `organization` | `object` | Present when the repository owner is an organization. |
| `repository` | `object` | **Required.** The repository containing the workflow job. |
| `sender` | `object` | **Required.** The user who triggered the workflow job update. |
## Testing, recent deliveries, and replay
Each webhook page includes:
- `Test Delivery`, which sends a synthetic `push` event for the repository.
- `Recent Deliveries`, which shows request and response details.
- `Redelivery`, which replays an earlier webhook delivery.
If the repository has no commits yet, the test delivery uses a generated fake
commit so the webhook can still be exercised.
## Administration notes
Administrators can further control webhook delivery with instance settings such
as host allow lists, delivery timeouts, and cleanup policies. See the
[Webhook section of the configuration cheat sheet](../../administration/config-cheat-sheet.md#webhook-webhook).

View File

@@ -0,0 +1,9 @@
{
"label": "User Setting",
"position": 200,
"link": {
"type": "generated-index",
"slug": "/usage/user-setting",
"description": "Configuring user preferences and settings"
}
}

View File

@@ -1,9 +1,9 @@
---
date: "2023-08-22T14:21:00+08:00"
slug: "multi-factor-authentication"
weight: 15
aliases:
- /multi-factor-authentication
---
# Multi-factor Authentication (MFA)

View File

@@ -1,189 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
slug: "webhooks"
sidebar_position: 30
aliases:
- /en-us/webhooks
---
# Webhooks
Gitea supports webhooks for repository events. This can be configured in the settings
page `/:username/:reponame/settings/hooks` by a repository admin. Webhooks can also be configured on a per-organization and whole system basis.
All event pushes are POST requests. The methods currently supported are:
- Gitea (can also be a GET request)
- Gogs
- Slack
- Discord
- Dingtalk
- Telegram
- Microsoft Teams
- Feishu
- Wechatwork
- Packagist
### Event information
:::warning
The `secret` field in the payload is deprecated as of Gitea 1.13.0 and will be removed in 1.14.0: https://github.com/go-gitea/gitea/issues/11755
:::
The following is an example of event information that will be sent by Gitea to
a Payload URL:
```http
X-GitHub-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-GitHub-Event: push
X-Gogs-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-Gogs-Event: push
X-Gitea-Delivery: f6266f16-1bf3-46a5-9ea4-602e06ead473
X-Gitea-Event: push
```
```json
{
"secret": "3gEsCfjlV2ugRwgpU#w1*WaW*wa4NXgGmpCfkbG3",
"ref": "refs/heads/develop",
"before": "28e1879d029cb852e4844d9c718537df08844e03",
"after": "bffeb74224043ba2feb48d137756c8a9331c449a",
"compare_url": "http://localhost:3000/gitea/webhooks/compare/28e1879d029cb852e4844d9c718537df08844e03...bffeb74224043ba2feb48d137756c8a9331c449a",
"commits": [
{
"id": "bffeb74224043ba2feb48d137756c8a9331c449a",
"message": "Webhooks Yay!",
"url": "http://localhost:3000/gitea/webhooks/commit/bffeb74224043ba2feb48d137756c8a9331c449a",
"author": {
"name": "Gitea",
"email": "someone@gitea.io",
"username": "gitea"
},
"committer": {
"name": "Gitea",
"email": "someone@gitea.io",
"username": "gitea"
},
"timestamp": "2017-03-13T13:52:11-04:00"
}
],
"repository": {
"id": 140,
"owner": {
"id": 1,
"login": "gitea",
"full_name": "Gitea",
"email": "someone@gitea.io",
"avatar_url": "https://localhost:3000/avatars/1",
"username": "gitea"
},
"name": "webhooks",
"full_name": "gitea/webhooks",
"description": "",
"private": false,
"fork": false,
"html_url": "http://localhost:3000/gitea/webhooks",
"ssh_url": "ssh://gitea@localhost:2222/gitea/webhooks.git",
"clone_url": "http://localhost:3000/gitea/webhooks.git",
"website": "",
"stars_count": 0,
"forks_count": 1,
"watchers_count": 1,
"open_issues_count": 7,
"default_branch": "master",
"created_at": "2017-02-26T04:29:06-05:00",
"updated_at": "2017-03-13T13:51:58-04:00"
},
"pusher": {
"id": 1,
"login": "gitea",
"full_name": "Gitea",
"email": "someone@gitea.io",
"avatar_url": "https://localhost:3000/avatars/1",
"username": "gitea"
},
"sender": {
"id": 1,
"login": "gitea",
"full_name": "Gitea",
"email": "someone@gitea.io",
"avatar_url": "https://localhost:3000/avatars/1",
"username": "gitea"
}
}
```
### Example
This is an example of how to use webhooks to run a php script upon push requests to the repository.
In your repository Settings, under Webhooks, Setup a Gitea webhook as follows:
- Target URL: http://mydomain.com/webhook.php
- HTTP Method: POST
- POST Content Type: application/json
- Secret: 123
- Trigger On: Push Events
- Active: Checked
Now on your server create the php file webhook.php
```php
<?php
$secret_key = '123';
// check for POST request
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
error_log('FAILED - not POST - '. $_SERVER['REQUEST_METHOD']);
exit();
}
// get content type
$content_type = isset($_SERVER['CONTENT_TYPE']) ? strtolower(trim($_SERVER['CONTENT_TYPE'])) : '';
if ($content_type != 'application/json') {
error_log('FAILED - not application/json - '. $content_type);
exit();
}
// get payload
$payload = trim(file_get_contents("php://input"));
if (empty($payload)) {
error_log('FAILED - no payload');
exit();
}
// get header signature
$header_signature = isset($_SERVER['HTTP_X_GITEA_SIGNATURE']) ? $_SERVER['HTTP_X_GITEA_SIGNATURE'] : '';
if (empty($header_signature)) {
error_log('FAILED - header signature missing');
exit();
}
// calculate payload signature
$payload_signature = hash_hmac('sha256', $payload, $secret_key, false);
// check payload signature against header signature
if ($header_signature !== $payload_signature) {
error_log('FAILED - payload signature');
exit();
}
// convert json to array
$decoded = json_decode($payload, true);
// check for json decode errors
if (json_last_error() !== JSON_ERROR_NONE) {
error_log('FAILED - json decode - '. json_last_error());
exit();
}
// success, do something
```
There is a Test Delivery button in the webhook settings that allows to test the configuration as well as a list of the most Recent Deliveries.
### Authorization header
**With 1.19**, Gitea hooks can be configured to send an [authorization header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization) to the webhook target.

View File

@@ -29,7 +29,19 @@ const apiConfig = [
},
{
route: "/api/",
spec: "static/swagger-23.json",
spec: "static/swagger-26.json",
},
{
route: "/api/1.27/",
spec: "static/swagger-27.json",
},
{
route: "/api/1.26/",
spec: "static/swagger-26.json",
},
{
route: "/api/1.25/",
spec: "static/swagger-25.json",
},
{
route: "/api/1.24/",
@@ -43,18 +55,6 @@ const apiConfig = [
route: "/api/1.22/",
spec: "static/swagger-22.json",
},
{
route: "/api/1.21/",
spec: "static/swagger-21.json",
},
{
route: "/api/1.20/",
spec: "static/swagger-20.json",
},
{
route: "/api/1.19/",
spec: "static/swagger-19.json",
},
]
: [],
// Theme Options for modifying how redoc renders them
@@ -72,37 +72,67 @@ const pageConfig = renderApiSSR
: {};
const globalVariables = {
current: {
goVersion: "1.23",
minGoVersion: "1.23",
minNodeVersion: "18",
"current": {
goVersion: "1.26",
minGoVersion: "1.26",
minNodeVersion: "22",
version: "main-nightly",
sourceVersion: "main",
sourceBranch: "main",
dockerVersion: "nightly",
displayVersion: "1.25-dev",
displayVersion: "1.28-dev",
},
1.24: {
"1.27": {
goVersion: "1.26",
minGoVersion: "1.26",
minNodeVersion: "24",
version: "1.27.0-rc0",
sourceVersion: "v1.27.0-rc0",
sourceBranch: "release/v1.27",
dockerVersion: "1.27.0-rc0",
displayVersion: "1.27.0-rc0",
},
"1.26": {
goVersion: "1.26",
minGoVersion: "1.26",
minNodeVersion: "22",
version: "1.26.4",
sourceVersion: "v1.26.4",
sourceBranch: "release/v1.26",
dockerVersion: "1.26.4",
displayVersion: "1.26.4",
},
"1.25": {
goVersion: "1.25",
minGoVersion: "1.25",
minNodeVersion: "22",
version: "1.25.5",
sourceVersion: "v1.25.0",
sourceBranch: "release/v1.25",
dockerVersion: "1.25.5",
displayVersion: "1.25.5",
},
"1.24": {
goVersion: "1.24",
minGoVersion: "1.23",
minNodeVersion: "18",
version: "1.24.0-rc0",
sourceVersion: "v1.24.0-rc0",
minGoVersion: "1.24",
minNodeVersion: "22",
version: "1.24.7",
sourceVersion: "v1.24.0",
sourceBranch: "release/v1.24",
dockerVersion: "1.24.0-rc0",
displayVersion: "1.24.0-rc0",
dockerVersion: "1.24.7",
displayVersion: "1.24.7",
},
1.23: {
"1.23": {
goVersion: "1.23",
minGoVersion: "1.22",
minNodeVersion: "18",
version: "1.23.8",
sourceVersion: "v1.23.0",
sourceVersion: "v1.23.8",
sourceBranch: "release/v1.23",
dockerVersion: "1.23.8",
displayVersion: "1.23.8",
},
1.22: {
"1.22": {
goVersion: "1.22",
minGoVersion: "1.22",
minNodeVersion: "18",
@@ -112,61 +142,31 @@ const globalVariables = {
dockerVersion: "1.22.6",
displayVersion: "1.22.6",
},
1.21: {
goVersion: "1.21",
minGoVersion: "1.21",
minNodeVersion: "18",
version: "1.21.11",
sourceVersion: "v1.21.11",
sourceBranch: "release/v1.21",
dockerVersion: "1.21.11",
displayVersion: "1.21.11",
},
"1.20": {
goVersion: "1.20",
minGoVersion: "1.20",
minNodeVersion: "16",
version: "1.20.6",
sourceVersion: "v1.20.6",
sourceBranch: "release/v1.20",
dockerVersion: "1.20.6",
displayVersion: "1.20.6",
},
1.19: {
goVersion: "1.20",
minGoVersion: "1.19",
minNodeVersion: "14",
version: "1.19.4",
sourceVersion: "v1.19.4",
sourceBranch: "release/v1.19",
dockerVersion: "1.19.4",
displayVersion: "1.19.4",
},
};
const versions = {
current: {
"current": {
label: globalVariables["current"].displayVersion, // path is kept as next for dev (so users can always find "nightly" docs)
banner: "unreleased",
},
1.24: {
"1.27": {
label: globalVariables["1.27"].displayVersion,
},
"1.26": {
label: globalVariables["1.26"].displayVersion,
},
"1.25": {
label: globalVariables["1.25"].displayVersion,
},
"1.24": {
label: globalVariables["1.24"].displayVersion,
},
1.23: {
"1.23": {
label: globalVariables["1.23"].displayVersion,
},
1.22: {
"1.22": {
label: globalVariables["1.22"].displayVersion,
},
1.21: {
label: globalVariables["1.21"].displayVersion,
},
"1.20": {
label: globalVariables["1.20"].displayVersion,
},
1.19: {
label: globalVariables["1.19"].displayVersion,
},
};
/** @type {import('@docusaurus/types').Config} */
@@ -176,10 +176,10 @@ const config = {
url: "https://docs.gitea.com",
baseUrl: "/",
onBrokenLinks: "warn",
onBrokenMarkdownLinks: "warn",
favicon: "img/favicon.png",
future: {
experimental_faster: true,
faster: true,
v4: true
},
plugins: [
[
@@ -193,8 +193,8 @@ const config = {
[
"@docusaurus/plugin-content-docs",
{
id: "runner",
path: "runner",
id: "runner-docs",
path: "runner-docs",
routeBasePath: "runner",
//sidebarPath: './runner/sidebars.js',
versions: {
@@ -202,12 +202,16 @@ const config = {
label: "main",
banner: "unreleased",
},
"1.0.8": {
path: "1.0.8",
label: "1.0.8",
},
"0.2.11": {
path: "0.2.11",
label: "0.2.11",
},
},
lastVersion: "0.2.11",
lastVersion: "1.0.8",
editUrl: ({
versionDocsDirPath,
docPath,
@@ -217,8 +221,8 @@ const config = {
}) => {
return `https://gitea.com/gitea/docs/src/branch/main/${
version === "current"
? "runner"
: `runner_versioned_docs/version-${version}`
? "runner-docs"
: `runner-docs_versioned_docs/version-${version}`
}/${docPath}`;
},
async sidebarItemsGenerator({ defaultSidebarItemsGenerator, ...args }) {
@@ -283,7 +287,7 @@ const config = {
}/${docPath}`;
},
versions: versions,
lastVersion: "1.23",
lastVersion: "1.26",
async sidebarItemsGenerator({
defaultSidebarItemsGenerator,
...args
@@ -311,6 +315,9 @@ const config = {
apiConfig,
],
markdown: {
hooks: {
onBrokenMarkdownLinks: "warn",
},
preprocessor: ({ filePath, fileContent }) => {
var key = "";
var found = false;
@@ -390,16 +397,16 @@ const config = {
label: "Docs",
},
{
to: "/api/1.23/",
to: "/api/1.26/",
label: "API",
position: "left",
activeBaseRegex: "api/(1.19|1.20|1.21|1.22|1.23|1.24|next)/",
activeBaseRegex: "api/(1.22|1.23|1.24|1.25|1.26|1.27|next)/",
},
{
to: "/runner/0.2.11/",
to: "/runner/1.0.8/",
label: "Runner",
position: "left",
activeBaseRegex: "runner/(0.2.11|next)/",
activeBaseRegex: "runner/(1.0.8|0.2.11|next)/",
},
{
position: "left",
@@ -426,13 +433,13 @@ const config = {
label: "API Version",
position: "right",
items: [
{ to: "/api/next/", label: "1.25-dev" },
{ to: "/api/1.24/", label: "1.24.0-rc0" },
{ to: "/api/next/", label: "1.28-dev" },
{ to: "/api/1.27/", label: "1.27.0-rc0" },
{ to: "/api/1.26/", label: "1.26.4" },
{ to: "/api/1.25/", label: "1.25.5" },
{ to: "/api/1.24/", label: "1.24.7" },
{ to: "/api/1.23/", label: "1.23.8" },
{ to: "/api/1.22/", label: "1.22.6" },
{ to: "/api/1.21/", label: "1.21.11" },
{ to: "/api/1.20/", label: "1.20.6" },
{ to: "/api/1.19/", label: "1.19.4" },
],
routerRgx: "/api/",
classNames: "api-dropdown",
@@ -443,6 +450,7 @@ const config = {
position: "right",
items: [
{ to: "/runner/next/", label: "development" },
{ to: "/runner/1.0.8/", label: "1.0.8" },
{ to: "/runner/0.2.11/", label: "0.2.11" },
],
routerRgx: "/runner/",
@@ -481,10 +489,6 @@ const config = {
label: "Discord",
href: "https://discord.gg/gitea",
},
{
label: "Matrix",
href: "https://matrix.to/#/#gitea-space:matrix.org",
},
{
label: "Forum",
href: "https://forum.gitea.com/",
@@ -497,6 +501,10 @@ const config = {
label: "Mastodon",
href: "https://social.gitea.io/@gitea",
},
{
label: "Bluesky",
href: "https://bsky.app/profile/gitea.com",
},
],
},
{

View File

@@ -0,0 +1,8 @@
{
"sidebar.docs.category.actions": {
"message": "Actions"
},
"sidebar.docs.category.packages": {
"message": "Packages"
}
}

View File

@@ -0,0 +1,8 @@
{
"sidebar.docs.category.actions": {
"message": "Actions"
},
"sidebar.docs.category.packages": {
"message": "Packages"
}
}

View File

@@ -1,12 +0,0 @@
---
date: "2016-12-01T16:00:00+02:00"
title: "运维"
slug: "administration"
sidebar_position: 30
menu:
sidebar:
name: "运维"
sidebar_position: 20
identifier: "administration"
---

View File

@@ -0,0 +1,9 @@
{
"label": "运维",
"position": 30,
"link": {
"type": "generated-index",
"slug": "/administration",
"title": "运维"
}
}

Some files were not shown because too many files have changed in this diff Show More