gogs

Name: gogs
Availability: InStock
Rating: 5.0 (47501 reviews)
Author: gogs

Gogs is a painless self-hosted Git service

gogs vv0.14.2 Cross-platform 47,501 stars

Free Open Source Safe Download MIT License Latest Version

About gogs

Gogs is a painless self-hosted Git service

What's New in vv0.14.2

Fixed

Security: Cross-repository LFS object overwrite via missing content hash verification. #8166 - GHSA-gmf8-978x-2fg2
Security: Stored XSS via data URI in issue comments. #8174 - GHSA-xrcr-gmf5-2r8j
Security: Release tag option injection in release deletion. #8175 - GHSA-v9vm-r24h-6rqm
Security: Stored XSS in branch and wiki views through author and committer names. #8176 - GHSA-vgvf-m4fw-938j
Security: DOM-based XSS via issue meta selection on the issue page. #8178 - GHSA-vgjm-2cpf-4g7c
Unable to update files via web editor and API. #8184

Removed

Support for passing API access tokens via URL query parameters (token, access_token). Use the Authorization header instead. #8177 - GHSA-x9p5-w45c-7ffc

Previous patch releases

0.14.1

Added

Support comparing tags in addition to branches. #6141
Show file name in browser tab title when viewing files. #5896
Support using TLS for Redis session provider using [session] PROVIDER_CONFIG = ...,tls=true. #7860
Support expanading values in app.ini from environment variables, e.g. [database] PASSWORD = ${DATABASE_PASSWORD}. #8057
Support custom logout URL that users get redirected to after sign out using [auth] CUSTOM_LOGOUT_URL. #8089
Start publishing next-generation, security-focused Docker image via gogs/gogs:next-latest, which will become the default image distribution (gogs/gogs:latest) starting 0.16.0. While not all container options support have been added in the next-generation image, the use of current legacy Docker image is deprecated, it will be published as gogs/gogs:legacy-latest starting 0.16.0, and be completely removed no earlier than 0.17.0. #8061

Changed

The required Go version to compile source code changed to 1.25.
The build tag cert has been removed, and the gogs cert subcommand is now always available. #7883
Switched to pure-Go SQLite driver, CGO is no longer required to compile Gogs. #7882
Updated Mermaid JS to 11.9.0. #8009
Halt the repository creation and leave the directory untouched if the repository root already exists. #8091

Fixed

Security: Unauthenticated file upload. #8128 - GHSA-fc3h-92p8-h36f
Security: Protected branch bypass in web UI. #8124 - GHSA-2c6v-8r3v-gh6p
Security: Authorization bypass allows cross-repository label modification. #8123 - GHSA-cv22-72px-f4gh
Security: Cross-repository comment deletion. #8119 - GHSA-jj5m-h57j-5gv7
500 error on repository watchers and stargazers pages when using MSSQL. #5482
Submodules using ssh:// protocol and a port number are not rendered correctly. #4941
Missing link to user profile on the first commit in commits history page. #7404
Unable to delete or display files with special characters in their names. #7596
Docker healthcheck fails when HTTP_PROXY or HTTPS_PROXY environment variables are set. #7529

Legal Notice

This software is provided by its original developers. We only index and provide links to official download sources. All downloads are from the original publishers and are completely legal and safe.