We are proud to present the release of Gitea version 1.13.0.
As we approach Gitea’s 4th birthday, I just want to give a special thanks to everyone who has been a part of the project, whether it’s the implementation of a feature, or just enjoying the software.
Thank you all!
We have merged an incredible 649 pull requests to release this version.
We would like to give a special thanks to Michael Scherer (@mscherer) for reporting a security issue that was patched in this release.
Thanks to @zeripath for fixing in #12685
You can download one of our pre-built binaries from our downloads page - make sure to select the correct platform! For further details on how to install, follow our installation guide.
❗ As of this version, Gitea supports TLS version 1.2 at minimum. (#12689)
❗ Users with a custom favicon will need to provide a
❗ Password complexity checks now default to
Alternative methods such as minimum length or checking against HaveIBeenPwned should be considered.
❗ The Webhook shared secret inside the webhook payload has been deprecated and will be removed in 1.14.0: https://github.com/go-gitea/gitea/issues/11755 please use the secret header that uses an hmac signature to validate the webhook payload.
❗ Git hooks now default to
In your config, you can check the security section for
DISABLE_GIT_HOOKS. To enable them again, you must set the setting to
WARNING: Custom git hooks can be used to perform arbitrary code execution on the host operating system.
This enables the users to access and modify this config file and the Gitea database and interrupt the Gitea service.
By modifying the Gitea database, users can gain Gitea administrator privileges.
It also enables them to access other resources available to the user on the operating system that is running the Gitea instance and perform arbitrary actions in the name of the Gitea OS user.
This may be harmful to you website or your operating system.
We would also like to thank all of our supporters on Open Collective who are helping to sustain us financially.
Have you heard? We now have a swag shop! 👕 🍵
Sample images below.