Skip to content

feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.27.0 )#2947

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/docker.gitea.com-gitea-1.x
Open

feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.27.0 )#2947
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/docker.gitea.com-gitea-1.x

Conversation

@renovate

@renovate renovate Bot commented Apr 18, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Update Change
docker.gitea.com/gitea minor 1.25.51.27.0

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

go-gitea/gitea (docker.gitea.com/gitea)

v1.27.0

Compare Source

  • BREAKING

    • Feat(actions)!: improve support for reusable workflows (#​37478)
    • Use Content-Security-Policy: script nonce (#​37232)
  • SECURITY

    • Fix: various security fixes (#​38406) (#​38426)
    • Fix(security): harden access checks and migration validation (#​38324) (#​38400)
    • Fix: enforce public-only token scope and harden push options / locale parsing (#​38323) (#​38399)
    • Fix(pull): re-evaluate review official flag on target branch change (#​38319) (#​38402)
    • Fix(api): stop leaking private repo metadata after access revocation (#​38321) (#​38390)
    • Fix(lfs): require proof of possession for cross-repo objects (#​38322) (#​38389)
    • Fix(mirror): disable HTTP redirects on pull mirror sync (#​38320) (#​38367)
    • Fix(release): validate web attachment renames against allowed types (#​38314) (#​38328)
    • Fix(release): gate draft release attachments on web download endpoints (#​38318) (#​38325)
    • Fix(deps): update module github.com/go-git/go-git/v5 to v5.19.1 [security] (#​37786)
    • Fix(oauth): restrict introspection to the token's client (#​38042)
    • Fix(api): don't expose private org membership via public_members (#​38145)
    • Fix(actions): deny fork-PR cross-repo access via collaborative owner (#​38214)
    • Fix(migrations): prevent path traversal in repository restore (#​38215)
    • Feat(security): set X-Content-Type-Options: nosniff by default (#​37354)
  • FEATURES

    • Feat(actions): add workflow status badge modal (#​38196)
    • Feat(actions): support owner-level and global scoped workflows (#​38154)
    • Feat(api): support ref suffixes in compare (#​38148)
    • Feat(actions): implement jobs.<job_id>.continue-on-error (#​38100)
    • Feat(actions): show run status on browser tab favicon (#​38071)
    • Feat(api): add token introspection and self-deletion endpoint (#​37995)
    • Feat(repo): split repository creation limit into user and org scopes (#​37872)
    • Feat(actions): bulk delete, disable and enable runners in admin UI (#​37869)
    • Feat(actions): List workflows that were executed once but got removed from the default branch (#​37835)
    • Feat(org): add team visibility so org members can discover teams (#​37680)
    • Feat: add raw diff/patch endpoint for repository comparisons (#​37632)
    • Feat(oauth): Support AWS Cognito OAuth2 provider (#​37607)
    • Feat: Add avatar stacks (#​37594)
    • Feat(actions): add job summaries (GITHUB_STEP_SUMMARY) (#​37500)
    • Feat(web): Add Jupyter Notebook (.ipynb) Rendering Support (#​37433)
    • Support for Custom URI Schemes in OAuth2 Redirect URIs (#​37356)
    • Feat(orgs): Add search bar for organization members tab page (#​37347)
    • Feat(api): Add assignees APIs (#​37330)
    • Feat(api): Add GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs (#​37196)
    • Introduce ActionRunAttempt to represent each execution of a run (#​37119)
    • Serve OpenAPI 3.0 spec at /openapi.v1.json (#​37038)
    • Add project column picker to issue and pull request sidebar (#​37037)
    • Allow multiple projects per issue and pull requests (#​36784)
    • Add bulk repository deletion for organizations (#​36763)
    • Add API endpoint to reply to pull request review comments (#​36683)
    • Feat: Add bypass allowlist for branch protection (#​36514)
    • Feat(ui): add "follow rename" to file commit history list (#​34994)
    • Feat(ssh): auto generate additional ssh keys (#​33974)
  • ENHANCEMENTS

    • Enhance(actions): only create filtered-out workflow commit status for required contexts (#​38371) (#​38385)
    • Enhance: allow builtin default git config options to be overridden (#​38172)
    • Enhance: allow MathML core elements (#​38034)
    • Feat(api): add q parameter to list branches API for server-side filtering (#​37982)
    • Enhance(markup): improve issue title rendering (#​37908)
    • Enhance(actions): set descriptive browser tab title on run view (#​37870)
    • Enhance(actions): show workflow name from YAML instead of filename (#​37833)
    • Feat(actions): add before/after to PR synchronize event payload (#​37827)
    • Enhance(actions): add branch filters to run list (#​37826)
    • Enhance(actions): Make Summary UI more beautiful with more infos (#​37824)
    • Feat: add copy button to action step header, improve other copy buttons (#​37744)
    • Feat(web): also display PR counts in repo list (#​37739)
    • Fix(icon): use repo-forked icon to display forks count (#​37731)
    • Feat(api): add sort and order query parameters to job list endpoints (#​37672)
    • Feat(api): add last_sync to repository API (#​37566)
    • Enhance: Adjust Workflow Graph styling (#​37497)
    • Improve code editor text selection and clean up lint enablement (#​37474)
    • Add mirror auth updates to repo edit API and settings (#​37468)
    • Feat: Add default PR branch update style setting (#​37410)
    • Fix inconsistent disabled styling on logged-out repo header buttons (#​37406)
    • Allow fast-forward-only merge when signed commits are required (#​37335)
    • Enhance styling in actions page (#​37323)
    • Add ExternalIDClaim option for OAuth2 OIDC auth source (#​37229)
    • Fix: improve actions status icons and texts (#​37206)
    • Make Markdown fenced code block work with more syntaxes (#​37154)
    • Fix: Sort action run jobs by JobID and Name with matrix examples (#​37046)
    • Add pagination and search box to org teams list (#​37245)
    • Workflow Artifact Info Hover (#​37100)
    • Feat(editor): broaden language detection in web code editor (#​37619)
  • PERFORMANCE

    • Perf(actions): debounce runner heartbeat writes and throttle task picks (#​38281) (#​38368)
    • Perf(web): sort the action_run query by a repo-scoped index when possible (#​38155)
    • Perf: Various performance regression fixes (#​38078)
    • Perf: extend action c_u index to include created_unix for faster dashboard feeds (#​38076)
    • Batch-load related data in actions run, job, and task API endpoints (#​37032)
  • BUGFIXES

    • Fix(util): reject invalid characters between time-estimate units (#​38416) (#​38423)
    • Fix: represent a deleted assignee team as a Ghost team (#​38413) (#​38419)
    • Fix(turnstile): route CAPTCHA verification through the configured proxy (#​38412) (#​38420)
    • Fix: refresh pull request merge box when the commit status is pending (#​38410) (#​38411)
    • Fix: actions task state concurrent update (#​38405) (#​38409)
    • Fix(actions): keep workflow run trailing on one row with long branch names (#​38382) (#​38403)
    • Fix(web): use locale-aware date formatting for contribution calendar tooltips (#​38398) (#​38401)
    • Fix: co-author detection (#​38392) (#​38397)
    • Fix: incorrect co-author detection on commit page (#​38386) (#​38387)
    • Fix(ui): restore commits table column widths (#​38379) (#​38383)
    • Fix: golang html template url escaping (#​38363) (#​38369)
    • Fix: minio init check (#​38355) (#​38361)
    • Fix: org project view assignee list (#​38357) (#​38360)
    • Fix(actions): release claimed task if context is cancelled during FetchTask (#​38343) (#​38347)
    • Fix(actions): make runner list pagination order deterministic (#​38313) (#​38327)
    • Fix: Improve since/until when counting commits for X-Total-Count (#​38243) (#​38304)
    • Fix(actions): prevent chevron overlap with log text when timestamps are enabled (#​38227) (#​38307)
    • Fix(workflows): branch protection status checks fail when workflow uses on: paths filter (#​38237) (#​38302)
    • Fix(oauth2): persist linkAccountData during auto-link 2FA flow (#​38274) (#​38295)
    • Fix(actions): allow Actions bot to push to protected branches (#​38284) (#​38293)
    • Fix(actions): include all aggregable run statuses in status filter (#​38280) (#​38287)
    • Fix(archiver): use serializable repo-archive queue payload (#​38273) (#​38283)
    • Fix: update npm dependencies, fix misc issues (#​38257)
    • Fix(api): respect since/until when counting commits for X-Total-Count (#​38204)
    • Fix: codemirror regressions (#​38248)
    • Fix(api): support HEAD requests on all API GET endpoints (#​38245)
    • Fix(actions): Cleanup workflow status badge code (#​38241)
    • Fix(web): Correctly align the "disabled" label on larger workflow names (#​38240)
    • Fix(actions): don't swallow HTML entities into linkified URLs (#​38239)
    • Fix(packages): accept npm "repository" and "bin" in string form (#​38236)
    • Fix(actions): fix 500 error when canceling a canceling task (#​38223)
    • Fix(deps): update module golang.org/x/image to v0.43.0 [security] (#​38219)
    • Fix(mssql): convert legacy DATETIME columns to DATETIME2 (#​38216)
    • Fix(api): deny private org member enumeration via /members (#​38213)
    • Fix(actions): ensure all waiting jobs get runners in large workflows (#​38200)
    • Fix(deps): update go dependencies (#​38194)
    • Fix(deps): update npm dependencies (#​38193)
    • Fix(cli): default must-change-password to false for bot users (#​38175)
    • Fix(actions): show run index in run view and fix summary graph height (#​38165)
    • Fix: csp (#​38162)
    • Fix(deps): update npm dependencies (#​38123)
    • Fix(mssql): expand legacy issue and comment long-text columns (#​38120)
    • Fix(packages): validate debian distribution and component names (#​38116)
    • Fix(packages): validate module version in goproxy ParsePackage (#​38104)
    • Fix(deps): update dependency esbuild to v0.28.1 [security] (#​38097)
    • Fix: git push hook post receive (#​38089)
    • Fix(ui): prevent commit status popup overflowing its row (#​38081)
    • Fix: validate gem name in rubygems parseMetadataFile (#​38061)
    • Fix: commit display name (#​38057)
    • Fix: csp regressions (#​38047)
    • Fix: api error message (#​38031)
    • Fix(deps): update npm dependencies (#​38029)
    • Fix: pgsql lint (#​38022)
    • Fix(indexer): fix assignee filters in issue search (#​38021)
    • Fix: various dropdown problems (#​38020)
    • Fix: refactor git error handling and make archive streaming handle non-existing commit id (#​38007)
    • Fix: raise git required version to 2.13 (#​37996)
    • Fix: remove "no-transfrom" from the cache-control header (#​37985)
    • Fix(deps): update module github.com/google/go-github/v87 to v88 (#​37971)
    • Fix: use committer time where ever possible as default (#​37969)
    • Fix(deps): update npm dependencies, remove nolyfill (#​37968)
    • Fix(deps): update go dependencies (#​37967)
    • Fix(pull): preserve squash message trailers and additional commit messages (#​37954)
    • Fix(deps): update module golang.org/x/image to v0.41.0 [security] (#​37904)
    • Fix: support ##[command] log prefix in action run UI (#​37882)
    • Fix(deps): update module github.com/google/go-github/v86 to v87 (#​37845)
    • Fix(deps): update npm dependencies (#​37844)
    • Fix(deps): update go dependencies (#​37841)
    • Fix(frontend): resolve Vite assets by manifest source path (#​37836)
    • Fix(locales): Replace hardcoded strings (#​37788)
    • Fix(packages): render markdown links relative to linked repo (#​37676)
    • Fix: persist mirror repository metadata (#​37519)
    • Fix cmd tests by mocking builtin paths (#​37369)
    • Add form-fetch-action to some forms, fix "fetch action" resp bug (#​37305)
    • Feat: execute post run cleanup when workflow is cancelled (#​37275)
    • Fix relative-time error and improve global error handler (#​37241)
    • Refactor flash message and remove SanitizeHTML template func (#​37179)
    • Fix Repository transferring page (#​37277)
  • TESTING

    • Test(e2e): fix race in pdf file render test (#​38380) (#​38381)
    • Test: compare key file contents instead of FileInfo in TestInitKeys (#​38330) (#​38331)
    • Test: speed up two tests (#​37905)
    • Test: Fix random failure test (#​37887)
    • Test: fix flaky issue-comment close test (#​37880)
    • Test: enable WAL for sqlite integration tests (#​37861)
    • Test: fix flaky TestResourceIndex and reduce its runtime (#​37847)
    • Test: run TestAPIRepoMigrate offline via a local clone source (#​37817)
    • Ci: shard tests and reduce redundant work (#​37618)
    • Test(e2e): run playwright via container (#​37300)
    • Remove external service dependencies in migration tests (#​36866)
    • Refactor: only reset a database table when the table's data was changed (#​37573)
  • BUILD

    • Refactor: use modernc sqlite driver as default (#​37562)
    • Fix(actions): authenticate snapcraft before nightly remote build (#​38252)
    • Ci: cap Elasticsearch heap in db-tests (#​37816)
    • Build(snap): publish nightly version to snapcraft via actions (#​37814)
    • Ci: split pgsql shards into plain jobs, dedupe setup actions (#​37802)
    • Ci: narrow files-changed frontend filter (#​37749)
    • Ci: add zizmor to lint-actions (#​37720)
    • Chore: clean up "contrib" dir (#​37690)
    • Fix: snap build (main branch) (#​37685)
    • Ci: Also lint json5 files (#​37659)
    • Build: update pnpm to v11 (#​37591)
    • Refactor(deps): migrate from nektos/act fork to gitea/runner (#​37557)
    • Update go js py dependencies (#​37525)
    • Ci: lint PR titles with commitlint (#​37498)
    • Chore: upgrade Go version in devcontainer image to 1.26 (#​37374)
    • Update GitHub Actions to latest major versions (#​37313)
    • Update go js dependencies (#​37312)
    • Fail vite build on rolldown warnings via NODE_ENV=test (#​37270)
    • Replace custom Go formatter with golangci-lint fmt (#​37194)
    • Integrate renovate bot for all dependency updates (#​37050)
    • Build(sign): move to sigstore (#​38250)
  • DOCS

    • Docs: update changelog for 1.26.3 & 1.26.4 (#​38178)
    • Update 1.26.1 changelog in main (#​37442)
    • Docs: fix duplicated word in foreachref doc comment (#​38161)
    • Docs: Clarify criteria for becoming a merger (#​38113)
    • Docs: Publish TOC Election Result 2026 (#​38111)
    • Docs: mark openapi3 as autogenerated in attributes (#​37963)
    • Docs: add development setup guide (#​37960)
  • MISC

    • Refactor: lint bare fill/stroke colors, add vars for git graph color series (#​37543)
    • Remove htmx (#​37224)
    • Refactor htmx and fetch-action related code (#​37186)
    • Revert(sign): restore gpg (#​38251)
    • Refactor: replace legacy delete-button with link-action (#​38143)
    • Refactor(actions): read runner capabilities from proto field (#​38068)
    • Refactor(api): clarify APIError message usage and fix legacy lint error (#​38012)
    • Refactor: Use db.Get[] instead of db.GetEngine(ctx).Get(bean) to avoid zero value fetching wrong database record (#​37977)
    • Enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#​37866)
    • Fix(deps): update go dependencies (#​37851)
    • Ci: Fix sync PR labels from the conventional-commit title (#​37784) (#​37825)
    • Ci: tweak files-changed, add free-disk-space (#​37819)
    • Fix(deps): update module golang.org/x/crypto to v0.52.0 [security] (#​37806)
    • Test(e2e): add comment, release, star, PR and fork tests (#​37800)
    • Chore: simplify issue and pull request templates (#​37799)
    • Chore: Update giteabot to fix failure when backport (#​37789)
    • Fix(api): handle partial failures in push mirror synchronization gracefully (#​37782)
    • Fix(deps): update module gitlab.com/gitlab-org/api/client-go/v2 to v2.26.0 (#​37771)
    • Ci: split giteabot workflow (#​37770)
    • Fix(deps): update npm dependencies (#​37768)
    • Refactor(waitgroup): replace Add/Done goroutines with WaitGroup.Go (#​37764)
    • Fix(deps): update module google.golang.org/grpc to v1.81.1 (#​37762)
    • Ci: fix cache-related issues (#​37761)
    • Chore: fix tests (#​37760)
    • Fix(deps): update module github.com/google/go-github/v85 to v86 (#​37754)
    • Fix(deps): update npm dependencies (#​37753)
    • Fix(deps): update go dependencies (#​37752)
    • Chore(deps): update action dependencies (#​37751)
    • Fix(markup): wrap indented code blocks for the code-copy button (#​37748)
    • Chore(db): introduce db.Session and db.EngineMigration interfaces (#​37746)
    • Refactor(glob): use strings.Builder for regexp compilation (#​37730)
    • Chore(doctor): remove four obsolete doctor check implementations (#​37728)
    • Refactor(org): simplify owner-team org repo creation logic (#​37727)
    • Refactor: move workflowpattern into modules/actions (#​37717)
    • Chore: clean up tests (#​37715)
    • Style: misc UI fixes (#​37691)
    • Ci: add shellcheck linter (#​37682)
    • Fix: catch and fix more lint problems (#​37674)
    • Fix(deps): update dependency mermaid to v11.15.0 [security], add e2e test (#​37662)
    • Fix(deps): update npm dependencies (#​37647)
    • Ci(renovate): update Go import paths on major bumps (#​37641)
    • Fix(deps): update go dependencies (major) (#​37639)
    • Chore(deps): update action dependencies (major) (#​37638)
    • Fix(deps): update module code.gitea.io/sdk/gitea to v0.25.0 (#​37637)
    • Fix(deps): update npm dependencies (#​37636)
    • Refactor(log): replace log.Critical with log.Error (#​37624)
    • Build(deps): bump fast-uri from 3.1.0 to 3.1.2 (#​37616)
    • Chore(deps): update action dependencies (#​37603)
    • Ci: allow chore type in PR title lint (#​37575)
    • Ci: increase renovate frequency and fix RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS (#​37565)
    • Docs: fix 4 typos in CHANGELOG.md (#​37549)
    • Fix(deps): update go dependencies (#​37541)
    • Chore(deps): update action dependencies (#​37540)
    • Refactor pull request view (6) (#​37522)
    • Fix: redirect early CLI console logger to stderr (#​37507)
    • Refactor "flex-list" to "flex-divided-list" (#​37505)
    • Refactor compare diff/pull page (1) (#​37481)
    • Refactor pull request view (4) (#​37451)
    • Refactor: use named Permission field in Repository struct instead of anonymous embedding (#​37441)
    • Replace olivere/elastic with REST API client, add OpenSearch support (#​37411)
    • Refactor: serve site manifest via /assets/site-manifest.json endpoint (#​37405)
    • Remove IsValidExternalURL/IsAPIURL and use IsValidURL at call sites (#​37364)
    • Update Block a user form (#​37359)
    • Move review request functions to a standalone file (#​37358)
    • Enable strict TypeScript, add errorMessage helper (#​37292)
    • Refactor frontend tw-justify-between layouts to flex-left-right (#​37291)
    • Update Nix flake (#​37284)
    • Remove SubmitEvent polyfill (#​37276)
    • Remove dead code identified by deadcode tool (#​37271)
    • Upgrade go-git to v5.18.0 (#​37268)
    • Don't add useless labels which will bother changelog generation (#​37267)
    • Move heatmap to first-party code (#​37262)
    • Tests/integration: simplify code (#​37249)
    • Remove error returns from crypto random helpers and callers (#​37240)
    • Refactor: simplify ParseCatFileTreeLine and catBatchParseTreeEntries (#​37210)
    • Refactor "htmx" to "fetch action" (#​37208)
    • Update go js py dependencies (#​37204)
    • Add comment for the design of "user activity time" (#​37195)
    • Remove outdated RunUser logic (#​37180)
    • Models/fixtures: add "DO NOT add more test data" comment to all yml fixture files (#​37150)
    • Update javascript dependencies (#​37142)
    • Update go dependencies (#​37141)
    • Frontport changelog of v1.26.0-rc0 (#​37138)
    • Extend issue context popup beyond markdown content (#​36908)

v1.26.4

Compare Source

v1.26.3

Compare Source

v1.26.2

Compare Source

  • SECURITY

    • fix(permissions): Fix reading permission (#​37769)
    • fix(actions): make artifact signature payloads unambiguous (#​37707)
    • fix: Unify public-only token filtering in API queries and repo access checks (#​37118)
    • fix: Add missed token scope checking (#​37735)
    • fix(oauth): bind token exchanges to the original client request (#​37704)
    • fix(oauth): strengthen PKCE validation and refresh token replay protection (#​37706)
    • fix(web): enforce token scopes on raw, media, and attachment downloads (#​37698)
    • fix(security): enforce wiki git writes and LFS token access at request time (#​37695)
    • feat(api): encrypt AWS creds (#​37679)
    • fix(deps): update dependency mermaid to v11.15.0 [security], add e2e test
    • fix(packages): Add label for private and internal package and fix composor package source permission check (#​37610)
    • fix(git): Fix smart http request scope bug (#​37583)
    • Fix basic auth bug (#​37503)
    • Fix allow maintainer edit permission check (#​37479) (#​37484)
    • Fix URL sanitization to handle schemeless credentials (#​37440) (#​37471)
    • Fix attachment Content-Security-Policy (#​37455) (#​37464)
    • chore(deps): bump go-git/go-git/v5 to 5.19.0 (#​37608)
  • BUGFIXES

    • fix(pull): handle empty pull request files view to allow reviews (#​37783)
    • fix(markup): make RenderString never fail (#​37779)
    • fix: add natural sort to sortTreeViewNodes (#​37772)
    • fix: package creation unique conflict (#​37774)
    • fix!: add DEFAULT_TITLE_SOURCE setting for pull request title default behavior (#​37465)
    • fix: Allow direct commits for unprotected files with push restrictions (#​37657)
    • fix(actions): wrong assumption that run id always >= job id (#​37737)
    • fix(auth): set User-Agent on avatar fetch and sync avatar on link-account register (#​37564) (#​37588)
    • fix(actions): deadlock between PrepareRunAndInsert and UpdateTaskByState (#​37692)
    • fix(repo): /generate must sync the branch table for the new repo (#​37693)
    • build: Fix snap build (1.26)
    • fix(actions): run TransferLogs on UpdateLog{Rows:[], NoMore:true} (#​37631)
    • fix show correct mergebase
    • fix: make clone URL respect public URL detection setting (#​37615)
    • fix: "run as root" check (#​37622)
    • chore(deps): update dependency go to v1.26.3 (#​37601)
    • Compare dropdown fails when selecting branch with no common merge-base (#​37470)
    • fix: treat email addresses case-insensitively (#​37600)
    • fix(actions): fix blank lines after ::endgroup:: (#​37597)
    • fix(actions): report individual step status in workflow job API response (#​37592)
    • fix: Invalid UTF-8 commit messages in JSON API responses (#​37542)
    • fix: use consistent GetUser family functions (#​37553)
    • fix(api): return 409 message instead of empty JSON for wrong commit id (#​37572)
    • fix(actions): prevent panic when workflow contains null jobs (#​37570)
    • Make ServeSetHeaders default to download attachment if filename exists (#​37552) (#​37555)
    • Fix(actions): validate workflow param to prevent 500 error (#​37546) (#​37554)
    • Don't unblock run-level-concurrency-blocked runs in the resolver (#​37461) (#​37538)
    • Fix(packages): use file names for generic web downloads (#​37514) (#​37520)
    • Fix merge autodetect can't close other PRs but only the last one when multiple PRs are pushed at once (#​37512) (#​37516)
    • Fix update branch protection order (#​37508) (#​37513)
    • Fix mCaptcha broken after Vite migration (#​37492) (#​37509)
    • Fix review submission from single-commit PR view (#​37475) (#​37485)
    • Fix scheduled action panic with null event payload (#​37459) (#​37466)
    • Make GetPossibleUserByID can handle deleted user (#​37430) (#​37431)
    • Remove excessive quote from terraform instructions (#​37424) (#​37426)
    • Fix color regressions, add priority color (#​37417) (#​37421)
  • MISC

v1.26.1

Compare Source

Note

PR body was truncated to here.


Configuration

📅 Schedule: (in timezone Europe/Moscow)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@mglants-bot

mglants-bot Bot commented Apr 18, 2026

Copy link
Copy Markdown
--- kubernetes/subterra/apps/apps/gitea/app Kustomization: flux-system/gitea HelmRelease: apps/gitea

+++ kubernetes/subterra/apps/apps/gitea/app Kustomization: flux-system/gitea HelmRelease: apps/gitea

@@ -111,13 +111,13 @@

         name: Authentik
         provider: openidConnect
         scopes: email profile gitea
     image:
       registry: docker.gitea.com
       repository: gitea
-      tag: 1.25.5
+      tag: 1.27.0
     ingress:
       annotations:
         cert-manager.io/cluster-issuer: letsencrypt-prod
         external-dns.alpha.kubernetes.io/target: ingress.ur30.ru
       className: external-nginx
       enabled: true

@mglants-bot

mglants-bot Bot commented Apr 18, 2026

Copy link
Copy Markdown
--- HelmRelease: apps/gitea Service: apps/gitea-http

+++ HelmRelease: apps/gitea Service: apps/gitea-http

@@ -5,13 +5,13 @@

   name: gitea-http
   namespace: apps
   labels:
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    version: 1.25.5
+    version: 1.27.0
     app.kubernetes.io/managed-by: Helm
 spec:
   type: ClusterIP
   clusterIP: None
   ports:
   - name: http
--- HelmRelease: apps/gitea Service: apps/gitea-ssh

+++ HelmRelease: apps/gitea Service: apps/gitea-ssh

@@ -5,13 +5,13 @@

   name: gitea-ssh
   namespace: apps
   labels:
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    version: 1.25.5
+    version: 1.27.0
     app.kubernetes.io/managed-by: Helm
 spec:
   type: ClusterIP
   clusterIP: None
   ports:
   - name: ssh
--- HelmRelease: apps/gitea Deployment: apps/gitea

+++ HelmRelease: apps/gitea Deployment: apps/gitea

@@ -5,13 +5,13 @@

   name: gitea
   namespace: apps
   labels:
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    version: 1.25.5
+    version: 1.27.0
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
   strategy:
     type: RollingUpdate
     rollingUpdate:
@@ -26,20 +26,20 @@

       annotations:
         checksum/oauth_0: 356c9d84075919d23642904cb17d002948d46500fc5c331df1c62af7e07eeea6
       labels:
         app: gitea
         app.kubernetes.io/name: gitea
         app.kubernetes.io/instance: gitea
-        version: 1.25.5
+        version: 1.27.0
         app.kubernetes.io/managed-by: Helm
     spec:
       securityContext:
         fsGroup: 1000
       initContainers:
       - name: init-directories
-        image: docker.gitea.com/gitea:1.25.5-rootless
+        image: docker.gitea.com/gitea:1.27.0-rootless
         imagePullPolicy: IfNotPresent
         command:
         - /usr/sbinx/init_directory_structure.sh
         env:
         - name: GITEA_APP_INI
           value: /data/gitea/conf/app.ini
@@ -69,13 +69,13 @@

         resources:
           limits: {}
           requests:
             cpu: 100m
             memory: 128Mi
       - name: init-app-ini
-        image: docker.gitea.com/gitea:1.25.5-rootless
+        image: docker.gitea.com/gitea:1.27.0-rootless
         imagePullPolicy: IfNotPresent
         command:
         - /usr/sbinx/config_environment.sh
         env:
         - name: GITEA_APP_INI
           value: /data/gitea/conf/app.ini
@@ -136,13 +136,13 @@

         resources:
           limits: {}
           requests:
             cpu: 100m
             memory: 128Mi
       - name: configure-gitea
-        image: docker.gitea.com/gitea:1.25.5-rootless
+        image: docker.gitea.com/gitea:1.27.0-rootless
         command:
         - /usr/sbinx/configure_gitea.sh
         imagePullPolicy: IfNotPresent
         securityContext:
           allowPrivilegeEscalation: false
           capabilities:
@@ -198,13 +198,13 @@

           requests:
             cpu: 100m
             memory: 128Mi
       terminationGracePeriodSeconds: 60
       containers:
       - name: gitea
-        image: docker.gitea.com/gitea:1.25.5-rootless
+        image: docker.gitea.com/gitea:1.27.0-rootless
         imagePullPolicy: IfNotPresent
         env:
         - name: SSH_LISTEN_PORT
           value: '2222'
         - name: SSH_PORT
           value: '22'
--- HelmRelease: apps/gitea Ingress: apps/gitea

+++ HelmRelease: apps/gitea Ingress: apps/gitea

@@ -5,13 +5,13 @@

   name: gitea
   namespace: apps
   labels:
     app: gitea
     app.kubernetes.io/name: gitea
     app.kubernetes.io/instance: gitea
-    version: 1.25.5
+    version: 1.27.0
     app.kubernetes.io/managed-by: Helm
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-prod
     external-dns.alpha.kubernetes.io/target: ingress.ur30.ru
 spec:
   ingressClassName: external-nginx

@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch from 20b96c6 to ad08cd7 Compare April 25, 2026 01:19
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.0 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) Apr 25, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed Apr 26, 2026
@renovate renovate Bot closed this Apr 26, 2026
@renovate
renovate Bot deleted the renovate/docker.gitea.com-gitea-1.x branch April 26, 2026 22:15
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) Apr 27, 2026
@renovate renovate Bot reopened this Apr 27, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 2 times, most recently from ad08cd7 to d9da988 Compare April 27, 2026 02:31
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed Apr 28, 2026
@renovate renovate Bot closed this Apr 28, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) Apr 29, 2026
@renovate renovate Bot reopened this Apr 29, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch from d9da988 to f0e7901 Compare April 29, 2026 01:59
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed May 1, 2026
@renovate renovate Bot closed this May 1, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) May 1, 2026
@renovate renovate Bot reopened this May 1, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 2 times, most recently from f0e7901 to 3de31b6 Compare May 1, 2026 18:03
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed May 4, 2026
@renovate renovate Bot closed this May 4, 2026
@renovate renovate Bot reopened this May 9, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 2 times, most recently from d7673eb to dd7e195 Compare May 9, 2026 00:47
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed May 16, 2026
@renovate renovate Bot closed this May 16, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) May 16, 2026
@renovate renovate Bot reopened this May 16, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 3 times, most recently from c964404 to 586c38c Compare May 18, 2026 19:52
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed May 19, 2026
@renovate renovate Bot closed this May 19, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) May 19, 2026
@renovate renovate Bot reopened this May 19, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 3 times, most recently from b5c9b32 to 8ba7b22 Compare May 20, 2026 21:24
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.1 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) May 20, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) - autoclosed May 24, 2026
@renovate renovate Bot closed this May 24, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) May 24, 2026
@renovate renovate Bot reopened this May 24, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch 2 times, most recently from 8ba7b22 to 2fb0bfa Compare May 24, 2026 21:51
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) - autoclosed May 25, 2026
@renovate renovate Bot closed this May 25, 2026
@renovate renovate Bot changed the title feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) - autoclosed feat(container): update image docker.gitea.com/gitea ( 1.25.5 → 1.26.2 ) May 25, 2026
@renovate renovate Bot reopened this May 25, 2026
@renovate
renovate Bot force-pushed the renovate/docker.gitea.com-gitea-1.x branch from bda7d5d to 2fb0bfa Compare May 25, 2026 08:41
| datasource | package                | from   | to     |
| ---------- | ---------------------- | ------ | ------ |
| docker     | docker.gitea.com/gitea | 1.25.5 | 1.27.0 |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants