Published: 11.04.2021 | Edited: 09.05.2021 | Tags: 100daystooffload,gitea

Release: Gitea 1.14.0

Today marks the release date of the Gitea 1.14.0, only a few days after the release of the patch version 1.13.7. Although 1.14.0 is a minor release from the semver's perspective, it contains a lot of changes. I decided to add comments on the Features I am the most excited about.

Minimal OpenID Connect implementation

The issue #14139 was merged into this release as a next step towards full OpenID implementation. Implementing OpenID would help towards the Single-Sign-On (SSO) functionality, either across Gitea instances or even across different services on the network.

Currently, a similar, but far more limited functionality is offered via OAuth2. OAuth2 allows users to log into Gitea via a 3rd party provider, for instance using a GitHub or Twitter account. This is very convenient as user just needs a few clicks and his account's credentials and avatar1 is transferred into Gitea, but the process promotes centralization.

As Gitea is a self-hosted platform, it inherently promotes decentralization. A major Gitea provider, https://codeberg.org/ has no OAuth2 authentication source enabled specifically to protect the privacy of it's users. The downside of this is that every user has to manually create and verify the account, which usually makes the difference between Starring the repository or filling an Issue and leaving the page.

Implementing Single-Sign-On could in theory allow users that register on one Gitea instance log in to other Gitea instance without the need to create another account there. As OpenID is an extension of OAuth2 and also centralized by design, it has yet to be seen the pace of the adaptation en large, should SSO become fully supported Gitea feature. Support for SSO can however still be very useful for smaller organizations using custom tech stacks, as far as the current trend goes.

Add support for Mastodon OAuth2 provider

Speaking of OAuth2, an interesting feature described in #13293 enables Gitea instances to use Mastodon, a primary Fediverse microblogging representative, as an OAuth2 provider. This is a great step that plays nicely with decentralization trends. It's not uncommon these days for developers to have a self-hosted Gitea intance along with a Fediverse microblog account.

Better integration of the two is not something entirely useful for an individual, but it becomes useful once more users stick around. Such integration is especially welcoming for new users, that can be guided around with less confusion.

Display SVG files as images

Finally, fans of the SVG image format can properly display it inside Gitea, which a great addition, detailed in issue #14101. Up until this point, SVG were not rendered but displayed as a text, which was frustrating at best. The feature is enabled by default after an upgrade, so there should be an easy path towards using it even today. Depending on the organization, messing up upgrades during the weekend can provide some time for ironing the issues out until Monday comes.

Create Rootless Docker image

The trend set out with the Podman to use rootless containers caught on to Docker as well. Gitea's issue #10154 enables to use this still somewhat experimental functionality. For many organizations and even individuals, the code might be the bread and butter, so focusing on it's security is usually a high priority. Any working step towards this direction is usually welcome.

This is a 32th post of #100daystooffload.

Footnotes


  1. Gitea can automatically download an avatar from in a privacy respecting way using a federated avatar service libravatar.org, provided th instance has the feature enabled and the user has the avatar set-up. Is it unclear however, how big is the intersection of the two.