Gitea | v1.26.4

Gitea v1.26.4 released on 21-06-2026


Gitea v1.26.4 is out now. It prevents disabled user accounts being automatically reactivated during OAuth2 callbacks, closing a security regression and preserving administrator intent.

See the full release details on the project’s release endpoint: https://api.github.com/repos/go-gitea/gitea/releases/latest

What’s in this release

  • Security fix: do not auto-reactivate disabled users on OAuth2 callback (#38009, #38183)
  • Bugfix: improved git log walk context error handling to reduce unexpected errors when traversing commit history (#38182, #38185)
  • Maintenance/security patch — instances on Gitea Cloud will be automatically upgraded during the scheduled maintenance window (no manual action required for hosted users)

Upgrade notes

  • No breaking changes or deprecations are listed in the release notes; see the release page for full details and upgrade instructions.
  • No rollback-specific notes were provided; if you need to revert, follow your normal backup or rollback procedures.

Let us know how the upgrade went and whether the fixes address any issues you were seeing.

Related posts

Weekly Tech Digest | 06 Jul 2026

Stay updated with the latest in tech! This digest covers AI ethics, auto industry shifts, and the impact of politics on technology, exploring today's pressing issues.

wolfCOSE zero-allocation parsing in embedded C

wolfCOSE looks sensible only if you care about what your firmware actually has to carry. I like that, because on small targets the wrong crypto feature can cost more than the message itself, and there...

restic | v0.19.1

restic v0 19 1: safer FUSE mounts and mountpoint checks, robust backup source and exclude handling, clearer CLI JSON output, Windows SFTP deletion fixes