Changelog for v1.3.0 (#3026 )

* Changelog for v1.3.0 * Update with more backports
Memory usage improvements (#3013 ) (#3028 )
2025-07-21 09:31:19 +02:00 · 2017-11-29 22:51:47 +08:00 · 2017-11-29 16:29:37 +02:00 · 2017-11-29 21:32:20 +08:00 · 2017-11-29 02:01:06 +02:00 · 2017-11-28 09:36:35 +08:00
2071 changed files with 50053 additions and 15083 deletions
--- a/.changelog.yml
+++ b/.changelog.yml
@@ -0,0 +1,44 @@
+repo: go-gitea/gitea
+groups:
+  - 
+    name: BREAKING
+    labels:
+      - kind/breaking
+  - 
+    name: FEATURE
+    labels:
+      - kind/feature
+  -
+    name: BUGFIXES
+    labels:
+      - kind/bug
+  - 
+    name: ENHANCEMENT
+    labels:
+      - kind/enhancement
+      - kind/refactor
+      - kind/ui
+  -
+    name: SECURITY
+    labels:
+      - kind/security
+  - 
+    name: TESTING
+    labels:
+      - kind/testing
+  - 
+    name: TRANSLATION
+    labels:
+      - kind/translation
+  - 
+    name: BUILD
+    labels:
+      - kind/build
+      - kind/lint
+  - 
+    name: DOCS
+    labels:
+      - kind/docs
+  - 
+    name: MISC
+    default: true
--- a/.drone.yml
+++ b/.drone.yml
@@ -2,12 +2,59 @@ workspace:
  base: /srv/app
  path: src/code.gitea.io/gitea

-pipeline:
-  clone:
-    image: plugins/git
+clone:
+  git:
+    image: plugins/git:1
    depth: 50
    tags: true

+pipeline:
+  download_translations:
+    image: jonasfranz/crowdin
+    pull: true
+    secrets: [ crowdin_key ]
+    project_identifier: gitea
+    ignore_branch: true
+    download: true
+    export_dir: options/locale/
+    when:
+      event: [ push ]
+      branch: [ master ]
+
+  update-translations:
+    image: alpine:3.6
+    commands:
+      - mv ./options/locale/locale_en-US.ini ./options/
+      - sed -i -e 's/="/=/g' -e 's/"$$//g' ./options/locale/*.ini
+      - sed -i -e 's/\\\\"/"/g' ./options/locale/*.ini
+      - mv ./options/locale_en-US.ini ./options/locale/
+    when:
+      event: [ push ]
+      branch: [ master ]
+
+  git_push:
+    image: appleboy/drone-git-push
+    pull: true
+    secrets: [ git_push_ssh_key ]
+    remote: git@github.com:go-gitea/gitea.git
+    force: false
+    commit: true
+    commit_message: "[skip ci] Updated translations via Crowdin"
+    author_name: GiteaBot
+    author_email: teabot@gitea.io
+    when:
+      event: [ push ]
+      branch: [ master ]
+
+  pre-build:
+    image: webhippie/nodejs:latest
+    pull: true
+    commands:
+      - npm install
+      - make stylesheets-check
+    when:
+      event: [ push, tag, pull_request ]
+
  build:
    image: webhippie/golang:edge
    pull: true
@@ -15,12 +62,11 @@ pipeline:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
-      - apk -U add openssh-client
      - make clean
      - make generate
      - make vet
      - make lint
-      - make stylesheets-check
+      - make fmt-check
      - make misspell-check
      - make test-vendor
      - make build
@@ -30,54 +76,70 @@ pipeline:
  test:
    image: webhippie/golang:edge
    pull: true
+    group: test
    environment:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
-      - apk -U add openssh-client
-      - make test
+      - make unit-test-coverage
    when:
-      event: [ tag, pull_request ]
+      event: [ push, pull_request ]
+      branch: [ master ]

-  test-coverage:
-    image: webhippie/golang:edge
-    pull: true
-    environment:
-      TAGS: bindata sqlite
-      GOPATH: /srv/app
-    commands:
-      - apk -U add openssh-client
-      - go get github.com/wadey/gocovmerge
-      - make test-coverage
-    when:
-      event: [ push ]
-      branch: master
-
-  test-sqlite:
+  test:
    image: webhippie/golang:edge
    pull: true
+    group: test
    environment:
      TAGS: bindata
      GOPATH: /srv/app
    commands:
-      - echo "Needs to be fixed" # make test-sqlite
+      - make test
    when:
-      event: [ push, tag, pull_request ]
+      event: [ tag ]
+
+  # Commented until db locking have been resolved!
+  # test-sqlite:
+  #   image: webhippie/golang:edge
+  #   pull: true
+  #   group: test
+  #   environment:
+  #     TAGS: bindata
+  #     GOPATH: /srv/app
+  #   commands:
+  #     - make test-sqlite
+  #   when:
+  #     event: [ push, tag, pull_request ]

  test-mysql:
    image: webhippie/golang:edge
    pull: true
+    group: test
+    environment:
+      TAGS: bindata
+      GOPATH: /srv/app
+    commands:
+      - make integration-test-coverage
+    when:
+      event: [ push, pull_request ]
+      branch: [ master ]
+
+  test-mysql:
+    image: webhippie/golang:edge
+    pull: true
+    group: test
    environment:
      TAGS: bindata
      GOPATH: /srv/app
    commands:
      - make test-mysql
    when:
-      event: [ push, tag, pull_request ]
+      event: [ tag ]

  test-pgsql:
    image: webhippie/golang:edge
    pull: true
+    group: test
    environment:
      TAGS: bindata
      GOPATH: /srv/app
@@ -86,6 +148,27 @@ pipeline:
    when:
      event: [ push, tag, pull_request ]

+  generate-coverage:
+    image: webhippie/golang:edge
+    pull: true
+    environment:
+      TAGS: bindata
+      GOPATH: /srv/app
+    commands:
+      - make coverage
+    when:
+      event: [ push, pull_request ]
+      branch: [ master ]
+
+  coverage:
+    image: robertstettner/drone-codecov
+    secrets: [ codecov_token ]
+    files:
+      - coverage.all
+    when:
+      event: [ push, pull_request ]
+      branch: [ master ]
+
  static:
    image: karalabe/xgo-latest:latest
    pull: true
@@ -97,25 +180,19 @@ pipeline:
    when:
      event: [ push, tag ]

-  # coverage:
-  #   image: plugins/coverage
-  #   server: https://coverage.gitea.io
-  #   when:
-  #     event: [ push ]
-  #     branch: master
-
  docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
    pull: true
+    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
    tags: [ '${DRONE_TAG##v}' ]
    when:
      event: [ tag ]
-      branch: [ refs/tags/* ]

  docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
    pull: true
+    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
    tags: [ '${DRONE_BRANCH##release/v}' ]
    when:
@@ -123,8 +200,9 @@ pipeline:
      branch: [ release/* ]

  docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
    pull: true
+    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
    tags: [ 'latest' ]
    when:
@@ -132,17 +210,24 @@ pipeline:
      branch: [ master ]

  release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
    path_style: true
    strip_prefix: dist/release/
    source: dist/release/*
    target: /gitea/${DRONE_TAG##v}
    when:
      event: [ tag ]
-      branch: [ refs/tags/* ]

  release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
    path_style: true
    strip_prefix: dist/release/
    source: dist/release/*
@@ -152,7 +237,11 @@ pipeline:
      branch: [ release/* ]

  release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
    path_style: true
    strip_prefix: dist/release/
    source: dist/release/*
@@ -162,17 +251,31 @@ pipeline:
      branch: [ master ]

  github:
-    image: plugins/github-release
+    image: plugins/github-release:1
+    pull: true
+    secrets: [ github_token ]
    files:
      - dist/release/*
    when:
      event: [ tag ]
-      branch: [ refs/tags/* ]
+
+  upload_translations:
+    image: jonasfranz/crowdin
+    pull: true
+    secrets: [ crowdin_key ]
+    project_identifier: gitea
+    ignore_branch: true
+    download: false
+    files:
+      locale_en-US.ini: options/locale/locale_en-US.ini
+    when:
+      event: [ push ]
+      branch: [ master ]

  discord:
-    image: appleboy/drone-discord:0.0.4
-    webhook_id: ${WEBHOOK_ID}
-    webhook_token: ${WEBHOOK_TOKEN}
+    image: appleboy/drone-discord:1.0.0
+    pull: true
+    secrets: [ discord_webhook_id, discord_webhook_token ]
    when:
      event: [ push, tag, pull_request ]
      status: [ changed, failure ]
--- a/.drone.yml.sig
+++ b/.drone.yml.sig
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,9 @@ _test
 # IntelliJ
 .idea

+# MS VSCode
+.vscode
+
 # Architecture specific extensions/prefixes
 *.[568vq]
 [568vq].out
@@ -27,6 +30,7 @@ _testmain.go
 *.prof

 *coverage.out
+coverage.all

 /modules/options/bindata.go
 /modules/public/bindata.go
@@ -36,6 +40,7 @@ _testmain.go
 *.log

 /gitea
+/debug
 /integrations.test

 /bin
@@ -45,4 +50,12 @@ _testmain.go
 /indexers
 /log
 /public/img/avatar
-/integrations/gitea-integration
+/integrations/gitea-integration-mysql
+/integrations/gitea-integration-pgsql
+/integrations/gitea-integration-sqlite
+/integrations/indexers-mysql
+/integrations/indexers-pgsql
+/integrations/indexers-sqlite
+/integrations/mysql.ini
+/integrations/pgsql.ini
+/node_modules
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,10 +1,741 @@
 # Changelog

-## Unreleased
-
+## [1.3.0](https://github.com/go-gitea/gitea/releases/tag/v1.3.0) - 2017-11-29
 * BREAKING
-  * Password reset URL changed from `/user/forget_password` to `/user/forgot_password`
-  * SSH keys management URL changed from `/user/settings/ssh` to `/user/settings/keys`
+  * Make URL scheme unambiguous (#2408)
+* FEATURE
+  * Add branch overiew page (#2108)
+  * Code/repo search (#2582)
+  * Add Activity page to repository (#2674)
+  * Issue Timetracking (#2211)
+  * Add orgmode document type on file view and readme (#2525)
+  * Add external markup render support (#2570)
+  * Implementation of discord webhook (#2402)
+  * Webhooks for repo creation/deletion (#1663)
+  * Complete push webhooks (#2530)
+  * Add possibility to record branch information in an issue (#780)
+  * Create new branch from branch selection dropdown (#2130)
+  * Implementation of all repositories of a user from user->settings (#1740)
+  * Add LFS object verification step after upload (#2868)
+  * Configurable SSH cipher suite (#913)
+  * Disable custom Git Hooks globally via configuration file (#2450)
+  * Sync releases table with tags on push and for mirrors (#2459)
+* BUGFIXES
+  * Fix label comments for French locale (#3017)
+  * Remove duplicate "Max Diff Lines" from config view (#3001)
+  * Fix over-escaped characters (#2992)
+  * Fix go-get, src and raw urls to new scheme (#2986)
+  * Fix error when add user has full name to team (#2975)
+  * Fix files/commits of merged PRs (#2970)
+  * Update golang x/crypto dependencies - Fix SSH transport fail (#2951)
+  * Fix memcache support when value is returned as string always (#2950)
+  * Fix issue link rendering in commit messages (#2897)
+  * Fix adding a new authentication source after selecting OAuth (#2889)
+  * Fix new branch creation to new url scheme (#2884)
+  * Allow spaces in username for LDAP users (#2880)
+  * Fix LFS not returning correct content length when requesting a range … (#2864)
+  * Fix fork repository cycle to self (#2860)
+  * Fix click create pull request button 404 (#2859)
+  * Fix API raw file content access for default branch (#2849)
+  * Clean repository ROOT directory name with filepath.Clean (#2846)
+  * Fix API raw requests for commits and tags (#2841)
+  * Fix order of comments (#2835)
+  * Issue content should not be updated when closing with comment (#2833)
+  * Fix ordering in app.ini and fix run mode option (#2829)
+  * Fix redirect url of legacy commits route (#2825)
+  * Fix commits page url (#2823)
+  * Fix wrong translations (#2818)
+  * Fix dropdown menu position when explore repos (#2808)
+  * Fix Git LFS object/repo link storage in database and small refactoring (#2803)
+  * Use relative URLs for avatars on the dashboard (#2800)
+  * Add checks for commits with missing author and time (#2771)
+  * Fix emojify image URL (#2769)
+  * Hide unactive on explore users and some refactors (#2741)
+  * Fix IE unsupported javascript construction in branch dropdown (#2736)
+  * Only update mirror last update after successful sync (#2730)
+  * Fix semantic-ui style conflict with v-cloak (#2722)
+  * Fixing wrong translation on sort type oldest/latest (#2720)
+  * Fix PR, milestone and label functionality if issue unit is disabled (#2710)
+  * Fix plain readme didn't render correctly on repo home page (#2705)
+  * Fix organization removal from watch table migration (#2703)
+  * Fix repository search function (#2689)
+  * fix panic on gogs webhook creation (#2675)
+  * Fix orgnization user watch repository (#2670)
+  * GPG key email verification no longer case sensitive (#2661) (#2663)
+  * Fix index column deletion (#2651)
+  * table `pull_request` wasn't updated correctly (#2649)
+  * Fix go get response if only app URL is custom in configuration (#2634)
+  * Fix doubled issue tab introduced in migration v16 (#2611)
+  * Rewrite migrations to not depend on future code changes (#2604)
+  * Fix implementation of repo Home func (#2601)
+  * Fix translation upload to crowdin (#2599)
+  * Reduce usage of allcols on update (#2596)
+  * fix go get subpackage bug (#2584)
+  * Fix broken migration to add can_push field back to table (#2574)
+  * fix readme view bug (#2566)
+  * Fix sending mail with a non-latin display name. #2102 (#2559)
+  * Restricting access to fork functioanlity to users with Code access (#2534)
+  * fix updated update on public key (#2514)
+  * Added bucket name to s3 drone plugin (#2505)
+  * fixes 500 error on dashboard when using MSSQL (#2504)
+  * fix wrong rendering of commit detail page (#2503)
+  * Hotfix: Add time manually adds time in nanoseconds (#2499)
+  * Remove repository mirrors from "collaborative" list (#2497)
+  * fix release failed since the wrong token name (#2496)
+  * Fix slice out of bounds error in mailer (#2479)
+  * Fix #2470 (#2477)
+  * fix orgnization webhooks (#2422)
+  * fix webhook test (#2415)
+  * fix missing orgnization discord webhook (#2414)
+  * Fix route handler order (#2409)
+  * Prevent sending emails and notifications to inactive users (#2384)
+  * Move themes to plugin directory. Fixes #2372 (#2375)
+  * fix duplicated feed (#2370)
+  * Fix missing collabrative repos (#2367)
+  * Only check at least one email gpg key (#2266)
+  * don't check minimum key size when disabled (#1754)
+  * Fix run command race (#1470)
+  * fix .netrc authentication (#2700)
+  * Fix so that user can still fork his own repository to his organizations (#2699)
+  * Fix can_push value to false in protected_branch (#2560)
+  * Fix copy in email templates (#2801)
+  * Fix inconsistencies in user settings UI (#2901)
+  * Fix attachments icon size on zoom in/out (#2853)
+  * Fix ignored errors in API route (#2850)
+  * Fix activity css conflit with semantic ui (#2758)
+  * Fix notifications tabs according to semantic-ui docs (#2733)
+  * Fix typos in app.ini (#2732)
+  * Fix duplicated rel attribute (#2549)
+  * Fix tests code to prevent some runtime errors (#2381)
+* ENHANCEMENT
+  * Memory usage improvements and lower minimal git requirement to 1.7.2 (#3013) (#3028)
+  * Set OpenID support on by default when installing new instance (#3010) (#3027)
+  * Use api.TrackedTime in API (#2807)
+  * Configurable SSH key exchange algorithm and MAC suite (#2806)
+  * Add Safari pinned tab icon (#2799)
+  * Improve force push detect when push (#2798)
+  * Add wrapping to long diff lines (#2789)
+  * Link members and repositories count to each page on org home. (#2787)
+  * Show Sendmail settings on admin config page (#2782)
+  * Add commit count caching (#2774)
+  * Use identicon image for default gravatar. (#2767)
+  * Add default ssh ciphers (#2761)
+  * Remove manual of unsupported option (#2757)
+  * Add search mode option to /api/repo/search (#2756)
+  * Move swagger-ui under /api/v1 (#2746)
+  * Add support for extra sendmail arguments (#2731)
+  * Use buffersize to reduce database connection when iterate (#2724)
+  * Render plain text README.txt monospaced (#2721)
+  * Integration test for activity page (#2704)
+  * Merge password and 2fa page on user settings (#2695)
+  * Allow custom SSH user in UI for built-in SSH server (#2617) (#2678)
+  * Refactor duplicated code in repo handlers (#2657)
+  * Replace deprecated Id method with ID (#2655)
+  * Remove redudant functions and code (#2652)
+  * hide navbar when only 1 sign-in method is available (#2444) (#2648)
+  * Change default sort order (#2647)
+  * Change pull description text (#2075) (#2646)
+  * Remove direct user adding to organization members (#2641)
+  * Use session when creating user (#2638)
+  * Use Semantic UI's Search component for user and repo search (#2636)
+  * Use AfterLoad instead of AfterSet on Structs (#2628)
+  * Remove redudant CheckUnit calls in router (#2627)
+  * Remove repo unit index (#2621)
+  * Remove redudant issue LoadAttributes() calls (#2614)
+  * Make indexer code more reusable (#2590)
+  * Use custom type and constants to hold available order by options (#2572)
+  * Use named ActionType constants in template helper (#2545)
+  * Make basic functionality work without JavaScript (#2541)
+  * Ctrl + Enter to submit forms (#2540)
+  * Automatically regenerate indexer for incompatible versions (#2524)
+  * Set default lfs content path to data/lfs (#2521)
+  * Convert spaces to tabs in footer.tmpl (#2520)
+  * Sort repository tree entries in natural way (#2506)
+  * Open external wiki in new window (#2489)
+  * Use created & updated instead BeforeInsert & BeforeUpdate (#2482)
+  * Hide branch on pull request view or create UI (#2454)
+  * improve protected branch to add whitelist support (#2451)
+  * some refactors for issue and comments (#2419)
+  * Restructure markup & markdown to prepare for multiple markup language… (#2411)
+  * Improve issue search (#2387)
+  * Add UseCompatSSHURI setting (#2356)
+  * Use custom search for each filter type in dashboard (#2343)
+  * Failed authentication are now properly logged (#2334)
+  * Add environment variable support for Docker image (#2201)
+  * Set session and indexers' data files rel to AppDataPath (#2192)
+  * Display commit status on landing page of repo (#1784)
+* TESTING
+  * Add integration test for logging out (#2892)
+  * Integration test for user deleting account (#2891)
+  * Use different directories for session files in integration tests (#2834)
+  * Add deleted_branch table fixture (#2832)
+  * Include HTTP method in test error message (#2815)
+  * Add repository search unit and integration tests (#2575)
+  * Expand fixtures (#2571)
+  * Fix /api/repo/search integration tests (#2550)
+  * Make integration tests more user-friendly (#2536)
+  * Fix unit test race condition (#2516)
+  * Add missing fixture to clean gpg_key table (#2494)
+  * Hotfix for integration testing (#2473)
+  * Make repo private to not interfere with other tests (#2467)
+  * Error message for integration test (#2410)
+  * Fix "index out of range" runtime error in repo_list tests (#2376)
+  * Add git clone test on integration test (#1682)
+* TRANSLATION
+  * Fix localization texts that contain semicolon (#2900)
+  * Fix activity locale (#2709)
+  * Update translation from crowdin (#2368)
+* BUILD
+  * change the email and name to GitBot account. (#2848)
+  * Fix removing backslash before quotes in translations (#2831)
+  * add gitea remote in drone. (#2817)
+  * add remote name for git push. (#2816)
+  * Launch Gitea with custom UID/GID for 'git' user (fixes #2286) (#2791)
+  * Download and pushing translations (#2727)
+  * Automatic update of translations (#2585)
+  * Add pre-build step for nodejs stuff (#2581)
+  * Compress css with nodejs (#2580)
+  * Remove go version check for make fmt (#2558)
+  * Fix lint errors (#2547)
+  * Always run fmt check in CI (#2546)
+  * Fix fmt errors (#2544)
+  * add codecov.io service. (#2493)
+  * Fix some tests : make coverage -> test (#2492)
+  * Fix fmt error in mailer (#2490)
+  * Allow changing integration test database connection using env variables (#2484)
+  * Add changelog config file for generate changelog (#2461)
+  * Changes for latest DroneCI (#2362)
+  * Use standard lessc and minify CSS using Node.js (#2337)
+* DOCS
+  * Update screenshots on README (#2910)
+  * Gogs -> Gitea (#2909)
+  * Update swagger documentation (#2899)
+  * Fix typo (#2810)
+  * Fix Polish language name spelling (#2766)
+  * Fix Various Grammar Issues and Adjust Unnatural Wording (#2737)
+  * Add maintainer label for docker file (#2658)
+  * Link to gitea-specific Vagrant example (#2624)
+  * add release notes of v1.1.4 (#2463)
+  * Wrap most paragraphs to 80 columns (#2396)
+  * Update CONTRIBUTING following #2329  discussion (#2394)
+  * Update hard-coded version to 1.3.0+dev (#2390)
+  * Clarify Translation Process. Also fix branch names (#2378)
+  * Admin grammar fixes and improvements (#2056)
+* MISC
+  * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779)
+  * Dockerfile: Updated alpine image to 3.6. (#2486)
+  * Basic VSCode configuration for building and debugging (#2483)
+  * Added vendor dir for js/css libs; Documented sources (#1484) (#2241)
+
+## [1.2.3](https://github.com/go-gitea/gitea/releases/tag/v1.2.3) - 2017-11-03
+* BUGFIXES
+  * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
+  * Fix order of comments (#2835) (#2839)
+
+## [1.2.2](https://github.com/go-gitea/gitea/releases/tag/v1.2.2) - 2017-10-26
+* BUGFIXES
+  * Add checks for commits with missing author and time (#2771) (#2785)
+  * Fix sending mail with a non-latin display name (#2559) (#2783)
+  * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
+  * Update vendor git (#2765) (#2772)
+  * Fix emojify image URL (#2769) (#2773)
+
+## [1.2.1](https://github.com/go-gitea/gitea/releases/tag/v1.2.1) - 2017-10-16
+* BUGFIXES
+  * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
+  * Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
+  * Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
+  * Fix .netrc authentication (#2700) (#2708)
+  * Fix slice out of bounds error in mailer (#2479) (#2696)
+
+## [1.2.0](https://github.com/go-gitea/gitea/releases/tag/v1.2.0) - 2017-10-10
+* SECURITY
+  * Sanitation fix from Gogs (#1461)
+* BREAKING
+  * Rename /forget_password url to /forgot_password (#1219)
+* FEATURE
+  * Logo: Add task to generate images from SVG and change to new logo (#2194)
+  * Status-API (#1332)
+  * Show commit status icon in commits table (#1688)
+  * Additional OAuth2 providers (#1010)
+  * GPG commit validation (#1150)
+  * Rework SSH key management UI to add GPG (#1293)
+  * Implement GPG api (#710)
+  * Login via OpenID-2.0 (#618)
+  * Add units to team (#947)
+  * Batch updates for issues (#926)
+  * Add Gitea Webhook (#1755)
+  * API: support '/orgs/:org/repos' (#2047)
+  * Display all organization from user settings (#1739)
+  * LDAP user synchronization (#1478)
+  * Adding #issuecomment to the URL in E-Mail notifications (#1674)
+  * Add download count field and unit testing for attachment. (#1512)
+  * Add repo mirror sync API endpoint (#1508)
+  * Add markup package to prepare for org markup format (#1493)
+  * Support for custom html meta  (#1423)
+  * Per issue/PR watch/unwatch (#1410)
+  * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
+  * Repo size in admin panel (#1482)
+  * Show user OpenID URIs in their profile (#1314)
+  * Add change-password admin command (#1304)
+  * Only use issue and wiki on repo. (#1297)
+  * Allow push to init a wiki repo (#1279)
+* ENHANCEMENT
+  * Make time diff translatable (#2057)
+  * Smaller watch, star, and fork buttons (#2052)
+  * Display config file path on admin panel (#2030)
+  * Only show SSH clone URL if signed in (#2169) (#2170)
+  * Only show "No Description" to repo admins (#2167)
+  * Always return valid go-get meta, even if unauthorized (#2010)
+  * Enable assignee e-mail notification (#2003)
+  * Let not-logged-in users view releases (#1999)
+  * No highlighting for .txt files (#1922)
+  * Make side nav on dashboard stackable (#1778)
+  * Setting to disable authorized_keys backup (#1856)
+  * Hide the create organization button (in dashboard/organization section) (#1705)
+  * LFS: Return 404 for unimplemented endpoints (#1330)
+  * Show a link to password reset from user settings requiring a password (#862)
+  * Reserve the "explore" user/org name (#1222)
+  * Send notifications to partecipants in issue comments (#1217)
+  * Improve style of user OpenID setting page (#1324)
+  * Use font-awesome OpenID icon more (#1320)
+  * Use readonly input form to show the validated OpenID URI (#1308)
+  * Add captcha support to OpenID based signup (#1307)
+  * Minor improvements on commit graph UI (#1380)
+  * Mirror sync interval specified as duration string (#1407)
+  * Make issue in commit graph "clickable" (#1392)
+  * Use whole button (commit graph) as link (#1390)
+  * Autofocus on 2fa passcode fields (#1460)
+  * Sort on repo size in admin panel (#1654)
+  * Improve dashboard repo search (#1652)
+  * Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
+  * Adds Parent property to the repo API (#1687)
+  * Add configuration option for default permission to create Organizations (#1686)
+  * Remove sha1 hash display in repository table (#1678)
+  * Download files to their original filename (#1676)
+  * Exposes in API the Repo entity's Size and IsBare property (#1668)
+  * Change two factor code entry box from text to number (#1733)
+  * Directly show error if user hit repository limit  (#1767)
+  * Generate small and large logos at 4x resolution (#2233)
+  * Tags listed in releases tab (#2389) (#2424)
+* BUGFIXES
+  * Fix adding branch as protected to not allow pushing to it (#2556)
+  * Orgs: fix org page title when full name is not defined (#1495)
+  * Fix double borders on edit page (#1152) (#1153)
+  * Search bar fixes for #1187 and #1205 (#1207)
+  * Fix upgrade failed after ever rollback (#1194)
+  * Fix FCGI (over TCP) support (#1368)
+  * Backport of migration fixes (#2604) (#2677)
+  * fix panic on gogs webhook creation (#2675) (#2676)
+  * Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662)
+  * Fix go get response if only app URL is custom in configuration (#2634) (#2640)
+  * Fix deletion of unprotected branches (#2630)
+  * Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622)
+  * v38 migration used an outdated version of RepoUnit model (#2602)
+  * fix go get subpackage bug (#2584) (#2589)
+  * Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554)
+  * Backport: Restricting access to fork functioanlity to users with Code access (#2542)
+  * Fix migration from pre-v15 to 1.2.0 (#2460) (#2465)
+  * Fix migration from pre-v15 to 1.2.0 (#2460)
+  * fix duplicated feed (#2370) (#2413)
+  * Fix releases to be counted from database not tags (#2389)
+  * Fix missing collabrative repos (#2367) (#2382)
+  * Add more test for login links and fix a bug on action retrieve (#2361)
+  * Fix SQL condition bug in GetFeeds(..) (#2360)
+  * fix bug on create repo link on dashboard (#2359)
+  * Fix order of elements in dashboard html (#2344)
+  * Fix repo-search template errors for go1.7 (#2336)
+  * Add missing forks key for dashboard repository component (#2325)
+  * fix template error on explore repos (#2319)
+  * Trigger sync webhooks on UI commit (#2302)
+  * fix 500 error when view an issue which's milestone deleted (#2297)
+  * Only update needed columns when update user (#2296)
+  * Fix rendering of external links (#2292)
+  * Fix and improve dashboard repo UI (#2285)
+  * Make short link pattern greedy (#2259)
+  * Temporarily patch go-ini/ini with fork (#2255)
+  * Convert xorm literal queries to method calls (#2253)
+  * update code.gitea.io/git in vendor to fix delete branch fails (#2250)
+  * Replace calls to xorm UseBool with Where (#2237)
+  * rhel7 has a git version with four digits (1.8.3.1) (#2236)
+  * Fix internal requests when gitea listens to unix socket or only external IP (#2234)
+  * Check for access in /repositories/:id (#2227)
+  * Fixed robots.txt 404 error (#2226)
+  * Fix counts on issues dashboard (#2215)
+  * Fix unclosed session bug (#2214)
+  * Add collaborative repositories to the dashboard (#2205)
+  * Fix issue updated_unix bug (#2204)
+  * Fix Commits nil pointer dereference (#2203)
+  * Fix bare-repo bugs (#2199)
+  * Fix PR nil-dereference bug (#2195)
+  * Allow only single fork per user/organization (#2193)
+  * Fix key usage time update if the key is used in parallel for multiple operations (#2185)
+  * Only allow token authentication with 2FA enabled (#2184)
+  * Fix profile update for non-local users (#2178)
+  * Fix compiling without sqlite and gcc (#2177)
+  * Make compare button URL aware if current repo is a fork (#2162) (#2163)
+  * Remove unit types commits and settings (#2161)
+  * Fix OpenID registration route (#2160)
+  * Fix repository settings collobration list display (#2151)
+  * Ignore invalid issue numbers in commit messages. Fixes  #2022 (#2150)
+  * Fix SHA1 hash linking (#2143)
+  * Fix repo API bug (#2133)
+  * Use POSIX complaint ! operator in find (#2132)
+  * Fix GET /users/:username/repos endpoint (#2125)
+  * Fix username rendering bug (#2122)
+  * Fix wiki preview links (#2119)
+  * vendor: update sqlite to fix "database is locked" errors (#2116)
+  * Fix unchecked error bug (#2110)
+  * Fix missing-return bug (#2109)
+  * Fix API for branches with slashes (#2096)
+  * Fix git hooks update to receive required arguments (#2095)
+  * upgrade git source code. (#2094)
+  * Fix SQL bug in models.PullRequests (#2092)
+  * Don't ignore gravatar error (#2083)
+  * Fix release display and correct paging (#2080)
+  * remove unnecessary blank lines and wrong error log (#2079)
+  * Check for valid renamed usernames (#2077)
+  * Update git module (#2074)
+  * Fix org hooks UI (#2072)
+  * Fix #1271: Call location.reload after XHR finishes (#2071)
+  * Fix default ghost assignee bug (#2069)
+  * Fix bug in issue labels API (#2048)
+  * Load label ID in NewLabels (#2045)
+  * Fix: `http: multiple response.WriteHeader calls` (#2038)
+  * Pagination on releases page (#2035)
+  * repo/editor: fix breadcrumb path cuts parent dirs (#3859) (#2032)
+  * Fix displaying commits and files of PR created from now deleted fork (#2023)
+  * Fix #2001 and fix issue comments hidden (#2016)
+  * Update code.gitea.io/git (#2014)
+  * Keep sort when switching page (#2013)
+  * Important: wrong PR merge commit ID saved (#2007)
+  * Don't show non-comments in comments API (#2001)
+  * Fix "Dashboard shows deleted comments" (#1995)
+  * Make branch deletion URL more like GitHub's, fixes #1397 (#1994)
+  * Fix fast-forward PR bug (#1989)
+  * Fix GPG email checking to be case insensitive (#1988)
+  * fix bug for normal user visit public repo (#1984)
+  * fix collborators lack of units on orgnization repositories (#1968)
+  * Fix diff of renamed and modified file (#1967)
+  * Fix uppercase default branch bug (#1965)
+  * Fix bug in Action.loadRepo() (#1959)
+  * Fix deleted milestone bug (#1942)
+  * Fix engine bug in getIssueByID (#1934)
+  * Switch to keybase go-crypto (for some elliptic curve key) + test (#1925)
+  * Fix setting.AppPath for integration tests (#1923)
+  * Fix search by issue type (#1914)
+  * Fix ghost user bug (#1913)
+  * Require token before checking membership/ownership (#1905)
+  * Bug fixes for org member API (#1904)
+  * A missing / to provide a correct endpoint (#1903)
+  * Fix 500 in public activity page (#1901)
+  * Center-aligned login topbar (#1880)
+  * Migration to fix existing owner team units (#1873)
+  * Fix paginater length (#1866)
+  * Fix bug in removeOrgRepo (#1858)
+  * Display draft releases (#1854)
+  * Fix 404 for external tracking issues (#1852)
+  * Update code.gitea.io/git (#1849)
+  * Fix user profile activity feed (#1848)
+  * Don't ignore error in getMergeCommit (#1843)
+  * Fix locking bug in removeOrgRepo (#1842)
+  * Fix status table race condition (#1835)
+  * Fix PR template error (#1834)
+  * Fix pull request compare link (#1832)
+  * Use ghost users in issues/PRs (#1831)
+  * Commitless repos should be bare (#1829)
+  * Update code.gitea.io/git (#1824)
+  * Fix invalid reference in feeds template (#1820)
+  * fix bug to deny to add orgnization as a member of an orgnization or team (#1815)
+  * xxx_active_code_live setting in printed in hours and minutes instead … (#1814)
+  * Fix deadlock in updateRepository (#1813)
+  * Give all units to owner team (#1812)
+  * Fix 500 for GET /teams/:id endpoints (#1811)
+  * fix bug not to trim space of login username (#1796)
+  * Fix renaming bug (#1786)
+  * Fix activity feed (#1779)
+  * Make navbar scroll on overflow (#1777)
+  * Delete repo redirects on repo deletion (#1776)
+  * Fix unloaded owner bug (#1770)
+  * Admin should always be allowed to create repositories even if hit limit (#1765)
+  * Update HighlightJS and fix YAML files highlighting (#1764)
+  * fix: #1757 fix set MAX_CREATION_LIMIT as zero. (#1762)
+  * fix admin lost permission caused by #947 (#1753)
+  * More fixes for dashboard search (#1750)
+  * fixes wrong after field in webhook payload (#1746)
+  * fix avatar update bug (#1729)
+  * Fix FOUC on Firefox (#1728)
+  * Fix changes introduce by update of go-swagger. (#1727)
+  * Fix #1719 (#1722)
+  * Correct flash after sending password reset email (#1718)
+  * Fix and test for delete user (#1713)
+  * Fix rendering of issue checkboxes (#1709)
+  * Enforce netgo build tag while cross-compilation (#1690)
+  * fix bug when push a branch name with / & fix an integration test bug (#1689)
+  * fix potential sqlite lock (#1680)
+  * Fix commit sha1 URL rendering in markdown (#1677)
+  * Fix static files permission under public/ (#1675)
+  * fix: tag contain character ) will http 500 on release page (#1670)
+  * Fix CSS for code in wiki markdown (#1660)
+  * fix multiple readme file rendering and fix #1657 (#1658)
+  * Add primary key and index to external login user table (#1656)
+  * fix #1643 and improve integration test (#1645)
+  * Fix version in Makefile (#1636)
+  * Handle display of GPG key without end date (#1628)
+  * fix bug on issue view when not login (#1624)
+  * bug fixed for API to get user's repos (#1622)
+  * fix lost text color on button on set as primary email (#1621)
+  * Add create_at and updated_at in PR json (#1616)
+  * update git and fix #1133 (#1614)
+  * fix bug on status API (#1533)
+  * Do not show empty collaborators segment (#1531)
+  * Fix markdown rendering (#1530)
+  * fix go get sub package and add domain on installation to let go get work defaultly (#1518)
+  * fix #1501 ssh hangs caused by #1461 (#1513)
+  * Fix empty file download (#1506)
+  * Fix broken v27 migration - change mirror interval from int to bigint (#1504)
+  * Do not allow commiting to protected branch from online editor (#1502)
+  * Add internal routes for ssh hook comands (#1471)
+  * Fix races within code.gitea.io/git.(*Command).RunInDirTimeoutPipeline (#1465)
+  * Simple quick fix for #1418 (#1456)
+  * fix gpg API panic when no verification (#1451)
+  * fix migrate failed and org dashboard failed on MSSQL database (#1448)
+  * Optimize and fix autolink function (#1442) (#1444)
+  * Fix and simplify repo branches (settings) UI (#1435)
+  * Fix disabled fields in repo settings UI (#1431)
+  * fixes pull request hanging when it contains normal and LFS files (#1425)
+  * Fix races in the log module by using syncmap (#1421)
+  * Add length check for the return string (#1420)
+  * Fix "Error: No issue number specified"  when pushing (#1393)
+  * Corrected Mirror.NextUpdate not set (#1388)
+  * fix: remove `str2html` from org full name (#1360)
+  * Correct broken unaligned load/store in armv5 (#1355)
+  * Remove href on first/last link when on first/last page (#1345)
+  * Fix broken table layout (#1344)
+  * LFS: Fix SSH authentication for trailing arguments (#1328)
+  * Remove empty file (#1326)
+  * Fix delete user failed on sqlite (#1321)
+  * Fix inconsistency in layout (#1316)
+  * Fix gpg wrong column types (#1303)
+  * Fix wiki bugs (#1294)
+  * Fix missing less sources for oauth (#1288)
+  * Make sure both scripts/ can live side by side (#1264)
+  * Fix nil-dereference bug (#1258)
+  * rewrite pre-commit, post-commit and options hooks (fixes #1250) (#1257)
+  * Commit search appearence fixes (#1254)
+  * Fix forget migration for wiki hooks (#1227)
+  * Fix repo settings external tracker failed and check external urls (#1215)
+  * Fix 500 caused by branches settings introduced by #1198 (#1214)
+  * fix #1189, commit messages containing a pipe (#1203)
+  * Bug fixed for delete repo failed (#1193)
+  * Fix migration failed when authorized_keys is not exist (#1180)
+  * Fix ini format incomiptable with crowdin (#1177)
+* TESTING
+  * Integration tests for issues API (#2059)
+  * Add integration tests for signin (#2363)
+  * Add INTERNAL_TOKEN to integration .ini file (#2346)
+  * Add public links check (#2323)
+  * Fix hooks for integration repo (#2216)
+  * More integration tests for comment API (#2156)
+  * Cache session cookies in tests (#2128)
+  * Less verbose integration tests (#2123)
+  * Fix improper setup for integration tests (#2050)
+  * Improve integration test helper functions (#2049)
+  * Add integration test for issue creating (#2002)
+  * Use testing/benchmark interface (#1993)
+  * Add integration test for repository migration (#1983)
+  * Consolidate boilerplate in integration tests (#1979)
+  * Set console to debug for integration tests (#1976)
+  * Add pull-create integration test (#1972)
+  * Coverage reports for integration tests (#1960)
+  * Add integration test for pull-request merge (#1912)
+  * Add integration test for file editing (#1907)
+  * Add integration test for repository forking (#1896)
+  * Run unused test (#1875)
+  * Don't recreate database in integration tests (#1697)
+  * remove sqlite tag when integration test with mysql/postgres and recreate database when init integration test (#1693)
+  * MySQL, Postgres integration tests in drone (#1638)
+  * improve integration test to resue models/fixtures and store git repos with tests (#1627)
+  * Improve govendor testing (#1623)
+  * Integration test framework (#1290)
+  * Unit tests for issue_list (#1209)
+  * Add integration test for signup (#1135)
+* TRANSLATION
+  * update translation from crowdin (#2368) (#2380)
+  * Small fixes (#2144)
+  * Missing signed commit display translations (#2134)
+  * Sync latest translations from crowdin (#2104)
+  * Add make command update-translations for update translations from crodwin (#2097)
+  * Fix some mistakes (#1833)
+  * Improve clarity between is_activated and prohibit_login (#1788)
+  * Improve grammar (#1775)
+  * Fix bad grammar and wordiness (#1741)
+  * Make strings translatable (#1188) (#1198)
+* BUILD
+  * Dockerfile for aarch64 (#1128) (#1130)
+  * backport from v1.2 branch: add secrets for github release (#2588) (#2598)
+  * Add secrets for github release to fix drone failed (#2588)
+  * Backport changes for latest drone (#2586)
+  * Removing .drone.yml.sig (#2579)
+  * Fix drone for tags (#2573) (#2576)
+  * Backport: Remove go version check for make fmt (#2558) (#2561)
+  * Backport: Fix lint, fmt and integration testing errors (#2553)
+  * update latest xorm version to vendor (#2353)
+  * Remove integration test executables on `make clean` (#2340)
+  * refactor(Makefile): allow overriding default go program (#2310)
+  * Revert to upstream ini dependency (#2304)
+  * Use /dev/urandom to create random password (#2298)
+  * update drone sig file. (#2262)
+  * go get github.com/wadey/gocovmerge when needed (#2235)
+  * fix typo (#2145)
+  * Revert "Reduce number of layer" (#2086)
+  * Reduce number of layer (#2078)
+  * Skip sqlite integration in CI (#2058)
+  * fix golint error and rename func for suggestion. (#1997)
+  * fix misspell (#1996)
+  * update drone sig file (#1981)
+  * send notification if status changed (#1973)
+  * switch gitter to discord for drone. (#1971)
+  * Fix missing backslash in Dockerfile.rpi (#1952)
+  * Don't run 'make release' on PRs (#1908)
+  * Update code.gitea.io/git (#1892)
+  * Use production version of vuejs (#1869)
+  * Add a variable for docker tag (#1825)
+  * resign drone and fix #1816 (#1819)
+  * Separate generate swagger + fix sed os specific (#1791)
+  * Only run coverage on merges/pushes to master (#1783)
+  * Remove stale rule from Makefile (#1782)
+  * feat: upgrade drone docker image to support multi-stage build. (#1732)
+  * Realy don't cache apk index (#1694)
+  * Limit clone depth when drone-building (#1644)
+  * Refactor Dockerfile (#1632)
+  * Check if missing/modified/unused deps in vendor and fix errors (#1468)
+  * Add GOFLAGS and EXTRA_GOFLAGS (#1438)
+  * Include formatting check to the `make test` (and thus also `check`) rule (#1366)
+* DOCS
+  * fix wrong changelog title (#2395)
+  * fix webhook link (#2289)
+  * Improve swagger doc (#2274)
+  * Add link to forum in issue template (#2070)
+  * add missing lfs config on example file (#2039)
+  * Add discourse link (#2027)
+  * Fix wording (#2024)
+  * Fix typo (#1974)
+  * Swagger docs for list/create forks (#1941)
+  * Update links to Discord server (#1940)
+  * [ci skip] update discord badge. (#1930)
+  * Change join chat from gitter to discord (#1929)
+  * Update changelog with v1.1.1 (#1926)
+  * Correct grammar in APIEmpty documentation (#1748)
+  * Add swagger comment for MirrorSync (#1747)
+  * Add "Table of Contents" in CONTRIBUTING.md (#1634)
+  * Fix service description in Debian init file (#1538)
+  * Use MAINTAINERS file in repository in CONTRIBUTING (#1489)
+  * Generate swagger json (#1402)
+  * Changed text when password reset disabled. (#1364)
+  * Removed email copyright year (#1348)
+  * Specify that time interval units are seconds (#1311)
+  * Gitea OpenID-2.0 login has been tested with livejournal.com too (#1306)
+  * Make wording of commit search more clear (#1291)
+  * Add notice that LFS mirroring is not supported (#1251)
+  * Fix typos in models/ and modules/ (#1248)
+  * Refactor and fix incorrect comment (#1247)
+  * Fix migration comment (#1241)
+  * Update locale_en-US.ini (#1235)
+  * Add LibreJS support (#1201)
+  * rename OSX to macOS (#1176)
+  * add mssql to app.ini db config comment (#1172)
+  * Add MSSQL to issues template (#1171)
+* MISC
+  * Add badge and link to the Matrix room (#2348)
+  * ignore coverage steps. (#2257)
+  * Use sqlite3 database as default for Docker image (#2182)
+  * update drone discord plugin to 0.0.4 version (#1992)
+  * fix typo (#1990)
+  * Move 3rd party js/css into `public/vendor` and document sources (#2383)
+  * Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
+  * Fix variable name typo (#2327)
+  * Make use of Vue more universal (#2318)
+  * Remove (almost) server side data rendering from repo-search component (#2317)
+  * Add OpenID configuration in install page (#2276)
+  * More tweaks to repo top panel (#2267)
+  * File path tweaks in UI (#2264)
+  * Make SHOW_USER_EMAIL also apply to profiles (#2258)
+  * EnableUnit() -> UnitEnabled() (#2242)
+  * Prevent selection of diff line numbers (#2240)
+  * Remove unused variable on makefile (#2225)
+  * No error log entries for repo 404 (#2200)
+  * Refactor vue delimeters to use es6 template delimeters (#2171)
+  * Replace tmp with TMPDIR. (#2152)
+  * Remove unused files (#2124)
+  * Improve org error handling (#2117)
+  * Absolute path for setting.CustomConf (#2085)
+  * remove deprecated code for Gogs compitable (#2041)
+  * Refactor session close as xorm already does everything needed internally  (#2020)
+  * SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
+  * Use monospace font in githook editor (#1958)
+  * Fix import order (#1951)
+  * Gracefully handle bare repositories on API operations. (#1932)
+  * Fix errors caused by force push (#1927)
+  * Display URLs in integration test logs (#1924)
+  * Set TMPDIR enviroment variable for dump command (#1915)
+  * Cache ctx.User in retrieveFeeds (#1902)
+  * Make `LocalCopyPath` a setting instead of a hard-coded path (#1881)
+  * Add check misspelling (#1877)
+  * Fix misspelled variables (#1874)
+  * Gofmt (#1868, #1710, #1662)
+  * Rename misnamed migration (#1867)
+  * Support CRLF when splitting code lines for display (#1862)
+  * Add convert less css file step. (#1861)
+  * Prevent accidential selection of line numbers in code view (#1860)
+  * Delete Public SSH Key tmp file after calculating fingerprint (#1855)
+  * Remove annoying difference in button heights. (#1853)
+  * Only run test coverage on master branch. (#1838)
+  * Error from mktemp command in MacOS. (#1837)
+  * Use writeTmpKeyFile in calcFingerprint (#1828)
+  * ROOT_URL setting use the default as shown in conf/app.ini (#1823)
+  * Rename RepoCreationNum -> MaxCreationLimit (#1766)
+  * Add button to admin ui (#1738)
+  * Correct spelling mistakes (#1703)
+  * Make openid support default false for compitable with v1.1 (#1650)
+  * Send mails as HTML as default. Setting for send as plain text. (#1648)
+  * fix potential lock when sqlite (#1647)
+  * Optimize png images via Google zopflipng [ci skip] (#1639)
+  * Upgrade alpine to v3.5 in Dockerfile (#1633)
+  * remove unused vendor packages (#1620)
+  * markup: microoptimise for many short filenames in directory (#1534)
+  * support health check via / and fix #969 (#1520)
+  * Remove env user salt since no need to use (#1515)
+  * Drop db operations from hook commands (#1514)
+  * Better URL validation (#1507)
+  * Migrate WatchInfo struct to api (#1492)
+  * refactor: show command help message. (#1486)
+  * refactor update ssh key use time (#1466)
+  * Set VERSION from git once, in a variable (#1447)
+  * Remove unused mutex field (#1440)
+  * Simplify settings pages with item list (#1389)
+  * Clean-up PostgreSQL Tests (#1361)
+  * refactor: remove workaround after the golang 1.7 release. (#1349)
+  * Delete the useless code (#1335)
+  * Run "make fmt" with go-1.6 (#1333)
+  * Refactor admin/auth/new.tmpl (#1277)
+  * Refactor repo/issue/view_content.tmpl (#1276)
+  * Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
+  * Cleaner UI for explore page (#1253) (#1255)
+  * Synced licenses with github repo (#1246)
+  * Synced gitignores with github repo (#1245)
+  * Simplify RepositoryList.loadAttributes() (#1211)
+  * Move user_follow to separate file (#1210)
+  * Reduce conditionals in signin/signup inner forms (#1138)
+
+## [1.1.4](https://github.com/go-gitea/gitea/releases/tag/v1.1.4) - 2017-09-04
+
+* BUGFIXES
+  * Fix rendering of external links (#2292) (#2315)
+  * Fix deleted milestone bug (#1942) (#2300)
+  * fix 500 error when view an issue which's milestone deleted (#2297) (#2299)
+  * Fix SHA1 hash linking (#2143) (#2293)
+  * back port from #1709 (#2291)

 ## [1.1.3](https://github.com/go-gitea/gitea/releases/tag/v1.1.3) - 2017-08-03

--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -8,6 +8,7 @@
  - [Discuss your design](#discuss-your-design)
  - [Testing redux](#testing-redux)
  - [Vendoring](#vendoring)
+  - [Translation](#translation)
  - [Code review](#code-review)
  - [Styleguide](#styleguide)
  - [Sign your work](#sign-your-work)
@@ -19,47 +20,107 @@

 ## Introduction

-This document explains how to contribute changes to the Gitea project. It assumes you have followed the [installation instructions](https://docs.gitea.io/en-us/). Sensitive security-related issues should be reported to [security@gitea.io](mailto:security@gitea.io).
+This document explains how to contribute changes to the Gitea project.
+It assumes you have followed the
+[installation instructions](https://docs.gitea.io/en-us/).
+Sensitive security-related issues should be reported to
+[security@gitea.io](mailto:security@gitea.io).
+
+For configuring IDE or code editor to develop Gitea see [IDE and code editor configuration](contrib/ide/)

 ## Bug reports

-Please search the issues on the issue tracker with a variety of keywords to ensure your bug is not already reported.
+Please search the issues on the issue tracker with a variety of keywords
+to ensure your bug is not already reported.

-If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new) and answer the questions so we can understand and reproduce the problematic behavior.
+If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new)
+and answer the questions so we can understand and reproduce the
+problematic behavior.

-To show us that the issue you are having is in Gitea itself, please write clear, concise instructions so we can reproduce the behavior (even if it seems obvious). The more detailed and specific you are, the faster we can fix the issue. Check out [How to Report Bugs Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html).
+To show us that the issue you are having is in Gitea itself, please
+write clear, concise instructions so we can reproduce the behavior—
+even if it seems obvious. The more detailed and specific you are,
+the faster we can fix the issue. Check out [How to Report Bugs
+Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html).

-Please be kind, remember that Gitea comes at no cost to you, and you're getting free help.
+Please be kind, remember that Gitea comes at no cost to you, and you're
+getting free help.

 ## Discuss your design

-The project welcomes submissions but please let everyone know what you're working on if you want to change or add something to the Gitea repositories.
+The project welcomes submissions. If you want to change or add something, 
+please let everyone know what you're working on—[file an issue](https://github.com/go-gitea/gitea/issues/new)! 
+Significant changes must go through the [change proposal process](https://github.com/go-gitea/proposals) 
+before they can be accepted.

-Before starting to write something new for the Gitea project, please [file an issue](https://github.com/go-gitea/gitea/issues/new). Significant changes must go through the [change proposal process](https://github.com/go-gitea/proposals) before they can be accepted.
-
-This process gives everyone a chance to validate the design, helps prevent duplication of effort, and ensures that the idea fits inside the goals for the project and tools. It also checks that the design is sound before code is written; the code review tool is not the place for high-level discussions.
+This process gives everyone a chance to validate the design, helps
+prevent duplication of effort, and ensures that the idea fits inside
+the goals for the project and tools. It also checks that the design is
+sound before code is written; the code review tool is not the place for
+high-level discussions.

 ## Testing redux

-Before sending code out for review, run all the tests for the whole tree to make sure the changes don't break other usage and keep the compatibility on upgrade. To make sure you are running the test suite exactly like we do, you should install the CLI for [Drone CI](https://github.com/drone/drone), as we are using the server for continous testing, following [these instructions](http://readme.drone.io/usage/getting-started-cli). After that you can simply call `drone exec` within your working directory and it will try to run the test suite locally.
+Before sending code out for review, run all the tests for the
+whole tree to make sure the changes don't break other usage
+and keep the compatibility on upgrade. To make sure you are
+running the test suite exactly like we do, you should install
+the CLI for [Drone CI](https://github.com/drone/drone), as
+we are using the server for continous testing, following [these
+instructions](http://readme.drone.io/usage/getting-started-cli). After that, 
+you can simply call `drone exec` within your working directory and it will try 
+to run the test suite locally.

 ## Vendoring

-We keep a cached copy of dependencies within the `vendor/` directory, managing updates via [govendor](http://github.com/kardianos/govendor).
+We keep a cached copy of dependencies within the `vendor/` directory,
+managing updates via [govendor](http://github.com/kardianos/govendor).

-Pull requests should only include `vendor/` updates if they are part of the same change, be it a bugfix or a feature addition.
+Pull requests should only include `vendor/` updates if they are part of
+the same change, be it a bugfix or a feature addition.

-The `vendor/` update needs to be justified as part of the PR description, and must be verified by the reviewers and/or merger to always reference an existing upstream commit.
+The `vendor/` update needs to be justified as part of the PR description,
+and must be verified by the reviewers and/or merger to always reference
+an existing upstream commit.
+
+## Translation
+
+We do all translation work inside [Crowdin](https://crowdin.com/project/gitea).
+The only translation that is maintained in this git repository is
+[`en_US.ini`](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini)
+and is synced regularily to Crowdin. Once a translation has reached
+A SATISFACTORY PERCENTAGE it will be synced back into this repo and
+included in the next released version.
+
+## Building Gitea
+
+Generally, the go build tools are installed as-needed in the `Makefile`.
+An exception are the tools to build the CSS and images.
+
+- To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager)
+  with `npm` and then run `npm install` and `make stylesheets`.
+- To build Images: ImageMagick, inkscape and zopflipng binaries must be
+  available in your `PATH` to run `make generate-images`.

 ## Code review

-Changes to Gitea must be reviewed before they are accepted, no matter who makes the change even if it is an owner or a maintainer. We use GitHub's pull request workflow to do that and we also use [LGTM](http://lgtm.co) to ensure every PR is reviewed by at least 2 maintainers.
+Changes to Gitea must be reviewed before they are accepted—no matter who
+makes the change, even if they are an owner or a maintainer. We use GitHub's
+pull request workflow to do that. And, we also use [LGTM](http://lgtm.co)
+to ensure every PR is reviewed by at least 2 maintainers.

-Please try to make your pull request easy to review for us. Please read the "[How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md)" guide, it has lots of useful tips for any project you may want to contribute. Some of the key points:
+Please try to make your pull request easy to review for us. And, please read 
+the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md)* guide;
+it has lots of useful tips for any project you may want to contribute.
+Some of the key points:

-* Make small pull requests. The smaller, the faster to review and the more likely it will be merged soon.
-* Don't make changes unrelated to your PR. Maybe there are typos on some comments, maybe refactoring would be welcome on a function... but if that is not related to your PR, please make *another* PR for that.
-* Split big pull requests into multiple small ones. An incremental change will be faster to review than a huge PR.
+* Make small pull requests. The smaller, the faster to review and the
+  more likely it will be merged soon.
+* Don't make changes unrelated to your PR. Maybe there are typos on
+  some comments, maybe refactoring would be welcome on a function... but
+  if that is not related to your PR, please make *another* PR for that.
+* Split big pull requests into multiple small ones. An incremental change
+  will be faster to review than a huge PR.

 ## Styleguide

@@ -80,37 +141,86 @@ import (
 )
 ```

-## Sign your work
+## Sign-off your work

-The sign-off is a simple line at the end of the explanation for the patch. Your signature certifies that you wrote the patch or otherwise have the right to pass it on as an open-source patch. The rules are pretty simple: If you can certify [DCO](DCO), then you just add a line to every git commit message:
+The sign-off is a simple line at the end of the explanation for the
+patch. Your signature certifies that you wrote the patch or otherwise
+have the right to pass it on as an open-source patch. The rules are
+pretty simple: If you can certify [DCO](DCO), then you just add a line
+to every git commit message:

 ```
 Signed-off-by: Joe Smith <joe.smith@email.com>
 ```

-Please use your real name, we really dislike pseudonyms or anonymous contributions. We are in the open-source world without secrets. If you set your `user.name` and `user.email` git configs, you can sign your commit automatically with `git commit -s`.
+Please use your real name; we really dislike pseudonyms or anonymous
+contributions. We are in the open-source world without secrets. If you
+set your `user.name` and `user.email` git configs, you can sign-off your
+commit automatically with `git commit -s`.

 ## Release Cycle

-We adopted a release schedule to streamline the process of working on, finishing, and issuing releases. The overall goal is to make a major release every two months, which breaks down into one month of general development followed by one month of testing and polishing known as the release freeze. A release is maintained by issuing minor releases to only correct critical problems such as crashes or security issues. All the feature pull requests should be merged in the first month of one release period. 
+We adopted a release schedule to streamline the process of working
+on, finishing, and issuing releases. The overall goal is to make a
+minor release every two months, which breaks down into one month of
+general development followed by one month of testing and polishing
+known as the release freeze. All the feature pull requests should be
+merged in the first month of one release period. And, during the frozen
+period, a corresponding release branch is open for fixes backported from
+master. Release candidates are made during this period for user testing to
+obtain a final version that is maintained in this branch. A release is
+maintained by issuing patch releases to only correct critical problems
+such as crashes or security issues.

-The current release cycle is aligned to start on December 25 to February 24, next is February 25 to April 24, and etc. On this cycle, we also maybe publish the previous release minor version. For example, the current release version is v1.1, but we maybe also publish v1.0.2. When we publish v1.2, then we will stop publish v1.0.3.
+Major release cycles are bimonthly. They always begin on the 25th and end on 
+the 24th (i.e., the 25th of December to February 24th). 
+
+During a development cycle, we may also publish any necessary minor releases 
+for the previous version. For example, if the latest, published release is 
+v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are
+still possible.

 ## Maintainers

-To make sure every PR is checked, we have [team maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least two maintainers (or owners) before it can get merged. A maintainer should be a contributor of Gitea (or Gogs) and contributed at least 4 accepted PRs. A contributor should apply as a maintainer in the [Discord](https://discord.gg/NsatcWJ) #develop channel. The owners or the team maintainers may invite the contributor. A maintainer should spend some time on code reviews. If a maintainer has no time to do that, they should apply to leave the maintainers team and we will give them the honor of being a member of the [advisors team](https://github.com/orgs/go-gitea/teams/advisors). Of course, if an advisor has time to code review, we will gladly welcome them back to the maintainers team. If a maintainer is inactive for more than 3 months and forgets to leave the maintainers team, the owners may move him or her from the maintainers team to the advisors team.
+To make sure every PR is checked, we have [team
+maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least
+two maintainers (or owners) before it can get merged. A maintainer
+should be a contributor of Gitea (or Gogs) and contributed at least
+4 accepted PRs. A contributor should apply as a maintainer in the
+[Discord](https://discord.gg/NsatcWJ) #develop channel. The owners
+or the team maintainers may invite the contributor. A maintainer
+should spend some time on code reviews. If a maintainer has no
+time to do that, they should apply to leave the maintainers team
+and we will give them the honor of being a member of the [advisors
+team](https://github.com/orgs/go-gitea/teams/advisors). Of course, if
+an advisor has time to code review, we will gladly welcome them back
+to the maintainers team. If a maintainer is inactive for more than 3
+months and forgets to leave the maintainers team, the owners may move
+him or her from the maintainers team to the advisors team.

 ## Owners

-Since Gitea is a pure community organization without any company support, to keep the development healthy we will elect three owners every year. All contributors may vote to elect up to three candidates, one of which will be the main owner, and the other two the assistant owners. When the new owners have been elected, the old owners will give up ownership to the newly elected owners. If an owner is unable to do so, the other owners will assist in ceding ownership to the newly elected owners.
+Since Gitea is a pure community organization without any company support,
+to keep the development healthy we will elect three owners every year. All
+contributors may vote to elect up to three candidates, one of which will
+be the main owner, and the other two the assistant owners. When the new
+owners have been elected, the old owners will give up ownership to the
+newly elected owners. If an owner is unable to do so, the other owners
+will assist in ceding ownership to the newly elected owners.

-After the election, the new owners should proactively agree with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the [Discord](https://discord.gg/NsatcWJ) #general channel. Below are the words to speak:
+After the election, the new owners should proactively agree
+with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
+[Discord](https://discord.gg/NsatcWJ) #general channel. Below are the
+words to speak:

 ```
-I'm honored to having been elected an owner of Gitea, I agree with [CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea and lead the development of Gitea.
+I'm honored to having been elected an owner of Gitea, I agree with
+[CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea
+and lead the development of Gitea.
 ```

-To honor the past owners, here's the history of the owners and the time they served:
+To honor the past owners, here's the history of the owners and the time
+they served:

 * 2016-11-04 ~ 2017-12-31
  * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
@@ -119,9 +229,16 @@ To honor the past owners, here's the history of the owners and the time they ser

 ## Versions

-Gitea has the `master` branch as a tip branch and has version branches such as `v0.9`. `v0.9` is a release branch and we will tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept pull requests on the `v0.9` branch and publish a `v0.9.1` tag, after bringing the bug fix also to the master branch.
+Gitea has the `master` branch as a tip branch and has version branches
+such as `release/v0.9`. `release/v0.9` is a release branch and we will
+tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept
+pull requests on the `release/v0.9` branch and publish a `v0.9.1` tag,
+after bringing the bug fix also to the master branch.

-Since the `master` branch is a tip version, if you wish to use Gitea in production, please download the latest release tag version. All the branches will be protected via GitHub, all the PRs to every branch must be reviewed by two maintainers and must pass the automatic tests.
+Since the `master` branch is a tip version, if you wish to use Gitea
+in production, please download the latest release tag version. All the
+branches will be protected via GitHub, all the PRs to every branch must
+be reviewed by two maintainers and must pass the automatic tests.

 ## Copyright

@@ -133,4 +250,6 @@ Code that you contribute should use the standard copyright header:
 // license that can be found in the LICENSE file.
 ```

-Files in the repository contain copyright from the year they are added to the year they are last changed. If the copyright author is changed, just paste the header below the old one.
+Files in the repository contain copyright from the year they are added
+to the year they are last changed. If the copyright author is changed,
+just paste the header below the old one.
--- a/6
+++ b/6
@@ -1,5 +1,6 @@
-FROM alpine:3.5
-MAINTAINER Thomas Boerger <thomas@webhippie.de>
+FROM alpine:3.6
+
+LABEL maintainer="The Gitea Authors"

 EXPOSE 22 3000

@@ -13,6 +14,7 @@ RUN apk --no-cache add \
    s6 \
    curl \
    openssh \
+    gettext \
    tzdata
 RUN addgroup \
    -S -g 1000 \
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -1,4 +1,6 @@
-FROM multiarch/alpine:aarch64-v3.5
+FROM multiarch/alpine:aarch64-v3.6
+
+LABEL maintainer="The Gitea Authors"

 EXPOSE 22 3000

@@ -12,6 +14,7 @@ RUN apk --no-cache add \
    s6 \
    curl \
    openssh \
+    gettext \
    tzdata
 RUN addgroup \
    -S -g 1000 \
--- a/Dockerfile.rpi
+++ b/Dockerfile.rpi
@@ -1,5 +1,6 @@
-FROM multiarch/alpine:armhf-v3.5
-MAINTAINER Thomas Boerger <thomas@webhippie.de>
+FROM multiarch/alpine:armhf-v3.6
+
+LABEL maintainer="The Gitea Authors"

 EXPOSE 22 3000

@@ -13,6 +14,7 @@ RUN apk --no-cache add \
    s6 \
    curl \
    openssh \
+    gettext \
    tzdata
 RUN addgroup \
    -S -g 1000 \
--- a/2
+++ b/2
@@ -16,3 +16,5 @@ Patrick G <geek1011@outlook.com> (@geek1011)
 Antoine Girard <sapk@sapk.fr> (@sapk)
 Lauris Bukšis-Haberkorns <lauris@nix.lv> (@lafriks)
 Jonas Östanbäck <jonas.ostanback@gmail.com> (@cez81)
+David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
+Peter Žeby <morlinest@gmail.com> (@morlinest)
--- a/104
+++ b/104
@@ -15,7 +15,6 @@ else
 endif

 BINDATA := modules/{options,public,templates}/bindata.go
-STYLESHEETS := $(wildcard public/less/index.less public/less/_*.less)
 DOCKER_TAG := gitea/gitea:latest
 GOFILES := $(shell find . -name "*.go" -type f ! -path "./vendor/*" ! -path "*/bindata.go")
 GOFMT ?= gofmt -s
@@ -32,6 +31,15 @@ TAGS ?=

 TMPDIR := $(shell mktemp -d 2>/dev/null || mktemp -d -t 'gitea-temp')

+TEST_MYSQL_HOST ?= mysql:3306
+TEST_MYSQL_DBNAME ?= testgitea
+TEST_MYSQL_USERNAME ?= root
+TEST_MYSQL_PASSWORD ?=
+TEST_PGSQL_HOST ?= pgsql:5432
+TEST_PGSQL_DBNAME ?= testgitea
+TEST_PGSQL_USERNAME ?= postgres
+TEST_PGSQL_PASSWORD ?= postgres
+
 ifeq ($(OS), Windows_NT)
 	EXECUTABLE := gitea.exe
 else
@@ -54,13 +62,14 @@ all: build
 .PHONY: clean
 clean:
 	$(GO) clean -i ./...
-	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) integrations*.test
-
-required-gofmt-version:
-	@$(GO) version  | grep -q '\(1.7\|1.8\)' || { echo "We require go version 1.7 or 1.8 to format code" >&2 && exit 1; }
+	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) \
+		integrations*.test \
+		integrations/gitea-integration-pgsql/ integrations/gitea-integration-mysql/ integrations/gitea-integration-sqlite/ \
+		integrations/indexers-mysql/ integrations/indexers-pgsql integrations/indexers-sqlite \
+		integrations/mysql.ini integrations/pgsql.ini

 .PHONY: fmt
-fmt: required-gofmt-version
+fmt:
 	$(GOFMT) -w $(GOFILES)

 .PHONY: vet
@@ -80,8 +89,6 @@ generate-swagger:
 		$(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger; \
 	fi
 	swagger generate spec -o ./public/swagger.v1.json
-	$(SED_INPLACE) "s;\".ref\": \"#/definitions/GPGKey\";\"type\": \"object\";g" ./public/swagger.v1.json
-	$(SED_INPLACE) "s;^          \".ref\": \"#/definitions/Repository\";          \"type\": \"object\";g" ./public/swagger.v1.json

 .PHONY: errcheck
 errcheck:
@@ -112,7 +119,7 @@ misspell:
 	misspell -w -i unknwon $(GOFILES)

 .PHONY: fmt-check
-fmt-check: required-gofmt-version
+fmt-check:
 	# get all go files and run go fmt on them
 	@diff=$$($(GOFMT) -d $(GOFILES)); \
 	if [ -n "$$diff" ]; then \
@@ -122,20 +129,21 @@ fmt-check: required-gofmt-version
 	fi;

 .PHONY: test
-test: fmt-check
+test:
 	$(GO) test $(PACKAGES)

-.PHONY: test-coverage
-test-coverage: unit-test-coverage integration-test-coverage
+.PHONY: coverage
+coverage:
 	@hash gocovmerge > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) get -u github.com/wadey/gocovmerge; \
 	fi
+	echo "mode: set" > coverage.all
 	for PKG in $(PACKAGES); do\
-	  touch $$GOPATH/src/$$PKG/coverage.out;\
-	  egrep "$$PKG[^/]*\.go" integration.coverage.out > int.coverage.out;\
-	  gocovmerge $$GOPATH/src/$$PKG/coverage.out int.coverage.out > pkg.coverage.out;\
-	  mv pkg.coverage.out $$GOPATH/src/$$PKG/coverage.out;\
-	  rm int.coverage.out;\
+		egrep "$$PKG[^/]*\.go" integration.coverage.out > int.coverage.out;\
+		gocovmerge $$GOPATH/src/$$PKG/coverage.out int.coverage.out > pkg.coverage.out;\
+		grep -h -v "^mode:" pkg.coverage.out >>  coverage.all;\
+		mv pkg.coverage.out $$GOPATH/src/$$PKG/coverage.out;\
+		rm int.coverage.out;\
 	done;

 .PHONY: unit-test-coverage
@@ -159,34 +167,48 @@ test-vendor:
 test-sqlite: integrations.sqlite.test
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test

+generate-ini:
+	sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \
+		-e 's|{{TEST_MYSQL_DBNAME}}|${TEST_MYSQL_DBNAME}|g' \
+		-e 's|{{TEST_MYSQL_USERNAME}}|${TEST_MYSQL_USERNAME}|g' \
+		-e 's|{{TEST_MYSQL_PASSWORD}}|${TEST_MYSQL_PASSWORD}|g' \
+			integrations/mysql.ini.tmpl > integrations/mysql.ini
+	sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
+		-e 's|{{TEST_PGSQL_DBNAME}}|${TEST_PGSQL_DBNAME}|g' \
+		-e 's|{{TEST_PGSQL_USERNAME}}|${TEST_PGSQL_USERNAME}|g' \
+		-e 's|{{TEST_PGSQL_PASSWORD}}|${TEST_PGSQL_PASSWORD}|g' \
+			integrations/pgsql.ini.tmpl > integrations/pgsql.ini
+
 .PHONY: test-mysql
-test-mysql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test
+test-mysql: integrations.mysql.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test

 .PHONY: test-pgsql
-test-pgsql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test
-
+test-pgsql: integrations.pgsql.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test

 .PHONY: bench-sqlite
 bench-sqlite: integrations.sqlite.test
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.bench .

 .PHONY: bench-mysql
-bench-mysql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test -test.bench .
+bench-mysql: integrations.mysql.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.bench .

 .PHONY: bench-pgsql
-bench-pgsql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test -test.bench .
+bench-pgsql: integrations.pgsql.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.bench .


 .PHONY: integration-test-coverage
-integration-test-coverage: integrations.cover.test
+integration-test-coverage: integrations.cover.test generate-ini
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out

-integrations.test: $(SOURCES)
-	$(GO) test -c code.gitea.io/gitea/integrations
+integrations.mysql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.mysql.test
+
+integrations.pgsql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.pgsql.test

 integrations.sqlite.test: $(SOURCES)
 	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite'
@@ -265,31 +287,25 @@ public/js/index.js: $(JAVASCRIPTS)
 	cat $< >| $@

 .PHONY: stylesheets-check
-stylesheets-check: stylesheets
+stylesheets-check: generate-stylesheets
 	@diff=$$(git diff public/css/index.css); \
 	if [ -n "$$diff" ]; then \
-		echo "Please run 'make stylesheets' and commit the result:"; \
+		echo "Please run 'make generate-stylesheets' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
 	fi;

-.PHONY: stylesheets
-stylesheets: public/css/index.css
-
-.IGNORE: public/css/index.css
-public/css/index.css: $(STYLESHEETS)
-	@which lessc > /dev/null; if [ $$? -ne 0 ]; then \
-		$(GO) get -u github.com/kib357/less-go/lessc; \
-	fi
-	lessc -i $< -o $@
+.PHONY: generate-stylesheets
+generate-stylesheets:
+	node_modules/.bin/lessc --no-ie-compat --clean-css public/less/index.less public/css/index.css

 .PHONY: swagger-ui
 swagger-ui:
-	rm -Rf public/assets/swagger-ui
-	git clone --depth=10 -b v3.0.7 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
-	mv $(TMPDIR)/swagger-ui/dist public/assets/swagger-ui
+	rm -Rf public/vendor/assets/swagger-ui
+	git clone --depth=10 -b v3.3.2 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
+	mv $(TMPDIR)/swagger-ui/dist public/vendor/assets/swagger-ui
 	rm -Rf $(TMPDIR)/swagger-ui
-	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../swagger.v1.json;g" public/assets/swagger-ui/index.html
+	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../../swagger.v1.json;g" public/vendor/assets/swagger-ui/index.html

 .PHONY: update-translations
 update-translations:
--- a/README.md
+++ b/README.md
@@ -6,30 +6,45 @@
 [![Join the Discord chat at https://discord.gg/NsatcWJ](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
 [![Join the Matrix chat at https://matrix.to/#/#gitea:matrix.org](https://img.shields.io/badge/matrix-%23gitea%3Amatrix.org-7bc9a4.svg)](https://matrix.to/#/#gitea:matrix.org)
 [![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
-[![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
+[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
 [![Release](https://github-release-version.herokuapp.com/github/go-gitea/gitea/release.svg?style=flat)](https://github.com/go-gitea/gitea/releases/latest)

 | | | |
 |:---:|:---:|:---:|
-|![Dashboard](https://i.imgur.com/3iEQsux.jpg)|![Repository](https://i.imgur.com/glqFnj8.jpg)|![Commits History](https://i.imgur.com/ad1FEpi.jpg)|
-|![Profile](https://i.imgur.com/q81EcGa.jpg)|![Admin Dashboard](https://i.imgur.com/L2CQeN0.jpg)|![Diff](https://i.imgur.com/cNuvMum.jpg)|
-|![Issues](https://i.imgur.com/xCYRqaF.jpg)|![Releases](https://i.imgur.com/ILpRBCe.jpg)|![Organization](https://i.imgur.com/0BHnrcL.jpg)|
+|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
+|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
+|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
+|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|

 ## Purpose

-The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across **all platforms** which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it [with the online demo](https://try.gitea.io/)! This project has been [forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from [Gogs](https://gogs.io).
+The goal of this project is to make the easiest, fastest, and most
+painless way of setting up a self-hosted Git service.
+Using Go, this can be done with an independent binary distribution across
+**all platforms** which Go supports, including Linux, macOS, and Windows
+on x86, amd64, ARM and PowerPC architectures.
+Want to try it before doing anything else?
+Do it [with the online demo](https://try.gitea.io/)!
+This project has been
+[forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from
+[Gogs](https://gogs.io) since 2016.11 but changed a lot.

 ## Notes

 1. **YOU MUST READ THE [CONTRIBUTORS GUIDE](CONTRIBUTING.md) BEFORE STARTING TO WORK ON A PULL REQUEST.**
-2. If you found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
+2. If you have found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
 3. If you're interested in using our APIs, we have experimental support with [documentation](https://godoc.org/code.gitea.io/sdk/gitea).

 ## Docs

-For more information and instructions about how to install Gitea please look at our [documentation](https://docs.gitea.io/en-us/). If you cannot find some specific information, then head over to our [Discord server](https://discord.gg/NsatcWJ) or [Matrix room](https://matrix.to/#/#gitea:matrix.org) to chat with us or use the [forum](https://discourse.gitea.io/).
+For more information and instructions about how to install Gitea, please look 
+at our [documentation](https://docs.gitea.io/en-us/). If you have questions 
+that are not covered by the documentation, you can get in contact with us on 
+our [Discord server](https://discord.gg/NsatcWJ), 
+[Matrix room](https://matrix.to/#/#gitea:matrix.org), 
+or [forum](https://discourse.gitea.io/)!

 ## Contributing

@@ -43,4 +58,6 @@ Fork -> Patch -> Push -> Pull Request

 ## License

-This project is licensed under the MIT License. See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file for the full license text.
+This project is licensed under the MIT License.
+See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file
+for the full license text.
--- a/README_ZH.md
+++ b/README_ZH.md
@@ -12,9 +12,10 @@

 | | | |
 |:---:|:---:|:---:|
-|![Dashboard](https://i.imgur.com/3iEQsux.jpg)|![Repository](https://i.imgur.com/glqFnj8.jpg)|![Commits History](https://i.imgur.com/ad1FEpi.jpg)|
-|![Profile](https://i.imgur.com/q81EcGa.jpg)|![Admin Dashboard](https://i.imgur.com/L2CQeN0.jpg)|![Diff](https://i.imgur.com/cNuvMum.jpg)|
-|![Issues](https://i.imgur.com/xCYRqaF.jpg)|![Releases](https://i.imgur.com/ILpRBCe.jpg)|![Organization](https://i.imgur.com/0BHnrcL.jpg)|
+|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
+|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
+|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
+|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|

 ## 目标

--- a/cmd/dump.go
+++ b/cmd/dump.go
@@ -126,10 +126,7 @@ func runDump(ctx *cli.Context) error {

 		var sessionAbsPath string
 		if setting.SessionConfig.Provider == "file" {
-			if len(setting.SessionConfig.ProviderConfig) == 0 {
-				setting.SessionConfig.ProviderConfig = "data/sessions"
-			}
-			sessionAbsPath, _ = filepath.Abs(setting.SessionConfig.ProviderConfig)
+			sessionAbsPath = setting.SessionConfig.ProviderConfig
 		}
 		if err := zipAddDirectoryExclude(z, "data", setting.AppDataPath, sessionAbsPath); err != nil {
 			log.Fatalf("Failed to include data directory: %v", err)
--- a/cmd/hook.go
+++ b/cmd/hook.go
@@ -84,9 +84,10 @@ func runHookPreReceive(c *cli.Context) error {
 	// the environment setted on serv command
 	repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64)
 	isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
-	//username := os.Getenv(models.EnvRepoUsername)
-	//reponame := os.Getenv(models.EnvRepoName)
-	//repoPath := models.RepoPath(username, reponame)
+	username := os.Getenv(models.EnvRepoUsername)
+	reponame := os.Getenv(models.EnvRepoName)
+	userIDStr := os.Getenv(models.EnvPusherID)
+	repoPath := models.RepoPath(username, reponame)

 	buf := bytes.NewBuffer(nil)
 	scanner := bufio.NewScanner(os.Stdin)
@@ -104,36 +105,37 @@ func runHookPreReceive(c *cli.Context) error {
 			continue
 		}

-		//oldCommitID := string(fields[0])
+		oldCommitID := string(fields[0])
 		newCommitID := string(fields[1])
 		refFullName := string(fields[2])

-		// FIXME: when we add feature to protected branch to deny force push, then uncomment below
-		/*var isForce bool
-		// detect force push
-		if git.EmptySHA != oldCommitID {
-			output, err := git.NewCommand("rev-list", oldCommitID, "^"+newCommitID).RunInDir(repoPath)
-			if err != nil {
-				fail("Internal error", "Fail to detect force push: %v", err)
-			} else if len(output) > 0 {
-				isForce = true
-			}
-		}*/
-
 		branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
 		protectBranch, err := private.GetProtectedBranchBy(repoID, branchName)
 		if err != nil {
 			log.GitLogger.Fatal(2, "retrieve protected branches information failed")
 		}

-		if protectBranch != nil {
-			if !protectBranch.CanPush {
-				// check and deletion
-				if newCommitID == git.EmptySHA {
-					fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
-				} else {
+		if protectBranch != nil && protectBranch.IsProtected() {
+			// detect force push
+			if git.EmptySHA != oldCommitID {
+				output, err := git.NewCommand("rev-list", "--max-count=1", oldCommitID, "^"+newCommitID).RunInDir(repoPath)
+				if err != nil {
+					fail("Internal error", "Fail to detect force push: %v", err)
+				} else if len(output) > 0 {
+					fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
+				}
+			}
+
+			// check and deletion
+			if newCommitID == git.EmptySHA {
+				fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
+			} else {
+				userID, _ := strconv.ParseInt(userIDStr, 10, 64)
+				canPush, err := private.CanUserPush(protectBranch.ID, userID)
+				if err != nil {
+					fail("Internal error", "Fail to detect user can push: %v", err)
+				} else if !canPush {
 					fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
-					//fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
 				}
 			}
 		}
--- a/cmd/serv.go
+++ b/cmd/serv.go
@@ -50,9 +50,9 @@ func setup(logPath string) error {
 	models.LoadConfigs()

 	if setting.UseSQLite3 || setting.UseTiDB {
-		workDir, _ := setting.WorkDir()
-		if err := os.Chdir(workDir); err != nil {
-			log.GitLogger.Fatal(4, "Failed to change directory %s: %v", workDir, err)
+		workPath := setting.AppWorkPath
+		if err := os.Chdir(workPath); err != nil {
+			log.GitLogger.Fatal(4, "Failed to change directory %s: %v", workPath, err)
 		}
 	}

--- a/cmd/web.go
+++ b/cmd/web.go
@@ -14,6 +14,7 @@ import (
 	"strings"

 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/markup/external"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/routers"
 	"code.gitea.io/gitea/routers/routes"
@@ -59,6 +60,8 @@ func runWeb(ctx *cli.Context) error {

 	routers.GlobalInit()

+	external.RegisterParsers()
+
 	m := routes.NewMacaron()
 	routes.RegisterRoutes(m)

--- a/conf/app.ini
+++ b/conf/app.ini
@@ -23,6 +23,8 @@ PULL_REQUEST_QUEUE_LENGTH = 1000
 PREFERRED_LICENSES = Apache License 2.0,MIT License
 ; Disable ability to interact with repositories by HTTP protocol
 DISABLE_HTTP_GIT = false
+; Force ssh:// clone url instead of scp-style uri when default SSH port is used
+USE_COMPAT_SSH_URI = false

 [repository.editor]
 ; List of file extensions that should have line wraps in the CodeMirror editor
@@ -111,6 +113,8 @@ LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
 DISABLE_SSH = false
 ; Whether use builtin SSH server or not.
 START_SSH_SERVER = false
+; Username to use for builtin SSH server. If blank, then it is the value of RUN_USER.
+BUILTIN_SSH_SERVER_USER =
 ; Domain name to be exposed in clone URL
 SSH_DOMAIN = %(DOMAIN)s
 ; Network interface builtin SSH server listens on
@@ -121,6 +125,15 @@ SSH_PORT = 22
 SSH_LISTEN_PORT = %(SSH_PORT)s
 ; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
 SSH_ROOT_PATH =
+; For built-in SSH server only, choose the ciphers to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+; For built-in SSH server only, choose the key exchange algorithms to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
+; For built-in SSH server only, choose the MACs to support for SSH connections,
+; for system SSH this setting has no effect
+SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
 ; Directory to create temporary files when test public key using ssh-keygen,
 ; default is system temporary directory.
 SSH_KEY_TEST_PATH =
@@ -180,10 +193,16 @@ SSL_MODE = disable
 PATH = data/gitea.db
 ; For "sqlite3" only. Query timeout
 SQLITE_TIMEOUT = 500
+; For iterate buffer, default is 50
+ITERATE_BUFFER_SIZE = 50

 [indexer]
 ISSUE_INDEXER_PATH = indexers/issues.bleve
+; repo indexer by default disabled, since it uses a lot of disk space
+REPO_INDEXER_ENABLED = false
+REPO_INDEXER_PATH = indexers/repos.bleve
 UPDATE_BUFFER_LEN = 20
+MAX_FILE_SIZE = 1048576

 [admin]
 ; Disable regular (non-admin) users to create organizations
@@ -204,6 +223,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
 MIN_PASSWORD_LENGTH = 6
 ; True when users are allowed to import local server paths
 IMPORT_LOCAL_PATHS = false
+; Prevent all users (including admin) from creating custom git hooks
+DISABLE_GIT_HOOKS = false

 [openid]
 ;
@@ -234,7 +255,7 @@ ENABLE_OPENID_SIGNIN = true
 ; Example value: trusted.domain.org trusted.domain.net
 WHITELISTED_URIS =
 ; Forbidden URI patterns (POSIX regexp).
-; Space sepaated.
+; Space separated.
 ; Only used if WHITELISTED_URIS is blank.
 ; Example value: loadaverage.org/badguy stackexchange.com/.*spammer
 BLACKLISTED_URIS =
@@ -263,6 +284,12 @@ DEFAULT_KEEP_EMAIL_PRIVATE = false
 ; Default value for AllowCreateOrganization
 ; New user will have rights set to create organizations depending on this setting
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+; Default value for EnableTimetracking
+; Repositories will use timetracking by default depending on this setting
+DEFAULT_ENABLE_TIMETRACKING = true
+; Default value for AllowOnlyContributorsToTrackTime
+; Only users with write permissions could track time if this is true
+DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
 ; Default value for the domain part of the user's email address in the git log
 ; if he has set KeepEmailPrivate true. The user's email replaced with a
 ; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
@@ -308,8 +335,10 @@ PASSWD =
 SEND_AS_PLAIN_TEXT = false
 ; Enable sendmail (override SMTP)
 USE_SENDMAIL = false
-; Specifiy an alternative sendmail binary
+; Specify an alternative sendmail binary
 SENDMAIL_PATH = sendmail
+; Specify any extra sendmail arguments
+SENDMAIL_ARGS =

 [cache]
 ; Either "memory", "redis", or "memcache", default is "memory"
@@ -320,6 +349,9 @@ INTERVAL = 60
 ; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
 ; memcache: `127.0.0.1:11211`
 HOST =
+; Time to keep items in cache if not used, default is 16 hours.
+; Setting it to 0 disables caching
+ITEM_TTL = 16h

 [session]
 ; Either "memory", "file", or "redis", default is "memory"
@@ -350,7 +382,7 @@ GRAVATAR_SOURCE = gravatar
 DISABLE_GRAVATAR = false
 ; Federated avatar lookup uses DNS to discover avatar associated
 ; with emails, see https://www.libravatar.org
-; This value will be forced to be false in offline mode or Gravatar is disbaled.
+; This value will be forced to be false in offline mode or Gravatar is disabled.
 ENABLE_FEDERATED_AVATAR = false

 [attachment]
@@ -366,7 +398,7 @@ MAX_SIZE = 4
 MAX_FILES = 5

 [time]
-; Specifies the format for fully outputed dates. Defaults to RFC1123
+; Specifies the format for fully outputted dates. Defaults to RFC1123
 ; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
 ; For more information about the format see http://golang.org/pkg/time/#pkg-constants
 FORMAT =
@@ -464,7 +496,7 @@ OLDER_THAN = 24h

 ; Synchronize external user data (only LDAP user synchronization is supported)
 [cron.sync_external_users]
-; Syncronize external user data when starting server (default false)
+; Synchronize external user data when starting server (default false)
 RUN_AT_START = false
 ; Interval as a duration between each synchronization (default every 24h)
 SCHEDULE = @every 24h
@@ -505,7 +537,7 @@ MAX_RESPONSE_ITEMS = 50

 [i18n]
 LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
-NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,Français,Nederlands,Latviešu,Русский,日本語,Español,Português do Brasil,Polski,български,Italiano,Suomalainen,Türkçe,čeština,Српски,Svenska,한국어
+NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,Français,Nederlands,Latviešu,Русский,日本語,Español,Português do Brasil,polski,български,Italiano,Suomalainen,Türkçe,čeština,Српски,Svenska,한국어

 ; Used for datetimepicker
 [i18n.datelang]
@@ -541,3 +573,12 @@ SHOW_FOOTER_BRANDING = false
 SHOW_FOOTER_VERSION = true
 ; Show time of template execution in the footer
 SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
+
+[markup.asciidoc]
+ENABLED = false
+; List of file extensions that should be rendered by an external command
+FILE_EXTENSIONS = .adoc,.asciidoc
+; External command to render all matching extensions
+RENDER_COMMAND = "asciidoc --out-file=- -"
+; Input is not a standard input but a file
+IS_INPUT_FILE = false
--- a/contrib/ide/README.md
+++ b/contrib/ide/README.md
@@ -0,0 +1,12 @@
+# IDE and code editor configuration
+
+## Table of Contents
+- [IDE and code editor configuration](#ide-and-code-editor-configuration)
+  - [Microsoft Visual Studio Code](#microsoft-visual-studio-code)
+
+## Microsoft Visual Studio Code
+Download Microsoft Visual Studio Code at https://code.visualstudio.com/ and follow instructions at https://code.visualstudio.com/docs/languages/go to setup Go extension for it.
+
+Create new directory `.vscode` in Gitea root folder and copy contents of folder [contrib/ide/vscode](vscode/) to it. You can now use `Ctrl`+`Shift`+`B` to build gitea executable and `F5` to run it in debug mode.
+
+Supported on Debian, Ubuntu, Red Hat, Fedora, SUSE Linux, MacOS and Microsoft Windows.
--- a/contrib/ide/vscode/launch.json
+++ b/contrib/ide/vscode/launch.json
@@ -0,0 +1,31 @@
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "name": "Launch",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "buildFlags": "",
+      "port": 2345,
+      "host": "127.0.0.1",
+      "program": "${workspaceRoot}/main.go",
+      "env": {},
+      "args": ["web"],
+      "showLog": true
+    },
+    {
+      "name": "Launch (with SQLite3)",
+      "type": "go",
+      "request": "launch",
+      "mode": "debug",
+      "buildFlags": "-tags=\"sqlite\"",
+      "port": 2345,
+      "host": "127.0.0.1",
+      "program": "${workspaceRoot}/main.go",
+      "env": {},
+      "args": ["web"],
+      "showLog": true
+    }
+  ]
+}
--- a/contrib/ide/vscode/tasks.json
+++ b/contrib/ide/vscode/tasks.json
@@ -0,0 +1,51 @@
+{
+  "version": "2.0.0",
+  "tasks": [
+    {
+      "taskName": "Build",
+      "type": "shell",
+      "command": "go",
+      "group": "build",
+      "presentation": {
+        "echo": true,
+        "reveal": "always",
+        "focus": false,
+        "panel": "shared"
+      },
+      "args": ["build"],
+      "linux": {
+        "args": [ "-o", "gitea", "${workspaceRoot}/main.go" ]
+      },
+      "osx": {
+        "args": [ "-o", "gitea", "${workspaceRoot}/main.go" ]
+      },
+      "windows": {
+        "args": [ "-o", "gitea.exe", "\"${workspaceRoot}\\main.go\""]
+      },
+      "problemMatcher": ["$go"]
+    },
+    {
+      "taskName": "Build (with SQLite3)",
+      "type": "shell",
+      "command": "go",
+      "group": "build",
+      "presentation": {
+        "echo": true,
+        "reveal": "always",
+        "focus": false,
+        "panel": "shared"
+      },
+      "args": ["build", "-tags=\"sqlite\""],
+      "linux": {
+        "args": ["-o", "gitea", "${workspaceRoot}/main.go"]
+      },
+      "osx": {
+        "args": ["-o", "gitea", "${workspaceRoot}/main.go"]
+      },
+      "windows": {
+        "args": ["-o", "gitea.exe", "\"${workspaceRoot}\\main.go\""]
+      },
+      "problemMatcher": ["$go"]
+    }
+  ]
+}
--- a/contrib/windows/install-as-service.bat
+++ b/contrib/windows/install-as-service.bat
@@ -1,25 +0,0 @@
-@ECHO off
-
-:: This script relies on nssm.exe to work.
-:: Please, download it and make it available on the system path,
-:: or copy it to the gogs path.
-:: https://nssm.cc/download
-:: This script itself should run in the gogs path, too.
-:: In case of startup failure, please read carefully the log file.
-:: Make sure Gitea work running manually with "gitea web" before running
-:: this script.
-:: And, please, read carefully the installation docs first:
-:: https://gogs.io/docs/installation
-:: To unistall the service, run "nssm remove gogs" and restart Windows.
-
-:: Set the folder where you extracted Gitea. Omit the last slash.
-SET gogspath=C:\gogs
-
-nssm install gogs "%gogspath%\gogs.exe"
-nssm set gogs AppParameters "web"
-nssm set gogs Description "A painless self-hosted Git service."
-nssm set gogs DisplayName "Gitea - Git with a cup of tea"
-nssm set gogs Start SERVICE_DELAYED_AUTO_START
-nssm set gogs AppStdout "%gogspath%\gogs.log"
-nssm start gogs
-pause
--- a/docker/etc/s6/gitea/setup
+++ b/docker/etc/s6/gitea/setup
@@ -12,7 +12,29 @@ fi

 if [ ! -f /data/gitea/conf/app.ini ]; then
    mkdir -p /data/gitea/conf
-    cp /etc/templates/app.ini /data/gitea/conf/app.ini
+
+    # Set INSTALL_LOCK to true only if SECRET_KEY is not empty and
+    # INSTALL_LOCK is empty
+    if [ -n "$SECRET_KEY" ] && [ -z "$INSTALL_LOCK" ]; then
+        INSTALL_LOCK=true
+    fi
+
+    # Substitude the environment variables in the template
+    APP_NAME=${APP_NAME:-"Gitea: Git with a cup of tea"} \
+    RUN_MODE=${RUN_MODE:-"dev"} \
+    SSH_DOMAIN=${SSH_DOMAIN:-"localhost"} \
+    HTTP_PORT=${HTTP_PORT:-"3000"} \
+    ROOT_URL=${ROOT_URL:-""} \
+    DISABLE_SSH=${DISABLE_SSH:-"false"} \
+    SSH_PORT=${SSH_PORT:-"22"} \
+    DB_TYPE=${DB_TYPE:-"sqlite3"} \
+    DB_HOST=${DB_HOST:-"localhost:3306"} \
+    DB_NAME=${DB_NAME:-"gitea"} \
+    DB_USER=${DB_USER:-"root"} \
+    DB_PASSWD=${DB_PASSWD:-""} \
+    INSTALL_LOCK=${INSTALL_LOCK:-"false"} \
+    SECRET_KEY=${SECRET_KEY:-""} \
+    envsubst < /etc/templates/app.ini > /data/gitea/conf/app.ini
 fi

 chown -R git:git /data/gitea /app/gitea /data/git
--- a/docker/etc/templates/app.ini
+++ b/docker/etc/templates/app.ini
@@ -1,3 +1,6 @@
+APP_NAME = $APP_NAME
+RUN_MODE = $RUN_MODE
+
 [repository]
 ROOT = /data/git/repositories

@@ -6,10 +9,19 @@ TEMP_PATH = /data/gitea/uploads

 [server]
 APP_DATA_PATH = /data/gitea
+SSH_DOMAIN       = $SSH_DOMAIN
+HTTP_PORT        = $HTTP_PORT
+ROOT_URL         = $ROOT_URL
+DISABLE_SSH      = $DISABLE_SSH
+SSH_PORT         = $SSH_PORT

 [database]
-DB_TYPE = sqlite3
 PATH = /data/gitea/gitea.db
+DB_TYPE = $DB_TYPE
+HOST    = $DB_HOST
+NAME    = $DB_NAME
+USER    = $DB_USER
+PASSWD  = $DB_PASSWD

 [session]
 PROVIDER_CONFIG = /data/gitea/sessions
@@ -22,3 +34,7 @@ PATH = /data/gitea/attachments

 [log]
 ROOT_PATH = /data/gitea/log
+
+[security]
+INSTALL_LOCK = $INSTALL_LOCK
+SECRET_KEY   = $SECRET_KEY
--- a/docker/usr/bin/entrypoint
+++ b/docker/usr/bin/entrypoint
@@ -1,5 +1,16 @@
 #!/bin/sh

+## Change GID for USER?
+if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then
+    sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group
+    sed -i -e "s/^${USER}:\([^:]*\):\([0-9]*\):[0-9]*/${USER}:\1:\2:${USER_GID}/" /etc/passwd
+fi
+
+## Change UID for USER?
+if [ -n "${USER_UID}" ] && [ "${USER_UID}" != "`id -u ${USER}`" ]; then
+    sed -i -e "s/^${USER}:\([^:]*\):[0-9]*:\([0-9]*\)/${USER}:\1:${USER_UID}:\2/" /etc/passwd
+fi
+
 for FOLDER in /data/gitea/conf /data/gitea/log /data/git /data/ssh; do
    mkdir -p ${FOLDER}
 done
--- a/integrations/api_gpg_keys_test.go
+++ b/integrations/api_gpg_keys_test.go
@@ -0,0 +1,260 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"strconv"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	api "code.gitea.io/sdk/gitea"
+)
+
+func TestGPGKeys(t *testing.T) {
+	prepareTestEnv(t)
+	session := loginUser(t, "user2")
+
+	tt := []struct {
+		name       string
+		reqBuilder func(testing.TB, *http.Request, int) *TestResponse
+		results    []int
+	}{
+		{name: "NoLogin", reqBuilder: MakeRequest,
+			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
+		},
+		{name: "LoggedAsUser2", reqBuilder: session.MakeRequest,
+			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}},
+	}
+
+	for _, tc := range tt {
+
+		//Basic test on result code
+		t.Run(tc.name, func(t *testing.T) {
+			t.Run("ViewOwnGPGKeys", func(t *testing.T) {
+				testViewOwnGPGKeys(t, tc.reqBuilder, tc.results[0])
+			})
+			t.Run("ViewGPGKeys", func(t *testing.T) {
+				testViewGPGKeys(t, tc.reqBuilder, tc.results[1])
+			})
+			t.Run("GetGPGKey", func(t *testing.T) {
+				testGetGPGKey(t, tc.reqBuilder, tc.results[2])
+			})
+			t.Run("DeleteGPGKey", func(t *testing.T) {
+				testDeleteGPGKey(t, tc.reqBuilder, tc.results[3])
+			})
+
+			t.Run("CreateInvalidGPGKey", func(t *testing.T) {
+				testCreateInvalidGPGKey(t, tc.reqBuilder, tc.results[4])
+			})
+			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {
+				testCreateNoneRegistredEmailGPGKey(t, tc.reqBuilder, tc.results[5])
+			})
+			t.Run("CreateValidGPGKey", func(t *testing.T) {
+				testCreateValidGPGKey(t, tc.reqBuilder, tc.results[6])
+			})
+			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
+				testCreateValidSecondaryEmailGPGKey(t, tc.reqBuilder, tc.results[7])
+			})
+		})
+	}
+
+	//Check state after basic add
+	t.Run("CheckState", func(t *testing.T) {
+
+		var keys []*api.GPGKey
+
+		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") //GET all keys
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &keys)
+
+		primaryKey1 := keys[0] //Primary key 1
+		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey1.Emails))
+		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)
+		assert.EqualValues(t, true, primaryKey1.Emails[0].Verified)
+
+		subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C
+		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
+		assert.EqualValues(t, 0, len(subKey.Emails))
+
+		primaryKey2 := keys[1] //Primary key 2
+		assert.EqualValues(t, "FABF39739FE1E927", primaryKey2.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey2.Emails))
+		assert.EqualValues(t, "user21@example.com", primaryKey2.Emails[0].Email)
+		assert.EqualValues(t, false, primaryKey2.Emails[0].Verified)
+
+		var key api.GPGKey
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)) //Primary key 1
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, true, key.Emails[0].Verified)
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)) //Subkey of 38EA3BCED732982C
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
+		assert.EqualValues(t, 0, len(key.Emails))
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)) //Primary key 2
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "FABF39739FE1E927", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user21@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, false, key.Emails[0].Verified)
+
+	})
+
+	//Check state after basic add
+	t.Run("CheckCommits", func(t *testing.T) {
+		t.Run("NotSigned", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithValidEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, true, branch.Commit.Verification.Verified)
+		})
+	})
+}
+
+func testViewOwnGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testViewGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testGetGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testDeleteGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testCreateGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int, publicKey string) {
+	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys", api.CreateGPGKeyOption{
+		ArmoredKey: publicKey,
+	})
+	reqBuilder(t, req, expected)
+}
+
+func testCreateInvalidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, "invalid_key")
+}
+
+func testCreateNoneRegistredEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh
+dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O
+7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR
+3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1
+rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c
+Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w
+bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0
+batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO
+Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK
+qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg
+qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ
+INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz
+1geiY5E=
+=TkP3
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user2@example.com> //primary & activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW
+VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS
+eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod
+5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23
+BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ
+Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl
+eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW
+wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e
+B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi
+KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+
+7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv
+8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN
+HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4
+Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo
+N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ
+Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3
+kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT
+OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ
+7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB
+AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn
+AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6
+Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF
+Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN
+NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6
+lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9
+uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h
+=J59D
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidSecondaryEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user21@example.com> //secondary and not activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4
+PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD
+eY1ym59gvVMLcfbV2yQsyR2hbJlc+dJsl16tigSEe3nwxZSw2IsW92pgEzT9JNUr
+Q+mC8dw4dqY0tYmFazYUGNxufUc/twgQT/Or1aNs0az5Q6Jft4rrTRsh/S7We0VB
+COKGkdcQyYgAls7HJBuPjQRi6DM9VhgBSHLAgSLyaUcZvhZBJr8Qe/q4PP3/kYDJ
+wm4RMnjOLz2pFZPgtRqgcAwpmFtLrACbEB3JABEBAAG0GlVzZXIyIDx1c2VyMjFA
+ZXhhbXBsZS5jb20+iQFUBBMBCAA+FiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmG
+WN4CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ+r85c5/h6Sfx
+Lgf/dq64NBV8+X9an3seaLxePRviva48e4K67/wV/JxtXNO5Z/DhMGz5kHXCsG9D
+CXuWYO8ehlTjEnMZ6qqdDnY+H6bQsb2OS5oPn4RwpPXslAjEKtojPAr0dDsMS2DB
+dUuIm1AoOnewOVO0OFRf1EqX1bivxnN0FVMcO0m8AczfnKDaGb0y/qg/Y9JAsKqp
+j5pZNMWUkntRtGySeJ4CVJMmkVKJAHsa1Qj6MKdFeid4h4y94cBJ4ZdyBxNdpQOx
+ydf0doicovfeqGNO4oWzsGP4RBK2CqGPCUT+EFl20jPvMkKwOjxgqc8p0z3b2UT9
+9bnmCGHgF/fW1HJ3iKmfFPqnLkBDQRZhljeAQgA5AirU/NJGgm19ZJYFOiHftjS
+azbrPxGeD3cSqmvDPIMc1DNZGfQV5D4EVumnVbQBtL6xHFoGKz9KisUMbe4a/X2J
+S8JmIphQWG0vMJX1DaZIzr2gT71MnPD7JMGsSUCh5dIKpTNTZX4w+oGPGOu0/UlL
+x0448AryKwp30J2p6D4GeI0nb03n35S2lTOpnHDn1wj7Jl/8LS2fdFOdNaNHXSZe
+twdSwJKhyBEiScgeHBDyKqo8zWkYoSb9eA2HiYlbVaiNtp24KP1mIEpiUdrRjWno
+zauYSZGHZlOFMgF4dKWuetPiuH9m7UYZGKyMLfQ9vYFb+xcPh2bLCQHJ1OEmMQAR
+AQABiQE8BBgBCAAmFiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmGWN4CGwwFCQPC
+ZwAACgkQ+r85c5/h6Sfjfwf+O4WEjRdvPJLxNy7mfAGoAqDMHIwyH/tVzYgyVhnG
+h/+cfRxJbGc3rpjYdr8dmvghzjEAout8uibPWaIqs63RCAPGPqgWLfxNO5c8+y8V
+LZMVOTV26l2olkkdBWAuhLqKTNh6TiQva03yhOgHWj4XDvFfxICWPFXVd6t5ELpD
+iApGu1OAj8JfhmzbG03Yzx+Ku7bWDxMonx3V/IDEu5LS5zrboHYDKCA53bXXghoi
+Aceqql+PKrDwEjoY4bptwMHLmcjGjdCQ//Qx1neho7nZcS7xjTucY8gQuulwCyXF
+y6wM+wMz8dunIG9gw4+Re6c4Rz9tX1kzxLrU7Pl21tMqfg==
+=0N/9
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
--- a/integrations/api_issue_label_test.go
+++ b/integrations/api_issue_label_test.go
@@ -54,8 +54,9 @@ func TestAPIReplaceIssueLabels(t *testing.T) {
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
-	assert.Len(t, apiLabels, 1)
-	assert.EqualValues(t, label.ID, apiLabels[0].ID)
+	if assert.Len(t, apiLabels, 1) {
+		assert.EqualValues(t, label.ID, apiLabels[0].ID)
+	}

 	models.AssertCount(t, &models.IssueLabel{IssueID: issue.ID}, 1)
 	models.AssertExistsAndLoadBean(t, &models.IssueLabel{IssueID: issue.ID, LabelID: label.ID})
--- a/integrations/api_repo_raw_test.go
+++ b/integrations/api_repo_raw_test.go
@@ -0,0 +1,31 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"testing"
+
+	"code.gitea.io/gitea/models"
+)
+
+func TestAPIReposRaw(t *testing.T) {
+	prepareTestEnv(t)
+	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
+	// Login as User2.
+	session := loginUser(t, user.Name)
+
+	for _, ref := range [...]string{
+		"master", // Branch
+		"v1.1",   // Tag
+		"65f1bf27bc3bf70f64657658635e66094edbcb4d", // Commit
+	} {
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md", user.Name, ref)
+		session.MakeRequest(t, req, http.StatusOK)
+	}
+	// Test default branch
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md", user.Name)
+	session.MakeRequest(t, req, http.StatusOK)
+}
--- a/integrations/api_repo_test.go
+++ b/integrations/api_repo_test.go
@@ -5,8 +5,8 @@
 package integrations

 import (
+	"fmt"
 	"net/http"
-	"strings"
 	"testing"

 	"code.gitea.io/gitea/models"
@@ -33,23 +33,166 @@ func TestAPIUserReposNotLogin(t *testing.T) {
 	}
 }

-type searchResponseBody struct {
-	ok   bool
-	data []api.Repository
-}
-
-func TestAPISearchRepoNotLogin(t *testing.T) {
+func TestAPISearchRepo(t *testing.T) {
 	prepareTestEnv(t)
 	const keyword = "test"

 	req := NewRequestf(t, "GET", "/api/v1/repos/search?q=%s", keyword)
 	resp := MakeRequest(t, req, http.StatusOK)

-	var body searchResponseBody
+	var body api.SearchResults
 	DecodeJSON(t, resp, &body)
-	for _, repo := range body.data {
-		assert.True(t, strings.Contains(repo.Name, keyword))
+	assert.NotEmpty(t, body.Data)
+	for _, repo := range body.Data {
+		assert.Contains(t, repo.Name, keyword)
+		assert.False(t, repo.Private)
 	}
+
+	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 15}).(*models.User)
+	user2 := models.AssertExistsAndLoadBean(t, &models.User{ID: 16}).(*models.User)
+	user3 := models.AssertExistsAndLoadBean(t, &models.User{ID: 18}).(*models.User)
+	user4 := models.AssertExistsAndLoadBean(t, &models.User{ID: 20}).(*models.User)
+	orgUser := models.AssertExistsAndLoadBean(t, &models.User{ID: 17}).(*models.User)
+
+	// Map of expected results, where key is user for login
+	type expectedResults map[*models.User]struct {
+		count           int
+		repoOwnerID     int64
+		repoName        string
+		includesPrivate bool
+	}
+
+	testCases := []struct {
+		name, requestURL string
+		expectedResults
+	}{
+		{name: "RepositoriesMax50", requestURL: "/api/v1/repos/search?limit=50", expectedResults: expectedResults{
+			nil:   {count: 15},
+			user:  {count: 15},
+			user2: {count: 15}},
+		},
+		{name: "RepositoriesMax10", requestURL: "/api/v1/repos/search?limit=10", expectedResults: expectedResults{
+			nil:   {count: 10},
+			user:  {count: 10},
+			user2: {count: 10}},
+		},
+		{name: "RepositoriesDefaultMax10", requestURL: "/api/v1/repos/search", expectedResults: expectedResults{
+			nil:   {count: 10},
+			user:  {count: 10},
+			user2: {count: 10}},
+		},
+		{name: "RepositoriesByName", requestURL: fmt.Sprintf("/api/v1/repos/search?q=%s", "big_test_"), expectedResults: expectedResults{
+			nil:   {count: 7, repoName: "big_test_"},
+			user:  {count: 7, repoName: "big_test_"},
+			user2: {count: 7, repoName: "big_test_"}},
+		},
+		{name: "RepositoriesAccessibleAndRelatedToUser", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user.ID), expectedResults: expectedResults{
+			nil:   {count: 4},
+			user:  {count: 8, includesPrivate: true},
+			user2: {count: 4}},
+		},
+		{name: "RepositoriesAccessibleAndRelatedToUser2", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user2.ID), expectedResults: expectedResults{
+			nil:   {count: 1},
+			user:  {count: 1},
+			user2: {count: 2, includesPrivate: true}},
+		},
+		{name: "RepositoriesAccessibleAndRelatedToUser3", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user3.ID), expectedResults: expectedResults{
+			nil:   {count: 1},
+			user:  {count: 1},
+			user2: {count: 1},
+			user3: {count: 4, includesPrivate: true}},
+		},
+		{name: "RepositoriesOwnedByOrganization", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", orgUser.ID), expectedResults: expectedResults{
+			nil:   {count: 1, repoOwnerID: orgUser.ID},
+			user:  {count: 2, repoOwnerID: orgUser.ID, includesPrivate: true},
+			user2: {count: 1, repoOwnerID: orgUser.ID}},
+		},
+		{name: "RepositoriesAccessibleAndRelatedToUser4", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d", user4.ID), expectedResults: expectedResults{
+			nil:   {count: 3},
+			user:  {count: 3},
+			user4: {count: 6, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeSource", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "source"), expectedResults: expectedResults{
+			nil:   {count: 0},
+			user:  {count: 0},
+			user4: {count: 0, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "fork"), expectedResults: expectedResults{
+			nil:   {count: 1},
+			user:  {count: 1},
+			user4: {count: 2, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeFork/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "fork"), expectedResults: expectedResults{
+			nil:   {count: 1},
+			user:  {count: 1},
+			user4: {count: 2, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "mirror"), expectedResults: expectedResults{
+			nil:   {count: 2},
+			user:  {count: 2},
+			user4: {count: 4, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeMirror/Exclusive", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s&exclusive=1", user4.ID, "mirror"), expectedResults: expectedResults{
+			nil:   {count: 1},
+			user:  {count: 1},
+			user4: {count: 2, includesPrivate: true}}},
+		{name: "RepositoriesAccessibleAndRelatedToUser4/SearchModeCollaborative", requestURL: fmt.Sprintf("/api/v1/repos/search?uid=%d&mode=%s", user4.ID, "collaborative"), expectedResults: expectedResults{
+			nil:   {count: 0},
+			user:  {count: 0},
+			user4: {count: 0, includesPrivate: true}}},
+	}
+
+	for _, testCase := range testCases {
+		t.Run(testCase.name, func(t *testing.T) {
+			for userToLogin, expected := range testCase.expectedResults {
+				var session *TestSession
+				var testName string
+				var userID int64
+				if userToLogin != nil && userToLogin.ID > 0 {
+					testName = fmt.Sprintf("LoggedUser%d", userToLogin.ID)
+					session = loginUser(t, userToLogin.Name)
+					userID = userToLogin.ID
+				} else {
+					testName = "AnonymousUser"
+					session = emptyTestSession(t)
+				}
+
+				t.Run(testName, func(t *testing.T) {
+					request := NewRequest(t, "GET", testCase.requestURL)
+					response := session.MakeRequest(t, request, http.StatusOK)
+
+					var body api.SearchResults
+					DecodeJSON(t, response, &body)
+
+					assert.Len(t, body.Data, expected.count)
+					for _, repo := range body.Data {
+						r := getRepo(t, repo.ID)
+						hasAccess, err := models.HasAccess(userID, r, models.AccessModeRead)
+						assert.NoError(t, err)
+						assert.True(t, hasAccess)
+
+						assert.NotEmpty(t, repo.Name)
+
+						if len(expected.repoName) > 0 {
+							assert.Contains(t, repo.Name, expected.repoName)
+						}
+
+						if expected.repoOwnerID > 0 {
+							assert.Equal(t, expected.repoOwnerID, repo.Owner.ID)
+						}
+
+						if !expected.includesPrivate {
+							assert.False(t, repo.Private)
+						}
+					}
+				})
+			}
+		})
+	}
+}
+
+var repoCache = make(map[int64]*models.Repository)
+
+func getRepo(t *testing.T, repoID int64) *models.Repository {
+	if _, ok := repoCache[repoID]; !ok {
+		repoCache[repoID] = models.AssertExistsAndLoadBean(t, &models.Repository{ID: repoID}).(*models.Repository)
+	}
+	return repoCache[repoID]
 }

 func TestAPIViewRepo(t *testing.T) {
--- a/integrations/branches_test.go
+++ b/integrations/branches_test.go
@@ -0,0 +1,79 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"net/url"
+	"testing"
+
+	"github.com/PuerkitoBio/goquery"
+	"github.com/Unknwon/i18n"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestViewBranches(t *testing.T) {
+	prepareTestEnv(t)
+
+	req := NewRequest(t, "GET", "/user2/repo1/branches")
+	resp := MakeRequest(t, req, http.StatusOK)
+
+	htmlDoc := NewHTMLParser(t, resp.Body)
+	_, exists := htmlDoc.doc.Find(".delete-branch-button").Attr("data-url")
+	assert.False(t, exists, "The template has changed")
+}
+
+func TestDeleteBranch(t *testing.T) {
+	prepareTestEnv(t)
+
+	deleteBranch(t)
+}
+
+func TestUndoDeleteBranch(t *testing.T) {
+	prepareTestEnv(t)
+
+	deleteBranch(t)
+	htmlDoc, name := branchAction(t, ".undo-button")
+	assert.Contains(t,
+		htmlDoc.doc.Find(".ui.positive.message").Text(),
+		i18n.Tr("en", "repo.branch.restore_success", name),
+	)
+}
+
+func deleteBranch(t *testing.T) {
+	htmlDoc, name := branchAction(t, ".delete-branch-button")
+	assert.Contains(t,
+		htmlDoc.doc.Find(".ui.positive.message").Text(),
+		i18n.Tr("en", "repo.branch.deletion_success", name),
+	)
+}
+
+func branchAction(t *testing.T, button string) (*HTMLDoc, string) {
+	session := loginUser(t, "user2")
+	req := NewRequest(t, "GET", "/user2/repo1/branches")
+	resp := session.MakeRequest(t, req, http.StatusOK)
+
+	htmlDoc := NewHTMLParser(t, resp.Body)
+	link, exists := htmlDoc.doc.Find(button).Attr("data-url")
+	assert.True(t, exists, "The template has changed")
+
+	htmlDoc = NewHTMLParser(t, resp.Body)
+	req = NewRequestWithValues(t, "POST", link, map[string]string{
+		"_csrf": getCsrf(htmlDoc.doc),
+	})
+	resp = session.MakeRequest(t, req, http.StatusOK)
+
+	url, err := url.Parse(link)
+	assert.NoError(t, err)
+	req = NewRequest(t, "GET", "/user2/repo1/branches")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+
+	return NewHTMLParser(t, resp.Body), url.Query()["name"][0]
+}
+
+func getCsrf(doc *goquery.Document) string {
+	csrf, _ := doc.Find("meta[name=\"_csrf\"]").Attr("content")
+	return csrf
+}
--- a/integrations/delete_user_test.go
+++ b/integrations/delete_user_test.go
@@ -5,13 +5,26 @@
 package integrations

 import (
+	"fmt"
 	"net/http"
 	"testing"

 	"code.gitea.io/gitea/models"
 )

-func TestDeleteUser(t *testing.T) {
+func assertUserDeleted(t *testing.T, userID int64) {
+	models.AssertNotExistsBean(t, &models.User{ID: userID})
+	models.AssertNotExistsBean(t, &models.Follow{UserID: userID})
+	models.AssertNotExistsBean(t, &models.Follow{FollowID: userID})
+	models.AssertNotExistsBean(t, &models.Repository{OwnerID: userID})
+	models.AssertNotExistsBean(t, &models.Access{UserID: userID})
+	models.AssertNotExistsBean(t, &models.OrgUser{UID: userID})
+	models.AssertNotExistsBean(t, &models.IssueUser{UID: userID})
+	models.AssertNotExistsBean(t, &models.TeamUser{UID: userID})
+	models.AssertNotExistsBean(t, &models.Star{UID: userID})
+}
+
+func TestAdminDeleteUser(t *testing.T) {
 	prepareTestEnv(t)

 	session := loginUser(t, "user1")
@@ -22,6 +35,36 @@ func TestDeleteUser(t *testing.T) {
 	})
 	session.MakeRequest(t, req, http.StatusOK)

-	models.AssertNotExistsBean(t, &models.User{ID: 8})
+	assertUserDeleted(t, 8)
 	models.CheckConsistencyFor(t, &models.User{})
 }
+
+func TestUserDeleteAccount(t *testing.T) {
+	prepareTestEnv(t)
+
+	session := loginUser(t, "user8")
+	csrf := GetCSRF(t, session, "/user/settings/delete")
+	urlStr := fmt.Sprintf("/user/settings/delete?password=%s", userPassword)
+	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
+		"_csrf": csrf,
+	})
+	session.MakeRequest(t, req, http.StatusFound)
+
+	assertUserDeleted(t, 8)
+	models.CheckConsistencyFor(t, &models.User{})
+}
+
+func TestUserDeleteAccountStillOwnRepos(t *testing.T) {
+	prepareTestEnv(t)
+
+	session := loginUser(t, "user2")
+	csrf := GetCSRF(t, session, "/user/settings/delete")
+	urlStr := fmt.Sprintf("/user/settings/delete?password=%s", userPassword)
+	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
+		"_csrf": csrf,
+	})
+	session.MakeRequest(t, req, http.StatusFound)
+
+	// user should not have been deleted, because the user still owns repos
+	models.AssertExistsAndLoadBean(t, &models.User{ID: 2})
+}
--- a/integrations/editor_test.go
+++ b/integrations/editor_test.go
@@ -43,16 +43,15 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {

 	csrf := GetCSRF(t, session, "/user2/repo1/settings/branches")
 	// Change master branch to protected
-	req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches?action=protected_branch", map[string]string{
-		"_csrf":      csrf,
-		"branchName": "master",
-		"canPush":    "true",
+	req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/master", map[string]string{
+		"_csrf":     csrf,
+		"protected": "on",
 	})
-	resp := session.MakeRequest(t, req, http.StatusOK)
+	resp := session.MakeRequest(t, req, http.StatusFound)
 	// Check if master branch has been locked successfully
 	flashCookie := session.GetCookie("macaron_flash")
 	assert.NotNil(t, flashCookie)
-	assert.EqualValues(t, flashCookie.Value, "success%3Dmaster%2BLocked%2Bsuccessfully")
+	assert.EqualValues(t, "success%3DBranch%2Bmaster%2Bprotect%2Boptions%2Bchanged%2Bsuccessfully.", flashCookie.Value)

 	// Request editor page
 	req = NewRequest(t, "GET", "/user2/repo1/_new/master/")
@@ -74,12 +73,23 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	// Check body for error message
 	assert.Contains(t, string(resp.Body), "Can not commit to protected branch &#39;master&#39;.")
+
+	// remove the protected branch
+	csrf = GetCSRF(t, session, "/user2/repo1/settings/branches")
+	// Change master branch to protected
+	req = NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches/master", map[string]string{
+		"_csrf":     csrf,
+		"protected": "off",
+	})
+	resp = session.MakeRequest(t, req, http.StatusFound)
+	// Check if master branch has been locked successfully
+	flashCookie = session.GetCookie("macaron_flash")
+	assert.NotNil(t, flashCookie)
+	assert.EqualValues(t, "success%3DBranch%2Bmaster%2Bprotect%2Boptions%2Bremoved%2Bsuccessfully", flashCookie.Value)
+
 }

-func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePath string) *TestResponse {
-
-	newContent := "Hello, World (Edited)\n"
-
+func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePath, newContent string) *TestResponse {
 	// Get to the 'edit this file' page
 	req := NewRequest(t, "GET", path.Join(user, repo, "_edit", branch, filePath))
 	resp := session.MakeRequest(t, req, http.StatusOK)
@@ -101,16 +111,14 @@ func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePa
 	resp = session.MakeRequest(t, req, http.StatusFound)

 	// Verify the change
-	req = NewRequest(t, "GET", path.Join(user, repo, "raw", branch, filePath))
+	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", branch, filePath))
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	assert.EqualValues(t, newContent, string(resp.Body))

 	return resp
 }

-func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, branch, targetBranch, filePath string) *TestResponse {
-
-	newContent := "Hello, World (Edited)\n"
+func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, branch, targetBranch, filePath, newContent string) *TestResponse {

 	// Get to the 'edit this file' page
 	req := NewRequest(t, "GET", path.Join(user, repo, "_edit", branch, filePath))
@@ -134,7 +142,7 @@ func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, bra
 	resp = session.MakeRequest(t, req, http.StatusFound)

 	// Verify the change
-	req = NewRequest(t, "GET", path.Join(user, repo, "raw", targetBranch, filePath))
+	req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", targetBranch, filePath))
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	assert.EqualValues(t, newContent, string(resp.Body))

@@ -144,11 +152,11 @@ func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, bra
 func TestEditFile(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user2")
-	testEditFile(t, session, "user2", "repo1", "master", "README.md")
+	testEditFile(t, session, "user2", "repo1", "master", "README.md", "Hello, World (Edited)\n")
 }

 func TestEditFileToNewBranch(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user2")
-	testEditFileToNewBranch(t, session, "user2", "repo1", "master", "feature/test", "README.md")
+	testEditFileToNewBranch(t, session, "user2", "repo1", "master", "feature/test", "README.md", "Hello, World (Edited)\n")
 }
--- a/integrations/git_test.go
+++ b/integrations/git_test.go
@@ -0,0 +1,60 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"context"
+	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"os"
+	"path/filepath"
+	"testing"
+	"time"
+
+	"code.gitea.io/git"
+
+	"github.com/Unknwon/com"
+	"github.com/stretchr/testify/assert"
+)
+
+func onGiteaWebRun(t *testing.T, callback func(*testing.T, string)) {
+	s := http.Server{
+		Handler: mac,
+	}
+
+	listener, err := net.Listen("tcp", "")
+	assert.NoError(t, err)
+
+	defer func() {
+		ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
+		s.Shutdown(ctx)
+		cancel()
+	}()
+
+	go s.Serve(listener)
+
+	_, port, err := net.SplitHostPort(listener.Addr().String())
+	assert.NoError(t, err)
+
+	callback(t, fmt.Sprintf("http://localhost:%s/", port))
+}
+
+func TestClone_ViaHTTP_NoLogin(t *testing.T) {
+	prepareTestEnv(t)
+
+	onGiteaWebRun(t, func(t *testing.T, urlPrefix string) {
+		dstPath, err := ioutil.TempDir("", "repo1")
+		assert.NoError(t, err)
+		defer os.RemoveAll(dstPath)
+
+		err = git.Clone(fmt.Sprintf("%suser2/repo1.git", urlPrefix),
+			dstPath, git.CloneRepoOptions{})
+		assert.NoError(t, err)
+
+		assert.True(t, com.IsExist(filepath.Join(dstPath, "README.md")))
+	})
+}
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/HEAD
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/HEAD
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/config
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/config
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/description
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/description
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/applypatch-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/applypatch-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-receive
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-receive
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-receive.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-receive.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/post-update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-applypatch.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-applypatch.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-commit.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-commit.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-push.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-push.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-rebase.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-rebase.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-receive
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-receive
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-receive.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/pre-receive.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/prepare-commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/prepare-commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/hooks/update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/info/exclude
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/info/exclude
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/info/refs
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/info/refs
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/2a/2f1d4670728a2e10049e345bd7a276468beab6
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/2a/2f1d4670728a2e10049e345bd7a276468beab6
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/4b/4851ad51df6a7d9f25c979345979eaeb5b349f
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/4b/4851ad51df6a7d9f25c979345979eaeb5b349f
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/65/f1bf27bc3bf70f64657658635e66094edbcb4d
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/65/f1bf27bc3bf70f64657658635e66094edbcb4d
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/info/packs
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/objects/info/packs
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/DefaultBranch
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/DefaultBranch
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/develop
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/develop
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/feature/1
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/feature/1
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/master
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo1.git/refs/heads/master
--- a/integrations/gitea-repositories-meta/user2/repo1.git/refs/tags/v1.1
+++ b/integrations/gitea-repositories-meta/user2/repo1.git/refs/tags/v1.1
@@ -0,0 +1 @@
+65f1bf27bc3bf70f64657658635e66094edbcb4d
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/HEAD
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/HEAD
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/config
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/config
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/description
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/description
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/applypatch-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/applypatch-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-receive
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-receive
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-receive.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-receive.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/post-update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-applypatch.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-applypatch.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-commit.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-commit.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-push.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-push.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-rebase.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-rebase.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-receive
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-receive
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-receive.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/pre-receive.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/prepare-commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/prepare-commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update.d/gitea
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update.d/gitea
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/hooks/update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/info/exclude
+++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo15.git/info/exclude
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/HEAD
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/HEAD
--- a/integrations/gitea-repositories-meta/user2/repo16.git/config
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/config
@@ -0,0 +1,4 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = true
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/description
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/description
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/applypatch-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/applypatch-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/post-update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/post-update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-applypatch.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-applypatch.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-commit.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-commit.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-push.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-push.sample
--- a/integrations/gitea-repositories-meta/user2/repo16.git/hooks/pre-rebase.sample
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/hooks/pre-rebase.sample
@@ -0,0 +1,169 @@
+#!/bin/sh
+#
+# Copyright (c) 2006, 2008 Junio C Hamano
+#
+# The "pre-rebase" hook is run just before "git rebase" starts doing
+# its job, and can prevent the command from running by exiting with
+# non-zero status.
+#
+# The hook is called with the following parameters:
+#
+# $1 -- the upstream the series was forked from.
+# $2 -- the branch being rebased (or empty when rebasing the current branch).
+#
+# This sample shows how to prevent topic branches that are already
+# merged to 'next' branch from getting rebased, because allowing it
+# would result in rebasing already published history.
+
+publish=next
+basebranch="$1"
+if test "$#" = 2
+then
+	topic="refs/heads/$2"
+else
+	topic=`git symbolic-ref HEAD` ||
+	exit 0 ;# we do not interrupt rebasing detached HEAD
+fi
+
+case "$topic" in
+refs/heads/??/*)
+	;;
+*)
+	exit 0 ;# we do not interrupt others.
+	;;
+esac
+
+# Now we are dealing with a topic branch being rebased
+# on top of master.  Is it OK to rebase it?
+
+# Does the topic really exist?
+git show-ref -q "$topic" || {
+	echo >&2 "No such branch $topic"
+	exit 1
+}
+
+# Is topic fully merged to master?
+not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
+if test -z "$not_in_master"
+then
+	echo >&2 "$topic is fully merged to master; better remove it."
+	exit 1 ;# we could allow it, but there is no point.
+fi
+
+# Is topic ever merged to next?  If so you should not be rebasing it.
+only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
+only_next_2=`git rev-list ^master           ${publish} | sort`
+if test "$only_next_1" = "$only_next_2"
+then
+	not_in_topic=`git rev-list "^$topic" master`
+	if test -z "$not_in_topic"
+	then
+		echo >&2 "$topic is already up-to-date with master"
+		exit 1 ;# we could allow it, but there is no point.
+	else
+		exit 0
+	fi
+else
+	not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
+	/usr/bin/perl -e '
+		my $topic = $ARGV[0];
+		my $msg = "* $topic has commits already merged to public branch:\n";
+		my (%not_in_next) = map {
+			/^([0-9a-f]+) /;
+			($1 => 1);
+		} split(/\n/, $ARGV[1]);
+		for my $elem (map {
+				/^([0-9a-f]+) (.*)$/;
+				[$1 => $2];
+			} split(/\n/, $ARGV[2])) {
+			if (!exists $not_in_next{$elem->[0]}) {
+				if ($msg) {
+					print STDERR $msg;
+					undef $msg;
+				}
+				print STDERR " $elem->[1]\n";
+			}
+		}
+	' "$topic" "$not_in_next" "$not_in_master"
+	exit 1
+fi
+
+exit 0
+
+################################################################
+
+This sample hook safeguards topic branches that have been
+published from being rewound.
+
+The workflow assumed here is:
+
+ * Once a topic branch forks from "master", "master" is never
+   merged into it again (either directly or indirectly).
+
+ * Once a topic branch is fully cooked and merged into "master",
+   it is deleted.  If you need to build on top of it to correct
+   earlier mistakes, a new topic branch is created by forking at
+   the tip of the "master".  This is not strictly necessary, but
+   it makes it easier to keep your history simple.
+
+ * Whenever you need to test or publish your changes to topic
+   branches, merge them into "next" branch.
+
+The script, being an example, hardcodes the publish branch name
+to be "next", but it is trivial to make it configurable via
+$GIT_DIR/config mechanism.
+
+With this workflow, you would want to know:
+
+(1) ... if a topic branch has ever been merged to "next".  Young
+    topic branches can have stupid mistakes you would rather
+    clean up before publishing, and things that have not been
+    merged into other branches can be easily rebased without
+    affecting other people.  But once it is published, you would
+    not want to rewind it.
+
+(2) ... if a topic branch has been fully merged to "master".
+    Then you can delete it.  More importantly, you should not
+    build on top of it -- other people may already want to
+    change things related to the topic as patches against your
+    "master", so if you need further changes, it is better to
+    fork the topic (perhaps with the same name) afresh from the
+    tip of "master".
+
+Let's look at this example:
+
+		   o---o---o---o---o---o---o---o---o---o "next"
+		  /       /           /           /
+		 /   a---a---b A     /           /
+		/   /               /           /
+	       /   /   c---c---c---c B         /
+	      /   /   /             \         /
+	     /   /   /   b---b C     \       /
+	    /   /   /   /             \     /
+    ---o---o---o---o---o---o---o---o---o---o---o "master"
+
+
+A, B and C are topic branches.
+
+ * A has one fix since it was merged up to "next".
+
+ * B has finished.  It has been fully merged up to "master" and "next",
+   and is ready to be deleted.
+
+ * C has not merged to "next" at all.
+
+We would want to allow C to be rebased, refuse A, and encourage
+B to be deleted.
+
+To compute (1):
+
+	git rev-list ^master ^topic next
+	git rev-list ^master        next
+
+	if these match, topic has not merged in next at all.
+
+To compute (2):
+
+	git rev-list master..topic
+
+	if this is empty, it is fully merged to "master".
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-receive.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/pre-receive.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/prepare-commit-msg.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/prepare-commit-msg.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/update.sample
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/hooks/update.sample
--- a/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/info/exclude
+++ b/integrations/gitea-integration-meta/gitea-repositories/user3/repo3.git/info/exclude
--- a/integrations/gitea-repositories-meta/user2/repo16.git/objects/0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/objects/0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1
--- a/integrations/gitea-repositories-meta/user2/repo16.git/objects/24/f83a471f77579fea57bac7255d6e64e70fce1c
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/objects/24/f83a471f77579fea57bac7255d6e64e70fce1c
--- a/integrations/gitea-repositories-meta/user2/repo16.git/objects/27/566bd5738fc8b4e3fef3c5e72cce608537bd95
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/objects/27/566bd5738fc8b4e3fef3c5e72cce608537bd95
--- a/integrations/gitea-repositories-meta/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f
@@ -0,0 +1 @@
+x+)JMU06g040031Q(JML<4D>M<EFBFBD><4D>MaXbR<62><52>10<31>-&<26><>C<EFBFBD><43><EFBFBD>˒<EFBFBD><CB92>=<3D>,
--- a/integrations/gitea-repositories-meta/user2/repo16.git/objects/45/8121ce9a6b855c9733bae62093caf3f39685de
+++ b/integrations/gitea-repositories-meta/user2/repo16.git/objects/45/8121ce9a6b855c9733bae62093caf3f39685de
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				`x+)JMU06g040031Q(JML<4D>M<EFBFBD><4D>MaXbR<62><52>10<31>-&<26><>C<EFBFBD><43><EFBFBD>˒<EFBFBD><CB92>=<3D>,`