Changelog for release 1.2.3 (#2840)

* Only check at least one email gpg key (#2266)

* Only require one email (possibly not yet validated)

* Update message error and check validation of commit

* Add integrations tests

* Complete integration for import

* Add pre-check/optimization

* Add some test (not finished)

* Finish

* Fix fixtures

* Fix typo

* Don't guess key ID

* Make repo private to no interfere with other tests (#2467)

* GPG key email verification no longer case sensitive (#2661) (#2663)

* GPG key email verification no longer case sensitive (#2661)

* case insensitive GPG key email verification now cached (#2661)

Signed-off-by: Julian Scholle <julian.scholle@googlemail.com>

.drone.yml

@@ -2,12 +2,13 @@ workspace:
   base: /srv/app
   path: src/code.gitea.io/gitea
 
-pipeline:
-  clone:
-    image: plugins/git
+clone:
+  git:
+    image: plugins/git:1
     depth: 50
     tags: true
 
+pipeline:
   build:
     image: webhippie/golang:edge
     pull: true
@@ -15,7 +16,6 @@ pipeline:
       TAGS: bindata sqlite
       GOPATH: /srv/app
     commands:
-      - apk -U add openssh-client
       - make clean
       - make generate
       - make vet
@@ -34,35 +34,21 @@ pipeline:
       TAGS: bindata sqlite
       GOPATH: /srv/app
     commands:
-      - apk -U add openssh-client
       - make test
     when:
       event: [ tag, pull_request ]
 
-  test-coverage:
-    image: webhippie/golang:edge
-    pull: true
-    environment:
-      TAGS: bindata sqlite
-      GOPATH: /srv/app
-    commands:
-      - apk -U add openssh-client
-      - go get github.com/wadey/gocovmerge
-      - make test-coverage
-    when:
-      event: [ push ]
-      branch: master
-
-  test-sqlite:
-    image: webhippie/golang:edge
-    pull: true
-    environment:
-      TAGS: bindata
-      GOPATH: /srv/app
-    commands:
-      - echo "Needs to be fixed" # make test-sqlite
-    when:
-      event: [ push, tag, pull_request ]
+  # Commented until db locking have been resolved!
+  # test-sqlite:
+  #   image: webhippie/golang:edge
+  #   pull: true
+  #   environment:
+  #     TAGS: bindata
+  #     GOPATH: /srv/app
+  #   commands:
+  #     - make test-sqlite
+  #   when:
+  #     event: [ push, tag, pull_request ]
 
   test-mysql:
     image: webhippie/golang:edge
@@ -97,25 +83,19 @@ pipeline:
     when:
       event: [ push, tag ]
 
-  # coverage:
-  #   image: plugins/coverage
-  #   server: https://coverage.gitea.io
-  #   when:
-  #     event: [ push ]
-  #     branch: master
-
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ '${DRONE_TAG##v}' ]
     when:
       event: [ tag ]
-      branch: [ refs/tags/* ]
 
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ '${DRONE_BRANCH##release/v}' ]
     when:
@@ -123,8 +103,9 @@ pipeline:
       branch: [ release/* ]
 
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ 'latest' ]
     when:
@@ -132,17 +113,24 @@ pipeline:
       branch: [ master ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
     target: /gitea/${DRONE_TAG##v}
     when:
       event: [ tag ]
-      branch: [ refs/tags/* ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
@@ -152,7 +140,11 @@ pipeline:
       branch: [ release/* ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ aws_access_key_id, aws_secret_access_key ]
+    bucket: releases
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
@@ -162,17 +154,18 @@ pipeline:
       branch: [ master ]
 
   github:
-    image: plugins/github-release
+    image: plugins/github-release:1
+    pull: true
+    secrets: [ github_token ]
     files:
       - dist/release/*
     when:
       event: [ tag ]
-      branch: [ refs/tags/* ]
 
   discord:
-    image: appleboy/drone-discord:0.0.4
-    webhook_id: ${WEBHOOK_ID}
-    webhook_token: ${WEBHOOK_TOKEN}
+    image: appleboy/drone-discord:1.0.0
+    pull: true
+    secrets: [ discord_webhook_id, discord_webhook_token ]
     when:
       event: [ push, tag, pull_request ]
       status: [ changed, failure ]

CHANGELOG.md

@@ -1,46 +1,116 @@
 # Changelog
-
-## [1.2.0-rc2](https://github.com/go-gitea/gitea/releases/tag/v1.2.0-rc2) - 2017-09-06
+## [1.2.3](https://github.com/go-gitea/gitea/releases/tag/v1.2.3) - 2017-11-03
 * BUGFIXES
-  * Fix migration from pre-v15 to 1.2.0 (#2460)
-  * Fix autolink javascript bug
-  * Fix releases to be counted from database not tags (#2389)
-  * fix duplicated feed (#2370)
-  * Set version to 1.2.0-dev
+  * Only require one email when validating GPG key (#2266, #2467, #2663) (#2788)
+  * Fix order of comments (#2835) (#2839)
 
-## [1.2.0-rc1](https://github.com/go-gitea/gitea/releases/tag/v1.2.0-rc1) - 2017-08-25
+## [1.2.2](https://github.com/go-gitea/gitea/releases/tag/v1.2.2) - 2017-10-26
+* BUGFIXES
+  * Add checks for commits with missing author and time (#2771) (#2785)
+  * Fix sending mail with a non-latin display name (#2559) (#2783)
+  * Sync MaxGitDiffLineCharacters with conf/app.ini (#2779) (#2780)
+  * Update vendor git (#2765) (#2772)
+  * Fix emojify image URL (#2769) (#2773)
+
+## [1.2.1](https://github.com/go-gitea/gitea/releases/tag/v1.2.1) - 2017-10-16
+* BUGFIXES
+  * Fix PR, milestone and label functionality if issue unit is disabled (#2710) (#2714)
+  * Fix plain readme didn't render correctly on repo home page (#2705) (#2712)
+  * Fix so that user can still fork his own repository to his organizations (#2699) (#2707)
+  * Fix .netrc authentication (#2700) (#2708)
+  * Fix slice out of bounds error in mailer (#2479) (#2696)
+
+## [1.2.0](https://github.com/go-gitea/gitea/releases/tag/v1.2.0) - 2017-10-10
+* SECURITY
+  * Sanitation fix from Gogs (#1461)
 * BREAKING
   * Rename /forget_password url to /forgot_password (#1219)
-  * SSH keys management URL changed from `/user/settings/ssh` to `/user/settings/keys` (#1293)
 * FEATURE
-  * API: support '/orgs/:org/repos' (#2047)
-  * Add Gitea Webhook (#1755)
-  * Display all organization from user settings (#1739)
-  * Show commit status icon in commits table (#1688)
-  * Adding #issuecomment to the URL in E-Mail notifications (#1674)
-  * feat: add download count field and unit testing for attachment. (#1512)
-  * Add repo mirror sync API endpoint (#1508)
-  * Add markup package to prepare for org markup format (#1493)
-  * Repo size in admin panel (#1482)
-  * LDAP user synchronization (#1478)
-  * Support for custom html meta  (#1423)
-  * [Notifications Step 6] Per issue/PR watch/unwatch (#1410)
-  * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
-  * Fix FCGI (over TCP) support (#1368)
+  * Logo: Add task to generate images from SVG and change to new logo (#2194)
   * Status-API (#1332)
-  * Show user OpenID URIs in their profile (#1314)
-  * Add change-password admin command (#1304)
-  * feat: Only use issue and wiki on repo. (#1297)
-  * Rework SSH key management UI to add GPG (#1293)
-  * Allow push to init a wiki repo (#1279)
-  * GPG commit validation (#1150)
-  * Dockerfile for aarch64 (#1128) (#1130)
+  * Show commit status icon in commits table (#1688)
   * Additional OAuth2 providers (#1010)
-  * Add units to team (#947)
-  * Batch updates for issues (#926)
+  * GPG commit validation (#1150)
+  * Rework SSH key management UI to add GPG (#1293)
   * Implement GPG api (#710)
   * Login via OpenID-2.0 (#618)
+  * Add units to team (#947)
+  * Batch updates for issues (#926)
+  * Add Gitea Webhook (#1755)
+  * API: support '/orgs/:org/repos' (#2047)
+  * Display all organization from user settings (#1739)
+  * LDAP user synchronization (#1478)
+  * Adding #issuecomment to the URL in E-Mail notifications (#1674)
+  * Add download count field and unit testing for attachment. (#1512)
+  * Add repo mirror sync API endpoint (#1508)
+  * Add markup package to prepare for org markup format (#1493)
+  * Support for custom html meta  (#1423)
+  * Per issue/PR watch/unwatch (#1410)
+  * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369)
+  * Repo size in admin panel (#1482)
+  * Show user OpenID URIs in their profile (#1314)
+  * Add change-password admin command (#1304)
+  * Only use issue and wiki on repo. (#1297)
+  * Allow push to init a wiki repo (#1279)
+* ENHANCEMENT
+  * Make time diff translatable (#2057)
+  * Smaller watch, star, and fork buttons (#2052)
+  * Display config file path on admin panel (#2030)
+  * Only show SSH clone URL if signed in (#2169) (#2170)
+  * Only show "No Description" to repo admins (#2167)
+  * Always return valid go-get meta, even if unauthorized (#2010)
+  * Enable assignee e-mail notification (#2003)
+  * Let not-logged-in users view releases (#1999)
+  * No highlighting for .txt files (#1922)
+  * Make side nav on dashboard stackable (#1778)
+  * Setting to disable authorized_keys backup (#1856)
+  * Hide the create organization button (in dashboard/organization section) (#1705)
+  * LFS: Return 404 for unimplemented endpoints (#1330)
+  * Show a link to password reset from user settings requiring a password (#862)
+  * Reserve the "explore" user/org name (#1222)
+  * Send notifications to partecipants in issue comments (#1217)
+  * Improve style of user OpenID setting page (#1324)
+  * Use font-awesome OpenID icon more (#1320)
+  * Use readonly input form to show the validated OpenID URI (#1308)
+  * Add captcha support to OpenID based signup (#1307)
+  * Minor improvements on commit graph UI (#1380)
+  * Mirror sync interval specified as duration string (#1407)
+  * Make issue in commit graph "clickable" (#1392)
+  * Use whole button (commit graph) as link (#1390)
+  * Autofocus on 2fa passcode fields (#1460)
+  * Sort on repo size in admin panel (#1654)
+  * Improve dashboard repo search (#1652)
+  * Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
+  * Adds Parent property to the repo API (#1687)
+  * Add configuration option for default permission to create Organizations (#1686)
+  * Remove sha1 hash display in repository table (#1678)
+  * Download files to their original filename (#1676)
+  * Exposes in API the Repo entity's Size and IsBare property (#1668)
+  * Change two factor code entry box from text to number (#1733)
+  * Directly show error if user hit repository limit  (#1767)
+  * Generate small and large logos at 4x resolution (#2233)
+  * Tags listed in releases tab (#2389) (#2424)
 * BUGFIXES
+  * Fix adding branch as protected to not allow pushing to it (#2556)
+  * Orgs: fix org page title when full name is not defined (#1495)
+  * Fix double borders on edit page (#1152) (#1153)
+  * Search bar fixes for #1187 and #1205 (#1207)
+  * Fix upgrade failed after ever rollback (#1194)
+  * Fix FCGI (over TCP) support (#1368)
+  * Backport of migration fixes (#2604) (#2677)
+  * fix panic on gogs webhook creation (#2675) (#2676)
+  * Backport: Fixes 500 error on dashboard when using MSSQL (#2504) (#2662)
+  * Fix go get response if only app URL is custom in configuration (#2634) (#2640)
+  * Fix deletion of unprotected branches (#2630)
+  * Backport of 2611 / Fix doubled issue tab introduced in migration v16 (#2622)
+  * v38 migration used an outdated version of RepoUnit model (#2602)
+  * fix go get subpackage bug (#2584) (#2589)
+  * Backport: Sync releases table with tags on push and for mirrors (#2459) (#2554)
+  * Backport: Restricting access to fork functioanlity to users with Code access (#2542)
+  * Fix migration from pre-v15 to 1.2.0 (#2460) (#2465)
+  * Fix migration from pre-v15 to 1.2.0 (#2460)
+  * fix duplicated feed (#2370) (#2413)
+  * Fix releases to be counted from database not tags (#2389)
   * Fix missing collabrative repos (#2367) (#2382)
   * Add more test for login links and fix a bug on action retrieve (#2361)
   * Fix SQL condition bug in GetFeeds(..) (#2360)
@@ -232,131 +302,8 @@
   * Bug fixed for delete repo failed (#1193)
   * Fix migration failed when authorized_keys is not exist (#1180)
   * Fix ini format incomiptable with crowdin (#1177)
-* ENHANCEMENT
-  * Move 3rd party js/css into `public/vendor` and document sources (#2383)
-  * Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
-  * Fix variable name typo (#2327)
-  * Make use of Vue more universal (#2318)
-  * Remove (almost) server side data rendering from repo-search component (#2317)
-  * Add OpenID configuration in install page (#2276)
-  * More tweaks to repo top panel (#2267)
-  * File path tweaks in UI (#2264)
-  * Make SHOW_USER_EMAIL also apply to profiles (#2258)
-  * EnableUnit() -> UnitEnabled() (#2242)
-  * Prevent selection of diff line numbers (#2240)
-  * Generate small and large logos at 4x resolution (#2233)
-  * remove unused variable on makefile (#2225)
-  * No error log entries for repo 404 (#2200)
-  * Add task to generate images from SVG and change to new logo (#2194)
-  * Refactor vue delimeters to use es6 template delimeters (#2171)
-  * Only show SSH clone URL if signed in (#2169) (#2170)
-  * Only show "No Description" to repo admins (#2167)
-  * fix: replace tmp with TMPDIR. (#2152)
-  * Remove unused files (#2124)
-  * Improve org error handling (#2117)
-  * Absolute path for setting.CustomConf (#2085)
-  * Integration tests for issues API (#2059)
-  * Make time diff translatable (#2057)
-  * Smaller watch, star, and fork buttons (#2052)
-  * remove deprecated code for Gogs compitable (#2041)
-  * Display config file path on admin panel (#2030)
-  * Refactor session close as xorm already does everything needed internally  (#2020)
-  * Always return valid go-get meta, even if unauthorized (#2010)
-  * Enable assignee e-mail notification (#2003)
-  * Let not-logged-in users view releases (#1999)
-  * SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
-  * Use monospace font in githook editor (#1958)
-  * Fix import order (#1951)
-  * Gracefully handle bare repositories on API operations. (#1932)
-  * Fix errors caused by force push (#1927)
-  * Display URLs in integration test logs (#1924)
-  * No highlighting for .txt files (#1922)
-  * Set TMPDIR enviroment variable for dump command (#1915)
-  * Cache ctx.User in retrieveFeeds (#1902)
-  * Make `LocalCopyPath` a setting instead of a hard-coded path (#1881)
-  * feat: add check misspelling (#1877)
-  * Fix misspelled variables (#1874)
-  * gofmt (#1868)
-  * Rename misnamed migration (#1867)
-  * Support CRLF when splitting code lines for display (#1862)
-  * feat: add convert less css file step. (#1861)
-  * Prevent accidential selection of line numbers in code view (#1860)
-  * Setting to disable authorized_keys backup (#1856)
-  * Delete Public SSH Key tmp file after calculating fingerprint (#1855)
-  * Remove annoying difference in button heights. (#1853)
-  * Use a better default MAX_GIT_DIFF_LINE_CHARACTERS (#1845)
-  * fix: only run test coverage on master branch. (#1838)
-  * fix: error from mktemp command in MacOS. (#1837)
-  * use writeTmpKeyFile in calcFingerprint (#1828)
-  * ROOT_URL setting use the default as shown in conf/app.ini (#1823)
-  * Make side nav on dashboard stackable (#1778)
-  * Directly show error if user hit repository limit  (#1767)
-  * Rename RepoCreationNum -> MaxCreationLimit (#1766)
-  * Add button to admin ui (#1738)
-  * Change two factor code entry box from text to number (#1733)
-  * gofmt (#1710)
-  * Hide the create organization button (in dashboard/organization section) (#1705)
-  * Correct spelling mistakes (#1703)
-  * Adds Parent property to the repo API (#1687)
-  * Add configuration option for default permission to create Organizations (#1686)
-  * Remove sha1 hash display in repository table (#1678)
-  * Download files to their original filename (#1676)
-  * Exposes in API the Repo entity's Size and IsBare property
- (#1668)
-  * gofmt (#1662)
-  * Sort on repo size in admin panel (#1654)
-  * Improve dashboard repo search (#1652)
-  * Update xorm to latest version (#1651)
-  * Make openid support default false for compitable with v1.1 (#1650)
-  * Send mails as HTML as default. Setting for send as plain text. (#1648)
-  * fix potential lock when sqlite (#1647)
-  * Optimize png images via Google zopflipng [ci skip] (#1639)
-  * Upgrade alpine to v3.5 in Dockerfile (#1633)
-  * remove unused vendor packages (#1620)
-  * markup: microoptimise for many short filenames in directory (#1534)
-  * support health check via / and fix #969 (#1520)
-  * Remove env user salt since no need to use (#1515)
-  * Drop db operations from hook commands (#1514)
-  * Better URL validation (#1507)
-  * Orgs: fix org page title when full name is not defined (#1495)
-  * Migrate WatchInfo struct to api (#1492)
-  * refactor: show command help message. (#1486)
-  * refactor update ssh key use time (#1466)
-  * Autofocus on 2fa passcode fields (#1460)
-  * Set VERSION from git once, in a variable (#1447)
-  * Remove unused mutex field (#1440)
-  * Mirror sync interval specified as duration string (#1407)
-  * Make issue in commit graph "clickable" (#1392)
-  * Use whole button (commit graph) as link (#1390)
-  * Simplify settings pages with item list (#1389)
-  * Minor improvements on commit graph UI (#1380)
-  * Clean-up PostgreSQL Tests (#1361)
-  * refactor: remove workaround after the golang 1.7 release. (#1349)
-  * Delete the useless code (#1335)
-  * Run "make fmt" with go-1.6 (#1333)
-  * LFS: Return 404 for unimplemented endpoints (#1330)
-  * Improve style of user OpenID setting page (#1324)
-  * Use font-awesome OpenID icon more (#1320)
-  * Use readonly input form to show the validated OpenID URI (#1308)
-  * Add captcha support to OpenID based signup (#1307)
-  * Refactor admin/auth/new.tmpl (#1277)
-  * Refactor repo/issue/view_content.tmpl (#1276)
-  * Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
-  * Cleaner UI for explore page (#1253) (#1255)
-  * Synced licenses with github repo (#1246)
-  * Synced gitignores with github repo (#1245)
-  * Reserve the "explore" user/org name (#1222)
-  * Send notifications to partecipants in issue comments (#1217)
-  * Simplify RepositoryList.loadAttributes() (#1211)
-  * Move user_follow to separate file (#1210)
-  * Search bar fixes for #1187 and #1205 (#1207)
-  * Fix upgrade failed after ever rollback (#1194)
-  * Fix double borders on edit page (#1152) (#1153)
-  * Reduce conditionals in signin/signup inner forms (#1138)
-  * Show a link to password reset from user settings requiring a password (#862)
-* SECURITY
-  * Sanitation fix from Gogs (#1461)
 * TESTING
+  * Integration tests for issues API (#2059)
   * Add integration tests for signin (#2363)
   * Add INTERNAL_TOKEN to integration .ini file (#2346)
   * Add public links check (#2323)
@@ -397,6 +344,14 @@
   * Fix bad grammar and wordiness (#1741)
   * Make strings translatable (#1188) (#1198)
 * BUILD
+  * Dockerfile for aarch64 (#1128) (#1130)
+  * backport from v1.2 branch: add secrets for github release (#2588) (#2598)
+  * Add secrets for github release to fix drone failed (#2588)
+  * Backport changes for latest drone (#2586)
+  * Removing .drone.yml.sig (#2579)
+  * Fix drone for tags (#2573) (#2576)
+  * Backport: Remove go version check for make fmt (#2558) (#2561)
+  * Backport: Fix lint, fmt and integration testing errors (#2553)
   * update latest xorm version to vendor (#2353)
   * Remove integration test executables on `make clean` (#2340)
   * refactor(Makefile): allow overriding default go program (#2310)
@@ -404,7 +359,6 @@
   * Use /dev/urandom to create random password (#2298)
   * update drone sig file. (#2262)
   * go get github.com/wadey/gocovmerge when needed (#2235)
-  * Update code.gitea.io/git dependency (#2149)
   * fix typo (#2145)
   * Revert "Reduce number of layer" (#2086)
   * Reduce number of layer (#2078)
@@ -431,15 +385,14 @@
   * Add GOFLAGS and EXTRA_GOFLAGS (#1438)
   * Include formatting check to the `make test` (and thus also `check`) rule (#1366)
 * DOCS
+  * fix wrong changelog title (#2395)
   * fix webhook link (#2289)
   * Improve swagger doc (#2274)
-  * Add changelog of release v1.1.3 (#2252)
   * Add link to forum in issue template (#2070)
   * add missing lfs config on example file (#2039)
   * Add discourse link (#2027)
   * Fix wording (#2024)
   * Fix typo (#1974)
-  * [ci skip] add 1.1.2 change log. (#1945)
   * Swagger docs for list/create forks (#1941)
   * Update links to Discord server (#1940)
   * [ci skip] update discord badge. (#1930)
@@ -471,7 +424,81 @@
   * Use sqlite3 database as default for Docker image (#2182)
   * update drone discord plugin to 0.0.4 version (#1992)
   * fix typo (#1990)
-  * Applying to become maintainer (#1671)
+  * Move 3rd party js/css into `public/vendor` and document sources (#2383)
+  * Prevent conflicting TOTP accounts by adding AppURL to issuer parameter (#2335)
+  * Fix variable name typo (#2327)
+  * Make use of Vue more universal (#2318)
+  * Remove (almost) server side data rendering from repo-search component (#2317)
+  * Add OpenID configuration in install page (#2276)
+  * More tweaks to repo top panel (#2267)
+  * File path tweaks in UI (#2264)
+  * Make SHOW_USER_EMAIL also apply to profiles (#2258)
+  * EnableUnit() -> UnitEnabled() (#2242)
+  * Prevent selection of diff line numbers (#2240)
+  * Remove unused variable on makefile (#2225)
+  * No error log entries for repo 404 (#2200)
+  * Refactor vue delimeters to use es6 template delimeters (#2171)
+  * Replace tmp with TMPDIR. (#2152)
+  * Remove unused files (#2124)
+  * Improve org error handling (#2117)
+  * Absolute path for setting.CustomConf (#2085)
+  * remove deprecated code for Gogs compitable (#2041)
+  * Refactor session close as xorm already does everything needed internally  (#2020)
+  * SQLite has a query timeout. Hopefully fixes most 'database locked' errors (#1961)
+  * Use monospace font in githook editor (#1958)
+  * Fix import order (#1951)
+  * Gracefully handle bare repositories on API operations. (#1932)
+  * Fix errors caused by force push (#1927)
+  * Display URLs in integration test logs (#1924)
+  * Set TMPDIR enviroment variable for dump command (#1915)
+  * Cache ctx.User in retrieveFeeds (#1902)
+  * Make `LocalCopyPath` a setting instead of a hard-coded path (#1881)
+  * Add check misspelling (#1877)
+  * Fix misspelled variables (#1874)
+  * Gofmt (#1868, #1710, #1662)
+  * Rename misnamed migration (#1867)
+  * Support CRLF when splitting code lines for display (#1862)
+  * Add convert less css file step. (#1861)
+  * Prevent accidential selection of line numbers in code view (#1860)
+  * Delete Public SSH Key tmp file after calculating fingerprint (#1855)
+  * Remove annoying difference in button heights. (#1853)
+  * Only run test coverage on master branch. (#1838)
+  * Error from mktemp command in MacOS. (#1837)
+  * Use writeTmpKeyFile in calcFingerprint (#1828)
+  * ROOT_URL setting use the default as shown in conf/app.ini (#1823)
+  * Rename RepoCreationNum -> MaxCreationLimit (#1766)
+  * Add button to admin ui (#1738)
+  * Correct spelling mistakes (#1703)
+  * Make openid support default false for compitable with v1.1 (#1650)
+  * Send mails as HTML as default. Setting for send as plain text. (#1648)
+  * fix potential lock when sqlite (#1647)
+  * Optimize png images via Google zopflipng [ci skip] (#1639)
+  * Upgrade alpine to v3.5 in Dockerfile (#1633)
+  * remove unused vendor packages (#1620)
+  * markup: microoptimise for many short filenames in directory (#1534)
+  * support health check via / and fix #969 (#1520)
+  * Remove env user salt since no need to use (#1515)
+  * Drop db operations from hook commands (#1514)
+  * Better URL validation (#1507)
+  * Migrate WatchInfo struct to api (#1492)
+  * refactor: show command help message. (#1486)
+  * refactor update ssh key use time (#1466)
+  * Set VERSION from git once, in a variable (#1447)
+  * Remove unused mutex field (#1440)
+  * Simplify settings pages with item list (#1389)
+  * Clean-up PostgreSQL Tests (#1361)
+  * refactor: remove workaround after the golang 1.7 release. (#1349)
+  * Delete the useless code (#1335)
+  * Run "make fmt" with go-1.6 (#1333)
+  * Refactor admin/auth/new.tmpl (#1277)
+  * Refactor repo/issue/view_content.tmpl (#1276)
+  * Cleaner ui for admin, repo settings, and user settings page (#1269) (#1270)
+  * Cleaner UI for explore page (#1253) (#1255)
+  * Synced licenses with github repo (#1246)
+  * Synced gitignores with github repo (#1245)
+  * Simplify RepositoryList.loadAttributes() (#1211)
+  * Move user_follow to separate file (#1210)
+  * Reduce conditionals in signin/signup inner forms (#1138)
 
 ## [1.1.3](https://github.com/go-gitea/gitea/releases/tag/v1.1.3) - 2017-08-03
 

Makefile

@@ -56,11 +56,8 @@ clean:
 	$(GO) clean -i ./...
 	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) integrations*.test
 
-required-gofmt-version:
-	@$(GO) version  | grep -q '\(1.7\|1.8\)' || { echo "We require go version 1.7 or 1.8 to format code" >&2 && exit 1; }
-
 .PHONY: fmt
-fmt: required-gofmt-version
+fmt:
 	$(GOFMT) -w $(GOFILES)
 
 .PHONY: vet
@@ -112,7 +109,7 @@ misspell:
 	misspell -w -i unknwon $(GOFILES)
 
 .PHONY: fmt-check
-fmt-check: required-gofmt-version
+fmt-check:
 	# get all go files and run go fmt on them
 	@diff=$$($(GOFMT) -d $(GOFILES)); \
 	if [ -n "$$diff" ]; then \

cmd/hook.go

@@ -126,15 +126,13 @@ func runHookPreReceive(c *cli.Context) error {
 			log.GitLogger.Fatal(2, "retrieve protected branches information failed")
 		}
 
-		if protectBranch != nil {
-			if !protectBranch.CanPush {
-				// check and deletion
-				if newCommitID == git.EmptySHA {
-					fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
-				} else {
-					fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
-					//fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
-				}
+		if protectBranch != nil && protectBranch.IsProtected() {
+			// check and deletion
+			if newCommitID == git.EmptySHA {
+				fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
+			} else if !protectBranch.CanPush {
+				fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
+				//fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
 			}
 		}
 	}

integrations/api_gpg_keys_test.go

@@ -0,0 +1,260 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"strconv"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	api "code.gitea.io/sdk/gitea"
+)
+
+func TestGPGKeys(t *testing.T) {
+	prepareTestEnv(t)
+	session := loginUser(t, "user2")
+
+	tt := []struct {
+		name       string
+		reqBuilder func(testing.TB, *http.Request, int) *TestResponse
+		results    []int
+	}{
+		{name: "NoLogin", reqBuilder: MakeRequest,
+			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
+		},
+		{name: "LoggedAsUser2", reqBuilder: session.MakeRequest,
+			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}},
+	}
+
+	for _, tc := range tt {
+
+		//Basic test on result code
+		t.Run(tc.name, func(t *testing.T) {
+			t.Run("ViewOwnGPGKeys", func(t *testing.T) {
+				testViewOwnGPGKeys(t, tc.reqBuilder, tc.results[0])
+			})
+			t.Run("ViewGPGKeys", func(t *testing.T) {
+				testViewGPGKeys(t, tc.reqBuilder, tc.results[1])
+			})
+			t.Run("GetGPGKey", func(t *testing.T) {
+				testGetGPGKey(t, tc.reqBuilder, tc.results[2])
+			})
+			t.Run("DeleteGPGKey", func(t *testing.T) {
+				testDeleteGPGKey(t, tc.reqBuilder, tc.results[3])
+			})
+
+			t.Run("CreateInvalidGPGKey", func(t *testing.T) {
+				testCreateInvalidGPGKey(t, tc.reqBuilder, tc.results[4])
+			})
+			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {
+				testCreateNoneRegistredEmailGPGKey(t, tc.reqBuilder, tc.results[5])
+			})
+			t.Run("CreateValidGPGKey", func(t *testing.T) {
+				testCreateValidGPGKey(t, tc.reqBuilder, tc.results[6])
+			})
+			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
+				testCreateValidSecondaryEmailGPGKey(t, tc.reqBuilder, tc.results[7])
+			})
+		})
+	}
+
+	//Check state after basic add
+	t.Run("CheckState", func(t *testing.T) {
+
+		var keys []*api.GPGKey
+
+		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") //GET all keys
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &keys)
+
+		primaryKey1 := keys[0] //Primary key 1
+		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey1.Emails))
+		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)
+		assert.EqualValues(t, true, primaryKey1.Emails[0].Verified)
+
+		subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C
+		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
+		assert.EqualValues(t, 0, len(subKey.Emails))
+
+		primaryKey2 := keys[1] //Primary key 2
+		assert.EqualValues(t, "FABF39739FE1E927", primaryKey2.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey2.Emails))
+		assert.EqualValues(t, "user21@example.com", primaryKey2.Emails[0].Email)
+		assert.EqualValues(t, false, primaryKey2.Emails[0].Verified)
+
+		var key api.GPGKey
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)) //Primary key 1
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, true, key.Emails[0].Verified)
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)) //Subkey of 38EA3BCED732982C
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
+		assert.EqualValues(t, 0, len(key.Emails))
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)) //Primary key 2
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "FABF39739FE1E927", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user21@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, false, key.Emails[0].Verified)
+
+	})
+
+	//Check state after basic add
+	t.Run("CheckCommits", func(t *testing.T) {
+		t.Run("NotSigned", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithValidEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, true, branch.Commit.Verification.Verified)
+		})
+	})
+}
+
+func testViewOwnGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testViewGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testGetGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testDeleteGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testCreateGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int, publicKey string) {
+	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys", api.CreateGPGKeyOption{
+		ArmoredKey: publicKey,
+	})
+	reqBuilder(t, req, expected)
+}
+
+func testCreateInvalidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, "invalid_key")
+}
+
+func testCreateNoneRegistredEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh
+dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O
+7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR
+3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1
+rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c
+Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w
+bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0
+batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO
+Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK
+qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg
+qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ
+INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz
+1geiY5E=
+=TkP3
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user2@example.com> //primary & activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW
+VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS
+eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod
+5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23
+BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ
+Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl
+eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW
+wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e
+B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi
+KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+
+7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv
+8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN
+HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4
+Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo
+N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ
+Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3
+kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT
+OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ
+7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB
+AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn
+AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6
+Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF
+Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN
+NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6
+lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9
+uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h
+=J59D
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidSecondaryEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user21@example.com> //secondary and not activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4
+PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD
+eY1ym59gvVMLcfbV2yQsyR2hbJlc+dJsl16tigSEe3nwxZSw2IsW92pgEzT9JNUr
+Q+mC8dw4dqY0tYmFazYUGNxufUc/twgQT/Or1aNs0az5Q6Jft4rrTRsh/S7We0VB
+COKGkdcQyYgAls7HJBuPjQRi6DM9VhgBSHLAgSLyaUcZvhZBJr8Qe/q4PP3/kYDJ
+wm4RMnjOLz2pFZPgtRqgcAwpmFtLrACbEB3JABEBAAG0GlVzZXIyIDx1c2VyMjFA
+ZXhhbXBsZS5jb20+iQFUBBMBCAA+FiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmG
+WN4CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ+r85c5/h6Sfx
+Lgf/dq64NBV8+X9an3seaLxePRviva48e4K67/wV/JxtXNO5Z/DhMGz5kHXCsG9D
+CXuWYO8ehlTjEnMZ6qqdDnY+H6bQsb2OS5oPn4RwpPXslAjEKtojPAr0dDsMS2DB
+dUuIm1AoOnewOVO0OFRf1EqX1bivxnN0FVMcO0m8AczfnKDaGb0y/qg/Y9JAsKqp
+j5pZNMWUkntRtGySeJ4CVJMmkVKJAHsa1Qj6MKdFeid4h4y94cBJ4ZdyBxNdpQOx
+ydf0doicovfeqGNO4oWzsGP4RBK2CqGPCUT+EFl20jPvMkKwOjxgqc8p0z3b2UT9
++9bnmCGHgF/fW1HJ3iKmfFPqnLkBDQRZhljeAQgA5AirU/NJGgm19ZJYFOiHftjS
+azbrPxGeD3cSqmvDPIMc1DNZGfQV5D4EVumnVbQBtL6xHFoGKz9KisUMbe4a/X2J
+S8JmIphQWG0vMJX1DaZIzr2gT71MnPD7JMGsSUCh5dIKpTNTZX4w+oGPGOu0/UlL
+x0448AryKwp30J2p6D4GeI0nb03n35S2lTOpnHDn1wj7Jl/8LS2fdFOdNaNHXSZe
+twdSwJKhyBEiScgeHBDyKqo8zWkYoSb9eA2HiYlbVaiNtp24KP1mIEpiUdrRjWno
+zauYSZGHZlOFMgF4dKWuetPiuH9m7UYZGKyMLfQ9vYFb+xcPh2bLCQHJ1OEmMQAR
+AQABiQE8BBgBCAAmFiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmGWN4CGwwFCQPC
+ZwAACgkQ+r85c5/h6Sfjfwf+O4WEjRdvPJLxNy7mfAGoAqDMHIwyH/tVzYgyVhnG
+h/+cfRxJbGc3rpjYdr8dmvghzjEAout8uibPWaIqs63RCAPGPqgWLfxNO5c8+y8V
+LZMVOTV26l2olkkdBWAuhLqKTNh6TiQva03yhOgHWj4XDvFfxICWPFXVd6t5ELpD
+iApGu1OAj8JfhmzbG03Yzx+Ku7bWDxMonx3V/IDEu5LS5zrboHYDKCA53bXXghoi
+Aceqql+PKrDwEjoY4bptwMHLmcjGjdCQ//Qx1neho7nZcS7xjTucY8gQuulwCyXF
+y6wM+wMz8dunIG9gw4+Re6c4Rz9tX1kzxLrU7Pl21tMqfg==
+=0N/9
+-----END PGP PUBLIC KEY BLOCK-----`)
+}

integrations/editor_test.go

@@ -46,7 +46,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 	req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches?action=protected_branch", map[string]string{
 		"_csrf":      csrf,
 		"branchName": "master",
-		"canPush":    "true",
+		"canPush":    "false",
 	})
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	// Check if master branch has been locked successfully

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/HEAD

@@ -0,0 +1 @@
+ref: refs/heads/master

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/config

@@ -0,0 +1,4 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = true

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/description

@@ -0,0 +1 @@
+Unnamed repository; edit this file 'description' to name the repository.

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/applypatch-msg.sample

@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message taken by
+# applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.  The hook is
+# allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "applypatch-msg".
+
+. git-sh-setup
+commitmsg="$(git rev-parse --git-path hooks/commit-msg)"
+test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"}
+:

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/commit-msg.sample

@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message.
+# Called by "git commit" with one argument, the name of the file
+# that has the commit message.  The hook should exit with non-zero
+# status after issuing an appropriate message if it wants to stop the
+# commit.  The hook is allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "commit-msg".
+
+# Uncomment the below to add a Signed-off-by line to the message.
+# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
+# hook is more suited to it.
+#
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
+
+# This example catches duplicate Signed-off-by lines.
+
+test "" = "$(grep '^Signed-off-by: ' "$1" |
+	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
+	echo >&2 Duplicate Signed-off-by lines.
+	exit 1
+}

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/post-update.sample

@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# An example hook script to prepare a packed repository for use over
+# dumb transports.
+#
+# To enable this hook, rename this file to "post-update".
+
+exec git update-server-info

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-applypatch.sample

@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed
+# by applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.
+#
+# To enable this hook, rename this file to "pre-applypatch".
+
+. git-sh-setup
+precommit="$(git rev-parse --git-path hooks/pre-commit)"
+test -x "$precommit" && exec "$precommit" ${1+"$@"}
+:

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-commit.sample

@@ -0,0 +1,49 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed.
+# Called by "git commit" with no arguments.  The hook should
+# exit with non-zero status after issuing an appropriate message if
+# it wants to stop the commit.
+#
+# To enable this hook, rename this file to "pre-commit".
+
+if git rev-parse --verify HEAD >/dev/null 2>&1
+then
+	against=HEAD
+else
+	# Initial commit: diff against an empty tree object
+	against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
+fi
+
+# If you want to allow non-ASCII filenames set this variable to true.
+allownonascii=$(git config --bool hooks.allownonascii)
+
+# Redirect output to stderr.
+exec 1>&2
+
+# Cross platform projects tend to avoid non-ASCII filenames; prevent
+# them from being added to the repository. We exploit the fact that the
+# printable range starts at the space character and ends with tilde.
+if [ "$allownonascii" != "true" ] &&
+	# Note that the use of brackets around a tr range is ok here, (it's
+	# even required, for portability to Solaris 10's /usr/bin/tr), since
+	# the square bracket bytes happen to fall in the designated range.
+	test $(git diff --cached --name-only --diff-filter=A -z $against |
+	  LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0
+then
+	cat <<\EOF
+Error: Attempt to add a non-ASCII file name.
+
+This can cause problems if you want to work with people on other platforms.
+
+To be portable it is advisable to rename the file.
+
+If you know what you are doing you can disable this check using:
+
+  git config hooks.allownonascii true
+EOF
+	exit 1
+fi
+
+# If there are whitespace errors, print the offending file names and fail.
+exec git diff-index --check --cached $against --

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-push.sample

@@ -0,0 +1,53 @@
+#!/bin/sh
+
+# An example hook script to verify what is about to be pushed.  Called by "git
+# push" after it has checked the remote status, but before anything has been
+# pushed.  If this script exits with a non-zero status nothing will be pushed.
+#
+# This hook is called with the following parameters:
+#
+# $1 -- Name of the remote to which the push is being done
+# $2 -- URL to which the push is being done
+#
+# If pushing without using a named remote those arguments will be equal.
+#
+# Information about the commits which are being pushed is supplied as lines to
+# the standard input in the form:
+#
+#   <local ref> <local sha1> <remote ref> <remote sha1>
+#
+# This sample shows how to prevent push of commits where the log message starts
+# with "WIP" (work in progress).
+
+remote="$1"
+url="$2"
+
+z40=0000000000000000000000000000000000000000
+
+while read local_ref local_sha remote_ref remote_sha
+do
+	if [ "$local_sha" = $z40 ]
+	then
+		# Handle delete
+		:
+	else
+		if [ "$remote_sha" = $z40 ]
+		then
+			# New branch, examine all commits
+			range="$local_sha"
+		else
+			# Update to existing branch, examine new commits
+			range="$remote_sha..$local_sha"
+		fi
+
+		# Check for WIP commit
+		commit=`git rev-list -n 1 --grep '^WIP' "$range"`
+		if [ -n "$commit" ]
+		then
+			echo >&2 "Found WIP commit in $local_ref, not pushing"
+			exit 1
+		fi
+	fi
+done
+
+exit 0

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-rebase.sample

@@ -0,0 +1,169 @@
+#!/bin/sh
+#
+# Copyright (c) 2006, 2008 Junio C Hamano
+#
+# The "pre-rebase" hook is run just before "git rebase" starts doing
+# its job, and can prevent the command from running by exiting with
+# non-zero status.
+#
+# The hook is called with the following parameters:
+#
+# $1 -- the upstream the series was forked from.
+# $2 -- the branch being rebased (or empty when rebasing the current branch).
+#
+# This sample shows how to prevent topic branches that are already
+# merged to 'next' branch from getting rebased, because allowing it
+# would result in rebasing already published history.
+
+publish=next
+basebranch="$1"
+if test "$#" = 2
+then
+	topic="refs/heads/$2"
+else
+	topic=`git symbolic-ref HEAD` ||
+	exit 0 ;# we do not interrupt rebasing detached HEAD
+fi
+
+case "$topic" in
+refs/heads/??/*)
+	;;
+*)
+	exit 0 ;# we do not interrupt others.
+	;;
+esac
+
+# Now we are dealing with a topic branch being rebased
+# on top of master.  Is it OK to rebase it?
+
+# Does the topic really exist?
+git show-ref -q "$topic" || {
+	echo >&2 "No such branch $topic"
+	exit 1
+}
+
+# Is topic fully merged to master?
+not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
+if test -z "$not_in_master"
+then
+	echo >&2 "$topic is fully merged to master; better remove it."
+	exit 1 ;# we could allow it, but there is no point.
+fi
+
+# Is topic ever merged to next?  If so you should not be rebasing it.
+only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
+only_next_2=`git rev-list ^master           ${publish} | sort`
+if test "$only_next_1" = "$only_next_2"
+then
+	not_in_topic=`git rev-list "^$topic" master`
+	if test -z "$not_in_topic"
+	then
+		echo >&2 "$topic is already up-to-date with master"
+		exit 1 ;# we could allow it, but there is no point.
+	else
+		exit 0
+	fi
+else
+	not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
+	/usr/bin/perl -e '
+		my $topic = $ARGV[0];
+		my $msg = "* $topic has commits already merged to public branch:\n";
+		my (%not_in_next) = map {
+			/^([0-9a-f]+) /;
+			($1 => 1);
+		} split(/\n/, $ARGV[1]);
+		for my $elem (map {
+				/^([0-9a-f]+) (.*)$/;
+				[$1 => $2];
+			} split(/\n/, $ARGV[2])) {
+			if (!exists $not_in_next{$elem->[0]}) {
+				if ($msg) {
+					print STDERR $msg;
+					undef $msg;
+				}
+				print STDERR " $elem->[1]\n";
+			}
+		}
+	' "$topic" "$not_in_next" "$not_in_master"
+	exit 1
+fi
+
+exit 0
+
+################################################################
+
+This sample hook safeguards topic branches that have been
+published from being rewound.
+
+The workflow assumed here is:
+
+ * Once a topic branch forks from "master", "master" is never
+   merged into it again (either directly or indirectly).
+
+ * Once a topic branch is fully cooked and merged into "master",
+   it is deleted.  If you need to build on top of it to correct
+   earlier mistakes, a new topic branch is created by forking at
+   the tip of the "master".  This is not strictly necessary, but
+   it makes it easier to keep your history simple.
+
+ * Whenever you need to test or publish your changes to topic
+   branches, merge them into "next" branch.
+
+The script, being an example, hardcodes the publish branch name
+to be "next", but it is trivial to make it configurable via
+$GIT_DIR/config mechanism.
+
+With this workflow, you would want to know:
+
+(1) ... if a topic branch has ever been merged to "next".  Young
+    topic branches can have stupid mistakes you would rather
+    clean up before publishing, and things that have not been
+    merged into other branches can be easily rebased without
+    affecting other people.  But once it is published, you would
+    not want to rewind it.
+
+(2) ... if a topic branch has been fully merged to "master".
+    Then you can delete it.  More importantly, you should not
+    build on top of it -- other people may already want to
+    change things related to the topic as patches against your
+    "master", so if you need further changes, it is better to
+    fork the topic (perhaps with the same name) afresh from the
+    tip of "master".
+
+Let's look at this example:
+
+		   o---o---o---o---o---o---o---o---o---o "next"
+		  /       /           /           /
+		 /   a---a---b A     /           /
+		/   /               /           /
+	       /   /   c---c---c---c B         /
+	      /   /   /             \         /
+	     /   /   /   b---b C     \       /
+	    /   /   /   /             \     /
+    ---o---o---o---o---o---o---o---o---o---o---o "master"
+
+
+A, B and C are topic branches.
+
+ * A has one fix since it was merged up to "next".
+
+ * B has finished.  It has been fully merged up to "master" and "next",
+   and is ready to be deleted.
+
+ * C has not merged to "next" at all.
+
+We would want to allow C to be rebased, refuse A, and encourage
+B to be deleted.
+
+To compute (1):
+
+	git rev-list ^master ^topic next
+	git rev-list ^master        next
+
+	if these match, topic has not merged in next at all.
+
+To compute (2):
+
+	git rev-list master..topic
+
+	if this is empty, it is fully merged to "master".

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-receive.sample

@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to make use of push options.
+# The example simply echoes all push options that start with 'echoback='
+# and rejects all pushes when the "reject" push option is used.
+#
+# To enable this hook, rename this file to "pre-receive".
+
+if test -n "$GIT_PUSH_OPTION_COUNT"
+then
+	i=0
+	while test "$i" -lt "$GIT_PUSH_OPTION_COUNT"
+	do
+		eval "value=\$GIT_PUSH_OPTION_$i"
+		case "$value" in
+		echoback=*)
+			echo "echo from the pre-receive-hook: ${value#*=}" >&2
+			;;
+		reject)
+			exit 1
+		esac
+		i=$((i + 1))
+	done
+fi

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/prepare-commit-msg.sample

@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# An example hook script to prepare the commit log message.
+# Called by "git commit" with the name of the file that has the
+# commit message, followed by the description of the commit
+# message's source.  The hook's purpose is to edit the commit
+# message file.  If the hook fails with a non-zero status,
+# the commit is aborted.
+#
+# To enable this hook, rename this file to "prepare-commit-msg".
+
+# This hook includes three examples.  The first comments out the
+# "Conflicts:" part of a merge commit.
+#
+# The second includes the output of "git diff --name-status -r"
+# into the message, just before the "git status" output.  It is
+# commented because it doesn't cope with --amend or with squashed
+# commits.
+#
+# The third example adds a Signed-off-by line to the message, that can
+# still be edited.  This is rarely a good idea.
+
+case "$2,$3" in
+  merge,)
+    /usr/bin/perl -i.bak -ne 's/^/# /, s/^# #/#/ if /^Conflicts/ .. /#/; print' "$1" ;;
+
+# ,|template,)
+#   /usr/bin/perl -i.bak -pe '
+#      print "\n" . `git diff --cached --name-status -r`
+#	 if /^#/ && $first++ == 0' "$1" ;;
+
+  *) ;;
+esac
+
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/update.sample

@@ -0,0 +1,128 @@
+#!/bin/sh
+#
+# An example hook script to block unannotated tags from entering.
+# Called by "git receive-pack" with arguments: refname sha1-old sha1-new
+#
+# To enable this hook, rename this file to "update".
+#
+# Config
+# ------
+# hooks.allowunannotated
+#   This boolean sets whether unannotated tags will be allowed into the
+#   repository.  By default they won't be.
+# hooks.allowdeletetag
+#   This boolean sets whether deleting tags will be allowed in the
+#   repository.  By default they won't be.
+# hooks.allowmodifytag
+#   This boolean sets whether a tag may be modified after creation. By default
+#   it won't be.
+# hooks.allowdeletebranch
+#   This boolean sets whether deleting branches will be allowed in the
+#   repository.  By default they won't be.
+# hooks.denycreatebranch
+#   This boolean sets whether remotely creating branches will be denied
+#   in the repository.  By default this is allowed.
+#
+
+# --- Command line
+refname="$1"
+oldrev="$2"
+newrev="$3"
+
+# --- Safety check
+if [ -z "$GIT_DIR" ]; then
+	echo "Don't run this script from the command line." >&2
+	echo " (if you want, you could supply GIT_DIR then run" >&2
+	echo "  $0 <ref> <oldrev> <newrev>)" >&2
+	exit 1
+fi
+
+if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
+	echo "usage: $0 <ref> <oldrev> <newrev>" >&2
+	exit 1
+fi
+
+# --- Config
+allowunannotated=$(git config --bool hooks.allowunannotated)
+allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
+denycreatebranch=$(git config --bool hooks.denycreatebranch)
+allowdeletetag=$(git config --bool hooks.allowdeletetag)
+allowmodifytag=$(git config --bool hooks.allowmodifytag)
+
+# check for no description
+projectdesc=$(sed -e '1q' "$GIT_DIR/description")
+case "$projectdesc" in
+"Unnamed repository"* | "")
+	echo "*** Project description file hasn't been set" >&2
+	exit 1
+	;;
+esac
+
+# --- Check types
+# if $newrev is 0000...0000, it's a commit to delete a ref.
+zero="0000000000000000000000000000000000000000"
+if [ "$newrev" = "$zero" ]; then
+	newrev_type=delete
+else
+	newrev_type=$(git cat-file -t $newrev)
+fi
+
+case "$refname","$newrev_type" in
+	refs/tags/*,commit)
+		# un-annotated tag
+		short_refname=${refname##refs/tags/}
+		if [ "$allowunannotated" != "true" ]; then
+			echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2
+			echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2
+			exit 1
+		fi
+		;;
+	refs/tags/*,delete)
+		# delete tag
+		if [ "$allowdeletetag" != "true" ]; then
+			echo "*** Deleting a tag is not allowed in this repository" >&2
+			exit 1
+		fi
+		;;
+	refs/tags/*,tag)
+		# annotated tag
+		if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1
+		then
+			echo "*** Tag '$refname' already exists." >&2
+			echo "*** Modifying a tag is not allowed in this repository." >&2
+			exit 1
+		fi
+		;;
+	refs/heads/*,commit)
+		# branch
+		if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
+			echo "*** Creating a branch is not allowed in this repository" >&2
+			exit 1
+		fi
+		;;
+	refs/heads/*,delete)
+		# delete branch
+		if [ "$allowdeletebranch" != "true" ]; then
+			echo "*** Deleting a branch is not allowed in this repository" >&2
+			exit 1
+		fi
+		;;
+	refs/remotes/*,commit)
+		# tracking branch
+		;;
+	refs/remotes/*,delete)
+		# delete tracking branch
+		if [ "$allowdeletebranch" != "true" ]; then
+			echo "*** Deleting a tracking branch is not allowed in this repository" >&2
+			exit 1
+		fi
+		;;
+	*)
+		# Anything else (is there anything else?)
+		echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2
+		exit 1
+		;;
+esac
+
+# --- Finished
+exit 0

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/info/exclude

@@ -0,0 +1,6 @@
+# git ls-files --others --exclude-from=.git/info/exclude
+# Lines that start with '#' are comments.
+# For a project mostly in C, the following would be a good set of
+# exclude patterns (uncomment them if you want to use them):
+# *.[oa]
+# *~

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f

@@ -0,0 +1 @@
+x
+)JMU06g040031Q(JML<4D>M<EFBFBD><4D>MaXbR<62><52>10<31>-&<26><>C<EFBFBD><43><EFBFBD>˒<EFBFBD><CB92>
=<3D>,

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/50/99b81332712fe655e34e8dd63574f503f61811

@@ -0,0 +1,2 @@
+x
<01><>Q
+B!E<>v<15><1F><>O'!<21>M<EFBFBD><4D>Q<EFBFBD>׃<EFBFBD><D783><EFBFBD><EFBFBD><EFBFBD>g<EFBFBD><02><><EFBFBD><0B><>TKY:v<><76><EFBFBD>N6<4E><36><EFBFBD><EFBFBD>b f<><66><EFBFBD><EFBFBD><EFBFBD>&<26><>19<31><39><EFBFBD>ho<>V\Wi<08><>yqy<71><79><EFBFBD>j9<6A>q<1A><>F<1B><0F>j<EFBFBD><6A><EFBFBD><EFBFBD>?ٟ<><D99F>Z3<5A><33><EFBFBD><EFBFBD><0C><05>*S6#

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign

@@ -0,0 +1 @@
+f27c2b2b03dcab38beaf89b0ab4ff61f6de63441

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign-not-yet-validated

@@ -0,0 +1 @@
+27566bd5738fc8b4e3fef3c5e72cce608537bd95

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/master

@@ -0,0 +1 @@
+69554a64c1e6030f051e5c3f94bfbd773cd6a324

integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/not-signed

@@ -0,0 +1 @@
+69554a64c1e6030f051e5c3f94bfbd773cd6a324

integrations/internal_test.go

@@ -17,7 +17,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-func assertProtectedBranch(t *testing.T, repoID int64, branchName string, isErr, canPush bool) {
+func assertProtectedBranch(t *testing.T, repoID int64, branchName string, isErr, isProtected bool) {
 	reqURL := fmt.Sprintf("/api/internal/branch/%d/%s", repoID, url.QueryEscape(branchName))
 	req := NewRequest(t, "GET", reqURL)
 	t.Log(reqURL)
@@ -31,14 +31,14 @@ func assertProtectedBranch(t *testing.T, repoID int64, branchName string, isErr,
 		var branch models.ProtectedBranch
 		t.Log(string(resp.Body))
 		assert.NoError(t, json.Unmarshal(resp.Body, &branch))
-		assert.Equal(t, canPush, branch.CanPush)
+		assert.Equal(t, isProtected, branch.IsProtected())
 	}
 }
 
 func TestInternal_GetProtectedBranch(t *testing.T) {
 	prepareTestEnv(t)
 
-	assertProtectedBranch(t, 1, "master", false, true)
-	assertProtectedBranch(t, 1, "dev", false, true)
-	assertProtectedBranch(t, 1, "lunny/dev", false, true)
+	assertProtectedBranch(t, 1, "master", false, false)
+	assertProtectedBranch(t, 1, "dev", false, false)
+	assertProtectedBranch(t, 1, "lunny/dev", false, false)
 }

integrations/mysql.ini

@@ -3,7 +3,7 @@ RUN_MODE = prod
 
 [database]
 DB_TYPE  = mysql
-HOST     = 127.0.0.1:3306
+HOST     = mysql:3306
 NAME     = testgitea
 USER     = root
 PASSWD   =

integrations/pgsql.ini

@@ -3,7 +3,7 @@ RUN_MODE = prod
 
 [database]
 DB_TYPE  = postgres
-HOST     = 127.0.0.1:5432
+HOST     = pgsql:5432
 NAME     = testgitea
 USER     = postgres
 PASSWD   = postgres

integrations/pull_create_test.go

@@ -46,7 +46,7 @@ func testPullCreate(t *testing.T, session *TestSession, user, repo, branch strin
 func TestPullCreate(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user1")
-	testRepoFork(t, session)
+	testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
 	testEditFile(t, session, "user1", "repo1", "master", "README.md")
 	testPullCreate(t, session, "user1", "repo1", "master")
 }

integrations/pull_merge_test.go

@@ -48,7 +48,7 @@ func testPullCleanUp(t *testing.T, session *TestSession, user, repo, pullnum str
 func TestPullMerge(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user1")
-	testRepoFork(t, session)
+	testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
 	testEditFile(t, session, "user1", "repo1", "master", "README.md")
 
 	resp := testPullCreate(t, session, "user1", "repo1", "master")
@@ -61,7 +61,7 @@ func TestPullMerge(t *testing.T) {
 func TestPullCleanUpAfterMerge(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user1")
-	testRepoFork(t, session)
+	testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
 	testEditFileToNewBranch(t, session, "user1", "repo1", "master", "feature/test", "README.md")
 
 	resp := testPullCreate(t, session, "user1", "repo1", "feature/test")

integrations/repo_fork_test.go

@@ -5,19 +5,24 @@
 package integrations
 
 import (
+	"fmt"
 	"net/http"
 	"testing"
 
+	"code.gitea.io/gitea/models"
+
 	"github.com/stretchr/testify/assert"
 )
 
-func testRepoFork(t *testing.T, session *TestSession) *TestResponse {
+func testRepoFork(t *testing.T, session *TestSession, ownerName, repoName, forkOwnerName, forkRepoName string) *TestResponse {
+	forkOwner := models.AssertExistsAndLoadBean(t, &models.User{Name: forkOwnerName}).(*models.User)
+
 	// Step0: check the existence of the to-fork repo
-	req := NewRequest(t, "GET", "/user1/repo1")
+	req := NewRequestf(t, "GET", "/%s/%s", forkOwnerName, forkRepoName)
 	resp := session.MakeRequest(t, req, http.StatusNotFound)
 
 	// Step1: go to the main page of repo
-	req = NewRequest(t, "GET", "/user2/repo1")
+	req = NewRequestf(t, "GET", "/%s/%s", ownerName, repoName)
 	resp = session.MakeRequest(t, req, http.StatusOK)
 
 	// Step2: click the fork button
@@ -31,15 +36,17 @@ func testRepoFork(t *testing.T, session *TestSession) *TestResponse {
 	htmlDoc = NewHTMLParser(t, resp.Body)
 	link, exists = htmlDoc.doc.Find("form.ui.form[action^=\"/repo/fork/\"]").Attr("action")
 	assert.True(t, exists, "The template has changed")
+	_, exists = htmlDoc.doc.Find(fmt.Sprintf(".owner.dropdown .item[data-value=\"%d\"]", forkOwner.ID)).Attr("data-value")
+	assert.True(t, exists, fmt.Sprintf("Fork owner '%s' is not present in select box", forkOwnerName))
 	req = NewRequestWithValues(t, "POST", link, map[string]string{
 		"_csrf":     htmlDoc.GetCSRF(),
-		"uid":       "1",
-		"repo_name": "repo1",
+		"uid":       fmt.Sprintf("%d", forkOwner.ID),
+		"repo_name": forkRepoName,
 	})
 	resp = session.MakeRequest(t, req, http.StatusFound)
 
 	// Step4: check the existence of the forked repo
-	req = NewRequest(t, "GET", "/user1/repo1")
+	req = NewRequestf(t, "GET", "/%s/%s", forkOwnerName, forkRepoName)
 	resp = session.MakeRequest(t, req, http.StatusOK)
 
 	return resp
@@ -48,5 +55,19 @@ func testRepoFork(t *testing.T, session *TestSession) *TestResponse {
 func TestRepoFork(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user1")
-	testRepoFork(t, session)
+	testRepoFork(t, session, "user2", "repo1", "user1", "repo1")
+}
+
+func TestRepoForkToOrg(t *testing.T) {
+	prepareTestEnv(t)
+	session := loginUser(t, "user2")
+	testRepoFork(t, session, "user2", "repo1", "user3", "repo1")
+
+	// Check that no more forking is allowed as user2 owns repository
+	//  and user3 organization that owner user2 is also now has forked this repository
+	req := NewRequest(t, "GET", "/user2/repo1")
+	resp := session.MakeRequest(t, req, http.StatusOK)
+	htmlDoc := NewHTMLParser(t, resp.Body)
+	_, exists := htmlDoc.doc.Find("a.ui.button[href^=\"/repo/fork/\"]").Attr("href")
+	assert.False(t, exists, "Forking should not be allowed anymore")
 }

integrations/sqlite.ini

@@ -3,11 +3,6 @@ RUN_MODE = prod
 
 [database]
 DB_TYPE  = sqlite3
-HOST     = 127.0.0.1:3306
-NAME     = testgitea
-USER     = gitea
-PASSWD   =
-SSL_MODE = disable
 PATH     = :memory:
 
 [repository]

models/branches.go

@@ -17,10 +17,10 @@ const (
 
 // ProtectedBranch struct
 type ProtectedBranch struct {
-	ID          int64  `xorm:"pk autoincr"`
-	RepoID      int64  `xorm:"UNIQUE(s)"`
-	BranchName  string `xorm:"UNIQUE(s)"`
-	CanPush     bool
+	ID          int64     `xorm:"pk autoincr"`
+	RepoID      int64     `xorm:"UNIQUE(s)"`
+	BranchName  string    `xorm:"UNIQUE(s)"`
+	CanPush     bool      `xorm:"NOT NULL DEFAULT false"`
 	Created     time.Time `xorm:"-"`
 	CreatedUnix int64
 	Updated     time.Time `xorm:"-"`
@@ -38,6 +38,11 @@ func (protectBranch *ProtectedBranch) BeforeUpdate() {
 	protectBranch.UpdatedUnix = time.Now().Unix()
 }
 
+// IsProtected returns if the branch is protected
+func (protectBranch *ProtectedBranch) IsProtected() bool {
+	return protectBranch.ID > 0
+}
+
 // GetProtectedBranchByRepoID getting protected branch by repo ID
 func GetProtectedBranchByRepoID(RepoID int64) ([]*ProtectedBranch, error) {
 	protectedBranches := make([]*ProtectedBranch, 0)

models/error.go

@@ -4,9 +4,7 @@
 
 package models
 
-import (
-	"fmt"
-)
+import "fmt"
 
 // ErrNameReserved represents a "reserved name" error.
 type ErrNameReserved struct {
@@ -260,19 +258,19 @@ func (err ErrKeyNameAlreadyUsed) Error() string {
 	return fmt.Sprintf("public key already exists [owner_id: %d, name: %s]", err.OwnerID, err.Name)
 }
 
-// ErrGPGEmailNotFound represents a "ErrGPGEmailNotFound" kind of error.
-type ErrGPGEmailNotFound struct {
-	Email string
+// ErrGPGNoEmailFound represents a "ErrGPGNoEmailFound" kind of error.
+type ErrGPGNoEmailFound struct {
+	FailedEmails []string
 }
 
-// IsErrGPGEmailNotFound checks if an error is a ErrGPGEmailNotFound.
-func IsErrGPGEmailNotFound(err error) bool {
-	_, ok := err.(ErrGPGEmailNotFound)
+// IsErrGPGNoEmailFound checks if an error is a ErrGPGNoEmailFound.
+func IsErrGPGNoEmailFound(err error) bool {
+	_, ok := err.(ErrGPGNoEmailFound)
 	return ok
 }
 
-func (err ErrGPGEmailNotFound) Error() string {
-	return fmt.Sprintf("failed to found email or is not confirmed : %s", err.Email)
+func (err ErrGPGNoEmailFound) Error() string {
+	return fmt.Sprintf("none of the emails attached to the GPG key could be found: %v", err.FailedEmails)
 }
 
 // ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error.

models/fixtures/repository.yml

@@ -176,3 +176,15 @@
   lower_name: repo15
   name: repo15
   is_bare: true
+
+-
+  id: 16
+  owner_id: 2
+  lower_name: repo16
+  name: repo16
+  is_private: true
+  num_issues: 0
+  num_closed_issues: 0
+  num_pulls: 0
+  num_closed_pulls: 0
+  num_watches: 0

models/fixtures/user.yml

@@ -26,7 +26,7 @@
   is_admin: false
   avatar: avatar2
   avatar_email: user2@example.com
-  num_repos: 3
+  num_repos: 4
   num_stars: 2
   num_followers: 2
   num_following: 1

models/gpg_key.go

@@ -208,21 +208,27 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
 	if err != nil {
 		return nil, err
 	}
-	emails := make([]*EmailAddress, len(e.Identities))
-	n := 0
+
+	emails := make([]*EmailAddress, 0, len(e.Identities))
 	for _, ident := range e.Identities {
 		email := strings.ToLower(strings.TrimSpace(ident.UserId.Email))
 		for _, e := range userEmails {
-			if e.Email == email && e.IsActivated {
-				emails[n] = e
+			if e.Email == email {
+				emails = append(emails, e)
 				break
 			}
 		}
-		if emails[n] == nil {
-			return nil, ErrGPGEmailNotFound{ident.UserId.Email}
-		}
-		n++
 	}
+
+	//In the case no email as been found
+	if len(emails) == 0 {
+		failedEmails := make([]string, 0, len(e.Identities))
+		for _, ident := range e.Identities {
+			failedEmails = append(failedEmails, ident.UserId.Email)
+		}
+		return nil, ErrGPGNoEmailFound{failedEmails}
+	}
+
 	content, err := base64EncPubKey(pubkey)
 	if err != nil {
 		return nil, err
@@ -276,11 +282,7 @@ func DeleteGPGKey(doer *User, id int64) (err error) {
 		return err
 	}
 
-	if err = sess.Commit(); err != nil {
-		return err
-	}
-
-	return nil
+	return sess.Commit()
 }
 
 // CommitVerification represents a commit validation of signature
@@ -380,8 +382,8 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
 		}
 
 		//Find Committer account
-		committer, err := GetUserByEmail(c.Committer.Email)
-		if err != nil { //Skipping not user for commiter
+		committer, err := GetUserByEmail(c.Committer.Email) //This find the user by primary email or activated email so commit will not be valid if email is not
+		if err != nil {                                     //Skipping not user for commiter
 			log.Error(3, "NoCommitterAccount: %v", err)
 			return &CommitVerification{
 				Verified: false,
@@ -399,6 +401,19 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
 		}
 
 		for _, k := range keys {
+			//Pre-check (& optimization) that emails attached to key can be attached to the commiter email and can validate
+			canValidate := false
+			lowerCommiterEmail := strings.ToLower(c.Committer.Email)
+			for _, e := range k.Emails {
+				if e.IsActivated && strings.ToLower(e.Email) == lowerCommiterEmail {
+					canValidate = true
+					break
+				}
+			}
+			if !canValidate {
+				continue //Skip this key
+			}
+
 			//Generating hash of commit
 			hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload))
 			if err != nil { //Skipping ailed to generate hash

models/issue.go

@@ -572,11 +572,7 @@ func (issue *Issue) ReadBy(userID int64) error {
 		return err
 	}
 
-	if err := setNotificationStatusReadIfUnread(x, userID, issue.ID); err != nil {
-		return err
-	}
-
-	return nil
+	return setNotificationStatusReadIfUnread(x, userID, issue.ID)
 }
 
 func updateIssueCols(e Engine, issue *Issue, cols ...string) error {

models/issue_comment.go

@@ -613,6 +613,7 @@ func findComments(e Engine, opts FindCommentsOptions) ([]*Comment, error) {
 	}
 	return comments, sess.
 		Asc("comment.created_unix").
+		Asc("comment.id").
 		Find(&comments)
 }
 

models/login_source.go

@@ -509,10 +509,7 @@ func SMTPAuth(a smtp.Auth, cfg *SMTPConfig) error {
 	}
 
 	if ok, _ := c.Extension("AUTH"); ok {
-		if err = c.Auth(a); err != nil {
-			return err
-		}
-		return nil
+		return c.Auth(a)
 	}
 	return ErrUnsupportedLoginType
 }

models/mail.go

@@ -166,7 +166,7 @@ func composeIssueCommentMessage(issue *Issue, doer *User, comment *Comment, tplN
 		log.Error(3, "Template: %v", err)
 	}
 
-	msg := mailer.NewMessageFrom(tos, fmt.Sprintf(`"%s" <%s>`, doer.DisplayName(), setting.MailService.FromEmail), subject, content.String())
+	msg := mailer.NewMessageFrom(tos, doer.DisplayName(), setting.MailService.FromEmail, subject, content.String())
 	msg.Info = fmt.Sprintf("Subject: %s, %s", subject, info)
 	return msg
 }

models/migrations/migrations.go

@@ -126,6 +126,12 @@ var migrations = []Migration{
 	NewMigration("unescape user full names", unescapeUserFullNames),
 	// v38 -> v39
 	NewMigration("remove commits and settings unit types", removeCommitsUnitType),
+	// v43 -> v44
+	NewMigration("fix protected branch can push value to false", fixProtectedBranchCanPushValue),
+	// v42 -> v43
+	NewMigration("add tags to releases and sync existing repositories", releaseAddColumnIsTagAndSyncTags),
+	// v44 -> v45
+	NewMigration("remove duplicate unit types", removeDuplicateUnitTypes),
 }
 
 // Migrate database to current version

models/migrations/v15.go

@@ -10,21 +10,15 @@ import (
 	"github.com/go-xorm/xorm"
 )
 
-// UserV15 describes the added field for User
-type UserV15 struct {
-	KeepEmailPrivate        bool
-	AllowCreateOrganization bool
-}
-
-// TableName will be invoked by XORM to customrize the table name
-func (*UserV15) TableName() string {
-	return "user"
-}
-
 func createAllowCreateOrganizationColumn(x *xorm.Engine) error {
-	if err := x.Sync2(new(UserV15)); err != nil {
+	type User struct {
+		KeepEmailPrivate        bool
+		AllowCreateOrganization bool
+	}
+
+	if err := x.Sync2(new(User)); err != nil {
 		return fmt.Errorf("Sync2: %v", err)
-	} else if _, err = x.Where("type=0").Cols("allow_create_organization").Update(&UserV15{AllowCreateOrganization: true}); err != nil {
+	} else if _, err = x.Where("`type` = 0").Cols("allow_create_organization").Update(&User{AllowCreateOrganization: true}); err != nil {
 		return fmt.Errorf("set allow_create_organization: %v", err)
 	}
 	return nil

models/migrations/v16.go

@@ -13,17 +13,6 @@ import (
 	"github.com/go-xorm/xorm"
 )
 
-// RepoUnit describes all units of a repository
-type RepoUnit struct {
-	ID          int64
-	RepoID      int64 `xorm:"INDEX(s)"`
-	Type        int   `xorm:"INDEX(s)"`
-	Index       int
-	Config      map[string]string `xorm:"JSON"`
-	CreatedUnix int64             `xorm:"INDEX CREATED"`
-	Created     time.Time         `xorm:"-"`
-}
-
 // Enumerate all the unit types
 const (
 	V16UnitTypeCode            = iota + 1 // 1 code
@@ -37,14 +26,25 @@ const (
 	V16UnitTypeExternalTracker            // 9 ExternalTracker
 )
 
-// Repo describes a repository
-type Repo struct {
-	ID                                                                               int64
-	EnableWiki, EnableExternalWiki, EnableIssues, EnableExternalTracker, EnablePulls bool
-	ExternalWikiURL, ExternalTrackerURL, ExternalTrackerFormat, ExternalTrackerStyle string
-}
-
 func addUnitsToTables(x *xorm.Engine) error {
+	// RepoUnit describes all units of a repository
+	type RepoUnit struct {
+		ID          int64
+		RepoID      int64 `xorm:"INDEX(s)"`
+		Type        int   `xorm:"INDEX(s)"`
+		Index       int
+		Config      map[string]interface{} `xorm:"JSON"`
+		CreatedUnix int64                  `xorm:"INDEX CREATED"`
+		Created     time.Time              `xorm:"-"`
+	}
+
+	// Repo describes a repository
+	type Repo struct {
+		ID                                                                               int64
+		EnableWiki, EnableExternalWiki, EnableIssues, EnableExternalTracker, EnablePulls bool
+		ExternalWikiURL, ExternalTrackerURL, ExternalTrackerFormat, ExternalTrackerStyle string
+	}
+
 	var repos []Repo
 	err := x.Table("repository").Select("*").Find(&repos)
 	if err != nil {
@@ -95,7 +95,7 @@ func addUnitsToTables(x *xorm.Engine) error {
 				continue
 			}
 
-			var config = make(map[string]string)
+			var config = make(map[string]interface{})
 			switch i {
 			case V16UnitTypeExternalTracker:
 				config["ExternalTrackerURL"] = repo.ExternalTrackerURL
@@ -119,9 +119,5 @@ func addUnitsToTables(x *xorm.Engine) error {
 		}
 	}
 
-	if err := sess.Commit(); err != nil {
-		return err
-	}
-
-	return nil
+	return sess.Commit()
 }

models/migrations/v21.go

@@ -51,8 +51,5 @@ func useNewPublickeyFormat(x *xorm.Engine) error {
 	}
 
 	f.Close()
-	if err = os.Rename(tmpPath, fpath); err != nil {
-		return err
-	}
-	return nil
+	return os.Rename(tmpPath, fpath)
 }

models/migrations/v37.go

@@ -7,16 +7,19 @@ package migrations
 import (
 	"html"
 
-	"code.gitea.io/gitea/models"
-
 	"github.com/go-xorm/xorm"
 )
 
 func unescapeUserFullNames(x *xorm.Engine) (err error) {
+	type User struct {
+		ID       int64 `xorm:"pk autoincr"`
+		FullName string
+	}
+
 	const batchSize = 100
 	for start := 0; ; start += batchSize {
-		users := make([]*models.User, 0, batchSize)
-		if err := x.Limit(start, batchSize).Find(users); err != nil {
+		users := make([]*User, 0, batchSize)
+		if err := x.Limit(batchSize, start).Find(&users); err != nil {
 			return err
 		}
 		if len(users) == 0 {
@@ -24,7 +27,7 @@ func unescapeUserFullNames(x *xorm.Engine) (err error) {
 		}
 		for _, user := range users {
 			user.FullName = html.UnescapeString(user.FullName)
-			if _, err := x.Cols("full_name").Update(user); err != nil {
+			if _, err := x.ID(user.ID).Cols("full_name").Update(user); err != nil {
 				return err
 			}
 		}

models/migrations/v38.go

@@ -5,12 +5,26 @@
 package migrations
 
 import (
+	"time"
+
 	"code.gitea.io/gitea/models"
 
+	"github.com/go-xorm/core"
 	"github.com/go-xorm/xorm"
 )
 
 func removeCommitsUnitType(x *xorm.Engine) (err error) {
+	// RepoUnit describes all units of a repository
+	type RepoUnit struct {
+		ID          int64
+		RepoID      int64 `xorm:"INDEX(s)"`
+		Type        int   `xorm:"INDEX(s)"`
+		Index       int
+		Config      core.Conversion `xorm:"TEXT"`
+		CreatedUnix int64           `xorm:"INDEX CREATED"`
+		Created     time.Time       `xorm:"-"`
+	}
+
 	// Update team unit types
 	const batchSize = 100
 	for start := 0; ; start += batchSize {
@@ -33,7 +47,7 @@ func removeCommitsUnitType(x *xorm.Engine) (err error) {
 				}
 			}
 			team.UnitTypes = ut
-			if _, err := x.Id(team.ID).Cols("unit_types").Update(team); err != nil {
+			if _, err := x.ID(team.ID).Cols("unit_types").Update(team); err != nil {
 				return err
 			}
 		}

models/migrations/v42.go

@@ -0,0 +1,57 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"code.gitea.io/git"
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/log"
+
+	"github.com/go-xorm/xorm"
+)
+
+// ReleaseV39 describes the added field for Release
+type ReleaseV39 struct {
+	IsTag bool `xorm:"NOT NULL DEFAULT false"`
+}
+
+// TableName will be invoked by XORM to customrize the table name
+func (*ReleaseV39) TableName() string {
+	return "release"
+}
+
+func releaseAddColumnIsTagAndSyncTags(x *xorm.Engine) error {
+	if err := x.Sync2(new(ReleaseV39)); err != nil {
+		return fmt.Errorf("Sync2: %v", err)
+	}
+
+	// For the sake of SQLite3, we can't use x.Iterate here.
+	offset := 0
+	pageSize := 20
+	for {
+		repos := make([]*models.Repository, 0, pageSize)
+		if err := x.Table("repository").Asc("id").Limit(pageSize, offset).Find(&repos); err != nil {
+			return fmt.Errorf("select repos [offset: %d]: %v", offset, err)
+		}
+		for _, repo := range repos {
+			gitRepo, err := git.OpenRepository(repo.RepoPath())
+			if err != nil {
+				log.Warn("OpenRepository: %v", err)
+				continue
+			}
+
+			if err = models.SyncReleasesWithTags(repo, gitRepo); err != nil {
+				log.Warn("SyncReleasesWithTags: %v", err)
+			}
+		}
+		if len(repos) < pageSize {
+			break
+		}
+		offset += pageSize
+	}
+	return nil
+}

models/migrations/v43.go

@@ -0,0 +1,18 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"code.gitea.io/gitea/models"
+
+	"github.com/go-xorm/xorm"
+)
+
+func fixProtectedBranchCanPushValue(x *xorm.Engine) error {
+	_, err := x.Cols("can_push").Update(&models.ProtectedBranch{
+		CanPush: false,
+	})
+	return err
+}

models/migrations/v44.go

@@ -0,0 +1,69 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"github.com/go-xorm/xorm"
+)
+
+func removeDuplicateUnitTypes(x *xorm.Engine) error {
+	// RepoUnit describes all units of a repository
+	type RepoUnit struct {
+		RepoID int64
+		Type   int
+	}
+
+	// Enumerate all the unit types
+	const (
+		UnitTypeCode            = iota + 1 // 1 code
+		UnitTypeIssues                     // 2 issues
+		UnitTypePullRequests               // 3 PRs
+		UnitTypeReleases                   // 4 Releases
+		UnitTypeWiki                       // 5 Wiki
+		UnitTypeExternalWiki               // 6 ExternalWiki
+		UnitTypeExternalTracker            // 7 ExternalTracker
+	)
+
+	var externalIssueRepoUnits []RepoUnit
+	err := x.Where("type = ?", UnitTypeExternalTracker).Find(&externalIssueRepoUnits)
+	if err != nil {
+		return fmt.Errorf("Query repositories: %v", err)
+	}
+
+	var externalWikiRepoUnits []RepoUnit
+	err = x.Where("type = ?", UnitTypeExternalWiki).Find(&externalWikiRepoUnits)
+	if err != nil {
+		return fmt.Errorf("Query repositories: %v", err)
+	}
+
+	sess := x.NewSession()
+	defer sess.Close()
+
+	if err := sess.Begin(); err != nil {
+		return err
+	}
+
+	for _, repoUnit := range externalIssueRepoUnits {
+		if _, err = sess.Delete(&RepoUnit{
+			RepoID: repoUnit.RepoID,
+			Type:   UnitTypeIssues,
+		}); err != nil {
+			return fmt.Errorf("Delete repo unit: %v", err)
+		}
+	}
+
+	for _, repoUnit := range externalWikiRepoUnits {
+		if _, err = sess.Delete(&RepoUnit{
+			RepoID: repoUnit.RepoID,
+			Type:   UnitTypeWiki,
+		}); err != nil {
+			return fmt.Errorf("Delete repo unit: %v", err)
+		}
+	}
+
+	return sess.Commit()
+}

models/org.go

@@ -235,11 +235,7 @@ func DeleteOrganization(org *User) (err error) {
 		}
 	}
 
-	if err = sess.Commit(); err != nil {
-		return err
-	}
-
-	return nil
+	return sess.Commit()
 }
 
 func deleteOrg(e *xorm.Session, u *User) error {
@@ -675,7 +671,7 @@ func (env *accessibleReposEnv) MirrorRepoIDs() ([]int64, error) {
 		Table("repository").
 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id AND `repository`.is_mirror=?", true).
 		Where(env.cond()).
-		GroupBy("`repository`.id").
+		GroupBy("`repository`.id, `repository`.updated_unix").
 		OrderBy("updated_unix DESC").
 		Cols("`repository`.id").
 		Find(&repoIDs)

models/release.go

@@ -34,7 +34,8 @@ type Release struct {
 	NumCommitsBehind int64  `xorm:"-"`
 	Note             string `xorm:"TEXT"`
 	IsDraft          bool   `xorm:"NOT NULL DEFAULT false"`
-	IsPrerelease     bool
+	IsPrerelease     bool   `xorm:"NOT NULL DEFAULT false"`
+	IsTag            bool   `xorm:"NOT NULL DEFAULT false"`
 
 	Attachments []*Attachment `xorm:"-"`
 
@@ -139,17 +140,18 @@ func createTag(gitRepo *git.Repository, rel *Release) error {
 				}
 				return err
 			}
-		} else {
-			commit, err := gitRepo.GetTagCommit(rel.TagName)
-			if err != nil {
-				return fmt.Errorf("GetTagCommit: %v", err)
-			}
+			rel.LowerTagName = strings.ToLower(rel.TagName)
+		}
+		commit, err := gitRepo.GetTagCommit(rel.TagName)
+		if err != nil {
+			return fmt.Errorf("GetTagCommit: %v", err)
+		}
 
-			rel.Sha1 = commit.ID.String()
-			rel.NumCommits, err = commit.CommitsCount()
-			if err != nil {
-				return fmt.Errorf("CommitsCount: %v", err)
-			}
+		rel.Sha1 = commit.ID.String()
+		rel.CreatedUnix = commit.Author.When.Unix()
+		rel.NumCommits, err = commit.CommitsCount()
+		if err != nil {
+			return fmt.Errorf("CommitsCount: %v", err)
 		}
 	}
 	return nil
@@ -236,6 +238,7 @@ func GetReleaseByID(id int64) (*Release, error) {
 // FindReleasesOptions describes the conditions to Find releases
 type FindReleasesOptions struct {
 	IncludeDrafts bool
+	IncludeTags   bool
 	TagNames      []string
 }
 
@@ -246,6 +249,9 @@ func (opts *FindReleasesOptions) toConds(repoID int64) builder.Cond {
 	if !opts.IncludeDrafts {
 		cond = cond.And(builder.Eq{"is_draft": false})
 	}
+	if !opts.IncludeTags {
+		cond = cond.And(builder.Eq{"is_tag": false})
+	}
 	if len(opts.TagNames) > 0 {
 		cond = cond.And(builder.In("tag_name", opts.TagNames))
 	}
@@ -361,6 +367,8 @@ func UpdateRelease(gitRepo *git.Repository, rel *Release, attachmentUUIDs []stri
 	if err = createTag(gitRepo, rel); err != nil {
 		return err
 	}
+	rel.LowerTagName = strings.ToLower(rel.TagName)
+
 	_, err = x.Id(rel.ID).AllCols().Update(rel)
 	if err != nil {
 		return err
@@ -397,11 +405,64 @@ func DeleteReleaseByID(id int64, u *User, delTag bool) error {
 		if err != nil && !strings.Contains(stderr, "not found") {
 			return fmt.Errorf("git tag -d: %v - %s", err, stderr)
 		}
-	}
 
-	if _, err = x.Id(rel.ID).Delete(new(Release)); err != nil {
-		return fmt.Errorf("Delete: %v", err)
+		if _, err = x.Id(rel.ID).Delete(new(Release)); err != nil {
+			return fmt.Errorf("Delete: %v", err)
+		}
+	} else {
+		rel.IsTag = true
+		rel.IsDraft = false
+		rel.IsPrerelease = false
+		rel.Title = ""
+		rel.Note = ""
+
+		if _, err = x.Id(rel.ID).AllCols().Update(rel); err != nil {
+			return fmt.Errorf("Update: %v", err)
+		}
 	}
 
 	return nil
 }
+
+// SyncReleasesWithTags synchronizes release table with repository tags
+func SyncReleasesWithTags(repo *Repository, gitRepo *git.Repository) error {
+	existingRelTags := make(map[string]struct{})
+	opts := FindReleasesOptions{IncludeDrafts: true, IncludeTags: true}
+	for page := 1; ; page++ {
+		rels, err := GetReleasesByRepoID(repo.ID, opts, page, 100)
+		if err != nil {
+			return fmt.Errorf("GetReleasesByRepoID: %v", err)
+		}
+		if len(rels) == 0 {
+			break
+		}
+		for _, rel := range rels {
+			if rel.IsDraft {
+				continue
+			}
+			commitID, err := gitRepo.GetTagCommitID(rel.TagName)
+			if err != nil {
+				return fmt.Errorf("GetTagCommitID: %v", err)
+			}
+			if !gitRepo.IsTagExist(rel.TagName) || commitID != rel.Sha1 {
+				if err := pushUpdateDeleteTag(repo, gitRepo, rel.TagName); err != nil {
+					return fmt.Errorf("pushUpdateDeleteTag: %v", err)
+				}
+			} else {
+				existingRelTags[strings.ToLower(rel.TagName)] = struct{}{}
+			}
+		}
+	}
+	tags, err := gitRepo.GetTags()
+	if err != nil {
+		return fmt.Errorf("GetTags: %v", err)
+	}
+	for _, tagName := range tags {
+		if _, ok := existingRelTags[strings.ToLower(tagName)]; !ok {
+			if err := pushUpdateAddTag(repo, gitRepo, tagName); err != nil {
+				return fmt.Errorf("pushUpdateAddTag: %v", err)
+			}
+		}
+	}
+	return nil
+}

models/repo.go

@@ -409,6 +409,21 @@ func (repo *Repository) UnitEnabled(tp UnitType) bool {
 	return false
 }
 
+// AnyUnitEnabled if this repository has the any of the given units enabled
+func (repo *Repository) AnyUnitEnabled(tps ...UnitType) bool {
+	if err := repo.getUnits(x); err != nil {
+		log.Warn("Error loading repository (ID: %d) units: %s", repo.ID, err.Error())
+	}
+	for _, unit := range repo.Units {
+		for _, tp := range tps {
+			if unit.Type == tp {
+				return true
+			}
+		}
+	}
+	return false
+}
+
 var (
 	// ErrUnitNotExist organization does not exist
 	ErrUnitNotExist = errors.New("Unit does not exist")
@@ -648,7 +663,26 @@ func (repo *Repository) UpdateSize() error {
 
 // CanBeForked returns true if repository meets the requirements of being forked.
 func (repo *Repository) CanBeForked() bool {
-	return !repo.IsBare
+	return !repo.IsBare && repo.UnitEnabled(UnitTypeCode)
+}
+
+// CanUserFork returns true if specified user can fork repository.
+func (repo *Repository) CanUserFork(user *User) (bool, error) {
+	if user == nil {
+		return false, nil
+	}
+	if repo.OwnerID != user.ID && !user.HasForkedRepo(repo.ID) {
+		return true, nil
+	}
+	if err := user.GetOwnedOrganizations(); err != nil {
+		return false, err
+	}
+	for _, org := range user.OwnedOrgs {
+		if repo.OwnerID != org.ID && !org.HasForkedRepo(repo.ID) {
+			return true, nil
+		}
+	}
+	return false, nil
 }
 
 // CanEnablePulls returns true if repository meets the requirements of accepting pulls.
@@ -912,6 +946,10 @@ func MigrateRepository(u *User, opts MigrateRepoOptions) (*Repository, error) {
 		if headBranch != nil {
 			repo.DefaultBranch = headBranch.Name
 		}
+
+		if err = SyncReleasesWithTags(repo, gitRepo); err != nil {
+			log.Error(4, "Failed to synchronize tags to releases for repository: %v", err)
+		}
 	}
 
 	if err = repo.UpdateSize(); err != nil {

models/repo_mirror.go

@@ -13,6 +13,7 @@ import (
 	"github.com/go-xorm/xorm"
 	"gopkg.in/ini.v1"
 
+	"code.gitea.io/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/process"
 	"code.gitea.io/gitea/modules/setting"
@@ -148,6 +149,15 @@ func (m *Mirror) runSync() bool {
 		return false
 	}
 
+	gitRepo, err := git.OpenRepository(repoPath)
+	if err != nil {
+		log.Error(4, "OpenRepository: %v", err)
+		return false
+	}
+	if err = SyncReleasesWithTags(m.Repo, gitRepo); err != nil {
+		log.Error(4, "Failed to synchronize tags to releases for repository: %v", err)
+	}
+
 	if err := m.Repo.UpdateSize(); err != nil {
 		log.Error(4, "Failed to update size for mirror repository: %v", err)
 	}

models/ssh_key.go

@@ -609,11 +609,7 @@ func RewriteAllPublicKeys() error {
 		defer f.Close()
 	}
 
-	if err = os.Rename(tmpPath, fPath); err != nil {
-		return err
-	}
-
-	return nil
+	return os.Rename(tmpPath, fPath)
 }
 
 // ________                .__                 ____  __.

models/update.go

@@ -9,6 +9,7 @@ import (
 	"fmt"
 	"os/exec"
 	"strings"
+	"time"
 
 	"code.gitea.io/git"
 
@@ -81,6 +82,108 @@ func PushUpdate(branch string, opt PushUpdateOptions) error {
 	return nil
 }
 
+func pushUpdateDeleteTag(repo *Repository, gitRepo *git.Repository, tagName string) error {
+	rel, err := GetRelease(repo.ID, tagName)
+	if err != nil {
+		if IsErrReleaseNotExist(err) {
+			return nil
+		}
+		return fmt.Errorf("GetRelease: %v", err)
+	}
+	if rel.IsTag {
+		if _, err = x.Id(rel.ID).Delete(new(Release)); err != nil {
+			return fmt.Errorf("Delete: %v", err)
+		}
+	} else {
+		rel.IsDraft = true
+		rel.NumCommits = 0
+		rel.Sha1 = ""
+		if _, err = x.Id(rel.ID).AllCols().Update(rel); err != nil {
+			return fmt.Errorf("Update: %v", err)
+		}
+	}
+
+	return nil
+}
+
+func pushUpdateAddTag(repo *Repository, gitRepo *git.Repository, tagName string) error {
+	rel, err := GetRelease(repo.ID, tagName)
+	if err != nil && !IsErrReleaseNotExist(err) {
+		return fmt.Errorf("GetRelease: %v", err)
+	}
+
+	tag, err := gitRepo.GetTag(tagName)
+	if err != nil {
+		return fmt.Errorf("GetTag: %v", err)
+	}
+	commit, err := tag.Commit()
+	if err != nil {
+		return fmt.Errorf("Commit: %v", err)
+	}
+
+	sig := tag.Tagger
+	if sig == nil {
+		sig = commit.Author
+	}
+	if sig == nil {
+		sig = commit.Committer
+	}
+
+	var author *User
+	var createdAt = time.Unix(1, 0)
+
+	if sig != nil {
+		author, err = GetUserByEmail(sig.Email)
+		if err != nil && !IsErrUserNotExist(err) {
+			return fmt.Errorf("GetUserByEmail: %v", err)
+		}
+		createdAt = sig.When
+	}
+
+	commitsCount, err := commit.CommitsCount()
+	if err != nil {
+		return fmt.Errorf("CommitsCount: %v", err)
+	}
+
+	if rel == nil {
+		rel = &Release{
+			RepoID:       repo.ID,
+			Title:        "",
+			TagName:      tagName,
+			LowerTagName: strings.ToLower(tagName),
+			Target:       "",
+			Sha1:         commit.ID.String(),
+			NumCommits:   commitsCount,
+			Note:         "",
+			IsDraft:      false,
+			IsPrerelease: false,
+			IsTag:        true,
+			Created:      createdAt,
+			CreatedUnix:  createdAt.Unix(),
+		}
+		if author != nil {
+			rel.PublisherID = author.ID
+		}
+
+		if _, err = x.InsertOne(rel); err != nil {
+			return fmt.Errorf("InsertOne: %v", err)
+		}
+	} else {
+		rel.Sha1 = commit.ID.String()
+		rel.Created = createdAt
+		rel.CreatedUnix = createdAt.Unix()
+		rel.NumCommits = commitsCount
+		rel.IsDraft = false
+		if rel.IsTag && author != nil {
+			rel.PublisherID = author.ID
+		}
+		if _, err = x.Id(rel.ID).AllCols().Update(rel); err != nil {
+			return fmt.Errorf("Update: %v", err)
+		}
+	}
+	return nil
+}
+
 func pushUpdate(opts PushUpdateOptions) (repo *Repository, err error) {
 	isNewRef := opts.OldCommitID == git.EmptySHA
 	isDelRef := opts.NewCommitID == git.EmptySHA
@@ -106,23 +209,31 @@ func pushUpdate(opts PushUpdateOptions) (repo *Repository, err error) {
 		return nil, fmt.Errorf("GetRepositoryByName: %v", err)
 	}
 
-	if isDelRef {
-		log.GitLogger.Info("Reference '%s' has been deleted from '%s/%s' by %s",
-			opts.RefFullName, opts.RepoUserName, opts.RepoName, opts.PusherName)
-		return repo, nil
-	}
-
 	gitRepo, err := git.OpenRepository(repoPath)
 	if err != nil {
 		return nil, fmt.Errorf("OpenRepository: %v", err)
 	}
 
+	if isDelRef {
+		// Tag has been deleted
+		if strings.HasPrefix(opts.RefFullName, git.TagPrefix) {
+			err = pushUpdateDeleteTag(repo, gitRepo, opts.RefFullName[len(git.TagPrefix):])
+			if err != nil {
+				return nil, fmt.Errorf("pushUpdateDeleteTag: %v", err)
+			}
+		}
+		log.GitLogger.Info("Reference '%s' has been deleted from '%s/%s' by %s",
+			opts.RefFullName, opts.RepoUserName, opts.RepoName, opts.PusherName)
+		return repo, nil
+	}
+
 	if err = repo.UpdateSize(); err != nil {
 		log.Error(4, "Failed to update size for repository: %v", err)
 	}
 
 	// Push tags.
 	if strings.HasPrefix(opts.RefFullName, git.TagPrefix) {
+		pushUpdateAddTag(repo, gitRepo, opts.RefFullName[len(git.TagPrefix):])
 		if err := CommitRepoAction(CommitRepoActionOptions{
 			PusherName:  opts.PusherName,
 			RepoOwnerID: owner.ID,

models/user.go

@@ -1205,6 +1205,9 @@ type UserCommit struct {
 
 // ValidateCommitWithEmail check if author's e-mail of commit is corresponding to a user.
 func ValidateCommitWithEmail(c *git.Commit) *User {
+	if c.Author == nil {
+		return nil
+	}
 	u, err := GetUserByEmail(c.Author.Email)
 	if err != nil {
 		return nil
@@ -1223,11 +1226,15 @@ func ValidateCommitsWithEmails(oldCommits *list.List) *list.List {
 	for e != nil {
 		c := e.Value.(*git.Commit)
 
-		if v, ok := emails[c.Author.Email]; !ok {
-			u, _ = GetUserByEmail(c.Author.Email)
-			emails[c.Author.Email] = u
+		if c.Author != nil {
+			if v, ok := emails[c.Author.Email]; !ok {
+				u, _ = GetUserByEmail(c.Author.Email)
+				emails[c.Author.Email] = u
+			} else {
+				u = v
+			}
 		} else {
-			u = v
+			u = nil
 		}
 
 		newCommits.PushBack(UserCommit{

modules/context/context.go

@@ -194,7 +194,7 @@ func Contexter() macaron.Handler {
 	</body>
 </html>
 `, map[string]string{
-				"GoGetImport":    path.Join(setting.Domain, setting.AppSubURL, ctx.Link),
+				"GoGetImport":    ComposeGoGetImport(ownerName, strings.TrimSuffix(repoName, ".git")),
 				"CloneLink":      models.ComposeHTTPSCloneURL(ownerName, repoName),
 				"GoDocDirectory": prefix + "{/dir}",
 				"GoDocFile":      prefix + "{/dir}/{file}#L{line}",

modules/context/repo.go

@@ -124,21 +124,23 @@ func RetrieveBaseRepo(ctx *Context, repo *models.Repository) {
 	}
 }
 
-// composeGoGetImport returns go-get-import meta content.
-func composeGoGetImport(owner, repo string) string {
+// ComposeGoGetImport returns go-get-import meta content.
+func ComposeGoGetImport(owner, repo string) string {
 	return path.Join(setting.Domain, setting.AppSubURL, owner, repo)
 }
 
-// earlyResponseForGoGetMeta responses appropriate go-get meta with status 200
+// EarlyResponseForGoGetMeta responses appropriate go-get meta with status 200
 // if user does not have actual access to the requested repository,
 // or the owner or repository does not exist at all.
 // This is particular a workaround for "go get" command which does not respect
 // .netrc file.
-func earlyResponseForGoGetMeta(ctx *Context) {
+func EarlyResponseForGoGetMeta(ctx *Context) {
+	username := ctx.Params(":username")
+	reponame := ctx.Params(":reponame")
 	ctx.PlainText(200, []byte(com.Expand(`<meta name="go-import" content="{GoGetImport} git {CloneLink}">`,
 		map[string]string{
-			"GoGetImport": composeGoGetImport(ctx.Params(":username"), strings.TrimSuffix(ctx.Params(":reponame"), ".git")),
-			"CloneLink":   models.ComposeHTTPSCloneURL(ctx.Params(":username"), ctx.Params(":reponame")),
+			"GoGetImport": ComposeGoGetImport(username, strings.TrimSuffix(reponame, ".git")),
+			"CloneLink":   models.ComposeHTTPSCloneURL(username, reponame),
 		})))
 }
 
@@ -162,6 +164,75 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
 	ctx.Redirect(redirectPath)
 }
 
+// RepoIDAssignment returns an macaron handler which assigns the repo to the context.
+func RepoIDAssignment() macaron.Handler {
+	return func(ctx *Context) {
+		var (
+			err error
+		)
+
+		repoID := ctx.ParamsInt64(":repoid")
+
+		// Get repository.
+		repo, err := models.GetRepositoryByID(repoID)
+		if err != nil {
+			if models.IsErrRepoNotExist(err) {
+				ctx.Handle(404, "GetRepositoryByID", nil)
+			} else {
+				ctx.Handle(500, "GetRepositoryByID", err)
+			}
+			return
+		}
+
+		if err = repo.GetOwner(); err != nil {
+			ctx.Handle(500, "GetOwner", err)
+			return
+		}
+
+		// Admin has super access.
+		if ctx.IsSigned && ctx.User.IsAdmin {
+			ctx.Repo.AccessMode = models.AccessModeOwner
+		} else {
+			var userID int64
+			if ctx.User != nil {
+				userID = ctx.User.ID
+			}
+			mode, err := models.AccessLevel(userID, repo)
+			if err != nil {
+				ctx.Handle(500, "AccessLevel", err)
+				return
+			}
+			ctx.Repo.AccessMode = mode
+		}
+
+		// Check access.
+		if ctx.Repo.AccessMode == models.AccessModeNone {
+			if ctx.Query("go-get") == "1" {
+				EarlyResponseForGoGetMeta(ctx)
+				return
+			}
+			ctx.Handle(404, "no access right", err)
+			return
+		}
+		ctx.Data["HasAccess"] = true
+
+		if repo.IsMirror {
+			ctx.Repo.Mirror, err = models.GetMirrorByRepoID(repo.ID)
+			if err != nil {
+				ctx.Handle(500, "GetMirror", err)
+				return
+			}
+			ctx.Data["MirrorEnablePrune"] = ctx.Repo.Mirror.EnablePrune
+			ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
+			ctx.Data["Mirror"] = ctx.Repo.Mirror
+		}
+
+		ctx.Repo.Repository = repo
+		ctx.Data["RepoName"] = ctx.Repo.Repository.Name
+		ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
+	}
+}
+
 // RepoAssignment returns a macaron to handle repository assignment
 func RepoAssignment() macaron.Handler {
 	return func(ctx *Context) {
@@ -181,7 +252,7 @@ func RepoAssignment() macaron.Handler {
 			if err != nil {
 				if models.IsErrUserNotExist(err) {
 					if ctx.Query("go-get") == "1" {
-						earlyResponseForGoGetMeta(ctx)
+						EarlyResponseForGoGetMeta(ctx)
 						return
 					}
 					ctx.Handle(404, "GetUserByName", nil)
@@ -203,7 +274,7 @@ func RepoAssignment() macaron.Handler {
 					RedirectToRepo(ctx, redirectRepoID)
 				} else if models.IsErrRepoRedirectNotExist(err) {
 					if ctx.Query("go-get") == "1" {
-						earlyResponseForGoGetMeta(ctx)
+						EarlyResponseForGoGetMeta(ctx)
 						return
 					}
 					ctx.Handle(404, "GetRepositoryByName", nil)
@@ -236,7 +307,7 @@ func RepoAssignment() macaron.Handler {
 		// Check access.
 		if ctx.Repo.AccessMode == models.AccessModeNone {
 			if ctx.Query("go-get") == "1" {
-				earlyResponseForGoGetMeta(ctx)
+				EarlyResponseForGoGetMeta(ctx)
 				return
 			}
 			ctx.Handle(404, "no access right", err)
@@ -278,6 +349,7 @@ func RepoAssignment() macaron.Handler {
 
 		count, err := models.GetReleaseCountByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{
 			IncludeDrafts: false,
+			IncludeTags:   true,
 		})
 		if err != nil {
 			ctx.Handle(500, "GetReleaseCountByRepoID", err)
@@ -292,6 +364,11 @@ func RepoAssignment() macaron.Handler {
 		ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin()
 		ctx.Data["IsRepositoryWriter"] = ctx.Repo.IsWriter()
 
+		if ctx.Data["CanSignedUserFork"], err = ctx.Repo.Repository.CanUserFork(ctx.User); err != nil {
+			ctx.Handle(500, "CanUserFork", err)
+			return
+		}
+
 		ctx.Data["DisableSSH"] = setting.SSH.Disabled
 		ctx.Data["ExposeAnonSSH"] = setting.SSH.ExposeAnonymous
 		ctx.Data["DisableHTTP"] = setting.Repository.DisableHTTPGit
@@ -363,7 +440,7 @@ func RepoAssignment() macaron.Handler {
 		ctx.Data["PullRequestCtx"] = ctx.Repo.PullRequest
 
 		if ctx.Query("go-get") == "1" {
-			ctx.Data["GoGetImport"] = composeGoGetImport(owner.Name, repo.Name)
+			ctx.Data["GoGetImport"] = ComposeGoGetImport(owner.Name, repo.Name)
 			prefix := setting.AppURL + path.Join(owner.Name, repo.Name, "src", ctx.Repo.BranchName)
 			ctx.Data["GoDocDirectory"] = prefix + "{/dir}"
 			ctx.Data["GoDocFile"] = prefix + "{/dir}/{file}#L{line}"
@@ -537,6 +614,15 @@ func CheckUnit(unitType models.UnitType) macaron.Handler {
 	}
 }
 
+// CheckAnyUnit will check whether any of the unit types are enabled
+func CheckAnyUnit(unitTypes ...models.UnitType) macaron.Handler {
+	return func(ctx *Context) {
+		if !ctx.Repo.Repository.AnyUnitEnabled(unitTypes...) {
+			ctx.Handle(404, "CheckAnyUnit", fmt.Errorf("%s: %v", ctx.Tr("units.error.unit_not_allowed"), unitTypes))
+		}
+	}
+}
+
 // GitHookService checks if repository Git hooks service has been enabled.
 func GitHookService() macaron.Handler {
 	return func(ctx *Context) {

modules/lfs/content_store.go

@@ -70,10 +70,7 @@ func (s *ContentStore) Put(meta *models.LFSMetaObject, r io.Reader) error {
 		return errHashMismatch
 	}
 
-	if err := os.Rename(tmpPath, path); err != nil {
-		return err
-	}
-	return nil
+	return os.Rename(tmpPath, path)
 }
 
 // Exists returns true if the object exists in the content store.

modules/log/file.go

@@ -110,10 +110,7 @@ func (w *FileLogWriter) StartLogger() error {
 		return err
 	}
 	w.mw.SetFd(fd)
-	if err = w.initFd(); err != nil {
-		return err
-	}
-	return nil
+	return w.initFd()
 }
 
 func (w *FileLogWriter) docheck(size int) {

modules/mailer/mailer.go

@@ -16,6 +16,7 @@ import (
 	"strings"
 	"time"
 
+	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
@@ -30,18 +31,18 @@ type Message struct {
 }
 
 // NewMessageFrom creates new mail message object with custom From header.
-func NewMessageFrom(to []string, from, subject, body string) *Message {
+func NewMessageFrom(to []string, fromDisplayName, fromAddress, subject, body string) *Message {
 	log.Trace("NewMessageFrom (body):\n%s", body)
 
 	msg := gomail.NewMessage()
-	msg.SetHeader("From", from)
+	msg.SetAddressHeader("From", fromAddress, fromDisplayName)
 	msg.SetHeader("To", to...)
 	msg.SetHeader("Subject", subject)
 	msg.SetDateHeader("Date", time.Now())
 
 	plainBody, err := html2text.FromString(body)
 	if err != nil || setting.MailService.SendAsPlainText {
-		if strings.Contains(body[:100], "<html>") {
+		if strings.Contains(base.TruncateString(body, 100), "<html>") {
 			log.Warn("Mail contains HTML but configured to send as plain text.")
 		}
 		msg.SetBody("text/plain", plainBody)
@@ -57,7 +58,7 @@ func NewMessageFrom(to []string, from, subject, body string) *Message {
 
 // NewMessage creates new mail message object with default From header.
 func NewMessage(to []string, subject, body string) *Message {
-	return NewMessageFrom(to, setting.MailService.From, subject, body)
+	return NewMessageFrom(to, setting.MailService.FromName, setting.MailService.FromEmail, subject, body)
 }
 
 type loginAuth struct {

modules/setting/setting.go

@@ -10,6 +10,7 @@ import (
 	"encoding/base64"
 	"fmt"
 	"io"
+	"net"
 	"net/mail"
 	"net/url"
 	"os"
@@ -431,7 +432,7 @@ var (
 	}{
 		DisableDiffHighlight:     false,
 		MaxGitDiffLines:          1000,
-		MaxGitDiffLineCharacters: 500,
+		MaxGitDiffLineCharacters: 5000,
 		MaxGitDiffFiles:          100,
 		GCArgs:                   []string{},
 		Timeout: struct {
@@ -657,6 +658,12 @@ func NewContext() {
 	// This value is empty if site does not have sub-url.
 	AppSubURL = strings.TrimSuffix(url.Path, "/")
 	AppSubURLDepth = strings.Count(AppSubURL, "/")
+	// Check if Domain differs from AppURL domain than update it to AppURL's domain
+	// TODO: Can be replaced with url.Hostname() when minimal GoLang version is 1.8
+	urlHostname := strings.SplitN(url.Host, ":", 2)[0]
+	if urlHostname != Domain && net.ParseIP(urlHostname) == nil {
+		Domain = urlHostname
+	}
 
 	var defaultLocalURL string
 	switch Protocol {
@@ -1274,6 +1281,7 @@ type Mailer struct {
 	QueueLength     int
 	Name            string
 	From            string
+	FromName        string
 	FromEmail       string
 	SendAsPlainText bool
 
@@ -1332,6 +1340,7 @@ func newMailService() {
 	if err != nil {
 		log.Fatal(4, "Invalid mailer.FROM (%s): %v", MailService.From, err)
 	}
+	MailService.FromName = parsed.Name
 	MailService.FromEmail = parsed.Address
 
 	log.Info("Mail Service Enabled")

options/locale/locale_en-US.ini

@@ -378,7 +378,7 @@ add_new_gpg_key = Add GPG Key
 ssh_key_been_used = This public key has already been used.
 ssh_key_name_used = A public key with same name already exists.
 gpg_key_id_used = A public GPG key with same id already exists.
-gpg_key_email_not_found = The email attached to the GPG key couldn't be found or is not confirmed yet: %s
+gpg_no_key_email_found = None of the emails attached to the GPG key could be found.
 subkeys = Subkeys
 key_id = Key ID
 key_name = Key Name

public/js/index.js

@@ -625,7 +625,7 @@ function initProtectedBranch() {
         var $this = $(this);
         $.post($this.data('url'), {
                 "_csrf": csrf,
-                "canPush": true,
+                "canPush": false,
                 "branchName": $this.val(),
             },
             function (data) {
@@ -642,7 +642,7 @@ function initProtectedBranch() {
         var $this = $(this);
         $.post($this.data('url'), {
                 "_csrf": csrf,
-                "canPush": false,
+                "canPush": true,
                 "branchName": $this.data('val'),
             },
             function (data) {
@@ -1456,7 +1456,7 @@ $(document).ready(function () {
 
     // Emojify
     emojify.setConfig({
-        img_dir: suburl + '/plugins/emojify/images',
+        img_dir: suburl + '/vendor/plugins/emojify/images',
         ignore_emoticons: true
     });
     var hasEmoji = document.getElementsByClassName('has-emoji');

routers/api/v1/repo/release.go

@@ -5,8 +5,6 @@
 package repo
 
 import (
-	"strings"
-
 	api "code.gitea.io/sdk/gitea"
 
 	"code.gitea.io/gitea/models"
@@ -36,6 +34,7 @@ func GetRelease(ctx *context.APIContext) {
 func ListReleases(ctx *context.APIContext) {
 	releases, err := models.GetReleasesByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{
 		IncludeDrafts: ctx.Repo.AccessMode >= models.AccessModeWrite,
+		IncludeTags:   false,
 	}, 1, 2147483647)
 	if err != nil {
 		ctx.Error(500, "GetReleasesByRepoID", err)
@@ -62,43 +61,49 @@ func CreateRelease(ctx *context.APIContext, form api.CreateReleaseOption) {
 		ctx.Status(404)
 		return
 	}
-	tag, err := ctx.Repo.GitRepo.GetTag(form.TagName)
+	rel, err := models.GetRelease(ctx.Repo.Repository.ID, form.TagName)
 	if err != nil {
-		ctx.Error(500, "GetTag", err)
-		return
-	}
-	commit, err := tag.Commit()
-	if err != nil {
-		ctx.Error(500, "Commit", err)
-		return
-	}
-	commitsCount, err := commit.CommitsCount()
-	if err != nil {
-		ctx.Error(500, "CommitsCount", err)
-		return
-	}
-	rel := &models.Release{
-		RepoID:       ctx.Repo.Repository.ID,
-		PublisherID:  ctx.User.ID,
-		Publisher:    ctx.User,
-		TagName:      form.TagName,
-		LowerTagName: strings.ToLower(form.TagName),
-		Target:       form.Target,
-		Title:        form.Title,
-		Sha1:         commit.ID.String(),
-		NumCommits:   commitsCount,
-		Note:         form.Note,
-		IsDraft:      form.IsDraft,
-		IsPrerelease: form.IsPrerelease,
-		CreatedUnix:  commit.Author.When.Unix(),
-	}
-	if err := models.CreateRelease(ctx.Repo.GitRepo, rel, nil); err != nil {
-		if models.IsErrReleaseAlreadyExist(err) {
-			ctx.Status(409)
-		} else {
-			ctx.Error(500, "CreateRelease", err)
+		if !models.IsErrReleaseNotExist(err) {
+			ctx.Handle(500, "GetRelease", err)
+			return
+		}
+		rel = &models.Release{
+			RepoID:       ctx.Repo.Repository.ID,
+			PublisherID:  ctx.User.ID,
+			Publisher:    ctx.User,
+			TagName:      form.TagName,
+			Target:       form.Target,
+			Title:        form.Title,
+			Note:         form.Note,
+			IsDraft:      form.IsDraft,
+			IsPrerelease: form.IsPrerelease,
+			IsTag:        false,
+		}
+		if err := models.CreateRelease(ctx.Repo.GitRepo, rel, nil); err != nil {
+			if models.IsErrReleaseAlreadyExist(err) {
+				ctx.Status(409)
+			} else {
+				ctx.Error(500, "CreateRelease", err)
+			}
+			return
+		}
+	} else {
+		if !rel.IsTag {
+			ctx.Status(409)
+			return
+		}
+
+		rel.Title = form.Title
+		rel.Note = form.Note
+		rel.IsDraft = form.IsDraft
+		rel.IsPrerelease = form.IsPrerelease
+		rel.PublisherID = ctx.User.ID
+		rel.IsTag = false
+
+		if err = models.UpdateRelease(ctx.Repo.GitRepo, rel, nil); err != nil {
+			ctx.Handle(500, "UpdateRelease", err)
+			return
 		}
-		return
 	}
 	ctx.JSON(201, rel.APIFormat())
 }
@@ -111,11 +116,12 @@ func EditRelease(ctx *context.APIContext, form api.EditReleaseOption) {
 	}
 	id := ctx.ParamsInt64(":id")
 	rel, err := models.GetReleaseByID(id)
-	if err != nil {
+	if err != nil && !models.IsErrReleaseNotExist(err) {
 		ctx.Error(500, "GetReleaseByID", err)
 		return
 	}
-	if rel.RepoID != ctx.Repo.Repository.ID {
+	if err != nil && models.IsErrReleaseNotExist(err) ||
+		rel.IsTag || rel.RepoID != ctx.Repo.Repository.ID {
 		ctx.Status(404)
 		return
 	}
@@ -162,12 +168,13 @@ func DeleteRelease(ctx *context.APIContext) {
 		return
 	}
 	id := ctx.ParamsInt64(":id")
-	release, err := models.GetReleaseByID(id)
-	if err != nil {
+	rel, err := models.GetReleaseByID(id)
+	if err != nil && !models.IsErrReleaseNotExist(err) {
 		ctx.Error(500, "GetReleaseByID", err)
 		return
 	}
-	if release.RepoID != ctx.Repo.Repository.ID {
+	if err != nil && models.IsErrReleaseNotExist(err) ||
+		rel.IsTag || rel.RepoID != ctx.Repo.Repository.ID {
 		ctx.Status(404)
 		return
 	}

routers/api/v1/user/user.go

@@ -7,12 +7,12 @@ package user
 import (
 	"strings"
 
-	"github.com/Unknwon/com"
-
-	api "code.gitea.io/sdk/gitea"
-
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/markdown"
+	api "code.gitea.io/sdk/gitea"
+
+	"github.com/Unknwon/com"
 )
 
 // Search search users
@@ -50,7 +50,7 @@ func Search(ctx *context.APIContext) {
 			ID:        users[i].ID,
 			UserName:  users[i].Name,
 			AvatarURL: users[i].AvatarLink(),
-			FullName:  users[i].FullName,
+			FullName:  markdown.Sanitize(users[i].FullName),
 		}
 		if ctx.IsSigned {
 			results[i].Email = users[i].Email

routers/private/branch.go

@@ -20,11 +20,6 @@ func GetProtectedBranchBy(ctx *macaron.Context) {
 			"err": err.Error(),
 		})
 		return
-	} else if protectBranch != nil {
-		ctx.JSON(200, protectBranch)
-	} else {
-		ctx.JSON(200, &models.ProtectedBranch{
-			CanPush: true,
-		})
 	}
+	ctx.JSON(200, protectBranch)
 }

routers/repo/http.go

@@ -22,35 +22,15 @@ import (
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
-
-	"github.com/Unknwon/com"
 )
 
-func composeGoGetImport(owner, repo, sub string) string {
-	return path.Join(setting.Domain, setting.AppSubURL, owner, repo, sub)
-}
-
-// earlyResponseForGoGetMeta responses appropriate go-get meta with status 200
-// if user does not have actual access to the requested repository,
-// or the owner or repository does not exist at all.
-// This is particular a workaround for "go get" command which does not respect
-// .netrc file.
-func earlyResponseForGoGetMeta(ctx *context.Context, username, reponame, subpath string) {
-	ctx.PlainText(200, []byte(com.Expand(`<meta name="go-import" content="{GoGetImport} git {CloneLink}">`,
-		map[string]string{
-			"GoGetImport": composeGoGetImport(username, reponame, subpath),
-			"CloneLink":   models.ComposeHTTPSCloneURL(username, reponame),
-		})))
-}
-
 // HTTP implmentation git smart HTTP protocol
 func HTTP(ctx *context.Context) {
 	username := ctx.Params(":username")
 	reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")
-	subpath := ctx.Params("*")
 
 	if ctx.Query("go-get") == "1" {
-		earlyResponseForGoGetMeta(ctx, username, reponame, subpath)
+		context.EarlyResponseForGoGetMeta(ctx)
 		return
 	}
 
@@ -159,19 +139,28 @@ func HTTP(ctx *context.Context) {
 			}
 
 			if authUser == nil {
-				authUser, err = models.GetUserByName(authUsername)
+				isUsernameToken := len(authPasswd) == 0 || authPasswd == "x-oauth-basic"
 
-				if err != nil {
-					if models.IsErrUserNotExist(err) {
-						ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
-					} else {
-						ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
+				// Assume username is token
+				authToken := authUsername
+
+				if !isUsernameToken {
+					// Assume password is token
+					authToken = authPasswd
+
+					authUser, err = models.GetUserByName(authUsername)
+					if err != nil {
+						if models.IsErrUserNotExist(err) {
+							ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
+						} else {
+							ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
+						}
+						return
 					}
-					return
 				}
 
 				// Assume password is a token.
-				token, err := models.GetAccessTokenBySHA(authPasswd)
+				token, err := models.GetAccessTokenBySHA(authToken)
 				if err != nil {
 					if models.IsErrAccessTokenNotExist(err) || models.IsErrAccessTokenEmpty(err) {
 						ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
@@ -181,7 +170,13 @@ func HTTP(ctx *context.Context) {
 					return
 				}
 
-				if authUser.ID != token.UID {
+				if isUsernameToken {
+					authUser, err = models.GetUserByID(token.UID)
+					if err != nil {
+						ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
+						return
+					}
+				} else if authUser.ID != token.UID {
 					ctx.HandleText(http.StatusUnauthorized, "invalid credentials")
 					return
 				}
@@ -190,7 +185,6 @@ func HTTP(ctx *context.Context) {
 				if err = models.UpdateAccessToken(token); err != nil {
 					ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
 				}
-
 			} else {
 				_, err = models.GetTwoFactorByUID(authUser.ID)
 

routers/repo/issue.go

@@ -676,11 +676,16 @@ func ViewIssue(ctx *context.Context) {
 func getActionIssue(ctx *context.Context) *models.Issue {
 	issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
 	if err != nil {
-		if models.IsErrIssueNotExist(err) {
-			ctx.Error(404, "GetIssueByIndex")
-		} else {
-			ctx.Handle(500, "GetIssueByIndex", err)
-		}
+		ctx.NotFoundOrServerError("GetIssueByIndex", models.IsErrIssueNotExist, err)
+		return nil
+	}
+	if issue.IsPull && !ctx.Repo.Repository.UnitEnabled(models.UnitTypePullRequests) ||
+		!issue.IsPull && !ctx.Repo.Repository.UnitEnabled(models.UnitTypeIssues) {
+		ctx.Handle(404, "IssueOrPullRequestUnitNotAllowed", nil)
+		return nil
+	}
+	if err = issue.LoadAttributes(); err != nil {
+		ctx.Handle(500, "LoadAttributes", nil)
 		return nil
 	}
 	return issue
@@ -705,6 +710,19 @@ func getActionIssues(ctx *context.Context) []*models.Issue {
 		ctx.Handle(500, "GetIssuesByIDs", err)
 		return nil
 	}
+	// Check access rights for all issues
+	issueUnitEnabled := ctx.Repo.Repository.UnitEnabled(models.UnitTypeIssues)
+	prUnitEnabled := ctx.Repo.Repository.UnitEnabled(models.UnitTypePullRequests)
+	for _, issue := range issues {
+		if issue.IsPull && !prUnitEnabled || !issue.IsPull && !issueUnitEnabled {
+			ctx.Handle(404, "IssueOrPullRequestUnitNotAllowed", nil)
+			return nil
+		}
+		if err = issue.LoadAttributes(); err != nil {
+			ctx.Handle(500, "LoadAttributes", nil)
+			return nil
+		}
+	}
 	return issues
 }
 
@@ -840,9 +858,8 @@ func UpdateIssueStatus(ctx *context.Context) {
 
 // NewComment create a comment for issue
 func NewComment(ctx *context.Context, form auth.CreateCommentForm) {
-	issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
-	if err != nil {
-		ctx.NotFoundOrServerError("GetIssueByIndex", models.IsErrIssueNotExist, err)
+	issue := getActionIssue(ctx)
+	if ctx.Written() {
 		return
 	}
 
@@ -869,7 +886,7 @@ func NewComment(ctx *context.Context, form auth.CreateCommentForm) {
 
 			if form.Status == "reopen" && issue.IsPull {
 				pull := issue.PullRequest
-				pr, err = models.GetUnmergedPullRequest(pull.HeadRepoID, pull.BaseRepoID, pull.HeadBranch, pull.BaseBranch)
+				pr, err := models.GetUnmergedPullRequest(pull.HeadRepoID, pull.BaseRepoID, pull.HeadBranch, pull.BaseBranch)
 				if err != nil {
 					if !models.IsErrPullRequestNotExist(err) {
 						ctx.Handle(500, "GetUnmergedPullRequest", err)
@@ -891,7 +908,7 @@ func NewComment(ctx *context.Context, form auth.CreateCommentForm) {
 			if pr != nil {
 				ctx.Flash.Info(ctx.Tr("repo.pulls.open_unmerged_pull_exists", pr.Index))
 			} else {
-				if err = issue.ChangeStatus(ctx.User, ctx.Repo.Repository, form.Status == "close"); err != nil {
+				if err := issue.ChangeStatus(ctx.User, ctx.Repo.Repository, form.Status == "close"); err != nil {
 					log.Error(4, "ChangeStatus: %v", err)
 				} else {
 					log.Trace("Issue [%d] status changed to closed: %v", issue.ID, issue.IsClosed)
@@ -918,7 +935,7 @@ func NewComment(ctx *context.Context, form auth.CreateCommentForm) {
 		return
 	}
 
-	comment, err = models.CreateIssueComment(ctx.User, ctx.Repo.Repository, issue, form.Content, attachments)
+	comment, err := models.CreateIssueComment(ctx.User, ctx.Repo.Repository, issue, form.Content, attachments)
 	if err != nil {
 		ctx.Handle(500, "CreateIssueComment", err)
 		return
@@ -988,10 +1005,6 @@ func DeleteComment(ctx *context.Context) {
 
 // Milestones render milestones page
 func Milestones(ctx *context.Context) {
-	MustEnableIssues(ctx)
-	if ctx.Written() {
-		return
-	}
 	ctx.Data["Title"] = ctx.Tr("repo.milestones")
 	ctx.Data["PageIsIssueList"] = true
 	ctx.Data["PageIsMilestones"] = true

routers/repo/issue_label.go

@@ -18,10 +18,6 @@ const (
 
 // Labels render issue's labels page
 func Labels(ctx *context.Context) {
-	MustEnableIssues(ctx)
-	if ctx.Written() {
-		return
-	}
 	ctx.Data["Title"] = ctx.Tr("repo.labels")
 	ctx.Data["PageIsIssueList"] = true
 	ctx.Data["PageIsLabels"] = true

routers/repo/issue_watch.go

@@ -21,10 +21,8 @@ func IssueWatch(c *context.Context) {
 		return
 	}
 
-	issueIndex := c.ParamsInt64("index")
-	issue, err := models.GetIssueByIndex(c.Repo.Repository.ID, issueIndex)
-	if err != nil {
-		c.Handle(http.StatusInternalServerError, "GetIssueByIndex", err)
+	issue := getActionIssue(c)
+	if c.Written() {
 		return
 	}
 
@@ -33,6 +31,6 @@ func IssueWatch(c *context.Context) {
 		return
 	}
 
-	url := fmt.Sprintf("%s/issues/%d", c.Repo.RepoLink, issueIndex)
+	url := fmt.Sprintf("%s/issues/%d", c.Repo.RepoLink, issue.Index)
 	c.Redirect(url, http.StatusSeeOther)
 }

routers/repo/pull.go

@@ -61,6 +61,8 @@ func getForkRepository(ctx *context.Context) *models.Repository {
 	ctx.Data["repo_name"] = forkRepo.Name
 	ctx.Data["description"] = forkRepo.Description
 	ctx.Data["IsPrivate"] = forkRepo.IsPrivate
+	canForkToUser := forkRepo.OwnerID != ctx.User.ID && !ctx.User.HasForkedRepo(forkRepo.ID)
+	ctx.Data["CanForkToUser"] = canForkToUser
 
 	if err = forkRepo.GetOwner(); err != nil {
 		ctx.Handle(500, "GetOwner", err)
@@ -69,11 +71,23 @@ func getForkRepository(ctx *context.Context) *models.Repository {
 	ctx.Data["ForkFrom"] = forkRepo.Owner.Name + "/" + forkRepo.Name
 	ctx.Data["ForkFromOwnerID"] = forkRepo.Owner.ID
 
-	if err := ctx.User.GetOrganizations(true); err != nil {
-		ctx.Handle(500, "GetOrganizations", err)
+	if err := ctx.User.GetOwnedOrganizations(); err != nil {
+		ctx.Handle(500, "GetOwnedOrganizations", err)
 		return nil
 	}
-	ctx.Data["Orgs"] = ctx.User.Orgs
+	var orgs []*models.User
+	for _, org := range ctx.User.OwnedOrgs {
+		if forkRepo.OwnerID != org.ID && !org.HasForkedRepo(forkRepo.ID) {
+			orgs = append(orgs, org)
+		}
+	}
+	ctx.Data["Orgs"] = orgs
+
+	if canForkToUser {
+		ctx.Data["ContextUser"] = ctx.User
+	} else if len(orgs) > 0 {
+		ctx.Data["ContextUser"] = orgs[0]
+	}
 
 	return forkRepo
 }
@@ -87,7 +101,6 @@ func Fork(ctx *context.Context) {
 		return
 	}
 
-	ctx.Data["ContextUser"] = ctx.User
 	ctx.HTML(200, tplFork)
 }
 
@@ -95,15 +108,16 @@ func Fork(ctx *context.Context) {
 func ForkPost(ctx *context.Context, form auth.CreateRepoForm) {
 	ctx.Data["Title"] = ctx.Tr("new_fork")
 
+	ctxUser := checkContextUser(ctx, form.UID)
+	if ctx.Written() {
+		return
+	}
+
 	forkRepo := getForkRepository(ctx)
 	if ctx.Written() {
 		return
 	}
 
-	ctxUser := checkContextUser(ctx, form.UID)
-	if ctx.Written() {
-		return
-	}
 	ctx.Data["ContextUser"] = ctxUser
 
 	if ctx.HasError() {

routers/repo/release.go

@@ -67,6 +67,7 @@ func Releases(ctx *context.Context) {
 
 	opts := models.FindReleasesOptions{
 		IncludeDrafts: ctx.Repo.IsWriter(),
+		IncludeTags:   true,
 	}
 
 	releases, err := models.GetReleasesByRepoID(ctx.Repo.Repository.ID, opts, page, limit)
@@ -145,57 +146,61 @@ func NewReleasePost(ctx *context.Context, form auth.NewReleaseForm) {
 		return
 	}
 
-	var tagCreatedUnix int64
-	tag, err := ctx.Repo.GitRepo.GetTag(form.TagName)
-	if err == nil {
-		commit, err := tag.Commit()
-		if err == nil {
-			tagCreatedUnix = commit.Author.When.Unix()
-		}
-	}
-
-	commit, err := ctx.Repo.GitRepo.GetBranchCommit(form.Target)
-	if err != nil {
-		ctx.Handle(500, "GetBranchCommit", err)
-		return
-	}
-
-	commitsCount, err := commit.CommitsCount()
-	if err != nil {
-		ctx.Handle(500, "CommitsCount", err)
-		return
-	}
-
-	rel := &models.Release{
-		RepoID:       ctx.Repo.Repository.ID,
-		PublisherID:  ctx.User.ID,
-		Title:        form.Title,
-		TagName:      form.TagName,
-		Target:       form.Target,
-		Sha1:         commit.ID.String(),
-		NumCommits:   commitsCount,
-		Note:         form.Content,
-		IsDraft:      len(form.Draft) > 0,
-		IsPrerelease: form.Prerelease,
-		CreatedUnix:  tagCreatedUnix,
-	}
-
 	var attachmentUUIDs []string
 	if setting.AttachmentEnabled {
 		attachmentUUIDs = form.Files
 	}
 
-	if err = models.CreateRelease(ctx.Repo.GitRepo, rel, attachmentUUIDs); err != nil {
-		ctx.Data["Err_TagName"] = true
-		switch {
-		case models.IsErrReleaseAlreadyExist(err):
-			ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_already_exist"), tplReleaseNew, &form)
-		case models.IsErrInvalidTagName(err):
-			ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_invalid"), tplReleaseNew, &form)
-		default:
-			ctx.Handle(500, "CreateRelease", err)
+	rel, err := models.GetRelease(ctx.Repo.Repository.ID, form.TagName)
+	if err != nil {
+		if !models.IsErrReleaseNotExist(err) {
+			ctx.Handle(500, "GetRelease", err)
+			return
+		}
+
+		rel := &models.Release{
+			RepoID:       ctx.Repo.Repository.ID,
+			PublisherID:  ctx.User.ID,
+			Title:        form.Title,
+			TagName:      form.TagName,
+			Target:       form.Target,
+			Note:         form.Content,
+			IsDraft:      len(form.Draft) > 0,
+			IsPrerelease: form.Prerelease,
+			IsTag:        false,
+		}
+
+		if err = models.CreateRelease(ctx.Repo.GitRepo, rel, attachmentUUIDs); err != nil {
+			ctx.Data["Err_TagName"] = true
+			switch {
+			case models.IsErrReleaseAlreadyExist(err):
+				ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_already_exist"), tplReleaseNew, &form)
+			case models.IsErrInvalidTagName(err):
+				ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_invalid"), tplReleaseNew, &form)
+			default:
+				ctx.Handle(500, "CreateRelease", err)
+			}
+			return
+		}
+	} else {
+		if !rel.IsTag {
+			ctx.Data["Err_TagName"] = true
+			ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_already_exist"), tplReleaseNew, &form)
+			return
+		}
+
+		rel.Title = form.Title
+		rel.Note = form.Content
+		rel.IsDraft = len(form.Draft) > 0
+		rel.IsPrerelease = form.Prerelease
+		rel.PublisherID = ctx.User.ID
+		rel.IsTag = false
+
+		if err = models.UpdateRelease(ctx.Repo.GitRepo, rel, attachmentUUIDs); err != nil {
+			ctx.Data["Err_TagName"] = true
+			ctx.Handle(500, "UpdateRelease", err)
+			return
 		}
-		return
 	}
 	log.Trace("Release created: %s/%s:%s", ctx.User.LowerName, ctx.Repo.Repository.Name, form.TagName)
 
@@ -246,6 +251,10 @@ func EditReleasePost(ctx *context.Context, form auth.EditReleaseForm) {
 		}
 		return
 	}
+	if rel.IsTag {
+		ctx.Handle(404, "GetRelease", err)
+		return
+	}
 	ctx.Data["tag_name"] = rel.TagName
 	ctx.Data["tag_target"] = rel.Target
 	ctx.Data["title"] = rel.Title
@@ -275,8 +284,7 @@ func EditReleasePost(ctx *context.Context, form auth.EditReleaseForm) {
 
 // DeleteRelease delete a release
 func DeleteRelease(ctx *context.Context) {
-	delTag := ctx.QueryBool("delTag")
-	if err := models.DeleteReleaseByID(ctx.QueryInt64("id"), ctx.User, delTag); err != nil {
+	if err := models.DeleteReleaseByID(ctx.QueryInt64("id"), ctx.User, true); err != nil {
 		ctx.Flash.Error("DeleteReleaseByID: " + err.Error())
 	} else {
 		ctx.Flash.Success(ctx.Tr("repo.release.deletion_success"))

routers/repo/setting.go

@@ -520,7 +520,7 @@ func ProtectedBranchPost(ctx *context.Context) {
 
 		canPush := ctx.QueryBool("canPush")
 
-		if canPush {
+		if !canPush {
 			if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil {
 				ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName))
 				ctx.JSON(200, map[string]string{

routers/repo/view.go

@@ -93,16 +93,12 @@ func renderDirectory(ctx *context.Context, treeLink string) {
 		if isTextFile {
 			d, _ := ioutil.ReadAll(dataRc)
 			buf = append(buf, d...)
-			newbuf := markup.Render(readmeFile.Name(), buf, treeLink, ctx.Repo.Repository.ComposeMetas())
-			if newbuf != nil {
-				ctx.Data["IsMarkdown"] = true
+			ctx.Data["IsRenderedHTML"] = true
+			if markup.Type(readmeFile.Name()) != "" {
+				ctx.Data["FileContent"] = string(markup.Render(readmeFile.Name(), buf, treeLink, ctx.Repo.Repository.ComposeMetas()))
 			} else {
-				// FIXME This is the only way to show non-markdown files
-				// instead of a broken "View Raw" link
-				ctx.Data["IsMarkdown"] = true
-				newbuf = bytes.Replace(buf, []byte("\n"), []byte(`<br>`), -1)
+				ctx.Data["FileContent"] = string(bytes.Replace(buf, []byte("\n"), []byte(`<br>`), -1))
 			}
-			ctx.Data["FileContent"] = string(newbuf)
 		}
 	}
 
@@ -188,15 +184,14 @@ func renderFile(ctx *context.Context, entry *git.TreeEntry, treeLink, rawLink st
 		d, _ := ioutil.ReadAll(dataRc)
 		buf = append(buf, d...)
 
-		tp := markup.Type(blob.Name())
-		isSupportedMarkup := tp != ""
-		// FIXME: currently set IsMarkdown for compatible
-		ctx.Data["IsMarkdown"] = isSupportedMarkup
-
-		readmeExist := isSupportedMarkup || markup.IsReadmeFile(blob.Name())
+		readmeExist := markup.IsReadmeFile(blob.Name())
 		ctx.Data["ReadmeExist"] = readmeExist
-		if readmeExist && isSupportedMarkup {
+		if markup.Type(blob.Name()) != "" {
+			ctx.Data["IsRenderedHTML"] = true
 			ctx.Data["FileContent"] = string(markup.Render(blob.Name(), buf, path.Dir(treeLink), ctx.Repo.Repository.ComposeMetas()))
+		} else if readmeExist {
+			ctx.Data["IsRenderedHTML"] = true
+			ctx.Data["FileContent"] = string(bytes.Replace(buf, []byte("\n"), []byte(`<br>`), -1))
 		} else {
 			// Building code view blocks with line number on server side.
 			var fileContent string

routers/repo/webhook.go

@@ -167,7 +167,7 @@ func WebHooksNewPost(ctx *context.Context, form auth.NewWebhookForm) {
 }
 
 // GogsHooksNewPost response for creating webhook
-func GogsHooksNewPost(ctx *context.Context, form auth.NewWebhookForm) {
+func GogsHooksNewPost(ctx *context.Context, form auth.NewGogshookForm) {
 	ctx.Data["Title"] = ctx.Tr("repo.settings.add_webhook")
 	ctx.Data["PageIsSettingsHooks"] = true
 	ctx.Data["PageIsSettingsHooksNew"] = true
@@ -361,7 +361,7 @@ func WebHooksEditPost(ctx *context.Context, form auth.NewWebhookForm) {
 }
 
 // GogsHooksEditPost response for editing gogs hook
-func GogsHooksEditPost(ctx *context.Context, form auth.NewWebhookForm) {
+func GogsHooksEditPost(ctx *context.Context, form auth.NewGogshookForm) {
 	ctx.Data["Title"] = ctx.Tr("repo.settings.update_webhook")
 	ctx.Data["PageIsSettingsHooks"] = true
 	ctx.Data["PageIsSettingsHooksEdit"] = true

routers/routes/routes.go

@@ -416,8 +416,10 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
 		m.Get("/migrate", repo.Migrate)
 		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-		m.Combo("/fork/:repoid").Get(repo.Fork).
-			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+		m.Group("/fork", func() {
+			m.Combo("/:repoid").Get(repo.Fork).
+				Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+		}, context.RepoIDAssignment(), context.UnitTypes(), context.LoadRepoUnits(), context.CheckUnit(models.UnitTypeCode))
 	}, reqSignIn)
 
 	m.Group("/:username/:reponame", func() {
@@ -469,12 +471,13 @@ func RegisterRoutes(m *macaron.Macaron) {
 	m.Get("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), repo.Action)
 
 	m.Group("/:username/:reponame", func() {
-		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
-		// So they can apply their own enable/disable logic on routers.
 		m.Group("/issues", func() {
 			m.Combo("/new", repo.MustEnableIssues).Get(context.RepoRef(), repo.NewIssue).
 				Post(bindIgnErr(auth.CreateIssueForm{}), repo.NewIssuePost)
-
+		}, context.CheckUnit(models.UnitTypeIssues))
+		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
+		// So they can apply their own enable/disable logic on routers.
+		m.Group("/issues", func() {
 			m.Group("/:index", func() {
 				m.Post("/title", repo.UpdateIssueTitle)
 				m.Post("/content", repo.UpdateIssueContent)
@@ -482,21 +485,21 @@ func RegisterRoutes(m *macaron.Macaron) {
 				m.Combo("/comments").Post(bindIgnErr(auth.CreateCommentForm{}), repo.NewComment)
 			})
 
-			m.Post("/labels", repo.UpdateIssueLabel, reqRepoWriter)
-			m.Post("/milestone", repo.UpdateIssueMilestone, reqRepoWriter)
-			m.Post("/assignee", repo.UpdateIssueAssignee, reqRepoWriter)
-			m.Post("/status", repo.UpdateIssueStatus, reqRepoWriter)
-		}, context.CheckUnit(models.UnitTypeIssues))
+			m.Post("/labels", reqRepoWriter, repo.UpdateIssueLabel)
+			m.Post("/milestone", reqRepoWriter, repo.UpdateIssueMilestone)
+			m.Post("/assignee", reqRepoWriter, repo.UpdateIssueAssignee)
+			m.Post("/status", reqRepoWriter, repo.UpdateIssueStatus)
+		})
 		m.Group("/comments/:id", func() {
 			m.Post("", repo.UpdateCommentContent)
 			m.Post("/delete", repo.DeleteComment)
-		}, context.CheckUnit(models.UnitTypeIssues))
+		}, context.CheckAnyUnit(models.UnitTypeIssues, models.UnitTypePullRequests))
 		m.Group("/labels", func() {
 			m.Post("/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
 			m.Post("/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
 			m.Post("/delete", repo.DeleteLabel)
 			m.Post("/initialize", bindIgnErr(auth.InitializeLabelsForm{}), repo.InitializeLabels)
-		}, reqRepoWriter, context.RepoRef(), context.CheckUnit(models.UnitTypeIssues))
+		}, reqRepoWriter, context.RepoRef(), context.CheckAnyUnit(models.UnitTypeIssues, models.UnitTypePullRequests))
 		m.Group("/milestones", func() {
 			m.Combo("/new").Get(repo.NewMilestone).
 				Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
@@ -504,7 +507,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
 			m.Get("/:id/:action", repo.ChangeMilestonStatus)
 			m.Post("/delete", repo.DeleteMilestone)
-		}, reqRepoWriter, context.RepoRef(), context.CheckUnit(models.UnitTypeIssues))
+		}, reqRepoWriter, context.RepoRef(), context.CheckAnyUnit(models.UnitTypeIssues, models.UnitTypePullRequests))
 
 		m.Combo("/compare/*", repo.MustAllowPulls, repo.SetEditorconfigIfExists).
 			Get(repo.CompareAndPullRequest).
@@ -571,8 +574,8 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Group("", func() {
 			m.Get("/^:type(issues|pulls)$", repo.RetrieveLabels, repo.Issues)
 			m.Get("/^:type(issues|pulls)$/:index", repo.ViewIssue)
-			m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
-			m.Get("/milestones", repo.Milestones)
+			m.Get("/labels/", context.CheckAnyUnit(models.UnitTypeIssues, models.UnitTypePullRequests), repo.RetrieveLabels, repo.Labels)
+			m.Get("/milestones", context.CheckAnyUnit(models.UnitTypeIssues, models.UnitTypePullRequests), repo.Milestones)
 		}, context.RepoRef())
 
 		m.Group("/wiki", func() {

routers/user/setting.go

@@ -378,9 +378,9 @@ func SettingsKeysPost(ctx *context.Context, form auth.AddKeyForm) {
 			case models.IsErrGPGKeyIDAlreadyUsed(err):
 				ctx.Data["Err_Content"] = true
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_key_id_used"), tplSettingsKeys, &form)
-			case models.IsErrGPGEmailNotFound(err):
+			case models.IsErrGPGNoEmailFound(err):
 				ctx.Data["Err_Content"] = true
-				ctx.RenderWithErr(ctx.Tr("settings.gpg_key_email_not_found", err.(models.ErrGPGEmailNotFound).Email), tplSettingsKeys, &form)
+				ctx.RenderWithErr(ctx.Tr("settings.gpg_no_key_email_found"), tplSettingsKeys, &form)
 			default:
 				ctx.Handle(500, "AddPublicKey", err)
 			}

templates/repo/editor/commit_form.tmpl

@@ -14,7 +14,8 @@
 					<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" {{if eq .commit_choice "direct"}}checked{{end}}>
 					<label>
 						<i class="octicon octicon-git-commit" height="16" width="14"></i>
-						{{.i18n.Tr "repo.editor.commit_directly_to_this_branch" .BranchName | Safe}}
+						{{$branchName := .BranchName | Str2html}}
+						{{.i18n.Tr "repo.editor.commit_directly_to_this_branch" $branchName | Safe}}
 					</label>
 				</div>
 			</div>

templates/repo/header.tmpl

@@ -32,7 +32,7 @@
 						</div>
 						{{if .CanBeForked}}
 							<div class="ui compact labeled button" tabindex="0">
-								<a class="ui compact button {{if eq .OwnerID $.SignedUserID}}poping up{{end}}" {{if not (eq .OwnerID $.SignedUserID)}}href="{{AppSubUrl}}/repo/fork/{{.ID}}"{{else}} data-content="{{$.i18n.Tr "repo.fork_from_self"}}" data-position="top center" data-variation="tiny"{{end}}>
+								<a class="ui compact button {{if not $.CanSignedUserFork}}poping up{{end}}" {{if $.CanSignedUserFork}}href="{{AppSubUrl}}/repo/fork/{{.ID}}"{{else}} data-content="{{$.i18n.Tr "repo.fork_from_self"}}" data-position="top center" data-variation="tiny"{{end}}>
 									<i class="octicon octicon-repo-forked"></i>{{$.i18n.Tr "repo.fork"}}
 								</a>
 								<a class="ui basic label" href="{{.Link}}/forks">

templates/repo/issue/list.tmpl

@@ -103,8 +103,8 @@
 		</div>
 		<div class="issue-actions">
 			<div class="ui basic status buttons">
-				<div class="ui green active basic button issue-action" data-action="open" data-url="{{$.Link}}/status">{{.i18n.Tr "repo.issues.action_open"}}</div>
-				<div class="ui red active basic button issue-action" data-action="close" data-url="{{$.Link}}/status">{{.i18n.Tr "repo.issues.action_close"}}</div>
+				<div class="ui green active basic button issue-action" data-action="open" data-url="{{$.RepoLink}}/issues/status">{{.i18n.Tr "repo.issues.action_open"}}</div>
+				<div class="ui red active basic button issue-action" data-action="close" data-url="{{$.RepoLink}}/issues/status">{{.i18n.Tr "repo.issues.action_close"}}</div>
 			</div>
 
 			<div class="ui secondary filter menu floated right">
@@ -116,7 +116,7 @@
 					</span>
 					<div class="menu">
 						{{range .Labels}}
-							<div class="item issue-action" data-action="toggle" data-element-id="{{.ID}}" data-url="{{$.Link}}/labels">
+							<div class="item issue-action" data-action="toggle" data-element-id="{{.ID}}" data-url="{{$.RepoLink}}/issues/labels">
 								<span class="octicon {{if eq $.SelectLabels .ID}}octicon-check{{end}}"></span><span class="label color" style="background-color: {{.Color}}"></span> {{.Name | Sanitize}}
 							</div>
 						{{end}}
@@ -134,7 +134,7 @@
 						  {{.i18n.Tr "repo.issues.action_milestone_no_select"}}
 						</div>
 						{{range .Milestones}}
-							<div class="item issue-action" data-element-id="{{.ID}}" data-url="{{$.Link}}/milestone">
+							<div class="item issue-action" data-element-id="{{.ID}}" data-url="{{$.RepoLink}}/issues/milestone">
 								{{.Name | Sanitize}}
 							</div>
 						{{end}}
@@ -152,7 +152,7 @@
 							{{.i18n.Tr "repo.issues.action_assignee_no_select"}}
 						</div>
 						{{range .Assignees}}
-							<div class="item issue-action" data-element-id="{{.ID}}" data-url="{{$.Link}}/assignee">
+							<div class="item issue-action" data-element-id="{{.ID}}" data-url="{{$.RepoLink}}/issues/assignee">
 								<img src="{{.RelAvatarLink}}"> {{.Name}}
 							</div>
 						{{end}}

templates/repo/issue/view_title.tmpl

@@ -28,7 +28,7 @@
 		{{if .Issue.PullRequest.HasMerged}}
 			{{ $mergedStr:= TimeSince .Issue.PullRequest.Merged $.Lang }}
 			<a {{if gt .Issue.PullRequest.Merger.ID 0}}href="{{.Issue.PullRequest.Merger.HomeLink}}"{{end}}>{{.Issue.PullRequest.Merger.Name}}</a>
-			<span class="pull-desc">{{$.i18n.Tr "repo.pulls.merged_title_desc" .NumCommits .HeadTarget .BaseTarget $mergedStr | Safe}}</span>
+			<span class="pull-desc">{{$.i18n.Tr "repo.pulls.merged_title_desc" .NumCommits .HeadTarget .BaseTarget $mergedStr | Str2html}}</span>
 		{{else}}
 			<a {{if gt .Issue.Poster.ID 0}}href="{{.Issue.Poster.HomeLink}}"{{end}}>{{.Issue.Poster.Name}}</a>
 			<span class="pull-desc">{{$.i18n.Tr "repo.pulls.title_desc" .NumCommits .HeadTarget .BaseTarget | Str2html}}</span>

templates/repo/pulls/fork.tmpl

@@ -19,17 +19,17 @@
 							</span>
 							<i class="dropdown icon"></i>
 							<div class="menu">
-								<div class="item" data-value="{{.SignedUser.ID}}">
-									<img class="ui mini image" src="{{.SignedUser.RelAvatarLink}}">
-									{{.SignedUser.ShortName 20}}
-								</div>
+								{{if .CanForkToUser}}
+									<div class="item" data-value="{{.SignedUser.ID}}">
+										<img class="ui mini image" src="{{.SignedUser.RelAvatarLink}}">
+										{{.SignedUser.ShortName 20}}
+									</div>
+								{{end}}
 								{{range .Orgs}}
-									{{if and (.IsOwnedBy $.SignedUser.ID) (ne .ID $.ForkFromOwnerID)}}
-										<div class="item" data-value="{{.ID}}">
-											<img class="ui mini image" src="{{.RelAvatarLink}}">
-											{{.ShortName 20}}
-										</div>
-									{{end}}
+									<div class="item" data-value="{{.ID}}">
+										<img class="ui mini image" src="{{.RelAvatarLink}}">
+										{{.ShortName 20}}
+									</div>
 								{{end}}
 							</div>
 						</div>

templates/repo/release/list.tmpl

@@ -17,7 +17,9 @@
 			{{range .Releases}}
 				<li class="ui grid">
 					<div class="ui four wide column meta">
-						{{if .PublisherID}}
+						{{if .IsTag}}
+							{{if .Created}}<span class="time">{{TimeSince .Created $.Lang}}</span>{{end}}
+						{{else}}
 							{{if .IsDraft}}
 								<span class="ui yellow label">{{$.i18n.Tr "repo.release.draft"}}</span>
 							{{else if .IsPrerelease}}
@@ -28,13 +30,22 @@
 							<span class="tag text blue">
 								<a href="{{$.RepoLink}}/src/{{.TagName}}" rel="nofollow"><i class="tag icon"></i> {{.TagName}}</a>
 							</span>
+							<span class="commit">
+								<a href="{{$.RepoLink}}/src/{{.Sha1}}" rel="nofollow"><i class="code icon"></i> {{ShortSha .Sha1}}</a>
+							</span>
 						{{end}}
-						<span class="commit">
-							<a href="{{$.RepoLink}}/src/{{.Sha1}}" rel="nofollow"><i class="code icon"></i> {{ShortSha .Sha1}}</a>
-						</span>
 					</div>
 					<div class="ui twelve wide column detail">
-						{{if .PublisherID}}
+						{{if .IsTag}}
+							<h4>
+								<a href="{{$.RepoLink}}/src/{{.TagName}}" rel="nofollow"><i class="tag icon"></i> {{.TagName}}</a>
+							</h4>
+							<div class="download">
+								<a href="{{$.RepoLink}}/src/{{.Sha1}}" rel="nofollow"><i class="code icon"></i> {{ShortSha .Sha1}}</a>
+								<a href="{{$.RepoLink}}/archive/{{.TagName}}.zip" rel="nofollow"><i class="octicon octicon-file-zip"></i> ZIP</a>
+								<a href="{{$.RepoLink}}/archive/{{.TagName}}.tar.gz"><i class="octicon octicon-file-zip"></i> TAR.GZ</a>
+							</div>
+						{{else}}
 							<h3>
 								<a href="{{$.RepoLink}}/src/{{.TagName}}">{{.Title}}</a>
 								{{if $.IsRepositoryWriter}}<small>(<a href="{{$.RepoLink}}/releases/edit/{{.TagName}}" rel="nofollow">{{$.i18n.Tr "repo.release.edit"}}</a>)</small>{{end}}
@@ -70,14 +81,6 @@
 									{{end}}
 								</ul>
 							</div>
-						{{else}}
-							<h4>
-								<a href="{{$.RepoLink}}/src/{{.TagName}}" rel="nofollow"><i class="tag icon"></i> {{.TagName}}</a>
-							</h4>
-							<div class="download">
-								<a href="{{$.RepoLink}}/archive/{{.TagName}}.zip" rel="nofollow"><i class="octicon octicon-file-zip"></i> ZIP</a>
-								<a href="{{$.RepoLink}}/archive/{{.TagName}}.tar.gz"><i class="octicon octicon-file-zip"></i> TAR.GZ</a>
-							</div>
 						{{end}}
 						<span class="dot">&nbsp;</span>
 					</div>

templates/repo/view_file.tmpl

@@ -36,8 +36,8 @@
 		{{end}}
 	</h4>
 	<div class="ui attached table segment">
-		<div class="file-view {{if .IsMarkdown}}markdown{{else if .IsTextFile}}code-view{{end}} has-emoji">
-			{{if .IsMarkdown}}
+		<div class="file-view {{if .IsRenderedHTML}}markdown{{else if .IsTextFile}}code-view{{end}} has-emoji">
+			{{if .IsRenderedHTML}}
 				{{if .FileContent}}{{.FileContent | Str2html}}{{end}}
 			{{else if not .IsTextFile}}
 				<div class="view-raw ui center">

templates/repo/view_list.tmpl

@@ -4,14 +4,16 @@
 			<th class="four wide">
 				{{if .LatestCommitUser}}
 					<img class="ui avatar image img-12" src="{{.LatestCommitUser.RelAvatarLink}}" />
-				  {{if .LatestCommitUser.FullName}}
-					  <a href="{{AppSubUrl}}/{{.LatestCommitUser.Name}}"><strong>{{.LatestCommitUser.FullName}}</strong></a>
-				  {{else}}
-				    <a href="{{AppSubUrl}}/{{.LatestCommitUser.Name}}"><strong>{{.LatestCommit.Author.Name}}</strong></a>
-				  {{end}}
+					{{if .LatestCommitUser.FullName}}
+						<a href="{{AppSubUrl}}/{{.LatestCommitUser.Name}}"><strong>{{.LatestCommitUser.FullName}}</strong></a>
+					{{else}}
+						<a href="{{AppSubUrl}}/{{.LatestCommitUser.Name}}"><strong>{{if .LatestCommit.Author}}{{.LatestCommit.Author.Name}}{{else}}{{.LatestCommitUser.Name}}{{end}}</strong></a>
+					{{end}}
 				{{else}}
-					<img class="ui avatar image img-12" src="{{AvatarLink .LatestCommit.Author.Email}}" />
-					<strong>{{.LatestCommit.Author.Name}}</strong>
+					{{if .LatestCommit.Author}}
+						<img class="ui avatar image img-12" src="{{AvatarLink .LatestCommit.Author.Email}}" />
+						<strong>{{.LatestCommit.Author.Name}}</strong>
+					{{end}}
 				{{end}}
 				<a rel="nofollow" class="ui sha label {{if .LatestCommit.Signature}} isSigned {{if .LatestCommitVerification.Verified }} isVerified {{end}}{{end}}" href="{{.RepoLink}}/commit/{{.LatestCommit.ID}}">
 						{{ShortSha .LatestCommit.ID.String}}
@@ -29,7 +31,7 @@
 			</th>
 			<th class="nine wide">
 			</th>
-			<th class="three wide text grey right age">{{TimeSince .LatestCommit.Author.When $.Lang}}</th>
+			<th class="three wide text grey right age">{{if .LatestCommit.Author}}{{TimeSince .LatestCommit.Author.When $.Lang}}{{end}}</th>
 		</tr>
 	</thead>
 	<tbody>

vendor/code.gitea.io/git/MAINTAINERS

@@ -15,3 +15,5 @@ Thomas Boerger <thomas@webhippie.de> (@tboerger)
 Lauris Bukšis-Haberkorns <lauris@nix.lv> (@lafriks)
 Antoine Girard <sapk@sapk.fr> (@sapk)
 Jonas Östanbäck <jonas.ostanback@gmail.com> (@cez81)
+David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
+Peter Žeby <morlinest@gmail.com> (@morlinest)

vendor/code.gitea.io/git/commit.go

@@ -12,8 +12,6 @@ import (
 	"net/http"
 	"strconv"
 	"strings"
-
-	"github.com/mcuadros/go-version"
 )
 
 // Commit represents a git commit.
@@ -160,13 +158,7 @@ func CommitChanges(repoPath string, opts CommitChangesOptions) error {
 
 func commitsCount(repoPath, revision, relpath string) (int64, error) {
 	var cmd *Command
-	isFallback := false
-	if version.Compare(gitVersion, "1.8.0", "<") {
-		isFallback = true
-		cmd = NewCommand("log", "--pretty=format:''")
-	} else {
-		cmd = NewCommand("rev-list", "--count")
-	}
+	cmd = NewCommand("rev-list", "--count")
 	cmd.AddArguments(revision)
 	if len(relpath) > 0 {
 		cmd.AddArguments("--", relpath)
@@ -177,9 +169,6 @@ func commitsCount(repoPath, revision, relpath string) (int64, error) {
 		return 0, err
 	}
 
-	if isFallback {
-		return int64(strings.Count(stdout, "\n")) + 1, nil
-	}
 	return strconv.ParseInt(strings.TrimSpace(stdout), 10, 64)
 }