add 1.4.3 changelog (#4321 )

Backport #4312 to v1.4 (#4320 )
Fix webhook type conflation. (#4285 ) (#4289 )
2025-11-05 18:32:41 +09:00 · 2018-06-27 00:17:16 +02:00 · 2018-06-26 23:55:00 +02:00 · 2018-06-21 12:06:29 +02:00 · 2018-06-19 12:06:05 +03:00 · 2018-06-17 15:28:03 +02:00
1381 changed files with 68581 additions and 87235 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,5 @@
 *
 !gitea
 !docker
 !public
 !templates
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,10 +1,10 @@
 workspace:
-  base: /go
+  base: /srv/app
  path: src/code.gitea.io/gitea
 clone:
  git:
-    image: plugins/git:next
+    image: plugins/git:1
    depth: 50
    tags: true
@@ -56,26 +56,27 @@ pipeline:
      event: [ push, tag, pull_request ]
  build-without-gcc:
-    image: golang:1.8
+    image: webhippie/golang:1.8
    pull: true
    environment:
      GOPATH: /srv/app
    commands:
      - go build -o gitea_no_gcc # test if build succeeds without the sqlite tag
    when:
      event: [ push, tag, pull_request ]
  build:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    environment:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
      - make clean
      - make generate
      - make vet
      - make lint
      - make fmt-check
      - make swagger-check
 #      - make swagger-validate
      - make misspell-check
      - make test-vendor
      - make build
@@ -83,11 +84,12 @@ pipeline:
      event: [ push, tag, pull_request ]
  test:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
      - make unit-test-coverage
    when:
@@ -95,11 +97,12 @@ pipeline:
      branch: [ master ]
  test:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
      - make test
    when:
@@ -107,11 +110,12 @@ pipeline:
      branch: [ release/* ]
  test:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata
      GOPATH: /srv/app
    commands:
      - make test
    when:
@@ -119,64 +123,60 @@ pipeline:
  # Commented until db locking have been resolved!
  # test-sqlite:
-  #   image: golang:1.10
+  #   image: webhippie/golang:edge
  #   pull: true
  #   group: test
  #   environment:
  #     TAGS: bindata
  #     GOPATH: /srv/app
  #   commands:
  #     - make test-sqlite
  #   when:
  #     event: [ push, tag, pull_request ]
  test-mysql:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata
-      TEST_LDAP: "1"
+      GOPATH: /srv/app
    commands:
      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
      - apt-get install -y git-lfs
      - make integration-test-coverage
    when:
      event: [ push, pull_request ]
      branch: [ master ]
  test-mysql:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata
-      TEST_LDAP: "1"
+      GOPATH: /srv/app
    commands:
      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
      - apt-get install -y git-lfs
      - make test-mysql
    when:
      event: [ tag ]
  test-pgsql:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    group: test
    environment:
      TAGS: bindata
-      TEST_LDAP: "1"
+      GOPATH: /srv/app
    commands:
      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
      - apt-get install -y git-lfs
      - make test-pgsql
    when:
      event: [ push, tag, pull_request ]
  generate-coverage:
-    image: golang:1.10
+    image: webhippie/golang:edge
    pull: true
    environment:
      TAGS: bindata
      GOPATH: /srv/app
    commands:
      - make coverage
    when:
@@ -197,8 +197,8 @@ pipeline:
    pull: true
    environment:
      TAGS: bindata sqlite
      GOPATH: /srv/app
    commands:
      - export PATH=$PATH:$GOPATH/bin
      - make release
    when:
      event: [ push, tag ]
@@ -237,7 +237,16 @@ pipeline:
      branch: [ master ]
  docker:
-    image: plugins/docker:17.12
+    image: plugins/docker:17.05
    pull: true
    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
    tags: [ '${DRONE_TAG##v}' ]
    when:
      event: [ tag ]
  docker:
    image: plugins/docker:17.05
    pull: true
    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
@@ -247,25 +256,14 @@ pipeline:
      branch: [ release/* ]
  docker:
-    image: plugins/docker:17.12
+    image: plugins/docker:17.05
    pull: true
    secrets: [ docker_username, docker_password ]
    pull: true
    repo: gitea/gitea
-    default_tags: true
+    tags: [ 'latest' ]
    when:
-      event: [ push, tag ]
+      event: [ push ]
-
+      branch: [ master ]
  gpg-sign:
    image: plugins/gpgsign:1
    pull: true
    secrets: [ gpgsign_key, gpgsign_passphrase ]
    detach_sign: true
    files:
      - dist/release/*
    excludes:
      - dist/release/*.sha256
    when:
      event: [ push, tag ]
  release:
    image: plugins/s3:1
@@ -353,8 +351,3 @@ services:
      - POSTGRES_DB=test
    when:
      event: [ push, tag, pull_request ]
  ldap:
    image: gitea/test-openldap:latest
    when:
      event: [ push, tag, pull_request ]
--- a/.gitignore
+++ b/.gitignore
@@ -59,13 +59,3 @@ coverage.all
 /integrations/mysql.ini
 /integrations/pgsql.ini
 /node_modules
 # Snapcraft
 snap/.snapcraft/
 parts/
 stage/
 prime/
 *.snap
 *.snap-build
 *_source.tar.bz2
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,99 +4,6 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).
 ## [1.5.2](https://github.com/go-gitea/gitea/releases/tag/v1.5.2) - 2018-10-09
 * SECURITY
  * Enforce token on api routes (#4840) (#4905)
 * BUGFIXES
  * Remove links from topics in edit mode (#5030)
  * Detect charset and convert non UTF-8 files for display (#4950) (#4994)
  * Fix layout of the topics editing form (#4971) (#4993)
  * Fix null pointer dereference in ParseCommitWithSignature (#4964)
  * Fix url in discord webhook (#4951)
  * Fix font-cropping UI bug in diff (#4726) (#4929)
  * Fix bug forget to remove Stopwatch when remove repository (#4933)
  * Fix bug when repo remained bare if multiple branches pushed (#4927)
  * Fix redirect with non-ascii branch names (#4764) (#4887)
  * Fix issues api allow pulls (#4852) (#4862)
  * Fix trimming of markup section names (#4864)
 ## [1.5.1](https://github.com/go-gitea/gitea/releases/tag/v1.5.1) - 2018-09-03
 * SECURITY
  * Don't disclose emails of all users when sending out emails (#4784)
  * Improve URL validation for external wiki and external issues (#4710) (#4740)
  * Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) (#4707)
 * BUGFIXES
  * Fix missing release title in webhook (#4783) (#4800)
  * Make sure to reset commit count in the cache on mirror syncing (#4770)
  * Fixed bug where team with admin privelege type doesn't get any unit (#4759)
  * Fix failure on creating pull request with assignees (#4583) (#4727)
  * Hide org/create menu item in Dashboard if user has no rights (#4678) (#4686)
 * TRANSLATION
  * Fix incorrect caption of webhook setting (#4701) (#4718)
 ## [1.5.0](https://github.com/go-gitea/gitea/releases/tag/v1.5.0) - 2018-08-10
 * SECURITY
  * Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
  * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
  * Do not allow to reuse TOTP passcode (#3878)
 * BUGFIXES
  * Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
  * Redirect to correct page after using scratch token (#4458) (#4472)
  * Replace src with raw to fix image paths (#4377) (#4386)
  * Fixes repo membership check in API (#4341) (#4379)
  * Add default merge options when adding new repository (#4369) (#4373)
  * Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
  * Fix html entity escaping in branch deletion message (#4471) (#4485)
  * Fix out-of-transaction query in removeOrgUser (#4521) (#4524)
  * Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519)
  * Fix panic issue on update avatar email (#4580) (#4590)
  * Fix bugs when too many IN variables (#4594) (#4597)
  * Push whitelist now doesn't apply to branch deletion (#4601) (#4640)
  * Site admin could create repos even MAX_CREATION_LIMIT=0 (#4645) (#4650)
 * FEATURE
  * Add cli commands to regen hooks & keys (#3979)
  * Add support for FIDO U2F (#3971)
  * Added user language setting (#3875)
  * LDAP Public SSH Keys synchronization (#1844)
  * Add topic support (#3711)
  * Multiple assignees (#3705)
  * Add protected branch whitelists for merging (#3689)
  * Global code search support (#3664)
  * Add label descriptions (#3662)
  * Add issue search via API (#3612)
  * Add repository setting to enable/disable health checks (#3607)
  * Emoji Autocomplete (#3433)
  * Implements generator cli for secrets (#3531)
 * ENHANCEMENT
  * Add more webhooks support and refactor webhook templates directory (#3929)
  * Add new option to allow only OAuth2/OpenID user registration (#3910)
  * Add option to use paged LDAP search when synchronizing users (#3895)
  * Symlink icons (#1416)
  * Improve release page UI (#3693)
  * Add admin dashboard option to run health checks (#3606)
  * Add branch link in branch list (#3576)
  * Reduce sql query times in retrieveFeeds (#3547)
  * Option to enable or disable swagger endpoints (#3502)
  * Add missing licenses (#3497)
  * Reduce repo indexer disk usage (#3452)
  * Enable caching on assets and avatars (#3376)
  * Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
  * Add Environment Variables to Docker template (#4012)
  * LFS: make HTTP auth period configurable (#4035)
  * Add config path as an optionial flag when changing pass via CLI (#4184)
  * Refactor User Settings sections (#3900)
  * Allow square brackets in external issue patterns (#3408)
  * Add Attachment API (#3478)
  * Add EnableTimetracking option to app settings (#3719)
  * Add config option to enable or disable log executed SQL (#3726)
  * Shows total tracked time in issue and milestone list (#3341)
 * TRANSLATION
  * Improve English grammar and consistency (#3614)
 * DEPLOYMENT
  * Allow Gitea to run as different USER in Docker (#3961)
  * Provide compressed release binaries (#3991)
  * Sign release binaries (#4188)
 ## [1.4.3](https://github.com/go-gitea/gitea/releases/tag/v1.4.3) - 2018-06-26
 * SECURITY
  * HTML-escape plain-text READMEs (#4192) (#4214)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -69,14 +69,14 @@ and keep the compatibility on upgrade. To make sure you are
 running the test suite exactly like we do, you should install
 the CLI for [Drone CI](https://github.com/drone/drone), as
 we are using the server for continous testing, following [these
-instructions](http://docs.drone.io/cli-installation/). After that,
+instructions](http://readme.drone.io/usage/getting-started-cli). After that,
-you can simply call `drone exec --local --build-event "pull_request"` within
+you can simply call `drone exec` within your working directory and it will try
-your working directory and it will try to run the test suite locally.
+to run the test suite locally.
 ## Vendoring
 We keep a cached copy of dependencies within the `vendor/` directory,
-managing updates via [dep](https://github.com/golang/dep).
+managing updates via [govendor](http://github.com/kardianos/govendor).
 Pull requests should only include `vendor/` updates if they are part of
 the same change, be it a bugfix or a feature addition.
@@ -85,8 +85,6 @@ The `vendor/` update needs to be justified as part of the PR description,
 and must be verified by the reviewers and/or merger to always reference
 an existing upstream commit.
 You can find more information on how to get started with it on the [dep project website](https://golang.github.io/dep/docs/introduction.html).
 ## Translation
 We do all translation work inside [Crowdin](https://crowdin.com/project/gitea).
@@ -114,7 +112,7 @@ pull request workflow to do that. And, we also use [LGTM](http://lgtm.co)
 to ensure every PR is reviewed by at least 2 maintainers.
 Please try to make your pull request easy to review for us. And, please read
-the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews)* guide;
+the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/pull-requests.md#best-practices-for-faster-reviews)* guide;
 it has lots of useful tips for any project you may want to contribute.
 Some of the key points:
@@ -201,10 +199,6 @@ an advisor has time to code review, we will gladly welcome them back
 to the maintainers team. If a maintainer is inactive for more than 3
 months and forgets to leave the maintainers team, the owners may move
 him or her from the maintainers team to the advisors team.
 For security reasons, Maintainers should use 2FA for their accounts and
 if possible provide gpg signed commits. 
 https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
 https://help.github.com/articles/signing-commits-with-gpg/
 ## Owners
@@ -215,9 +209,6 @@ be the main owner, and the other two the assistant owners. When the new
 owners have been elected, the old owners will give up ownership to the
 newly elected owners. If an owner is unable to do so, the other owners
 will assist in ceding ownership to the newly elected owners.
 For security reasons, Owners or any account with write access (like a bot)
 must use 2FA.
 https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
 After the election, the new owners should proactively agree
 with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
--- a/38
+++ b/38
@@ -1,41 +1,20 @@
 ###################################
 #Build stage
 FROM golang:1.10-alpine3.7 AS build-env
 ARG GITEA_VERSION
 ARG TAGS="sqlite"
 ENV TAGS "bindata $TAGS"
 #Build deps
 RUN apk --no-cache add build-base git
 #Setup repo
 COPY . ${GOPATH}/src/code.gitea.io/gitea
 WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 #Checkout version if set
 RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
 && make clean generate build
 FROM alpine:3.7
-LABEL maintainer="maintainers@gitea.io"
+LABEL maintainer="The Gitea Authors"
 EXPOSE 22 3000
 RUN apk --no-cache add \
-    bash \
+    su-exec \
    ca-certificates \
-    curl \
+    sqlite \
-    gettext \
+    bash \
    git \
    linux-pam \
    openssh \
    s6 \
-    sqlite \
+    curl \
-    su-exec \
+    openssh \
    gettext \
    tzdata
 RUN addgroup \
    -S -g 1000 \
    git && \
@@ -50,6 +29,7 @@ RUN addgroup \
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea
 ENV GODEBUG=netdns=go
 VOLUME ["/data"]
@@ -57,4 +37,4 @@ ENTRYPOINT ["/usr/bin/entrypoint"]
 CMD ["/bin/s6-svscan", "/etc/s6"]
 COPY docker /
-COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
+COPY gitea /app/gitea/gitea
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -1,880 +0,0 @@
 # This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
 [[projects]]
  branch = "master"
  name = "code.gitea.io/git"
  packages = ["."]
  revision = "31f4b8e8c805438ac6d8914b38accb1d8aaf695e"
 [[projects]]
  branch = "master"
  name = "code.gitea.io/sdk"
  packages = ["gitea"]
  revision = "b2308e3f700875a3642a78bd3f6e5db8ef6f974d"
 [[projects]]
  name = "github.com/PuerkitoBio/goquery"
  packages = ["."]
  revision = "ed7d758e9a34ba1f55e8084e0d731448b46921a8"
 [[projects]]
  name = "github.com/RoaringBitmap/roaring"
  packages = ["."]
  revision = "1a28a7fa985680f9f4e1644c0a857ec359a444b0"
  version = "v0.4.7"
 [[projects]]
  branch = "master"
  name = "github.com/Smerity/govarint"
  packages = ["."]
  revision = "7265e41f48f15fd61751e16da866af3c704bb3ab"
 [[projects]]
  branch = "master"
  name = "github.com/Unknwon/cae"
  packages = [
    ".",
    "zip"
  ]
  revision = "c6aac99ea2cae2ebaf23f26f76b04fe3fcfc9f8c"
 [[projects]]
  branch = "master"
  name = "github.com/Unknwon/com"
  packages = ["."]
  revision = "7677a1d7c1137cd3dd5ba7a076d0c898a1ef4520"
 [[projects]]
  branch = "master"
  name = "github.com/Unknwon/i18n"
  packages = ["."]
  revision = "b64d336589669d317928070e70ba0ae558f16633"
 [[projects]]
  name = "github.com/Unknwon/paginater"
  packages = ["."]
  revision = "7748a72e01415173a27d79866b984328e7b0c12b"
 [[projects]]
  name = "github.com/andybalholm/cascadia"
  packages = ["."]
  revision = "349dd0209470eabd9514242c688c403c0926d266"
 [[projects]]
  name = "github.com/blevesearch/bleve"
  packages = [
    ".",
    "analysis",
    "analysis/analyzer/custom",
    "analysis/analyzer/standard",
    "analysis/datetime/flexible",
    "analysis/datetime/optional",
    "analysis/lang/en",
    "analysis/token/camelcase",
    "analysis/token/lowercase",
    "analysis/token/porter",
    "analysis/token/stop",
    "analysis/token/unicodenorm",
    "analysis/token/unique",
    "analysis/tokenizer/unicode",
    "document",
    "geo",
    "index",
    "index/scorch",
    "index/scorch/mergeplan",
    "index/scorch/segment",
    "index/scorch/segment/mem",
    "index/scorch/segment/zap",
    "index/store",
    "index/store/boltdb",
    "index/store/gtreap",
    "index/upsidedown",
    "mapping",
    "numeric",
    "registry",
    "search",
    "search/collector",
    "search/facet",
    "search/highlight",
    "search/highlight/format/html",
    "search/highlight/fragmenter/simple",
    "search/highlight/highlighter/html",
    "search/highlight/highlighter/simple",
    "search/query",
    "search/scorer",
    "search/searcher"
  ]
  revision = "ff210fbc6d348ad67aa5754eaea11a463fcddafd"
 [[projects]]
  branch = "master"
  name = "github.com/blevesearch/go-porterstemmer"
  packages = ["."]
  revision = "23a2c8e5cf1f380f27722c6d2ae8896431dc7d0e"
 [[projects]]
  name = "github.com/blevesearch/segment"
  packages = ["."]
  revision = "db70c57796cc8c310613541dfade3dce627d09c7"
 [[projects]]
  name = "github.com/boltdb/bolt"
  packages = ["."]
  revision = "ccd680d8c1a0179ac3d68f692b01e1a1589cbfc7"
  source = "github.com/go-gitea/bolt"
 [[projects]]
  name = "github.com/boombuler/barcode"
  packages = [
    ".",
    "qr",
    "utils"
  ]
  revision = "fe0f26ff6d26693948ee8189aa064ee8c54141fa"
 [[projects]]
  name = "github.com/bradfitz/gomemcache"
  packages = ["memcache"]
  revision = "fb1f79c6b65acda83063cbc69f6bba1522558bfc"
 [[projects]]
  name = "github.com/chaseadamsio/goorgeous"
  packages = ["."]
  revision = "098da33fde5f9220736531b3cb26a2dec86a8367"
 [[projects]]
  name = "github.com/coreos/etcd"
  packages = ["error"]
  revision = "01c303113d0a3d5a8075864321c3aedb72035bdd"
 [[projects]]
  branch = "master"
  name = "github.com/coreos/go-etcd"
  packages = ["etcd"]
  revision = "003851be7bb0694fe3cc457a49529a19388ee7cf"
 [[projects]]
  branch = "master"
  name = "github.com/couchbase/vellum"
  packages = [
    ".",
    "regexp",
    "utf8"
  ]
  revision = "eb6ae3743b3f300f2136f83ca78c08cc071edbd4"
 [[projects]]
  name = "github.com/davecgh/go-spew"
  packages = ["spew"]
  revision = "346938d642f2ec3594ed81d874461961cd0faa76"
  version = "v1.1.0"
 [[projects]]
  name = "github.com/denisenkom/go-mssqldb"
  packages = ["."]
  revision = "e32ca5036449b7ea12c62ed761ea1ad7fc88a4e2"
 [[projects]]
  name = "github.com/dgrijalva/jwt-go"
  packages = ["."]
  revision = "9ed569b5d1ac936e6494082958d63a6aa4fff99a"
 [[projects]]
  branch = "master"
  name = "github.com/edsrzf/mmap-go"
  packages = ["."]
  revision = "0bce6a6887123b67a60366d2c9fe2dfb74289d2e"
 [[projects]]
  name = "github.com/elazarl/go-bindata-assetfs"
  packages = ["."]
  revision = "57eb5e1fc594ad4b0b1dbea7b286d299e0cb43c2"
 [[projects]]
  name = "github.com/ethantkoenig/rupture"
  packages = ["."]
  revision = "0a76f03a811abcca2e6357329b673e9bb8ef9643"
 [[projects]]
  branch = "master"
  name = "github.com/facebookgo/clock"
  packages = ["."]
  revision = "600d898af40aa09a7a93ecb9265d87b0504b6f03"
 [[projects]]
  name = "github.com/facebookgo/grace"
  packages = [
    "gracehttp",
    "gracenet"
  ]
  revision = "5729e484473f52048578af1b80d0008c7024089b"
 [[projects]]
  branch = "master"
  name = "github.com/facebookgo/httpdown"
  packages = ["."]
  revision = "a3b1354551a26449fbe05f5d855937f6e7acbd71"
 [[projects]]
  branch = "master"
  name = "github.com/facebookgo/stats"
  packages = ["."]
  revision = "1b76add642e42c6ffba7211ad7b3939ce654526e"
 [[projects]]
  branch = "master"
  name = "github.com/glycerine/go-unsnap-stream"
  packages = ["."]
  revision = "9f0cb55181dd3a0a4c168d3dbc72d4aca4853126"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/bindata"
  packages = ["."]
  revision = "85786f57eee3e5544a9cc24fa2afe425b97a8652"
 [[projects]]
  name = "github.com/go-macaron/binding"
  packages = ["."]
  revision = "9440f336b443056c90d7d448a0a55ad8c7599880"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/cache"
  packages = [
    ".",
    "memcache",
    "redis"
  ]
  revision = "56173531277692bc2925924d51fda1cd0a6b8178"
 [[projects]]
  name = "github.com/go-macaron/captcha"
  packages = ["."]
  revision = "8aa5919789ab301e865595eb4b1114d6b9847deb"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/csrf"
  packages = ["."]
  revision = "503617c6b37257a55dff6293ec28556506c3a9a8"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/gzip"
  packages = ["."]
  revision = "cad1c6580a07c56f5f6bc52d66002a05985c5854"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/i18n"
  packages = ["."]
  revision = "ef57533c3b0fc2d8581deda14937e52f11a203ab"
 [[projects]]
  branch = "master"
  name = "github.com/go-macaron/inject"
  packages = ["."]
  revision = "d8a0b8677191f4380287cfebd08e462217bac7ad"
 [[projects]]
  name = "github.com/go-macaron/session"
  packages = [
    ".",
    "redis"
  ]
  revision = "66031fcb37a0fff002a1f028eb0b3a815c78306b"
 [[projects]]
  name = "github.com/go-macaron/toolbox"
  packages = ["."]
  revision = "99a42f20e9e88daec5c0d7beb4e7eac134680ab0"
 [[projects]]
  name = "github.com/go-sql-driver/mysql"
  packages = ["."]
  revision = "ce924a41eea897745442daaa1739089b0f3f561d"
 [[projects]]
  name = "github.com/go-xorm/builder"
  packages = ["."]
  revision = "dc8bf48f58fab2b4da338ffd25191905fd741b8f"
  version = "v0.3.0"
 [[projects]]
  name = "github.com/go-xorm/core"
  packages = ["."]
  revision = "c10e21e7e1cec20e09398f2dfae385e58c8df555"
  version = "v0.6.0"
 [[projects]]
  name = "github.com/go-xorm/tidb"
  packages = ["."]
  revision = "21e49190ce47a766fa741cf7edc831a30c12c6ac"
 [[projects]]
  name = "github.com/go-xorm/xorm"
  packages = ["."]
  revision = "ad69f7d8f0861a29438154bb0a20b60501298480"
 [[projects]]
  branch = "master"
  name = "github.com/gogits/chardet"
  packages = ["."]
  revision = "2404f777256163ea3eadb273dada5dcb037993c0"
 [[projects]]
  name = "github.com/gogits/cron"
  packages = ["."]
  revision = "7f3990acf1833faa5ebd0e86f0a4c72a4b5eba3c"
 [[projects]]
  name = "github.com/golang/protobuf"
  packages = ["proto"]
  revision = "99511271042a09d1e01baea8781caa5210fec66e"
 [[projects]]
  name = "github.com/golang/snappy"
  packages = ["."]
  revision = "5f1c01d9f64b941dd9582c638279d046eda6ca31"
 [[projects]]
  name = "github.com/gorilla/context"
  packages = ["."]
  revision = "08b5f424b9271eedf6f9f0ce86cb9396ed337a42"
  version = "v1.1.1"
 [[projects]]
  name = "github.com/gorilla/mux"
  packages = ["."]
  revision = "757bef944d0f21880861c2dd9c871ca543023cba"
 [[projects]]
  name = "github.com/gorilla/securecookie"
  packages = ["."]
  revision = "e59506cc896acb7f7bf732d4fdf5e25f7ccd8983"
  version = "v1.1.1"
 [[projects]]
  name = "github.com/gorilla/sessions"
  packages = ["."]
  revision = "ca9ada44574153444b00d3fd9c8559e4cc95f896"
  version = "v1.1"
 [[projects]]
  name = "github.com/issue9/identicon"
  packages = ["."]
  revision = "d36b54562f4cf70c83653e13dc95c220c79ef521"
 [[projects]]
  name = "github.com/jaytaylor/html2text"
  packages = ["."]
  revision = "8fb95d837f7d6db1913fecfd7bcc5333e6499596"
 [[projects]]
  name = "github.com/juju/errors"
  packages = ["."]
  revision = "b2c7a7da5b2995941048f60146e67702a292e468"
 [[projects]]
  name = "github.com/kballard/go-shellquote"
  packages = ["."]
  revision = "cd60e84ee657ff3dc51de0b4f55dd299a3e136f2"
 [[projects]]
  name = "github.com/keybase/go-crypto"
  packages = [
    "brainpool",
    "cast5",
    "curve25519",
    "ed25519",
    "ed25519/internal/edwards25519",
    "openpgp",
    "openpgp/armor",
    "openpgp/ecdh",
    "openpgp/elgamal",
    "openpgp/errors",
    "openpgp/packet",
    "openpgp/s2k",
    "rsa"
  ]
  revision = "00ac4db533f63ef97576cbc7b07939ff7daf7329"
 [[projects]]
  name = "github.com/klauspost/compress"
  packages = [
    "flate",
    "gzip"
  ]
  revision = "8df558b6cb6f9b445f9586446cfe7223e7d8bd6b"
  version = "v1.1"
 [[projects]]
  name = "github.com/klauspost/cpuid"
  packages = ["."]
  revision = "09cded8978dc9e80714c4d85b0322337b0a1e5e0"
  version = "v1.0"
 [[projects]]
  name = "github.com/klauspost/crc32"
  packages = ["."]
  revision = "cb6bfca970f6908083f26f39a79009d608efd5cd"
  version = "v1.1"
 [[projects]]
  name = "github.com/lafriks/xormstore"
  packages = [
    ".",
    "util"
  ]
  revision = "9cab149ea91875cf056211bd6ef82379fce9cb67"
  version = "v1.0.0"
 [[projects]]
  name = "github.com/lib/pq"
  packages = [
    ".",
    "oid"
  ]
  revision = "456514e2defec52e0cd37f90ccf17ec8b28295e2"
 [[projects]]
  branch = "master"
  name = "github.com/lunny/dingtalk_webhook"
  packages = ["."]
  revision = "e3534c89ef969912856dfa39e56b09e58c5f5daf"
 [[projects]]
  name = "github.com/markbates/goth"
  packages = [
    ".",
    "gothic",
    "providers/bitbucket",
    "providers/dropbox",
    "providers/facebook",
    "providers/github",
    "providers/gitlab",
    "providers/gplus",
    "providers/openidConnect",
    "providers/twitter"
  ]
  revision = "4933f155d89c3c52ab4ca545c6602cf4a1e87913"
  version = "1.45.5"
 [[projects]]
  name = "github.com/mattn/go-sqlite3"
  packages = ["."]
  revision = "acfa60124032040b9f5a9406f5a772ee16fe845e"
 [[projects]]
  branch = "master"
  name = "github.com/mcuadros/go-version"
  packages = ["."]
  revision = "88e56e02bea1c203c99222c365fa52a69996ccac"
 [[projects]]
  name = "github.com/microcosm-cc/bluemonday"
  packages = ["."]
  revision = "f77f16ffc87a6a58814e64ae72d55f9c41374e6d"
 [[projects]]
  name = "github.com/mrjones/oauth"
  packages = ["."]
  revision = "3f67d9c274355678b2f9844b08d643e2f9213340"
 [[projects]]
  branch = "master"
  name = "github.com/mschoch/smat"
  packages = ["."]
  revision = "90eadee771aeab36e8bf796039b8c261bebebe4f"
 [[projects]]
  name = "github.com/msteinert/pam"
  packages = ["."]
  revision = "02ccfbfaf0cc627aa3aec8ef7ed5cfeec5b43f63"
 [[projects]]
  name = "github.com/nfnt/resize"
  packages = ["."]
  revision = "891127d8d1b52734debe1b3c3d7e747502b6c366"
 [[projects]]
  name = "github.com/ngaut/deadline"
  packages = ["."]
  revision = "fae8f9dfd7048de16575b9d4c255278e38c28a4f"
 [[projects]]
  branch = "master"
  name = "github.com/ngaut/go-zookeeper"
  packages = ["zk"]
  revision = "9c3719e318c7cfd072e41eb48cb71fcaa49d5e05"
 [[projects]]
  name = "github.com/ngaut/log"
  packages = ["."]
  revision = "d2af3a61f64d093457fb23b25d20f4ce3cd551ce"
 [[projects]]
  branch = "master"
  name = "github.com/ngaut/pools"
  packages = ["."]
  revision = "b7bc8c42aac787667ba45adea78233f53f548443"
 [[projects]]
  branch = "master"
  name = "github.com/ngaut/sync2"
  packages = ["."]
  revision = "7a24ed77b2efb460c1468b7dc917821c66e80e55"
 [[projects]]
  branch = "master"
  name = "github.com/ngaut/tso"
  packages = [
    "client",
    "proto",
    "util"
  ]
  revision = "118f6c141d58f1e72577ff61f43f649bf39355ee"
 [[projects]]
  branch = "master"
  name = "github.com/ngaut/zkhelper"
  packages = ["."]
  revision = "6738bdc138d469112c6687fbfcfe049ccabd6a0a"
 [[projects]]
  branch = "master"
  name = "github.com/petar/GoLLRB"
  packages = ["llrb"]
  revision = "53be0d36a84c2a886ca057d34b6aa4468df9ccb4"
 [[projects]]
  name = "github.com/philhofer/fwd"
  packages = ["."]
  revision = "bb6d471dc95d4fe11e432687f8b70ff496cf3136"
  version = "v1.0.0"
 [[projects]]
  name = "github.com/pingcap/go-hbase"
  packages = [
    ".",
    "iohelper",
    "proto"
  ]
  revision = "7a98d1fe4e9e115de8c77ae0e158c0d08732c550"
 [[projects]]
  branch = "master"
  name = "github.com/pingcap/go-themis"
  packages = [
    ".",
    "oracle",
    "oracle/oracles"
  ]
  revision = "dbb996606c1d1fe8571fd9ac6da2254c76d2c5c9"
 [[projects]]
  name = "github.com/pingcap/tidb"
  packages = [
    ".",
    "ast",
    "column",
    "context",
    "ddl",
    "domain",
    "evaluator",
    "executor",
    "infoschema",
    "inspectkv",
    "kv",
    "kv/memkv",
    "meta",
    "meta/autoid",
    "model",
    "mysql",
    "optimizer",
    "optimizer/plan",
    "parser",
    "parser/opcode",
    "perfschema",
    "privilege",
    "privilege/privileges",
    "sessionctx",
    "sessionctx/autocommit",
    "sessionctx/db",
    "sessionctx/forupdate",
    "sessionctx/variable",
    "store/hbase",
    "store/localstore",
    "store/localstore/boltdb",
    "store/localstore/engine",
    "store/localstore/goleveldb",
    "structure",
    "table",
    "table/tables",
    "terror",
    "util",
    "util/bytes",
    "util/charset",
    "util/codec",
    "util/distinct",
    "util/hack",
    "util/segmentmap",
    "util/sqlexec",
    "util/stringutil",
    "util/types"
  ]
  revision = "33197485abe227dcb254644cf5081c9a3c281669"
 [[projects]]
  name = "github.com/pmezard/go-difflib"
  packages = ["difflib"]
  revision = "792786c7400a136282c1664665ae0a8db921c6c2"
  version = "v1.0.0"
 [[projects]]
  name = "github.com/pquerna/otp"
  packages = [
    ".",
    "hotp",
    "totp"
  ]
  revision = "54653902c20e47f3417541d35435cb6d6162e28a"
 [[projects]]
  branch = "master"
  name = "github.com/russross/blackfriday"
  packages = ["."]
  revision = "11635eb403ff09dbc3a6b5a007ab5ab09151c229"
 [[projects]]
  name = "github.com/satori/go.uuid"
  packages = ["."]
  revision = "b061729afc07e77a8aa4fad0a2fd840958f1942a"
 [[projects]]
  name = "github.com/sergi/go-diff"
  packages = ["diffmatchpatch"]
  revision = "552b4e9bbdca9e5adafd95ee98c822fdd11b330b"
 [[projects]]
  name = "github.com/shurcooL/sanitized_anchor_name"
  packages = ["."]
  revision = "1dba4b3954bc059efc3991ec364f9f9a35f597d2"
 [[projects]]
  branch = "master"
  name = "github.com/steveyen/gtreap"
  packages = ["."]
  revision = "0abe01ef9be25c4aedc174758ec2d917314d6d70"
 [[projects]]
  name = "github.com/stretchr/testify"
  packages = ["assert"]
  revision = "12b6f73e6084dad08a7c6e575284b177ecafbc71"
  version = "v1.2.1"
 [[projects]]
  name = "github.com/syndtr/goleveldb"
  packages = [
    "leveldb",
    "leveldb/cache",
    "leveldb/comparer",
    "leveldb/errors",
    "leveldb/filter",
    "leveldb/iterator",
    "leveldb/journal",
    "leveldb/memdb",
    "leveldb/opt",
    "leveldb/storage",
    "leveldb/table",
    "leveldb/util"
  ]
  revision = "917f41c560270110ceb73c5b38be2a9127387071"
 [[projects]]
  branch = "master"
  name = "github.com/tinylib/msgp"
  packages = ["msgp"]
  revision = "c8cf64dff2009d53fa8f8a16df54d1cdfc64c4a7"
 [[projects]]
  branch = "master"
  name = "github.com/tstranex/u2f"
  packages = ["."]
  revision = "d21a03e0b1d9fc1df59ff54e7a513655c1748b0c"
 [[projects]]
  name = "github.com/twinj/uuid"
  packages = ["."]
  revision = "89173bcdda19db0eb88aef1e1cb1cb2505561d31"
  version = "0.10.0"
 [[projects]]
  name = "github.com/ugorji/go"
  packages = ["codec"]
  revision = "c062049c1793b01a3cc3fe786108edabbaf7756b"
 [[projects]]
  name = "github.com/urfave/cli"
  packages = ["."]
  revision = "d86a009f5e13f83df65d0d6cee9a2e3f1445f0da"
 [[projects]]
  branch = "master"
  name = "github.com/willf/bitset"
  packages = ["."]
  revision = "8ce1146b8621c95164efd9c8b1124cfa9b8afb4e"
 [[projects]]
  name = "github.com/yohcop/openid-go"
  packages = ["."]
  revision = "2c050d2dae5345c417db301f11fda6fbf5ad0f0a"
 [[projects]]
  name = "golang.org/x/crypto"
  packages = [
    "curve25519",
    "ed25519",
    "ed25519/internal/edwards25519",
    "md4",
    "pbkdf2",
    "ssh"
  ]
  revision = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94"
 [[projects]]
  name = "golang.org/x/net"
  packages = [
    "context",
    "html",
    "html/atom",
    "html/charset"
  ]
  revision = "f2499483f923065a842d38eb4c7f1927e6fc6e6d"
 [[projects]]
  name = "golang.org/x/oauth2"
  packages = [
    ".",
    "internal"
  ]
  revision = "c10ba270aa0bf8b8c1c986e103859c67a9103061"
 [[projects]]
  name = "golang.org/x/sync"
  packages = ["syncmap"]
  revision = "5a06fca2c336a4b2b2fcb45702e8c47621b2aa2c"
 [[projects]]
  name = "golang.org/x/sys"
  packages = [
    "unix",
    "windows",
    "windows/svc"
  ]
  revision = "a646d33e2ee3172a661fc09bca23bb4889a41bc8"
 [[projects]]
  name = "golang.org/x/text"
  packages = [
    "encoding",
    "encoding/charmap",
    "encoding/htmlindex",
    "encoding/internal",
    "encoding/internal/identifier",
    "encoding/japanese",
    "encoding/korean",
    "encoding/simplifiedchinese",
    "encoding/traditionalchinese",
    "encoding/unicode",
    "internal/gen",
    "internal/tag",
    "internal/triegen",
    "internal/ucd",
    "internal/utf8internal",
    "language",
    "runes",
    "transform",
    "unicode/cldr",
    "unicode/norm"
  ]
  revision = "2bf8f2a19ec09c670e931282edfe6567f6be21c9"
 [[projects]]
  branch = "v3"
  name = "gopkg.in/alexcesaro/quotedprintable.v3"
  packages = ["."]
  revision = "2caba252f4dc53eaf6b553000885530023f54623"
 [[projects]]
  name = "gopkg.in/asn1-ber.v1"
  packages = ["."]
  revision = "4e86f4367175e39f69d9358a5f17b4dda270378d"
  version = "v1.1"
 [[projects]]
  name = "gopkg.in/bufio.v1"
  packages = ["."]
  revision = "567b2bfa514e796916c4747494d6ff5132a1dfce"
  version = "v1"
 [[projects]]
  name = "gopkg.in/editorconfig/editorconfig-core-go.v1"
  packages = ["."]
  revision = "a872f05c2e34b37b567401384d202aff11ba06d4"
  version = "v1.2.0"
 [[projects]]
  branch = "v2"
  name = "gopkg.in/gomail.v2"
  packages = ["."]
  revision = "81ebce5c23dfd25c6c67194b37d3dd3f338c98b1"
 [[projects]]
  name = "gopkg.in/ini.v1"
  packages = ["."]
  revision = "7e7da451323b6766da368f8a1e8ec9a88a16b4a0"
  version = "v1.31.1"
 [[projects]]
  name = "gopkg.in/ldap.v2"
  packages = ["."]
  revision = "d0a5ced67b4dc310b9158d63a2c6f9c5ec13f105"
  version = "v2.4.1"
 [[projects]]
  name = "gopkg.in/macaron.v1"
  packages = ["."]
  revision = "75f2e9b42e99652f0d82b28ccb73648f44615faa"
  version = "v1.2.4"
 [[projects]]
  name = "gopkg.in/redis.v2"
  packages = ["."]
  revision = "e6179049628164864e6e84e973cfb56335748dea"
  version = "v2.3.2"
 [[projects]]
  name = "gopkg.in/testfixtures.v2"
  packages = ["."]
  revision = "b9ef14dc461bf934d8df2dfc6f1f456be5664cca"
  version = "v2.0.0"
 [[projects]]
  name = "gopkg.in/yaml.v2"
  packages = ["."]
  revision = "a5b47d31c556af34a302ce5d659e6fea44d90de0"
 [[projects]]
  name = "strk.kbt.io/projects/go/libravatar"
  packages = ["."]
  revision = "5eed7bff870ae19ef51c5773dbc8f3e9fcbd0982"
 [solve-meta]
  analyzer-name = "dep"
  analyzer-version = 1
  inputs-digest = "3b587a036aaf09514228ead18e7fd93e9ee1d14d4e56715bb2f197d5f27259d1"
  solver-name = "gps-cdcl"
  solver-version = 1
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -1,106 +0,0 @@
 ignored = ["google.golang.org/appengine*"]
 [prune]
  go-tests = true
  unused-packages = true
  non-go = true
 [[constraint]]
  branch = "master"
  name = "code.gitea.io/git"
 [[constraint]]
  branch = "master"
  name = "code.gitea.io/sdk"
 [[constraint]]
  revision = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94"
  name = "golang.org/x/crypto"
 [[constraint]]
  revision = "a646d33e2ee3172a661fc09bca23bb4889a41bc8"
  name = "golang.org/x/sys"
 [[constraint]]
  revision = "2bf8f2a19ec09c670e931282edfe6567f6be21c9"
  name = "golang.org/x/text"
 [[constraint]]
  revision = "f2499483f923065a842d38eb4c7f1927e6fc6e6d"
  name = "golang.org/x/net"
 [[constraint]]
  #version = "v1.0.0"
  revision = "33197485abe227dcb254644cf5081c9a3c281669"
  name = "github.com/pingcap/tidb"
 [[override]]
  name = "github.com/go-xorm/xorm"
  #version = "0.6.5"
  revision = "ad69f7d8f0861a29438154bb0a20b60501298480"
 [[override]]
  name = "github.com/gorilla/mux"
  revision = "757bef944d0f21880861c2dd9c871ca543023cba"
 [[constraint]]
  name = "github.com/gorilla/context"
  version = "1.1.1"
 [[constraint]]
  name = "github.com/lafriks/xormstore"
  version = "1.0.0"
 [[constraint]]
  branch = "master"
  name = "github.com/lunny/dingtalk_webhook"
 [[constraint]]
  name = "github.com/markbates/goth"
  version = "1.45.5"
 [[constraint]]
  branch = "master"
  name = "github.com/mcuadros/go-version"
 [[constraint]]
  branch = "master"
  name = "github.com/russross/blackfriday"
 [[constraint]]
  branch = "master"
  name = "github.com/tstranex/u2f"
 [[constraint]]
  name = "gopkg.in/editorconfig/editorconfig-core-go.v1"
  version = "1.2.0"
 [[constraint]]
  branch = "v2"
  name = "gopkg.in/gomail.v2"
 [[constraint]]
  name = "gopkg.in/ini.v1"
  version = "1.31.1"
 [[constraint]]
  name = "gopkg.in/ldap.v2"
  version = "2.4.1"
 [[constraint]]
  name = "gopkg.in/macaron.v1"
  version = "1.2.4"
 [[constraint]]
  name = "gopkg.in/testfixtures.v2"
  version = "2.0.0"
 [[override]]
  name = "github.com/boltdb/bolt"
  revision = "ccd680d8c1a0179ac3d68f692b01e1a1589cbfc7"
  source = "github.com/go-gitea/bolt"
 [[override]]
  revision = "c10ba270aa0bf8b8c1c986e103859c67a9103061"
  name = "golang.org/x/oauth2"
--- a/3
+++ b/3
@@ -21,6 +21,3 @@ David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
 Peter Žeby <morlinest@gmail.com> (@morlinest)
 Matti Ranta <matti@mdranta.net> (@techknowlogick)
 Michael Lustfield <mtecknology@debian.org> (@MTecknology)
 Jonas Franz <info@jonasfranz.software> (@JonasFranzDEV)
 Flynn Lufmons <fluf@warpmail.net> (@flufmonster)
 Alexey Terentyev <axifnx@gmail.com> (@axifive)
--- a/79
+++ b/79
@@ -21,19 +21,7 @@ GOFMT ?= gofmt -s
 GOFLAGS := -i -v
 EXTRA_GOFLAGS ?=
-ifneq ($(DRONE_TAG),)
+LDFLAGS := -X "main.Version=$(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" -X "main.Tags=$(TAGS)"
 	VERSION ?= $(subst v,,$(DRONE_TAG))
 	GITEA_VERSION := $(VERSION)
 else
 	ifneq ($(DRONE_BRANCH),)
 		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
 	else
 		VERSION ?= master
 	endif
 	GITEA_VERSION := $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
 endif
 LDFLAGS := -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"
 PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/))
 SOURCES ?= $(shell find . -name "*.go" -type f)
@@ -57,6 +45,16 @@ else
 	EXECUTABLE := gitea
 endif
 ifneq ($(DRONE_TAG),)
 	VERSION ?= $(subst v,,$(DRONE_TAG))
 else
 	ifneq ($(DRONE_BRANCH),)
 		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
 	else
 		VERSION ?= master
 	endif
 endif
 .PHONY: all
 all: build
@@ -93,22 +91,6 @@ generate-swagger:
 	fi
 	swagger generate spec -o ./public/swagger.v1.json
 .PHONY: swagger-check
 swagger-check: generate-swagger
 	@diff=$$(git diff public/swagger.v1.json); \
 	if [ -n "$$diff" ]; then \
 		echo "Please run 'make generate-swagger' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
 	fi;
 .PHONY: swagger-validate
 swagger-validate:
 	@hash swagger > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger; \
 	fi
 	swagger validate ./public/swagger.v1.json
 .PHONY: errcheck
 errcheck:
 	@hash errcheck > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
@@ -162,22 +144,18 @@ coverage:
 unit-test-coverage:
 	for PKG in $(PACKAGES); do $(GO) test -tags=sqlite -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
 .PHONY: vendor
 vendor:
 	@hash dep > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) get -u github.com/golang/dep/cmd/dep; \
 	fi
 	dep ensure -vendor-only
 .PHONY: test-vendor
-test-vendor: vendor
+test-vendor:
-	@diff=$$(git diff vendor/); \
+	@hash govendor > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-	if [ -n "$$diff" ]; then \
+		$(GO) get -u github.com/kardianos/govendor; \
-		echo "Please run 'make vendor' and commit the result:"; \
+	fi
-		echo "$${diff}"; \
+	govendor list +unused | tee "$(TMPDIR)/wc-gitea-unused"
-		exit 1; \
+	[ $$(cat "$(TMPDIR)/wc-gitea-unused" | wc -l) -eq 0 ] || echo "Warning: /!\\ Some vendor are not used /!\\"
-	fi;
+
-#TODO add dep status -missing when implemented
+	govendor list +outside | tee "$(TMPDIR)/wc-gitea-outside"
 	[ $$(cat "$(TMPDIR)/wc-gitea-outside" | wc -l) -eq 0 ] || exit 1
 	govendor status || exit 1
 .PHONY: test-sqlite
 test-sqlite: integrations.sqlite.test
@@ -243,7 +221,7 @@ $(EXECUTABLE): $(SOURCES)
 	$(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
 .PHONY: release
-release: release-dirs release-windows release-linux release-darwin release-copy release-compress release-check
+release: release-dirs release-windows release-linux release-darwin release-copy release-check
 .PHONY: release-dirs
 release-dirs:
@@ -287,13 +265,6 @@ release-copy:
 release-check:
 	cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/release/$(EXECUTABLE)-*),sha256sum $(notdir $(file)) > $(notdir $(file)).sha256;)
 .PHONY: release-compress
 release-compress:
 	@hash gxz > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) get -u github.com/ulikunitz/xz/cmd/gxz; \
 	fi
 	cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),gxz -k -9 $(notdir $(file));)
 .PHONY: javascripts
 javascripts: public/js/index.js
@@ -312,12 +283,12 @@ stylesheets-check: generate-stylesheets
 .PHONY: generate-stylesheets
 generate-stylesheets:
-	node_modules/.bin/lessc --clean-css public/less/index.less public/css/index.css
+	node_modules/.bin/lessc --no-ie-compat --clean-css public/less/index.less public/css/index.css
 .PHONY: swagger-ui
 swagger-ui:
 	rm -Rf public/vendor/assets/swagger-ui
-	git clone --depth=10 -b v3.13.4 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
+	git clone --depth=10 -b v3.3.2 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
 	mv $(TMPDIR)/swagger-ui/dist public/vendor/assets/swagger-ui
 	rm -Rf $(TMPDIR)/swagger-ui
 	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../../swagger.v1.json;g" public/vendor/assets/swagger-ui/index.html
--- a/README.md
+++ b/README.md
@@ -4,13 +4,20 @@
 [![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
 [![Join the Discord chat at https://discord.gg/NsatcWJ](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
 [![Join the Matrix chat at https://matrix.to/#/#gitea:matrix.org](https://img.shields.io/badge/matrix-%23gitea%3Amatrix.org-7bc9a4.svg)](https://matrix.to/#/#gitea:matrix.org)
 [![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
 [![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Release](https://github-release-version.herokuapp.com/github/go-gitea/gitea/release.svg?style=flat)](https://github.com/go-gitea/gitea/releases/latest)
 [![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
-[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)
+
 | | | |
 |:---:|:---:|:---:|
 |![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
 |![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
 |![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
 |![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|
 ## Purpose
@@ -55,6 +62,7 @@ For more information and instructions about how to install Gitea, please look
 at our [documentation](https://docs.gitea.io/en-us/). If you have questions
 that are not covered by the documentation, you can get in contact with us on
 our [Discord server](https://discord.gg/NsatcWJ),
 [Matrix room](https://matrix.to/#/#gitea:matrix.org),
 or [forum](https://discourse.gitea.io/)!
 ## Authors
@@ -63,45 +71,8 @@ or [forum](https://discourse.gitea.io/)!
 * [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
 * [Translators](options/locale/TRANSLATORS)
 ## Backers
 Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/gitea#backer)]
 <a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
 ## Sponsors
 Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/gitea#sponsor)]
 <a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
 <a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
 ## FAQ
 **How do you pronounce Gitea?**
 Gitea is pronounced [/ɡɪ’ti:/](https://youtu.be/EM71-2uDAoY) as in "gi-tea" with a hard g.
 ## License
 This project is licensed under the MIT License.
 See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file
 for the full license text.
 ## Screenshots
 Looking for an overview of the interface? Check it out!
 | | | |
 |:---:|:---:|:---:|
 |![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
 |![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
 |![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
 |![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|
--- a/README_ZH.md
+++ b/README_ZH.md
@@ -8,8 +8,7 @@
 [![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Release](https://github-release-version.herokuapp.com/github/go-gitea/gitea/release.svg?style=flat)](https://github.com/go-gitea/gitea/releases/latest)
 [![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)
 | | | |
 |:---:|:---:|:---:|
--- a/cmd/admin.go
+++ b/cmd/admin.go
@@ -25,7 +25,6 @@ var (
 			subcmdCreateUser,
 			subcmdChangePassword,
 			subcmdRepoSyncReleases,
 			subcmdRegenerate,
 		},
 	}
@@ -73,11 +72,6 @@ var (
 				Value: "",
 				Usage: "New password to set for user",
 			},
 			cli.StringFlag{
 				Name:  "config, c",
 				Value: "custom/conf/app.ini",
 				Usage: "Custom configuration file path",
 			},
 		},
 	}
@@ -86,41 +80,6 @@ var (
 		Usage:  "Synchronize repository releases with tags",
 		Action: runRepoSyncReleases,
 	}
 	subcmdRegenerate = cli.Command{
 		Name:  "regenerate",
 		Usage: "Regenerate specific files",
 		Subcommands: []cli.Command{
 			microcmdRegenHooks,
 			microcmdRegenKeys,
 		},
 	}
 	microcmdRegenHooks = cli.Command{
 		Name:   "hooks",
 		Usage:  "Regenerate git-hooks",
 		Action: runRegenerateHooks,
 		Flags: []cli.Flag{
 			cli.StringFlag{
 				Name:  "config, c",
 				Value: "custom/conf/app.ini",
 				Usage: "Custom configuration file path",
 			},
 		},
 	}
 	microcmdRegenKeys = cli.Command{
 		Name:   "keys",
 		Usage:  "Regenerate authorized_keys file",
 		Action: runRegenerateKeys,
 		Flags: []cli.Flag{
 			cli.StringFlag{
 				Name:  "config, c",
 				Value: "custom/conf/app.ini",
 				Usage: "Custom configuration file path",
 			},
 		},
 	}
 )
 func runChangePassword(c *cli.Context) error {
@@ -128,10 +87,6 @@ func runChangePassword(c *cli.Context) error {
 		return err
 	}
 	if c.IsSet("config") {
 		setting.CustomConf = c.String("config")
 	}
 	if err := initDB(); err != nil {
 		return err
 	}
@@ -240,25 +195,3 @@ func getReleaseCount(id int64) (int64, error) {
 		},
 	)
 }
 func runRegenerateHooks(c *cli.Context) error {
 	if c.IsSet("config") {
 		setting.CustomConf = c.String("config")
 	}
 	if err := initDB(); err != nil {
 		return err
 	}
 	return models.SyncRepositoryHooks()
 }
 func runRegenerateKeys(c *cli.Context) error {
 	if c.IsSet("config") {
 		setting.CustomConf = c.String("config")
 	}
 	if err := initDB(); err != nil {
 		return err
 	}
 	return models.RewriteAllPublicKeys()
 }
--- a/cmd/generate.go
+++ b/cmd/generate.go
@@ -1,83 +0,0 @@
 // Copyright 2016 The Gogs Authors. All rights reserved.
 // Copyright 2016 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 package cmd
 import (
 	"fmt"
 	"code.gitea.io/gitea/modules/generate"
 	"github.com/urfave/cli"
 )
 var (
 	// CmdGenerate represents the available generate sub-command.
 	CmdGenerate = cli.Command{
 		Name:  "generate",
 		Usage: "Command line interface for running generators",
 		Subcommands: []cli.Command{
 			subcmdSecret,
 		},
 	}
 	subcmdSecret = cli.Command{
 		Name:  "secret",
 		Usage: "Generate a secret token",
 		Subcommands: []cli.Command{
 			microcmdGenerateInternalToken,
 			microcmdGenerateLfsJwtSecret,
 			microcmdGenerateSecretKey,
 		},
 	}
 	microcmdGenerateInternalToken = cli.Command{
 		Name:   "INTERNAL_TOKEN",
 		Usage:  "Generate a new INTERNAL_TOKEN",
 		Action: runGenerateInternalToken,
 	}
 	microcmdGenerateLfsJwtSecret = cli.Command{
 		Name:   "LFS_JWT_SECRET",
 		Usage:  "Generate a new LFS_JWT_SECRET",
 		Action: runGenerateLfsJwtSecret,
 	}
 	microcmdGenerateSecretKey = cli.Command{
 		Name:   "SECRET_KEY",
 		Usage:  "Generate a new SECRET_KEY",
 		Action: runGenerateSecretKey,
 	}
 )
 func runGenerateInternalToken(c *cli.Context) error {
 	internalToken, err := generate.NewInternalToken()
 	if err != nil {
 		return err
 	}
 	fmt.Printf("%s\n", internalToken)
 	return nil
 }
 func runGenerateLfsJwtSecret(c *cli.Context) error {
 	JWTSecretBase64, err := generate.NewLfsJwtSecret()
 	if err != nil {
 		return err
 	}
 	fmt.Printf("%s\n", JWTSecretBase64)
 	return nil
 }
 func runGenerateSecretKey(c *cli.Context) error {
 	secretKey, err := generate.NewSecretKey()
 	if err != nil {
 		return err
 	}
 	fmt.Printf("%s\n", secretKey)
 	return nil
 }
--- a/cmd/serv.go
+++ b/cmd/serv.go
@@ -268,7 +268,7 @@ func runServ(c *cli.Context) error {
 		claims := jwt.MapClaims{
 			"repo": repo.ID,
 			"op":   lfsVerb,
-			"exp":  now.Add(setting.LFS.HTTPAuthExpiry).Unix(),
+			"exp":  now.Add(5 * time.Minute).Unix(),
 			"nbf":  now.Unix(),
 		}
 		if user != nil {
--- a/contrib/init/centos/gitea
+++ b/contrib/init/centos/gitea
@@ -24,8 +24,8 @@
 # Default values
 NAME=gitea
-GITEA_HOME=/var/lib/${NAME}
+GITEA_HOME=/home/git/gitea
-GITEA_PATH=/usr/local/bin/${NAME}
+GITEA_PATH=${GITEA_HOME}/$NAME
 GITEA_USER=git
 SERVICENAME="Gitea - Git with a cup of tea"
 LOCKFILE=/var/lock/subsys/gitea
@@ -49,11 +49,11 @@ DAEMON_OPTS="--check $NAME"
 start() {
  cd ${GITEA_HOME}
  echo -n "Starting ${SERVICENAME}: "
-  daemon $DAEMON_OPTS "${GITEA_PATH} web -c /etc/${NAME}/app.ini > ${LOGFILE} 2>&1 &"
+  daemon $DAEMON_OPTS "${GITEA_PATH} web > ${LOGFILE} 2>&1 &"
  RETVAL=$?
  echo
  [ $RETVAL = 0 ] && touch ${LOCKFILE}
-
+        
  return $RETVAL
 }
@@ -63,7 +63,7 @@ stop() {
        killproc ${NAME}
        RETVAL=$?
        echo
-        [ $RETVAL = 0 ] && rm -f ${LOCKFILE}
+        [ $RETVAL = 0 ] && rm -f ${LOCKFILE} 
 }
 case "$1" in
--- a/contrib/init/debian/gitea
+++ b/contrib/init/debian/gitea
@@ -14,20 +14,17 @@
 # Do NOT "set -e"
 # PATH should only include /usr/* if it runs after the mountnfs.sh script
-PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
-DESC="Gitea - Git with a cup of tea"
+DESC="Git with a cup of tea"
 NAME=gitea
 SERVICEVERBOSE=yes
 PIDFILE=/var/run/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME
-WORKINGDIR=/var/lib/$NAME
+WORKINGDIR=/home/git/gitea
-DAEMON=/usr/local/bin/$NAME
+DAEMON=$WORKINGDIR/$NAME
-DAEMON_ARGS="web -c /etc/$NAME/app.ini"
+DAEMON_ARGS="web"
 USER=git
-USERBIND=""
+USERBIND="setcap cap_net_bind_service=+ep"
 # If you want to bind Gitea to a port below 1024 uncomment
 # the line below
 #USERBIND="setcap cap_net_bind_service=+ep"
 STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}"
 # Read configuration variable file if it is present
@@ -39,7 +36,7 @@ STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}"
 do_start()
 {
    $USERBIND $DAEMON
-    sh -c "USER=$USER HOME=/home/$USER GITEA_WORK_DIR=$WORKINGDIR start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \\
+    sh -c "USER=$USER start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \\
        --background --chdir $WORKINGDIR --chuid $USER \\
        --exec $DAEMON -- $DAEMON_ARGS"
 }
--- a/contrib/init/freebsd/gitea
+++ b/contrib/init/freebsd/gitea
@@ -19,9 +19,9 @@ load_rc_config $name
 : ${gitea_user:="git"}
 : ${gitea_enable:="NO"}
-: ${gitea_directory:="/var/lib/gitea"}
+: ${gitea_directory:="/home/git"}
-command="/usr/local/bin/gitea web -c /etc/gitea/app.ini"
+command="${gitea_directory}/gitea web"
 procname="$(echo $command |cut -d' ' -f1)"
 pidfile="${gitea_directory}/${name}.pid"
@@ -33,7 +33,6 @@ gitea_start() {
 	cd ${gitea_directory}
 	export USER=${gitea_user}
 	export HOME=/usr/home/${gitea_user}
 	export GITEA_WORK_DIR=${gitea_directory}
 	/usr/sbin/daemon -f -u ${gitea_user} -p ${pidfile} $command
 }
--- a/contrib/init/gentoo/gitea
+++ b/contrib/init/gentoo/gitea
@@ -1,11 +1,11 @@
 #!/sbin/openrc-run
-DIR=/var/lib/gitea
+DIR=/home/git/gitea
 USER=git
 start_stop_daemon_args="--user ${USER} --chdir ${DIR}"
-command="/usr/local/bin/gitea"
+command="${DIR}/gitea"
-command_args="web -c /etc/gitea/app.ini"
+command_args="web"
 command_background=yes
 pidfile=/var/run/gitea.pid
--- a/contrib/init/openbsd/gitea
+++ b/contrib/init/openbsd/gitea
@@ -2,11 +2,11 @@
 #
 # $OpenBSD$
-daemon="/usr/local/bin/gitea"
+daemon="/home/git/gitea/gitea"
 daemon_user="git"
-daemon_flags="web -c /etc/gitea/app.ini"
+daemon_flags="web"
-gitea_directory="/var/lib/gitea"
+gitea_directory="/home/git/gitea"
 rc_bg=YES
--- a/contrib/init/sunos/gitea.xml
+++ b/contrib/init/sunos/gitea.xml
@@ -1,46 +0,0 @@
 <?xml version="1.0"?>
 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
 <service_bundle type="manifest" name="export">
 	<service name="gitea" type="service" version="1">
 		<create_default_instance enabled="false"/>
 		<dependency name="network" grouping="require_all" restart_on="refresh" type="service">
 			<service_fmri value="svc:/milestone/network:default"/>
 		</dependency>
 		<dependency name="filesystem" grouping="require_all" restart_on="refresh" type="service">
 			<service_fmri value="svc:/system/filesystem/local"/>
 		</dependency>
 		<exec_method
 		    type="method"
 		    name="start"
 		    exec="/opt/local/bin/gitea web"
 		    timeout_seconds="60">
 		  <method_context>
 		    <method_credential user="git" group="git" />
 		    <method_environment>
 		      <envvar name='GITEA_WORK_DIR' value='/opt/local/share/gitea'/>
 		      <envvar name='GITEA_CUSTOM' value='/opt/local/etc/gitea'/>
 		      <envvar name='HOME' value='/var/db/gitea'/>
 		      <envvar name='PATH' value='/opt/local/bin:${PATH}'/>
 		      <envvar name='USER' value='git'/>
 		    </method_environment>
 		  </method_context>
 		</exec_method>
 		<exec_method type="method" name="stop"	exec=":kill" timeout_seconds="60"/>
 		<property_group name="application" type="application"></property_group>
 		<property_group name="startd" type="framework">
 		  <propval name="duration" type="astring" value="child"/>
 		  <propval name="ignore_error" type="astring" value="core,signal"/>
 		</property_group>
 		<template>
 			<common_name>
 			  <loctext xml:lang="C">A painless, self-hosted Git service</loctext>
 			</common_name>
 		</template>
 	</service>
 </service_bundle>
--- a/contrib/init/suse/gitea
+++ b/contrib/init/suse/gitea
@@ -18,10 +18,10 @@
 # Default values
 NAME=gitea
-GITEA_HOME=/var/lib/$NAME
+GITEA_HOME=/home/git/gitea
-GITEA_PATH=/usr/local/bin/$NAME
+GITEA_PATH=${GITEA_HOME}/$NAME
 GITEA_USER=git
-SERVICENAME="Gitea - Git with a cup of tea"
+SERVICENAME="Git - with a cup of tea"
 LOCKFILE=/var/lock/subsys/gitea
 LOGPATH=${GITEA_HOME}/log
 LOGFILE=${LOGPATH}/error.log
@@ -58,7 +58,7 @@ case "$1" in
 			# return skipped as service is already running
 			(exit 5)
 		else
-			su - ${GITEA_USER} -c "USER=${GITEA_USER} GITEA_WORK_DIR=${GITEA_HOME} ${GITEA_PATH} web -c /etc/${NAME}/app.ini 2>&1 >>${LOGFILE} &"
+			su - ${GITEA_USER} -c "USER=${GITEA_USER} ${GITEA_PATH} web 2>&1 >>${LOGFILE} &"
 		fi
 		# Remember status and be verbose
--- a/contrib/systemd/gitea.service
+++ b/contrib/systemd/gitea.service
@@ -18,15 +18,10 @@ RestartSec=2s
 Type=simple
 User=git
 Group=git
-WorkingDirectory=/var/lib/gitea/
+WorkingDirectory=/home/git/gitea
-ExecStart=/usr/local/bin/gitea web -c /etc/gitea/app.ini
+ExecStart=/home/git/gitea/gitea web
 Restart=always
-Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+Environment=USER=git HOME=/home/git
 # If you want to bind Gitea to a port below 1024 uncomment
 # the two values below
 ###
 #CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 #AmbientCapabilities=CAP_NET_BIND_SERVICE
 [Install]
 WantedBy=multi-user.target
--- a/custom/conf/app.ini.sample
+++ b/custom/conf/app.ini.sample
@@ -2,9 +2,7 @@
 ; Copy required sections to your own app.ini (default is custom/conf/app.ini)
 ; and modify as needed.
-; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.
+; App name that shows on every page title
 ; App name that shows in every page title
 APP_NAME = Gitea: Git with a cup of tea
 ; Change it if you run locally
 RUN_USER = git
@@ -18,28 +16,28 @@ SCRIPT_TYPE = bash
 ANSI_CHARSET =
 ; Force every new repository to be private
 FORCE_PRIVATE = false
-; Default privacy setting when creating a new repository, allowed values: last, private, public. Default is last which means the last setting used.
+; Default private when create a new repository, could be: last, private, public. Default is last which means last user repo visiblity.
 DEFAULT_PRIVATE = last
-; Global limit of repositories per user, applied at creation time. -1 means no limit
+; Global maximum creation limit of repository per user, -1 means no limit
 MAX_CREATION_LIMIT = -1
 ; Mirror sync queue length, increase if mirror syncing starts hanging
 MIRROR_QUEUE_LENGTH = 1000
 ; Patch test queue length, increase if pull request patch testing starts hanging
 PULL_REQUEST_QUEUE_LENGTH = 1000
 ; Preferred Licenses to place at the top of the List
-; The name here must match the filename in conf/license or custom/conf/license
+; Name must match file name in conf/license or custom/conf/license
 PREFERRED_LICENSES = Apache License 2.0,MIT License
-; Disable the ability to interact with repositories using the HTTP protocol
+; Disable ability to interact with repositories by HTTP protocol
 DISABLE_HTTP_GIT = false
 ; Force ssh:// clone url instead of scp-style uri when default SSH port is used
 USE_COMPAT_SSH_URI = false
 [repository.editor]
-; List of file extensions for which lines should be wrapped in the CodeMirror editor
+; List of file extensions that should have line wraps in the CodeMirror editor
-; Separate extensions with a comma. To line wrap files without an extension, just put a comma
+; Separate extensions with a comma. To line wrap files w/o extension, just put a comma
 LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd,
 ; Valid file modes that have a preview API associated with them, such as api/v1/markdown
-; Separate the values by commas. The preview tab in edit mode won't be displayed if the file extension doesn't match
+; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match
 PREVIEWABLE_FILE_MODES = markdown
 [repository.local]
@@ -55,39 +53,39 @@ ENABLED = true
 TEMP_PATH = data/tmp/uploads
 ; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
 ALLOWED_TYPES =
-; Max size of each file in megabytes. Defaults to 3MB
+; Max size of each file in MB. Defaults to 3MB
 FILE_MAX_SIZE = 3
 ; Max number of files per upload. Defaults to 5
 MAX_FILES = 5
 [ui]
-; Number of repositories that are displayed on one explore page
+; Number of repositories that are showed in one explore page
 EXPLORE_PAGING_NUM = 20
-; Number of issues that are displayed on one page
+; Number of issues that are showed in one page
 ISSUE_PAGING_NUM = 10
-; Number of maximum commits displayed in one activity feed
+; Number of maximum commits showed in one activity feed
 FEED_MAX_COMMIT_NUM = 5
 ; Value of `theme-color` meta tag, used by Android >= 5.0
 ; An invalid color like "none" or "disable" will have the default style
 ; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
 THEME_COLOR_META_TAG = `#6cc644`
-; Max size of files to be displayed (default is 8MiB)
+; Max size of files to be displayed (defaults is 8MiB)
 MAX_DISPLAY_FILE_SIZE = 8388608
-; Whether the email of the user should be shown in the Explore Users page
+; Whether show the user email in the Explore Users page
 SHOW_USER_EMAIL = true
 [ui.admin]
-; Number of users that are displayed on one page
+; Number of users that are showed in one page
 USER_PAGING_NUM = 50
-; Number of repos that are displayed on one page
+; Number of repos that are showed in one page
 REPO_PAGING_NUM = 50
-; Number of notices that are displayed on in one page
+; Number of notices that are showed in one page
 NOTICE_PAGING_NUM = 25
-; Number of organizations that are displayed on one page
+; Number of organization that are showed in one page
 ORG_PAGING_NUM = 50
 [ui.user]
-; Number of repos that are displayed on one page
+; Number of repos that are showed in one page
 REPO_PAGING_NUM = 15
 [ui.meta]
@@ -102,19 +100,19 @@ ENABLE_HARD_LINE_BREAK = false
 ; for example git,magnet
 CUSTOM_URL_SCHEMES =
 ; List of file extensions that should be rendered/edited as Markdown
-; Separate the extensions with a comma. To render files without any extension as markdown, just put a comma
+; Separate extensions with a comma. To render files w/o extension as markdown, just put a comma
 FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
 [server]
-; The protocol the server listens on. One of 'http', 'https', 'unix' or 'fcgi'.
+; Listen protocol. One of 'http', 'https', 'unix' or 'fcgi'.
 PROTOCOL = http
 DOMAIN = localhost
 ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
-; The address to listen on. Either a IPv4/IPv6 address or the path to a unix socket.
+; Listen address. Either a IPv4/IPv6 address or the path to a unix socket.
 HTTP_ADDR = 0.0.0.0
 HTTP_PORT = 3000
 ; If REDIRECT_OTHER_PORT is true, and PROTOCOL is set to https an http server
-; will be started on PORT_TO_REDIRECT and it will redirect plain, non-secure http requests to the main
+; will be started on PORT_TO_REDIRECT and redirect request to the main
 ; ROOT_URL.  Defaults are false for REDIRECT_OTHER_PORT and 80 for
 ; PORT_TO_REDIRECT.
 REDIRECT_OTHER_PORT = false
@@ -124,37 +122,36 @@ UNIX_SOCKET_PERMISSION = 666
 ; Local (DMZ) URL for Gitea workers (such as SSH update) accessing web service.
 ; In most cases you do not need to change the default value.
 ; Alter it only if your SSH server node is not the same as HTTP node.
 ; Do not set this variable if PROTOCOL is set to 'unix'.
 LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
 ; Disable SSH feature when not available
 DISABLE_SSH = false
-; Whether to use the builtin SSH server or not.
+; Whether use builtin SSH server or not.
 START_SSH_SERVER = false
-; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
+; Username to use for builtin SSH server. If blank, then it is the value of RUN_USER.
 BUILTIN_SSH_SERVER_USER =
 ; Domain name to be exposed in clone URL
 SSH_DOMAIN = %(DOMAIN)s
-; THe network interface the builtin SSH server should listen on
+; Network interface builtin SSH server listens on
 SSH_LISTEN_HOST =
 ; Port number to be exposed in clone URL
 SSH_PORT = 22
-; The port number the builtin SSH server should listen on
+; Port number builtin SSH server listens on
 SSH_LISTEN_PORT = %(SSH_PORT)s
 ; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
 SSH_ROOT_PATH =
-; For the built-in SSH server, choose the ciphers to support for SSH connections,
+; For built-in SSH server only, choose the ciphers to support for SSH connections,
 ; for system SSH this setting has no effect
 SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
-; For the built-in SSH server, choose the key exchange algorithms to support for SSH connections,
+; For built-in SSH server only, choose the key exchange algorithms to support for SSH connections,
 ; for system SSH this setting has no effect
 SSH_SERVER_KEY_EXCHANGES = diffie-hellman-group1-sha1, diffie-hellman-group14-sha1, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, curve25519-sha256@libssh.org
-; For the built-in SSH server, choose the MACs to support for SSH connections,
+; For built-in SSH server only, choose the MACs to support for SSH connections,
 ; for system SSH this setting has no effect
 SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96
-; Directory to create temporary files in when testing public keys using ssh-keygen,
+; Directory to create temporary files when test public key using ssh-keygen,
-; default is the system temporary directory.
+; default is system temporary directory.
 SSH_KEY_TEST_PATH =
-; Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
+; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
 SSH_KEYGEN_PATH = ssh-keygen
 ; Enable SSH Authorized Key Backup when rewriting all keys, default is true
 SSH_BACKUP_AUTHORIZED_KEYS = true
@@ -174,7 +171,7 @@ DISABLE_ROUTER_LOG = false
 ; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
 CERT_FILE = custom/https/cert.pem
 KEY_FILE = custom/https/key.pem
-; Root directory containing templates and static files.
+; Upper level of template and static file path
 ; default is the path where Gitea is executed
 STATIC_ROOT_PATH =
 ; Default path for App data
@@ -185,12 +182,10 @@ ENABLE_GZIP = false
 LANDING_PAGE = home
 ; Enables git-lfs support. true or false, default is false.
 LFS_START_SERVER = false
-; Where your lfs files reside, default is data/lfs.
+; Where your lfs files put on, default is data/lfs.
 LFS_CONTENT_PATH = data/lfs
-; LFS authentication secret, change this yourself
+; LFS authentication secret, changed this to yourself.
 LFS_JWT_SECRET =
 ; LFS authentication validity period (in time.Duration), pushes taking longer than this may fail.
 LFS_HTTP_AUTH_EXPIRY = 20m
 ; Define allowed algorithms and their minimum key length (use -1 to disable a type)
 [ssh.minimum_key_sizes]
@@ -209,14 +204,12 @@ USER = root
 PASSWD =
 ; For "postgres" only, either "disable", "require" or "verify-full"
 SSL_MODE = disable
-; For "sqlite3" and "tidb", use absolute path when you start gitea as service
+; For "sqlite3" and "tidb", use absolute path when you start as service
 PATH = data/gitea.db
 ; For "sqlite3" only. Query timeout
 SQLITE_TIMEOUT = 500
 ; For iterate buffer, default is 50
 ITERATE_BUFFER_SIZE = 50
 ; Show the database generated SQL
 LOG_SQL = true
 [indexer]
 ISSUE_INDEXER_PATH = indexers/issues.bleve
@@ -227,7 +220,7 @@ UPDATE_BUFFER_LEN = 20
 MAX_FILE_SIZE = 1048576
 [admin]
-; Disallow regular (non-admin) users from creating organizations.
+; Disable regular (non-admin) users to create organizations
 DISABLE_REGULAR_ORG_CREATION = false
 [security]
@@ -235,13 +228,13 @@ DISABLE_REGULAR_ORG_CREATION = false
 INSTALL_LOCK = false
 ; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
 SECRET_KEY = !#@FDEWREWR&*(
-; How long to remember that an user is logged in before requiring relogin (in days)
+; Auto-login remember days
 LOGIN_REMEMBER_DAYS = 7
 COOKIE_USERNAME = gitea_awesome
 COOKIE_REMEMBER_NAME = gitea_incredible
 ; Reverse proxy authentication header name of user name
 REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
-; The minimum password length for new Users
+; Sets the minimum password length for new Users
 MIN_PASSWORD_LENGTH = 6
 ; True when users are allowed to import local server paths
 IMPORT_LOCAL_PATHS = false
@@ -250,7 +243,7 @@ DISABLE_GIT_HOOKS = false
 [openid]
 ;
-; OpenID is an open, standard and decentralized authentication protocol.
+; OpenID is an open standard and decentralized authentication protocol.
 ; Your identity is the address of a webpage you provide, which describes
 ; how to prove you are in control of that page.
 ;
@@ -269,7 +262,7 @@ DISABLE_GIT_HOOKS = false
 ; Whether to allow signin in via OpenID
 ENABLE_OPENID_SIGNIN = true
 ; Whether to allow registering via OpenID
-; Do not include to rely on rhw DISABLE_REGISTRATION setting
+; Do not include to rely on DISABLE_REGISTRATION setting
 ;ENABLE_OPENID_SIGNUP = true
 ; Allowed URI patterns (POSIX regexp).
 ; Space separated.
@@ -285,14 +278,12 @@ BLACKLISTED_URIS =
 [service]
 ; Time limit to confirm account/email registration
 ACTIVE_CODE_LIVE_MINUTES = 180
-; Time limit to perform the reset of a forgotten password
+; Time limit to confirm forgot password reset process
 RESET_PASSWD_CODE_LIVE_MINUTES = 180
-; Whether a new user needs to confirm their email when registering.
+; User need to confirm e-mail for registration
 REGISTER_EMAIL_CONFIRM = false
-; Disallow registration, only allow admins to create accounts.
+; Does not allow register and admin create account only
 DISABLE_REGISTRATION = false
 ; Allow registration only using third part services, it works only when DISABLE_REGISTRATION is false
 ALLOW_ONLY_EXTERNAL_REGISTRATION = false
 ; User must sign in to view anything.
 REQUIRE_SIGNIN_VIEW = false
 ; Mail notification
@@ -303,21 +294,19 @@ ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
 ; Enable captcha validation for registration
 ENABLE_CAPTCHA = true
 ; Default value for KeepEmailPrivate
-; Each new user will get the value of this setting copied into their profile
+; New user will get the value of this setting copied into their profile
 DEFAULT_KEEP_EMAIL_PRIVATE = false
 ; Default value for AllowCreateOrganization
-; Every new user will have rights set to create organizations depending on this setting
+; New user will have rights set to create organizations depending on this setting
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
 ; Enable Timetracking
 ENABLE_TIMETRACKING = true
 ; Default value for EnableTimetracking
 ; Repositories will use timetracking by default depending on this setting
 DEFAULT_ENABLE_TIMETRACKING = true
 ; Default value for AllowOnlyContributorsToTrackTime
-; Only users with write permissions can track time if this is true
+; Only users with write permissions could track time if this is true
 DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
 ; Default value for the domain part of the user's email address in the git log
-; if he has set KeepEmailPrivate to true. The user's email will be replaced with a
+; if he has set KeepEmailPrivate true. The user's email replaced with a
 ; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
 NO_REPLY_ADDRESS = noreply.example.org
@@ -342,9 +331,9 @@ SUBJECT = %(APP_NAME)s
 ; QQ: smtp.qq.com:465
 ; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
 HOST =
-; Disable HELO operation when hostnames are different.
+; Disable HELO operation when hostname are different.
 DISABLE_HELO =
-; Custom hostname for HELO operation, if no value is provided, one is retrieved from system.
+; Custom hostname for HELO operation, default is from system.
 HELO_HOSTNAME =
 ; Do not verify the certificate of the server. Only use this for self-signed certificates
 SKIP_VERIFY =
@@ -384,7 +373,7 @@ ITEM_TTL = 16h
 ; Either "memory", "file", or "redis", default is "memory"
 PROVIDER = memory
 ; Provider config options
-; memory: doesn't have any config yet
+; memory: not have any config yet
 ; file: session file path, e.g. `data/sessions`
 ; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
 ; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
@@ -402,18 +391,14 @@ SESSION_LIFE_TIME = 86400
 [picture]
 AVATAR_UPLOAD_PATH = data/avatars
 ; Max Width and Height of uploaded avatars. This is to limit the amount of RAM
 ; used when resizing the image.
 AVATAR_MAX_WIDTH = 4096
 AVATAR_MAX_HEIGHT = 3072
 ; Chinese users can choose "duoshuo"
 ; or a custom avatar source, like: http://cn.gravatar.com/avatar/
 GRAVATAR_SOURCE = gravatar
-; This value will always be true in offline mode.
+; This value will be forced to be true in offline mode.
 DISABLE_GRAVATAR = false
 ; Federated avatar lookup uses DNS to discover avatar associated
 ; with emails, see https://www.libravatar.org
-; This value will always be false in offline mode or when Gravatar is disabled.
+; This value will be forced to be false in offline mode or Gravatar is disabled.
 ENABLE_FEDERATED_AVATAR = false
 [attachment]
@@ -423,9 +408,9 @@ ENABLED = true
 PATH = data/attachments
 ; One or more allowed types, e.g. image/jpeg|image/png
 ALLOWED_TYPES = image/jpeg|image/png|application/zip|application/gzip
-; Max size of each file. Defaults to 4MB
+; Max size of each file. Defaults to 32MB
 MAX_SIZE = 4
-; Max number of files per upload. Defaults to 5
+; Max number of files per upload. Defaults to 10
 MAX_FILES = 5
 [time]
@@ -439,7 +424,7 @@ ROOT_PATH =
 ; Either "console", "file", "conn", "smtp" or "database", default is "console"
 ; Use comma to separate multiple modes, e.g. "console, file"
 MODE = console
-; Buffer length of the channel, keep it as it is if you don't know what it is.
+; Buffer length of channel, keep it as it is if you don't know what it is.
 BUFFER_LEN = 10000
 ; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
 LEVEL = Trace
@@ -453,13 +438,13 @@ LEVEL =
 LEVEL =
 ; This enables automated log rotate(switch of following options), default is true
 LOG_ROTATE = true
-; Max number of lines in a single file, default is 1000000
+; Max line number of single file, default is 1000000
 MAX_LINES = 1000000
-; Max size shift of a single file, default is 28 means 1 << 28, 256MB
+; Max size shift of single file, default is 28 means 1 << 28, 256MB
 MAX_SIZE_SHIFT = 28
 ; Segment log daily, default is true
 DAILY_ROTATE = true
-; delete the log file after n days, default is 7
+; Expired days of log file(delete after max days), default is 7
 MAX_DAYS = 7
 ; For "conn" mode only
@@ -543,9 +528,9 @@ UPDATE_EXISTING = true
 [git]
 ; Disables highlight of added and removed changes
 DISABLE_DIFF_HIGHLIGHT = false
-; Max number of lines allowed in a single file in diff view
+; Max number of lines allowed of a single file in diff view
 MAX_GIT_DIFF_LINES = 1000
-; Max number of allowed characters in a line in diff view
+; Max number of characters of a line allowed in diff view
 MAX_GIT_DIFF_LINE_CHARACTERS = 5000
 ; Max number of files shown in diff view
 MAX_GIT_DIFF_FILES = 100
@@ -568,27 +553,24 @@ DEFAULT_INTERVAL = 8h
 MIN_INTERVAL = 10m
 [api]
-; Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true.
+; Max number of items will response in a page
 ENABLE_SWAGGER_ENDPOINT = true
 ; Max number of items in a page
 MAX_RESPONSE_ITEMS = 50
 [i18n]
-LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
+LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
-NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,français,Nederlands,latviešu,русский,Українська,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
+NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어
 ; Used for datetimepicker
 [i18n.datelang]
 en-US = en
 zh-CN = zh
-zh-HK = zh-HK
+zh-HK = zh-TW
 zh-TW = zh-TW
 de-DE = de
 fr-FR = fr
 nl-NL = nl
 lv-LV = lv
 ru-RU = ru
 uk-UA = uk
 ja-JP = ja
 es-ES = es
 pt-BR = pt-BR
@@ -602,13 +584,6 @@ sr-SP = sr
 sv-SE = sv
 ko-KR = ko
 [U2F]
 ; Two Factor authentication with security keys
 ; https://developers.yubico.com/U2F/App_ID.html
 APP_ID = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
 ; Comma seperated list of truisted facets
 TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
 ; Extension mapping to highlight class
 ; e.g. .toml=ini
 [highlight.mapping]
@@ -617,7 +592,7 @@ TRUSTED_FACETS = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
 SHOW_FOOTER_BRANDING = false
 ; Show version information about Gitea and Go in the footer
 SHOW_FOOTER_VERSION = true
-; Show template execution time in the footer
+; Show time of template execution in the footer
 SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
 [markup.asciidoc]
@@ -626,5 +601,5 @@ ENABLED = false
 FILE_EXTENSIONS = .adoc,.asciidoc
 ; External command to render all matching extensions
 RENDER_COMMAND = "asciidoc --out-file=- -"
-; Don't pass the file on STDIN, pass the filename as argument instead.
+; Input is not a standard input but a file
 IS_INPUT_FILE = false
--- a/docker/Makefile
+++ b/docker/Makefile
@@ -7,9 +7,5 @@ DOCKER_REF := $(DOCKER_IMAGE):$(DOCKER_TAG)
 .PHONY: docker
 docker:
 	docker build --disable-content-trust=false -t $(DOCKER_REF) .
 # support also build args docker build --build-arg GITEA_VERSION=v1.2.3 --build-arg TAGS="bindata sqlite"  .
 .PHONY: docker-build
 docker-build:
 	docker run -ti --rm -v $(CURDIR):/srv/app/src/code.gitea.io/gitea -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" webhippie/golang:edge make clean generate build
 	docker build --disable-content-trust=false -t $(DOCKER_REF) .
--- a/docker/etc/s6/gitea/run
+++ b/docker/etc/s6/gitea/run
@@ -2,5 +2,5 @@
 [[ -f ./setup ]] && source ./setup
 pushd /app/gitea > /dev/null
-    exec su-exec $USER /app/gitea/gitea web
+    exec su-exec git /app/gitea/gitea web
 popd
--- a/docker/etc/s6/gitea/setup
+++ b/docker/etc/s6/gitea/setup
@@ -33,11 +33,9 @@ if [ ! -f /data/gitea/conf/app.ini ]; then
    DB_USER=${DB_USER:-"root"} \
    DB_PASSWD=${DB_PASSWD:-""} \
    INSTALL_LOCK=${INSTALL_LOCK:-"false"} \
    DISABLE_REGISTRATION=${DISABLE_REGISTRATION:-"false"} \
    REQUIRE_SIGNIN_VIEW=${REQUIRE_SIGNIN_VIEW:-"false"} \
    SECRET_KEY=${SECRET_KEY:-""} \
    envsubst < /etc/templates/app.ini > /data/gitea/conf/app.ini
 fi
-chown -R ${USER}:git /data/gitea /app/gitea /data/git
+chown -R git:git /data/gitea /app/gitea /data/git
 chmod 0755 /data/gitea /app/gitea /data/git
--- a/docker/etc/templates/app.ini
+++ b/docker/etc/templates/app.ini
@@ -38,7 +38,3 @@ ROOT_PATH = /data/gitea/log
 [security]
 INSTALL_LOCK = $INSTALL_LOCK
 SECRET_KEY   = $SECRET_KEY
 [service]
 DISABLE_REGISTRATION = $DISABLE_REGISTRATION
 REQUIRE_SIGNIN_VIEW  = $REQUIRE_SIGNIN_VIEW
--- a/docker/usr/bin/entrypoint
+++ b/docker/usr/bin/entrypoint
@@ -1,12 +1,5 @@
 #!/bin/sh
 if [ "${USER}" != "git" ]; then
    # rename user
    sed -i -e "s/^git\:/${USER}\:/g" /etc/passwd
    # switch sshd config to different user
    sed -i -e "s/AllowUsers git/AllowUsers ${USER}/g" /etc/ssh/sshd_config
 fi
 ## Change GID for USER?
 if [ -n "${USER_GID}" ] && [ "${USER_GID}" != "`id -g ${USER}`" ]; then
    sed -i -e "s/^${USER}:\([^:]*\):[0-9]*/${USER}:\1:${USER_GID}/" /etc/group
--- a/docs/content/doc/advanced/api-usage.en-us.md
+++ b/docs/content/doc/advanced/api-usage.en-us.md
@@ -1,75 +0,0 @@
 ---
 date: "2018-06-24:00:00+02:00"
 title: "API Usage"
 slug: "api-usage"
 weight: 40
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "advanced"
    name: "API Usage"
    weight: 40
    identifier: "api-usage"
 ---
 # Gitea API Usage
 ## Enabling/configuring API access
 By default, `ENABLE_SWAGGER_ENDPOINT` is true, and
 `MAX_RESPONSE_ITEMS` is set to 50.  See [Config Cheat
 Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) for more
 information.
 ## Authentication via the API
 Gitea supports these methods of API authentication:
 - HTTP basic authentication
 - `token=...` parameter in URL query string
 - `access_token=...` parameter in URL query string
 - `Authorization: token ...` header in HTTP headers
 All of these methods accept the same apiKey token type.  You can
 better understand this by looking at the code -- as of this writing,
 Gitea parses queries and headers to find the token in
 [modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
 You can create an apiKey token via your gitea install's web interface:
 `Settings | Applications | Generate New Token`.
 ### More on the `Authorization:` header
 For historical reasons, Gitea needs the word `token` included before
 the apiKey token in an authorization header, like this:
 ```
 Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675
 ```
 In a `curl` command, for instance, this would look like:
 ```
 curl -X POST "http://localhost:4000/api/v1/repos/test1/test1/issues" \
    -H "accept: application/json" \
    -H "Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675" \
    -H "Content-Type: application/json" -d "{ \"body\": \"testing\", \"title\": \"test 20\"}" -i
 ```
 As mentioned above, the token used is the same one you would use in
 the `token=` string in a GET request.
 ## Listing your issued tokens via the API
 As mentioned in
 [#3842](https://github.com/go-gitea/gitea/issues/3842#issuecomment-397743346),
 `/users/:name/tokens` is special and requires you to authenticate
 using BasicAuth, as follows:
 ### Using basic authentication:
 ```
 $ curl --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
 [{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]
 ```
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -24,7 +24,7 @@ typically be found at `/etc/gitea/conf/app.ini`.
 The defaults provided here are best-effort (not built automatically). They are
 accurately recorded in [app.ini.sample](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.ini.sample)
-(s/master/\<tag|release\>). Any string in the format `%(X)s` is a feature powered
+(s/master/<tag|release\>). Any string in the format `%(X)s` is a feature powered
 by [ini](https://github.com/go-ini/ini/#recursive-values), for reading values recursively.
 Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
@@ -84,9 +84,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `PROTOCOL`: **http**: \[http, https, fcgi, unix\]
 - `DOMAIN`: **localhost**: Domain name of this server.
- `ROOT_URL`: **%(PROTOCOL)s://%(DOMAIN)s:%(HTTP\_PORT)s/**:
+- `ROOT_URL`: **%(PROTOCOL)s://%(DOMAIN)s:%(HTTP\_PORT)s/**: Full public URL of Gitea server.
   Overwrite the automatically generated public URL.
   This is useful if the internal and the external URL don't match (e.g. in Docker).
 - `HTTP_ADDR`: **0.0.0.0**: HTTP listen address.
   - If `PROTOCOL` is set to `fcgi`, Gitea will listen for FastCGI requests on TCP socket
     defined by `HTTP_ADDR` and `HTTP_PORT` configuration settings.
@@ -95,11 +93,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
   - If `PROTOCOL` is set to `fcgi`, Gitea will listen for FastCGI requests on TCP socket
     defined by `HTTP_ADDR` and `HTTP_PORT` configuration settings.
 - `UNIX_SOCKET_PERMISSION`: **666**: Permissions for the Unix socket.
 - `LOCAL_ROOT_URL`: **%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/**: Local
   (DMZ) URL for Gitea workers (such as SSH update) accessing web service. In
   most cases you do not need to change the default value. Alter it only if
   your SSH server node is not the same as HTTP node. Do not set this variable
   if `PROTOCOL` is set to `unix`.
 - `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
 - `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server.
 - `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL.
@@ -115,7 +108,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `LFS_START_SERVER`: **false**: Enables git-lfs support.
 - `LFS_CONTENT_PATH`: **./data/lfs**: Where to store LFS files.
 - `LFS_JWT_SECRET`: **\<empty\>**: LFS authentication secret, change this a unique string.
 - `LFS_HTTP_AUTH_EXPIRY`: **20m**: LFS authentication validity period in time.Duration, pushes taking longer than this may fail.
 - `REDIRECT_OTHER_PORT`: **false**: If true and `PROTOCOL` is https, redirects http requests
   on another (https) port.
 - `PORT_TO_REDIRECT`: **80**: Port used when `REDIRECT_OTHER_PORT` is true.
@@ -126,10 +118,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `HOST`: **127.0.0.1:3306**: Database host address and port.
 - `NAME`: **gitea**: Database name.
 - `USER`: **root**: Database username.
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
+- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password. 
 - `SSL_MODE`: **disable**: For PostgreSQL only.
 - `PATH`: **data/gitea.db**: For SQLite3 only, the database file path.
 - `LOG_SQL`: **true**: Log the executed SQL.
 ## Indexer (`indexer`)
@@ -151,7 +142,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
   authentication.
 - `DISABLE_GIT_HOOKS`: **false**: Prevent all users (including admin) from creating custom
   git hooks.
 - `IMPORT_LOCAL_PATHS`: **false**: Prevent all users (including admin) from importing local path on server.
 ## OpenID (`openid`)
@@ -208,6 +198,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 ## Cache (`cache`)
 - `ADAPTER`: **memory**: Cache engine adapter, either `memory`, `redis`, or `memcache`.
   - To use `redis` or `memcache`, be sure to rebuild everything with build tags `redis` or
     `memcache`: `go build -tags='redis'`.
 - `INTERVAL`: **60**: Garbage Collection interval (sec), for memory cache only.
 - `HOST`: **\<empty\>**: Connection string for `redis` and `memcache`.
   - Redis: `network=tcp,addr=127.0.0.1:6379,password=macaron,db=0,pool_size=100,idle_timeout=180`
@@ -279,45 +271,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `MAX_GIT_DIFF_FILES`: **100**: Max number of files shown in diff view.
 - `GC_ARGS`: **\<empty\>**: Arguments for command `git gc`, e.g. `--aggressive --auto`.
 ## API (`api`)
 - `ENABLE_SWAGGER_ENDPOINT`: **true**: Enables /api/swagger, /api/v1/swagger etc. endpoints. True or false; default is true. 
 - `MAX_RESPONSE_ITEMS`: **50**: Max number of items in a page
 ## i18n (`i18n`)
 - `LANGS`: **en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR**: List of locales shown in language selector
 - `NAMES`: **English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어**: Visible names corresponding to the locales
 ### i18n - Datepicker Language (`i18n.datelang`)
 Maps locales to the languages used by the datepicker plugin
 - `en-US`: **en**
 - `zh-CN`: **zh**
 - `zh-HK`: **zh-HK**
 - `zh-TW`: **zh-TW**
 - `de-DE`: **de**
 - `fr-FR`: **fr**
 - `nl-NL`: **nl**
 - `lv-LV`: **lv**
 - `ru-RU`: **ru**
 - `ja-JP`: **ja**
 - `es-ES`: **es**
 - `pt-BR`: **pt-BR**
 - `pl-PL`: **pl**
 - `bg-BG`: **bg**
 - `it-IT`: **it**
 - `fi-FI`: **fi**
 - `tr-TR`: **tr**
 - `cs-CZ`: **cs-CZ**
 - `sr-SP`: **sr**
 - `sv-SE`: **sv**
 - `ko-KR`: **ko**
 ## U2F (`U2F`)
 - `APP_ID`: **`ROOT_URL`**: Declares the facet of the application. Requires HTTPS.
 - `TRUSTED_FACETS`: List of additional facets which are trusted. This is not support by all browsers.
 ## Markup (`markup`)
 Gitea can support Markup using external tools. The example below will add a markup named `asciidoc`.
--- a/docs/content/doc/advanced/config-cheat-sheet.zh-cn.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.zh-cn.md
@@ -80,7 +80,6 @@ menu:
 - `PASSWD`: 数据库用户密码。
 - `SSL_MODE`: PostgreSQL数据库是否启用SSL模式。
 - `PATH`: Tidb 或者 SQLite3 数据文件存放路径。
 - `LOG_SQL`: **true**: 显示生成的SQL，默认为真。
 ## Security (`security`)
--- a/docs/content/doc/features/comparison.en-us.md
+++ b/docs/content/doc/features/comparison.en-us.md
@@ -1,119 +0,0 @@
 ---
 date: "2018-05-07T13:00:00+02:00"
 title: "Gitea compared to other Git hosting options"
 slug: "comparison"
 weight: 5
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "features"
    name: "Comparison"
    weight: 5
    identifier: "comparison"
 ---
 # Gitea compared to other Git hosting options
 To help decide if Gitea is suited for your needs here is how it compares to other Git self hosted options.
 Be warned that we don't regularly check for feature changes in other products so this list can be outdated. If you find anything that needs to be updated in table below please report [issue on Github](https://github.com/go-gitea/gitea/issues).
 _Symbols used in table:_
 * _✓ - supported_
 * _⁄ - supported with limited functionality_
 * _✘ - unsupported_
 #### General Features
 | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
 |---------|-------|------|-----------|-----------|-----------|-----------|--------------|
 | Open source and free | ✓ | ✓ | ✘| ✓ | ✘ | ✘ | ✓ |
 | Low resource usage (RAM/CPU) | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ |
 | Multiple database support | ✓ | ✓ | ✘ | ⁄ | ⁄ | ✓ | ✓ |
 | Multiple OS support | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ |
 | Easy upgrade process | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ |
 | Markdown support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Static Git-powered pages | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Integrated Git-powered wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Deploy Tokens | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Repository Tokens with write rights | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
 | Built-in Container Registry | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | External git mirroring | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
 | FIDO U2F (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Built-in CI/CD | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Subgroups: groups within groups | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ |
 #### Code management
 | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
 |---------|-------|------|-----------|-----------|-----------|-----------|--------------|
 | Repository topics | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Repository code search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Global code search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ⁄ | ✓ |
 | Group Milestones | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Granular user roles (Code, Issues, Wiki etc) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Verified Committer | ✘ | ✘ | ? | ✓ | ✓ | ✓ | ✘ |
 | GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Reject unsigned commits | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
 | Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Branch manager | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Create new branches | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Web code editor | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Commit graph | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 #### Issue Tracker
 | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
 |---------|-------|------|-----------|-----------|-----------|-----------|--------------|
 | Issue tracker | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Issue templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Labels | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Time tracking | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Multiple assignees for issues | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Related issues | ✘ | ✘ | ⁄ | ✘ | ✓ | ✘ | ✘ |
 | Confidential issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Comment reactions | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Lock Discussion | ✘ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Batch issue handling | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Issue Boards | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Create new branches from issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 | Issue search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Global issue search | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 #### Pull/Merge requests
 | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
 |---------|-------|------|-----------|-----------|-----------|-----------|--------------|
 | Pull/Merge requests | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Squash merging | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ |
 | Rebase merging | ✓ | ✓ | ✓ | ✘ | ⁄ | ✘ | ✓ |
 | Pull/Merge request inline comments | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Pull/Merge request approval | ✘ | ✘ | ⁄ | ✓ | ✓ | ✓ | ✓ |
 | Merge conflict resolution | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Restrict push and merge access to certain users | ✓ | ✘ | ✓ | ⁄ | ✓ | ✓ | ✓ |
 | Revert specific commits or a merge request | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Pull/Merge requests templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
 | Cherry-picking changes | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
 #### 3rd-party integrations
 | Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
 |---------|-------|------|-----------|-----------|-----------|-----------|--------------|
 | Webhook support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Custom Git Hooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | AD / LDAP integration | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | Multiple LDAP / AD server support | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
 | LDAP user synchronization | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
 | OpenId Connect support | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ |
 | OAuth 2.0 integration (external authorization) | ✓ | ✘ | ⁄ | ✓ | ✓ | ? | ✓ |
 | Act as OAuth 2.0 provider | ✘ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Two factor authentication (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
 | Mattermost/Slack integration | ✓ | ✓ | ⁄ | ✓ | ✓ | ⁄ | ✓ |
 | Discord integration | ✓ | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ |
 | External CI/CD status display | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
--- a/docs/content/doc/help/seek-help.en-us.md
+++ b/docs/content/doc/help/seek-help.en-us.md
@@ -1,5 +1,5 @@
 ---
-date: "2018-05-21T15:00:00+00:00"
+date: "2017-01-20T15:00:00+08:00"
 title: "Support Options"
 slug: "seek-help"
 weight: 10
@@ -16,7 +16,8 @@ menu:
 # Support Options
 - [Discord](https://discord.gg/NsatcWJ)
- [Discourse Forum](https://discourse.gitea.io/)
+- [#gitea on Freenode](http://webchat.freenode.net?nick=giteachat....&channels=%23gitea&prompt=1)
 - [Matrix](https://matrix.to/#/#gitea-dev:matrix.org)
 ## Bugs
--- a/docs/content/doc/help/troubleshooting.en-us.md
+++ b/docs/content/doc/help/troubleshooting.en-us.md
@@ -66,17 +66,3 @@ In this case, look into the following settings:
    * `usermod` or `chsh` can be used to modify this.
  * Ensure that the `gitea serv` command in `.ssh/authorized_keys` uses the
    correct configuration file.
 ## Missing releases after migrating repository with tags
 To migrate an repository *with* all tags you need to do two things
 * Push tags to the repository:
 ```
 git push --tags
 ```
 * (Re-)sync tags of all repositories within gitea:
 ```
 gitea admin repo-sync-releases
 ```
--- a/docs/content/doc/installation/from-binary.en-us.md
+++ b/docs/content/doc/installation/from-binary.en-us.md
@@ -20,8 +20,8 @@ embedded assets. This can be different for older releases. Choose the file match
 the destination platform from the [downloads page](https://dl.gitea.io/gitea), copy
 the URL and replace the URL within the commands below:
-```sh
+```
-wget -O gitea https://dl.gitea.io/gitea/1.4.2/gitea-1.4.2-linux-amd64
+wget -O gitea https://dl.gitea.io/gitea/1.3.2/gitea-1.3.2-linux-amd64
 chmod +x gitea
 ```
@@ -34,54 +34,6 @@ location. When launched manually, Gitea can be killed using `Ctrl+C`.
 ./gitea web
 ```
 ## Recommended server configuration
 ### Prepare environment
 Check that git is installed on the server, if it is not install it first.
 ```sh
 git --version
 ```
 Create user to run gitea (ex. `git`)
 ```sh
 adduser \
   --system \
   --shell /bin/bash \
   --gecos 'Git Version Control' \
   --group \
   --disabled-password \
   --home /home/git \
   git
 ```
 ### Create required directory structure
 ```sh
 mkdir -p /var/lib/gitea/{custom,data,indexers,public,log}
 chown git:git /var/lib/gitea/{data,indexers,log}
 chmod 750 /var/lib/gitea/{data,indexers,log}
 mkdir /etc/gitea
 chown root:git /etc/gitea
 chmod 770 /etc/gitea
 ```
 **NOTE:** `/etc/gitea` is temporary set with write rights for user `git` so that Web installer could write configuration file. After installation is done it is recommended to set rights to read-only using:
 ```
 chmod 750 /etc/gitea
 chmod 644 /etc/gitea/app.ini
 ```
 ### Copy gitea binary to global location
 ```
 cp gitea /usr/local/bin/gitea
 ```
 ### Create service file to start gitea automatically
 See how to create [Linux service]({{< relref "run-as-service-in-ubuntu.en-us.md" >}})
 ## Troubleshooting
 ### Old glibc versions
--- a/docs/content/doc/installation/from-package.en-us.md
+++ b/docs/content/doc/installation/from-package.en-us.md
@@ -17,13 +17,16 @@ menu:
 ## Debian
-Although there is a package of Gitea in Debian's [contrib](https://wiki.debian.org/SourcesList),
+The only distribution that has any "official" package of Gitea is Debian. This is currently
-it is not supported directly by us.
+in Debian's [contrib](https://wiki.debian.org/SourcesList). This is (currently) only available
 in Debian testing and unstable (but should be installable/functional on stable).
-Unfortunately the package is not maintained anymore and broken because of missing sources.
+- Edit /etc/apt/sourced.list
-Please follow the [deployment from binary]({{< relref "from-binary.en-us.md" >}}) guide instead.
+   - Add "contrib" to "deb http://deb.debian.org/debian unstable main contrib"
 - apt-get update
 - apt-get install gitea
-Should the packages get updated and fixed, we will provide up-to-date installation instructions here.
+For other distributions, see the [deployment from binary]({{< relref "from-binary.en-us.md" >}}) guide.
 ## Windows
--- a/docs/content/doc/installation/with-docker.en-us.md
+++ b/docs/content/doc/installation/with-docker.en-us.md
@@ -28,8 +28,6 @@ the official [install instructions](https://docs.docker.com/compose/install/).
 The most simple setup just creates a volume and a network and starts the `gitea/gitea:latest`
 image as a service. Since there is no database available one can be initialized using SQLite3.
 Create a directory like `gitea` and paste the following content into a file named `docker-compose.yml`.
 Note that the volume should be owned by the user/group with the UID/GID specified in the config file.
 If you don't give the volume correct permissions, the container may not start.
 ```yaml
 version: "2"
@@ -41,9 +39,6 @@ networks:
 services:
  server:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - gitea
@@ -70,9 +65,6 @@ networks:
 services:
  server:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - gitea
@@ -100,9 +92,6 @@ networks:
 services:
  server:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - gitea
@@ -143,17 +132,14 @@ networks:
 services:
  server:
    image: gitea/gitea:latest
    environment:
      - USER_UID=1000
      - USER_GID=1000
    restart: always
    networks:
      - gitea
    volumes:
      - ./gitea:/data
-    ports:
+     ports:
-      - "3000:3000"
+       - "3000:3000"
-      - "222:22"
+       - "222:22"
 +    depends_on:
 +      - db
 +
@@ -174,8 +160,7 @@ services:
 To use named volumes instead of host volumes, define and use the named volume
 within the `docker-compose.yml` configuration. This change will automatically
-create the required volume. You don't need to worry about permissions with
+create the required volume.
 named volumes, Docker will deal with that automatically.
 ```diff
 version: "2"
@@ -223,31 +208,6 @@ favorite browser to finalize the installation. Visit http://server-ip:3000 and f
 installation wizard. If the database was started with the `docker-compose` setup as
 documented above please note that `db` must be used as the database hostname.
 ## Environments variables
 You can configure some of Gitea's settings via environment variables:
 (Default values are provided in **bold**)
 * `APP_NAME`: **"Gitea: Git with a cup of tea"**: Application name, used in the page title.
 * `RUN_MODE`: **dev**: For performance and other purposes, change this to `prod` when deployed to a production environment.
 * `SSH_DOMAIN`: **localhost**: Domain name of this server, used for the displayed clone URL in Gitea's UI.
 * `SSH_PORT`: **22**: SSH port displayed in clone URL.
 * `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
 * `HTTP_PORT`: **3000**: HTTP listen port.
 * `ROOT_URL`: **""**: Overwrite the automatically generated public URL. This is useful if the internal and the external URL don't match (e.g. in Docker).
 * `DB_TYPE`: **sqlite3**: The database type in use \[mysql, postgres, mssql, sqlite3\].
 * `DB_HOST`: **localhost:3306**: Database host address and port.
 * `DB_NAME`: **gitea**: Database name.
 * `DB_USER`: **root**: Database username.
 * `DB_PASSWD`: **"<empty>"**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
 * `INSTALL_LOCK`: **false**: Disallow access to the install page.
 * `SECRET_KEY`: **""**: Global secret key. This should be changed. If this has a value and `INSTALL_LOCK` is empty, `INSTALL_LOCK` will automatically set to `true`.
 * `DISABLE_REGISTRATION`: **false**: Disable registration, after which only admin can create accounts for users.
 * `REQUIRE_SIGNIN_VIEW`: **false**: Enable this to force users to log in to view any page.
 * `USER_UID`: **1000**: The UID (Unix user ID) of the user that runs Gitea within the container. Match this to the UID of the owner of the `/data` volume if using host volumes (this is not necessary with named volumes).
 * `USER_GID`: **1000**: The GID (Unix group ID) of the user that runs Gitea within the container. Match this to the GID of the owner of the `/data` volume if using host volumes (this is not necessary with named volumes).
 # Customization
 Customization files described [here](https://docs.gitea.io/en-us/customizing-gitea/) should
--- a/docs/content/doc/upgrade/from-gogs.en-us.md
+++ b/docs/content/doc/upgrade/from-gogs.en-us.md
@@ -19,10 +19,9 @@ Gogs, version 0.9.146 and older, can be easily migrated to Gitea.
 There are some basic steps to follow. On a Linux system run as the Gogs user:
-* Create a Gogs backup with `gogs backup`. This creates `gogs-backup-[timestamp].zip` file
+* Create a Gogs backup with `gogs dump`. This creates `gogs-dump-[timestamp].zip` file
-  containing all important Gogs data. You would need it if you wanted to move to the `gogs` back later.
+  containing all important Gogs data.
 * Download the file matching the destination platform from the [downloads page](https://dl.gitea.io/gitea).
 It should be `1.0.x` version. Migrating from `gogs` to any other version is impossible.
 * Put the binary at the desired install location.
 * Copy `gogs/custom/conf/app.ini` to `gitea/custom/conf/app.ini`.
 * Copy custom `templates, public` from `gogs/custom/` to `gitea/custom/`.
@@ -39,11 +38,6 @@ There are some basic steps to follow. On a Linux system run as the Gogs user:
 * Rename `gogs-data/` to `gitea-data/`
 * In `gitea/custom/conf/app.ini` change:
 ### Upgrading to most recent `gitea` version:
 After successful migration from `gogs` to `gitea 1.0.x` it is possible to upgrade to the recent `gitea` version.
 Simply download the file matching the destination platform from the [downloads page](https://dl.gitea.io/gitea)
 and replace the binary.
 FROM:
 ```
 [database]
--- a/docs/content/doc/usage/backup-and-restore.en-us.md
+++ b/docs/content/doc/usage/backup-and-restore.en-us.md
@@ -20,7 +20,7 @@ file can be unpacked and used to restore an instance.
 ## Backup Command (`dump`)
-Switch to the user running gitea: `su git`. Run `./gitea dump -c /path/to/app.ini` in the gitea installation
+Switch to the user running gitea: `su git`. Run `./gitea dump` in the gitea installation
 directory. There should be some output similar to the following:
 ```
@@ -34,8 +34,7 @@ directory. There should be some output similar to the following:
 Inside the `gitea-dump-1482906742.zip` file, will be the following:
-* `custom` - All config or customerize files in `custom/`.
+* `custom/conf/app.ini` - Server config.
 * `data` - Data directory in <GITEA_WORK_DIR>, except sessions if you are using file session. This directory includes `attachments`, `avatars`, `lfs`, `indexers`, sqlite file if you are using sqlite.
 * `gitea-db.sql` - SQL dump of database
 * `gitea-repo.zip` - Complete copy of the repository directory.
 * `log/` - Various logs. They are not needed for a recovery or migration.
--- a/docs/content/doc/usage/backup-and-restore.zh-cn.md
+++ b/docs/content/doc/usage/backup-and-restore.zh-cn.md
@@ -1,60 +0,0 @@
 ---
 date: "2018-06-06T09:33:00+08:00"
 title: "使用: 备份与恢复"
 slug: "backup-and-restore"
 weight: 11
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "usage"
    name: "备份与恢复"
    weight: 11
    identifier: "backup-and-restore"
 ---
 # 备份与恢复
 Gitea 已经实现了 `dump` 命令可以用来备份所有需要的文件到一个zip压缩文件。该压缩文件可以被用来进行数据恢复。
 ## 备份命令 (`dump`)
 先转到git用户的权限: `su git`. 再Gitea目录运行 `./gitea dump`。一般会显示类似如下的输出：
 ```
 2016/12/27 22:32:09 Creating tmp work dir: /tmp/gitea-dump-417443001
 2016/12/27 22:32:09 Dumping local repositories.../home/git/gitea-repositories
 2016/12/27 22:32:22 Dumping database...
 2016/12/27 22:32:22 Packing dump files...
 2016/12/27 22:32:34 Removing tmp work dir: /tmp/gitea-dump-417443001
 2016/12/27 22:32:34 Finish dumping in file gitea-dump-1482906742.zip
 ```
 最后生成的 `gitea-dump-1482906742.zip` 文件将会包含如下内容：
 * `custom` - 所有保存在 `custom/` 目录下的配置和自定义的文件。
 * `data` - 数据目录下的所有内容不包含使用文件session的文件。该目录包含 `attachments`, `avatars`, `lfs`, `indexers`, 如果使用sqlite 还会包含 sqlite 数据库文件。
 * `gitea-db.sql` - 数据库dump出来的 SQL。
 * `gitea-repo.zip` - Git仓库压缩文件。
 * `log/` - Logs文件，如果用作迁移不是必须的。
 中间备份文件将会在临时目录进行创建，如果您要重新指定临时目录，可以用 `--tempdir` 参数，或者用 `TMPDIR` 环境变量。
 ## Restore Command (`restore`)
 当前还没有恢复命令，恢复需要人工进行。主要是把文件和数据库进行恢复。
 例如：
 ```
 apt-get install gitea
 unzip gitea-dump-1482906742.zip
 cd gitea-dump-1482906742
 mv custom/conf/app.ini /etc/gitea/conf/app.ini
 unzip gitea-repo.zip
 mv gitea-repo/* /var/lib/gitea/repositories/
 chown -R gitea:gitea /etc/gitea/conf/app.ini /var/lib/gitea/repositories/
 mysql -u$USER -p$PASS $DATABASE <gitea-db.sql
 # or  sqlite3 $DATABASE_PATH <gitea-db.sql
 service gitea restart
 ```
--- a/docs/content/doc/usage/command-line.md
+++ b/docs/content/doc/usage/command-line.md
@@ -62,16 +62,8 @@ Admin operations:
        - Options:
            - `--username value`, `-u value`: Username. Required.
            - `--password value`, `-p value`: New password. Required.
            - `--config path`: Gitea configuration file path. Optional. (default: custom/conf/app.ini).
        - Examples:
            - `gitea admin change-password --username myname --password asecurepassword`
    - `regenerate`
        - Options:
            - `hooks`: Regenerate git-hooks for all repositories
            - `keys`: Regenerate authorized_keys file
        - Examples:
            - `gitea admin regenerate hooks`
            - `gitea admin regenerate keys`
 #### cert
@@ -103,19 +95,3 @@ in the current directory.
 - Examples:
    - `gitea dump`
    - `gitea dump --verbose`
 #### generate
 Generates random values and tokens for usage in configuration file. Useful for generating values
 for automatic deployments.
 - Commands:
    - `secret`:
        - Options:
            - `INTERNAL_TOKEN`: Token used for an internal API call authentication.
            - `LFS_JWT_SECRET`: LFS authentication secret.
            - `SECRET_KEY`: Global secret key.
        - Examples:
            - `gitea generate secret INTERNAL_TOKEN`
            - `gitea generate secret LFS_JWT_SECRET`
            - `gitea generate secret SECRET_KEY`
--- a/docs/content/doc/usage/fail2ban-setup.md
+++ b/docs/content/doc/usage/fail2ban-setup.md
@@ -1,60 +0,0 @@
 ---
 date: "2018-05-11T11:00:00+02:00"
 title: "Usage: Setup fail2ban"
 slug: "fail2ban-setup"
 weight: 16
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "usage"
    name: "Fail2ban setup"
    weight: 16
    identifier: "fail2ban-setup"
 ---
 # Fail2ban setup to block users after failed login attemts
 **Remember that fail2ban is powerful and can cause lots of issues if you do it incorrectly, so make 
 sure to test this before relying on it so you don't lock yourself out.**
 Gitea returns an HTTP 200 for bad logins in the web logs, but if you have logging options on in 
 `app.ini`, then you should be able to go off of log/gitea.log, which gives you something like this 
 on a bad authentication:
 ```log
 2018/04/26 18:15:54 [I] Failed authentication attempt for user from xxx.xxx.xxx.xxx
 ```
 So we set our filter in `/etc/fail2ban/filter.d/gitea.conf`:
 ```ini
 # gitea.conf
 [Definition]
 failregex =  .*Failed authentication attempt for .* from <HOST>
 ignoreregex =
 ```
 And configure it in `/etc/fail2ban/jail.d/jail.local`:
 ```ini
 [gitea]
 enabled = true
 port = http,https
 filter = gitea
 logpath = /home/git/gitea/log/gitea.log
 maxretry = 10
 findtime = 3600
 bantime = 900
 action = iptables-allports
 ```
 Make sure and read up on fail2ban and configure it to your needs, this bans someone 
 for **15 minutes** (from all ports) when they fail authentication 10 times in an hour.
 If you run Gitea behind a reverse proxy with nginx (for example with docker), you need to add
 this to your nginx configuration so that IPs don't show up as 127.0.0.1: 
 ```
 proxy_set_header X-Real-IP $remote_addr;
 ```
--- a/docs/content/doc/usage/https-support.md
+++ b/docs/content/doc/usage/https-support.md
@@ -1,46 +0,0 @@
 ---
 date: "2018-06-02T11:00:00+02:00"
 title: "Usage: HTTPS setup"
 slug: "https-setup"
 weight: 12
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "usage"
    name: "HTTPS setup"
    weight: 12
    identifier: "https-setup"
 ---
 # HTTPS setup to encrypt connections to Gitea
 ## Using built-in server
 Before you enable HTTPS make sure that you have valid SSL/TLS certificates.
 You could use self-generated certificates for evaluation and testing. Please run `gitea cert --host [HOST]` to generate a self signed certificate.
 To use Gitea's built-in HTTPS support you must change your `app.ini` file:
 ```ini
 [server]
 PROTOCOL=https
 ROOT_URL = `https://git.example.com:3000/`
 HTTP_PORT = 3000
 CERT_FILE = cert.pem
 KEY_FILE = key.pem
 ```
 To learn more about the config values, please checkout the [Config Cheat Sheet](../config-cheat-sheet#server).
 ## Using reverse proxy
 Setup up your reverse proxy like shown in the [reverse proxy guide](../reverse-proxies).
 After that, enable HTTPS by following one of these guides:
 * [nginx](https://nginx.org/en/docs/http/configuring_https_servers.html)
 * [apache2/httpd](https://httpd.apache.org/docs/2.4/ssl/ssl_howto.html)
 * [caddy](https://caddyserver.com/docs/tls)
 Note: You connection between your reverse proxy and gitea might be unencrypted. To encrypt it too follow the [built-in server guide](#using-built-in-server) and change
 the proxy url to `https://[URL]`.
--- a/docs/content/doc/usage/issue-pull-request-templates.en-us.md
+++ b/docs/content/doc/usage/issue-pull-request-templates.en-us.md
@@ -1,41 +0,0 @@
 ---
 date: "2018-05-10T16:00:00+02:00"
 title: "Usage: Issue and Pull Request templates"
 slug: "issue-pull-request-templates"
 weight: 15
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "usage"
    name: "Issue and Pull Request templates"
    weight: 15
    identifier: "issue-pull-request-templates"
 ---
 # Issue and Pull Request Templates
 For some projects there are a standard list of questions that users need to be asked
 for creating an issue, or adding a pull request. Gitea supports adding templates to the
 main branch of the repository so that they can autopopulate the form when users are 
 creating issues, and pull requests. This will cut down on the initial back and forth
 of getting some clarifiying details.
 Possible file names for issue templates:
 * ISSUE_TEMPLATE.md
 * issue_template.md
 * .gitea/ISSUE_TEMPLATE.md
 * .gitea/issue_template.md
 * .github/ISSUE_TEMPLATE.md
 * .github/issue_template.md
 Possible file names for PR templates:
 * PULL_REQUEST_TEMPLATE.md
 * pull_request_template.md
 * .gitea/PULL_REQUEST_TEMPLATE.md
 * .gitea/pull_request_template.md
 * .github/PULL_REQUEST_TEMPLATE.md
 * .github/pull_request_template.md
--- a/docs/content/doc/usage/reverse-proxies.en-us.md
+++ b/docs/content/doc/usage/reverse-proxies.en-us.md
@@ -1,104 +0,0 @@
 ---
 date: "2018-05-22T11:00:00+00:00"
 title: "Usage: Reverse Proxies"
 slug: "reverse-proxies"
 weight: 17
 toc: true
 draft: false
 menu:
  sidebar:
    parent: "usage"
    name: "Reverse Proxies"
    weight: 16
    identifier: "reverse-proxies"
 ---
 ##  Using Nginx as a reverse proxy
 If you want Nginx to serve your Gitea instance you can the following `server` section inside the `http` section of `nginx.conf`:
 ```
 server {
    listen 80;
    server_name git.example.com;
    location / {
        proxy_pass http://localhost:3000;
    }
 }
 ```
 ## Using Nginx with a Sub-path as a reverse proxy
 In case you already have a site, and you want Gitea to share the domain name, you can setup Nginx to serve Gitea under a sub-path by adding the following `server` section inside the `http` section of `nginx.conf`:
 ```
 server {
    listen 80;
    server_name git.example.com;
    location /git/ { # Note: Trailing slash
        proxy_pass http://localhost:3000/; # Note: Trailing slash
    }
 }
 ```
 Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
 ## Using Apache HTTPD as a reverse proxy
 If you want Apache HTTPD to serve your Gitea instance you can add the following to you Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
 ```
 <VirtualHost *:80>
    ...
    ProxyPreserveHost On
    ProxyRequests off
    ProxyPass / http://localhost:3000/
    ProxyPassReverse / http://localhost:3000/
 </VirtualHost>
 ```
 Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
 ## Using Apache HTTPD with a Sub-path as a reverse proxy
 In case you already have a site, and you want Gitea to share the domain name, you can setup Apache HTTPD to serve Gitea under a sub-path by adding the following to you Apache HTTPD configuration (usually located at `/etc/apache2/httpd.conf` in Ubuntu):
 ```
 <VirtualHost *:80>
    ...
    <Proxy *>
         Order allow,deny
         Allow from all
    </Proxy>
    ProxyPass /git http://localhost:3000 # Note: no trailing slash after either /git or port
    ProxyPassReverse /git http://localhost:3000 # Note: no trailing slash after either /git or port
 </VirtualHost>
 ```
 Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
 Note: The following Apache HTTPD mods must be enabled: `proxy`, `proxy_http`
 ## Using Caddy with a Sub-path as a reverse proxy
 If you want Caddy to serve your Gitea instance you can add the following server block to your Caddyfile:
 ```
 git.example.com {
    proxy / http://localhost:3000
 }
 ```
 ## Using Caddy with a Sub-path as a reverse proxy
 In case you already have a site, and you want Gitea to share the domain name, you can setup Caddy to serve Gitea under a sub-path by adding the following to you server block in your Caddyfile:
 ```
 git.example.com {
    proxy /git/ http://localhost:3000 # Note: Trailing Slash after /git/
 }
 ```
 Then set `[server] ROOT_URL = http://git.example.com/git/` in your configuration.
--- a/docs/content/page/index.en-us.md
+++ b/docs/content/page/index.en-us.md
@@ -75,7 +75,7 @@ Windows, on architectures like amd64, i386, ARM, PowerPC, and others.
        - MSSQL
        - TiDB (experimental, not recommended)
    - Configuration file
-        - [app.ini](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.ini.sample)
+        - [app.ini](https://github.com/go-gitea/gitea/blob/master/conf/app.ini)
    - Admin panel
        - Statistics
        - Actions
--- a/docs/content/page/index.fr-fr.md
+++ b/docs/content/page/index.fr-fr.md
@@ -70,7 +70,7 @@ Le but de ce projet est de fournir de la manière la plus simple, la plus rapide
        - MSSQL
        - [TiDB](https://github.com/pingcap/tidb) (expérimental)
    - Fichier de configuration
-        - Voir [ici](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.ini.sample)
+        - Voir [ici](https://github.com/go-gitea/gitea/blob/master/conf/app.ini)
    - Panel d'administration
        - Statistiques
        - Actions
--- a/integrations/README.md
+++ b/integrations/README.md
@@ -13,7 +13,7 @@ Make sure to perform a clean build before running tests:
 ## Run all tests via local drone
 ```
-drone exec --local --build-event "pull_request"
+drone exec --local --build.event "pull_request"
 ```
 ## Run sqlite integrations tests
--- a/integrations/api_admin_test.go
+++ b/integrations/api_admin_test.go
@@ -19,8 +19,7 @@ func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {
 	session := loginUser(t, "user1")
 	keyOwner := models.AssertExistsAndLoadBean(t, &models.User{Name: "user2"}).(*models.User)
-	token := getTokenForLoggedInUser(t, session)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys", keyOwner.Name)
 	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", keyOwner.Name, token)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDAu7tvIvX6ZHrRXuZNfkR3XLHSsuCK9Zn3X58lxBcQzuo5xZgB6vRwwm/QtJuF+zZPtY5hsQILBLmF+BZ5WpKZp1jBeSjH2G7lxet9kbcH+kIVj0tPFEoyKI9wvWqIwC4prx/WVk2wLTJjzBAhyNxfEq7C9CeiX9pQEbEqJfkKCQ== nocomment\n",
 		"title": "test-key",
@@ -37,7 +36,7 @@ func TestAPIAdminCreateAndDeleteSSHKey(t *testing.T) {
 		OwnerID:     keyOwner.ID,
 	})
-	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token="+token,
+	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d",
 		keyOwner.Name, newPublicKey.ID)
 	session.MakeRequest(t, req, http.StatusNoContent)
 	models.AssertNotExistsBean(t, &models.PublicKey{ID: newPublicKey.ID})
@@ -47,9 +46,8 @@ func TestAPIAdminDeleteMissingSSHKey(t *testing.T) {
 	prepareTestEnv(t)
 	// user1 is an admin user
 	session := loginUser(t, "user1")
 	token := getTokenForLoggedInUser(t, session)
-	req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d?token="+token, models.NonexistentID)
+	req := NewRequestf(t, "DELETE", "/api/v1/admin/users/user1/keys/%d", models.NonexistentID)
 	session.MakeRequest(t, req, http.StatusNotFound)
 }
@@ -59,8 +57,7 @@ func TestAPIAdminDeleteUnauthorizedKey(t *testing.T) {
 	normalUsername := "user2"
 	session := loginUser(t, adminUsername)
-	token := getTokenForLoggedInUser(t, session)
+	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys", adminUsername)
 	urlStr := fmt.Sprintf("/api/v1/admin/users/%s/keys?token=%s", adminUsername, token)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"key":   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDAu7tvIvX6ZHrRXuZNfkR3XLHSsuCK9Zn3X58lxBcQzuo5xZgB6vRwwm/QtJuF+zZPtY5hsQILBLmF+BZ5WpKZp1jBeSjH2G7lxet9kbcH+kIVj0tPFEoyKI9wvWqIwC4prx/WVk2wLTJjzBAhyNxfEq7C9CeiX9pQEbEqJfkKCQ== nocomment\n",
 		"title": "test-key",
@@ -70,8 +67,7 @@ func TestAPIAdminDeleteUnauthorizedKey(t *testing.T) {
 	DecodeJSON(t, resp, &newPublicKey)
 	session = loginUser(t, normalUsername)
-	token = getTokenForLoggedInUser(t, session)
+	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d",
 	req = NewRequestf(t, "DELETE", "/api/v1/admin/users/%s/keys/%d?token="+token,
 		adminUsername, newPublicKey.ID)
 	session.MakeRequest(t, req, http.StatusForbidden)
 }
--- a/integrations/api_branch_test.go
+++ b/integrations/api_branch_test.go
@@ -17,8 +17,7 @@ func testAPIGetBranch(t *testing.T, branchName string, exists bool) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user2")
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branches/%s", branchName)
 	req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branches/%s?token=%s", branchName, token)
 	resp := session.MakeRequest(t, req, NoExpectedStatus)
 	if !exists {
 		assert.EqualValues(t, http.StatusNotFound, resp.Code)
--- a/integrations/api_comment_test.go
+++ b/integrations/api_comment_test.go
@@ -69,9 +69,8 @@ func TestAPICreateComment(t *testing.T) {
 	repoOwner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, repoOwner.Name)
-	token := getTokenForLoggedInUser(t, session)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/comments",
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/comments?token=%s",
+		repoOwner.Name, repo.Name, issue.Index)
 		repoOwner.Name, repo.Name, issue.Index, token)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"body": commentBody,
 	})
@@ -94,9 +93,8 @@ func TestAPIEditComment(t *testing.T) {
 	repoOwner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, repoOwner.Name)
-	token := getTokenForLoggedInUser(t, session)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/comments/%d",
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/comments/%d?token=%s",
+		repoOwner.Name, repo.Name, comment.ID)
 		repoOwner.Name, repo.Name, comment.ID, token)
 	req := NewRequestWithValues(t, "PATCH", urlStr, map[string]string{
 		"body": newCommentBody,
 	})
@@ -119,9 +117,8 @@ func TestAPIDeleteComment(t *testing.T) {
 	repoOwner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, repoOwner.Name)
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/issues/comments/%d",
-	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/issues/comments/%d?token=%s",
+		repoOwner.Name, repo.Name, comment.ID)
 		repoOwner.Name, repo.Name, comment.ID, token)
 	session.MakeRequest(t, req, http.StatusNoContent)
 	models.AssertNotExistsBean(t, &models.Comment{ID: comment.ID})
--- a/integrations/api_gpg_keys_test.go
+++ b/integrations/api_gpg_keys_test.go
@@ -20,18 +20,16 @@ type makeRequestFunc func(testing.TB, *http.Request, int) *httptest.ResponseReco
 func TestGPGKeys(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user2")
 	token := getTokenForLoggedInUser(t, session)
 	tt := []struct {
 		name        string
 		makeRequest makeRequestFunc
 		token       string
 		results     []int
 	}{
-		{name: "NoLogin", makeRequest: MakeRequest, token: "",
+		{name: "NoLogin", makeRequest: MakeRequest,
 			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
 		},
-		{name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,
+		{name: "LoggedAsUser2", makeRequest: session.MakeRequest,
 			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}},
 	}
@@ -40,29 +38,29 @@ func TestGPGKeys(t *testing.T) {
 		//Basic test on result code
 		t.Run(tc.name, func(t *testing.T) {
 			t.Run("ViewOwnGPGKeys", func(t *testing.T) {
-				testViewOwnGPGKeys(t, tc.makeRequest, tc.token, tc.results[0])
+				testViewOwnGPGKeys(t, tc.makeRequest, tc.results[0])
 			})
 			t.Run("ViewGPGKeys", func(t *testing.T) {
-				testViewGPGKeys(t, tc.makeRequest, tc.token, tc.results[1])
+				testViewGPGKeys(t, tc.makeRequest, tc.results[1])
 			})
 			t.Run("GetGPGKey", func(t *testing.T) {
-				testGetGPGKey(t, tc.makeRequest, tc.token, tc.results[2])
+				testGetGPGKey(t, tc.makeRequest, tc.results[2])
 			})
 			t.Run("DeleteGPGKey", func(t *testing.T) {
-				testDeleteGPGKey(t, tc.makeRequest, tc.token, tc.results[3])
+				testDeleteGPGKey(t, tc.makeRequest, tc.results[3])
 			})
 			t.Run("CreateInvalidGPGKey", func(t *testing.T) {
-				testCreateInvalidGPGKey(t, tc.makeRequest, tc.token, tc.results[4])
+				testCreateInvalidGPGKey(t, tc.makeRequest, tc.results[4])
 			})
 			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {
-				testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[5])
+				testCreateNoneRegistredEmailGPGKey(t, tc.makeRequest, tc.results[5])
 			})
 			t.Run("CreateValidGPGKey", func(t *testing.T) {
-				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])
+				testCreateValidGPGKey(t, tc.makeRequest, tc.results[6])
 			})
 			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
-				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])
+				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.results[7])
 			})
 		})
 	}
@@ -72,7 +70,7 @@ func TestGPGKeys(t *testing.T) {
 		var keys []*api.GPGKey
-		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) //GET all keys
+		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") //GET all keys
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &keys)
@@ -93,7 +91,7 @@ func TestGPGKeys(t *testing.T) {
 		assert.EqualValues(t, false, primaryKey2.Emails[0].Verified)
 		var key api.GPGKey
-		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) //Primary key 1
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)) //Primary key 1
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &key)
 		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)
@@ -101,13 +99,13 @@ func TestGPGKeys(t *testing.T) {
 		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)
 		assert.EqualValues(t, true, key.Emails[0].Verified)
-		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)+"?token="+token) //Subkey of 38EA3BCED732982C
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)) //Subkey of 38EA3BCED732982C
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &key)
 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
 		assert.EqualValues(t, 0, len(key.Emails))
-		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)+"?token="+token) //Primary key 2
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)) //Primary key 2
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &key)
 		assert.EqualValues(t, "FABF39739FE1E927", key.KeyID)
@@ -121,7 +119,7 @@ func TestGPGKeys(t *testing.T) {
 	t.Run("CheckCommits", func(t *testing.T) {
 		t.Run("NotSigned", func(t *testing.T) {
 			var branch api.Branch
-			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed?token="+token)
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed")
 			resp := session.MakeRequest(t, req, http.StatusOK)
 			DecodeJSON(t, resp, &branch)
 			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
@@ -129,7 +127,7 @@ func TestGPGKeys(t *testing.T) {
 		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {
 			var branch api.Branch
-			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated?token="+token)
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated")
 			resp := session.MakeRequest(t, req, http.StatusOK)
 			DecodeJSON(t, resp, &branch)
 			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
@@ -137,7 +135,7 @@ func TestGPGKeys(t *testing.T) {
 		t.Run("SignedWithValidEmail", func(t *testing.T) {
 			var branch api.Branch
-			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign?token="+token)
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign")
 			resp := session.MakeRequest(t, req, http.StatusOK)
 			DecodeJSON(t, resp, &branch)
 			assert.EqualValues(t, true, branch.Commit.Verification.Verified)
@@ -145,39 +143,39 @@ func TestGPGKeys(t *testing.T) {
 	})
 }
-func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testViewOwnGPGKeys(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token)
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys")
 	makeRequest(t, req, expected)
 }
-func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testViewGPGKeys(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys?token="+token)
+	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys")
 	makeRequest(t, req, expected)
 }
-func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testGetGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1?token="+token)
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1")
 	makeRequest(t, req, expected)
 }
-func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testDeleteGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1?token="+token)
+	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1")
 	makeRequest(t, req, expected)
 }
-func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int, publicKey string) {
+func testCreateGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int, publicKey string) {
-	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys?token="+token, api.CreateGPGKeyOption{
+	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys", api.CreateGPGKeyOption{
 		ArmoredKey: publicKey,
 	})
 	makeRequest(t, req, expected)
 }
-func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testCreateInvalidGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	testCreateGPGKey(t, makeRequest, token, expected, "invalid_key")
+	testCreateGPGKey(t, makeRequest, expected, "invalid_key")
 }
-func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testCreateNoneRegistredEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
-	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+	testCreateGPGKey(t, makeRequest, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
 mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh
 dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O
@@ -196,9 +194,9 @@ INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz
 -----END PGP PUBLIC KEY BLOCK-----`)
 }
-func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testCreateValidGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
 	//User2 <user2@example.com> //primary & activated
-	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+	testCreateGPGKey(t, makeRequest, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
 mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW
 VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS
@@ -230,9 +228,9 @@ uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h
 -----END PGP PUBLIC KEY BLOCK-----`)
 }
-func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, token string, expected int) {
+func testCreateValidSecondaryEmailGPGKey(t *testing.T, makeRequest makeRequestFunc, expected int) {
 	//User2 <user21@example.com> //secondary and not activated
-	testCreateGPGKey(t, makeRequest, token, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+	testCreateGPGKey(t, makeRequest, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
 mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4
 PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD
--- a/integrations/api_issue_label_test.go
+++ b/integrations/api_issue_label_test.go
@@ -23,13 +23,12 @@ func TestAPIAddIssueLabels(t *testing.T) {
 	label := models.AssertExistsAndLoadBean(t, &models.Label{RepoID: repo.ID}).(*models.Label)
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
-	session := loginUser(t, owner.Name)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/labels",
-	token := getTokenForLoggedInUser(t, session)
+		owner.Name, repo.Name, issue.Index)
 	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/labels?token=%s",
 		owner.Name, repo.Name, issue.Index, token)
 	req := NewRequestWithJSON(t, "POST", urlStr, &api.IssueLabelsOption{
 		Labels: []int64{label.ID},
 	})
 	session := loginUser(t, owner.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
@@ -46,13 +45,12 @@ func TestAPIReplaceIssueLabels(t *testing.T) {
 	label := models.AssertExistsAndLoadBean(t, &models.Label{RepoID: repo.ID}).(*models.Label)
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
-	session := loginUser(t, owner.Name)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/labels",
-	token := getTokenForLoggedInUser(t, session)
+		owner.Name, repo.Name, issue.Index)
 	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues/%d/labels?token=%s",
 		owner.Name, repo.Name, issue.Index, token)
 	req := NewRequestWithJSON(t, "PUT", urlStr, &api.IssueLabelsOption{
 		Labels: []int64{label.ID},
 	})
 	session := loginUser(t, owner.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
--- a/integrations/api_issue_test.go
+++ b/integrations/api_issue_test.go
@@ -22,9 +22,8 @@ func TestAPIListIssues(t *testing.T) {
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/issues?state=all",
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/issues?state=all&token=%s",
+		owner.Name, repo.Name)
 		owner.Name, repo.Name, token)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiIssues []*api.Issue
 	DecodeJSON(t, resp, &apiIssues)
@@ -42,8 +41,8 @@ func TestAPICreateIssue(t *testing.T) {
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session)
+
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues?state=all&token=%s", owner.Name, repo.Name, token)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/issues?state=all", owner.Name, repo.Name)
 	req := NewRequestWithJSON(t, "POST", urlStr, &api.CreateIssueOption{
 		Body:     body,
 		Title:    title,
--- a/integrations/api_keys_test.go
+++ b/integrations/api_keys_test.go
@@ -46,8 +46,8 @@ func TestCreateReadOnlyDeployKey(t *testing.T) {
 	repoOwner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, repoOwner.Name)
-	token := getTokenForLoggedInUser(t, session)
+
-	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys?token=%s", repoOwner.Name, repo.Name, token)
+	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys", repoOwner.Name, repo.Name)
 	rawKeyBody := api.CreateKeyOption{
 		Title:    "read-only",
 		Key:      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDAu7tvIvX6ZHrRXuZNfkR3XLHSsuCK9Zn3X58lxBcQzuo5xZgB6vRwwm/QtJuF+zZPtY5hsQILBLmF+BZ5WpKZp1jBeSjH2G7lxet9kbcH+kIVj0tPFEoyKI9wvWqIwC4prx/WVk2wLTJjzBAhyNxfEq7C9CeiX9pQEbEqJfkKCQ== nocomment\n",
@@ -72,8 +72,8 @@ func TestCreateReadWriteDeployKey(t *testing.T) {
 	repoOwner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, repoOwner.Name)
-	token := getTokenForLoggedInUser(t, session)
+
-	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys?token=%s", repoOwner.Name, repo.Name, token)
+	keysURL := fmt.Sprintf("/api/v1/repos/%s/%s/keys", repoOwner.Name, repo.Name)
 	rawKeyBody := api.CreateKeyOption{
 		Title: "read-write",
 		Key:   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDsufOCrDDlT8DLkodnnJtbq7uGflcPae7euTfM+Laq4So+v4WeSV362Rg0O/+Sje1UthrhN6lQkfRkdWIlCRQEXg+LMqr6RhvDfZquE2Xwqv/itlz7LjbdAUdYoO1iH7rMSmYvQh4WEnC/DAacKGbhdGIM/ZBz0z6tHm7bPgbI9ykEKekTmPwQFP1Qebvf5NYOFMWqQ2sCEAI9dBMVLoojsIpV+KADf+BotiIi8yNfTG2rzmzpxBpW9fYjd1Sy1yd4NSUpoPbEJJYJ1TrjiSWlYOVq9Ar8xW1O87i6gBjL/3zN7ANeoYhaAXupdOS6YL22YOK/yC0tJtXwwdh/eSrh",
--- a/integrations/api_pull_test.go
+++ b/integrations/api_pull_test.go
@@ -20,8 +20,7 @@ func TestAPIViewPulls(t *testing.T) {
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, "user2")
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/pulls?state=all", owner.Name, repo.Name)
 	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/pulls?state=all&token="+token, owner.Name, repo.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var pulls []*api.PullRequest
--- a/integrations/api_releases_test.go
+++ b/integrations/api_releases_test.go
@@ -22,7 +22,7 @@ func TestAPICreateRelease(t *testing.T) {
 	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
 	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
 	session := loginUser(t, owner.LowerName)
-	token := getTokenForLoggedInUser(t, session)
+
 	gitRepo, err := git.OpenRepository(repo.RepoPath())
 	assert.NoError(t, err)
@@ -32,8 +32,8 @@ func TestAPICreateRelease(t *testing.T) {
 	commitID, err := gitRepo.GetTagCommitID("v0.0.1")
 	assert.NoError(t, err)
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases?token=%s",
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases",
-		owner.Name, repo.Name, token)
+		owner.Name, repo.Name)
 	req := NewRequestWithJSON(t, "POST", urlStr, &api.CreateReleaseOption{
 		TagName:      "v0.0.1",
 		Title:        "v0.0.1",
@@ -53,8 +53,8 @@ func TestAPICreateRelease(t *testing.T) {
 		Note:    newRelease.Note,
 	})
-	urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/%d?token=%s",
+	urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/%d",
-		owner.Name, repo.Name, newRelease.ID, token)
+		owner.Name, repo.Name, newRelease.ID)
 	req = NewRequest(t, "GET", urlStr)
 	resp = session.MakeRequest(t, req, http.StatusOK)
--- a/integrations/api_repo_raw_test.go
+++ b/integrations/api_repo_raw_test.go
@@ -16,17 +16,16 @@ func TestAPIReposRaw(t *testing.T) {
 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
 	// Login as User2.
 	session := loginUser(t, user.Name)
 	token := getTokenForLoggedInUser(t, session)
 	for _, ref := range [...]string{
 		"master", // Branch
 		"v1.1",   // Tag
 		"65f1bf27bc3bf70f64657658635e66094edbcb4d", // Commit
 	} {
-		req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md?token="+token, user.Name, ref)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/%s/README.md", user.Name, ref)
 		session.MakeRequest(t, req, http.StatusOK)
 	}
 	// Test default branch
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md?token="+token, user.Name)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/repo1/raw/README.md", user.Name)
 	session.MakeRequest(t, req, http.StatusOK)
 }
--- a/integrations/api_repo_test.go
+++ b/integrations/api_repo_test.go
@@ -67,16 +67,16 @@ func TestAPISearchRepo(t *testing.T) {
 		expectedResults
 	}{
 		{name: "RepositoriesMax50", requestURL: "/api/v1/repos/search?limit=50", expectedResults: expectedResults{
-			nil:   {count: 17},
+			nil:   {count: 15},
-			user:  {count: 17},
+			user:  {count: 15},
-			user2: {count: 17}},
+			user2: {count: 15}},
 		},
 		{name: "RepositoriesMax10", requestURL: "/api/v1/repos/search?limit=10", expectedResults: expectedResults{
 			nil:   {count: 10},
 			user:  {count: 10},
 			user2: {count: 10}},
 		},
-		{name: "RepositoriesDefaultMax10", requestURL: "/api/v1/repos/search?default", expectedResults: expectedResults{
+		{name: "RepositoriesDefaultMax10", requestURL: "/api/v1/repos/search", expectedResults: expectedResults{
 			nil:   {count: 10},
 			user:  {count: 10},
 			user2: {count: 10}},
@@ -143,19 +143,17 @@ func TestAPISearchRepo(t *testing.T) {
 				var session *TestSession
 				var testName string
 				var userID int64
 				var token string
 				if userToLogin != nil && userToLogin.ID > 0 {
 					testName = fmt.Sprintf("LoggedUser%d", userToLogin.ID)
 					session = loginUser(t, userToLogin.Name)
 					userID = userToLogin.ID
 					token = getTokenForLoggedInUser(t, session)
 				} else {
 					testName = "AnonymousUser"
 					session = emptyTestSession(t)
 				}
 				t.Run(testName, func(t *testing.T) {
-					request := NewRequest(t, "GET", testCase.requestURL+"&token="+token)
+					request := NewRequest(t, "GET", testCase.requestURL)
 					response := session.MakeRequest(t, request, http.StatusOK)
 					var body api.SearchResults
@@ -217,8 +215,7 @@ func TestAPIOrgRepos(t *testing.T) {
 	// Login as User2.
 	session := loginUser(t, user.Name)
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/orgs/%s/repos", sourceOrg.Name)
 	req := NewRequestf(t, "GET", "/api/v1/orgs/%s/repos?token="+token, sourceOrg.Name)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiRepos []*api.Repository
@@ -234,35 +231,7 @@ func TestAPIOrgRepos(t *testing.T) {
 func TestAPIGetRepoByIDUnauthorized(t *testing.T) {
 	prepareTestEnv(t)
 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: 4}).(*models.User)
-	session := loginUser(t, user.Name)
+	sess := loginUser(t, user.Name)
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repositories/2")
-	req := NewRequestf(t, "GET", "/api/v1/repositories/2?token="+token)
+	sess.MakeRequest(t, req, http.StatusNotFound)
 	session.MakeRequest(t, req, http.StatusNotFound)
 }
 func TestAPIRepoMigrate(t *testing.T) {
 	testCases := []struct {
 		ctxUserID, userID  int64
 		cloneURL, repoName string
 		expectedStatus     int
 	}{
 		{ctxUserID: 1, userID: 2, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-admin", expectedStatus: http.StatusCreated},
 		{ctxUserID: 2, userID: 2, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-own", expectedStatus: http.StatusCreated},
 		{ctxUserID: 2, userID: 1, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-bad", expectedStatus: http.StatusForbidden},
 		{ctxUserID: 2, userID: 3, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-org", expectedStatus: http.StatusCreated},
 		{ctxUserID: 2, userID: 6, cloneURL: "https://github.com/go-gitea/git.git", repoName: "git-bad-org", expectedStatus: http.StatusForbidden},
 	}
 	prepareTestEnv(t)
 	for _, testCase := range testCases {
 		user := models.AssertExistsAndLoadBean(t, &models.User{ID: testCase.ctxUserID}).(*models.User)
 		session := loginUser(t, user.Name)
 		token := getTokenForLoggedInUser(t, session)
 		req := NewRequestWithJSON(t, "POST", "/api/v1/repos/migrate?token="+token, &api.MigrateRepoOption{
 			CloneAddr: testCase.cloneURL,
 			UID:       int(testCase.userID),
 			RepoName:  testCase.repoName,
 		})
 		session.MakeRequest(t, req, testCase.expectedStatus)
 	}
 }
--- a/integrations/api_team_test.go
+++ b/integrations/api_team_test.go
@@ -21,8 +21,7 @@ func TestAPITeam(t *testing.T) {
 	user := models.AssertExistsAndLoadBean(t, &models.User{ID: teamUser.UID}).(*models.User)
 	session := loginUser(t, user.Name)
-	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/teams/%d", teamUser.TeamID)
 	req := NewRequestf(t, "GET", "/api/v1/teams/%d?token="+token, teamUser.TeamID)
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiTeam api.Team
--- a/integrations/auth_ldap_test.go
+++ b/integrations/auth_ldap_test.go
@@ -1,231 +0,0 @@
 // Copyright 2018 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 package integrations
 import (
 	"net/http"
 	"os"
 	"strings"
 	"testing"
 	"code.gitea.io/gitea/models"
 	"github.com/Unknwon/i18n"
 	"github.com/stretchr/testify/assert"
 )
 type ldapUser struct {
 	UserName    string
 	Password    string
 	FullName    string
 	Email       string
 	OtherEmails []string
 	IsAdmin     bool
 	SSHKeys     []string
 }
 var gitLDAPUsers = []ldapUser{
 	{
 		UserName:    "professor",
 		Password:    "professor",
 		FullName:    "Hubert Farnsworth",
 		Email:       "professor@planetexpress.com",
 		OtherEmails: []string{"hubert@planetexpress.com"},
 		IsAdmin:     true,
 	},
 	{
 		UserName: "hermes",
 		Password: "hermes",
 		FullName: "Conrad Hermes",
 		Email:    "hermes@planetexpress.com",
 		SSHKeys: []string{
 			"SHA256:qLY06smKfHoW/92yXySpnxFR10QFrLdRjf/GNPvwcW8",
 			"SHA256:QlVTuM5OssDatqidn2ffY+Lc4YA5Fs78U+0KOHI51jQ",
 		},
 		IsAdmin: true,
 	},
 	{
 		UserName: "fry",
 		Password: "fry",
 		FullName: "Philip Fry",
 		Email:    "fry@planetexpress.com",
 	},
 	{
 		UserName: "leela",
 		Password: "leela",
 		FullName: "Leela Turanga",
 		Email:    "leela@planetexpress.com",
 	},
 	{
 		UserName: "bender",
 		Password: "bender",
 		FullName: "Bender Rodríguez",
 		Email:    "bender@planetexpress.com",
 	},
 }
 var otherLDAPUsers = []ldapUser{
 	{
 		UserName: "zoidberg",
 		Password: "zoidberg",
 		FullName: "John Zoidberg",
 		Email:    "zoidberg@planetexpress.com",
 	},
 	{
 		UserName: "amy",
 		Password: "amy",
 		FullName: "Amy Kroker",
 		Email:    "amy@planetexpress.com",
 	},
 }
 func skipLDAPTests() bool {
 	return os.Getenv("TEST_LDAP") != "1"
 }
 func getLDAPServerHost() string {
 	host := os.Getenv("TEST_LDAP_HOST")
 	if len(host) == 0 {
 		host = "ldap"
 	}
 	return host
 }
 func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string) {
 	session := loginUser(t, "user1")
 	csrf := GetCSRF(t, session, "/admin/auths/new")
 	req := NewRequestWithValues(t, "POST", "/admin/auths/new", map[string]string{
 		"_csrf":                    csrf,
 		"type":                     "2",
 		"name":                     "ldap",
 		"host":                     getLDAPServerHost(),
 		"port":                     "389",
 		"bind_dn":                  "uid=gitea,ou=service,dc=planetexpress,dc=com",
 		"bind_password":            "password",
 		"user_base":                "ou=people,dc=planetexpress,dc=com",
 		"filter":                   "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))",
 		"admin_filter":             "(memberOf=cn=admin_staff,ou=people,dc=planetexpress,dc=com)",
 		"attribute_username":       "uid",
 		"attribute_name":           "givenName",
 		"attribute_surname":        "sn",
 		"attribute_mail":           "mail",
 		"attribute_ssh_public_key": sshKeyAttribute,
 		"is_sync_enabled":          "on",
 		"is_active":                "on",
 	})
 	session.MakeRequest(t, req, http.StatusFound)
 }
 func TestLDAPUserSignin(t *testing.T) {
 	if skipLDAPTests() {
 		t.Skip()
 		return
 	}
 	prepareTestEnv(t)
 	addAuthSourceLDAP(t, "")
 	u := gitLDAPUsers[0]
 	session := loginUserWithPassword(t, u.UserName, u.Password)
 	req := NewRequest(t, "GET", "/user/settings")
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
 	assert.Equal(t, u.UserName, htmlDoc.GetInputValueByName("name"))
 	assert.Equal(t, u.FullName, htmlDoc.GetInputValueByName("full_name"))
 	assert.Equal(t, u.Email, htmlDoc.GetInputValueByName("email"))
 }
 func TestLDAPUserSync(t *testing.T) {
 	if skipLDAPTests() {
 		t.Skip()
 		return
 	}
 	prepareTestEnv(t)
 	addAuthSourceLDAP(t, "")
 	models.SyncExternalUsers()
 	session := loginUser(t, "user1")
 	// Check if users exists
 	for _, u := range gitLDAPUsers {
 		req := NewRequest(t, "GET", "/admin/users?q="+u.UserName)
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		tr := htmlDoc.doc.Find("table.table tbody tr")
 		if !assert.True(t, tr.Length() == 1) {
 			continue
 		}
 		tds := tr.Find("td")
 		if !assert.True(t, tds.Length() > 0) {
 			continue
 		}
 		assert.Equal(t, u.UserName, strings.TrimSpace(tds.Find("td:nth-child(2) a").Text()))
 		assert.Equal(t, u.Email, strings.TrimSpace(tds.Find("td:nth-child(3) span").Text()))
 		if u.IsAdmin {
 			assert.True(t, tds.Find("td:nth-child(5) i").HasClass("fa-check-square-o"))
 		} else {
 			assert.True(t, tds.Find("td:nth-child(5) i").HasClass("fa-square-o"))
 		}
 	}
 	// Check if no users exist
 	for _, u := range otherLDAPUsers {
 		req := NewRequest(t, "GET", "/admin/users?q="+u.UserName)
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		tr := htmlDoc.doc.Find("table.table tbody tr")
 		assert.True(t, tr.Length() == 0)
 	}
 }
 func TestLDAPUserSigninFailed(t *testing.T) {
 	if skipLDAPTests() {
 		t.Skip()
 		return
 	}
 	prepareTestEnv(t)
 	addAuthSourceLDAP(t, "")
 	u := otherLDAPUsers[0]
 	testLoginFailed(t, u.UserName, u.Password, i18n.Tr("en", "form.username_password_incorrect"))
 }
 func TestLDAPUserSSHKeySync(t *testing.T) {
 	if skipLDAPTests() {
 		t.Skip()
 		return
 	}
 	prepareTestEnv(t)
 	addAuthSourceLDAP(t, "sshPublicKey")
 	models.SyncExternalUsers()
 	// Check if users has SSH keys synced
 	for _, u := range gitLDAPUsers {
 		if len(u.SSHKeys) == 0 {
 			continue
 		}
 		session := loginUserWithPassword(t, u.UserName, u.Password)
 		req := NewRequest(t, "GET", "/user/settings/keys")
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		htmlDoc := NewHTMLParser(t, resp.Body)
 		divs := htmlDoc.doc.Find(".key.list .print.meta")
 		syncedKeys := make([]string, divs.Length())
 		for i := 0; i < divs.Length(); i++ {
 			syncedKeys[i] = strings.TrimSpace(divs.Eq(i).Text())
 		}
 		assert.ElementsMatch(t, u.SSHKeys, syncedKeys)
 	}
 }
--- a/integrations/delete_user_test.go
+++ b/integrations/delete_user_test.go
@@ -43,8 +43,8 @@ func TestUserDeleteAccount(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user8")
-	csrf := GetCSRF(t, session, "/user/settings/account")
+	csrf := GetCSRF(t, session, "/user/settings/delete")
-	urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword)
+	urlStr := fmt.Sprintf("/user/settings/delete?password=%s", userPassword)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
@@ -58,8 +58,8 @@ func TestUserDeleteAccountStillOwnRepos(t *testing.T) {
 	prepareTestEnv(t)
 	session := loginUser(t, "user2")
-	csrf := GetCSRF(t, session, "/user/settings/account")
+	csrf := GetCSRF(t, session, "/user/settings/delete")
-	urlStr := fmt.Sprintf("/user/settings/account/delete?password=%s", userPassword)
+	urlStr := fmt.Sprintf("/user/settings/delete?password=%s", userPassword)
 	req := NewRequestWithValues(t, "POST", urlStr, map[string]string{
 		"_csrf": csrf,
 	})
--- a/integrations/editor_test.go
+++ b/integrations/editor_test.go
@@ -52,7 +52,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 	// Check if master branch has been locked successfully
 	flashCookie := session.GetCookie("macaron_flash")
 	assert.NotNil(t, flashCookie)
-	assert.EqualValues(t, "success%3DBranch%2Bprotection%2Bfor%2Bbranch%2B%2527master%2527%2Bhas%2Bbeen%2Bupdated.", flashCookie.Value)
+	assert.EqualValues(t, "success%3DBranch%2Bmaster%2Bprotect%2Boptions%2Bchanged%2Bsuccessfully.", flashCookie.Value)
 	// Request editor page
 	req = NewRequest(t, "GET", "/user2/repo1/_new/master/")
@@ -73,7 +73,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 	resp = session.MakeRequest(t, req, http.StatusOK)
 	// Check body for error message
-	assert.Contains(t, resp.Body.String(), "Cannot commit to protected branch &#39;master&#39;.")
+	assert.Contains(t, resp.Body.String(), "Can not commit to protected branch &#39;master&#39;.")
 	// remove the protected branch
 	csrf = GetCSRF(t, session, "/user2/repo1/settings/branches")
@@ -86,7 +86,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
 	// Check if master branch has been locked successfully
 	flashCookie = session.GetCookie("macaron_flash")
 	assert.NotNil(t, flashCookie)
-	assert.EqualValues(t, "success%3DBranch%2Bprotection%2Bfor%2Bbranch%2B%2527master%2527%2Bhas%2Bbeen%2Bdisabled.", flashCookie.Value)
+	assert.EqualValues(t, "success%3DBranch%2Bmaster%2Bprotect%2Boptions%2Bremoved%2Bsuccessfully", flashCookie.Value)
 }
--- a/integrations/git_test.go
+++ b/integrations/git_test.go
@@ -13,7 +13,6 @@ import (
 	"net/http"
 	"net/url"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"testing"
 	"time"
@@ -75,8 +74,7 @@ func TestGit(t *testing.T) {
 				t.Run("CreateRepo", func(t *testing.T) {
 					session := loginUser(t, "user2")
-					token := getTokenForLoggedInUser(t, session)
+					req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos", &api.CreateRepoOption{
 					req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos?token="+token, &api.CreateRepoOption{
 						AutoInit:    true,
 						Description: "Temporary repo",
 						Name:        "repo-tmp-17",
@@ -136,7 +134,7 @@ func TestGit(t *testing.T) {
 			//Setup key
 			keyFile := filepath.Join(setting.AppDataPath, "my-testing-key")
-			err := exec.Command("ssh-keygen", "-f", keyFile, "-t", "rsa", "-N", "").Run()
+			_, _, err := com.ExecCmd("ssh-keygen", "-f", keyFile, "-t", "rsa", "-N", "")
 			assert.NoError(t, err)
 			defer os.RemoveAll(keyFile)
 			defer os.RemoveAll(keyFile + ".pub")
@@ -154,10 +152,13 @@ func TestGit(t *testing.T) {
 			session.MakeRequest(t, req, http.StatusCreated)
 			//Setup ssh wrapper
-			os.Setenv("GIT_SSH_COMMAND",
+			sshWrapper, err := ioutil.TempFile(setting.AppDataPath, "tmp-ssh-wrapper")
-				"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i "+
+			sshWrapper.WriteString("#!/bin/sh\n\n")
-					filepath.Join(setting.AppWorkPath, keyFile))
+			sshWrapper.WriteString("ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i \"" + filepath.Join(setting.AppWorkPath, keyFile) + "\" $* \n\n")
-			os.Setenv("GIT_SSH_VARIANT", "ssh")
+			err = sshWrapper.Chmod(os.ModePerm)
 			assert.NoError(t, err)
 			sshWrapper.Close()
 			defer os.RemoveAll(sshWrapper.Name())
 			//Setup clone folder
 			dstPath, err := ioutil.TempDir("", "repo-tmp-18")
@@ -167,8 +168,7 @@ func TestGit(t *testing.T) {
 			t.Run("Standard", func(t *testing.T) {
 				t.Run("CreateRepo", func(t *testing.T) {
 					session := loginUser(t, "user2")
-					token := getTokenForLoggedInUser(t, session)
+					req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos", &api.CreateRepoOption{
 					req := NewRequestWithJSON(t, "POST", "/api/v1/user/repos?token="+token, &api.CreateRepoOption{
 						AutoInit:    true,
 						Description: "Temporary repo",
 						Name:        "repo-tmp-18",
@@ -181,7 +181,7 @@ func TestGit(t *testing.T) {
 				})
 				//TODO get url from api
 				t.Run("Clone", func(t *testing.T) {
-					_, err = git.NewCommand("clone").AddArguments(u.String(), dstPath).Run()
+					_, err = git.NewCommand("clone").AddArguments("--config", "core.sshCommand="+filepath.Join(setting.AppWorkPath, sshWrapper.Name()), u.String(), dstPath).Run()
 					assert.NoError(t, err)
 					assert.True(t, com.IsExist(filepath.Join(dstPath, "README.md")))
 				})
@@ -196,6 +196,8 @@ func TestGit(t *testing.T) {
 				})
 			})
 			t.Run("LFS", func(t *testing.T) {
 				os.Setenv("GIT_SSH_COMMAND", filepath.Join(setting.AppWorkPath, sshWrapper.Name())) //TODO remove when fixed https://github.com/git-lfs/git-lfs/issues/2215
 				defer os.Unsetenv("GIT_SSH_COMMAND")
 				t.Run("PushCommit", func(t *testing.T) {
 					//Setup git LFS
 					_, err = git.NewCommand("lfs").AddArguments("install").RunInDir(dstPath)
--- a/integrations/gitea-repositories-meta/user2/repo20.git/HEAD
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/HEAD
@@ -1 +0,0 @@
 ref: refs/heads/master
--- a/integrations/gitea-repositories-meta/user2/repo20.git/config
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/config
@@ -1,4 +0,0 @@
 [core]
 	repositoryformatversion = 0
 	filemode = true
 	bare = true
--- a/integrations/gitea-repositories-meta/user2/repo20.git/description
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/description
@@ -1 +0,0 @@
 Unnamed repository; edit this file 'description' to name the repository.
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/applypatch-msg.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/applypatch-msg.sample
@@ -1,15 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to check the commit log message taken by
 # applypatch from an e-mail message.
 #
 # The hook should exit with non-zero status after issuing an
 # appropriate message if it wants to stop the commit.  The hook is
 # allowed to edit the commit message file.
 #
 # To enable this hook, rename this file to "applypatch-msg".
 . git-sh-setup
 commitmsg="$(git rev-parse --git-path hooks/commit-msg)"
 test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"}
 :
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/commit-msg.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/commit-msg.sample
@@ -1,24 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to check the commit log message.
 # Called by "git commit" with one argument, the name of the file
 # that has the commit message.  The hook should exit with non-zero
 # status after issuing an appropriate message if it wants to stop the
 # commit.  The hook is allowed to edit the commit message file.
 #
 # To enable this hook, rename this file to "commit-msg".
 # Uncomment the below to add a Signed-off-by line to the message.
 # Doing this in a hook is a bad idea in general, but the prepare-commit-msg
 # hook is more suited to it.
 #
 # SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
 # grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
 # This example catches duplicate Signed-off-by lines.
 test "" = "$(grep '^Signed-off-by: ' "$1" |
 	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
 	echo >&2 Duplicate Signed-off-by lines.
 	exit 1
 }
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/fsmonitor-watchman.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/fsmonitor-watchman.sample
@@ -1,114 +0,0 @@
 #!/usr/bin/perl
 use strict;
 use warnings;
 use IPC::Open2;
 # An example hook script to integrate Watchman
 # (https://facebook.github.io/watchman/) with git to speed up detecting
 # new and modified files.
 #
 # The hook is passed a version (currently 1) and a time in nanoseconds
 # formatted as a string and outputs to stdout all files that have been
 # modified since the given time. Paths must be relative to the root of
 # the working tree and separated by a single NUL.
 #
 # To enable this hook, rename this file to "query-watchman" and set
 # 'git config core.fsmonitor .git/hooks/query-watchman'
 #
 my ($version, $time) = @ARGV;
 # Check the hook interface version
 if ($version == 1) {
 	# convert nanoseconds to seconds
 	$time = int $time / 1000000000;
 } else {
 	die "Unsupported query-fsmonitor hook version '$version'.\n" .
 	    "Falling back to scanning...\n";
 }
 my $git_work_tree;
 if ($^O =~ 'msys' || $^O =~ 'cygwin') {
 	$git_work_tree = Win32::GetCwd();
 	$git_work_tree =~ tr/\\/\//;
 } else {
 	require Cwd;
 	$git_work_tree = Cwd::cwd();
 }
 my $retry = 1;
 launch_watchman();
 sub launch_watchman {
 	my $pid = open2(\*CHLD_OUT, \*CHLD_IN, 'watchman -j --no-pretty')
 	    or die "open2() failed: $!\n" .
 	    "Falling back to scanning...\n";
 	# In the query expression below we're asking for names of files that
 	# changed since $time but were not transient (ie created after
 	# $time but no longer exist).
 	#
 	# To accomplish this, we're using the "since" generator to use the
 	# recency index to select candidate nodes and "fields" to limit the
 	# output to file names only. Then we're using the "expression" term to
 	# further constrain the results.
 	#
 	# The category of transient files that we want to ignore will have a
 	# creation clock (cclock) newer than $time_t value and will also not
 	# currently exist.
 	my $query = <<"	END";
 		["query", "$git_work_tree", {
 			"since": $time,
 			"fields": ["name"],
 			"expression": ["not", ["allof", ["since", $time, "cclock"], ["not", "exists"]]]
 		}]
 	END
 	print CHLD_IN $query;
 	close CHLD_IN;
 	my $response = do {local $/; <CHLD_OUT>};
 	die "Watchman: command returned no output.\n" .
 	    "Falling back to scanning...\n" if $response eq "";
 	die "Watchman: command returned invalid output: $response\n" .
 	    "Falling back to scanning...\n" unless $response =~ /^\{/;
 	my $json_pkg;
 	eval {
 		require JSON::XS;
 		$json_pkg = "JSON::XS";
 		1;
 	} or do {
 		require JSON::PP;
 		$json_pkg = "JSON::PP";
 	};
 	my $o = $json_pkg->new->utf8->decode($response);
 	if ($retry > 0 and $o->{error} and $o->{error} =~ m/unable to resolve root .* directory (.*) is not watched/) {
 		print STDERR "Adding '$git_work_tree' to watchman's watch list.\n";
 		$retry--;
 		qx/watchman watch "$git_work_tree"/;
 		die "Failed to make watchman watch '$git_work_tree'.\n" .
 		    "Falling back to scanning...\n" if $? != 0;
 		# Watchman will always return all files on the first query so
 		# return the fast "everything is dirty" flag to git and do the
 		# Watchman query just to get it over with now so we won't pay
 		# the cost in git to look up each individual file.
 		print "/\0";
 		eval { launch_watchman() };
 		exit 0;
 	}
 	die "Watchman: $o->{error}.\n" .
 	    "Falling back to scanning...\n" if $o->{error};
 	binmode STDOUT, ":utf8";
 	local $, = "\0";
 	print @{$o->{files}};
 }
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-receive
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-receive
@@ -1,15 +0,0 @@
 #!/usr/bin/env bash
 data=$(cat)
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0)}
 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
 test -x "${hook}" || continue
 echo "${data}" | "${hook}"
 exitcodes="${exitcodes} $?"
 done
 for i in ${exitcodes}; do
 [ ${i} -eq 0 ] || exit ${i}
 done
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-receive.d/gitea
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-receive.d/gitea
@@ -1,2 +0,0 @@
 #!/usr/bin/env bash
 "/home/tris/Projects/go/src/code.gitea.io/gitea/gitea" hook --config='/home/tris/Projects/go/src/code.gitea.io/gitea/custom/conf/app.ini' post-receive
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-update.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/post-update.sample
@@ -1,8 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to prepare a packed repository for use over
 # dumb transports.
 #
 # To enable this hook, rename this file to "post-update".
 exec git update-server-info
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-applypatch.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-applypatch.sample
@@ -1,14 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to verify what is about to be committed
 # by applypatch from an e-mail message.
 #
 # The hook should exit with non-zero status after issuing an
 # appropriate message if it wants to stop the commit.
 #
 # To enable this hook, rename this file to "pre-applypatch".
 . git-sh-setup
 precommit="$(git rev-parse --git-path hooks/pre-commit)"
 test -x "$precommit" && exec "$precommit" ${1+"$@"}
 :
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-commit.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-commit.sample
@@ -1,49 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to verify what is about to be committed.
 # Called by "git commit" with no arguments.  The hook should
 # exit with non-zero status after issuing an appropriate message if
 # it wants to stop the commit.
 #
 # To enable this hook, rename this file to "pre-commit".
 if git rev-parse --verify HEAD >/dev/null 2>&1
 then
 	against=HEAD
 else
 	# Initial commit: diff against an empty tree object
 	against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
 fi
 # If you want to allow non-ASCII filenames set this variable to true.
 allownonascii=$(git config --bool hooks.allownonascii)
 # Redirect output to stderr.
 exec 1>&2
 # Cross platform projects tend to avoid non-ASCII filenames; prevent
 # them from being added to the repository. We exploit the fact that the
 # printable range starts at the space character and ends with tilde.
 if [ "$allownonascii" != "true" ] &&
 	# Note that the use of brackets around a tr range is ok here, (it's
 	# even required, for portability to Solaris 10's /usr/bin/tr), since
 	# the square bracket bytes happen to fall in the designated range.
 	test $(git diff --cached --name-only --diff-filter=A -z $against |
 	  LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0
 then
 	cat <<\EOF
 Error: Attempt to add a non-ASCII file name.
 This can cause problems if you want to work with people on other platforms.
 To be portable it is advisable to rename the file.
 If you know what you are doing you can disable this check using:
  git config hooks.allownonascii true
 EOF
 	exit 1
 fi
 # If there are whitespace errors, print the offending file names and fail.
 exec git diff-index --check --cached $against --
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-push.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-push.sample
@@ -1,53 +0,0 @@
 #!/bin/sh
 # An example hook script to verify what is about to be pushed.  Called by "git
 # push" after it has checked the remote status, but before anything has been
 # pushed.  If this script exits with a non-zero status nothing will be pushed.
 #
 # This hook is called with the following parameters:
 #
 # $1 -- Name of the remote to which the push is being done
 # $2 -- URL to which the push is being done
 #
 # If pushing without using a named remote those arguments will be equal.
 #
 # Information about the commits which are being pushed is supplied as lines to
 # the standard input in the form:
 #
 #   <local ref> <local sha1> <remote ref> <remote sha1>
 #
 # This sample shows how to prevent push of commits where the log message starts
 # with "WIP" (work in progress).
 remote="$1"
 url="$2"
 z40=0000000000000000000000000000000000000000
 while read local_ref local_sha remote_ref remote_sha
 do
 	if [ "$local_sha" = $z40 ]
 	then
 		# Handle delete
 		:
 	else
 		if [ "$remote_sha" = $z40 ]
 		then
 			# New branch, examine all commits
 			range="$local_sha"
 		else
 			# Update to existing branch, examine new commits
 			range="$remote_sha..$local_sha"
 		fi
 		# Check for WIP commit
 		commit=`git rev-list -n 1 --grep '^WIP' "$range"`
 		if [ -n "$commit" ]
 		then
 			echo >&2 "Found WIP commit in $local_ref, not pushing"
 			exit 1
 		fi
 	fi
 done
 exit 0
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-rebase.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-rebase.sample
@@ -1,169 +0,0 @@
 #!/bin/sh
 #
 # Copyright (c) 2006, 2008 Junio C Hamano
 #
 # The "pre-rebase" hook is run just before "git rebase" starts doing
 # its job, and can prevent the command from running by exiting with
 # non-zero status.
 #
 # The hook is called with the following parameters:
 #
 # $1 -- the upstream the series was forked from.
 # $2 -- the branch being rebased (or empty when rebasing the current branch).
 #
 # This sample shows how to prevent topic branches that are already
 # merged to 'next' branch from getting rebased, because allowing it
 # would result in rebasing already published history.
 publish=next
 basebranch="$1"
 if test "$#" = 2
 then
 	topic="refs/heads/$2"
 else
 	topic=`git symbolic-ref HEAD` ||
 	exit 0 ;# we do not interrupt rebasing detached HEAD
 fi
 case "$topic" in
 refs/heads/??/*)
 	;;
 *)
 	exit 0 ;# we do not interrupt others.
 	;;
 esac
 # Now we are dealing with a topic branch being rebased
 # on top of master.  Is it OK to rebase it?
 # Does the topic really exist?
 git show-ref -q "$topic" || {
 	echo >&2 "No such branch $topic"
 	exit 1
 }
 # Is topic fully merged to master?
 not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
 if test -z "$not_in_master"
 then
 	echo >&2 "$topic is fully merged to master; better remove it."
 	exit 1 ;# we could allow it, but there is no point.
 fi
 # Is topic ever merged to next?  If so you should not be rebasing it.
 only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
 only_next_2=`git rev-list ^master           ${publish} | sort`
 if test "$only_next_1" = "$only_next_2"
 then
 	not_in_topic=`git rev-list "^$topic" master`
 	if test -z "$not_in_topic"
 	then
 		echo >&2 "$topic is already up to date with master"
 		exit 1 ;# we could allow it, but there is no point.
 	else
 		exit 0
 	fi
 else
 	not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
 	/usr/bin/perl -e '
 		my $topic = $ARGV[0];
 		my $msg = "* $topic has commits already merged to public branch:\n";
 		my (%not_in_next) = map {
 			/^([0-9a-f]+) /;
 			($1 => 1);
 		} split(/\n/, $ARGV[1]);
 		for my $elem (map {
 				/^([0-9a-f]+) (.*)$/;
 				[$1 => $2];
 			} split(/\n/, $ARGV[2])) {
 			if (!exists $not_in_next{$elem->[0]}) {
 				if ($msg) {
 					print STDERR $msg;
 					undef $msg;
 				}
 				print STDERR " $elem->[1]\n";
 			}
 		}
 	' "$topic" "$not_in_next" "$not_in_master"
 	exit 1
 fi
 <<\DOC_END
 This sample hook safeguards topic branches that have been
 published from being rewound.
 The workflow assumed here is:
 * Once a topic branch forks from "master", "master" is never
   merged into it again (either directly or indirectly).
 * Once a topic branch is fully cooked and merged into "master",
   it is deleted.  If you need to build on top of it to correct
   earlier mistakes, a new topic branch is created by forking at
   the tip of the "master".  This is not strictly necessary, but
   it makes it easier to keep your history simple.
 * Whenever you need to test or publish your changes to topic
   branches, merge them into "next" branch.
 The script, being an example, hardcodes the publish branch name
 to be "next", but it is trivial to make it configurable via
 $GIT_DIR/config mechanism.
 With this workflow, you would want to know:
 (1) ... if a topic branch has ever been merged to "next".  Young
    topic branches can have stupid mistakes you would rather
    clean up before publishing, and things that have not been
    merged into other branches can be easily rebased without
    affecting other people.  But once it is published, you would
    not want to rewind it.
 (2) ... if a topic branch has been fully merged to "master".
    Then you can delete it.  More importantly, you should not
    build on top of it -- other people may already want to
    change things related to the topic as patches against your
    "master", so if you need further changes, it is better to
    fork the topic (perhaps with the same name) afresh from the
    tip of "master".
 Let's look at this example:
 		   o---o---o---o---o---o---o---o---o---o "next"
 		  /       /           /           /
 		 /   a---a---b A     /           /
 		/   /               /           /
 	       /   /   c---c---c---c B         /
 	      /   /   /             \         /
 	     /   /   /   b---b C     \       /
 	    /   /   /   /             \     /
    ---o---o---o---o---o---o---o---o---o---o---o "master"
 A, B and C are topic branches.
 * A has one fix since it was merged up to "next".
 * B has finished.  It has been fully merged up to "master" and "next",
   and is ready to be deleted.
 * C has not merged to "next" at all.
 We would want to allow C to be rebased, refuse A, and encourage
 B to be deleted.
 To compute (1):
 	git rev-list ^master ^topic next
 	git rev-list ^master        next
 	if these match, topic has not merged in next at all.
 To compute (2):
 	git rev-list master..topic
 	if this is empty, it is fully merged to "master".
 DOC_END
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive
@@ -1,15 +0,0 @@
 #!/usr/bin/env bash
 data=$(cat)
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0)}
 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
 test -x "${hook}" || continue
 echo "${data}" | "${hook}"
 exitcodes="${exitcodes} $?"
 done
 for i in ${exitcodes}; do
 [ ${i} -eq 0 ] || exit ${i}
 done
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive.d/gitea
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive.d/gitea
@@ -1,2 +0,0 @@
 #!/usr/bin/env bash
 "/home/tris/Projects/go/src/code.gitea.io/gitea/gitea" hook --config='/home/tris/Projects/go/src/code.gitea.io/gitea/custom/conf/app.ini' pre-receive
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/pre-receive.sample
@@ -1,24 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to make use of push options.
 # The example simply echoes all push options that start with 'echoback='
 # and rejects all pushes when the "reject" push option is used.
 #
 # To enable this hook, rename this file to "pre-receive".
 if test -n "$GIT_PUSH_OPTION_COUNT"
 then
 	i=0
 	while test "$i" -lt "$GIT_PUSH_OPTION_COUNT"
 	do
 		eval "value=\$GIT_PUSH_OPTION_$i"
 		case "$value" in
 		echoback=*)
 			echo "echo from the pre-receive-hook: ${value#*=}" >&2
 			;;
 		reject)
 			exit 1
 		esac
 		i=$((i + 1))
 	done
 fi
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/prepare-commit-msg.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/prepare-commit-msg.sample
@@ -1,42 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to prepare the commit log message.
 # Called by "git commit" with the name of the file that has the
 # commit message, followed by the description of the commit
 # message's source.  The hook's purpose is to edit the commit
 # message file.  If the hook fails with a non-zero status,
 # the commit is aborted.
 #
 # To enable this hook, rename this file to "prepare-commit-msg".
 # This hook includes three examples. The first one removes the
 # "# Please enter the commit message..." help message.
 #
 # The second includes the output of "git diff --name-status -r"
 # into the message, just before the "git status" output.  It is
 # commented because it doesn't cope with --amend or with squashed
 # commits.
 #
 # The third example adds a Signed-off-by line to the message, that can
 # still be edited.  This is rarely a good idea.
 COMMIT_MSG_FILE=$1
 COMMIT_SOURCE=$2
 SHA1=$3
 /usr/bin/perl -i.bak -ne 'print unless(m/^. Please enter the commit message/..m/^#$/)' "$COMMIT_MSG_FILE"
 # case "$COMMIT_SOURCE,$SHA1" in
 #  ,|template,)
 #    /usr/bin/perl -i.bak -pe '
 #       print "\n" . `git diff --cached --name-status -r`
 # 	 if /^#/ && $first++ == 0' "$COMMIT_MSG_FILE" ;;
 #  *) ;;
 # esac
 # SOB=$(git var GIT_COMMITTER_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
 # git interpret-trailers --in-place --trailer "$SOB" "$COMMIT_MSG_FILE"
 # if test -z "$COMMIT_SOURCE"
 # then
 #   /usr/bin/perl -i.bak -pe 'print "\n" if !$first_line++' "$COMMIT_MSG_FILE"
 # fi
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update
@@ -1,14 +0,0 @@
 #!/usr/bin/env bash
 exitcodes=""
 hookname=$(basename $0)
 GIT_DIR=${GIT_DIR:-$(dirname $0)}
 for hook in ${GIT_DIR}/hooks/${hookname}.d/*; do
 test -x "${hook}" || continue
 "${hook}" $1 $2 $3
 exitcodes="${exitcodes} $?"
 done
 for i in ${exitcodes}; do
 [ ${i} -eq 0 ] || exit ${i}
 done
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update.d/gitea
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update.d/gitea
@@ -1,2 +0,0 @@
 #!/usr/bin/env bash
 "/home/tris/Projects/go/src/code.gitea.io/gitea/gitea" hook --config='/home/tris/Projects/go/src/code.gitea.io/gitea/custom/conf/app.ini' update $1 $2 $3
--- a/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update.sample
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/hooks/update.sample
@@ -1,128 +0,0 @@
 #!/bin/sh
 #
 # An example hook script to block unannotated tags from entering.
 # Called by "git receive-pack" with arguments: refname sha1-old sha1-new
 #
 # To enable this hook, rename this file to "update".
 #
 # Config
 # ------
 # hooks.allowunannotated
 #   This boolean sets whether unannotated tags will be allowed into the
 #   repository.  By default they won't be.
 # hooks.allowdeletetag
 #   This boolean sets whether deleting tags will be allowed in the
 #   repository.  By default they won't be.
 # hooks.allowmodifytag
 #   This boolean sets whether a tag may be modified after creation. By default
 #   it won't be.
 # hooks.allowdeletebranch
 #   This boolean sets whether deleting branches will be allowed in the
 #   repository.  By default they won't be.
 # hooks.denycreatebranch
 #   This boolean sets whether remotely creating branches will be denied
 #   in the repository.  By default this is allowed.
 #
 # --- Command line
 refname="$1"
 oldrev="$2"
 newrev="$3"
 # --- Safety check
 if [ -z "$GIT_DIR" ]; then
 	echo "Don't run this script from the command line." >&2
 	echo " (if you want, you could supply GIT_DIR then run" >&2
 	echo "  $0 <ref> <oldrev> <newrev>)" >&2
 	exit 1
 fi
 if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
 	echo "usage: $0 <ref> <oldrev> <newrev>" >&2
 	exit 1
 fi
 # --- Config
 allowunannotated=$(git config --bool hooks.allowunannotated)
 allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
 denycreatebranch=$(git config --bool hooks.denycreatebranch)
 allowdeletetag=$(git config --bool hooks.allowdeletetag)
 allowmodifytag=$(git config --bool hooks.allowmodifytag)
 # check for no description
 projectdesc=$(sed -e '1q' "$GIT_DIR/description")
 case "$projectdesc" in
 "Unnamed repository"* | "")
 	echo "*** Project description file hasn't been set" >&2
 	exit 1
 	;;
 esac
 # --- Check types
 # if $newrev is 0000...0000, it's a commit to delete a ref.
 zero="0000000000000000000000000000000000000000"
 if [ "$newrev" = "$zero" ]; then
 	newrev_type=delete
 else
 	newrev_type=$(git cat-file -t $newrev)
 fi
 case "$refname","$newrev_type" in
 	refs/tags/*,commit)
 		# un-annotated tag
 		short_refname=${refname##refs/tags/}
 		if [ "$allowunannotated" != "true" ]; then
 			echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2
 			echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2
 			exit 1
 		fi
 		;;
 	refs/tags/*,delete)
 		# delete tag
 		if [ "$allowdeletetag" != "true" ]; then
 			echo "*** Deleting a tag is not allowed in this repository" >&2
 			exit 1
 		fi
 		;;
 	refs/tags/*,tag)
 		# annotated tag
 		if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1
 		then
 			echo "*** Tag '$refname' already exists." >&2
 			echo "*** Modifying a tag is not allowed in this repository." >&2
 			exit 1
 		fi
 		;;
 	refs/heads/*,commit)
 		# branch
 		if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
 			echo "*** Creating a branch is not allowed in this repository" >&2
 			exit 1
 		fi
 		;;
 	refs/heads/*,delete)
 		# delete branch
 		if [ "$allowdeletebranch" != "true" ]; then
 			echo "*** Deleting a branch is not allowed in this repository" >&2
 			exit 1
 		fi
 		;;
 	refs/remotes/*,commit)
 		# tracking branch
 		;;
 	refs/remotes/*,delete)
 		# delete tracking branch
 		if [ "$allowdeletebranch" != "true" ]; then
 			echo "*** Deleting a tracking branch is not allowed in this repository" >&2
 			exit 1
 		fi
 		;;
 	*)
 		# Anything else (is there anything else?)
 		echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2
 		exit 1
 		;;
 esac
 # --- Finished
 exit 0
--- a/integrations/gitea-repositories-meta/user2/repo20.git/info/exclude
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/info/exclude
@@ -1,6 +0,0 @@
 # git ls-files --others --exclude-from=.git/info/exclude
 # Lines that start with '#' are comments.
 # For a project mostly in C, the following would be a good set of
 # exclude patterns (uncomment them if you want to use them):
 # *.[oa]
 # *~
--- a/integrations/gitea-repositories-meta/user2/repo20.git/info/refs
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/info/refs
@@ -1 +0,0 @@
 808038d2f71b0ab020991439cffd24309c7bc530	refs/heads/master
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/02/15cbe13d2695a2c3464ab5e59f47f37c3ff5d5
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/02/15cbe13d2695a2c3464ab5e59f47f37c3ff5d5
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/05/81d7edf45206787ff93956ea892e8a2ae77604
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/05/81d7edf45206787ff93956ea892e8a2ae77604
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/1b/271d83842d348b1ee71d8e6ead400aaeb4d1b5
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/1b/271d83842d348b1ee71d8e6ead400aaeb4d1b5
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/29/5ba6ac57fdd46f62a51272f40e60b6dea697b2
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/29/5ba6ac57fdd46f62a51272f40e60b6dea697b2
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/2c/ec0f7069ed09d934e904c49f414d8bdf818ce4
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/2c/ec0f7069ed09d934e904c49f414d8bdf818ce4
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/41/4a282859758ba7b159bfbd9c2b193eb8f135ee
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/41/4a282859758ba7b159bfbd9c2b193eb8f135ee
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/80/8038d2f71b0ab020991439cffd24309c7bc530
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/80/8038d2f71b0ab020991439cffd24309c7bc530
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/83/70977f63979e140b6b58992b1fdb4098b24cd9
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/83/70977f63979e140b6b58992b1fdb4098b24cd9
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/8c/e1dee41e1a3700819a9a309f275f8dc7b7e0b6
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/8c/e1dee41e1a3700819a9a309f275f8dc7b7e0b6
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/ba/3aeafe10402c6b29535a58d91def7e43638d9d
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/ba/3aeafe10402c6b29535a58d91def7e43638d9d
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/c5/0ac6b9e25abb8200bb377755367d7265c581cf
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/c5/0ac6b9e25abb8200bb377755367d7265c581cf
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/ce/013625030ba8dba906f756967f9e9ca394464a
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/ce/013625030ba8dba906f756967f9e9ca394464a
--- a/integrations/gitea-repositories-meta/user2/repo20.git/objects/db/89c972fc57862eae378f45b74aca228037d415
+++ b/integrations/gitea-repositories-meta/user2/repo20.git/objects/db/89c972fc57862eae378f45b74aca228037d415
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
David Schneiderbauer	96c63a4937	add 1.4.3 changelog (#4321 )	2018-06-27 00:17:16 +02:00
Kim "BKC" Carlbäcker	459a2656bf	Backport #4312 to v1.4 (#4320 )	2018-06-26 23:55:00 +02:00
Russell Aunger	a3b10538ec	Fix webhook type conflation. (#4285 ) (#4289 ) - Fix typo that caused Gogs hooks to be created as Gitea hooks. - Fix typo that caused Gogs hooks to be duplicated upon edit (though this bug was masked by the previous one). Signed-off-by: Russell Aunger <rba@live.com>	2018-06-21 12:06:29 +02:00
nickolas360	caee4870da	HTML-escape text READMEs (#4192 ) (#4214 )	2018-06-19 12:06:05 +03:00
Clément Lafont	8b2df7310b	Fix code tab link when viewing tags (#3908 ) (#4263 ) Signed-off-by: Ambrose Chua <ambrose@chua.family>	2018-06-17 15:28:03 +02:00
Antoine GIRARD	00ad4745ba	backport(#4091 ): Fix #4090 by escaping filename page/img link (without path) for short link (#4254 )	2018-06-17 15:33:44 +08:00
Lauris BH	c746f820ab	Delete reactions added to issues and comments when deleting repository (#4232 ) (#4237 )	2018-06-12 19:19:30 -04:00
Lunny Xiao	f10640433f	fix delete comment bug (#4216 ) (#4228 )	2018-06-12 13:39:37 +03:00
David Schneiderbauer	1ff480baa6	undo #3142 because processes don't use the util.Timestamp (#4203 ) (#4208 )	2018-06-11 09:21:34 +03:00
techknowlogick	df941f5c39	Add 1.4.2 changelog (#4115 )	2018-06-05 01:45:21 +03:00
David Schneiderbauer	1b10bc0cdf	update git vendor (#4059 ) (#4075 ) * update git vendor (#4059) * fix errors resulting from git vendor update * fmt	2018-06-04 23:33:42 +03:00
Antoine GIRARD	561f459364	Fix #4081 Check for leading / in base before removing it (#4083 )	2018-05-30 11:46:30 -04:00
Jonas Franz	1177a19a5b	Use ResolveReference instead of path.Join (#4073 ) Signed-off-by: Jonas Franz <info@jonasfranz.software>	2018-05-29 12:12:04 -04:00
Alexey Terentyev	d1954ae4e7	Added deletion of an empty line at the end of file (#4054 ) (#4074 ) Signed-off-by: Alexey Terentyev <axifnx@gmail.com>	2018-05-29 17:42:57 +08:00
Lunny Xiao	7673ca9646	fix attachment ENABLED (#4064 ) (#4066 ) * fix attachment ENABLED * change wrong name on app.ini.sample	2018-05-29 08:27:44 +08:00
Michael Kuhn	2d0db24083	Fix wiki redirects (#3919 ) (#4065 ) When creating or editing a wiki page, the redirect to the wiki page does not work because the file name is used instead of the page name.	2018-05-28 11:13:53 -04:00
Morgan Bazalgette	dec663cc0a	Don't force due date to current time (#3830 ) (#4057 )	2018-05-27 21:34:33 +03:00
Lunny Xiao	804148294a	fix writer cannot read bare repo guide (#4033 ) (#4039 )	2018-05-24 22:44:21 +08:00
Lunny Xiao	910e379265	fix webhook bug of response info is not displayed in UI (#4023 )	2018-05-23 11:57:21 +03:00
奶爸	f1720ad133	webhook and hook_task clean up (#4006 ) webhook and hook_task clean up	2018-05-22 02:08:21 +03:00
David Schneiderbauer	5f169bfcfd	add missing token validation on application settings page (#3976 ) (#3978 )	2018-05-16 23:55:14 +08:00
David Schneiderbauer	50adbb7134	Adjust z-index for floating labels (#3939 ) (#3950 )	2018-05-12 00:36:03 +03:00
Lauris BH	abc159637c	Changelog for release v1.4.1 (#3891 ) * Changelog for release v1.4.1 * Fix typo	2018-05-03 07:06:40 +03:00
Lauris BH	e35d7ae1fa	Do not allow inactive users to access repositories using private keys (#3887 ) (#3889 )	2018-05-02 20:37:23 +03:00
Lauris BH	40c6eb0d85	Fix to use only needed columns from tables to get repository git paths (#3870 ) (#3883 )	2018-05-02 19:34:21 +03:00
Lauris BH	2996573976	Add "error" as reserved username (#3882 ) (#3886 )	2018-05-02 12:47:24 +03:00
Lauris BH	d0a9957c32	Fix docs site index page (#3868 ) (#3881 )	2018-05-02 11:06:10 +03:00
Lauris BH	adbf576a6e	fix gpg expired bug when time is zero (#3584 ) (#3884 )	2018-05-02 15:23:07 +08:00
Lauris BH	15cdb19d77	Fix path cleanup in multiple places (#3871 ) (#3873 )	2018-05-01 17:10:50 +08:00
kolaente	9be48f04cb	Fix only updated_unix when adding a comment (Backport of #3855 to 1.4 ) (#3860 )	2018-04-30 21:42:37 +03:00
Lauris BH	24dd77eca6	Fix building of docs with latest hugo version (#3856 ) (#3862 )	2018-04-30 21:19:46 +03:00
Bwko	af7779daf8	Remove unnecessary Safe tags (#3779 )	2018-04-11 20:39:27 +03:00
Michael Kuhn	31c0a338d6	Fix typo in deleteUser (#3781 ) (#3783 ) num_watches was used where num_stars should have been used.	2018-04-11 11:24:46 +08:00
Bwko	2ec85e0b70	Use the active branch for the code tab (#3776 )	2018-04-10 11:10:32 +08:00
Bo-Yi Wu	251e1b68b4	Backport: fix: show Clipboard button if disable HTTP of git protocol #3773 (#3774 )	2018-04-09 23:35:30 +08:00
Lauris BH	641d481c38	Correctly check http git access rights for reverse proxy authorized users (#3721 ) (#3743 )	2018-04-04 20:06:21 +03:00
Lunny Xiao	6c6d1ff08c	fix go vet error (#3740 ) (#3744 )	2018-03-30 23:28:10 +03:00
Bwko	d9ad876d97	Set default branchname on first push (#3723 )	2018-03-27 12:51:20 +08:00
Lauris BH	832e2ebe91	Changelog for release 1.4.0 (#3714 )	2018-03-25 09:12:48 +08:00
Jonas Franz	68134e6441	Escape branch name in dropdown menu (#3692 ) Signed-off-by: Jonas Franz <info@jonasfranz.software> (cherry picked from commit `61ce616`) Signed-off-by: Jonas Franz <info@jonasfranz.software>	2018-03-19 22:31:01 +08:00
Lauris BH	3022681432	Changelog for 1.4.0-rc3 (#3679 )	2018-03-16 22:11:34 +02:00
Lauris BH	c0e0fb7d39	Refactor and simplify redirect to url (#3674 ) (#3676 )	2018-03-16 19:59:47 +08:00
Lauris BH	0c612124f9	Update markbates/goth libary to fix OAuth2 support (#3661 ) (#3663 )	2018-03-13 09:08:26 +02:00
Lauris BH	5d0c9872a9	Fix MySQL and PostgreSQL column drop SQL (#3649 ) (#3651 )	2018-03-10 10:27:19 +08:00
Lauris BH	92a3061753	Fix column removal in MSSQL (#3638 ) (#3640 ) * Fix column removal in MSSQL * Use xorm session in MSSQL drop column operations * Add transaction as MSSQL alter table is transactional	2018-03-07 11:59:20 +02:00
Lauris BH	efc5a7171b	Fix wiki inter-links with spaces (#3560 ) (#3632 )	2018-03-06 16:43:50 +08:00
Lauris BH	93f34fd8a2	Changelog for release 1.4.0-rc2 (#3610 )	2018-03-03 00:10:37 +02:00
Wendell Sun	dd784396ce	Fix query protected branch bug (#3563 ) (#3571 ) Signed-off-by: Wendell Sun <iwendellsun@gmail.com>	2018-02-24 00:07:25 +02:00
Wendell Sun	4a0ce6896b	Fix remove team member issue (#3566 ) (#3570 ) Signed-off-by: Wendell Sun <iwendellsun@gmail.com>	2018-02-23 20:02:45 +02:00
Wendell Sun	d87fb0a6fd	Fix the protected branch panic issue (#3567 ) (#3569 ) Signed-off-by: Wendell Sun <iwendellsun@gmail.com>	2018-02-23 19:27:34 +02:00
Bo-Yi Wu	e55eaa8545	if Mirrors repo no content is fetched, updated time should not be changed #3551 (#3565 ) Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>	2018-02-23 13:48:40 +02:00
Wendell Sun	423c642fdb	Bug fix for repo releases sorted (#3522 ) (#3555 ) Signed-off-by: Wendell Sun <iwendellsun@gmail.com> Use TimeStampNow function	2018-02-22 09:56:38 +08:00
Bo-Yi Wu	ed2ba84525	refactor: reduce sql query in retrieveFeeds (#3554 )	2018-02-21 18:15:00 +02:00
Lauris BH	e8015a59bb	Add issue closed time column to fix activity closed issues list (#3537 ) (#3540 ) Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>	2018-02-19 21:51:37 +02:00
Lauris BH	8327300809	Update markbates/goth library (#3533 ) (#3539 ) Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>	2018-02-19 20:10:38 +08:00
Lauris BH	ade183957d	Force remove test repo root path in case previous test is still locking it (#3528 ) (#3536 ) Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>	2018-02-19 08:29:37 +02:00
Lauris BH	c503eac206	Fix escaping changed title in comments (#3530 ) (#3534 ) * Fix escaping changed title in comments * Fix escaping of wiki page titile Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>	2018-02-19 10:33:51 +08:00
Jonas Bröms	221e502297	Clarify Indexer MAX_FILE_SIZE (#3469 ) (#3474 )	2018-02-15 11:20:41 +02:00
Codruț Constantin Gușoi	1c3d712fe7	Fixes missing avatars in offline mode (#3471 ) (#3477 ) Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>	2018-02-14 23:37:35 +02:00
Ethan Koenig	85f90187f3	Improve wiki test (#3493 ) (#3511 )	2018-02-14 22:40:59 +02:00
Jonas Franz	c0675ef6c2	Escape search query (Backport 1.4) (#3488 ) * Escape search query Signed-off-by: Jonas Franz <info@jonasfranz.de> (cherry picked from commit `2970889`) * Reordered imports Signed-off-by: Jonas Franz <info@jonasfranz.de>	2018-02-11 21:25:02 +02:00
Ethan Koenig	4e27cc4813	Fix synchronization bug in repo indexer (#3455 ) (#3461 )	2018-02-08 08:42:45 +02:00
Lauris BH	f61ef28f26	Fix rendering of wiki page list if wiki repo contains other files (#3454 ) (#3463 ) * Fix rendering of wiki page list if wiki repo contains other files * Improve wiki filename tests	2018-02-06 07:59:44 +02:00
Lauris Bukšis-Haberkorns	b27e10d6e4	Change 1.4.0-rc1 version release date Signed-off-by: Lauris Bukšis-Haberkorns <lauris@nix.lv>	2018-02-01 10:22:24 +02:00
		`@@ -1 +0,0 @@`
			`Unnamed repository; edit this file 'description' to name the repository.`
		`@@ -1,2 +0,0 @@`
			`#!/usr/bin/env bash`
			`"/home/tris/Projects/go/src/code.gitea.io/gitea/gitea" hook --config='/home/tris/Projects/go/src/code.gitea.io/gitea/custom/conf/app.ini' post-receive`
		`@@ -1 +0,0 @@`
			`808038d2f71b0ab020991439cffd24309c7bc530 refs/heads/master`