Release 4.38.4

This reverts commit bd06e6d4dc.

.github/workflows/build.yml

@@ -10,9 +10,9 @@ jobs:
       matrix:
         java: [8, 11, 17]
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Cache
-      uses: actions/cache@v2.1.7
+      uses: actions/cache@v3
       env:
         cache-name: cache-sbt-libs
       with:
@@ -22,18 +22,18 @@ jobs:
           ~/.cache/coursier/v1
         key: build-${{ env.cache-name }}-${{ hashFiles('build.sbt') }}
     - name: Set up JDK
-      uses: actions/setup-java@v2
+      uses: actions/setup-java@v3
       with:
         java-version: ${{ matrix.java }}
         distribution: adopt
     - name: Run tests
       run: sbt scalafmtSbtCheck scalafmtCheck test:scalafmtCheck test
     - name: Scala 3
-      run: sbt '++ 3.0.1!' update # TODO
+      run: sbt '++ 3.1.2!' update # TODO
     - name: Build executable
       run: sbt executable
     - name: Upload artifacts
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v3
       with:
         name: gitbucket-java${{ matrix.java }}-${{ github.sha }}
         path: ./target/executable/gitbucket.*

.scala-steward.conf

@@ -5,4 +5,5 @@ updates.includeScala = true
 updates.pin = [
   { groupId = "org.eclipse.jetty", version = "9." }
   { groupId = "org.eclipse.jgit", version = "5." }
+  { groupId = "com.zaxxer", version = "4." }
 ]

CHANGELOG.md

@@ -1,7 +1,37 @@
 # Changelog
 All changes to the project will be documented in this file.
 
-### 4.37.0 - 11 Dec 2021
+## 4.38.3 - 30 Oct 2022
+- Fix several issues around multiple assignees in issues and pull requests
+- Fix IllegalStateException when returning unknown avatar image
+
+## 4.38.2 - 20 Sep 2022
+- Resurrect assignee icons on the issue list
+
+## 4.38.1 - 10 Sep 2022
+- Fix comment diff in Chrome 105
+- Fix Markdown table CSS
+- Fix HTML rendering of multiple asignees
+
+## 4.38.0 - 3 Sep 2022
+- Support multiple assignees for Issues and Pull requests
+- Custom fields for issues and pull requests
+- Reset password by users
+- Allow to configure Jetty idle timeout in standalone mode
+- Horizontal scroll for too wide tables in Markdown
+- Hide header content on signin and register page
+- Fix the default charset of the online editor in the repository viewer
+- Fix the milestone count
+- Some improvements and bugfixes for WebAPI and WebHook
+
+## 4.37.2 - 16 Jan 2022
+- Fixed a security issue reported by [Positive Technologies](https://www.ptsecurity.com/ww-en/). Great thanks for their detailed report and close support!
+
+## 4.37.1 - 14 Dec 2021
+- Update gist-plugin and notification-plugin
+- Fix SSHCommand extension point for apache-sshd 2.x
+
+## 4.37.0 - 11 Dec 2021
 - Enhance Git Reference APIs
 - Add milestone data to issue list API
 - Support "all" in issue list API
@@ -10,32 +40,32 @@ All changes to the project will be documented in this file.
 - Relax max passward length limitation
 - Relax max webhook url length limitation
 
-### 4.36.2 - 16 Aug 2021
+## 4.36.2 - 16 Aug 2021
 - Escape user name in avatar image tag
 
-### 4.36.1 - 22 Jul 2021
+## 4.36.1 - 22 Jul 2021
 - Bump gitbucket-gist-plugin to 4.21.0
 
-### 4.36.0 - 17 Jul 2021
+## 4.36.0 - 17 Jul 2021
 - Tag selector in the repository viewer
 - Link issues/pull requests of other repositories
 - Files and lines can be linked in the diff view
 - Option to disable XSS protection
 
-### 4.35.3 - 14 Jan 2021
+## 4.35.3 - 14 Jan 2021
 - Fix a bug that Wiki page cannot be deleted
 - Fix a deployment issue on Tomcat
 
-### 4.35.2 - 30 Dec 2020
+## 4.35.2 - 30 Dec 2020
 - Upgrade gitbucket-notifications-plugin to 1.10.0
 - Upgrade oauth2-oidc-sdk to 8.29.1 to solve dependency issue
 
-### 4.35.1 - 29 Dec 2020
+## 4.35.1 - 29 Dec 2020
 - Fix database migration issue which happens if webhook is configured
 - Call push webhook when pull request is merged
 - Show commit status at commits tab of pull request
 
-### 4.35.0 - 25 Dec 2020
+## 4.35.0 - 25 Dec 2020
 - Editor and source viewer color theme
 - Auto completion for issues and pull requests
 - Upload image from clipboard

README.md

@@ -1,4 +1,4 @@
-GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.svg)](https://gitter.im/gitbucket/gitbucket) [![build](https://github.com/gitbucket/gitbucket/workflows/build/badge.svg?branch=master)](https://github.com/gitbucket/gitbucket/actions?query=workflow%3Abuild+branch%3Amaster) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/io.github.gitbucket/gitbucket_2.13/badge.svg)](https://maven-badges.herokuapp.com/maven-central/io.github.gitbucket/gitbucket_2.13) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/gitbucket/gitbucket/blob/master/LICENSE)
+GitBucket [![Gitter chat](https://badges.gitter.im/gitbucket/gitbucket.svg)](https://gitter.im/gitbucket/gitbucket) [![build](https://github.com/gitbucket/gitbucket/workflows/build/badge.svg?branch=master)](https://github.com/gitbucket/gitbucket/actions?query=workflow%3Abuild+branch%3Amaster) [![gitbucket Scala version support](https://index.scala-lang.org/gitbucket/gitbucket/gitbucket/latest-by-scala-version.svg)](https://index.scala-lang.org/gitbucket/gitbucket/gitbucket) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://github.com/gitbucket/gitbucket/blob/master/LICENSE)
 =========
 
 GitBucket is a Git web platform powered by Scala offering:
@@ -10,8 +10,6 @@ GitBucket is a Git web platform powered by Scala offering:
 
 ![GitBucket](https://gitbucket.github.io/img/screenshots/screenshot-repository_viewer.png)
 
-You can try an [online demo](https://gitbucket.herokuapp.com/) *(ID: root / Pass: root)* of GitBucket, and also get the latest information at [GitBucket News](https://gitbucket.github.io/gitbucket-news/).
-
 Features
 --------
 The current version of GitBucket provides many features such as:
@@ -31,7 +29,7 @@ GitBucket requires **Java8**. You have to install it, if it is not already insta
 1. Download the latest **gitbucket.war** from [the releases page](https://github.com/gitbucket/gitbucket/releases) and run it by `java -jar gitbucket.war`.
 2. Go to `http://[hostname]:8080/` and log in with ID: **root** / Pass: **root**.
 
-You can also deploy `gitbucket.war` to a servlet container which supports Servlet 3.0 (like Jetty, Tomcat, JBoss, etc)
+You can also deploy `gitbucket.war` to a servlet container which supports Servlet 3.0 (like Jetty, Tomcat, JBoss, etc). Note that GitBucket doesn't support Jakarta EE yet.
 
 For more information about installation on Mac or Windows Server (with IIS), or configuration of Apache or Nginx and also integration with other tools or services such as Jenkins or Slack, see [Wiki](https://github.com/gitbucket/gitbucket/wiki).
 
@@ -61,15 +59,32 @@ Support
 - If you can't find same question and report, send it to our [Gitter room](https://gitter.im/gitbucket/gitbucket) before raising an issue.
 - The highest priority of GitBucket is the ease of installation and API compatibility with GitHub, so your feature request might be rejected if they go against those principles.
 
-What's New in 4.37.x
+What's New in 4.38.x
 -------------
-### 4.37.0 - 11 Dec 2021
+## 4.38.4 - 2 Nov 2022
-- Enhance Git Reference APIs
+- Fix MariaDB issue
-- Add milestone data to issue list API
+
-- Support "all" in issue list API
+## 4.38.3 - 30 Oct 2022
-- Support EDDSA in signed commit verification
+- Fix several issues around multiple assignees in issues and pull requests
-- Support custom SSH url
+- Fix IllegalStateException when returning unknown avatar image
-- Relax max passward length limitation
+
-- Relax max webhook url length limitation
+## 4.38.2 - 20 Sep 2022
+- Resurrect assignee icons on the issue list
+
+## 4.38.1 - 10 Sep 2022
+- Fix comment diff in Chrome 105
+- Fix Markdown table CSS
+- Fix HTML rendering of multiple asignees
+
+## 4.38.0 - 3 Sep 2022
+- Support multiple assignees for Issues and Pull requests
+- Custom fields for issues and pull requests
+- Reset password by users
+- Allow to configure Jetty idle timeout in standalone mode
+- Horizontal scroll for too wide tables in Markdown
+- Hide header content on signin and register page
+- Fix the default charset of the online editor in the repository viewer
+- Fix the milestone count
+- Some improvements and bugfixes for WebAPI and WebHook
 
 See the [change log](CHANGELOG.md) for all of the updates.

build.sbt

@@ -3,10 +3,10 @@ import com.jsuereth.sbtpgp.PgpKeys._
 
 val Organization = "io.github.gitbucket"
 val Name = "gitbucket"
-val GitBucketVersion = "4.37.0"
+val GitBucketVersion = "4.38.4"
-val ScalatraVersion = "2.8.2"
+val ScalatraVersion = "2.8.4"
-val JettyVersion = "9.4.44.v20210927"
+val JettyVersion = "9.4.49.v20220914"
-val JgitVersion = "5.13.0.202109080827-r"
+val JgitVersion = "5.13.1.202206130422-r"
 
 lazy val root = (project in file("."))
   .enablePlugins(SbtTwirl, ScalatraPlugin)
@@ -15,7 +15,7 @@ sourcesInBase := false
 organization := Organization
 name := Name
 version := GitBucketVersion
-scalaVersion := "2.13.7"
+scalaVersion := "2.13.9"
 
 scalafmtOnCompile := true
 
@@ -24,7 +24,6 @@ coverageExcludedPackages := ".*\\.html\\..*"
 // dependency settings
 resolvers ++= Seq(
   Classpaths.typesafeReleases,
-  Resolver.jcenterRepo,
   "sonatype-snapshot" at "https://oss.sonatype.org/content/repositories/snapshots/"
 )
 
@@ -34,42 +33,42 @@ libraryDependencies ++= Seq(
   "org.scalatra"                    %% "scalatra"                    % ScalatraVersion cross CrossVersion.for3Use2_13,
   "org.scalatra"                    %% "scalatra-json"               % ScalatraVersion cross CrossVersion.for3Use2_13,
   "org.scalatra"                    %% "scalatra-forms"              % ScalatraVersion cross CrossVersion.for3Use2_13,
-  "org.json4s"                      %% "json4s-jackson"              % "4.0.3" cross CrossVersion.for3Use2_13,
+  "org.json4s"                      %% "json4s-jackson"              % "4.0.5" cross CrossVersion.for3Use2_13,
   "commons-io"                      % "commons-io"                   % "2.11.0",
-  "io.github.gitbucket"             % "solidbase"                    % "1.0.3",
+  "io.github.gitbucket"             % "solidbase"                    % "1.0.5",
-  "io.github.gitbucket"             % "markedj"                      % "1.0.16",
+  "io.github.gitbucket"             % "markedj"                      % "1.0.17",
   "org.apache.commons"              % "commons-compress"             % "1.21",
   "org.apache.commons"              % "commons-email"                % "1.5",
   "commons-net"                     % "commons-net"                  % "3.8.0",
   "org.apache.httpcomponents"       % "httpclient"                   % "4.5.13",
-  "org.apache.sshd"                 % "apache-sshd"                  % "2.8.0" exclude ("org.slf4j", "slf4j-jdk14") exclude ("org.apache.sshd", "sshd-mina") exclude ("org.apache.sshd", "sshd-netty"),
+  "org.apache.sshd"                 % "apache-sshd"                  % "2.9.1" exclude ("org.slf4j", "slf4j-jdk14") exclude ("org.apache.sshd", "sshd-mina") exclude ("org.apache.sshd", "sshd-netty"),
-  "org.apache.tika"                 % "tika-core"                    % "2.1.0",
+  "org.apache.tika"                 % "tika-core"                    % "2.4.1",
   "com.github.takezoe"              %% "blocking-slick-32"           % "0.0.12" cross CrossVersion.for3Use2_13,
   "com.novell.ldap"                 % "jldap"                        % "2009-10-07",
   "com.h2database"                  % "h2"                           % "1.4.199",
   "org.mariadb.jdbc"                % "mariadb-java-client"          % "2.7.4",
-  "org.postgresql"                  % "postgresql"                   % "42.3.1",
+  "org.postgresql"                  % "postgresql"                   % "42.5.0",
-  "ch.qos.logback"                  % "logback-classic"              % "1.2.7",
+  "ch.qos.logback"                  % "logback-classic"              % "1.2.11",
   "com.zaxxer"                      % "HikariCP"                     % "4.0.3" exclude ("org.slf4j", "slf4j-api"),
-  "com.typesafe"                    % "config"                       % "1.4.1",
+  "com.typesafe"                    % "config"                       % "1.4.2",
   "fr.brouillard.oss.security.xhub" % "xhub4j-core"                  % "1.1.0",
-  "io.github.java-diff-utils"       % "java-diff-utils"              % "4.11",
+  "io.github.java-diff-utils"       % "java-diff-utils"              % "4.12",
   "org.cache2k"                     % "cache2k-all"                  % "1.6.0.Final",
-  "net.coobird"                     % "thumbnailator"                % "0.4.15",
+  "net.coobird"                     % "thumbnailator"                % "0.4.17",
   "com.github.zafarkhaja"           % "java-semver"                  % "0.9.0",
-  "com.nimbusds"                    % "oauth2-oidc-sdk"              % "9.20",
+  "com.nimbusds"                    % "oauth2-oidc-sdk"              % "9.43.1",
   "org.eclipse.jetty"               % "jetty-webapp"                 % JettyVersion % "provided",
   "javax.servlet"                   % "javax.servlet-api"            % "3.1.0" % "provided",
   "junit"                           % "junit"                        % "4.13.2" % "test",
   "org.scalatra"                    %% "scalatra-scalatest"          % ScalatraVersion % "test" cross CrossVersion.for3Use2_13,
-  "org.mockito"                     % "mockito-core"                 % "4.1.0" % "test",
+  "org.mockito"                     % "mockito-core"                 % "4.8.0" % "test",
-  "com.dimafeng"                    %% "testcontainers-scala"        % "0.39.12" % "test",
+  "com.dimafeng"                    %% "testcontainers-scala"        % "0.40.10" % "test",
-  "org.testcontainers"              % "mysql"                        % "1.16.2" % "test",
+  "org.testcontainers"              % "mysql"                        % "1.17.3" % "test",
-  "org.testcontainers"              % "postgresql"                   % "1.16.2" % "test",
+  "org.testcontainers"              % "postgresql"                   % "1.17.3" % "test",
   "net.i2p.crypto"                  % "eddsa"                        % "0.3.0",
   "is.tagomor.woothee"              % "woothee-java"                 % "1.11.0",
   "org.ec4j.core"                   % "ec4j-core"                    % "0.3.0",
-  "org.kohsuke"                     % "github-api"                   % "1.301" % "test"
+  "org.kohsuke"                     % "github-api"                   % "1.308" % "test"
 )
 
 libraryDependencies ~= {

project/build.properties

@@ -1 +1 @@
-sbt.version=1.5.6
+sbt.version=1.7.1

project/plugins.sbt

@@ -1,11 +1,11 @@
 scalacOptions ++= Seq("-unchecked", "-deprecation", "-feature")
 
-addSbtPlugin("org.scalameta"    % "sbt-scalafmt"       % "2.4.5")
+addSbtPlugin("org.scalameta"    % "sbt-scalafmt"       % "2.4.6")
 addSbtPlugin("com.typesafe.sbt" % "sbt-twirl"          % "1.5.1")
-addSbtPlugin("com.eed3si9n"     % "sbt-assembly"       % "1.1.0")
+addSbtPlugin("com.eed3si9n"     % "sbt-assembly"       % "1.2.0")
 addSbtPlugin("org.scalatra.sbt" % "sbt-scalatra"       % "1.0.4")
 addSbtPlugin("com.github.sbt"   % "sbt-pgp"            % "2.1.2")
 addSbtPlugin("com.typesafe.sbt" % "sbt-license-report" % "1.2.0")
-addSbtPlugin("org.scoverage"    % "sbt-scoverage"      % "1.9.2")
+addSbtPlugin("org.scoverage"    % "sbt-scoverage"      % "2.0.0")
 
 addDependencyTreePlugin

src/main/java/JettyLauncher.java

@@ -61,6 +61,7 @@ public class JettyLauncher {
         String redirectHttps = getEnvironmentVariable("gitbucket.redirectHttps");
         String contextPath = getEnvironmentVariable("gitbucket.prefix");
         String tmpDirPath = getEnvironmentVariable("gitbucket.tempDir");
+        String jettyIdleTimeout = getEnvironmentVariable("gitbucket.jettyIdleTimeout");
         boolean saveSessions = false;
 
         for(String arg: args) {
@@ -107,6 +108,9 @@ public class JettyLauncher {
                         case "--plugin_dir":
                             System.setProperty("gitbucket.pluginDir", dim[1]);
                             break;
+                        case "--jetty_idle_timeout":
+                            jettyIdleTimeout = dim[1];
+                            break;
                     }
                 }
             }
@@ -130,6 +134,11 @@ public class JettyLauncher {
         if (connectorsSet.contains(Connectors.HTTPS)) {
             httpConfig.setSecurePort(fallback(securePort, Defaults.HTTPS_PORT, Integer::parseInt));
         }
+        if (jettyIdleTimeout != null && jettyIdleTimeout.trim().length() != 0) {
+            httpConfig.setIdleTimeout(Long.parseLong(jettyIdleTimeout.trim()));
+        } else {
+            httpConfig.setIdleTimeout(300000L); // default is 5min
+        }
 
         if (connectorsSet.contains(Connectors.HTTP)) {
             final ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));

src/main/resources/bundle-plugins.txt

@@ -1,4 +1,4 @@
-notifications:1.10.0
+notifications:1.11.0
-gist:4.21.0
+gist:4.22.0
 emoji:4.6.0
 pages:1.10.0

src/main/resources/update/gitbucket-core_4.0.sql

@@ -1,18 +0,0 @@
-CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
- SELECT
-   A.USER_NAME,
-   A.REPOSITORY_NAME,
-   A.ISSUE_ID,
-   COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
- FROM ISSUE A
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
-   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) B
- ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) C
- ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID);

src/main/resources/update/gitbucket-core_4.0.xml

@@ -343,4 +343,28 @@
   <addPrimaryKey constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_PK" tableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" columnNames="USER_NAME, REPOSITORY_NAME, BRANCH, CONTEXT"/>
   <addForeignKeyConstraint constraintName="IDX_PROTECTED_BRANCH_REQUIRE_CONTEXT_FK0" baseTableName="PROTECTED_BRANCH_REQUIRE_CONTEXT" baseColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" referencedTableName="PROTECTED_BRANCH" referencedColumnNames="USER_NAME, REPOSITORY_NAME, BRANCH" onDelete="CASCADE" onUpdate="CASCADE"/>
 
+  <!--================================================================================================-->
+  <!-- ISSUE_OUTLINE_VIEW -->
+  <!--================================================================================================-->
+  <sql>
+    CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
+      SELECT
+        A.USER_NAME,
+        A.REPOSITORY_NAME,
+        A.ISSUE_ID,
+        COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT
+      FROM ISSUE A
+      LEFT OUTER JOIN (
+        SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
+        WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
+        GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+      ) B
+      ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
+      LEFT OUTER JOIN (
+        SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
+        GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+      ) C
+      ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID)
+  </sql>
+
 </changeSet>

src/main/resources/update/gitbucket-core_4.14.sql

@@ -1,26 +0,0 @@
-CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
-
- SELECT
-   A.USER_NAME,
-   A.REPOSITORY_NAME,
-   A.ISSUE_ID,
-   COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT,
-   COALESCE(D.ORDERING, 9999) AS PRIORITY
-
- FROM ISSUE A
-
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
-   WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) B
- ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
-
- LEFT OUTER JOIN (
-   SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
-   GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
- ) C
- ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID)
-
- LEFT OUTER JOIN PRIORITY D
- ON (A.PRIORITY_ID = D.PRIORITY_ID);

src/main/resources/update/gitbucket-core_4.14.xml

@@ -35,4 +35,28 @@
     <column name="URL" type="varchar(200)" nullable="false"/>
     <column name="EVENT" type="varchar(30)" nullable="false"/>
   </createTable>
+
+  <sql>
+    CREATE OR REPLACE VIEW ISSUE_OUTLINE_VIEW AS
+      SELECT
+        A.USER_NAME,
+        A.REPOSITORY_NAME,
+        A.ISSUE_ID,
+        COALESCE(B.COMMENT_COUNT, 0) + COALESCE(C.COMMENT_COUNT, 0) AS COMMENT_COUNT,
+        COALESCE(D.ORDERING, 9999) AS PRIORITY
+      FROM ISSUE A
+      LEFT OUTER JOIN (
+        SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM ISSUE_COMMENT
+        WHERE ACTION IN ('comment', 'close_comment', 'reopen_comment')
+        GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+      ) B
+      ON (A.USER_NAME = B.USER_NAME AND A.REPOSITORY_NAME = B.REPOSITORY_NAME AND A.ISSUE_ID = B.ISSUE_ID)
+      LEFT OUTER JOIN (
+        SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, COUNT(COMMENT_ID) AS COMMENT_COUNT FROM COMMIT_COMMENT
+        GROUP BY USER_NAME, REPOSITORY_NAME, ISSUE_ID
+      ) C
+      ON (A.USER_NAME = C.USER_NAME AND A.REPOSITORY_NAME = C.REPOSITORY_NAME AND A.ISSUE_ID = C.ISSUE_ID)
+      LEFT OUTER JOIN PRIORITY D
+      ON (A.PRIORITY_ID = D.PRIORITY_ID);
+  </sql>
 </changeSet>

src/main/resources/update/gitbucket-core_4.38.xml

@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<changeSet>
+  <!--================================================================================================-->
+  <!-- CUSTOM_FIELD -->
+  <!--================================================================================================-->
+  <createTable tableName="CUSTOM_FIELD">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="FIELD_ID" type="int" nullable="false" autoIncrement="true" unique="true"/>
+    <column name="FIELD_NAME" type="varchar(100)" nullable="false"/>
+    <column name="FIELD_TYPE" type="varchar(100)" nullable="false"/>
+    <column name="ENABLE_FOR_ISSUES" type="boolean" nullable="false"/>
+    <column name="ENABLE_FOR_PULL_REQUESTS" type="boolean" nullable="false"/>
+  </createTable>
+  <addPrimaryKey constraintName="IDX_CUSTOM_FIELD_PK" tableName="CUSTOM_FIELD" columnNames="USER_NAME, REPOSITORY_NAME, FIELD_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_CUSTOM_FIELD_FK0" baseTableName="CUSTOM_FIELD" baseColumnNames="USER_NAME, REPOSITORY_NAME" referencedTableName="REPOSITORY" referencedColumnNames="USER_NAME, REPOSITORY_NAME"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_CUSTOM_FIELD -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_CUSTOM_FIELD">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="FIELD_ID" type="int" nullable="false"/>
+    <column name="VALUE" type="varchar(200)" nullable="true"/>
+  </createTable>
+  <addPrimaryKey constraintName="IDX_ISSUE_CUSTOM_FIELD_PK" tableName="ISSUE_CUSTOM_FIELD" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID, FIELD_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_CUSTOM_FIELD_FK0" baseTableName="ISSUE_CUSTOM_FIELD" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_CUSTOM_FIELD_FK1" baseTableName="ISSUE_CUSTOM_FIELD" baseColumnNames="USER_NAME, REPOSITORY_NAME, FIELD_ID" referencedTableName="CUSTOM_FIELD" referencedColumnNames="USER_NAME, REPOSITORY_NAME, FIELD_ID"/>
+
+  <!--================================================================================================-->
+  <!-- ISSUE_ASSIGNEE -->
+  <!--================================================================================================-->
+  <createTable tableName="ISSUE_ASSIGNEE">
+    <column name="USER_NAME" type="varchar(100)" nullable="false"/>
+    <column name="REPOSITORY_NAME" type="varchar(100)" nullable="false"/>
+    <column name="ISSUE_ID" type="int" nullable="false"/>
+    <column name="ASSIGNEE_USER_NAME" type="varchar(100)" nullable="false"/>
+  </createTable>
+  <addPrimaryKey constraintName="IDX_ISSUE_ASSIGNEE_PK" tableName="ISSUE_ASSIGNEE" columnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID, ASSIGNEE_USER_NAME"/>
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_ASSIGNEE_FK0" baseTableName="ISSUE_ASSIGNEE" baseColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID" referencedTableName="ISSUE" referencedColumnNames="USER_NAME, REPOSITORY_NAME, ISSUE_ID"/>
+  <!--
+  <addForeignKeyConstraint constraintName="IDX_ISSUE_ASSIGNEE_FK1" baseTableName="ISSUE_ASSIGNEE" baseColumnNames="ASSIGNEE_USER_NAME" referencedTableName="ACCOUNT" referencedColumnNames="USER_NAME"/>
+  -->
+
+  <sql>
+    INSERT INTO ISSUE_ASSIGNEE (USER_NAME, REPOSITORY_NAME, ISSUE_ID, ASSIGNEE_USER_NAME)
+      SELECT USER_NAME, REPOSITORY_NAME, ISSUE_ID, ASSIGNED_USER_NAME FROM ISSUE WHERE ASSIGNED_USER_NAME IS NOT NULL
+  </sql>
+
+  <dropColumn tableName="ISSUE" columnName="ASSIGNED_USER_NAME"/>
+</changeSet>

src/main/resources/update/gitbucket-core_4.7.sql

@@ -1,2 +0,0 @@
--- DELETE COLLABORATORS IN GROUP REPOSITORIES
-DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)

src/main/resources/update/gitbucket-core_4.7.xml

@@ -30,4 +30,9 @@
     <dropColumn tableName="REPOSITORY" columnName="ENABLE_WIKI"/>
     <dropColumn tableName="REPOSITORY" columnName="ALLOW_WIKI_EDITING"/>
     <dropColumn tableName="REPOSITORY" columnName="ENABLE_ISSUES"/>
+
+    <!-- DELETE COLLABORATORS IN GROUP REPOSITORIES -->
+    <sql>
+      DELETE FROM COLLABORATOR WHERE USER_NAME IN (SELECT USER_NAME FROM ACCOUNT WHERE GROUP_ACCOUNT = TRUE)
+    </sql>
 </changeSet>

src/main/scala/gitbucket/core/GitBucketCoreModule.scala

@@ -9,7 +9,7 @@ import gitbucket.core.model.Activity
 import gitbucket.core.util.Directory.ActivityLog
 import gitbucket.core.util.JDBCUtil
 import io.github.gitbucket.solidbase.Solidbase
-import io.github.gitbucket.solidbase.migration.{LiquibaseMigration, Migration, SqlMigration}
+import io.github.gitbucket.solidbase.migration.{LiquibaseMigration, Migration}
 import io.github.gitbucket.solidbase.model.{Module, Version}
 import org.json4s.{Formats, NoTypeHints}
 import org.json4s.jackson.Serialization
@@ -20,11 +20,7 @@ import scala.util.Using
 object GitBucketCoreModule
     extends Module(
       "gitbucket-core",
-      new Version(
+      new Version("4.0.0", new LiquibaseMigration("update/gitbucket-core_4.0.xml")),
-        "4.0.0",
-        new LiquibaseMigration("update/gitbucket-core_4.0.xml"),
-        new SqlMigration("update/gitbucket-core_4.0.sql")
-      ),
       new Version("4.1.0"),
       new Version("4.2.0", new LiquibaseMigration("update/gitbucket-core_4.2.xml")),
       new Version("4.2.1"),
@@ -32,11 +28,7 @@ object GitBucketCoreModule
       new Version("4.4.0"),
       new Version("4.5.0"),
       new Version("4.6.0", new LiquibaseMigration("update/gitbucket-core_4.6.xml")),
-      new Version(
+      new Version("4.7.0", new LiquibaseMigration("update/gitbucket-core_4.7.xml")),
-        "4.7.0",
-        new LiquibaseMigration("update/gitbucket-core_4.7.xml"),
-        new SqlMigration("update/gitbucket-core_4.7.sql")
-      ),
       new Version("4.7.1"),
       new Version("4.8"),
       new Version("4.9.0", new LiquibaseMigration("update/gitbucket-core_4.9.xml")),
@@ -45,11 +37,7 @@ object GitBucketCoreModule
       new Version("4.12.0"),
       new Version("4.12.1"),
       new Version("4.13.0"),
-      new Version(
+      new Version("4.14.0", new LiquibaseMigration("update/gitbucket-core_4.14.xml")),
-        "4.14.0",
-        new LiquibaseMigration("update/gitbucket-core_4.14.xml"),
-        new SqlMigration("update/gitbucket-core_4.14.sql")
-      ),
       new Version("4.14.1"),
       new Version("4.15.0"),
       new Version("4.16.0"),
@@ -121,4 +109,11 @@ object GitBucketCoreModule
       new Version("4.36.1"),
       new Version("4.36.2"),
       new Version("4.37.0", new LiquibaseMigration("update/gitbucket-core_4.37.xml")),
+      new Version("4.37.1"),
+      new Version("4.37.2"),
+      new Version("4.38.0", new LiquibaseMigration("update/gitbucket-core_4.38.xml")),
+      new Version("4.38.1"),
+      new Version("4.38.2"),
+      new Version("4.38.3"),
+      new Version("4.38.4")
     )

src/main/scala/gitbucket/core/api/ApiCommits.scala

@@ -97,7 +97,7 @@ object ApiCommits {
     ApiCommits(
       url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${commitInfo.id}"),
       sha = commitInfo.id,
-      html_url = ApiPath(s"${repositoryName.fullName}/commit/${commitInfo.id}"),
+      html_url = ApiPath(s"/${repositoryName.fullName}/commit/${commitInfo.id}"),
       comment_url = ApiPath(""), // TODO no API for commit comment
       commit = Commit(
         url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${commitInfo.id}"),

src/main/scala/gitbucket/core/api/ApiIssue.scala

@@ -12,7 +12,7 @@ case class ApiIssue(
   number: Int,
   title: String,
   user: ApiUser,
-  assignee: Option[ApiUser],
+  assignees: List[ApiUser],
   labels: List[ApiLabel],
   state: String,
   created_at: Date,
@@ -21,7 +21,7 @@ case class ApiIssue(
   milestone: Option[ApiMilestone]
 )(repositoryName: RepositoryName, isPullRequest: Boolean) {
   val id = 0 // dummy id
-  val assignees = List(assignee).flatten
+  val assignee = assignees.headOption
   val comments_url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/issues/${number}/comments")
   val html_url = ApiPath(s"/${repositoryName.fullName}/${if (isPullRequest) { "pull" } else { "issues" }}/${number}")
   val pull_request = if (isPullRequest) {
@@ -43,7 +43,7 @@ object ApiIssue {
     issue: Issue,
     repositoryName: RepositoryName,
     user: ApiUser,
-    assignee: Option[ApiUser],
+    assignees: List[ApiUser],
     labels: List[ApiLabel],
     milestone: Option[ApiMilestone]
   ): ApiIssue =
@@ -51,7 +51,7 @@ object ApiIssue {
       number = issue.issueId,
       title = issue.title,
       user = user,
-      assignee = assignee,
+      assignees = assignees,
       labels = labels,
       milestone = milestone,
       state = if (issue.closed) { "closed" } else { "open" },

src/main/scala/gitbucket/core/api/ApiPullRequest.scala

@@ -21,10 +21,11 @@ case class ApiPullRequest(
   body: String,
   user: ApiUser,
   labels: List[ApiLabel],
-  assignee: Option[ApiUser],
+  assignees: List[ApiUser],
   draft: Option[Boolean]
 ) {
   val id = 0 // dummy id
+  val assignee = assignees.headOption
   val html_url = ApiPath(s"${base.repo.html_url.path}/pull/${number}")
   //val diff_url            = ApiPath(s"${base.repo.html_url.path}/pull/${number}.diff")
   //val patch_url           = ApiPath(s"${base.repo.html_url.path}/pull/${number}.patch")
@@ -45,7 +46,7 @@ object ApiPullRequest {
     baseRepo: ApiRepository,
     user: ApiUser,
     labels: List[ApiLabel],
-    assignee: Option[ApiUser],
+    assignees: List[ApiUser],
     mergedComment: Option[(IssueComment, Account)]
   ): ApiPullRequest =
     ApiPullRequest(
@@ -63,7 +64,7 @@ object ApiPullRequest {
       body = issue.content.getOrElse(""),
       user = user,
       labels = labels,
-      assignee = assignee,
+      assignees = assignees,
       draft = Some(pullRequest.isDraft)
     )
 

src/main/scala/gitbucket/core/api/ApiRef.scala

@@ -28,7 +28,7 @@ object ApiRef {
       url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/git/${ref.getName}"),
       `object` = ApiRefCommit(
         sha = ref.getObjectId.getName,
-        url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/git/commits/${ref.getObjectId.getName}"),
+        url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${ref.getObjectId.getName}"),
         `type` = "commit"
       )
     )
@@ -40,10 +40,16 @@ object ApiRef {
     ApiRef(
       ref = s"refs/tags/${tagInfo.name}",
       url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/git/refs/tags/${tagInfo.name}"),
+      //the GH api distinguishes between "releases" and plain git tags
+      //for "releases", the api returns a reference to the release object (with type `tag`)
+      //this would be something like s"/api/v3/repos/${repositoryName.fullName}/git/tags/<hash-of-tag>"
+      //with a hash for the tag, which I do not fully understand
+      //since this is not yet implemented in GB, we always return a link to the plain `commit` object,
+      //which GH does for tags that are not annotated
       `object` = ApiRefCommit(
         sha = tagInfo.objectId,
-        url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/git/tags/${tagInfo.objectId}"), // TODO This URL is not yet available?
+        url = ApiPath(s"/api/v3/repos/${repositoryName.fullName}/commits/${tagInfo.objectId}"),
-        `type` = "tag"
+        `type` = "commit"
       )
     )
 }

src/main/scala/gitbucket/core/api/ApiRepository.scala

@@ -21,7 +21,7 @@ case class ApiRepository(
   val url = ApiPath(s"/api/v3/repos/${full_name}")
   val clone_url = ApiPath(s"/git/${full_name}.git")
   val html_url = ApiPath(s"/${full_name}")
-  val ssh_url = Some(SshPath(s":${full_name}.git"))
+  val ssh_url = Some(SshPath(""))
 }
 
 object ApiRepository {

src/main/scala/gitbucket/core/controller/AccountController.scala

@@ -128,6 +128,15 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     "highlighterTheme" -> trim(label("Theme", text(required)))
   )(SyntaxHighlighterThemeForm.apply)
 
+  val resetPasswordEmailForm = mapping(
+    "mailAddress" -> trim(label("Email", text(required)))
+  )(ResetPasswordEmailForm.apply)
+
+  val resetPasswordForm = mapping(
+    "token" -> trim(label("Token", text(required))),
+    "password" -> trim(label("Password", text(required, maxlength(40))))
+  )(ResetPasswordForm.apply)
+
   case class NewGroupForm(
     groupName: String,
     description: Option[String],
@@ -143,6 +152,13 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     members: String,
     clearImage: Boolean
   )
+  case class ResetPasswordEmailForm(
+    mailAddress: String
+  )
+  case class ResetPasswordForm(
+    token: String,
+    password: String
+  )
 
   val newGroupForm = mapping(
     "groupName" -> trim(label("Group name", text(required, maxlength(100), identifier, uniqueUserName, reservedNames))),
@@ -602,7 +618,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   })
 
   get("/register") {
-    if (context.settings.allowAccountRegistration) {
+    if (context.settings.basicBehavior.allowAccountRegistration) {
       if (context.loginAccount.isDefined) {
         redirect("/")
       } else {
@@ -612,7 +628,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   }
 
   post("/register", newForm) { form =>
-    if (context.settings.allowAccountRegistration) {
+    if (context.settings.basicBehavior.allowAccountRegistration) {
       createAccount(
         form.userName,
         pbkdf2_sha256(form.password),
@@ -628,6 +644,63 @@ trait AccountControllerBase extends AccountManagementControllerBase {
     } else NotFound()
   }
 
+  get("/reset") {
+    if (context.settings.basicBehavior.allowResetPassword) {
+      html.reset()
+    } else NotFound()
+  }
+
+  post("/reset", resetPasswordEmailForm) { form =>
+    if (context.settings.basicBehavior.allowResetPassword) {
+      getAccountByMailAddress(form.mailAddress).foreach { account =>
+        val token = generateResetPasswordToken(form.mailAddress)
+        val mailer = new Mailer(context.settings)
+        mailer.send(
+          form.mailAddress,
+          "Reset password",
+          s"""Hello, ${account.fullName}!
+            |
+            |You requested to reset the password for your GitBucket account.
+            |If you are not sure about the request, you can ignore this email.
+            |Otherwise, click the following link to set the new password:
+            |${context.baseUrl}/reset/form/${token}
+            |""".stripMargin
+        )
+      }
+      redirect("/reset/sent")
+    } else NotFound()
+  }
+
+  get("/reset/sent") {
+    if (context.settings.basicBehavior.allowResetPassword) {
+      html.resetsent()
+    } else NotFound()
+  }
+
+  get("/reset/form/:token") {
+    if (context.settings.basicBehavior.allowResetPassword) {
+      val token = params("token")
+      decodeResetPasswordToken(token)
+        .map { _ =>
+          html.resetform(token)
+        }
+        .getOrElse(NotFound())
+    } else NotFound()
+  }
+
+  post("/reset/form", resetPasswordForm) { form =>
+    if (context.settings.basicBehavior.allowResetPassword) {
+      decodeResetPasswordToken(form.token)
+        .flatMap { mailAddress =>
+          getAccountByMailAddress(mailAddress).map { account =>
+            updateAccount(account.copy(password = pbkdf2_sha256(form.password)))
+            html.resetcomplete()
+          }
+        }
+        .getOrElse(NotFound())
+    } else NotFound()
+  }
+
   get("/groups/new")(usersOnly {
     context.withLoginAccount { loginAccount =>
       html.creategroup(List(GroupMember("", loginAccount.userName, true)))
@@ -713,7 +786,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
    */
   get("/new")(usersOnly {
     context.withLoginAccount { loginAccount =>
-      html.newrepo(getGroupsByUserName(loginAccount.userName), context.settings.isCreateRepoOptionPublic)
+      html.newrepo(getGroupsByUserName(loginAccount.userName), context.settings.basicBehavior.isCreateRepoOptionPublic)
     }
   })
 
@@ -723,7 +796,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   post("/new", newRepositoryForm)(usersOnly { form =>
     context.withLoginAccount {
       loginAccount =>
-        if (context.settings.repositoryOperation.create || loginAccount.isAdmin) {
+        if (context.settings.basicBehavior.repositoryOperation.create || loginAccount.isAdmin) {
           LockUtil.lock(s"${form.owner}/${form.name}") {
             if (getRepository(form.owner, form.name).isDefined) {
               // redirect to the repository if repository already exists
@@ -753,7 +826,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   get("/:owner/:repository/fork")(readableUsersOnly { repository =>
     context.withLoginAccount {
       loginAccount =>
-        if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) {
+        if (repository.repository.options.allowFork && (context.settings.basicBehavior.repositoryOperation.fork || loginAccount.isAdmin)) {
           val loginUserName = loginAccount.userName
           val groups = getGroupsByUserName(loginUserName)
           groups match {
@@ -780,7 +853,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
   post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) =>
     context.withLoginAccount {
       loginAccount =>
-        if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) {
+        if (repository.repository.options.allowFork && (context.settings.basicBehavior.repositoryOperation.fork || loginAccount.isAdmin)) {
           val loginUserName = loginAccount.userName
           val accountName = form.accountName
 

src/main/scala/gitbucket/core/controller/DashboardController.scala

@@ -40,7 +40,7 @@ trait DashboardControllerBase extends ControllerBase {
         context.loginAccount,
         None,
         withoutPhysicalInfo = true,
-        limit = context.settings.limitVisibleRepositories
+        limit = context.settings.basicBehavior.limitVisibleRepositories
       )
       html.repos(getGroupNames(loginAccount.userName), repos, repos)
     }
@@ -129,7 +129,7 @@ trait DashboardControllerBase extends ControllerBase {
         context.loginAccount,
         None,
         withoutPhysicalInfo = true,
-        limit = context.settings.limitVisibleRepositories
+        limit = context.settings.basicBehavior.limitVisibleRepositories
       )
     )
   }
@@ -171,7 +171,7 @@ trait DashboardControllerBase extends ControllerBase {
         context.loginAccount,
         None,
         withoutPhysicalInfo = true,
-        limit = context.settings.limitVisibleRepositories
+        limit = context.settings.basicBehavior.limitVisibleRepositories
       )
     )
   }

src/main/scala/gitbucket/core/controller/IndexController.scala

@@ -69,7 +69,7 @@ trait IndexControllerBase extends ControllerBase {
             Some(account),
             None,
             withoutPhysicalInfo = true,
-            limit = context.settings.limitVisibleRepositories
+            limit = context.settings.basicBehavior.limitVisibleRepositories
           ),
           showBannerToCreatePersonalAccessToken = hasAccountFederation(account.userName) && !hasAccessToken(
             account.userName
@@ -289,11 +289,11 @@ trait IndexControllerBase extends ControllerBase {
         context.loginAccount,
         None,
         withoutPhysicalInfo = true,
-        limit = context.settings.limitVisibleRepositories
+        limit = context.settings.basicBehavior.limitVisibleRepositories
       )
 
     val repositories = {
-      context.settings.limitVisibleRepositories match {
+      context.settings.basicBehavior.limitVisibleRepositories match {
         case true =>
           getVisibleRepositories(
             context.loginAccount,

src/main/scala/gitbucket/core/controller/IssuesController.scala

@@ -1,7 +1,7 @@
 package gitbucket.core.controller
 
 import gitbucket.core.issues.html
-import gitbucket.core.model.Account
+import gitbucket.core.model.{Account, CustomFieldBehavior}
 import gitbucket.core.service.IssuesService._
 import gitbucket.core.service._
 import gitbucket.core.util.Implicits._
@@ -21,6 +21,7 @@ class IssuesController
     with ActivityService
     with HandleCommentService
     with IssueCreationService
+    with CustomFieldsService
     with ReadableUsersAuthenticator
     with ReferrerAuthenticator
     with WritableUsersAuthenticator
@@ -41,6 +42,7 @@ trait IssuesControllerBase extends ControllerBase {
     with ActivityService
     with HandleCommentService
     with IssueCreationService
+    with CustomFieldsService
     with ReadableUsersAuthenticator
     with ReferrerAuthenticator
     with WritableUsersAuthenticator
@@ -51,7 +53,7 @@ trait IssuesControllerBase extends ControllerBase {
   case class IssueCreateForm(
     title: String,
     content: Option[String],
-    assignedUserName: Option[String],
+    assigneeUserNames: Option[String],
     milestoneId: Option[Int],
     priorityId: Option[Int],
     labelNames: Option[String]
@@ -62,7 +64,7 @@ trait IssuesControllerBase extends ControllerBase {
   val issueCreateForm = mapping(
     "title" -> trim(label("Title", text(required))),
     "content" -> trim(optional(text())),
-    "assignedUserName" -> trim(optional(text())),
+    "assigneeUserNames" -> trim(optional(text())),
     "milestoneId" -> trim(optional(number())),
     "priorityId" -> trim(optional(number())),
     "labelNames" -> trim(optional(text()))
@@ -105,10 +107,12 @@ trait IssuesControllerBase extends ControllerBase {
             issue,
             getComments(repository.owner, repository.name, issueId.toInt),
             getIssueLabels(repository.owner, repository.name, issueId.toInt),
+            getIssueAssignees(repository.owner, repository.name, issueId.toInt),
             getAssignableUserNames(repository.owner, repository.name),
             getMilestonesWithIssueCount(repository.owner, repository.name),
             getPriorities(repository.owner, repository.name),
             getLabels(repository.owner, repository.name),
+            getCustomFieldsWithValue(repository.owner, repository.name, issueId.toInt).filter(_._1.enableForIssues),
             isIssueEditable(repository),
             isIssueManageable(repository),
             isIssueCommentManageable(repository),
@@ -126,6 +130,7 @@ trait IssuesControllerBase extends ControllerBase {
         getPriorities(repository.owner, repository.name),
         getDefaultPriority(repository.owner, repository.name),
         getLabels(repository.owner, repository.name),
+        getCustomFields(repository.owner, repository.name).filter(_.enableForIssues),
         isIssueManageable(repository),
         getContentTemplate(repository, "ISSUE_TEMPLATE"),
         repository
@@ -141,12 +146,31 @@ trait IssuesControllerBase extends ControllerBase {
             repository,
             form.title,
             form.content,
-            form.assignedUserName,
+            form.assigneeUserNames.toSeq.flatMap(_.split(",")),
             form.milestoneId,
             form.priorityId,
             form.labelNames.toSeq.flatMap(_.split(",")),
             loginAccount
           )
+
+          // Insert custom field values
+          params.toMap.foreach {
+            case (key, value) =>
+              if (key.startsWith("custom-field-")) {
+                getCustomField(
+                  repository.owner,
+                  repository.name,
+                  key.replaceFirst("^custom-field-", "").toInt
+                ).foreach { field =>
+                  CustomFieldBehavior.validate(field, value, messages) match {
+                    case None =>
+                      insertOrUpdateCustomFieldValue(field, repository.owner, repository.name, issue.issueId, value)
+                    case Some(_) => halt(400)
+                  }
+                }
+              }
+          }
+
           redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}")
         } else Unauthorized()
     }
@@ -235,7 +259,7 @@ trait IssuesControllerBase extends ControllerBase {
       loginAccount =>
         getComment(repository.owner, repository.name, params("id")).map { comment =>
           if (isEditableContent(repository.owner, repository.name, comment.commentedUserName, loginAccount)) {
-            updateComment(comment.issueId, comment.commentId, form.content)
+            updateComment(repository.owner, repository.name, comment.issueId, comment.commentId, form.content)
             redirect(s"/${repository.owner}/${repository.name}/issue_comments/_data/${comment.commentId}")
           } else Unauthorized()
         } getOrElse NotFound()
@@ -333,15 +357,16 @@ trait IssuesControllerBase extends ControllerBase {
     html.labellist(getIssueLabels(repository.owner, repository.name, issueId))
   })
 
-  ajaxPost("/:owner/:repository/issues/:id/assign")(writableUsersOnly { repository =>
+  ajaxPost("/:owner/:repository/issues/:id/assignee/new")(writableUsersOnly { repository =>
-    updateAssignedUserName(
+    val issueId = params("id").toInt
-      repository.owner,
+    registerIssueAssignee(repository.owner, repository.name, issueId, params("assigneeUserName"), true)
-      repository.name,
+    Ok()
-      params("id").toInt,
+  })
-      assignedUserName("assignedUserName"),
+
-      true
+  ajaxPost("/:owner/:repository/issues/:id/assignee/delete")(writableUsersOnly { repository =>
-    )
+    val issueId = params("id").toInt
-    Ok("updated")
+    deleteIssueAssignee(repository.owner, repository.name, issueId, params("assigneeUserName"), true)
+    Ok()
   })
 
   ajaxPost("/:owner/:repository/issues/:id/milestone")(writableUsersOnly { repository =>
@@ -362,6 +387,35 @@ trait IssuesControllerBase extends ControllerBase {
     Ok("updated")
   })
 
+  ajaxPost("/:owner/:repository/issues/customfield_validation/:fieldId")(writableUsersOnly { repository =>
+    val fieldId = params("fieldId").toInt
+    val value = params("value")
+    getCustomField(repository.owner, repository.name, fieldId)
+      .flatMap { field =>
+        CustomFieldBehavior.validate(field, value, messages).map { error =>
+          Ok(error)
+        }
+      }
+      .getOrElse(Ok())
+  })
+
+  ajaxPost("/:owner/:repository/issues/:id/customfield/:fieldId")(writableUsersOnly { repository =>
+    val issueId = params("id").toInt
+    val fieldId = params("fieldId").toInt
+    val value = params("value")
+
+    for {
+      _ <- getIssue(repository.owner, repository.name, issueId.toString)
+      field <- getCustomField(repository.owner, repository.name, fieldId)
+    } {
+      CustomFieldBehavior.validate(field, value, messages) match {
+        case None    => insertOrUpdateCustomFieldValue(field, repository.owner, repository.name, issueId, value)
+        case Some(_) => halt(400)
+      }
+    }
+    Ok(value)
+  })
+
   post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository =>
     val action = params.get("value")
     action match {
@@ -403,7 +457,13 @@ trait IssuesControllerBase extends ControllerBase {
   post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository =>
     val value = assignedUserName("value")
     executeBatch(repository) {
-      updateAssignedUserName(repository.owner, repository.name, _, value, true)
+      //updateAssignedUserName(repository.owner, repository.name, _, value, true)
+      value match {
+        case Some(assignedUserName) =>
+          registerIssueAssignee(repository.owner, repository.name, _, assignedUserName, true)
+        case None =>
+          deleteAllIssueAssignees(repository.owner, repository.name, _, true)
+      }
     }
     if (params("uri").nonEmpty) {
       redirect(params("uri"))

src/main/scala/gitbucket/core/controller/LabelsController.scala

@@ -44,7 +44,7 @@ trait LabelsControllerBase extends ControllerBase {
   get("/:owner/:repository/issues/labels")(referrersOnly { repository =>
     html.list(
       getLabels(repository.owner, repository.name),
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
       repository,
       hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
     )
@@ -59,7 +59,7 @@ trait LabelsControllerBase extends ControllerBase {
     html.label(
       getLabel(repository.owner, repository.name, labelId).get,
       // TODO futility
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
       repository,
       hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
     )
@@ -76,7 +76,7 @@ trait LabelsControllerBase extends ControllerBase {
     html.label(
       getLabel(repository.owner, repository.name, params("labelId").toInt).get,
       // TODO futility
-      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      countIssueGroupByLabels(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
       repository,
       hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
     )

src/main/scala/gitbucket/core/controller/PreProcessController.scala

@@ -29,7 +29,7 @@ trait PreProcessControllerBase extends ControllerBase {
    * If anonymous access is allowed, pass all requests.
    * But if it's not allowed, demands authentication except some paths.
    */
-  get(!context.settings.allowAnonymousAccess, context.loginAccount.isEmpty) {
+  get(!context.settings.basicBehavior.allowAnonymousAccess, context.loginAccount.isEmpty) {
     if (!context.currentPath.startsWith("/assets") && !context.currentPath.startsWith("/signin") &&
         !context.currentPath.startsWith("/register") && !context.currentPath.endsWith("/info/refs") &&
         !context.currentPath.startsWith("/plugin-assets") &&

src/main/scala/gitbucket/core/controller/PrioritiesController.scala

@@ -45,7 +45,7 @@ trait PrioritiesControllerBase extends ControllerBase {
   get("/:owner/:repository/issues/priorities")(referrersOnly { repository =>
     html.list(
       getPriorities(repository.owner, repository.name),
-      countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
       repository,
       hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
     )
@@ -60,7 +60,7 @@ trait PrioritiesControllerBase extends ControllerBase {
       createPriority(repository.owner, repository.name, form.priorityName, form.description, form.color.substring(1))
     html.priority(
       getPriority(repository.owner, repository.name, priorityId).get,
-      countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+      countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
       repository,
       hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
     )
@@ -84,7 +84,7 @@ trait PrioritiesControllerBase extends ControllerBase {
       )
       html.priority(
         getPriority(repository.owner, repository.name, params("priorityId").toInt).get,
-        countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition(), Map.empty),
+        countIssueGroupByPriorities(repository.owner, repository.name, IssuesService.IssueSearchCondition()),
         repository,
         hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
       )

src/main/scala/gitbucket/core/controller/PullRequestsController.scala

@@ -25,6 +25,7 @@ class PullRequestsController
     with PullRequestService
     with MilestonesService
     with LabelsService
+    with CustomFieldsService
     with CommitsService
     with ActivityService
     with WebHookPullRequestService
@@ -44,6 +45,7 @@ trait PullRequestsControllerBase extends ControllerBase {
     with IssuesService
     with MilestonesService
     with LabelsService
+    with CustomFieldsService
     with CommitsService
     with ActivityService
     with PullRequestService
@@ -67,7 +69,7 @@ trait PullRequestsControllerBase extends ControllerBase {
     "commitIdFrom" -> trim(text(required, maxlength(40))),
     "commitIdTo" -> trim(text(required, maxlength(40))),
     "isDraft" -> trim(boolean(required)),
-    "assignedUserName" -> trim(optional(text())),
+    "assigneeUserNames" -> trim(optional(text())),
     "milestoneId" -> trim(optional(number())),
     "priorityId" -> trim(optional(number())),
     "labelNames" -> trim(optional(text()))
@@ -90,7 +92,7 @@ trait PullRequestsControllerBase extends ControllerBase {
     commitIdFrom: String,
     commitIdTo: String,
     isDraft: Boolean,
-    assignedUserName: Option[String],
+    assigneeUserNames: Option[String],
     milestoneId: Option[Int],
     priorityId: Option[Int],
     labelNames: Option[String]
@@ -129,10 +131,12 @@ trait PullRequestsControllerBase extends ControllerBase {
               getPullRequestComments(repository.owner, repository.name, issue.issueId, commits.flatten),
               diffs.size,
               getIssueLabels(repository.owner, repository.name, issueId),
+              getIssueAssignees(repository.owner, repository.name, issueId),
               getAssignableUserNames(repository.owner, repository.name),
               getMilestonesWithIssueCount(repository.owner, repository.name),
               getPriorities(repository.owner, repository.name),
               getLabels(repository.owner, repository.name),
+              getCustomFieldsWithValue(repository.owner, repository.name, issueId).filter(_._1.enableForPullRequests),
               isEditable(repository),
               isManageable(repository),
               hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount),
@@ -505,7 +509,8 @@ trait PullRequestsControllerBase extends ControllerBase {
             getMilestones(originRepository.owner, originRepository.name),
             getPriorities(originRepository.owner, originRepository.name),
             getDefaultPriority(originRepository.owner, originRepository.name),
-            getLabels(originRepository.owner, originRepository.name)
+            getLabels(originRepository.owner, originRepository.name),
+            getCustomFields(originRepository.owner, originRepository.name).filter(_.enableForPullRequests)
           )
         }
         case (oldId, newId) =>
@@ -567,7 +572,6 @@ trait PullRequestsControllerBase extends ControllerBase {
           loginUser = loginAccount.userName,
           title = form.title,
           content = form.content,
-          assignedUserName = if (manageable) form.assignedUserName else None,
           milestoneId = if (manageable) form.milestoneId else None,
           priorityId = if (manageable) form.priorityId else None,
           isPullRequest = true
@@ -587,8 +591,14 @@ trait PullRequestsControllerBase extends ControllerBase {
           settings = context.settings
         )
 
-        // insert labels
         if (manageable) {
+          // insert assignees
+          form.assigneeUserNames.foreach { value =>
+            value.split(",").foreach { userName =>
+              registerIssueAssignee(repository.owner, repository.name, issueId, userName)
+            }
+          }
+          // insert labels
           form.labelNames.foreach { value =>
             val labels = getLabels(repository.owner, repository.name)
             value.split(",").foreach { labelName =>

src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala

@@ -2,7 +2,6 @@ package gitbucket.core.controller
 
 import java.time.{LocalDateTime, ZoneOffset}
 import java.util.Date
-
 import gitbucket.core.settings.html
 import gitbucket.core.model.{RepositoryWebHook, WebHook}
 import gitbucket.core.service._
@@ -21,7 +20,7 @@ import org.eclipse.jgit.lib.Constants
 import org.eclipse.jgit.lib.ObjectId
 
 import scala.util.Using
-import org.scalatra.Forbidden
+import org.scalatra.{Forbidden, Ok}
 
 class RepositorySettingsController
     extends RepositorySettingsControllerBase
@@ -31,6 +30,7 @@ class RepositorySettingsController
     with ProtectedBranchService
     with CommitStatusService
     with DeployKeyService
+    with CustomFieldsService
     with ActivityService
     with OwnerAuthenticator
     with UsersAuthenticator
@@ -43,6 +43,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     with ProtectedBranchService
     with CommitStatusService
     with DeployKeyService
+    with CustomFieldsService
     with ActivityService
     with OwnerAuthenticator
     with UsersAuthenticator =>
@@ -121,6 +122,21 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     "newOwner" -> trim(label("New owner", text(required, transferUser)))
   )(TransferOwnerShipForm.apply)
 
+  // for custom field
+  case class CustomFieldForm(
+    fieldName: String,
+    fieldType: String,
+    enableForIssues: Boolean,
+    enableForPullRequests: Boolean
+  )
+
+  val customFieldForm = mapping(
+    "fieldName" -> trim(label("Field name", text(required, maxlength(100)))),
+    "fieldType" -> trim(label("Field type", text(required))),
+    "enableForIssues" -> trim(label("Enable for issues", boolean(required))),
+    "enableForPullRequests" -> trim(label("Enable for pull requests", boolean(required))),
+  )(CustomFieldForm.apply)
+
   /**
    * Redirect to the Options page.
    */
@@ -390,7 +406,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   post("/:owner/:repository/settings/rename", renameForm)(ownerOnly { (form, repository) =>
     context.withLoginAccount {
       loginAccount =>
-        if (context.settings.repositoryOperation.rename || loginAccount.isAdmin) {
+        if (context.settings.basicBehavior.repositoryOperation.rename || loginAccount.isAdmin) {
           if (repository.name != form.repositoryName) {
             // Update database and move git repository
             renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
@@ -414,7 +430,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
   post("/:owner/:repository/settings/transfer", transferForm)(ownerOnly { (form, repository) =>
     context.withLoginAccount {
       loginAccount =>
-        if (context.settings.repositoryOperation.transfer || loginAccount.isAdmin) {
+        if (context.settings.basicBehavior.repositoryOperation.transfer || loginAccount.isAdmin) {
           // Change repository owner
           if (repository.owner != form.newOwner) {
             // Update database and move git repository
@@ -438,7 +454,7 @@ trait RepositorySettingsControllerBase extends ControllerBase {
    */
   post("/:owner/:repository/settings/delete")(ownerOnly { repository =>
     context.withLoginAccount { loginAccount =>
-      if (context.settings.repositoryOperation.delete || loginAccount.isAdmin) {
+      if (context.settings.basicBehavior.repositoryOperation.delete || loginAccount.isAdmin) {
         // Delete the repository and related files
         deleteRepository(repository.repository)
         redirect(s"/${repository.owner}")
@@ -477,6 +493,58 @@ trait RepositorySettingsControllerBase extends ControllerBase {
     redirect(s"/${repository.owner}/${repository.name}/settings/deploykey")
   })
 
+  /** Custom fields for issues and pull requests */
+  get("/:owner/:repository/settings/issues")(ownerOnly { repository =>
+    val customFields = getCustomFields(repository.owner, repository.name)
+    html.issues(customFields, repository)
+  })
+
+  /** New custom field form */
+  get("/:owner/:repository/settings/issues/fields/new")(ownerOnly { repository =>
+    html.issuesfieldform(None, repository)
+  })
+
+  /** Add custom field */
+  ajaxPost("/:owner/:repository/settings/issues/fields/new", customFieldForm)(ownerOnly { (form, repository) =>
+    val fieldId = createCustomField(
+      repository.owner,
+      repository.name,
+      form.fieldName,
+      form.fieldType,
+      form.enableForIssues,
+      form.enableForPullRequests
+    )
+    html.issuesfield(getCustomField(repository.owner, repository.name, fieldId).get)
+  })
+
+  /** Edit custom field form */
+  ajaxGet("/:owner/:repository/settings/issues/fields/:fieldId/edit")(ownerOnly { repository =>
+    getCustomField(repository.owner, repository.name, params("fieldId").toInt).map { customField =>
+      html.issuesfieldform(Some(customField), repository)
+    } getOrElse NotFound()
+  })
+
+  /** Update custom field */
+  ajaxPost("/:owner/:repository/settings/issues/fields/:fieldId/edit", customFieldForm)(ownerOnly {
+    (form, repository) =>
+      updateCustomField(
+        repository.owner,
+        repository.name,
+        params("fieldId").toInt,
+        form.fieldName,
+        form.fieldType,
+        form.enableForIssues,
+        form.enableForPullRequests
+      )
+      html.issuesfield(getCustomField(repository.owner, repository.name, params("fieldId").toInt).get)
+  })
+
+  /** Delete custom field */
+  ajaxPost("/:owner/:repository/settings/issues/fields/:fieldId/delete")(ownerOnly { repository =>
+    deleteCustomField(repository.owner, repository.name, params("fieldId").toInt)
+    Ok()
+  })
+
   /**
    * Provides duplication check for web hook url.
    */

src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala

@@ -329,50 +329,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   })
 
   post("/:owner/:repository/upload", uploadForm)(writableUsersOnly { (form, repository) =>
-    context.withLoginAccount {
-      loginAccount =>
-        val files = form.uploadFiles
-          .split("\n")
-          .map { line =>
-            val i = line.indexOf(':')
-            CommitFile(line.substring(0, i).trim, line.substring(i + 1).trim)
-          }
-          .toSeq
-
-        val newFiles = files.map { file =>
-          file.copy(name = if (form.path.length == 0) file.name else s"${form.path}/${file.name}")
-        }
-
-        if (form.newBranch) {
-          val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
-          val objectId = _commit(newBranchName, newFiles, loginAccount)
-          val issueId =
-            createIssueAndPullRequest(
-              repository,
-              form.branch,
-              newBranchName,
-              form.commit,
-              objectId.name,
-              form.message,
-              loginAccount
-            )
-          redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-        } else {
-          _commit(form.branch, newFiles, loginAccount)
-          if (form.path.length == 0) {
-            redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}")
-          } else {
-            redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}/${form.path}")
-          }
-        }
-    }
-
     def _commit(
       branchName: String,
       //files: Seq[CommitFile],
       newFiles: Seq[CommitFile],
       loginAccount: Account
-    ): ObjectId = {
+    ): Either[String, ObjectId] = {
       commitFiles(
         repository = repository,
         branch = branchName,
@@ -399,6 +361,52 @@ trait RepositoryViewerControllerBase extends ControllerBase {
           }
       }
     }
+
+    context.withLoginAccount {
+      loginAccount =>
+        val files = form.uploadFiles
+          .split("\n")
+          .map { line =>
+            val i = line.indexOf(':')
+            CommitFile(line.substring(0, i).trim, line.substring(i + 1).trim)
+          }
+          .toSeq
+
+        val newFiles = files.map { file =>
+          file.copy(name = if (form.path.length == 0) file.name else s"${form.path}/${file.name}")
+        }
+
+        if (form.newBranch) {
+          val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
+          _commit(newBranchName, newFiles, loginAccount) match {
+            case Right(objectId) =>
+              val issueId =
+                createIssueAndPullRequest(
+                  repository,
+                  form.branch,
+                  newBranchName,
+                  form.commit,
+                  objectId.name,
+                  form.message,
+                  loginAccount
+                )
+              redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
+        } else {
+          _commit(form.branch, newFiles, loginAccount) match {
+            case Right(_) =>
+              if (form.path.length == 0) {
+                redirect(s"/${repository.owner}/${repository.name}/tree/${encodeRefName(form.branch)}")
+              } else {
+                redirect(
+                  s"/${repository.owner}/${repository.name}/tree/${encodeRefName(form.branch)}/${encodeRefName(form.path)}"
+                )
+              }
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
+        }
+    }
   })
 
   get("/:owner/:repository/edit/*")(writableUsersOnly { repository =>
@@ -456,32 +464,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
   })
 
   post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) =>
-    context.withLoginAccount {
+    def _commit(branchName: String, loginAccount: Account): Either[String, ObjectId] = {
-      loginAccount =>
-        if (form.newBranch) {
-          val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
-          val objectId = _commit(newBranchName, loginAccount)
-          val issueId =
-            createIssueAndPullRequest(
-              repository,
-              form.branch,
-              newBranchName,
-              form.commit,
-              objectId.name,
-              form.message,
-              loginAccount
-            )
-          redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
-        } else {
-          _commit(form.branch, loginAccount)
-          redirect(
-            s"/${repository.owner}/${repository.name}/blob/${form.branch}/${if (form.path.length == 0) urlEncode(form.newFileName)
-            else s"${form.path}/${urlEncode(form.newFileName)}"}"
-          )
-        }
-    }
-
-    def _commit(branchName: String, loginAccount: Account): ObjectId = {
       commitFile(
         repository = repository,
         branch = branchName,
@@ -494,37 +477,48 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         commit = form.commit,
         loginAccount = loginAccount,
         settings = context.settings
-      )._1
+      ).map(_._1)
     }
-  })
 
-  post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
     context.withLoginAccount {
       loginAccount =>
         if (form.newBranch) {
           val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
-          val objectId = _commit(newBranchName, loginAccount)
+          _commit(newBranchName, loginAccount) match {
-          val issueId =
+            case Right(objectId) =>
-            createIssueAndPullRequest(
+              val issueId =
-              repository,
+                createIssueAndPullRequest(
-              form.branch,
+                  repository,
-              newBranchName,
+                  form.branch,
-              form.commit,
+                  newBranchName,
-              objectId.name,
+                  form.commit,
-              form.message,
+                  objectId.name,
-              loginAccount
+                  form.message,
-            )
+                  loginAccount
-          redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+                )
+              redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
         } else {
-          _commit(form.branch, loginAccount)
+          _commit(form.branch, loginAccount) match {
-          redirect(
+            case Right(_) =>
-            s"/${repository.owner}/${repository.name}/blob/${urlEncode(form.branch)}/${if (form.path.length == 0) urlEncode(form.newFileName)
+              if (form.path.length == 0) {
-            else s"${form.path}/${urlEncode(form.newFileName)}"}"
+                redirect(
-          )
+                  s"/${repository.owner}/${repository.name}/blob/${encodeRefName(form.branch)}/${urlEncode(form.newFileName)}"
+                )
+              } else {
+                redirect(
+                  s"/${repository.owner}/${repository.name}/blob/${encodeRefName(form.branch)}/${encodeRefName(form.path)}/${urlEncode(form.newFileName)}"
+                )
+              }
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
         }
     }
+  })
 
-    def _commit(branchName: String, loginAccount: Account): ObjectId = {
+  post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
+    def _commit(branchName: String, loginAccount: Account): Either[String, ObjectId] = {
       commitFile(
         repository = repository,
         branch = branchName,
@@ -541,37 +535,48 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         commit = form.commit,
         loginAccount = loginAccount,
         settings = context.settings
-      )._1
+      ).map(_._1)
     }
-  })
 
-  post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
     context.withLoginAccount {
       loginAccount =>
         if (form.newBranch) {
           val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
-          val objectId = _commit(newBranchName, loginAccount)
+          _commit(newBranchName, loginAccount) match {
-          val issueId =
+            case Right(objectId) =>
-            createIssueAndPullRequest(
+              val issueId =
-              repository,
+                createIssueAndPullRequest(
-              form.branch,
+                  repository,
-              newBranchName,
+                  form.branch,
-              form.commit,
+                  newBranchName,
-              objectId.name,
+                  form.commit,
-              form.message,
+                  objectId.name,
-              loginAccount
+                  form.message,
-            )
+                  loginAccount
-          redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+                )
+              redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
         } else {
-          _commit(form.branch, loginAccount)
+          _commit(form.branch, loginAccount) match {
-          redirect(
+            case Right(_) =>
-            s"/${repository.owner}/${repository.name}/tree/${form.branch}${if (form.path.length == 0) ""
+              if (form.path.length == 0) {
-            else "/" + form.path}"
+                redirect(
-          )
+                  s"/${repository.owner}/${repository.name}/blob/${encodeRefName(form.branch)}/${urlEncode(form.newFileName)}"
+                )
+              } else {
+                redirect(
+                  s"/${repository.owner}/${repository.name}/blob/${encodeRefName(form.branch)}/${encodeRefName(form.path)}/${urlEncode(form.newFileName)}"
+                )
+              }
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
         }
     }
+  })
 
-    def _commit(branchName: String, loginAccount: Account): ObjectId = {
+  post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
+    def _commit(branchName: String, loginAccount: Account): Either[String, ObjectId] = {
       commitFile(
         repository = repository,
         branch = branchName,
@@ -584,7 +589,41 @@ trait RepositoryViewerControllerBase extends ControllerBase {
         commit = form.commit,
         loginAccount = loginAccount,
         settings = context.settings
-      )._1
+      ).map(_._1)
+    }
+
+    context.withLoginAccount {
+      loginAccount =>
+        if (form.newBranch) {
+          val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
+          _commit(newBranchName, loginAccount) match {
+            case Right(objectId) =>
+              val issueId =
+                createIssueAndPullRequest(
+                  repository,
+                  form.branch,
+                  newBranchName,
+                  form.commit,
+                  objectId.name,
+                  form.message,
+                  loginAccount
+                )
+              redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
+        } else {
+          _commit(form.branch, loginAccount) match {
+            case Right(_) =>
+              if (form.path.length == 0) {
+                redirect(s"/${repository.owner}/${repository.name}/tree/${encodeRefName(form.branch)}")
+              } else {
+                redirect(
+                  s"/${repository.owner}/${repository.name}/tree/${encodeRefName(form.branch)}/${encodeRefName(form.path)}"
+                )
+              }
+            case Left(error) => Forbidden(gitbucket.core.html.error(error))
+          }
+        }
     }
   })
 
@@ -640,7 +679,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
       loginUser = loginAccount.userName,
       title = requestBranch,
       content = commitMessage,
-      assignedUserName = None,
       milestoneId = None,
       priorityId = None,
       isPullRequest = true

src/main/scala/gitbucket/core/controller/SystemSettingsController.scala

@@ -34,19 +34,22 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
   private val form = mapping(
     "baseUrl" -> trim(label("Base URL", optional(text()))),
     "information" -> trim(label("Information", optional(text()))),
-    "allowAccountRegistration" -> trim(label("Account registration", boolean())),
+    "basicBehavior" -> mapping(
-    "allowAnonymousAccess" -> trim(label("Anonymous access", boolean())),
+      "allowAccountRegistration" -> trim(label("Account registration", boolean())),
-    "isCreateRepoOptionPublic" -> trim(label("Default visibility of new repository", boolean())),
+      "allowResetPassword" -> trim(label("Reset password", boolean())),
-    "repositoryOperation" -> mapping(
+      "allowAnonymousAccess" -> trim(label("Anonymous access", boolean())),
-      "create" -> trim(label("Allow all users to create repository", boolean())),
+      "isCreateRepoOptionPublic" -> trim(label("Default visibility of new repository", boolean())),
-      "delete" -> trim(label("Allow all users to delete repository", boolean())),
+      "repositoryOperation" -> mapping(
-      "rename" -> trim(label("Allow all users to rename repository", boolean())),
+        "create" -> trim(label("Allow all users to create repository", boolean())),
-      "transfer" -> trim(label("Allow all users to transfer repository", boolean())),
+        "delete" -> trim(label("Allow all users to delete repository", boolean())),
-      "fork" -> trim(label("Allow all users to fork repository", boolean()))
+        "rename" -> trim(label("Allow all users to rename repository", boolean())),
-    )(RepositoryOperation.apply),
+        "transfer" -> trim(label("Allow all users to transfer repository", boolean())),
-    "gravatar" -> trim(label("Gravatar", boolean())),
+        "fork" -> trim(label("Allow all users to fork repository", boolean()))
-    "notification" -> trim(label("Notification", boolean())),
+      )(RepositoryOperation.apply),
-    "limitVisibleRepositories" -> trim(label("limitVisibleRepositories", boolean())),
+      "gravatar" -> trim(label("Gravatar", boolean())),
+      "notification" -> trim(label("Notification", boolean())),
+      "limitVisibleRepositories" -> trim(label("limitVisibleRepositories", boolean())),
+    )(BasicBehavior.apply),
     "ssh" -> mapping(
       "enabled" -> trim(label("SSH access", boolean())),
       "bindAddress" -> mapping(
@@ -334,7 +337,12 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
 
   post("/admin/system/sendmail", sendMailForm)(adminOnly { form =>
     try {
-      new Mailer(context.settings.copy(smtp = Some(form.smtp), notification = true)).send(
+      new Mailer(
+        context.settings.copy(
+          smtp = Some(form.smtp),
+          basicBehavior = context.settings.basicBehavior.copy(notification = true)
+        )
+      ).send(
         to = form.testAddress,
         subject = "Test message from GitBucket",
         textMsg = "This is a test message from GitBucket.",

src/main/scala/gitbucket/core/controller/api/ApiIssueControllerBase.scala

@@ -29,9 +29,9 @@ trait ApiIssueControllerBase extends ControllerBase {
     val page = IssueSearchCondition.page(request)
     // TODO: more api spec condition
     val condition = IssueSearchCondition(request)
-    val baseOwner = getAccountByUserName(repository.owner).get
+    //val baseOwner = getAccountByUserName(repository.owner).get
 
-    val issues: List[(Issue, Account, Option[Account])] =
+    val issues: List[(Issue, Account, List[Account])] =
       searchIssueByApi(
         condition = condition,
         offset = (page - 1) * PullRequestLimit,
@@ -40,12 +40,12 @@ trait ApiIssueControllerBase extends ControllerBase {
       )
 
     JsonFormat(issues.map {
-      case (issue, issueUser, assignedUser) =>
+      case (issue, issueUser, assigneeUsers) =>
         ApiIssue(
           issue = issue,
           repositoryName = RepositoryName(repository),
           user = ApiUser(issueUser),
-          assignee = assignedUser.map(ApiUser(_)),
+          assignees = assigneeUsers.map(ApiUser(_)),
           labels = getIssueLabels(repository.owner, repository.name, issue.issueId)
             .map(ApiLabel(_, RepositoryName(repository))),
           issue.milestoneId.flatMap { getApiMilestone(repository, _) }
@@ -61,7 +61,8 @@ trait ApiIssueControllerBase extends ControllerBase {
     (for {
       issueId <- params("id").toIntOpt
       issue <- getIssue(repository.owner, repository.name, issueId.toString)
-      users = getAccountsByUserNames(Set(issue.openedUserName) ++ issue.assignedUserName, Set())
+      assigneeUsers = getIssueAssignees(repository.owner, repository.name, issueId)
+      users = getAccountsByUserNames(Set(issue.openedUserName) ++ assigneeUsers.map(_.assigneeUserName), Set())
       openedUser <- users.get(issue.openedUserName)
     } yield {
       JsonFormat(
@@ -69,7 +70,7 @@ trait ApiIssueControllerBase extends ControllerBase {
           issue,
           RepositoryName(repository),
           ApiUser(openedUser),
-          issue.assignedUserName.flatMap(users.get(_)).map(ApiUser(_)),
+          assigneeUsers.flatMap(x => users.get(x.assigneeUserName)).map(ApiUser(_)),
           getIssueLabels(repository.owner, repository.name, issue.issueId).map(ApiLabel(_, RepositoryName(repository))),
           issue.milestoneId.flatMap { getApiMilestone(repository, _) }
         )
@@ -92,7 +93,7 @@ trait ApiIssueControllerBase extends ControllerBase {
           repository,
           data.title,
           data.body,
-          data.assignees.headOption,
+          data.assignees,
           milestone.map(_.milestoneId),
           None,
           data.labels,
@@ -103,7 +104,9 @@ trait ApiIssueControllerBase extends ControllerBase {
             issue,
             RepositoryName(repository),
             ApiUser(loginAccount),
-            issue.assignedUserName.flatMap(getAccountByUserName(_)).map(ApiUser(_)),
+            getIssueAssignees(repository.owner, repository.name, issue.issueId)
+              .flatMap(x => getAccountByUserName(x.assigneeUserName, false))
+              .map(ApiUser.apply),
             getIssueLabels(repository.owner, repository.name, issue.issueId)
               .map(ApiLabel(_, RepositoryName(repository))),
             issue.milestoneId.flatMap { getApiMilestone(repository, _) }

src/main/scala/gitbucket/core/controller/api/ApiPullRequestControllerBase.scala

@@ -40,7 +40,7 @@ trait ApiPullRequestControllerBase extends ControllerBase {
     val condition = IssueSearchCondition(request)
     val baseOwner = getAccountByUserName(repository.owner).get
 
-    val issues: List[(Issue, Account, Int, PullRequest, Repository, Account, Option[Account])] =
+    val issues: List[(Issue, Account, Int, PullRequest, Repository, Account, List[Account])] =
       searchPullRequestByApi(
         condition = condition,
         offset = (page - 1) * PullRequestLimit,
@@ -49,7 +49,7 @@ trait ApiPullRequestControllerBase extends ControllerBase {
       )
 
     JsonFormat(issues.map {
-      case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner, assignee) =>
+      case (issue, issueUser, commentCount, pullRequest, headRepo, headOwner, assignees) =>
         ApiPullRequest(
           issue = issue,
           pullRequest = pullRequest,
@@ -58,7 +58,7 @@ trait ApiPullRequestControllerBase extends ControllerBase {
           user = ApiUser(issueUser),
           labels = getIssueLabels(repository.owner, repository.name, issue.issueId)
             .map(ApiLabel(_, RepositoryName(repository))),
-          assignee = assignee.map(ApiUser.apply),
+          assignees = assignees.map(ApiUser.apply),
           mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
         )
     })
@@ -99,7 +99,6 @@ trait ApiPullRequestControllerBase extends ControllerBase {
                       loginUser = context.loginAccount.get.userName,
                       title = createPullReq.title,
                       content = createPullReq.body,
-                      assignedUserName = None,
                       milestoneId = None,
                       priorityId = None,
                       isPullRequest = true
@@ -319,8 +318,8 @@ trait ApiPullRequestControllerBase extends ControllerBase {
       baseOwner <- users.get(repository.owner)
       headOwner <- users.get(pullRequest.requestUserName)
       issueUser <- users.get(issue.openedUserName)
-      assignee = issue.assignedUserName.flatMap { userName =>
+      assignees = getIssueAssignees(repository.owner, repository.name, issueId).flatMap { assignedUser =>
-        getAccountByUserName(userName, false)
+        getAccountByUserName(assignedUser.assigneeUserName, false)
       }
       headRepo <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
     } yield {
@@ -332,7 +331,7 @@ trait ApiPullRequestControllerBase extends ControllerBase {
         user = ApiUser(issueUser),
         labels = getIssueLabels(repository.owner, repository.name, issue.issueId)
           .map(ApiLabel(_, RepositoryName(repository))),
-        assignee = assignee.map(ApiUser.apply),
+        assignees = assignees.map(ApiUser.apply),
         mergedComment = getMergedComment(repository.owner, repository.name, issue.issueId)
       )
     }

src/main/scala/gitbucket/core/controller/api/ApiRepositoryCommitControllerBase.scala

@@ -9,9 +9,23 @@ import gitbucket.core.util.JGitUtil.{CommitInfo, getBranches, getBranchesOfCommi
 import gitbucket.core.util.{JGitUtil, ReferrerAuthenticator, RepositoryName}
 import org.eclipse.jgit.api.Git
 import org.eclipse.jgit.revwalk.RevWalk
-
+import org.eclipse.jgit.revwalk.filter.{
+  AndRevFilter,
+  AuthorRevFilter,
+  CommitTimeRevFilter,
+  MaxCountRevFilter,
+  RevFilter,
+  SkipRevFilter
+}
+import org.eclipse.jgit.treewalk.filter.{AndTreeFilter, PathFilterGroup, TreeFilter}
+import scala.collection.mutable.ListBuffer
 import scala.jdk.CollectionConverters._
 import scala.util.Using
+import math.min
+import java.time.LocalDateTime
+import java.time.format.DateTimeFormatter._
+import java.util.Date
+import java.time.ZoneOffset
 
 trait ApiRepositoryCommitControllerBase extends ControllerBase {
   self: AccountService with CommitsService with ProtectedBranchService with ReferrerAuthenticator =>
@@ -22,8 +36,13 @@ trait ApiRepositoryCommitControllerBase extends ControllerBase {
   get("/api/v3/repos/:owner/:repository/commits")(referrersOnly { repository =>
     val owner = repository.owner
     val name = repository.name
-    // TODO: The following parameters need to be implemented. [:path, :author, :since, :until]
+    val sha = params.get("sha").filter(_.nonEmpty).getOrElse("HEAD")
-    val sha = params.getOrElse("sha", "refs/heads/master")
+    val page = params.get("page").filter(_.nonEmpty).getOrElse("1").toInt
+    val per_page = min(params.get("per_page").filter(_.nonEmpty).getOrElse("30").toInt, 100)
+    val author = params.get("author").filter(_.nonEmpty)
+    val path = params.get("path").filter(_.nonEmpty)
+    val since = params.get("since").filter(_.nonEmpty)
+    val until = params.get("until").filter(_.nonEmpty)
     Using.resource(Git.open(getRepositoryDir(owner, name))) {
       git =>
         val repo = git.getRepository
@@ -31,7 +50,37 @@ trait ApiRepositoryCommitControllerBase extends ControllerBase {
           revWalk =>
             val objectId = repo.resolve(sha)
             revWalk.markStart(revWalk.parseCommit(objectId))
-            JsonFormat(revWalk.asScala.take(30).map {
+            if (path.nonEmpty) {
+              revWalk.setTreeFilter(
+                AndTreeFilter.create(PathFilterGroup.createFromStrings(path.get), TreeFilter.ANY_DIFF)
+              )
+            }
+            val revfilters = new ListBuffer[(RevFilter)]()
+            if (author.nonEmpty) {
+              revfilters += AuthorRevFilter.create(author.get)
+            }
+            if (since.nonEmpty) {
+              revfilters += CommitTimeRevFilter.after(
+                Date.from(LocalDateTime.parse(since.get, ISO_DATE_TIME).toInstant(ZoneOffset.UTC))
+              )
+            }
+            if (until.nonEmpty) {
+              revfilters += CommitTimeRevFilter.before(
+                Date.from(LocalDateTime.parse(until.get, ISO_DATE_TIME).toInstant(ZoneOffset.UTC))
+              )
+            }
+            if (page > 1) {
+              revfilters += SkipRevFilter.create(page * per_page - 2)
+            }
+            revfilters += MaxCountRevFilter.create(per_page);
+            revWalk.setRevFilter(
+              if (revfilters.size > 1) {
+                AndRevFilter.create(revfilters.toArray)
+              } else {
+                revfilters(0)
+              }
+            )
+            JsonFormat(revWalk.asScala.map {
               commit =>
                 val commitInfo = new CommitInfo(commit)
                 ApiCommits(

src/main/scala/gitbucket/core/controller/api/ApiRepositoryContentsControllerBase.scala

@@ -157,7 +157,7 @@ trait ApiRepositoryContentsControllerBase extends ControllerBase {
                     Some("https://docs.github.com/en/rest/reference/repos#create-or-update-file-contents")
                   )
                 case _ =>
-                  val (commitId, blobId) = commitFile(
+                  commitFile(
                     repository,
                     branch,
                     path,
@@ -170,12 +170,12 @@ trait ApiRepositoryContentsControllerBase extends ControllerBase {
                     data.committer.map(_.name).getOrElse(loginAccount.fullName),
                     data.committer.map(_.email).getOrElse(loginAccount.mailAddress),
                     context.settings
-                  )
+                  ) match {
-
+                    case Left(error) =>
-                  blobId match {
+                      ApiError(s"Failed to commit a file: ${error}", None)
-                    case None =>
+                    case Right((_, None)) =>
                       ApiError("Failed to commit a file.", None)
-                    case Some(blobId) =>
+                    case Right((commitId, Some(blobId))) =>
                       Map(
                         "content" -> ApiContents(
                           "file",

src/main/scala/gitbucket/core/model/CustomField.scala

@@ -0,0 +1,191 @@
+package gitbucket.core.model
+
+import gitbucket.core.controller.Context
+import gitbucket.core.service.RepositoryService.RepositoryInfo
+import gitbucket.core.util.StringUtil
+import gitbucket.core.view.helpers
+import org.scalatra.i18n.Messages
+
+trait CustomFieldComponent extends TemplateComponent { self: Profile =>
+  import profile.api._
+
+  lazy val CustomFields = TableQuery[CustomFields]
+
+  class CustomFields(tag: Tag) extends Table[CustomField](tag, "CUSTOM_FIELD") with BasicTemplate {
+    val fieldId = column[Int]("FIELD_ID", O AutoInc)
+    val fieldName = column[String]("FIELD_NAME")
+    val fieldType = column[String]("FIELD_TYPE")
+    val enableForIssues = column[Boolean]("ENABLE_FOR_ISSUES")
+    val enableForPullRequests = column[Boolean]("ENABLE_FOR_PULL_REQUESTS")
+    def * =
+      (userName, repositoryName, fieldId, fieldName, fieldType, enableForIssues, enableForPullRequests)
+        .<>(CustomField.tupled, CustomField.unapply)
+
+    def byPrimaryKey(userName: String, repositoryName: String, fieldId: Int) =
+      (this.userName === userName.bind) && (this.repositoryName === repositoryName.bind) && (this.fieldId === fieldId.bind)
+  }
+}
+
+case class CustomField(
+  userName: String,
+  repositoryName: String,
+  fieldId: Int = 0,
+  fieldName: String,
+  fieldType: String, // long, double, string, or date
+  enableForIssues: Boolean,
+  enableForPullRequests: Boolean
+)
+
+trait CustomFieldBehavior {
+  def createHtml(repository: RepositoryInfo, fieldId: Int)(implicit conext: Context): String
+  def fieldHtml(repository: RepositoryInfo, issueId: Int, fieldId: Int, value: String, editable: Boolean)(
+    implicit context: Context
+  ): String
+  def validate(name: String, value: String, messages: Messages): Option[String]
+}
+
+object CustomFieldBehavior {
+  def validate(field: CustomField, value: String, messages: Messages): Option[String] = {
+    if (value.isEmpty) None
+    else {
+      CustomFieldBehavior(field.fieldType).flatMap { behavior =>
+        behavior.validate(field.fieldName, value, messages)
+      }
+    }
+  }
+
+  def apply(fieldType: String): Option[CustomFieldBehavior] = {
+    fieldType match {
+      case "long"   => Some(LongFieldBehavior)
+      case "double" => Some(DoubleFieldBehavior)
+      case "string" => Some(StringFieldBehavior)
+      case "date"   => Some(DateFieldBehavior)
+      case _        => None
+    }
+  }
+
+  case object LongFieldBehavior extends TextFieldBehavior {
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      try {
+        value.toLong
+        None
+      } catch {
+        case _: NumberFormatException => Some(messages("error.number").format(name))
+      }
+    }
+  }
+  case object DoubleFieldBehavior extends TextFieldBehavior {
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      try {
+        value.toDouble
+        None
+      } catch {
+        case _: NumberFormatException => Some(messages("error.number").format(name))
+      }
+    }
+  }
+  case object StringFieldBehavior extends TextFieldBehavior
+  case object DateFieldBehavior extends TextFieldBehavior {
+    private val pattern = "yyyy-MM-dd"
+    override protected val fieldType: String = "date"
+
+    override def validate(name: String, value: String, messages: Messages): Option[String] = {
+      try {
+        new java.text.SimpleDateFormat(pattern).parse(value)
+        None
+      } catch {
+        case _: java.text.ParseException =>
+          Some(messages("error.datePattern").format(name, pattern))
+      }
+    }
+  }
+
+  trait TextFieldBehavior extends CustomFieldBehavior {
+    protected val fieldType = "text"
+
+    def createHtml(repository: RepositoryInfo, fieldId: Int)(implicit context: Context): String = {
+      val sb = new StringBuilder
+      sb.append(
+        s"""<input type="$fieldType" class="form-control input-sm" id="custom-field-$fieldId" name="custom-field-$fieldId" data-field-id="$fieldId" style="width: 120px;"/>"""
+      )
+      sb.append(s"""<script>
+                   |$$('#custom-field-$fieldId').focusout(function(){
+                   |  const $$this = $$(this);
+                   |  const fieldId = $$this.data('field-id');
+                   |  $$.post('${helpers.url(repository)}/issues/customfield_validation/' + fieldId,
+                   |    { value: $$this.val() },
+                   |    function(data){
+                   |      if (data != '') {
+                   |        $$('#custom-field-$fieldId-error').text(data);
+                   |      } else {
+                   |        $$('#custom-field-$fieldId-error').text('');
+                   |      }
+                   |    }
+                   |  );
+                   |});
+                   |</script>
+                   |""".stripMargin)
+      sb.toString()
+    }
+
+    def fieldHtml(repository: RepositoryInfo, issueId: Int, fieldId: Int, value: String, editable: Boolean)(
+      implicit context: Context
+    ): String = {
+      val sb = new StringBuilder
+      sb.append(
+        s"""<span id="custom-field-$fieldId-label" class="custom-field-label">${StringUtil
+             .escapeHtml(value)}</span>""".stripMargin
+      )
+      if (editable) {
+        sb.append(
+          s"""<input type="$fieldType" id="custom-field-$fieldId-editor" class="form-control input-sm custom-field-editor" data-field-id="$fieldId" style="width: 120px; display: none;"/>"""
+        )
+        sb.append(s"""<script>
+            |$$('#custom-field-$fieldId-label').click(function(){
+            |  const $$this = $$(this);
+            |  $$this.hide();
+            |  $$this.next().val($$this.text()).show().focus();
+            |});
+            |
+            |$$('#custom-field-$fieldId-editor').focusout(function(){
+            |  const $$this = $$(this);
+            |  const fieldId = $$this.data('field-id');
+            |  $$.post('${helpers.url(repository)}/issues/customfield_validation/' + fieldId,
+            |    { value: $$this.val() },
+            |    function(data){
+            |      if (data != '') {
+            |        $$('#custom-field-$fieldId-error').text(data);
+            |      } else {
+            |        $$('#custom-field-$fieldId-error').text('');
+            |        $$.post('${helpers.url(repository)}/issues/$issueId/customfield/' + fieldId,
+            |          { value: $$this.val() },
+            |          function(data){
+            |            $$this.hide();
+            |            $$this.prev().text(data).show();
+            |          }
+            |        );
+            |      }
+            |    }
+            |  );
+            |});
+            |
+            |// ESC key handling in text field
+            |$$('#custom-field-$fieldId-editor').keyup(function(e){
+            |  if (e.keyCode == 27) {
+            |    const $$this = $$(this);
+            |    $$this.hide();
+            |    $$this.prev().show();
+            |  }
+            |  if (e.keyCode == 13) {
+            |    $$('#custom-field-$fieldId-editor').blur();
+            |  }
+            |});
+            |</script>
+            |""".stripMargin)
+      }
+      sb.toString()
+    }
+
+    def validate(name: String, value: String, messages: Messages): Option[String] = None
+  }
+}

src/main/scala/gitbucket/core/model/Issue.scala

@@ -27,7 +27,6 @@ trait IssueComponent extends TemplateComponent { self: Profile =>
       with MilestoneTemplate
       with PriorityTemplate {
     val openedUserName = column[String]("OPENED_USER_NAME")
-    val assignedUserName = column[String]("ASSIGNED_USER_NAME")
     val title = column[String]("TITLE")
     val content = column[String]("CONTENT")
     val closed = column[Boolean]("CLOSED")
@@ -42,7 +41,6 @@ trait IssueComponent extends TemplateComponent { self: Profile =>
         openedUserName,
         milestoneId.?,
         priorityId.?,
-        assignedUserName.?,
         title,
         content.?,
         closed,
@@ -62,7 +60,6 @@ case class Issue(
   openedUserName: String,
   milestoneId: Option[Int],
   priorityId: Option[Int],
-  assignedUserName: Option[String],
   title: String,
   content: Option[String],
   closed: Boolean,

src/main/scala/gitbucket/core/model/IssueAssignee.scala

@@ -0,0 +1,26 @@
+package gitbucket.core.model
+
+trait IssueAssigneeComponent extends TemplateComponent { self: Profile =>
+  import profile.api._
+  import self._
+
+  lazy val IssueAssignees = TableQuery[IssueAssignees]
+
+  class IssueAssignees(tag: Tag) extends Table[IssueAssignee](tag, "ISSUE_ASSIGNEE") with IssueTemplate {
+    val assigneeUserName = column[String]("ASSIGNEE_USER_NAME")
+    def * =
+      (userName, repositoryName, issueId, assigneeUserName)
+        .<>(IssueAssignee.tupled, IssueAssignee.unapply)
+
+    def byPrimaryKey(owner: String, repository: String, issueId: Int, assigneeUserName: String) = {
+      byIssue(owner, repository, issueId) && this.assigneeUserName === assigneeUserName.bind
+    }
+  }
+}
+
+case class IssueAssignee(
+  userName: String,
+  repositoryName: String,
+  issueId: Int,
+  assigneeUserName: String
+)

src/main/scala/gitbucket/core/model/IssueCustomFields.scala

@@ -0,0 +1,31 @@
+package gitbucket.core.model
+
+trait IssueCustomFieldComponent extends TemplateComponent { self: Profile =>
+  import profile.api._
+  import self._
+
+  lazy val IssueCustomFields = TableQuery[IssueCustomFields]
+
+  class IssueCustomFields(tag: Tag) extends Table[IssueCustomField](tag, "ISSUE_CUSTOM_FIELD") {
+    val userName = column[String]("USER_NAME", O.PrimaryKey)
+    val repositoryName = column[String]("REPOSITORY_NAME", O.PrimaryKey)
+    val issueId = column[Int]("ISSUE_ID", O.PrimaryKey)
+    val fieldId = column[Int]("FIELD_ID", O.PrimaryKey)
+    val value = column[String]("VALUE")
+    def * =
+      (userName, repositoryName, issueId, fieldId, value)
+        .<>(IssueCustomField.tupled, IssueCustomField.unapply)
+
+    def byPrimaryKey(owner: String, repository: String, issueId: Int, fieldId: Int) = {
+      this.userName === owner.bind && this.repositoryName === repository.bind && this.issueId === issueId.bind && this.fieldId === fieldId.bind
+    }
+  }
+}
+
+case class IssueCustomField(
+  userName: String,
+  repositoryName: String,
+  issueId: Int,
+  fieldId: Int,
+  value: String
+)

src/main/scala/gitbucket/core/model/Profile.scala

@@ -73,5 +73,8 @@ trait CoreProfile
     with ReleaseAssetComponent
     with AccountExtraMailAddressComponent
     with AccountPreferenceComponent
+    with CustomFieldComponent
+    with IssueCustomFieldComponent
+    with IssueAssigneeComponent
 
 object Profile extends CoreProfile

src/main/scala/gitbucket/core/plugin/Plugin.scala

@@ -1,14 +1,15 @@
 package gitbucket.core.plugin
 
 import javax.servlet.ServletContext
-
 import gitbucket.core.controller.{Context, ControllerBase}
 import gitbucket.core.model.{Account, Issue}
 import gitbucket.core.service.RepositoryService.RepositoryInfo
 import gitbucket.core.service.SystemSettingsService.SystemSettings
 import io.github.gitbucket.solidbase.model.Version
+import org.apache.sshd.server.channel.ChannelSession
 import org.apache.sshd.server.command.Command
 import play.twirl.api.Html
+
 import scala.util.Using
 
 /**
@@ -323,7 +324,7 @@ abstract class Plugin {
   /**
    * Override to add ssh command providers.
    */
-  val sshCommandProviders: Seq[PartialFunction[String, Command]] = Nil
+  val sshCommandProviders: Seq[PartialFunction[String, ChannelSession => Command]] = Nil
 
   /**
    * Override to add ssh command providers.
@@ -332,7 +333,7 @@ abstract class Plugin {
     registry: PluginRegistry,
     context: ServletContext,
     settings: SystemSettings
-  ): Seq[PartialFunction[String, Command]] = Nil
+  ): Seq[PartialFunction[String, ChannelSession => Command]] = Nil
 
   /**
    * This method is invoked in initialization of plugin system.

src/main/scala/gitbucket/core/plugin/PluginRegistry.scala

@@ -6,7 +6,6 @@ import java.nio.file.{Files, Paths, StandardWatchEventKinds}
 import java.util.Base64
 import java.util.concurrent.ConcurrentLinkedQueue
 import java.util.concurrent.ConcurrentHashMap
-
 import javax.servlet.ServletContext
 import com.github.zafarkhaja.semver.Version
 import gitbucket.core.controller.{Context, ControllerBase}
@@ -21,6 +20,7 @@ import io.github.gitbucket.solidbase.Solidbase
 import io.github.gitbucket.solidbase.manager.JDBCVersionManager
 import io.github.gitbucket.solidbase.model.Module
 import org.apache.commons.io.FileUtils
+import org.apache.sshd.server.channel.ChannelSession
 import org.apache.sshd.server.command.Command
 import org.slf4j.LoggerFactory
 import play.twirl.api.Html
@@ -58,7 +58,7 @@ class PluginRegistry {
   private val suggestionProviders = new ConcurrentLinkedQueue[SuggestionProvider]
   suggestionProviders.add(new UserNameSuggestionProvider())
   suggestionProviders.add(new IssueSuggestionProvider())
-  private val sshCommandProviders = new ConcurrentLinkedQueue[PartialFunction[String, Command]]()
+  private val sshCommandProviders = new ConcurrentLinkedQueue[PartialFunction[String, ChannelSession => Command]]()
 
   def addPlugin(pluginInfo: PluginInfo): Unit = plugins.add(pluginInfo)
 
@@ -177,10 +177,11 @@ class PluginRegistry {
 
   def getSuggestionProviders: Seq[SuggestionProvider] = suggestionProviders.asScala.toSeq
 
-  def addSshCommandProvider(sshCommandProvider: PartialFunction[String, Command]): Unit =
+  def addSshCommandProvider(sshCommandProvider: PartialFunction[String, ChannelSession => Command]): Unit =
     sshCommandProviders.add(sshCommandProvider)
 
-  def getSshCommandProviders: Seq[PartialFunction[String, Command]] = sshCommandProviders.asScala.toSeq
+  def getSshCommandProviders: Seq[PartialFunction[String, ChannelSession => Command]] =
+    sshCommandProviders.asScala.toSeq
 }
 
 /**

src/main/scala/gitbucket/core/service/AccountService.scala

@@ -7,9 +7,14 @@ import gitbucket.core.model.Profile.profile.blockingApi._
 import gitbucket.core.model.Profile.dateColumnType
 import gitbucket.core.util.{LDAPUtil, StringUtil}
 import StringUtil._
+import com.nimbusds.jose.{JWSAlgorithm, JWSHeader}
+import com.nimbusds.jose.crypto.{MACSigner, MACVerifier}
+import com.nimbusds.jwt.{JWTClaimsSet, SignedJWT}
 import gitbucket.core.plugin.PluginRegistry
 import gitbucket.core.service.SystemSettingsService.SystemSettings
 
+import java.security.SecureRandom
+
 trait AccountService {
 
   private val logger = LoggerFactory.getLogger(classOf[AccountService])
@@ -60,28 +65,28 @@ trait AccountService {
       case Right(ldapUserInfo) => {
         // Create or update account by LDAP information
         getAccountByUserName(ldapUserInfo.userName, true) match {
-          case Some(x) if (!x.isRemoved) => {
+          case Some(x) =>
-            if (settings.ldap.get.mailAttribute.getOrElse("").isEmpty) {
+            if (x.isRemoved) {
-              updateAccount(x.copy(fullName = ldapUserInfo.fullName))
+              logger.info("LDAP Authentication Failed: Account is already registered but disabled.")
+              defaultAuthentication(userName, password)
             } else {
-              updateAccount(x.copy(mailAddress = ldapUserInfo.mailAddress, fullName = ldapUserInfo.fullName))
+              if (settings.ldap.get.mailAttribute.getOrElse("").isEmpty) {
+                updateAccount(x.copy(fullName = ldapUserInfo.fullName))
+              } else {
+                updateAccount(x.copy(mailAddress = ldapUserInfo.mailAddress, fullName = ldapUserInfo.fullName))
+              }
+              getAccountByUserName(ldapUserInfo.userName)
             }
-            getAccountByUserName(ldapUserInfo.userName)
-          }
-          case Some(x) if (x.isRemoved) => {
-            logger.info("LDAP Authentication Failed: Account is already registered but disabled.")
-            defaultAuthentication(userName, password)
-          }
           case None =>
             getAccountByMailAddress(ldapUserInfo.mailAddress, true) match {
-              case Some(x) if (!x.isRemoved) => {
+              case Some(x) =>
-                updateAccount(x.copy(fullName = ldapUserInfo.fullName))
+                if (x.isRemoved) {
-                getAccountByUserName(ldapUserInfo.userName)
+                  logger.info("LDAP Authentication Failed: Account is already registered but disabled.")
-              }
+                  defaultAuthentication(userName, password)
-              case Some(x) if (x.isRemoved) => {
+                } else {
-                logger.info("LDAP Authentication Failed: Account is already registered but disabled.")
+                  updateAccount(x.copy(fullName = ldapUserInfo.fullName))
-                defaultAuthentication(userName, password)
+                  getAccountByUserName(ldapUserInfo.userName)
-              }
+                }
               case None => {
                 createAccount(
                   ldapUserInfo.userName,
@@ -337,6 +342,33 @@ trait AccountService {
     }
   }
 
+  def generateResetPasswordToken(mailAddress: String): String = {
+    val claimsSet = new JWTClaimsSet.Builder()
+      .claim("mailAddress", mailAddress)
+      .expirationTime(new java.util.Date(System.currentTimeMillis() + 10 * 1000))
+      .build()
+
+    val signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claimsSet)
+    signedJWT.sign(new MACSigner(AccountService.jwtSecretKey))
+
+    signedJWT.serialize()
+  }
+
+  def decodeResetPasswordToken(token: String): Option[String] = {
+    try {
+      val signedJWT = SignedJWT.parse(token)
+      val verifier = new MACVerifier(AccountService.jwtSecretKey)
+      if (signedJWT.verify(verifier) && new java.util.Date().before(signedJWT.getJWTClaimsSet().getExpirationTime())) {
+        Some(signedJWT.getPayload.toJSONObject.get("mailAddress").toString)
+      } else None
+    } catch {
+      case _: Exception => None
+    }
+  }
 }
 
-object AccountService extends AccountService
+object AccountService extends AccountService {
+  // 256-bit key for HS256 which must be pre-shared
+  val jwtSecretKey = new Array[Byte](32)
+  new SecureRandom().nextBytes(jwtSecretKey)
+}

src/main/scala/gitbucket/core/service/CustomFieldsService.scala

@@ -0,0 +1,94 @@
+package gitbucket.core.service
+
+import gitbucket.core.model.{CustomField, IssueCustomField}
+import gitbucket.core.model.Profile._
+import gitbucket.core.model.Profile.profile.blockingApi._
+
+trait CustomFieldsService {
+
+  def getCustomFields(owner: String, repository: String)(implicit s: Session): List[CustomField] =
+    CustomFields.filter(_.byRepository(owner, repository)).sortBy(_.fieldId asc).list
+
+  def getCustomFieldsWithValue(owner: String, repository: String, issueId: Int)(
+    implicit s: Session
+  ): List[(CustomField, Option[IssueCustomField])] = {
+    CustomFields
+      .filter(_.byRepository(owner, repository))
+      .joinLeft(IssueCustomFields)
+      .on { case (t1, t2) => t1.fieldId === t2.fieldId && t2.issueId === issueId.bind }
+      .sortBy { case (t1, t2) => t1.fieldId }
+      .list
+  }
+
+  def getCustomField(owner: String, repository: String, fieldId: Int)(implicit s: Session): Option[CustomField] =
+    CustomFields.filter(_.byPrimaryKey(owner, repository, fieldId)).firstOption
+
+  def createCustomField(
+    owner: String,
+    repository: String,
+    fieldName: String,
+    fieldType: String,
+    enableForIssues: Boolean,
+    enableForPullRequests: Boolean
+  )(implicit s: Session): Int = {
+    CustomFields returning CustomFields.map(_.fieldId) insert CustomField(
+      userName = owner,
+      repositoryName = repository,
+      fieldName = fieldName,
+      fieldType = fieldType,
+      enableForIssues = enableForIssues,
+      enableForPullRequests = enableForPullRequests
+    )
+  }
+
+  def updateCustomField(
+    owner: String,
+    repository: String,
+    fieldId: Int,
+    fieldName: String,
+    fieldType: String,
+    enableForIssues: Boolean,
+    enableForPullRequests: Boolean
+  )(
+    implicit s: Session
+  ): Unit =
+    CustomFields
+      .filter(_.byPrimaryKey(owner, repository, fieldId))
+      .map(t => (t.fieldName, t.fieldType, t.enableForIssues, t.enableForPullRequests))
+      .update((fieldName, fieldType, enableForIssues, enableForPullRequests))
+
+  def deleteCustomField(owner: String, repository: String, fieldId: Int)(implicit s: Session): Unit = {
+    IssueCustomFields
+      .filter(t => t.userName === owner.bind && t.repositoryName === repository.bind && t.fieldId === fieldId.bind)
+      .delete
+    CustomFields.filter(_.byPrimaryKey(owner, repository, fieldId)).delete
+  }
+
+  def getCustomFieldValues(
+    userName: String,
+    repositoryName: String,
+    issueId: Int,
+  )(implicit s: Session): List[IssueCustomField] = {
+    IssueCustomFields
+      .filter(t => t.userName === userName && t.repositoryName === repositoryName.bind && t.issueId === issueId.bind)
+      .list
+  }
+
+  def insertOrUpdateCustomFieldValue(
+    field: CustomField,
+    userName: String,
+    repositoryName: String,
+    issueId: Int,
+    value: String
+  )(implicit s: Session): Unit = {
+    IssueCustomFields.insertOrUpdate(
+      IssueCustomField(
+        userName = userName,
+        repositoryName = repositoryName,
+        issueId = issueId,
+        fieldId = field.fieldId,
+        value = value
+      )
+    )
+  }
+}

src/main/scala/gitbucket/core/service/HandleCommentService.scala

@@ -165,7 +165,7 @@ trait HandleCommentService {
       content match {
         case Some(content) =>
           // Update comment
-          val _commentId = Some(updateComment(issue.issueId, commentId.toInt, content))
+          val _commentId = Some(updateComment(owner, name, issue.issueId, commentId.toInt, content))
           // Record comment activity
           val commentInfo = if (issue.isPullRequest) {
             PullRequestCommentInfo(owner, name, userName, content, issue.issueId)

src/main/scala/gitbucket/core/service/IssueCreationService.scala

@@ -16,7 +16,7 @@ trait IssueCreationService {
     repository: RepositoryInfo,
     title: String,
     body: Option[String],
-    assignee: Option[String],
+    assignees: Seq[String],
     milestoneId: Option[Int],
     priorityId: Option[Int],
     labelNames: Seq[String],
@@ -35,16 +35,19 @@ trait IssueCreationService {
       userName,
       title,
       body,
-      if (manageable) assignee else None,
       if (manageable) milestoneId else None,
       if (manageable) priorityId else None
     )
     val issue: Issue = getIssue(owner, name, issueId.toString).get
 
-    // insert labels
     if (manageable) {
+      // insert assignees
+      assignees.foreach { assignee =>
+        registerIssueAssignee(owner, name, issueId, assignee)
+      }
+      // insert labels
       val labels = getLabels(owner, name)
-      labelNames.map { labelName =>
+      labelNames.foreach { labelName =>
         labels.find(_.labelName == labelName).map { label =>
           registerIssueLabel(owner, name, issueId, label.labelId)
         }

src/main/scala/gitbucket/core/service/IssuesService.scala

@@ -5,7 +5,17 @@ import gitbucket.core.util.StringUtil._
 import gitbucket.core.util.Implicits._
 import gitbucket.core.util.SyntaxSugars._
 import gitbucket.core.controller.Context
-import gitbucket.core.model.{Account, Issue, IssueComment, IssueLabel, Label, PullRequest, Repository, Role}
+import gitbucket.core.model.{
+  Account,
+  Issue,
+  IssueAssignee,
+  IssueComment,
+  IssueLabel,
+  Label,
+  PullRequest,
+  Repository,
+  Role
+}
 import gitbucket.core.model.Profile._
 import gitbucket.core.model.Profile.profile._
 import gitbucket.core.model.Profile.profile.blockingApi._
@@ -118,8 +128,7 @@ trait IssuesService {
   def countIssueGroupByLabels(
     owner: String,
     repository: String,
-    condition: IssueSearchCondition,
+    condition: IssueSearchCondition
-    filterUser: Map[String, String]
   )(implicit s: Session): Map[String, Int] = {
 
     searchIssueQuery(Seq(owner -> repository), condition.copy(labels = Set.empty), IssueSearchOption.Issues)
@@ -138,7 +147,7 @@ trait IssuesService {
           t3.labelName
       }
       .map {
-        case labelName ~ t =>
+        case (labelName, t) =>
           labelName -> t.length
       }
       .list
@@ -156,8 +165,7 @@ trait IssuesService {
   def countIssueGroupByPriorities(
     owner: String,
     repository: String,
-    condition: IssueSearchCondition,
+    condition: IssueSearchCondition
-    filterUser: Map[String, String]
   )(implicit s: Session): Map[String, Int] = {
 
     searchIssueQuery(Seq(owner -> repository), condition.copy(labels = Set.empty), IssueSearchOption.Issues)
@@ -171,7 +179,7 @@ trait IssuesService {
           t2.priorityName
       }
       .map {
-        case priorityName ~ t =>
+        case (priorityName, t) =>
           priorityName -> t.length
       }
       .list
@@ -207,9 +215,11 @@ trait IssuesService {
       .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 => t1.byPriority(t6.userName, t6.repositoryName, t6.priorityId) }
       .joinLeft(PullRequests)
       .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => t1.byIssue(t7.userName, t7.repositoryName, t7.issueId) }
-      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => i asc }
+      .joinLeft(IssueAssignees)
+      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 => t1.byIssue(t8.userName, t8.repositoryName, t8.issueId) }
+      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 => i asc }
       .map {
-        case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 =>
+        case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 =>
           (
             t1,
             t2.commentCount,
@@ -218,7 +228,8 @@ trait IssuesService {
             t4.map(_.color),
             t5.map(_.title),
             t6.map(_.priorityName),
-            t7.map(_.commitIdTo)
+            t7.map(_.commitIdTo),
+            t8.map(_.assigneeUserName)
           )
       }
       .list
@@ -228,36 +239,51 @@ trait IssuesService {
 
     result.map { issues =>
       issues.head match {
-        case (issue, commentCount, _, _, _, milestone, priority, commitId) =>
+        case (issue, commentCount, _, _, _, milestone, priority, commitId, _) =>
           IssueInfo(
             issue,
-            issues.flatMap { t =>
+            issues
-              t._3.map(Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get))
+              .flatMap { t =>
-            } toList,
+                t._3.map(Label(issue.userName, issue.repositoryName, _, t._4.get, t._5.get))
+              }
+              .distinct
+              .toList,
             milestone,
             priority,
             commentCount,
-            commitId
+            commitId,
+            issues.flatMap(_._9).distinct
           )
       }
     } toList
   }
 
   /** for api
-   * @return (issue, issueUser, assignedUser)
+   * @return (issue, issueUser, Seq(assigneeUsers))
    */
   def searchIssueByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)(
     implicit s: Session
-  ): List[(Issue, Account, Option[Account])] = {
+  ): List[(Issue, Account, List[Account])] = {
     // get issues and comment count and labels
     searchIssueQueryBase(condition, IssueSearchOption.Issues, offset, limit, repos)
       .join(Accounts)
       .on { case t1 ~ t2 ~ i ~ t3 => t3.userName === t1.openedUserName }
+      .joinLeft(IssueAssignees)
+      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 => t4.byIssue(t1.userName, t1.repositoryName, t1.issueId) }
       .joinLeft(Accounts)
-      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 => t4.userName === t1.assignedUserName }
+      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 => t5.userName === t4.map(_.assigneeUserName) }
-      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 => i asc }
+      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 => i asc }
-      .map { case t1 ~ t2 ~ i ~ t3 ~ t4 => (t1, t3, t4) }
+      .map { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 => (t1, t3, t5) }
       .list
+      .groupBy {
+        case (issue, account, _) =>
+          (issue, account)
+      }
+      .map {
+        case (_, values) =>
+          (values.head._1, values.head._2, values.flatMap(_._3))
+      }
+      .toList
   }
 
   /** for api
@@ -265,7 +291,7 @@ trait IssuesService {
    */
   def searchPullRequestByApi(condition: IssueSearchCondition, offset: Int, limit: Int, repos: (String, String)*)(
     implicit s: Session
-  ): List[(Issue, Account, Int, PullRequest, Repository, Account, Option[Account])] = {
+  ): List[(Issue, Account, Int, PullRequest, Repository, Account, List[Account])] = {
     // get issues and comment count and labels
     searchIssueQueryBase(condition, IssueSearchOption.PullRequests, offset, limit, repos)
       .join(PullRequests)
@@ -276,11 +302,30 @@ trait IssuesService {
       .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 => t5.userName === t1.openedUserName }
       .join(Accounts)
       .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 => t6.userName === t4.userName }
+      .joinLeft(IssueAssignees)
+      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => t7.byIssue(t1.userName, t1.repositoryName, t1.issueId) }
       .joinLeft(Accounts)
-      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => t7.userName === t1.assignedUserName }
+      .on { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 => t8.userName === t7.map(_.assigneeUserName) }
-      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => i asc }
+      .sortBy { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 => i asc }
-      .map { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 => (t1, t5, t2.commentCount, t3, t4, t6, t7) }
+      .map { case t1 ~ t2 ~ i ~ t3 ~ t4 ~ t5 ~ t6 ~ t7 ~ t8 => (t1, t5, t2.commentCount, t3, t4, t6, t8) }
       .list
+      .groupBy {
+        case (issue, openedUser, commentCount, pullRequest, repository, account, assignedUser) =>
+          (issue, openedUser, commentCount, pullRequest, repository, account)
+      }
+      .map {
+        case (_, values) =>
+          (
+            values.head._1,
+            values.head._2,
+            values.head._3,
+            values.head._4,
+            values.head._5,
+            values.head._6,
+            values.flatMap(_._7)
+          )
+      }
+      .toList
   }
 
   private def searchIssueQueryBase(
@@ -347,7 +392,7 @@ trait IssuesService {
         case _        => t1.closed === true || t1.closed === false
       }).&&(t1.milestoneId.? isEmpty, condition.milestone == Some(None))
         .&&(t1.priorityId.? isEmpty, condition.priority == Some(None))
-        .&&(t1.assignedUserName.? isEmpty, condition.assigned == Some(None))
+        //.&&(t1.assignedUserName.? isEmpty, condition.assigned == Some(None))
         .&&(t1.openedUserName === condition.author.get.bind, condition.author.isDefined) &&
       (searchOption match {
         case IssueSearchOption.Issues       => t1.pullRequest === false
@@ -371,7 +416,13 @@ trait IssuesService {
           condition.priority.flatten.isDefined
         )
         // Assignee filter
-        .&&(t1.assignedUserName === condition.assigned.get.get.bind, condition.assigned.flatten.isDefined)
+        .&&(
+          IssueAssignees filter { a =>
+            a.byIssue(t1.userName, t1.repositoryName, t1.issueId) &&
+            a.assigneeUserName === condition.assigned.get.get.bind
+          } exists,
+          condition.assigned.flatten.isDefined
+        )
         // Label filter
         .&&(
           IssueLabels filter { t2 =>
@@ -396,7 +447,9 @@ trait IssuesService {
         .&&(t1.userName inSetBind condition.groups, condition.groups.nonEmpty)
         // Mentioned filter
         .&&(
-          (t1.openedUserName === condition.mentioned.get.bind) || t1.assignedUserName === condition.mentioned.get.bind ||
+          (t1.openedUserName === condition.mentioned.get.bind) || (IssueAssignees filter { t1 =>
+            t1.byIssue(t1.userName, t1.repositoryName, t1.issueId) && t1.assigneeUserName === condition.mentioned.get.bind
+          } exists) ||
             (IssueComments filter { t2 =>
               (t2.byIssue(t1.userName, t1.repositoryName, t1.issueId)) && (t2.commentedUserName === condition.mentioned.get.bind)
             } exists),
@@ -410,7 +463,6 @@ trait IssuesService {
     loginUser: String,
     title: String,
     content: Option[String],
-    assignedUserName: Option[String],
     milestoneId: Option[Int],
     priorityId: Option[Int],
     isPullRequest: Boolean = false
@@ -427,7 +479,6 @@ trait IssuesService {
           loginUser,
           milestoneId,
           priorityId,
-          assignedUserName,
           title,
           content,
           false,
@@ -509,7 +560,7 @@ trait IssuesService {
     content: String,
     action: String
   )(implicit s: Session): Int = {
-    Issues.filter(_.issueId === issueId.bind).map(_.updatedDate).update(currentDate)
+    Issues.filter(_.byPrimaryKey(owner, repository, issueId)).map(_.updatedDate).update(currentDate)
     IssueComments returning IssueComments.map(_.commentId) insert IssueComment(
       userName = owner,
       repositoryName = repository,
@@ -542,35 +593,91 @@ trait IssuesService {
       .update(true)
   }
 
-  def updateAssignedUserName(
+  def getIssueAssignees(owner: String, repository: String, issueId: Int)(
+    implicit s: Session
+  ): List[IssueAssignee] = {
+    IssueAssignees.filter(_.byIssue(owner, repository, issueId)).sortBy(_.assigneeUserName).list
+  }
+
+  def registerIssueAssignee(
     owner: String,
     repository: String,
     issueId: Int,
-    assignedUserName: Option[String],
+    assigneeUserName: String,
     insertComment: Boolean = false
-  )(implicit context: Context, s: Session): Int = {
+  )(
-    val oldAssigned = getIssue(owner, repository, s"${issueId}").get.assignedUserName
+    implicit context: Context,
-    val assigned = assignedUserName
+    s: Session
+  ): Int = {
     val assigner = context.loginAccount.map(_.userName)
     if (insertComment) {
       IssueComments insert IssueComment(
         userName = owner,
         repositoryName = repository,
         issueId = issueId,
-        action = "assign",
+        action = "add_assignee",
         commentedUserName = assigner.getOrElse("Unknown user"),
-        content = s"""${oldAssigned.getOrElse("Not assigned")}:${assigned.getOrElse("Not assigned")}""",
+        content = assigneeUserName,
         registeredDate = currentDate,
         updatedDate = currentDate
       )
     }
     for (issue <- getIssue(owner, repository, issueId.toString); repo <- getRepository(owner, repository)) {
-      PluginRegistry().getIssueHooks.foreach(_.assigned(issue, repo, assigner, assigned, oldAssigned))
+      PluginRegistry().getIssueHooks.foreach(_.assigned(issue, repo, assigner, Some(assigneeUserName), None))
     }
-    Issues
+    IssueAssignees insert IssueAssignee(owner, repository, issueId, assigneeUserName)
-      .filter(_.byPrimaryKey(owner, repository, issueId))
+  }
-      .map(t => (t.assignedUserName ?, t.updatedDate))
+
-      .update(assignedUserName, currentDate)
+  def deleteIssueAssignee(
+    owner: String,
+    repository: String,
+    issueId: Int,
+    assigneeUserName: String,
+    insertComment: Boolean = false
+  )(
+    implicit context: Context,
+    s: Session
+  ): Int = {
+    val assigner = context.loginAccount.map(_.userName)
+    if (insertComment) {
+      IssueComments insert IssueComment(
+        userName = owner,
+        repositoryName = repository,
+        issueId = issueId,
+        action = "delete_assignee",
+        commentedUserName = assigner.getOrElse("Unknown user"),
+        content = assigneeUserName,
+        registeredDate = currentDate,
+        updatedDate = currentDate
+      )
+    }
+
+    // TODO Notify plugins of unassignment as doing in registerIssueAssignee()?
+
+    IssueAssignees filter (_.byPrimaryKey(owner, repository, issueId, assigneeUserName)) delete
+  }
+
+  def deleteAllIssueAssignees(owner: String, repository: String, issueId: Int, insertComment: Boolean = false)(
+    implicit context: Context,
+    s: Session
+  ): Int = {
+    val assigner = context.loginAccount.map(_.userName)
+    if (insertComment) {
+      IssueComments insert IssueComment(
+        userName = owner,
+        repositoryName = repository,
+        issueId = issueId,
+        action = "delete_assign",
+        commentedUserName = assigner.getOrElse("Unknown user"),
+        content = "All assignees",
+        registeredDate = currentDate,
+        updatedDate = currentDate
+      )
+    }
+
+    // TODO Notify plugins of unassignment as doing in registerIssueAssignee()?
+
+    IssueAssignees filter (_.byIssue(owner, repository, issueId)) delete
   }
 
   def updateMilestoneId(
@@ -635,8 +742,10 @@ trait IssuesService {
       .update(priorityId, currentDate)
   }
 
-  def updateComment(issueId: Int, commentId: Int, content: String)(implicit s: Session): Int = {
+  def updateComment(owner: String, repository: String, issueId: Int, commentId: Int, content: String)(
-    Issues.filter(_.issueId === issueId.bind).map(_.updatedDate).update(currentDate)
+    implicit s: Session
+  ): Int = {
+    Issues.filter(_.byPrimaryKey(owner, repository, issueId)).map(_.updatedDate).update(currentDate)
     IssueComments.filter(_.byPrimaryKey(commentId)).map(t => (t.content, t.updatedDate)).update(content, currentDate)
   }
 
@@ -644,13 +753,13 @@ trait IssuesService {
     implicit context: Context,
     s: Session
   ): Int = {
-    Issues.filter(_.issueId === issueId.bind).map(_.updatedDate).update(currentDate)
+    Issues.filter(_.byPrimaryKey(owner, repository, issueId)).map(_.updatedDate).update(currentDate)
-    IssueComments.filter(_.byPrimaryKey(commentId)).firstOption match {
+    IssueComments.filter(_.byPrimaryKey(commentId)).first match {
-      case Some(c) if c.action == "reopen_comment" =>
+      case c if c.action == "reopen_comment" =>
         IssueComments.filter(_.byPrimaryKey(commentId)).map(t => (t.content, t.action)).update("Reopen", "reopen")
-      case Some(c) if c.action == "close_comment" =>
+      case c if c.action == "close_comment" =>
         IssueComments.filter(_.byPrimaryKey(commentId)).map(t => (t.content, t.action)).update("Close", "close")
-      case Some(_) =>
+      case _ =>
         IssueComments.filter(_.byPrimaryKey(commentId)).delete
         IssueComments insert IssueComment(
           userName = owner,
@@ -981,7 +1090,8 @@ object IssuesService {
     milestone: Option[String],
     priority: Option[String],
     commentCount: Int,
-    commitId: Option[String]
+    commitId: Option[String],
+    assignees: Seq[String]
   )
 }
 

src/main/scala/gitbucket/core/service/RepositoryCommitFileService.scala

@@ -36,10 +36,10 @@ trait RepositoryCommitFileService {
     settings: SystemSettings
   )(
     f: (Git, ObjectId, DirCacheBuilder, ObjectInserter) => Unit
-  )(implicit s: Session, c: JsonFormat.Context): ObjectId = {
+  )(implicit s: Session, c: JsonFormat.Context): Either[String, ObjectId] = {
     _createFiles(repository, branch, message, loginAccount, loginAccount.fullName, loginAccount.mailAddress, settings)(
       f
-    )._1
+    ).map(_._1)
   }
 
   /**
@@ -58,7 +58,7 @@ trait RepositoryCommitFileService {
     commit: String,
     loginAccount: Account,
     settings: SystemSettings
-  )(implicit s: Session, c: JsonFormat.Context): (ObjectId, Option[ObjectId]) = {
+  )(implicit s: Session, c: JsonFormat.Context): Either[String, (ObjectId, Option[ObjectId])] = {
     commitFile(
       repository,
       branch,
@@ -92,7 +92,7 @@ trait RepositoryCommitFileService {
     committerName: String,
     committerMailAddress: String,
     settings: SystemSettings
-  )(implicit s: Session, c: JsonFormat.Context): (ObjectId, Option[ObjectId]) = {
+  )(implicit s: Session, c: JsonFormat.Context): Either[String, (ObjectId, Option[ObjectId])] = {
 
     val newPath = newFileName.map { newFileName =>
       if (path.length == 0) newFileName else s"${path}/${newFileName}"
@@ -141,7 +141,7 @@ trait RepositoryCommitFileService {
     settings: SystemSettings
   )(
     f: (Git, ObjectId, DirCacheBuilder, ObjectInserter) => R
-  )(implicit s: Session, c: JsonFormat.Context): (ObjectId, R) = {
+  )(implicit s: Session, c: JsonFormat.Context): Either[String, (ObjectId, R)] = {
 
     LockUtil.lock(s"${repository.owner}/${repository.name}") {
       Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
@@ -177,11 +177,11 @@ trait RepositoryCommitFileService {
         error match {
           case Some(error) =>
             // commit is rejected
-            // TODO Notify commit failure to edited user
             val refUpdate = git.getRepository.updateRef(headName)
             refUpdate.setNewObjectId(headTip)
             refUpdate.setForceUpdate(true)
             refUpdate.update()
+            Left(error)
 
           case None =>
             // update refs
@@ -242,8 +242,8 @@ trait RepositoryCommitFileService {
                 )
               }
             }
+            Right((commitId, result))
         }
-        (commitId, result)
       }
     }
   }

src/main/scala/gitbucket/core/service/RepositoryService.scala

@@ -342,10 +342,7 @@ trait RepositoryService {
             repository.originUserName.getOrElse(repository.userName),
             repository.originRepositoryName.getOrElse(repository.repositoryName)
           ),
-          getOpenMilestones(
+          getOpenMilestones(repository.userName, repository.repositoryName),
-            repository.originUserName.getOrElse(repository.userName),
-            repository.originRepositoryName.getOrElse(repository.repositoryName)
-          ),
           getRepositoryManagers(repository.userName, repository.repositoryName)
         )
     }

src/main/scala/gitbucket/core/service/SystemSettingsService.scala

@@ -18,17 +18,18 @@ trait SystemSettingsService {
     val props = new java.util.Properties()
     settings.baseUrl.foreach(x => props.setProperty(BaseURL, x.replaceFirst("/\\Z", "")))
     settings.information.foreach(x => props.setProperty(Information, x))
-    props.setProperty(AllowAccountRegistration, settings.allowAccountRegistration.toString)
+    props.setProperty(AllowAccountRegistration, settings.basicBehavior.allowAccountRegistration.toString)
-    props.setProperty(AllowAnonymousAccess, settings.allowAnonymousAccess.toString)
+    props.setProperty(AllowResetPassword, settings.basicBehavior.allowResetPassword.toString)
-    props.setProperty(IsCreateRepoOptionPublic, settings.isCreateRepoOptionPublic.toString)
+    props.setProperty(AllowAnonymousAccess, settings.basicBehavior.allowAnonymousAccess.toString)
-    props.setProperty(RepositoryOperationCreate, settings.repositoryOperation.create.toString)
+    props.setProperty(IsCreateRepoOptionPublic, settings.basicBehavior.isCreateRepoOptionPublic.toString)
-    props.setProperty(RepositoryOperationDelete, settings.repositoryOperation.delete.toString)
+    props.setProperty(RepositoryOperationCreate, settings.basicBehavior.repositoryOperation.create.toString)
-    props.setProperty(RepositoryOperationRename, settings.repositoryOperation.rename.toString)
+    props.setProperty(RepositoryOperationDelete, settings.basicBehavior.repositoryOperation.delete.toString)
-    props.setProperty(RepositoryOperationTransfer, settings.repositoryOperation.transfer.toString)
+    props.setProperty(RepositoryOperationRename, settings.basicBehavior.repositoryOperation.rename.toString)
-    props.setProperty(RepositoryOperationFork, settings.repositoryOperation.fork.toString)
+    props.setProperty(RepositoryOperationTransfer, settings.basicBehavior.repositoryOperation.transfer.toString)
-    props.setProperty(Gravatar, settings.gravatar.toString)
+    props.setProperty(RepositoryOperationFork, settings.basicBehavior.repositoryOperation.fork.toString)
-    props.setProperty(Notification, settings.notification.toString)
+    props.setProperty(Gravatar, settings.basicBehavior.gravatar.toString)
-    props.setProperty(LimitVisibleRepositories, settings.limitVisibleRepositories.toString)
+    props.setProperty(Notification, settings.basicBehavior.notification.toString)
+    props.setProperty(LimitVisibleRepositories, settings.basicBehavior.limitVisibleRepositories.toString)
     props.setProperty(SshEnabled, settings.ssh.enabled.toString)
     settings.ssh.bindAddress.foreach { bindAddress =>
       props.setProperty(SshBindAddressHost, bindAddress.host.trim())
@@ -109,19 +110,22 @@ trait SystemSettingsService {
     SystemSettings(
       getOptionValue[String](props, BaseURL, None).map(x => x.replaceFirst("/\\Z", "")),
       getOptionValue(props, Information, None),
-      getValue(props, AllowAccountRegistration, false),
+      BasicBehavior(
-      getValue(props, AllowAnonymousAccess, true),
+        getValue(props, AllowAccountRegistration, false),
-      getValue(props, IsCreateRepoOptionPublic, true),
+        getValue(props, AllowResetPassword, false),
-      RepositoryOperation(
+        getValue(props, AllowAnonymousAccess, true),
-        create = getValue(props, RepositoryOperationCreate, true),
+        getValue(props, IsCreateRepoOptionPublic, true),
-        delete = getValue(props, RepositoryOperationDelete, true),
+        RepositoryOperation(
-        rename = getValue(props, RepositoryOperationRename, true),
+          create = getValue(props, RepositoryOperationCreate, true),
-        transfer = getValue(props, RepositoryOperationTransfer, true),
+          delete = getValue(props, RepositoryOperationDelete, true),
-        fork = getValue(props, RepositoryOperationFork, true)
+          rename = getValue(props, RepositoryOperationRename, true),
+          transfer = getValue(props, RepositoryOperationTransfer, true),
+          fork = getValue(props, RepositoryOperationFork, true)
+        ),
+        getValue(props, Gravatar, false),
+        getValue(props, Notification, false),
+        getValue(props, LimitVisibleRepositories, false)
       ),
-      getValue(props, Gravatar, false),
-      getValue(props, Notification, false),
-      getValue(props, LimitVisibleRepositories, false),
       Ssh(
         enabled = getValue(props, SshEnabled, false),
         bindAddress = {
@@ -214,13 +218,7 @@ object SystemSettingsService {
   case class SystemSettings(
     baseUrl: Option[String],
     information: Option[String],
-    allowAccountRegistration: Boolean,
+    basicBehavior: BasicBehavior,
-    allowAnonymousAccess: Boolean,
-    isCreateRepoOptionPublic: Boolean,
-    repositoryOperation: RepositoryOperation,
-    gravatar: Boolean,
-    notification: Boolean,
-    limitVisibleRepositories: Boolean,
     ssh: Ssh,
     useSMTP: Boolean,
     smtp: Option[Smtp],
@@ -264,6 +262,17 @@ object SystemSettingsService {
       ssh.getUrl(owner: String, name: String)
   }
 
+  case class BasicBehavior(
+    allowAccountRegistration: Boolean,
+    allowResetPassword: Boolean,
+    allowAnonymousAccess: Boolean,
+    isCreateRepoOptionPublic: Boolean,
+    repositoryOperation: RepositoryOperation,
+    gravatar: Boolean,
+    notification: Boolean,
+    limitVisibleRepositories: Boolean,
+  )
+
   case class RepositoryOperation(
     create: Boolean,
     delete: Boolean,
@@ -383,6 +392,7 @@ object SystemSettingsService {
   private val BaseURL = "base_url"
   private val Information = "information"
   private val AllowAccountRegistration = "allow_account_registration"
+  private val AllowResetPassword = "allow_reset_password"
   private val AllowAnonymousAccess = "allow_anonymous_access"
   private val IsCreateRepoOptionPublic = "is_create_repository_option_public"
   private val RepositoryOperationCreate = "repository_operation_create"

src/main/scala/gitbucket/core/service/WebHookService.scala

@@ -379,8 +379,12 @@ trait WebHookPullRequestService extends WebHookService {
     settings: SystemSettings
   )(implicit s: Session, context: JsonFormat.Context): Unit = {
     callWebHookOf(repository.owner, repository.name, WebHook.Issues, settings) {
+      val assigneeUsers = getIssueAssignees(repository.owner, repository.name, issue.issueId)
       val users =
-        getAccountsByUserNames(Set(repository.owner, issue.openedUserName) ++ issue.assignedUserName, Set(sender))
+        getAccountsByUserNames(
+          Set(repository.owner, issue.openedUserName) ++ assigneeUsers.map(_.assigneeUserName),
+          Set(sender)
+        )
       for {
         repoOwner <- users.get(repository.owner)
         issueUser <- users.get(issue.openedUserName)
@@ -393,7 +397,7 @@ trait WebHookPullRequestService extends WebHookService {
             issue,
             RepositoryName(repository),
             ApiUser(issueUser),
-            issue.assignedUserName.flatMap(users.get(_)).map(ApiUser(_)),
+            assigneeUsers.flatMap(x => users.get(x.assigneeUserName)).map(ApiUser(_)),
             getIssueLabels(repository.owner, repository.name, issue.issueId)
               .map(ApiLabel(_, RepositoryName(repository))),
             getApiMilestone(repository, issue.milestoneId getOrElse (0))
@@ -415,16 +419,15 @@ trait WebHookPullRequestService extends WebHookService {
     callWebHookOf(repository.owner, repository.name, WebHook.PullRequest, settings) {
       for {
         (issue, pullRequest) <- getPullRequest(repository.owner, repository.name, issueId)
+        assignees = getIssueAssignees(repository.owner, repository.name, issueId)
         users = getAccountsByUserNames(
-          Set(repository.owner, pullRequest.requestUserName, issue.openedUserName),
+          Set(repository.owner, pullRequest.requestUserName, issue.openedUserName) ++ assignees.map(_.assigneeUserName),
           Set(sender)
         )
         baseOwner <- users.get(repository.owner)
         headOwner <- users.get(pullRequest.requestUserName)
         issueUser <- users.get(issue.openedUserName)
-        assignee = issue.assignedUserName.flatMap { userName =>
+        assigneeUsers = assignees.flatMap(x => users.get(x.assigneeUserName))
-          getAccountByUserName(userName, false)
-        }
         headRepo <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
         labels = getIssueLabels(repository.owner, repository.name, issue.issueId)
           .map(ApiLabel(_, RepositoryName(repository)))
@@ -433,7 +436,7 @@ trait WebHookPullRequestService extends WebHookService {
           action = action,
           issue = issue,
           issueUser = issueUser,
-          assignee = assignee,
+          assignees = assigneeUsers,
           pullRequest = pullRequest,
           headRepository = headRepo,
           headOwner = headOwner,
@@ -481,8 +484,8 @@ trait WebHookPullRequestService extends WebHookService {
         requestRepository.name,
         requestBranch
       )
-      assignee = issue.assignedUserName.flatMap { userName =>
+      assignees = getIssueAssignees(requestRepository.owner, requestRepository.name, issue.issueId).flatMap { x =>
-        getAccountByUserName(userName, false)
+        getAccountByUserName(x.assigneeUserName, false)
       }
       baseRepo <- getRepository(pullRequest.userName, pullRequest.repositoryName)
       labels = getIssueLabels(pullRequest.userName, pullRequest.repositoryName, issue.issueId)
@@ -492,7 +495,7 @@ trait WebHookPullRequestService extends WebHookService {
         action = action,
         issue = issue,
         issueUser = issueUser,
-        assignee = assignee,
+        assignees = assignees,
         pullRequest = pullRequest,
         headRepository = requestRepository,
         headOwner = headOwner,
@@ -522,15 +525,17 @@ trait WebHookPullRequestReviewCommentService extends WebHookService {
   )(implicit s: Session, c: JsonFormat.Context): Unit = {
     import WebHookService._
     callWebHookOf(repository.owner, repository.name, WebHook.PullRequestReviewComment, settings) {
+      val assignees = getIssueAssignees(repository.owner, pullRequest.requestUserName, issue.issueId)
       val users =
-        getAccountsByUserNames(Set(repository.owner, pullRequest.requestUserName, issue.openedUserName), Set(sender))
+        getAccountsByUserNames(
+          Set(repository.owner, pullRequest.requestUserName, issue.openedUserName) ++ assignees.map(_.assigneeUserName),
+          Set(sender)
+        )
       for {
         baseOwner <- users.get(repository.owner)
         headOwner <- users.get(pullRequest.requestUserName)
         issueUser <- users.get(issue.openedUserName)
-        assignee = issue.assignedUserName.flatMap { userName =>
+        assigneeUsers = assignees.flatMap(x => users.get(x.assigneeUserName))
-          getAccountByUserName(userName, false)
-        }
         headRepo <- getRepository(pullRequest.requestUserName, pullRequest.requestRepositoryName)
         labels = getIssueLabels(pullRequest.userName, pullRequest.repositoryName, issue.issueId)
           .map(ApiLabel(_, RepositoryName(pullRequest.userName, pullRequest.repositoryName)))
@@ -540,7 +545,7 @@ trait WebHookPullRequestReviewCommentService extends WebHookService {
           comment = comment,
           issue = issue,
           issueUser = issueUser,
-          assignee = assignee,
+          assignees = assigneeUsers,
           pullRequest = pullRequest,
           headRepository = headRepo,
           headOwner = headOwner,
@@ -569,14 +574,17 @@ trait WebHookIssueCommentService extends WebHookPullRequestService {
     callWebHookOf(repository.owner, repository.name, WebHook.IssueComment, settings) {
       for {
         issueComment <- getComment(repository.owner, repository.name, issueCommentId.toString())
+        assignees = getIssueAssignees(repository.owner, repository.name, issue.issueId)
         users = getAccountsByUserNames(
-          Set(issue.openedUserName, repository.owner, issueComment.commentedUserName) ++ issue.assignedUserName,
+          Set(issue.openedUserName, repository.owner, issueComment.commentedUserName) ++ assignees.map(
+            _.assigneeUserName
+          ),
           Set(sender)
         )
         issueUser <- users.get(issue.openedUserName)
         repoOwner <- users.get(repository.owner)
         commenter <- users.get(issueComment.commentedUserName)
-        assignedUser = issue.assignedUserName.flatMap(users.get(_))
+        assigneeUsers = assignees.flatMap(x => users.get(x.assigneeUserName))
         labels = getIssueLabels(repository.owner, repository.name, issue.issueId)
         milestone = getApiMilestone(repository, issue.milestoneId getOrElse (0))
       } yield {
@@ -587,7 +595,7 @@ trait WebHookIssueCommentService extends WebHookPullRequestService {
           commentUser = commenter,
           repository = repository,
           repositoryUser = repoOwner,
-          assignedUser = assignedUser,
+          assignees = assigneeUsers,
           sender = sender,
           labels = labels,
           milestone = milestone
@@ -710,7 +718,7 @@ object WebHookService {
       action: String,
       issue: Issue,
       issueUser: Account,
-      assignee: Option[Account],
+      assignees: List[Account],
       pullRequest: PullRequest,
       headRepository: RepositoryInfo,
       headOwner: Account,
@@ -731,7 +739,7 @@ object WebHookService {
         baseRepo = baseRepoPayload,
         user = ApiUser(issueUser),
         labels = labels,
-        assignee = assignee.map(ApiUser.apply),
+        assignees = assignees.map(ApiUser.apply),
         mergedComment = mergedComment
       )
 
@@ -762,7 +770,7 @@ object WebHookService {
       commentUser: Account,
       repository: RepositoryInfo,
       repositoryUser: Account,
-      assignedUser: Option[Account],
+      assignees: List[Account],
       sender: Account,
       labels: List[Label],
       milestone: Option[ApiMilestone]
@@ -774,7 +782,7 @@ object WebHookService {
           issue,
           RepositoryName(repository),
           ApiUser(issueUser),
-          assignedUser.map(ApiUser(_)),
+          assignees.map(ApiUser(_)),
           labels.map(ApiLabel(_, RepositoryName(repository))),
           milestone
         ),
@@ -799,7 +807,7 @@ object WebHookService {
       comment: CommitComment,
       issue: Issue,
       issueUser: Account,
-      assignee: Option[Account],
+      assignees: List[Account],
       pullRequest: PullRequest,
       headRepository: RepositoryInfo,
       headOwner: Account,
@@ -828,7 +836,7 @@ object WebHookService {
           baseRepo = baseRepoPayload,
           user = ApiUser(issueUser),
           labels = labels,
-          assignee = assignee.map(ApiUser.apply),
+          assignees = assignees.map(ApiUser.apply),
           mergedComment = mergedComment
         ),
         repository = baseRepoPayload,

src/main/scala/gitbucket/core/servlet/GitAuthenticationFilter.scala

@@ -98,29 +98,30 @@ class GitAuthenticationFilter extends Filter with RepositoryService with Account
         Database() withSession { implicit session =>
           getRepository(repositoryOwner, repositoryName.replaceFirst("(\\.wiki)?\\.git$", "")) match {
             case Some(repository) => {
-              val execute = if (!isUpdating && !repository.repository.isPrivate && settings.allowAnonymousAccess) {
+              val execute =
-                // Authentication is not required
+                if (!isUpdating && !repository.repository.isPrivate && settings.basicBehavior.allowAnonymousAccess) {
-                true
+                  // Authentication is not required
-              } else {
+                  true
-                // Authentication is required
+                } else {
-                val passed = for {
+                  // Authentication is required
-                  authorizationHeader <- Option(request.getHeader("Authorization"))
+                  val passed = for {
-                  account <- authenticateByHeader(authorizationHeader, settings)
+                    authorizationHeader <- Option(request.getHeader("Authorization"))
-                } yield
+                    account <- authenticateByHeader(authorizationHeader, settings)
-                  if (isUpdating) {
+                  } yield
-                    if (hasDeveloperRole(repository.owner, repository.name, Some(account))) {
+                    if (isUpdating) {
-                      request.setAttribute(Keys.Request.UserName, account.userName)
+                      if (hasDeveloperRole(repository.owner, repository.name, Some(account))) {
-                      request.setAttribute(Keys.Request.RepositoryLockKey, s"${repository.owner}/${repository.name}")
+                        request.setAttribute(Keys.Request.UserName, account.userName)
-                      true
+                        request.setAttribute(Keys.Request.RepositoryLockKey, s"${repository.owner}/${repository.name}")
-                    } else false
+                        true
-                  } else if (repository.repository.isPrivate) {
+                      } else false
-                    if (hasGuestRole(repository.owner, repository.name, Some(account))) {
+                    } else if (repository.repository.isPrivate) {
-                      request.setAttribute(Keys.Request.UserName, account.userName)
+                      if (hasGuestRole(repository.owner, repository.name, Some(account))) {
-                      true
+                        request.setAttribute(Keys.Request.UserName, account.userName)
-                    } else false
+                        true
-                  } else true
+                      } else false
-                passed.getOrElse(false)
+                    } else true
-              }
+                  passed.getOrElse(false)
+                }
 
               if (execute) { () =>
                 chain.doFilter(request, response)

src/main/scala/gitbucket/core/servlet/GitRepositoryServlet.scala

@@ -52,15 +52,11 @@ import org.json4s.jackson.Serialization._
  */
 class GitRepositoryServlet extends GitServlet with SystemSettingsService {
 
-  private val logger = LoggerFactory.getLogger(classOf[GitRepositoryServlet])
   private implicit val jsonFormats: Formats = gitbucket.core.api.JsonFormat.jsonFormats
 
   override def init(config: ServletConfig): Unit = {
     setReceivePackFactory(new GitBucketReceivePackFactory())
-
-    val root: File = new File(Directory.RepositoryHome)
     setRepositoryResolver(new GitBucketRepositoryResolver)
-
     super.init(config)
   }
 
@@ -420,7 +416,7 @@ class CommitLogHook(owner: String, repository: String, pusher: String, baseUrl:
                     pusherAccount,
                     repositoryInfo,
                     ownerAccount,
-                    ref = branchName,
+                    ref = command.getRefName,
                     refType = refType
                   )
                 }

src/main/scala/gitbucket/core/ssh/GitCommand.scala

@@ -244,7 +244,7 @@ class GitCommandFactory(baseUrl: String, sshAddress: SshAddress) extends Command
       case f if f.isDefinedAt(command) => f(command)
     }
 
-    pluginCommand.getOrElse {
+    pluginCommand.map(_.apply(channel)).getOrElse {
       val (simpleRegex, defaultRegex) =
         if (sshAddress.isDefaultPort) {
           (SimpleCommandRegexPort22, DefaultCommandRegexPort22)

src/main/scala/gitbucket/core/util/DatabaseConfig.scala

@@ -38,8 +38,18 @@ object DatabaseConfig {
 
   private lazy val dbUrl = getValue("db.url", config.getString) //config.getString("db.url")
 
-  def url(directory: Option[String]): String =
+  def url(directory: Option[String]): String = {
-    dbUrl.replace("${DatabaseHome}", directory.getOrElse(DatabaseHome))
+    val sb = new StringBuilder()
+    sb.append(dbUrl)
+    if (dbUrl.startsWith("jdbc:mysql:") && dbUrl.indexOf("permitMysqlScheme") == -1) {
+      if (dbUrl.indexOf("?") == -1) {
+        sb.append("?permitMysqlScheme")
+      } else {
+        sb.append("&permitMysqlScheme")
+      }
+    }
+    sb.toString().replace("${DatabaseHome}", directory.getOrElse(DatabaseHome))
+  }
 
   lazy val url: String = url(None)
   lazy val user: String = getValue("db.user", config.getString)

src/main/scala/gitbucket/core/util/Mailer.scala

@@ -41,7 +41,7 @@ class Mailer(settings: SystemSettings) {
     htmlMsg: Option[String] = None,
     loginAccount: Option[Account] = None
   ): Option[HtmlEmail] = {
-    if (settings.notification) {
+    if (settings.basicBehavior.notification) {
       settings.smtp.map { smtp =>
         val email = new HtmlEmail
         email.setHostName(smtp.host)

src/main/scala/gitbucket/core/util/StringUtil.scala

@@ -74,6 +74,11 @@ object StringUtil {
 
   def urlDecode(value: String): String = URLDecoder.decode(value, "UTF-8")
 
+  /**
+   * URL encode except '/'.
+   */
+  def encodeRefName(value: String): String = urlEncode(value).replace("%2F", "/")
+
   def splitWords(value: String): Array[String] = value.split("[ \\t　]+")
 
   def isInteger(value: String): Boolean = allCatch opt { value.toInt } map (_ => true) getOrElse (false)
@@ -93,8 +98,8 @@ object StringUtil {
     detector.handleData(content, 0, content.length)
     detector.dataEnd()
     detector.getDetectedCharset match {
-      case null => "UTF-8"
+      case null | "US-ASCII" => "UTF-8"
-      case e    => e
+      case e                 => e
     }
   }
 

src/main/scala/gitbucket/core/view/AvatarImageProvider.scala

@@ -18,7 +18,7 @@ trait AvatarImageProvider { self: RequestCache =>
     val src = if (mailAddress.isEmpty) {
       // by user name
       getAccountByUserNameFromCache(userName).map { account =>
-        if (account.image.isEmpty && context.settings.gravatar) {
+        if (account.image.isEmpty && context.settings.basicBehavior.gravatar) {
           s"""https://www.gravatar.com/avatar/${StringUtil.md5(account.mailAddress.toLowerCase)}?s=${size}&d=retro&r=g"""
         } else {
           s"""${context.path}/${account.userName}/_avatar?${helpers.hashDate(account.updatedDate)}"""
@@ -29,13 +29,13 @@ trait AvatarImageProvider { self: RequestCache =>
     } else {
       // by mail address
       getAccountByMailAddressFromCache(mailAddress).map { account =>
-        if (account.image.isEmpty && context.settings.gravatar) {
+        if (account.image.isEmpty && context.settings.basicBehavior.gravatar) {
           s"""https://www.gravatar.com/avatar/${StringUtil.md5(account.mailAddress.toLowerCase)}?s=${size}&d=retro&r=g"""
         } else {
           s"""${context.path}/${account.userName}/_avatar?${helpers.hashDate(account.updatedDate)}"""
         }
       } getOrElse {
-        if (context.settings.gravatar) {
+        if (context.settings.basicBehavior.gravatar) {
           s"""https://www.gravatar.com/avatar/${StringUtil.md5(mailAddress.toLowerCase)}?s=${size}&d=retro&r=g"""
         } else {
           s"""${context.path}/_unknown/_avatar"""

src/main/scala/gitbucket/core/view/helpers.scala

@@ -212,19 +212,19 @@ object helpers extends AvatarImageProvider with LinkConverter with RequestCache
     Html(
       message
         .replaceAll("\\[issue:([^\\s]+?)/([^\\s]+?)#((\\d+))\\]"){ m =>
-          val issue = getIssueFromCache(m.group(1), m.group(2), m.group(3))
+          getIssueFromCache(m.group(1), m.group(2), m.group(3)) match {
-          if (issue.isDefined) {
+            case Some(issue) =>
-            s"""<a href="${context.path}/${m.group(1)}/${m.group(2)}/issues/${m.group(3)}" title="${issue.get.title}">${m.group(1)}/${m.group(2)}#${m.group(3)}</a>"""
+              s"""<a href="${context.path}/${m.group(1)}/${m.group(2)}/issues/${m.group(3)}" title="${StringUtil.escapeHtml(issue.title)}">${m.group(1)}/${m.group(2)}#${m.group(3)}</a>"""
-          } else {
+            case None =>
-            s"${m.group(1)}/${m.group(2)}#${m.group(3)}"
+              s"${m.group(1)}/${m.group(2)}#${m.group(3)}"
           }
         }
         .replaceAll("\\[pullreq:([^\\s]+?)/([^\\s]+?)#((\\d+))\\]"){ m =>
-          val pullreq = getIssueFromCache(m.group(1), m.group(2), m.group(3))
+          getIssueFromCache(m.group(1), m.group(2), m.group(3)) match {
-          if (pullreq.isDefined) {
+            case Some(pullreq) =>
-            s"""<a href="${context.path}/${m.group(1)}/${m.group(2)}/pull/${m.group(3)}" title="${pullreq.get.title}">${m.group(1)}/${m.group(2)}#${m.group(3)}</a>"""
+              s"""<a href="${context.path}/${m.group(1)}/${m.group(2)}/pull/${m.group(3)}" title="${StringUtil.escapeHtml(pullreq.title)}">${m.group(1)}/${m.group(2)}#${m.group(3)}</a>"""
-          } else {
+            case None =>
-            s"${m.group(1)}/${m.group(2)}#${m.group(3)}"
+              s"${m.group(1)}/${m.group(2)}#${m.group(3)}"
           }
         }
         .replaceAll("\\[repo:([^\\s]+?)/([^\\s]+?)\\]") { m =>
@@ -276,7 +276,7 @@ object helpers extends AvatarImageProvider with LinkConverter with RequestCache
   /**
    * URL encode except '/'.
    */
-  def encodeRefName(value: String): String = StringUtil.urlEncode(value).replace("%2F", "/")
+  def encodeRefName(value: String): String = StringUtil.encodeRefName(value)
 
   def urlEncode(value: String): String = StringUtil.urlEncode(value)
 

src/main/twirl/gitbucket/core/account/reset.scala.html

@@ -0,0 +1,16 @@
+@()(implicit context: gitbucket.core.controller.Context)
+@gitbucket.core.html.main("Reset your password"){
+  <div class="content-wrapper main-center">
+    <div class="content body">
+      <h2>Reset your password</h2>
+      <form action="@context.path/reset" method="POST" validate="true" autocomplete="off">
+        <fieldset class="form-group">
+          Enter your email address to reset your password.
+          <input type="text" name="mailAddress" id="mailAddress" class="form-control" value=""  value="" style="max-width: 400px;"/>
+          <span id="error-mailAddress" class="error"></span>
+        </fieldset>
+        <input type="submit" class="btn btn-success" value="Submit"/>
+      </form>
+    </div>
+  </div>
+}

src/main/twirl/gitbucket/core/account/resetcomplete.scala.html

@@ -0,0 +1,11 @@
+@()(implicit context: gitbucket.core.controller.Context)
+@gitbucket.core.html.main("Reset your password"){
+  <div class="content-wrapper main-center">
+    <div class="content body">
+      <h2>Reset your password</h2>
+      <p>
+        Password has been updated. <a href="@context.path/signin">Sign-in</a> with new password.
+      </p>
+    </div>
+  </div>
+}

src/main/twirl/gitbucket/core/account/resetform.scala.html

@@ -0,0 +1,17 @@
+@(token: String)(implicit context: gitbucket.core.controller.Context)
+@gitbucket.core.html.main("Reset your password"){
+  <div class="content-wrapper main-center">
+    <div class="content body">
+      <h2>Reset your password</h2>
+      <form action="@context.path/reset/form" method="POST" validate="true" autocomplete="off">
+        <fieldset class="form-group">
+          Enter new password:
+          <input type="password" name="password" id="password" class="form-control" value="" style="max-width: 400px;"/>
+          <span id="error-password" class="error"></span>
+        </fieldset>
+        <input type="submit" class="btn btn-success" value="Submit"/>
+        <input type="hidden" name="token" id="token" value="@token"/>
+      </form>
+    </div>
+  </div>
+}

src/main/twirl/gitbucket/core/account/resetsent.scala.html

@@ -0,0 +1,11 @@
+@()(implicit context: gitbucket.core.controller.Context)
+@gitbucket.core.html.main("Reset your password"){
+  <div class="content-wrapper main-center">
+    <div class="content body">
+      <h2>Reset your password</h2>
+      <p>
+        Send an email to you. Check your mailbox.
+      </p>
+    </div>
+  </div>
+}

src/main/twirl/gitbucket/core/admin/settings_integrations.scala.html

@@ -6,7 +6,7 @@
 <label class="strong">Services</label>
 <fieldset>
   <label class="checkbox">
-    <input type="checkbox" name="gravatar"@if(context.settings.gravatar){ checked}/>
+    <input type="checkbox" name="basicBehavior.gravatar"@if(context.settings.basicBehavior.gravatar){ checked}/>
     Use Gravatar for profile images
   </label>
 </fieldset>
@@ -132,7 +132,7 @@
 <label class="strong">Notifications</label>
 <fieldset>
   <label class="checkbox" for="notification">
-    <input type="checkbox" id="notification" name="notification"@if(context.settings.notification){ checked}/>
+    <input type="checkbox" id="notification" name="basicBehavior.notification"@if(context.settings.basicBehavior.notification){ checked}/>
     Send notifications
   </label>
 </fieldset>

src/main/twirl/gitbucket/core/admin/settings_system.scala.html

@@ -108,15 +108,30 @@
 <label class="strong">Account registration</label>
 <fieldset>
   <label class="radio">
-    <input type="radio" name="allowAccountRegistration" value="true"@if(context.settings.allowAccountRegistration){ checked}>
+    <input type="radio" name="basicBehavior.allowAccountRegistration" value="true"@if(context.settings.basicBehavior.allowAccountRegistration){ checked}>
     <span class="strong">Allow</span> <span class="normal">- Users can create accounts by themselves.</span>
   </label>
   <label class="radio">
-    <input type="radio" name="allowAccountRegistration" value="false"@if(!context.settings.allowAccountRegistration){ checked}>
+    <input type="radio" name="basicBehavior.allowAccountRegistration" value="false"@if(!context.settings.basicBehavior.allowAccountRegistration){ checked}>
     <span class="strong">Deny</span> <span class="normal">- Only administrators can create accounts.</span>
   </label>
 </fieldset>
 <!--====================================================================-->
+<!-- Reset password -->
+<!--====================================================================-->
+<hr>
+<label class="strong">Reset password</label>
+<fieldset>
+  <label class="radio">
+    <input type="radio" name="basicBehavior.allowResetPassword" value="true"@if(context.settings.basicBehavior.allowResetPassword){ checked}>
+    <span class="strong">Allow</span> <span class="normal">- Allow users to reset password. (SMTP setting is required)</span>
+  </label>
+  <label class="radio">
+    <input type="radio" name="basicBehavior.allowResetPassword" value="false"@if(!context.settings.basicBehavior.allowResetPassword){ checked}>
+    <span class="strong">Deny</span> <span class="normal">- Doesn't allow users to reset password.</span>
+  </label>
+</fieldset>
+<!--====================================================================-->
 <!-- Repository operations -->
 <!--====================================================================-->
 <hr>
@@ -126,11 +141,11 @@
     <label class="control-label col-md-2">Create</label>
     <div class="col-md-10">
       <label class="radio">
-        <input type="radio" name="repositoryOperation.create" value="true"@if(context.settings.repositoryOperation.create){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.create" value="true"@if(context.settings.basicBehavior.repositoryOperation.create){ checked}>
         <span class="strong">All users</span> <span class="normal">- All users can create repository.</span>
       </label>
       <label class="radio">
-        <input type="radio" name="repositoryOperation.create" value="false"@if(!context.settings.repositoryOperation.create){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.create" value="false"@if(!context.settings.basicBehavior.repositoryOperation.create){ checked}>
         <span class="strong">Admin only</span> <span class="normal">- Only administrators can create repository.</span>
       </label>
     </div>
@@ -139,11 +154,11 @@
     <label class="control-label col-md-2">Delete</label>
     <div class="col-md-10">
       <label class="radio">
-        <input type="radio" name="repositoryOperation.delete" value="true"@if(context.settings.repositoryOperation.delete){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.delete" value="true"@if(context.settings.basicBehavior.repositoryOperation.delete){ checked}>
         <span class="strong">All users</span> <span class="normal">- All users can delete repository.</span>
       </label>
       <label class="radio">
-        <input type="radio" name="repositoryOperation.delete" value="false"@if(!context.settings.repositoryOperation.delete){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.delete" value="false"@if(!context.settings.basicBehavior.repositoryOperation.delete){ checked}>
         <span class="strong">Admin only</span> <span class="normal">- Only administrators can delete repository.</span>
       </label>
     </div>
@@ -152,11 +167,11 @@
     <label class="control-label col-md-2">Rename</label>
     <div class="col-md-10">
       <label class="radio">
-        <input type="radio" name="repositoryOperation.rename" value="true"@if(context.settings.repositoryOperation.rename){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.rename" value="true"@if(context.settings.basicBehavior.repositoryOperation.rename){ checked}>
         <span class="strong">All users</span> <span class="normal">- All users can rename repository.</span>
       </label>
       <label class="radio">
-        <input type="radio" name="repositoryOperation.rename" value="false"@if(!context.settings.repositoryOperation.rename){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.rename" value="false"@if(!context.settings.basicBehavior.repositoryOperation.rename){ checked}>
         <span class="strong">Admin only</span> <span class="normal">- Only administrators can rename repository.</span>
       </label>
     </div>
@@ -165,11 +180,11 @@
     <label class="control-label col-md-2">Transfer</label>
     <div class="col-md-10">
       <label class="radio">
-        <input type="radio" name="repositoryOperation.transfer" value="true"@if(context.settings.repositoryOperation.transfer){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.transfer" value="true"@if(context.settings.basicBehavior.repositoryOperation.transfer){ checked}>
         <span class="strong">All users</span> <span class="normal">- All users can transfer repository.</span>
       </label>
       <label class="radio">
-        <input type="radio" name="repositoryOperation.transfer" value="false"@if(!context.settings.repositoryOperation.transfer){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.transfer" value="false"@if(!context.settings.basicBehavior.repositoryOperation.transfer){ checked}>
         <span class="strong">Admin only</span> <span class="normal">- Only administrators can transfer repository.</span>
       </label>
     </div>
@@ -178,11 +193,11 @@
     <label class="control-label col-md-2">Fork</label>
     <div class="col-md-10">
       <label class="radio">
-        <input type="radio" name="repositoryOperation.fork" value="true"@if(context.settings.repositoryOperation.fork){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.fork" value="true"@if(context.settings.basicBehavior.repositoryOperation.fork){ checked}>
         <span class="strong">All users</span> <span class="normal">- All users can fork repository.</span>
       </label>
       <label class="radio">
-        <input type="radio" name="repositoryOperation.fork" value="false"@if(!context.settings.repositoryOperation.fork){ checked}>
+        <input type="radio" name="basicBehavior.repositoryOperation.fork" value="false"@if(!context.settings.basicBehavior.repositoryOperation.fork){ checked}>
         <span class="strong">Admin only</span> <span class="normal">- Only administrators can fork repository.</span>
       </label>
     </div>
@@ -192,11 +207,11 @@
 <label class="strong">Default visibility when creating a new repository</label>
 <fieldset>
   <label class="radio">
-    <input type="radio" name="isCreateRepoOptionPublic" value="true"@if(context.settings.isCreateRepoOptionPublic){ checked}>
+    <input type="radio" name="basicBehavior.isCreateRepoOptionPublic" value="true"@if(context.settings.basicBehavior.isCreateRepoOptionPublic){ checked}>
     <span class="strong">Public</span> <span class="normal">- All users and guests can read the repository.</span>
   </label>
   <label class="radio">
-    <input type="radio" name="isCreateRepoOptionPublic" value="false"@if(!context.settings.isCreateRepoOptionPublic){ checked}>
+    <input type="radio" name="basicBehavior.isCreateRepoOptionPublic" value="false"@if(!context.settings.basicBehavior.isCreateRepoOptionPublic){ checked}>
     <span class="strong">Private</span> <span class="normal">- Only collaborators can read the repository.</span>
   </label>
 </fieldset>
@@ -207,11 +222,11 @@
 <label class="strong">Anonymous access</label>
 <fieldset>
   <label class="radio">
-    <input type="radio" name="allowAnonymousAccess" value="true"@if(context.settings.allowAnonymousAccess){ checked}>
+    <input type="radio" name="basicBehavior.allowAnonymousAccess" value="true"@if(context.settings.basicBehavior.allowAnonymousAccess){ checked}>
     <span class="strong">Allow</span> <span class="normal">- Anyone can view public repositories and user/group profiles.</span>
   </label>
   <label class="radio">
-    <input type="radio" name="allowAnonymousAccess" value="false"@if(!context.settings.allowAnonymousAccess){ checked}>
+    <input type="radio" name="basicBehavior.allowAnonymousAccess" value="false"@if(!context.settings.basicBehavior.allowAnonymousAccess){ checked}>
     <span class="strong">Deny</span> <span class="normal">- Users must authenticate before viewing any information.</span>
   </label>
 </fieldset>
@@ -272,11 +287,11 @@
 <label><span class="strong">Show repositories in sidebar</span></label>
 <fieldset>
   <label class="radio">
-    <input type="radio" name="limitVisibleRepositories" value="false"@if(!context.settings.limitVisibleRepositories){ checked}>
+    <input type="radio" name="basicBehavior.limitVisibleRepositories" value="false"@if(!context.settings.basicBehavior.limitVisibleRepositories){ checked}>
     <span class="strong">All</span> <span class="normal">- Show all visible repositories in sidebar.</span>
   </label>
   <label class="radio">
-    <input type="radio" name="limitVisibleRepositories" value="true"@if(context.settings.limitVisibleRepositories){ checked}>
+    <input type="radio" name="basicBehavior.limitVisibleRepositories" value="true"@if(context.settings.basicBehavior.limitVisibleRepositories){ checked}>
     <span class="strong">Limited</span> <span class="normal">- Show only owned repositories in sidebar.</span>
   </label>
 </fieldset>

src/main/twirl/gitbucket/core/dashboard/issueslist.scala.html

@@ -17,7 +17,7 @@
     </tr>
   </thead>
   <tbody>
-    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId), status) =>
+    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId, assignedUserNames), status) =>
       <tr>
         <td style="padding-top: 12px; padding-bottom: 12px;">
           <a href="@context.path/@issue.userName/@issue.repositoryName">@issue.userName/@issue.repositoryName</a>&nbsp;&#xFF65;
@@ -33,7 +33,7 @@
             <span class="label-color small" style="background-color: #@label.color; color: #@label.fontColor; padding-left: 4px; padding-right: 4px">@label.labelName</span>
           }
           <span class="pull-right muted">
-            @issue.assignedUserName.map { userName =>
+            @assignedUserNames.map { userName =>
               @helpers.avatar(userName, 20, tooltip = true)
             }
             @if(commentCount > 0){

src/main/twirl/gitbucket/core/helper/activities.scala.html

@@ -24,57 +24,15 @@
         case "create_tag"          => simpleActivity(activity)
         case "delete_tag"          => simpleActivity(activity)
         case "fork"                => simpleActivity(activity)
-        case "push"  => customActivity(activity){
+        case "push"                => pushActivity(activity)
-          <div class="small activity-message">
+        case "create_wiki"         => createWikiActivity(activity)
-            {activity.additionalInfo.get.split("\n").reverse.take(4).zipWithIndex.map{ case (commit, i) =>
+        case "edit_wiki"           => editWikiActivity(activity)
-              if(i == 3){
+        case "delete_wiki"         => simpleActivity(activity)
-                <div>...</div>
-              } else {
-                if(commit.nonEmpty){
-                  <div>
-                     <a href={s"${context.path}/${activity.userName}/${activity.repositoryName}/commit/${commit. substring(0, 40)}"} class="monospace">{commit.substring(0, 7)}</a>
-                     <span>{commit.substring(41)}</span>
-                  </div>
-                }
-              }
-            }}
-          </div>
-        }
-        case "create_wiki" => customActivity(activity){
-          <div class="small activity-message">
-            Created <a href={s"${context.path}/${activity.userName}/${activity.repositoryName}/wiki/${activity.additionalInfo.get}"}>{activity.additionalInfo.get}</a>.
-          </div>
-        }
-        case "edit_wiki" => customActivity(activity){
-          activity.additionalInfo.get.split(":") match {
-            case Array(pageName, commitId) =>
-              <div class="small activity-message">
-                Edited <a href={s"${context.path}/${activity.userName}/${activity.repositoryName}/wiki/${pageName}"}>{pageName}</a>.
-                <a href={s"${context.path}/${activity.userName}/${activity.repositoryName}/wiki/${pageName}/_compare/${commitId.substring(0, 7)}^...${commitId.substring(0, 7)}"}>View the diff »</a>
-              </div>
-            case Array(pageName) =>
-              <div class="small activity-message">
-                Edited <a href={s"${context.path}/${activity.userName}/${activity.repositoryName}/wiki/${pageName}"}>{pageName}</a>.
-              </div>
-          }
-        }
-        case "delete_wiki" => simpleActivity(activity)
       })
     </div>
   }
 }
 
-@customActivity(activity: gitbucket.core.model.Activity)(additionalInfo: Any) = {
-  <div>
-    <div class="muted small">@gitbucket.core.helper.html.datetimeago(activity.activityDate)</div>
-    <div class="strong">
-      @helpers.avatarLink(activity.activityUserName, 16)
-      @helpers.activityMessage(activity.message)
-    </div>
-    @additionalInfo
-  </div>
-}
-
 @simpleActivity(activity: gitbucket.core.model.Activity) = {
   <div>
     <span class="muted small">@gitbucket.core.helper.html.datetimeago(activity.activityDate)</span>
@@ -85,3 +43,66 @@
   </div>
 }
 
+@pushActivity(activity: gitbucket.core.model.Activity) = {
+  <div>
+    <div class="muted small">@gitbucket.core.helper.html.datetimeago(activity.activityDate)</div>
+    <div class="strong">
+      @helpers.avatarLink(activity.activityUserName, 16)
+      @helpers.activityMessage(activity.message)
+    </div>
+    <div class="small activity-message">
+      @activity.additionalInfo.get.split("\n").reverse.take(4).zipWithIndex.map { case (commit, i) =>
+        @if(i == 3){
+          <div>...</div>
+        } else {
+          @if(commit.nonEmpty){
+            <div>
+              <a href="@{context.path}/@{activity.userName}/@{activity.repositoryName}/commit/@{commit. substring(0, 40)}" class="monospace">@{commit.substring(0, 7)}</a>
+              <span>@{commit.substring(41)}</span>
+           </div>
+          }
+        }
+      }
+    </div>
+  </div>
+}
+
+@createWikiActivity(activity: gitbucket.core.model.Activity) = {
+  <div>
+    <div class="muted small">@gitbucket.core.helper.html.datetimeago(activity.activityDate)</div>
+    <div class="strong">
+      @helpers.avatarLink(activity.activityUserName, 16)
+      @helpers.activityMessage(activity.message)
+    </div>
+    <div class="small activity-message">
+      Created <a href="@{context.path}/@{activity.userName}/@{activity.repositoryName}/wiki/@{activity.additionalInfo}">@{activity.additionalInfo}</a>.
+    </div>
+  </div>
+}
+
+@editWikiActivity(activity: gitbucket.core.model.Activity) = {
+  <div>
+    <div class="muted small">@gitbucket.core.helper.html.datetimeago(activity.activityDate)</div>
+    <div class="strong">
+      @helpers.avatarLink(activity.activityUserName, 16)
+      @helpers.activityMessage(activity.message)
+    </div>
+    @defining(activity.additionalInfo.get.split(":")){ additionalInfo =>
+      @if(additionalInfo.length == 2) {
+        @defining((additionalInfo(0), additionalInfo(1))) { case (pageName, commitId) =>
+          <div class="small activity-message">
+            Edited <a href="@{context.path}/@{activity.userName}/@{activity.repositoryName}/wiki/@pageName">@pageName</a>.
+            <a href="@{context.path}/@{activity.userName}/@{activity.repositoryName}/wiki/@{pageName}/_compare/@{commitId.substring(0, 7)}^...@{commitId.substring(0, 7)}">View the diff »</a>
+          </div>
+        }
+      }
+      @if(additionalInfo.length == 1) {
+        @defining(additionalInfo(0)) { pageName =>
+          <div class="small activity-message">
+            Edited <a href="@{context.path}/@{activity.userName}/@{activity.repositoryName}/wiki/@{pageName}">@pageName</a>.
+          </div>
+        }
+      }
+    }
+  </div>
+}

src/main/twirl/gitbucket/core/issues/commentlist.scala.html

@@ -200,7 +200,7 @@
             <span class="discussion-item-icon"><i class="octicon octicon-tag"></i></span>
             @helpers.avatarLink(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            add the <code>@comment.content</code> label
+            added the <code>@comment.content</code> label
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
@@ -222,7 +222,7 @@
             <span class="discussion-item-icon"><i class="octicon octicon-flame"></i></span>
             @helpers.avatarLink(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            change priority from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
+            changed priority from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
@@ -233,18 +233,40 @@
             <span class="discussion-item-icon"><i class="octicon octicon-milestone"></i></span>
             @helpers.avatarLink(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            change milestone from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
+            changed milestone from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
       }
-      case "assign" => {
+      case "assign" => { @* for backward compatibility *@
         <div class="discussion-item discussion-item-assign">
           <div class="discussion-item-header">
             <span class="discussion-item-icon"><i class="octicon octicon-person"></i></span>
             @helpers.avatarLink(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            change assignee from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
+            changed assignee from <code>@comment.content.split(":")(0)</code> to <code>@comment.content.split(":")(1)</code>
+            @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
+          </div>
+        </div>
+      }
+      case "add_assignee" => {
+        <div class="discussion-item discussion-item-assign">
+          <div class="discussion-item-header">
+            <span class="discussion-item-icon"><i class="octicon octicon-person"></i></span>
+            @helpers.avatarLink(comment.commentedUserName, 16)
+            @helpers.user(comment.commentedUserName, styleClass="username strong")
+            assigned <code>@comment.content</code>
+            @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
+          </div>
+        </div>
+      }
+      case "delete_assignee" => {
+        <div class="discussion-item discussion-item-assign">
+          <div class="discussion-item-header">
+            <span class="discussion-item-icon"><i class="octicon octicon-person"></i></span>
+            @helpers.avatarLink(comment.commentedUserName, 16)
+            @helpers.user(comment.commentedUserName, styleClass="username strong")
+            unassigned <code>@comment.content</code></code>
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
@@ -255,7 +277,7 @@
             <span class="discussion-item-icon"><i class="octicon octicon-pencil"></i></span>
             @helpers.avatar(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            change title from <code>@convertLineSeparator(comment.content, "LF").split("\n")(0)</code> to <code>@convertLineSeparator(comment.content, "LF").split("\n")(1)</code>
+            changed title from <code>@convertLineSeparator(comment.content, "LF").split("\n")(0)</code> to <code>@convertLineSeparator(comment.content, "LF").split("\n")(1)</code>
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
@@ -266,7 +288,7 @@
             <span class="discussion-item-icon"><i class="octicon octicon-pencil"></i></span>
             @helpers.avatar(comment.commentedUserName, 16)
             @helpers.user(comment.commentedUserName, styleClass="username strong")
-            change base branch from <code>@convertLineSeparator(comment.content, "LF").split("\n")(0)</code> to <code>@convertLineSeparator(comment.content, "LF").split("\n")(1)</code>
+            changed base branch from <code>@convertLineSeparator(comment.content, "LF").split("\n")(0)</code> to <code>@convertLineSeparator(comment.content, "LF").split("\n")(1)</code>
             @gitbucket.core.helper.html.datetimeago(comment.registeredDate)
           </div>
         </div>
@@ -328,9 +350,9 @@
 $(function(){
 @if(issue.isDefined){
   $('.issue-comment-box i.octicon-pencil').click(function(){
-    var id  = $(this).closest('a').data('comment-id');
+    let id  = $(this).closest('a').data('comment-id');
-    var url = '@helpers.url(repository)/issue_comments/_data/' + id;
+    let url = '@helpers.url(repository)/issue_comments/_data/' + id;
-    var $content = $('#commentContent-' + id);
+    let $content = $('#commentContent-' + id);
 
     if(!id){
       id  = $(this).closest('a').data('issue-id');
@@ -345,7 +367,7 @@ $(function(){
   });
   $('.issue-comment-box i.octicon-x').click(function(){
     if(confirm('Are you sure you want to delete this?')) {
-      var id = $(this).closest('a').data('comment-id');
+      const id = $(this).closest('a').data('comment-id');
       $.post('@helpers.url(repository)/issue_comments/delete/' + id, function(data){
         if(data > 0) {
           $('#comment-' + id).remove();
@@ -356,9 +378,9 @@ $(function(){
   });
 }
   $(document).on('click', '.commit-comment-box i.octicon-pencil', function(){
-    var id  = $(this).closest('a').data('comment-id');
+    const id  = $(this).closest('a').data('comment-id');
-    var url = '@helpers.url(repository)/commit_comments/_data/' + id;
+    const url = '@helpers.url(repository)/commit_comments/_data/' + id;
-    var $content = $('.commit-commentContent-' + id, $(this).closest('.commit-comment-box'));
+    const $content = $('.commit-commentContent-' + id, $(this).closest('.commit-comment-box'));
 
     $.get(url, { dataType : 'html' }, function(data){
       $content.empty().html(data);
@@ -369,14 +391,14 @@ $(function(){
 
   $(document).on('click', '.commit-comment-box i.octicon-x', function(){
     if(confirm('Are you sure you want to delete this?')) {
-      var id = $(this).closest('a').data('comment-id');
+      const id = $(this).closest('a').data('comment-id');
       $.post('@helpers.url(repository)/commit_comments/delete/' + id,
       function(data){
         if(data > 0) {
-          var comment = $('.commit-comment-' + id);
+          const comment = $('.commit-comment-' + id);
 
           // diff view
-          var tr = comment.closest('.not-diff');
+          const tr = comment.closest('.not-diff');
           if(tr.length > 0){
             if(tr.prev('.not-diff').length == 0){
               tr.next('.not-diff:has(.reply-comment)').remove();
@@ -385,7 +407,7 @@ $(function(){
           }
 
           // comment list view
-          var panel = comment.closest('div.panel:has(.commit-comment-box)');
+          const panel = comment.closest('div.panel:has(.commit-comment-box)');
           if(panel.length > 0){
             comment.parent('.commit-comment-box').remove();
             if(panel.has('.commit-comment-box').length == 0){
@@ -401,7 +423,7 @@ $(function(){
   });
 
   $('div[class*=commit-commentContent-]').on('click', ':checkbox', function(ev){
-    var $commentContent = $(ev.target).parents('div[class*=commit-commentContent-]'),
+    const $commentContent = $(ev.target).parents('div[class*=commit-commentContent-]'),
         commentId = $commentContent.attr('class').match(/commit-commentContent-.+/)[0].replace(/commit-commentContent-/, ''),
         checkboxes = $commentContent.find(':checkbox');
     $.get('@helpers.url(repository)/commit_comments/_data/' + commentId, { dataType : 'html' },
@@ -421,9 +443,9 @@ $(function(){
     );
   });
 
-  @if(issue.isDefined){
+@if(issue.isDefined){
   $('#issueContent').on('click', ':checkbox', function(ev){
-    var checkboxes = $('#issueContent :checkbox');
+    const checkboxes = $('#issueContent :checkbox');
     $.get('@helpers.url(repository)/issues/_data/@issue.get.issueId', { dataType : 'html' },
       function(responseContent){
         $.ajax({
@@ -439,7 +461,7 @@ $(function(){
   });
 
   $('div[id^=commentContent-]').on('click', ':checkbox', function(ev){
-    var $commentContent = $(ev.target).parents('div[id^=commentContent-]'),
+    const $commentContent = $(ev.target).parents('div[id^=commentContent-]'),
         commentId = $commentContent.attr('id').replace(/commentContent-/, ''),
         checkboxes = $commentContent.find(':checkbox');
     $.get('@helpers.url(repository)/issue_comments/_data/' + commentId, { dataType : 'html' },
@@ -455,9 +477,7 @@ $(function(){
       }
     );
   });
-
+}
-  }
-
 });
 </script>
 }

src/main/twirl/gitbucket/core/issues/create.scala.html

@@ -3,6 +3,7 @@
   priorities: List[gitbucket.core.model.Priority],
   defaultPriority: Option[gitbucket.core.model.Priority],
   labels: List[gitbucket.core.model.Label],
+  customFields: List[gitbucket.core.model.CustomField],
   isManageable: Boolean,
   content: String,
   repository: gitbucket.core.service.RepositoryService.RepositoryInfo)(implicit context: gitbucket.core.controller.Context)
@@ -27,13 +28,37 @@
             elastic            = true
           )
           <div class="align-right">
-            <input type="submit" class="btn btn-success" value="Submit new issue"/>
+            <input type="submit" class="btn btn-success" value="Submit new issue" onclick="javascript:return checkCustomFieldErrors();"/>
           </div>
         </div>
         <div class="col-md-3">
-          @gitbucket.core.issues.html.issueinfo(None, Nil, Nil, collaborators, milestones.map(x => (x, 0, 0)), priorities, defaultPriority, labels, isManageable, repository)
+          @gitbucket.core.issues.html.issueinfo(
+            issue = None,
+            comments = Nil,
+            issueLabels = Nil,
+            issueAssignees = Nil,
+            collaborators = collaborators,
+            milestones = milestones.map(x => (x, 0, 0)),
+            priorities= priorities,
+            defaultPriority = defaultPriority,
+            labels = labels,
+            customFields = customFields.map((_, None)),
+            isManageable = isManageable,
+            repository = repository
+          )
         </div>
       </div>
     </form>
+    <script>
+      function checkCustomFieldErrors() {
+        let error = false;
+        $('.custom-field-error').each(function(i, e) {
+          if ($(e).text() != '') {
+            error = true;
+          }
+        });
+        return !error;
+      }
+    </script>
   }
 }

src/main/twirl/gitbucket/core/issues/issue.scala.html

@@ -1,10 +1,12 @@
 @(issue: gitbucket.core.model.Issue,
   comments: List[gitbucket.core.model.IssueComment],
   issueLabels: List[gitbucket.core.model.Label],
+  issueAssignees: List[gitbucket.core.model.IssueAssignee],
   collaborators: List[String],
   milestones: List[(gitbucket.core.model.Milestone, Int, Int)],
   priorities: List[gitbucket.core.model.Priority],
   labels: List[gitbucket.core.model.Label],
+  customFields: List[(gitbucket.core.model.CustomField, Option[gitbucket.core.model.IssueCustomField])],
   isEditable: Boolean,
   isManageable: Boolean,
   isCommentManageable: Boolean,
@@ -56,7 +58,20 @@
         @gitbucket.core.issues.html.commentform(issue, true, isEditable, isManageable, repository)
       </div>
       <div class="col-md-3">
-        @gitbucket.core.issues.html.issueinfo(Some(issue), comments, issueLabels, collaborators, milestones, priorities, None, labels, isManageable, repository)
+        @gitbucket.core.issues.html.issueinfo(
+          issue = Some(issue),
+          comments = comments,
+          issueLabels = issueLabels,
+          issueAssignees = issueAssignees,
+          collaborators = collaborators,
+          milestones = milestones,
+          priorities = priorities,
+          defaultPriority = None,
+          labels = labels,
+          customFields = customFields,
+          isManageable = isManageable,
+          repository = repository
+        )
       </div>
     </div>
   }

src/main/twirl/gitbucket/core/issues/issueinfo.scala.html

@@ -1,11 +1,14 @@
+@import org.json4s.scalap.scalasig.ClassFileParser.field
 @(issue: Option[gitbucket.core.model.Issue],
   comments: List[gitbucket.core.model.Comment],
   issueLabels: List[gitbucket.core.model.Label],
+  issueAssignees: List[gitbucket.core.model.IssueAssignee],
   collaborators: List[String],
   milestones: List[(gitbucket.core.model.Milestone, Int, Int)],
   priorities: List[gitbucket.core.model.Priority],
   defaultPriority: Option[gitbucket.core.model.Priority],
   labels: List[gitbucket.core.model.Label],
+  customFields: List[(gitbucket.core.model.CustomField, Option[gitbucket.core.model.IssueCustomField])],
   isManageable: Boolean,
   repository: gitbucket.core.service.RepositoryService.RepositoryInfo)(implicit context: gitbucket.core.controller.Context)
 @import gitbucket.core.view.helpers
@@ -125,11 +128,10 @@
   @if(isManageable){
     <div class="pull-right">
       @gitbucket.core.helper.html.dropdown("Edit", right = true, filter = ("assignee", "Filter Assignee")) {
-        <li><a href="javascript:void(0);" class="assign" data-name=""><i class="octicon octicon-x"></i> Clear assignee</a></li>
         @collaborators.map { collaborator =>
           <li>
-            <a href="javascript:void(0);" class="assign" data-name="@collaborator">
+            <a href="javascript:void(0);" class="toggle-assign" data-name="@collaborator">
-              @gitbucket.core.helper.html.checkicon(issue.exists(_.assignedUserName.exists(_ == collaborator)))@helpers.avatar(collaborator, 20) @collaborator
+              @gitbucket.core.helper.html.checkicon(issueAssignees.exists(_.assigneeUserName == collaborator))@helpers.avatar(collaborator, 20) @collaborator
             </a>
           </li>
         }
@@ -138,15 +140,35 @@
   }
 </div>
 <span id="label-assigned">
-  @issue.flatMap(_.assignedUserName).map { userName =>
+  @issueAssignees.map { asignee =>
-    @helpers.avatarLink(userName, 20) @helpers.user(userName, styleClass="username strong small")
+    <div>@helpers.avatarLink(asignee.assigneeUserName, 20) @helpers.user(asignee.assigneeUserName, styleClass="username strong small")</div>
-  }.getOrElse{
+  }
-    <span class="muted small">No one</span>
+  @if(issueAssignees.isEmpty) {
+    <span class="muted small">No one assigned</span>
   }
 </span>
 @if(issue.isEmpty){
-  <input type="hidden" name="assignedUserName" value=""/>
+  <input type="hidden" name="assigneeUserNames" value=""/>
 }
+
+@customFields.map { case (field, value) =>
+  <hr/>
+  <div style="margin-bottom: 14px;">
+    <span class="muted small strong">@field.fieldName</span>
+    <div class="pull-right">
+      @gitbucket.core.model.CustomFieldBehavior(field.fieldType).map { behavior =>
+        @if(issue.nonEmpty) {
+          @Html(behavior.fieldHtml(repository, issue.get.issueId, field.fieldId, value.map(_.value).getOrElse(""), isManageable))
+        }
+        @if(issue.isEmpty) {
+          @Html(behavior.createHtml(repository, field.fieldId))
+        }
+      }
+    </div>
+  </div>
+  <span id="custom-field-@field.fieldId-error" class="error custom-field-error"></span>
+}
+
 @issue.map { issue =>
   @gitbucket.core.plugin.PluginRegistry().getIssueSidebars.map { sidebarComponent =>
     @sidebarComponent(issue, repository, context)
@@ -167,7 +189,7 @@
 $(function(){
 @issue.map { issue =>
   $('a.toggle-label').click(function(){
-    var path = switchLabel($(this));
+    const path = switchToggleOptions($(this));
     $.post('@helpers.url(repository)/issues/@issue.issueId/label/' + path,
       { labelId : $(this).data('label-id') },
       function(data){
@@ -178,8 +200,8 @@ $(function(){
   });
 
   $('a.milestone').click(function(){
-    var title = $(this).data('title');
+    const title = $(this).data('title');
-    var milestoneId = $(this).data('id');
+    const milestoneId = $(this).data('id');
     $.post('@helpers.url(repository)/issues/@issue.issueId/milestone',
       { milestoneId: milestoneId },
       function(data){
@@ -189,11 +211,11 @@ $(function(){
   });
 
   $('a.priority').click(function(){
-    var priorityName = $(this).data('name');
+    const priorityName = $(this).data('name');
-    var priorityId = $(this).data('id');
+    const priorityId = $(this).data('id');
-    var description = $(this).attr('title');
+    const description = $(this).attr('title');
-    var color = $(this).data('color');
+    const color = $(this).data('color');
-    var fontColor = $(this).data('font-color');
+    const fontColor = $(this).data('font-color');
     $.post('@helpers.url(repository)/issues/@issue.issueId/priority',
       { priorityId: priorityId },
       function(data){
@@ -202,20 +224,26 @@ $(function(){
     );
   });
 
-  $('a.assign').click(function(){
+  $('a.toggle-assign').click(function(){
-    var $this = $(this);
+    const path = switchToggleOptions($(this));
-    var userName = $this.data('name');
+    $.post('@helpers.url(repository)/issues/@issue.issueId/assignee/' + path,
-    $.post('@helpers.url(repository)/issues/@issue.issueId/assign',
+      { assigneeUserName : $(this).data('name') },
-      { assignedUserName: userName },
+      function(data){
-      function(){
+        const assignees = Array();
-        displayAssignee($this, userName);
+        $('a.toggle-assign').each(function(i, e){
+          if($(e).children('i').hasClass('octicon-check') == true){
+            assignees.push($(e).text().trim());
+          }
+        });
+        displayAssignee(assignees);
       }
     );
+    return false;
   });
 }.getOrElse {
   $('a.toggle-label').click(function(){
-    switchLabel($(this));
+    switchToggleOptions($(this));
-    var labelNames = Array();
+    const labelNames = Array();
     $('a.toggle-label').each(function(i, e){
       if($(e).children('i').hasClass('octicon-check') == true){
         labelNames.push($(e).text().trim());
@@ -232,32 +260,37 @@ $(function(){
   });
 
   $('a.milestone').click(function(){
-    var title = $(this).data('title');
+    const title = $(this).data('title');
-    var milestoneId = $(this).data('id');
+    const milestoneId = $(this).data('id');
     displayMilestone(title, milestoneId);
     $('input[name=milestoneId]').val(milestoneId);
   });
 
   $('a.priority').click(function(){
-    var priorityName = $(this).data('name');
+    const priorityName = $(this).data('name');
-    var priorityId = $(this).data('id');
+    const priorityId = $(this).data('id');
-    var description = $(this).attr('title');
+    const description = $(this).attr('title');
-    var color = $(this).data('color');
+    const color = $(this).data('color');
-    var fontColor = $(this).data('font-color');
+    const fontColor = $(this).data('font-color');
     displayPriority(priorityName, priorityId, description, color, fontColor);
     $('input[name=priorityId]').val(priorityId);
   });
 
-  $('a.assign').click(function(){
+  $('a.toggle-assign').click(function(){
-    var $this = $(this);
+    switchToggleOptions($(this));
-    var userName = $this.data('name');
+    const assignees = Array();
-    displayAssignee($this, userName);
+    $('a.toggle-assign').each(function(i, e){
-    $('input[name=assignedUserName]').val(userName);
+      if($(e).children('i').hasClass('octicon-check') == true){
+        assignees.push($(e).text().trim());
+      }
+    });
+    $('input[name=assigneeUserNames]').val(assignees.join(','));
+    displayAssignee(assignees);
   });
 }
 
-  function switchLabel($this){
+  function switchToggleOptions($this){
-    var i = $this.children('i');
+    const i = $this.children('i');
     if(i.hasClass('octicon-check')){
       i.removeClass('octicon-check');
       return 'delete';
@@ -299,15 +332,18 @@ $(function(){
     }
   }
 
-  function displayAssignee($this, userName){
+  function displayAssignee(assignees){
     $('a.assign i.octicon-check').removeClass('octicon-check');
-    if(userName == ''){
+    if(assignees.length == 0){
-      $('#label-assigned').html($('<span class="muted small">').text('No one'));
+      $('#label-assigned').html($('<span class="muted small">').text('No one assigned'));
     } else {
-      $('#label-assigned').empty()
+      $('#label-assigned').empty();
-        .append($this.find('img.avatar-mini').clone(false)).append(' ')
+      for (const userName of assignees) {
-        .append($('<a class="username strong small">').attr('href', '@context.path/' + userName).text(userName));
+        $('#label-assigned').append($('<div>').append(
-      $('a.assign[data-name=' + jqSelectorEscape(userName.toString()) + '] i').addClass('octicon-check');
+            $('a.toggle-assign').parent().find("img.avatar-mini[alt='@@" + userName + "']").clone(false),
+            ' ',
+            $('<a class="username strong small">').attr('href', '@context.path/' + userName).text(userName)));
+      }
     }
   }
 });

src/main/twirl/gitbucket/core/issues/listparts.scala.html

@@ -206,7 +206,7 @@
         </td>
       </tr>
     }
-    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId), status) =>
+    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId, assignedUserNames), status) =>
       <tr>
         <td style="padding-top: 12px; padding-bottom: 12px;">
           @if(isManageable){
@@ -230,7 +230,7 @@
             <span class="label-color small" style="background-color: #@label.color; color: #@label.fontColor; padding-left: 4px; padding-right: 4px">@label.labelName</span>
           }
           <span class="pull-right small">
-            @issue.assignedUserName.map { userName =>
+            @assignedUserNames.map { userName =>
               @helpers.avatar(userName, 20, tooltip = true)
             }
             @if(commentCount > 0){

src/main/twirl/gitbucket/core/issues/milestones/listparts.scala.html

@@ -62,7 +62,7 @@
         </td>
       </tr>
     }
-    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId), status) =>
+    @issues.map { case (IssueInfo(issue, labels, milestone, priority, commentCount, commitId, assignedUserNames), status) =>
       <tr>
         <td style="padding-top: 12px; padding-bottom: 12px;">
           @if(isManageable){
@@ -90,7 +90,7 @@
             <span class="label-color small" style="background-color: #@label.color; color: #@label.fontColor; padding-left: 4px; padding-right: 4px">@label.labelName</span>
           }
           <span class="pull-right small">
-            @issue.assignedUserName.map { userName =>
+            @assignedUserNames.map { userName =>
               @helpers.avatar(userName, 20, tooltip = true)
             }
             @if(commentCount > 0){

src/main/twirl/gitbucket/core/main.scala.html

@@ -73,27 +73,27 @@
         </a>
         <nav class="navbar navbar-static-top" role="navigation">
           <!-- Sidebar toggle button-->
-          @if(body.toString.contains("main-sidebar")){
+          @if(body.toString.contains("main-sidebar")) {
             <a href="#" class="sidebar-toggle" data-toggle="push-menu" role="button" title="Toggle navigation">
               <span class="sr-only">Toggle navigation</span>
             </a>
           }
-          <form id="search" action="@context.path/search" method="GET" class="pc navbar-form navbar-left" role="search">
+          @if(!(context.loginAccount.isEmpty && !context.settings.basicBehavior.allowAnonymousAccess)) {
-            <div class="form-group">
+            <form id="search" action="@context.path/search" method="GET" class="pc navbar-form navbar-left" role="search">
-              <input type="text" name="query" id="navbar-search-input" class="form-control" placeholder="Find a repository" aria-label="Search"/>
+              <div class="form-group">
-            </div>
+                <input type="text" name="query" id="navbar-search-input" class="form-control" placeholder="Find a repository" aria-label="Search"/>
-          </form>
+              </div>
-          <ul class="pc nav navbar-nav">
+            </form>
-            @if(context.loginAccount.isDefined){
+            <ul class="pc nav navbar-nav">
               <li><a href="@context.path/dashboard/pulls">Pull requests</a></li>
               <li><a href="@context.path/dashboard/issues">Issues</a></li>
-            }
+              @gitbucket.core.plugin.PluginRegistry().getGlobalMenus.map { menu =>
-            @gitbucket.core.plugin.PluginRegistry().getGlobalMenus.map { menu =>
+                @menu(context).map { link =>
-              @menu(context).map { link =>
+                  <li><a href="@context.path/@link.path">@link.label</a></li>
-                <li><a href="@context.path/@link.path">@link.label</a></li>
+                }
               }
-            }
+            </ul>
-          </ul>
+          }
           <div class="navbar-custom-menu">
             <ul class="nav navbar-nav">
               @if(context.loginAccount.isDefined){
@@ -104,7 +104,7 @@
                   <ul class="dropdown-menu pull-right" style="width: auto;">
                     <li>
                       <ul class="menu">
-                        @if(context.settings.repositoryOperation.create || context.loginAccount.get.isAdmin){
+                        @if(context.settings.basicBehavior.repositoryOperation.create || context.loginAccount.get.isAdmin){
                           <li><a href="@context.path/new">New repository</a></li>
                         }
                         <li><a href="@context.path/groups/new">New group</a></li>

src/main/twirl/gitbucket/core/menu.scala.html

@@ -75,7 +75,7 @@
             @gitbucket.core.plugin.PluginRegistry().getRepositoryHeaders.map { repositoryHeaderComponent =>
               @repositoryHeaderComponent(repository, context)
             }
-            @if(repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || context.loginAccount.map(_.isAdmin).getOrElse(false))) {
+            @if(repository.repository.options.allowFork && (context.settings.basicBehavior.repositoryOperation.fork || context.loginAccount.map(_.isAdmin).getOrElse(false))) {
               @if(context.loginAccount.isEmpty){
                 <a class="btn btn-default btn-sm" href="@context.path/signin?redirect=@helpers.urlEncode(s"${context.path}/${repository.owner}/${repository.name}")">
                   <span class="strong"><i class="octicon octicon-repo-forked"></i>Fork</span><span class="muted">: @repository.forkedCount</span>

src/main/twirl/gitbucket/core/pulls/compare.scala.html

@@ -16,7 +16,8 @@
   milestones: List[gitbucket.core.model.Milestone],
   priorities: List[gitbucket.core.model.Priority],
   defaultPriority: Option[gitbucket.core.model.Priority],
-  labels: List[gitbucket.core.model.Label])(implicit context: gitbucket.core.controller.Context)
+  labels: List[gitbucket.core.model.Label],
+  customFields: List[gitbucket.core.model.CustomField])(implicit context: gitbucket.core.controller.Context)
 @import gitbucket.core.view.helpers
 @gitbucket.core.html.main(s"Pull requests - ${repository.owner}/${repository.name}", Some(repository)){
   @gitbucket.core.html.menu("pulls", repository){
@@ -101,7 +102,20 @@
               </div>
             </div>
             <div class="col-md-3">
-              @gitbucket.core.issues.html.issueinfo(None, Nil, Nil, collaborators, milestones.map((_, 0, 0)), priorities, defaultPriority, labels, hasOriginWritePermission, repository)
+              @gitbucket.core.issues.html.issueinfo(
+                issue = None,
+                comments = Nil,
+                issueLabels = Nil,
+                issueAssignees = Nil,
+                collaborators = collaborators,
+                milestones = milestones.map((_, 0, 0)),
+                priorities = priorities,
+                defaultPriority = defaultPriority,
+                labels = labels,
+                customFields = customFields.map((_, None)),
+                isManageable = hasOriginWritePermission,
+                repository = repository
+              )
             </div>
           </div>
         </form>

src/main/twirl/gitbucket/core/pulls/conversation.scala.html

@@ -4,10 +4,12 @@
   comments: Seq[gitbucket.core.model.Comment],
   changedFileSize: Int,
   issueLabels: List[gitbucket.core.model.Label],
+  issueAsignees: List[gitbucket.core.model.IssueAssignee],
   collaborators: List[String],
   milestones: List[(gitbucket.core.model.Milestone, Int, Int)],
   priorities: List[gitbucket.core.model.Priority],
   labels: List[gitbucket.core.model.Label],
+  customFields: List[(gitbucket.core.model.CustomField, Option[gitbucket.core.model.IssueCustomField])],
   isEditable: Boolean,
   isManageable: Boolean,
   isManageableForkedRepository: Boolean,
@@ -50,7 +52,20 @@
     }
   </div>
   <div class="col-md-3">
-    @gitbucket.core.issues.html.issueinfo(Some(issue), comments.toList, issueLabels, collaborators, milestones, priorities, None, labels, isManageable, repository)
+    @gitbucket.core.issues.html.issueinfo(
+      Some(issue),
+      comments.toList,
+      issueLabels,
+      issueAsignees,
+      collaborators,
+      milestones,
+      priorities,
+      None,
+      labels,
+      customFields,
+      isManageable,
+      repository
+    )
   </div>
   <script>
   $(function(){

src/main/twirl/gitbucket/core/repo/commentform.scala.html

@@ -55,10 +55,10 @@
       });
 
       @if(newLineNumber.isDefined){
-        var diff = getDiffData($('table[filename="@fileName"] table.diff tr:has(th.line-num.newline[line-number=@newLineNumber])'));
+        var diff = getDiffData($('table[filename="@fileName"] table.diff tr:has(th.line-num.newline[line-number="@newLineNumber"])'));
         param['diff'] = JSON.stringify(diff);
       } else if(oldLineNumber.isDefined){
-        var diff = getDiffData($('table[filename="@fileName"] table.diff tr:has(th.line-num.oldline[line-number=@oldLineNumber])'));
+        var diff = getDiffData($('table[filename="@fileName"] table.diff tr:has(th.line-num.oldline[line-number="@oldLineNumber"])'));
         param['diff'] = JSON.stringify(diff);
       }
 

src/main/twirl/gitbucket/core/settings/danger.scala.html

@@ -16,7 +16,7 @@
               </div>
             </fieldset>
           </form>
-          @if(context.settings.repositoryOperation.rename || context.loginAccount.get.isAdmin){
+          @if(context.settings.basicBehavior.repositoryOperation.rename || context.loginAccount.get.isAdmin){
             <form id="rename-form" method="post" action="@helpers.url(repository)/settings/rename" validate="true" autocomplete="off">
               <fieldset class="border-top form-group">
                 <label class="strong">Rename repository</label>
@@ -33,7 +33,7 @@
               </fieldset>
             </form>
           }
-          @if(context.settings.repositoryOperation.transfer || context.loginAccount.get.isAdmin){
+          @if(context.settings.basicBehavior.repositoryOperation.transfer || context.loginAccount.get.isAdmin){
             <form id="transfer-form" method="post" action="@helpers.url(repository)/settings/transfer" validate="true" autocomplete="off">
               <fieldset class="border-top form-group">
                 <label class="strong">Transfer Ownership</label>
@@ -50,7 +50,7 @@
               </fieldset>
             </form>
           }
-          @if(context.settings.repositoryOperation.delete || context.loginAccount.get.isAdmin){
+          @if(context.settings.basicBehavior.repositoryOperation.delete || context.loginAccount.get.isAdmin){
             <form id="delete-form" method="post" action="@helpers.url(repository)/settings/delete">
               <fieldset class="border-top form-group">
                 <label class="strong">Delete repository</label>

src/main/twirl/gitbucket/core/settings/issues.scala.html

@@ -0,0 +1,55 @@
+@(customFields: List[gitbucket.core.model.CustomField],
+  repository: gitbucket.core.service.RepositoryService.RepositoryInfo)(implicit context: gitbucket.core.controller.Context)
+@import gitbucket.core.view.helpers
+@gitbucket.core.html.main("Issues", Some(repository)) {
+  @gitbucket.core.html.menu("settings", repository) {
+    @gitbucket.core.settings.html.menu("issues", repository) {
+      <div class="pull-right" style="margin-bottom: 10px;">
+        <a class="btn btn-success" href="javascript:void(0);" id="new-field-button">New field</a>
+      </div>
+      <table class="table table-bordered table-hover table-issues" id="new-field-table" style="display: none;">
+        <tr><td></td></tr>
+      </table>
+      <table class="table table-bordered table-hover">
+        <tr id="field-row-header">
+          <th>@customFields.size custom fields</th>
+        </tr>
+        @customFields.map { customField =>
+          @gitbucket.core.settings.html.issuesfield(customField)
+        }
+      </table>
+    }
+  }
+}
+<script>
+$(function(){
+  $('#new-field-button').click(function(e){
+    if($('#edit-field-area-new').length != 0){
+      $('div#edit-field-area-new').remove();
+      $('#new-field-table').hide();
+    } else {
+      $.get('@helpers.url(repository)/settings/issues/fields/new',
+        function(data){
+          $('#new-field-table').show().find('tr td').append(data);
+        }
+      );
+    }
+  });
+});
+
+function deleteField(fieldId){
+  if(confirm('Once you delete this field, there is no going back.\nAre you sure?')){
+    $.post('@helpers.url(repository)/settings/issues/fields/' + fieldId + '/delete', function(){
+      $('tr#field-row-' + fieldId).remove();
+    });
+  }
+}
+
+function editField(fieldId){
+  $.get('@helpers.url(repository)/settings/issues/fields/' + fieldId + '/edit',
+    function(data){
+      $('#field-' + fieldId).hide().parent().append(data);
+    }
+  );
+}
+</script>

src/main/twirl/gitbucket/core/settings/issuesfield.scala.html

@@ -0,0 +1,28 @@
+@(customField: gitbucket.core.model.CustomField)
+<tr id="field-row-@customField.fieldId">
+  <td>
+    <div class="row" id="field-@customField.fieldId">
+      <div class="col-md-4 strong">
+        @customField.fieldName
+      </div>
+      <div class="col-md-4">
+        @customField.fieldType
+      </div>
+      <div class="col-md-2">
+        @if(customField.enableForIssues) {
+          Issues &nbsp;&nbsp;
+        }
+        @if(customField.enableForPullRequests) {
+          Pull requests
+        }
+      </div>
+      <div class="col-md-2">
+        <div class="pull-right">
+          <a href="javascript:void(0);" onclick="editField(@customField.fieldId)">Edit</a>
+            &nbsp;&nbsp;
+          <a href="javascript:void(0);" onclick="deleteField(@customField.fieldId)">Delete</a>
+        </div>
+      </div>
+    </div>
+  </td>
+</tr>

src/main/twirl/gitbucket/core/settings/issuesfieldform.scala.html

@@ -0,0 +1,66 @@
+@(field: Option[gitbucket.core.model.CustomField],
+  repository: gitbucket.core.service.RepositoryService.RepositoryInfo)(implicit context: gitbucket.core.controller.Context)
+@import gitbucket.core.view.helpers
+@defining(field.map(_.fieldId).getOrElse("new")){ fieldId =>
+  <div id="edit-field-area-@fieldId">
+    <form class="form-inline" autocomplete="off">
+      <input type="text" id="fieldName-@fieldId" style="width: 300px; float: left; margin-right: 4px;" class="form-control input-sm" value="@field.map(_.fieldName)"@if(fieldId == "new"){ placeholder="New field name"}/>
+      <select id="fieldType-@fieldId" class="form-control input-sm">
+        <option value="long" @if(field.map(_.fieldType == "long").getOrElse(false)){selected}>Long</option>
+        <option value="double" @if(field.map(_.fieldType == "double").getOrElse(false)){selected}>Double</option>
+        <option value="string" @if(field.map(_.fieldType == "string").getOrElse(false)){selected}>String</option>
+        <option value="date" @if(field.map(_.fieldType == "date").getOrElse(false)){selected}>Date</option>
+      </select>
+      <label for="enableForIssues-@fieldId" class="normal" style="margin-left: 4px;">
+        <input type="checkbox" id="enableForIssues-@fieldId" @if(field.map(_.enableForIssues).getOrElse(false)){checked}> Issues
+      </label>
+      <label for="enableForPullRequests-@fieldId" class="normal" style="margin-left: 4px;">
+        <input type="checkbox" id="enableForPullRequests-@fieldId" @if(field.map(_.enableForPullRequests).getOrElse(false)){checked}> Pull requests
+      </label>
+      <span class="pull-right">
+        <span id="field-error-@fieldId" class="error"></span>
+        <input type="button" id="cancel-@fieldId" class="btn btn-sm btn-default field-edit-cancel" value="Cancel">
+        <input type="button" id="submit-@fieldId" class="btn btn-sm btn-success" style="margin-bottom: 0px;" value="@(if(fieldId == "new") "Create field"  else "Save changes")"/>
+      </span>
+    </form>
+  </div>
+  <script>
+  $(function(){
+    $('#submit-@fieldId').click(function(e){
+      $.post('@helpers.url(repository)/settings/issues/fields/@{if(fieldId == "new") "new" else s"$fieldId/edit"}', {
+        'fieldName' : $('#fieldName-@fieldId').val(),
+        'fieldType': $('#fieldType-@fieldId option:selected').val(),
+        'enableForIssues': $('#enableForIssues-@fieldId').prop('checked'),
+        'enableForPullRequests': $('#enableForPullRequests-@fieldId').prop('checked')
+      }, function(data, status){
+        $('div#edit-field-area-@fieldId').remove();
+        @if(fieldId == "new"){
+          $('#new-field-table').hide();
+          // Insert row into the top of table
+          $('#field-row-header').after(data);
+        } else {
+          // Replace table row
+          $('#field-row-@fieldId').after(data).remove();
+        }
+      }).fail(function(xhr, status, error){
+        const errors = JSON.parse(xhr.responseText);
+        if(errors.fieldName){
+          $('span#field-error-@fieldId').text(errors.fieldName);
+        } else {
+          $('span#field-error-@fieldId').text('error');
+        }
+      });
+      return false;
+    });
+
+    $('#cancel-@fieldId').click(function(e){
+      $('div#edit-field-area-@fieldId').remove();
+      @if(fieldId == "new"){
+        $('#new-field-table').hide();
+      } else {
+        $('#field-@fieldId').show();
+      }
+    });
+  });
+  </script>
+}

src/main/twirl/gitbucket/core/settings/menu.scala.html

@@ -12,6 +12,9 @@
       <a href="@helpers.url(repository)/settings/branches">Branches</a>
     </li>
   }
+  <li@if(active=="issues"){ class="active"}>
+    <a href="@helpers.url(repository)/settings/issues">Issues</a>
+  </li>
   <li@if(active=="hooks"){ class="active"}>
     <a href="@helpers.url(repository)/settings/hooks">Service Hooks</a>
   </li>

src/main/twirl/gitbucket/core/signin.scala.html

@@ -5,7 +5,7 @@
   <div class="content-wrapper main-center">
     <div class="content body">
       <div class="signin-form">
-        @if(context.settings.allowAnonymousAccess){
+        @if(context.settings.basicBehavior.allowAnonymousAccess){
           @context.settings.information.map { information =>
             <div class="alert alert-info" style="background-color: white; color: #555; border-color: #4183c4; font-size: small; line-height: 120%;">
               <button type="button" class="close" data-dismiss="alert">&times;</button>

src/main/twirl/gitbucket/core/signinform.scala.html

@@ -24,6 +24,9 @@
           <label for="password">Password:</label>
           <span id="error-password" class="error"></span>
           <input type="password" name="password" id="password" class="form-control" value="@password"/>
+          @if(systemSettings.basicBehavior.allowResetPassword){
+            <a href="@context.path/reset">Forgot password?</a>
+          }
         </div>
         <input type="hidden" name="hash"/>
         <div>
@@ -33,12 +36,12 @@
     </li>
   </ul>
 </div>
-@if(systemSettings.allowAccountRegistration){
+@if(systemSettings.basicBehavior.allowAccountRegistration){
   <div class="panel panel-default">
     <ul class="list-group list-group-flush">
       <li class="list-group-item text-center">
-        Don't have an account? <a href="@context.path/register">Create one.</a>
+        <a href="@context.path/register">Create account</a>
       </li>
     </ul>
   </div>
-}
+}

src/main/webapp/assets/common/css/gitbucket.css

@@ -1526,8 +1526,10 @@ div.markdown-body code {
 }
 
 div.markdown-body table {
-  /*width: 100%;*/
+  max-width: 100%;
-  margin-bottom: 20px;
+  width: max-content;
+  overflow: auto;
+  display: block;
 }
 
 div.markdown-body table th,

src/test/scala/gitbucket/core/GitBucketCoreModuleSpec.scala

@@ -31,6 +31,7 @@ class GitBucketCoreModuleSpec extends AnyFunSuite {
       val container = new MySQLContainer() {
         override val container = new org.testcontainers.containers.MySQLContainer(s"mysql:$tag") {
           override def getDriverClassName = "org.mariadb.jdbc.Driver"
+          override def getJdbcUrl: String = super.getJdbcUrl + "?permitMysqlScheme"
         }
         // TODO https://jira.mariadb.org/browse/CONJ-663
         container.withCommand("mysqld --default-authentication-plugin=mysql_native_password")
@@ -38,7 +39,11 @@ class GitBucketCoreModuleSpec extends AnyFunSuite {
       container.start()
       try {
         new Solidbase().migrate(
-          DriverManager.getConnection(s"${container.jdbcUrl}?useSSL=false", container.username, container.password),
+          DriverManager.getConnection(
+            container.jdbcUrl,
+            container.username,
+            container.password
+          ),
           Thread.currentThread().getContextClassLoader(),
           new MySQLDatabase(),
           new Module(GitBucketCoreModule.getModuleId, GitBucketCoreModule.getVersions)

src/test/scala/gitbucket/core/api/ApiIntegrationTest.scala

@@ -156,7 +156,6 @@ class ApiIntegrationTest extends AnyFunSuite {
         val ref = repo.getRef("tags/v1.0")
         assert(ref.getRef == "refs/tags/v1.0")
         assert(ref.getUrl.toString == "http://localhost:19999/api/v3/repos/root/create_status_test/git/refs/tags/v1.0")
-        assert(ref.getObject.getType == "tag")
       }
     }
   }

src/test/scala/gitbucket/core/api/ApiSpecModels.scala

@@ -116,7 +116,6 @@ object ApiSpecModels {
     openedUserName = "bear",
     milestoneId = None,
     priorityId = None,
-    assignedUserName = None,
     title = "Found a bug",
     content = Some("I'm having a problem with this."),
     closed = false,
@@ -226,7 +225,7 @@ object ApiSpecModels {
     issue = issue,
     repositoryName = repo1Name,
     user = apiUser,
-    assignee = Some(apiUser),
+    assignees = List(apiUser),
     labels = List(apiLabel),
     milestone = Some(apiMilestone)
   )
@@ -235,7 +234,7 @@ object ApiSpecModels {
     issue = issue,
     repositoryName = repo1Name,
     user = apiUser,
-    assignee = None,
+    assignees = List.empty,
     labels = List(apiLabel),
     milestone = Some(apiMilestone)
   )
@@ -244,7 +243,7 @@ object ApiSpecModels {
     issue = issuePR,
     repositoryName = repo1Name,
     user = apiUser,
-    assignee = Some(apiUser),
+    assignees = List(apiUser),
     labels = List(apiLabel),
     milestone = Some(apiMilestone)
   )
@@ -272,7 +271,7 @@ object ApiSpecModels {
     baseRepo = apiRepository,
     user = apiUser,
     labels = List(apiLabel),
-    assignee = Some(apiUser),
+    assignees = List(apiUser),
     mergedComment = Some((issueComment, account))
   )
 
@@ -540,7 +539,7 @@ object ApiSpecModels {
        |"number":1347,
        |"title":"Found a bug",
        |"user":$jsonUser,
-       |"assignee":$jsonUser,
+       |"assignees":[$jsonUser],
        |"labels":[$jsonLabel],
        |"state":"open",
        |"created_at":"2011-04-14T16:00:49Z",
@@ -548,7 +547,7 @@ object ApiSpecModels {
        |"body":"I'm having a problem with this.",
        |"milestone":$jsonMilestone,
        |"id":0,
-       |"assignees":[$jsonUser],
+       |"assignee":$jsonUser,
        |"comments_url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/issues/1347/comments",
        |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/issues/1347"
        |}""".stripMargin
@@ -557,6 +556,7 @@ object ApiSpecModels {
        |"number":1347,
        |"title":"Found a bug",
        |"user":$jsonUser,
+       |"assignees":[],
        |"labels":[$jsonLabel],
        |"state":"open",
        |"created_at":"2011-04-14T16:00:49Z",
@@ -564,7 +564,6 @@ object ApiSpecModels {
        |"body":"I'm having a problem with this.",
        |"milestone":$jsonMilestone,
        |"id":0,
-       |"assignees":[],
        |"comments_url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/issues/1347/comments",
        |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/issues/1347"
        |}""".stripMargin
@@ -573,7 +572,7 @@ object ApiSpecModels {
        |"number":1347,
        |"title":"new-feature",
        |"user":$jsonUser,
-       |"assignee":$jsonUser,
+       |"assignees":[$jsonUser],
        |"labels":[$jsonLabel],
        |"state":"closed",
        |"created_at":"2011-04-14T16:00:49Z",
@@ -581,12 +580,12 @@ object ApiSpecModels {
        |"body":"Please pull these awesome changes",
        |"milestone":$jsonMilestone,
        |"id":0,
-       |"assignees":[$jsonUser],
+       |"assignee":$jsonUser,
        |"comments_url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/issues/1347/comments",
        |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/pull/1347",
        |"pull_request":{
-         |"url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/pulls/1347",
+       |"url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/pulls/1347",
-         |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/pull/1347"}
+       |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/pull/1347"}
        |}""".stripMargin
 
   val jsonPullRequest = s"""{
@@ -603,9 +602,10 @@ object ApiSpecModels {
        |"body":"Please pull these awesome changes",
        |"user":$jsonUser,
        |"labels":[$jsonLabel],
-       |"assignee":$jsonUser,
+       |"assignees":[$jsonUser],
        |"draft":true,
        |"id":0,
+       |"assignee":$jsonUser,
        |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/pull/1347",
        |"url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/pulls/1347",
        |"commits_url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/pulls/1347/commits",
@@ -680,7 +680,7 @@ object ApiSpecModels {
   val jsonCommits = s"""{
        |"url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e",
        |"sha":"6dcb09b5b57875f334f61aebed695e2e4193db5e",
-       |"html_url":"http://gitbucket.exmple.comoctocat/Hello-World/commit/6dcb09b5b57875f334f61aebed695e2e4193db5e",
+       |"html_url":"http://gitbucket.exmple.com/octocat/Hello-World/commit/6dcb09b5b57875f334f61aebed695e2e4193db5e",
        |"comment_url":"http://gitbucket.exmple.com",
        |"commit":{
          |"url":"http://gitbucket.exmple.com/api/v3/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e",

src/test/scala/gitbucket/core/service/ServiceSpecBase.scala

@@ -8,11 +8,18 @@ import liquibase.database.jvm.JdbcConnection
 import gitbucket.core.model._
 import gitbucket.core.model.Profile.profile.blockingApi._
 import org.apache.commons.io.FileUtils
+
 import java.sql.DriverManager
 import java.io.File
-
 import gitbucket.core.controller.Context
-import gitbucket.core.service.SystemSettingsService.{RepositoryOperation, RepositoryViewerSettings, Ssh, SystemSettings}
+import gitbucket.core.service.SystemSettingsService.{
+  BasicBehavior,
+  RepositoryOperation,
+  RepositoryViewerSettings,
+  Ssh,
+  SystemSettings
+}
+
 import javax.servlet.http.{HttpServletRequest, HttpSession}
 import org.mockito.Mockito._
 
@@ -32,19 +39,22 @@ trait ServiceSpecBase {
     SystemSettings(
       baseUrl = None,
       information = None,
-      allowAccountRegistration = false,
+      basicBehavior = BasicBehavior(
-      allowAnonymousAccess = true,
+        allowAccountRegistration = false,
-      isCreateRepoOptionPublic = true,
+        allowResetPassword = false,
-      repositoryOperation = RepositoryOperation(
+        allowAnonymousAccess = true,
-        create = true,
+        isCreateRepoOptionPublic = true,
-        delete = true,
+        repositoryOperation = RepositoryOperation(
-        rename = true,
+          create = true,
-        transfer = true,
+          delete = true,
-        fork = true
+          rename = true,
+          transfer = true,
+          fork = true
+        ),
+        gravatar = false,
+        notification = false,
+        limitVisibleRepositories = false,
       ),
-      gravatar = false,
-      notification = false,
-      limitVisibleRepositories = false,
       ssh = Ssh(
         enabled = false,
         bindAddress = None,
@@ -132,7 +142,6 @@ trait ServiceSpecBase {
       loginUser = loginUser,
       title = "issue title",
       content = None,
-      assignedUserName = None,
       milestoneId = None,
       priorityId = None,
       isPullRequest = true

src/test/scala/gitbucket/core/service/WebHookJsonFormatSpec.scala

@@ -91,7 +91,7 @@ class WebHookJsonFormatSpec extends AnyFunSuite {
       action = "closed",
       issue = issuePR,
       issueUser = account,
-      assignee = Some(account),
+      assignees = List(account),
       pullRequest = pullRequest,
       headRepository = repositoryInfo,
       headOwner = account,
@@ -119,7 +119,7 @@ class WebHookJsonFormatSpec extends AnyFunSuite {
       commentUser = account,
       repository = repositoryInfo,
       repositoryUser = account,
-      assignedUser = Some(account),
+      assignees = List(account),
       sender = account,
       labels = List(label),
       milestone = Some(apiMilestone)
@@ -140,7 +140,7 @@ class WebHookJsonFormatSpec extends AnyFunSuite {
       comment = commitComment,
       issue = issuePR,
       issueUser = account,
-      assignee = Some(account),
+      assignees = List(account),
       pullRequest = pullRequest,
       headRepository = repositoryInfo,
       headOwner = account,

src/test/scala/gitbucket/core/view/AvatarImageProviderSpec.scala

@@ -2,12 +2,12 @@ package gitbucket.core.view
 
 import java.text.SimpleDateFormat
 import java.util.Date
-
 import javax.servlet.http.{HttpServletRequest, HttpSession}
 import gitbucket.core.controller.Context
 import gitbucket.core.model.Account
 import gitbucket.core.service.RequestCache
 import gitbucket.core.service.SystemSettingsService.{
+  BasicBehavior,
   RepositoryOperation,
   RepositoryViewerSettings,
   Ssh,
@@ -151,19 +151,22 @@ class AvatarImageProviderSpec extends AnyFunSpec {
     SystemSettings(
       baseUrl = None,
       information = None,
-      allowAccountRegistration = false,
+      basicBehavior = BasicBehavior(
-      allowAnonymousAccess = true,
+        allowAccountRegistration = false,
-      isCreateRepoOptionPublic = true,
+        allowResetPassword = false,
-      repositoryOperation = RepositoryOperation(
+        allowAnonymousAccess = true,
-        create = true,
+        isCreateRepoOptionPublic = true,
-        delete = true,
+        repositoryOperation = RepositoryOperation(
-        rename = true,
+          create = true,
-        transfer = true,
+          delete = true,
-        fork = true
+          rename = true,
+          transfer = true,
+          fork = true
+        ),
+        gravatar = useGravatar,
+        notification = false,
+        limitVisibleRepositories = false
       ),
-      gravatar = useGravatar,
-      notification = false,
-      limitVisibleRepositories = false,
       ssh = Ssh(
         enabled = false,
         bindAddress = None,

src/test/scala/gitbucket/core/view/PaginationSpec.scala

@@ -1,6 +1,5 @@
 package gitbucket.core.view
 
-import gitbucket.core.util.SyntaxSugars
 import org.scalatest.funspec.AnyFunSpec
 
 class PaginationSpec extends AnyFunSpec {