ci: fix up docker workflow issue

Suppress golangci-lint errors
Fix CI setup and errors
2026-02-28 09:10:57 +01:00 · 2026-01-23 12:38:11 -05:00 · 2026-01-23 12:28:00 -05:00 · 2026-01-23 12:18:28 -05:00 · 2026-01-23 10:21:06 -05:00 · 2026-01-23 09:40:55 -05:00
1452 changed files with 317130 additions and 50470 deletions
--- a/.bra.toml
+++ b/.bra.toml
@@ -1,19 +0,0 @@
-[run]
-init_cmds = [
-	["make", "build-dev", "TAGS=sqlite"],
-	["./gogs", "web"]
-]
-watch_all = true
-watch_dirs = [
-	"$WORKDIR/cmd",
-	"$WORKDIR/models",
-	"$WORKDIR/modules",
-	"$WORKDIR/routers"
-]
-watch_exts = [".go"]
-ignore_files = [".+_test.go"]
-build_delay = 1500
-cmds = [
-	["make", "build-dev", "TAGS=sqlite"], # cert pam tidb
-	["./gogs", "web"]
-]
--- a/.deepsource.toml
+++ b/.deepsource.toml
@@ -0,0 +1,26 @@
+version = 1
+
+exclude_patterns = ["**/mocks_test.go"]
+
+[[analyzers]]
+name = "docker"
+enabled = true
+
+[[analyzers]]
+name = "shell"
+enabled = true
+
+[[analyzers]]
+name = "go"
+enabled = true
+
+  [analyzers.meta]
+  import_root = "github.com/gogs/gogs"
+
+[[transformers]]
+name = "gofumpt"
+enabled = true
+
+[[transformers]]
+name = "gofmt"
+enabled = true
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,21 +1,15 @@
-.git
-.git/**
-conf
-conf/**
-packager
-packager/**
+.packager
+.packager/**
 scripts
 scripts/**
 .github/
 .github/**
-config.codekit
-LICENSE
-Makefile
 .dockerignore
 *.yml
 *.md
-.bra.toml
 .editorconfig
 .gitignore
-.gopmfile
 Dockerfile*
+gogs
+
+!Taskfile.yml
--- a/.editorconfig
+++ b/.editorconfig
@@ -5,8 +5,20 @@ root = true
 [*]
 charset = utf-8
 end_of_line = lf
-indent_style = tab
+insert_final_newline = true
+trim_trailing_whitespace = true

-[*.yml]
+[*.go]
+indent_style = tab
+indent_size = 4
+
+[*.tmpl]
+indent_style = tab
+indent_size = 2
+
+[*.{less, yml}]
 indent_style = space
 indent_size = 2
+
+[*.js]
+indent_size = 2
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,8 @@
+conf/gitignore/** linguist-vendored
+conf/license/** linguist-vendored
+public/assets/** linguist-vendored
+public/plugins/** linguist-vendored
+public/css/themes/** linguist-vendored
+public/css/semantic-* linguist-vendored
+public/js/libs/** linguist-vendored
+public/js/semantic-* linguist-vendored
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -1,63 +1,78 @@
-# Contributing to Gogs
+# Welcome to Gogs contributing guide

-> This guidelines sheet is forked from [CONTRIBUTING.md](https://github.com/drone/drone/blob/8d9c7cee56d6c2eac81dc156ce27be6716d97e68/CONTRIBUTING.md).
+Thank you for investing your time in contributing to our projects!

-Gogs is not perfect, and it has bugs or incomplete features in rare cases. You're welcome to tell us, or to contribute some code. This document describes details about how can you contribute to Gogs project.
+Read our [Code of Conduct](https://go.dev/conduct) to keep our community approachable and respectable.

-## Contribution guidelines
+In this guide you will get an overview of the contribution workflow from opening an issue, creating a PR, reviewing, and merging the PR.

-Depends on the situation, you will:
+Use the table of contents icon <img src="https://github.com/github/docs/raw/50561895328b8f369694973252127b7d93899d83/assets/images/table-of-contents.png" width="25" height="25" /> on the top left corner of this document to get to a specific section of this guide quickly.

- Find a bug and create an issue
- Need more functionality and make a feature request
- Want to contribute code and open a pull request
- Run into issue and need help
+## New contributor guide

-### Bug Report
+To get an overview of the project, read the [README](/README.md). Here are some resources to help you get started with open source contributions:

-If you find something you consider a bug, please create a issue on [GitHub](https://github.com/gogits/gogs/issues). To avoid wasting time and reduce back-and-forth communication with team members, please include at least the following information in a form comfortable for you:
+- [Finding ways to contribute to open source on GitHub](https://docs.github.com/en/get-started/exploring-projects-on-github/finding-ways-to-contribute-to-open-source-on-github)
+- [Set up Git](https://docs.github.com/en/get-started/quickstart/set-up-git)
+- [GitHub flow](https://docs.github.com/en/get-started/quickstart/github-flow)
+- [Collaborating with pull requests](https://docs.github.com/en/github/collaborating-with-pull-requests)
+- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
+- [Talk, then code](https://www.craft.do/s/kyHVs6OoE4Dj5V)

- Bug Description
- Gogs Version
- Git Version
- System Type
- Error Log
- Other information
+In addition to the general guides with open source contributions, you would also need to:

-Please take a moment to check that an issue on [GitHub](https://github.com/gogits/gogs/issues) doesn't already exist documenting your bug report or improvement proposal. If it does, it never hurts to add a quick "+1" or "I have this problem too". This will help prioritize the most common problems and requests.
+- Have basic knowledge about web applications development, database management systems and programming in [Go](https://go.dev/).
+- Have a working local development setup with a reasonable good IDE or editor like [Visual Studio Code](https://code.visualstudio.com/docs/languages/go), [GoLand](https://www.jetbrains.com/go/) or [Vim](https://github.com/fatih/vim-go).
+- [Set up your development environment](/docs/dev/local_development.md).

-#### Bug Report Example
+## Issues

-Gogs crashed when creating a repository with a license, using v0.5.13.0207, SQLite3, Git 1.9.0, Ubuntu 12.04.
+### Ask for help

-Error log:
+Before opening an issue, please make sure the problem you're encountering isn't already addressed on the [Troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) and [FAQs](https://gogs.io/docs/intro/faqs.html) pages.

-```
-2014/09/01 07:21:49 [E] nil pointer
-```
+### Create a new issue

-### Feature Request
+- For questions, ask in [Discussions](https://github.com/gogs/gogs/discussions).
+- [Check to make sure](https://docs.github.com/en/github/searching-for-information-on-github/searching-on-github/searching-issues-and-pull-requests#search-by-the-title-body-or-comments) someone hasn't already opened a similar [issue](https://github.com/gogs/gogs/issues).
+- If a similar issue doesn't exist, open a new issue using a relevant [issue form](https://github.com/gogs/gogs/issues/new/choose).
+- Blank issues that are not coming from maintainers will be closed without a response.

-There is no standard form of making a feature request. Just try to describe the feature as clearly as possible, because team members may not have experience with the functionality you're talking about.
+### Pick up an issue to solve

-### Pull Request
+- Scan through our [existing issues](https://github.com/gogs/gogs/issues) to find one that interests you.
+- The [👋 good first issue](https://github.com/gogs/gogs/issues?q=is%3Aissue+is%3Aopen+label%3A%22%F0%9F%91%8B+good+first+issue%22) is a good place to start exploring issues that are well-groomed for newcomers.
+- Do not hesitate to ask for more details or clarifying questions on the issue!
+- Communicate on the issue you are intended to pick up _before_ starting working on it.
+- Every issue that gets picked up will have an expected timeline for the implementation, the issue may be reassigned after the expected timeline. Please be responsible and proactive on the communication 🙇‍♂️

-Please read detailed information on [Wiki](https://github.com/gogits/gogs/wiki/Contributing-Code).
+## Add new features or make big changes

-### Ask For Help
+New features or big changes require proposals before we may be able to accept any contribution. Proposals should be posted to the [Discussions - Proposal](https://github.com/gogs/gogs/discussions/categories/proposal) category for review and discussions. GitHub Discussions provides sub-threading which is much more suitable than GitHub Issues for discussions to happen. Please read [Write a proposal for open source contributions](https://unknwon.io/posts/220210-write-a-proposal-for-open-source-contributions/) to begin with.

-Before opening an issue, please make sure your problem isn't already addressed on the [Troubleshooting](http://gogs.io/docs/intro/troubleshooting.html) and [FAQs](http://gogs.io/docs/intro/faqs.html) pages.
+## Pull requests

-## Code of conduct
+When you're finished with the changes, create a pull request, or a series of pull requests if necessary.

-As contributors and maintainers of this project, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
+Contributing to another codebase is not as simple as code changes, it is also about contributing influence to the design. Therefore, we kindly ask you that:

-We are committed to making participation in this project a harassment-free experience for everyone, regardless of level of experience, gender, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, age, or religion.
+- Please acknowledge that no pull request is guaranteed to be merged.
+- Please always do a self-review before requesting reviews from others.
+- Please expect code review to be strict and may have multiple rounds.
+- Please make self-contained incremental changes, pull requests with huge diff may be rejected for review.
+- Please use English in code comments and docstring.
+- Please do not force push unless absolutely necessary. Force pushes make review much harder in multiple rounds, and we use [Squash and merge](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/incorporating-changes-from-a-pull-request/about-pull-request-merges#squash-and-merge-your-pull-request-commits) so you don't need to worry about messy commits and just focus on the changes.

-Examples of unacceptable behavior by participants include the use of sexual language or imagery, derogatory comments or personal attacks, trolling, public or private harassment, insults, or other unprofessional conduct.
+### Things we do not accept

-Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct. Project maintainers who do not follow the Code of Conduct may be removed from the project team.
+1. Updates to locale files (`conf/locale_xx-XX.ini`) other than the `conf/locale_en-US.ini`. Please read the [guide for localizing Gogs](https://gogs.io/docs/features/i18n).
+1. Docker compose files.

-Instances of abusive, harassing, or otherwise unacceptable behavior can be reported by emailing u@gogs.io
+### Coding guidelines

-This Code of Conduct is adapted from the [Contributor Covenant](http:contributor-covenant.org), version 1.0.0, available at [http://contributor-covenant.org/version/1/0/0/](http://contributor-covenant.org/version/1/0/0/)
+1. Please read the Sourcegraph's [Go style guide](https://docs.sourcegraph.com/dev/background-information/languages/go).
+1. **NO** direct modifications to `.css` files, `.css` files are all generated by `.less` files. You can regenerate `.css` files by executing `task less`.
+
+## Your PR is merged!
+
+Congratulations 🎉🎉 Thanks again for taking the effort to have this journey with us 🌟
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,22 +0,0 @@
-We DO NOT take questions or config/deploy problems on GitHub, please use our forum: https://discuss.gogs.io
-
-Please take a moment to search that an issue doesn't already exist.
-
-For bug reports, please give the relevant info:
-
- Gogs version (or commit ref):
- Git version:
- Operating system:
- Database:
-  - [ ] PostgreSQL
-  - [ ] MySQL
-  - [ ] SQLite
- Can you reproduce the bug at http://try.gogs.io:
-  - [ ] Yes
-  - [ ] No
-  - [ ] Not relevant
- Log gist:
-
-## Description
-
-...
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -0,0 +1,82 @@
+name: Bug report
+description: File a bug report to help us improve
+labels: ["\U0001F48A bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report!
+        
+        - Please use English :)
+        - For questions, ask in [Discussions](https://github.com/gogs/gogs/discussions).
+        - Before you file an issue read the [Contributing guide](https://github.com/gogs/gogs/blob/main/.github/CONTRIBUTING.md).
+        - Check to make sure someone hasn't already opened a similar [issue](https://github.com/gogs/gogs/issues).
+  - type: input
+    attributes:
+      label: Gogs version
+      description: |
+        Please specify the exact Gogs version you're reporting for, e.g. "0.12.3". You can find the version information in the admin dashboard (`/admin`).
+        
+        _Note that "gogs/gogs:latest" is not a Gogs version, it does not mean anything._
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Git version
+      description: |
+        Please specify the exact Git version you're using of both server and client. You can find the version information by running `git version`.
+      value: |
+        - Server: 
+        - Client: 
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: Operating system
+      description: |
+        Please specify the exact operating system name and version you're reporting for, e.g. "Windows 10", "CentOS 7", "Ubuntu 20.04".
+    validations:
+      required: true
+  - type: input
+    attributes:
+      label: Database
+      description: |
+        Please specify the exact database and version you're reporting for, e.g. "PostgreSQL 9.6", "MySQL 5.7", "SQLite 3".
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the bug
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: To reproduce
+      description: The steps to reproduce the problem described above.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Expected behavior
+      description: A clear and concise description of what you expected to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: |
+        Links? References? Suggestions? Anything that will give us more context about the issue you are encountering!
+        
+        Please include any error logs found in the `log/gogs.log` file. Otherwise, we probably won't be able to help you much.
+
+        Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.
+    validations:
+      required: false
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://go.dev/conduct)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Ask questions
+    url: https://github.com/gogs/gogs/discussions
+    about: Please ask questions in Discussions.
+  - name: Make a proposal
+    url: https://github.com/gogs/gogs/discussions/categories/proposal
+    about: Please make proposals in Discussions.
--- a/.github/ISSUE_TEMPLATE/dev_release_minor_version.md
+++ b/.github/ISSUE_TEMPLATE/dev_release_minor_version.md
@@ -0,0 +1,53 @@
+---
+name: "Dev: Release a minor version"
+about: ONLY USED BY MAINTAINERS.
+title: "Release [VERSION]"
+labels: 📸 release
+---
+
+_This is generated from the [minor release template](https://github.com/gogs/gogs/blob/main/.github/ISSUE_TEMPLATE/dev_release_minor_version.md)._
+
+## Before release
+
+On the `main` branch:
+
+- [ ] Close stale issues with the label [status: needs feedback](https://github.com/gogs/gogs/issues?q=is%3Aissue+is%3Aopen+label%3A%22status%3A+needs+feedback%22).
+- [ ] [Sync locales from Crowdin](https://github.com/gogs/gogs/blob/main/docs/dev/import_locale.md).
+- [ ] [Update CHANGELOG](https://github.com/gogs/gogs/commit/720cb5fcb169b9e026b5b47f57d50888b35fdb4b) to include entries for the current minor release.
+- [ ] Cut a new release branch `release/<MAJOR>.<MINOR>`, e.g. `release/0.12`.
+
+## During release
+
+On the release branch:
+
+- [ ] [Update the hard-coded version](https://github.com/gogs/gogs/commit/f17e7d5a2c36c52a1121d2315f3d75dcd8053b89) to the current release, e.g. `0.12.0+dev` -> `0.12.0`.
+- [ ] Wait for GitHub Actions to complete and no failed jobs.
+- [ ] Publish new RC releases (e.g. `v0.12.0-rc.1`, `v0.12.0-rc.2`) to ensure Docker workflow succeeds. **Make sure the tag is created on the release branch**.
+	- Pull down the Docker image and [run through application setup](https://github.com/gogs/gogs/blob/main/docker/README.md) to make sure nothing blows up.
+- [ ] Publish a new [GitHub release](https://github.com/gogs/gogs/releases) with entries from [CHANGELOG](https://github.com/gogs/gogs/blob/main/CHANGELOG.md) for the current minor release. **Make sure the tag is created on the release branch**.
+- [ ] [Wait for a new image tag for the current release](https://github.com/gogs/gogs/actions/workflows/docker.yml?query=event%3Arelease) to be created automatically on both [Docker Hub](https://hub.docker.com/r/gogs/gogs/tags) and [GitHub Container registry](https://github.com/gogs/gogs/pkgs/container/gogs).
+- [ ] [Push a new Docker image tag](https://github.com/gogs/gogs/blob/main/docs/dev/release/release_new_version.md#update-docker-image-tag) as `<MAJOR>.<MINOR>` to both [Docker Hub](https://hub.docker.com/r/gogs/gogs/tags) and [GitHub Container registry](https://github.com/gogs/gogs/pkgs/container/gogs), e.g.:
+- [ ] [Compile and pack binaries](https://github.com/gogs/gogs/blob/main/docs/dev/release/release_new_version.md#compile-and-pack-binaries) (all prefixed with `gogs_<MAJOR>.<MINOR>.<PATCH>_`, e.g. `gogs_0.12.0_`):
+	- [ ] macOS: `darwin_amd64.zip`, `darwin_arm64.zip`
+	- [ ] Linux: `linux_386.tar.gz`, `linux_386.zip`, `linux_amd64.tar.gz`, `linux_amd64.zip`
+	- [ ] ARM: `linux_armv7.tar.gz`, `linux_armv7.zip`, `linux_armv8.tar.gz`, `linux_armv8.zip`
+	- [ ] Windows: `windows_amd64.zip`, `windows_amd64_mws.zip`
+- [ ] [Generate SHA256 checksum](https://github.com/gogs/gogs/blob/main/docs/dev/release/sha256.sh) for all binaries to the file `checksum_sha256.txt`.
+- [ ] Upload all binaries and `checksum_sha256.txt` to:
+	- [ ] GitHub release
+	- [ ] https://dl.gogs.io
+- [ ] Update content of [Install from binary](https://gogs.io/docs/installation/install_from_binary).
+
+## After release
+
+On the `main` branch:
+
+- [ ] Publish [GitHub security advisories](https://github.com/gogs/gogs/security) for security patches included in the release.
+- [ ] Update the repository mirror on [Gitee](https://gitee.com/unknwon/gogs).
+- [ ] Create a new release announcement in [Discussions](https://github.com/gogs/gogs/discussions/categories/announcements).
+- [ ] Send a tweet on the [official Twitter account](https://twitter.com/GogsHQ) for the minor release.
+- [ ] Send out release announcement emails via [Mailchimp](https://mailchimp.com/).
+- [ ] Publish a new release article on [OSChina](http://my.oschina.net/Obahua/admin/releases).
+- [ ] Close the minor milestone.
+- [ ] [Bump the hard-coded version](https://github.com/gogs/gogs/commit/05477f1d294dc43f36c4a3b3b9575a96aea66a67) to the new develop version, e.g. `0.12.0+dev` -> `0.13.0+dev`.
+- [ ] Run `task legacy` to identify deprecated code that is aimed to be removed in current develop version.
--- a/.github/ISSUE_TEMPLATE/dev_release_patch_version.md
+++ b/.github/ISSUE_TEMPLATE/dev_release_patch_version.md
@@ -0,0 +1,55 @@
+---
+name: "Dev: Release a patch version"
+about: ONLY USED BY MAINTAINERS.
+title: "Release [VERSION]"
+labels: 📸 release
+---
+
+_This is generated from the [patch release template](https://github.com/gogs/gogs/blob/main/.github/ISSUE_TEMPLATE/dev_release_patch_version.md)._
+
+## Before release
+
+On the release branch:
+
+- [ ] Make sure all commits are cherry-picked from the `main` branch by checking the patch milestone.
+- [ ] [Update CHANGELOG on the `main` branch](https://github.com/gogs/gogs/commit/e6c5633f580399c8f4dfc07166a63a01c6c70346) to include entries for the current patch release.
+
+## During release
+
+On the release branch:
+
+- [ ] [Update the hard-coded version](https://github.com/gogs/gogs/commit/f0e3cd90f8d7695960eeef2e4e54b2e717302f6c) to the current release, e.g. `0.12.0` -> `0.12.1`.
+- [ ] Wait for GitHub Actions to complete and no failed jobs.
+- [ ] Publish new RC releases (e.g. `v0.12.0-rc.1`, `v0.12.0-rc.2`) to ensure Docker workflow succeeds. **Make sure the tag is created on the release branch**.
+	- Pull down the Docker image and [run through application setup](https://github.com/gogs/gogs/blob/main/docker/README.md) to make sure nothing blows up.
+- [ ] Publish a new [GitHub release](https://github.com/gogs/gogs/releases) with entries from [CHANGELOG](https://github.com/gogs/gogs/blob/main/CHANGELOG.md) for the current patch release and all previous releases with same minor version. **Make sure the tag is created on the release branch**.
+- [ ] Update all previous GitHub releases with same minor version with the warning:
+	```
+	**ℹ️ Heads up! There is a new patch release [0.12.1](https://github.com/gogs/gogs/releases/tag/v0.12.1) available, we recommend directly installing or upgrading to that version.**
+	```
+- [ ] [Wait for a new image tag for the current release](https://github.com/gogs/gogs/actions/workflows/docker.yml?query=event%3Arelease) to be created automatically on both [Docker Hub](https://hub.docker.com/r/gogs/gogs/tags) and [GitHub Container registry](https://github.com/gogs/gogs/pkgs/container/gogs).
+- [ ] [Update Docker image tag](https://github.com/gogs/gogs/blob/main/docs/dev/release/release_new_version.md#update-docker-image-tag) for the minor release `<MAJOR>.<MINOR>` on both [Docker Hub](https://hub.docker.com/r/gogs/gogs/tags) and [GitHub Container registry](https://github.com/gogs/gogs/pkgs/container/gogs).
+- [ ] [Compile and pack binaries](https://github.com/gogs/gogs/blob/main/docs/dev/release/release_new_version.md#compile-and-pack-binaries) (all prefixed with `gogs_<MAJOR>.<MINOR>.<PATCH>_`, e.g. `gogs_0.12.0_`):
+	- [ ] macOS: `darwin_amd64.zip`, `darwin_arm64.zip`
+	- [ ] Linux: `linux_386.tar.gz`, `linux_386.zip`, `linux_amd64.tar.gz`, `linux_amd64.zip`
+	- [ ] ARM: `linux_armv7.tar.gz`, `linux_armv7.zip`, `linux_armv8.tar.gz`, `linux_armv8.zip`
+	- [ ] Windows: `windows_amd64.zip`, `windows_amd64_mws.zip`
+- [ ] [Generate SHA256 checksum](https://github.com/gogs/gogs/blob/main/docs/dev/release/sha256.sh) for all binaries to the file `checksum_sha256.txt`.
+- [ ] Upload all binaries and `checksum_sha256.txt` to:
+	- [ ] GitHub release
+	- [ ] https://dl.gogs.io
+- [ ] Update content of [Install from binary](https://gogs.io/docs/installation/install_from_binary).
+
+## After release
+
+On the `main` branch:
+
+- [ ] Publish [GitHub security advisories](https://github.com/gogs/gogs/security) for security patches included in the release.
+- [ ] Post the following message on issues that are included in the patch milestone:
+    ```
+    The <MAJOR>.<MINOR>.<PATCH> has been released that includes the patch of the reported issue.
+    ```
+- [ ] Update the repository mirror on [Gitee](https://gitee.com/unknwon/gogs).
+- [ ] Create a new release announcement in [Discussions](https://github.com/gogs/gogs/discussions/categories/announcements).
+- [ ] Send a tweet on the [official Twitter account](https://twitter.com/GogsHQ) for the patch release.
+- [ ] Close the patch milestone.
--- a/.github/ISSUE_TEMPLATE/documentation.yml
+++ b/.github/ISSUE_TEMPLATE/documentation.yml
@@ -0,0 +1,32 @@
+name: Improve documentation
+description: Suggest an idea or a patch for documentation
+labels: ["📖 documentation"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this form!
+        
+        - Please use English :)
+        - For questions, ask in [Discussions](https://github.com/gogs/gogs/discussions).
+        - Before you file an issue read the [Contributing guide](https://github.com/gogs/gogs/blob/main/.github/CONTRIBUTING.md).
+        - Check to make sure someone hasn't already opened a similar [issue](https://github.com/gogs/gogs/issues).
+  - type: textarea
+    attributes:
+      label: What needs to be improved? Please describe
+      description: A clear and concise description of what is wrong or missing.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Why do you think it is important?
+      description: A clear and concise explanation of the rationale.
+    validations:
+      required: true
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://go.dev/conduct)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -0,0 +1,47 @@
+name: Feature request
+description: Suggest an idea for this project
+labels: ["\U0001F3AF feature"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this form!
+        
+        - Please use English :)
+        - For questions, ask in [Discussions](https://github.com/gogs/gogs/discussions).
+        - Before you file an issue read the [Contributing guide](https://github.com/gogs/gogs/blob/main/.github/CONTRIBUTING.md).
+        - Check to make sure someone hasn't already opened a similar [issue](https://github.com/gogs/gogs/issues).
+  - type: textarea
+    attributes:
+      label: Describe the feature
+      description: A clear and concise description of what the feature is, e.g. I think it is reasonable to have [...]
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe the solution you'd like
+      description: A clear and concise description of what you want to happen.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Describe alternatives you've considered
+      description: A clear and concise description of any alternative solutions or features you've considered.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: |
+        Links? References? Suggestions? Anything that will give us more context about the feature you are requesting!
+
+        Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.
+    validations:
+      required: false
+  - type: checkboxes
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://go.dev/conduct)
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,4 +0,0 @@
-Please, make sure you are targeting the `develop` branch!
-
-More instructions about contributing with Gogs code can be found here:
-https://github.com/gogits/gogs/wiki/Contributing-Code
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,11 @@
+# Docs: https://git.io/JCUAY
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "gogs/core"
+    commit-message:
+      prefix: "mod:"
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -0,0 +1,15 @@
+## Describe the pull request
+
+A clear and concise description of what the pull request is about, i.e. what problem should be fixed? 
+
+Link to the issue: <!-- paste the issue link here, or put "n/a" if not applicable -->
+
+## Checklist
+
+- [ ] I agree to follow the [Code of Conduct](https://go.dev/conduct) by submitting this pull request.
+- [ ] I have read and acknowledge the [Contributing guide](https://github.com/gogs/gogs/blob/main/.github/CONTRIBUTING.md).
+- [ ] I have added test cases to cover the new code or have provided the test plan.
+
+## Test plan
+
+<!-- Please provide concrete but concise steps to proof things are working as stated, see an example in https://github.com/gogs/gogs/pull/7345 -->
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,75 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    paths:
+      - '.github/workflows/codeql.yml'
+  schedule:
+    - cron: '0 19 * * 0'
+
+permissions:
+  contents: read
+  security-events: write
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'go' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more:
+        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          # We must fetch at least the immediate parents so that if this is
+          # a pull request then we can checkout the head.
+          fetch-depth: 2
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v3.28.3
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@fdbfb4d2750291e159f0156def62b853c2798ca2 # v3.28.3
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v3.28.3
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -0,0 +1,186 @@
+name: Docker
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    paths:
+      - '.trivy.yaml'
+      - 'Dockerfile'
+      - 'docker/**'
+      - '.github/workflows/docker.yml'
+  release:
+    types: [ published ]
+
+jobs:
+  buildx:
+    if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'gogs/gogs' }}
+    concurrency:
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+      contents: read
+      packages: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+      - name: Inspect builder
+        run: |
+          echo "Name:      ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint:  ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status:    ${{ steps.buildx.outputs.status }}"
+          echo "Flags:     ${{ steps.buildx.outputs.flags }}"
+          echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
+      - name: Login to Docker Hub
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GitHub Container registry
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push images
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: true
+          tags: |
+            gogs/gogs:latest
+            ghcr.io/gogs/gogs:latest
+      - name: Scan for container vulnerabilities
+        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+        with:
+          image-ref: gogs/gogs:latest
+          exit-code: '1'
+      - name: Send email on failure
+        uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0
+        if: ${{ failure() }}
+        with:
+          server_address: smtp.mailgun.org
+          server_port: 465
+          username: ${{ secrets.SMTP_USERNAME }}
+          password: ${{ secrets.SMTP_PASSWORD }}
+          subject: GitHub Actions (${{ github.repository }}) job result
+          to: github-actions-8ce6454@unknwon.io
+          from: GitHub Actions (${{ github.repository }})
+          reply_to: noreply@unknwon.io
+          body: |
+            The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}".
+
+            View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+  buildx-pull-request:
+    if: ${{ github.event_name == 'pull_request'}}
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        with:
+          config-inline: |
+            [worker.oci]
+              max-parallelism = 2
+      - name: Inspect builder
+        run: |
+          echo "Name:      ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint:  ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status:    ${{ steps.buildx.outputs.status }}"
+          echo "Flags:     ${{ steps.buildx.outputs.flags }}"
+          echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
+      - name: Compute short commit SHA
+        id: short-sha
+        uses: benjlevesque/short-sha@599815c8ee942a9616c92bcfb4f947a3b670ab0b # v3.0
+      - name: Build and push images
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        with:
+          context: .
+          platforms: linux/amd64
+          push: true
+          tags: |
+            ttl.sh/gogs/gogs-${{ steps.short-sha.outputs.sha }}:7d
+      - name: Scan for container vulnerabilities
+        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+        with:
+          image-ref: ttl.sh/gogs/gogs-${{ steps.short-sha.outputs.sha }}:7d
+          exit-code: '1'
+
+  # Updates to the following section needs to be synced to all release branches within their lifecycles.
+  buildx-release:
+    if: ${{ github.event_name == 'release' }}
+    runs-on: ubuntu-latest
+    permissions:
+      actions: write
+      contents: read
+      packages: write
+    steps:
+      - name: Compute image tag name
+        run: echo "IMAGE_TAG=$(echo $GITHUB_REF_NAME | cut -c 2-)" >> $GITHUB_ENV
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+      - name: Inspect builder
+        run: |
+          echo "Name:      ${{ steps.buildx.outputs.name }}"
+          echo "Endpoint:  ${{ steps.buildx.outputs.endpoint }}"
+          echo "Status:    ${{ steps.buildx.outputs.status }}"
+          echo "Flags:     ${{ steps.buildx.outputs.flags }}"
+          echo "Platforms: ${{ steps.buildx.outputs.platforms }}"
+      - name: Login to Docker Hub
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Login to GitHub Container registry
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push images
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          push: true
+          tags: |
+            gogs/gogs:${{ env.IMAGE_TAG }}
+            ghcr.io/gogs/gogs:${{ env.IMAGE_TAG }}
+      - name: Send email on failure
+        uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0
+        if: ${{ failure() }}
+        with:
+          server_address: smtp.mailgun.org
+          server_port: 465
+          username: ${{ secrets.SMTP_USERNAME }}
+          password: ${{ secrets.SMTP_PASSWORD }}
+          subject: GitHub Actions (${{ github.repository }}) job result
+          to: github-actions-8ce6454@unknwon.io
+          from: GitHub Actions (${{ github.repository }})
+          reply_to: noreply@unknwon.io
+          body: |
+            The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}".
+
+            View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -0,0 +1,216 @@
+name: Go
+on:
+  push:
+    branches:
+      - main
+      - 'release/**'
+    paths:
+      - '**.go'
+      - 'go.mod'
+      - '.golangci.yml'
+      - '.github/workflows/go.yml'
+  pull_request:
+    paths:
+      - '**.go'
+      - 'go.mod'
+      - '.golangci.yml'
+      - '.github/workflows/go.yml'
+env:
+  GOPROXY: "https://proxy.golang.org"
+
+permissions:
+  contents: read
+
+jobs:
+  lint:
+    permissions:
+      contents: read       # for actions/checkout to fetch code
+      pull-requests: read  # for golangci/golangci-lint-action to fetch pull requests
+    name: Lint
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: 1.25.x
+      - name: Install Task
+        uses: arduino/setup-task@b91d5d2c96a56797b48ac1e0e89220bf64044611 # v2.0.0
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Check Go module tidiness and generated files
+        shell: bash
+        run: |
+          go mod tidy
+          task generate
+          STATUS=$(git status --porcelain)
+          if [ ! -z "$STATUS" ]; then
+            echo "Unstaged files:"
+            echo $STATUS
+            echo "Run 'go mod tidy' or 'task generate' commit them"
+            exit 1
+          fi
+      - name: Run golangci-lint
+        uses: golangci/golangci-lint-action@9fae48acfc02a90574d7c304a1758ef9895495fa # v7.0.1
+        with:
+          version: latest
+          args: --timeout=30m
+
+  test:
+    name: Test
+    strategy:
+      matrix:
+        go-version: [ 1.25.x ]
+        platform: [ ubuntu-latest, macos-latest ]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: ${{ matrix.go-version }}
+      - name: Run tests with coverage
+        run: go test -shuffle=on -v -race -coverprofile=coverage -covermode=atomic ./...
+      - name: Upload coverage report to Codecov
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
+        with:
+          file: ./coverage
+          flags: unittests
+      - name: Send email on failure
+        uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0
+        if: ${{ failure() && github.event_name == 'push' && github.ref == 'refs/heads/main' }}
+        with:
+          server_address: smtp.mailgun.org
+          server_port: 465
+          username: ${{ secrets.SMTP_USERNAME }}
+          password: ${{ secrets.SMTP_PASSWORD }}
+          subject: GitHub Actions (${{ github.repository }}) job result
+          to: github-actions-8ce6454@unknwon.io
+          from: GitHub Actions (${{ github.repository }})
+          reply_to: noreply@unknwon.io
+          body: |
+            The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}".
+
+            View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+  # Running tests with race detection consumes too much memory on Windows,
+  # see https://github.com/golang/go/issues/46099 for details.
+  test-windows:
+    name: Test Windows
+    strategy:
+      matrix:
+        go-version: [ 1.25.x ]
+        platform: [ windows-latest ]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: ${{ matrix.go-version }}
+      - name: Run tests with coverage
+        run: go test -shuffle=on -v -coverprofile=coverage -covermode=atomic ./...
+      - name: Upload coverage report to Codecov
+        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
+        with:
+          file: ./coverage
+          flags: unittests
+      - name: Send email on failure
+        uses: dawidd6/action-send-mail@2cea9617b09d79a095af21254fbcb7ae95903dde # v3.12.0
+        if: ${{ failure() && github.event_name == 'push' && github.ref == 'refs/heads/main' }}
+        with:
+          server_address: smtp.mailgun.org
+          server_port: 465
+          username: ${{ secrets.SMTP_USERNAME }}
+          password: ${{ secrets.SMTP_PASSWORD }}
+          subject: GitHub Actions (${{ github.repository }}) job result
+          to: github-actions-8ce6454@unknwon.io
+          from: GitHub Actions (${{ github.repository }})
+          reply_to: noreply@unknwon.io
+          body: |
+            The job "${{ github.job }}" of ${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }} completed with "${{ job.status }}".
+
+            View the job run at: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+
+  postgres:
+    name: Postgres
+    strategy:
+      matrix:
+        go-version: [ 1.25.x ]
+        platform: [ ubuntu-latest ]
+    runs-on: ${{ matrix.platform }}
+    services:
+      postgres:
+        image: postgres:9.6
+        env:
+          POSTGRES_PASSWORD: postgres
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+        ports:
+          - 5432:5432
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: ${{ matrix.go-version }}
+      - name: Run tests with coverage
+        run: go test -shuffle=on -v -race -coverprofile=coverage -covermode=atomic ./internal/db/...
+        env:
+          GOGS_DATABASE_TYPE: postgres
+          PGPORT: 5432
+          PGHOST: localhost
+          PGUSER: postgres
+          PGPASSWORD: postgres
+          PGSSLMODE: disable
+
+  mysql:
+    name: MySQL
+    strategy:
+      matrix:
+        go-version: [ 1.25.x ]
+        platform: [ ubuntu-22.04 ] # Use the lowest version possible for backwards compatibility
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Start MySQL server
+        run: sudo systemctl start mysql
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: ${{ matrix.go-version }}
+      - name: Run tests with coverage
+        run: go test -shuffle=on -v -race -coverprofile=coverage -covermode=atomic ./internal/db/...
+        env:
+          GOGS_DATABASE_TYPE: mysql
+          MYSQL_USER: root
+          MYSQL_PASSWORD: root
+          MYSQL_HOST: localhost
+          MYSQL_PORT: 3306
+
+  sqlite-go:
+    name: SQLite - Go
+    strategy:
+      matrix:
+        go-version: [ 1.25.x ]
+        platform: [ ubuntu-latest ]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Install Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version: ${{ matrix.go-version }}
+      - name: Run tests with coverage
+        run: go test -shuffle=on -v -race -parallel=1 -coverprofile=coverage -covermode=atomic ./internal/db/...
+        env:
+          GOGS_DATABASE_TYPE: sqlite
--- a/.github/workflows/lock.yml
+++ b/.github/workflows/lock.yml
@@ -0,0 +1,25 @@
+name: 'Lock Threads'
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+permissions:
+  issues: write
+  pull-requests: write
+
+concurrency:
+  group: lock
+
+jobs:
+  action:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1
+        with:
+          github-token: ${{ github.token }}
+          issue-inactive-days: '90'
+          issue-lock-reason: 'resolved'
+          pr-inactive-days: '365'
+          pr-lock-reason: 'resolved'
--- a/.github/workflows/shell.yml
+++ b/.github/workflows/shell.yml
@@ -0,0 +1,17 @@
+name: Shell
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  shellcheck:
+    name: Shellcheck
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      - name: Run ShellCheck
+        uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0
--- a/.gitignore
+++ b/.gitignore
@@ -4,7 +4,6 @@
 log/
 custom/
 data/
-.vendor/
 .idea/
 *.iml
 public/img/avatar/
@@ -14,6 +13,6 @@ public/img/avatar/
 profile/
 *.pem
 output*
-gogs.sublime-project
-gogs.sublime-workspace
 /release
+.task
+.envrc
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -0,0 +1,153 @@
+version: "2"
+linters:
+  enable:
+    - nakedret
+    - rowserrcheck
+    - unconvert
+    - unparam
+  settings:
+    govet:
+      disable:
+        # printf: non-constant format string in call to fmt.Errorf (govet)
+        # showing up since golangci-lint version 1.60.1
+        - printf
+    staticcheck:
+      checks:
+        - all
+        - "-SA1019" # This project is under active refactoring and not all code is up to date.
+        - "-QF1001" # I'm a math noob
+        - "-ST1016" # Some legit code uses this pattern
+    nakedret:
+      max-func-lines: 0 # Disallow any unnamed return statement
+  exclusions:
+    generated: lax
+    presets:
+      - comments
+      - common-false-positives
+      - legacy
+      - std-error-handling
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
+    rules:
+      - path: internal/auth/ldap/config.go
+        linters: [staticcheck]
+      - path: internal/cmd/import.go
+        linters: [staticcheck]
+      - path: internal/context/context.go
+        linters: [staticcheck]
+      - path: internal/db/attachment.go
+        linters: [staticcheck]
+      - path: internal/db/errors/errors.go
+        linters: [staticcheck]
+      - path: internal/db/issue.go
+        linters: [staticcheck]
+      - path: internal/db/issue_mail.go
+        linters: [staticcheck]
+      - path: internal/db/org.go
+        linters: [staticcheck]
+      - path: internal/db/repo.go
+        linters: [staticcheck]
+      - path: internal/db/schemadoc/main.go
+        linters: [staticcheck]
+      - path: internal/db/users.go
+        linters: [staticcheck]
+      - path: internal/db/webhook.go
+        linters: [staticcheck]
+      - path: internal/db/webhook_dingtalk.go
+        linters: [staticcheck]
+      - path: internal/email/email.go
+        linters: [staticcheck]
+      - path: internal/email/message.go
+        linters: [staticcheck]
+      - path: internal/form/repo.go
+        linters: [staticcheck]
+      - path: internal/form/user.go
+        linters: [staticcheck]
+      - path: internal/httplib/httplib.go
+        linters: [staticcheck]
+      - path: internal/markup/markdown.go
+        linters: [staticcheck]
+      - path: internal/route/api/v1/repo/commits.go
+        linters: [staticcheck]
+      - path: internal/route/api/v1/user/follower.go
+        linters: [staticcheck]
+      - path: internal/route/repo/branch.go
+        linters: [staticcheck]
+      - path: internal/route/repo/commit.go
+        linters: [staticcheck]
+      - path: internal/route/repo/issue.go
+        linters: [staticcheck]
+      - path: internal/route/user/profile.go
+        linters: [staticcheck]
+      - path: internal/template/template.go
+        linters: [staticcheck]
+      - path: internal/tool/tool.go
+        linters: [staticcheck]
+      - path: internal/cmd/serv.go
+        linters: [staticcheck]
+      - path: internal/db/actions_test.go
+        linters: [staticcheck]
+      - path: internal/db/milestone.go
+        linters: [staticcheck]
+      - path: internal/db/pull.go
+        linters: [staticcheck]
+      - path: internal/route/home.go
+        linters: [staticcheck]
+      - path: internal/db/release.go
+        linters: [staticcheck]
+      - path: internal/route/org/members.go
+        linters: [staticcheck]
+      - path: internal/route/org/setting.go
+        linters: [staticcheck]
+      - path: internal/db/repo_branch.go
+        linters: [staticcheck]
+      - path: internal/db/user_mail.go
+        linters: [staticcheck]
+      - path: internal/route/user/auth.go
+        linters: [staticcheck]
+      - path: internal/db/webhook_slack.go
+        linters: [staticcheck]
+      - path: internal/form/form.go
+        linters: [staticcheck]
+      - path: internal/route/org/teams.go
+        linters: [staticcheck]
+      - path: internal/route/admin/auths.go
+        linters: [staticcheck]
+      - path: internal/route/admin/users.go
+        linters: [staticcheck]
+      - path: internal/db/admin.go
+        linters: [staticcheck]
+      - path: internal/db/comment.go
+        linters: [staticcheck]
+      - path: internal/route/user/home.go
+        linters: [staticcheck]
+      - path: internal/route/user/setting.go
+        linters: [staticcheck]
+      - path: internal/db/org_team.go
+        linters: [staticcheck]
+      - path: internal/db/repo_editor.go
+        linters: [staticcheck]
+      - path: internal/process/manager.go
+        linters: [staticcheck]
+      - path: internal/db/ssh_key.go
+        linters: [staticcheck]
+      - path: internal/route/repo/pull.go
+        linters: [staticcheck]
+      - path: internal/route/repo/release.go
+        linters: [staticcheck]
+      - path: internal/route/repo/setting.go
+        linters: [staticcheck]
+      - path: internal/route/repo/wiki.go
+        linters: [staticcheck]
+formatters:
+  enable:
+    - gofmt
+    - goimports
+  exclusions:
+    generated: lax
+    paths:
+      - third_party$
+      - builtin$
+      - examples$
--- a/.gopmfile
+++ b/.gopmfile
@@ -1,54 +0,0 @@
-[target]
-path = github.com/gogits/gogs
-
-[deps]
-github.com/bradfitz/gomemcache = commit:fb1f79c
-github.com/codegangsta/cli = commit:a294348
-github.com/go-macaron/binding = commit:a68f342
-github.com/go-macaron/cache = commit:5617353
-github.com/go-macaron/captcha = commit:8aa5919
-github.com/go-macaron/csrf = commit:546646c
-github.com/go-macaron/gzip = commit:cad1c65
-github.com/go-macaron/i18n = commit:d2d3329
-github.com/go-macaron/inject = commit:c5ab7bf
-github.com/go-macaron/session = commit:66031fc
-github.com/go-macaron/toolbox = commit:82b5115
-github.com/go-sql-driver/mysql = commit:0f2db9e
-github.com/go-xorm/core = commit:5021584
-github.com/go-xorm/xorm = commit:1045aa0
-github.com/gogits/chardet = commit:2404f77725
-github.com/gogits/cron = commit:3abc0f8
-github.com/gogits/git-module = commit:76e8cce
-github.com/gogits/go-gogs-client = commit:d584b1e
-github.com/issue9/identicon = commit:f8c0d2c
-github.com/kardianos/minwinsvc = commit:cad6b2b
-github.com/klauspost/compress = commit:2d3d403
-github.com/klauspost/cpuid = commit:09cded8
-github.com/klauspost/crc32 = commit:19b0b33
-github.com/lib/pq = commit:165a352
-github.com/mattn/go-sqlite3 = commit:45f056c
-github.com/mcuadros/go-version = commit:d52711f
-github.com/microcosm-cc/bluemonday = commit:4ac6f27
-github.com/msteinert/pam = commit:02ccfbf
-github.com/nfnt/resize = commit:4d93a29
-github.com/russross/blackfriday = commit:006144a
-github.com/satori/go.uuid = commit:e673fdd
-github.com/sergi/go-diff = commit:ec7fdbb
-github.com/shurcooL/sanitized_anchor_name = commit:10ef21a
-github.com/Unknwon/cae = commit:7f5e046
-github.com/Unknwon/com = commit:28b053d
-github.com/Unknwon/i18n = commit:3b48b66
-github.com/Unknwon/paginater = commit:7748a72
-golang.org/x/net = commit:a4bbce9
-golang.org/x/text = commit:a71fd10
-golang.org/x/crypto = commit:5dc8cb4
-gopkg.in/asn1-ber.v1 = commit:4e86f43
-gopkg.in/gomail.v2 = commit:5ceb8e6
-gopkg.in/ini.v1 = commit:776aa73
-gopkg.in/ldap.v2 = commit:07a7330
-gopkg.in/macaron.v1 = commit:b9eee38
-gopkg.in/redis.v2 = commit:e617904962
-
-[res]
-include = public|scripts|templates
-
--- a/.mailmap
+++ b/.mailmap
@@ -0,0 +1,4 @@
+Joe Chen <jc@unknwon.io> Unknwon <u@gogs.io>
+Joe Chen <jc@unknwon.io> 无闻 <u@gogs.io>
+Joe Chen <jc@unknwon.io> ᴜɴᴋɴᴡᴏɴ <u@gogs.io>
+Joe Chen <jc@unknwon.io> ᴜɴᴋɴᴡᴏɴ <jc@unknwon.io>
--- a/.packager/.godir
+++ b/.packager/.godir
--- a/.packager/Procfile
+++ b/.packager/Procfile
@@ -0,0 +1 @@
+web: ./gogs web -p ${PORT:=3000}
--- a/.packager/hooks/postinst
+++ b/.packager/hooks/postinst
@@ -8,10 +8,10 @@ APP_USER=$(${CLI} config:get APP_USER)
 APP_GROUP=$(${CLI} config:get APP_GROUP)
 APP_CONFIG="/etc/${APP_NAME}/conf/app.ini"

-mkdir -p $(dirname ${APP_CONFIG})
-chown ${APP_USER}.${APP_GROUP} $(dirname ${APP_CONFIG})
+mkdir -p "$(dirname ${APP_CONFIG})"
+chown "${APP_USER}"."${APP_GROUP}" "$(dirname ${APP_CONFIG})"
 [ -f ${APP_CONFIG} ] || ${CLI} run cp conf/app.ini ${APP_CONFIG}
-${CLI} config:set USER=${APP_USER}
+${CLI} config:set USER="${APP_USER}"
 sed -i "s|RUN_USER = git|RUN_USER = ${APP_USER}|" ${APP_CONFIG}
 sed -i "s|RUN_MODE = dev|RUN_MODE = prod|" ${APP_CONFIG}

--- a/.pkgr.yml
+++ b/.pkgr.yml
@@ -1,27 +1,31 @@
 targets:
-  debian-7: &debian
+  debian-9: &debian
    build_dependencies:
      - libpam0g-dev
    dependencies:
      - libpam0g
      - git
-  debian-8:
+  debian-10:
    <<: *debian
-  ubuntu-14.04:
+  debian-11:
    <<: *debian
-  ubuntu-12.04:
+  ubuntu-18.04:
    <<: *debian
-  centos-6: &el
+  ubuntu-20.04:
+    <<: *debian
+  ubuntu-22.04:
+    <<: *debian
+  centos-8:
    build_dependencies:
      - pam-devel
+      # required for Go buildpack
+      - perl-Digest-SHA
    dependencies:
      - pam
      - git
-  centos-7:
-    <<: *el
 before:
-  - mv packager/Procfile .
-  - mv packager/.godir .
+  - mv .packager/Procfile .
 after:
-  - mv bin/main gogs
-after_install: ./packager/hooks/postinst
+  - mv bin/gogs gogs
+after_install: ./.packager/hooks/postinst
+buildpack: https://github.com/heroku/heroku-buildpack-go.git#main
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,29 +0,0 @@
-language: go
-
-go:
-  - 1.4
-  - 1.5
-  - 1.6
-
-before_install:
-  - sudo apt-get update -qq
-  - sudo apt-get install -y libpam-dev
-  - go get github.com/msteinert/pam 
-
-install:
-  - go get -t -v ./...
-
-script: 
-  - go build -v -tags "pam"
-  - go test -v -cover -race ./...
-
-notifications:
-  email:
-    - u@gogs.io
-  slack: gophercn:o5pSanyTeNhnfYc3QnG0X7Wx
-  webhooks:
-    urls:
-      - https://webhooks.gitter.im/e/b590f8e03882f7aedc3e
-    on_success: change 
-    on_failure: always 
-    on_start: never     
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -0,0 +1,229 @@
+# Changelog
+
+All notable changes to Gogs are documented in this file.
+
+## 0.14.0+dev (`main`)
+
+## 0.13.0
+
+### Added
+
+- Support using personal access token in the password field. [#3866](https://github.com/gogs/gogs/issues/3866)
+- An unlisted option is added when create or migrate a repository. Unlisted repositories are public but not being listed for users without direct access in the UI. [#5733](https://github.com/gogs/gogs/issues/5733)
+- New API endpoint `PUT /repos/:owner/:repo/contents/:path` for creating and update repository contents. [#5967](https://github.com/gogs/gogs/issues/5967)
+- New configuration option `[git.timeout] DIFF` for customizing operation timeout of `git diff`. [#6315](https://github.com/gogs/gogs/issues/6315)
+- New configuration option `[server] SSH_SERVER_MACS` for setting list of accepted MACs for connections to builtin SSH server. [#6434](https://github.com/gogs/gogs/issues/6434)
+- New configuration option `[repository] DEFAULT_BRANCH` for setting default branch name for new repositories. [#7291](https://github.com/gogs/gogs/issues/7291)
+- New configuration option `[server] SSH_SERVER_ALGORITHMS` for specifying the list of accepted key exchange algorithms for connections to builtin SSH server. [#7345](https://github.com/gogs/gogs/pull/7345)
+- Support specifying custom schema for PostgreSQL. [#6695](https://github.com/gogs/gogs/pull/6695)
+- Support rendering Mermaid diagrams in Markdown. [#6776](https://github.com/gogs/gogs/pull/6776)
+- Docker: Allow passing extra arguments to the `backup` command. [#7060](https://github.com/gogs/gogs/pull/7060)
+- New languages support: Mongolian, Romanian. [#6510](https://github.com/gogs/gogs/pull/6510) [#7082](https://github.com/gogs/gogs/pull/7082)
+
+### Changed
+
+- The default branch has been changed to `main`. [#6285](https://github.com/gogs/gogs/pull/6285)
+- MSSQL as database backend is deprecated, installation page no longer shows it as an option. Existing installations and manually craft configuration file continue to work. [#6295](https://github.com/gogs/gogs/pull/6295)
+- Use [Task](https://github.com/go-task/task) as the build tool. [#6297](https://github.com/gogs/gogs/pull/6297)
+- The required Go version to compile source code changed to 1.18.
+- Access tokens are now stored using their SHA256 hashes instead of raw values. [#7008](https://github.com/gogs/gogs/pull/7008)
+
+### Fixed
+
+- Unable to use LDAP authentication on ARM machines. [#6761](https://github.com/gogs/gogs/issues/6761)
+- Unable to choose "Lookup Avatar by mail" in user settings without deleting custom avatar. [#7267](https://github.com/gogs/gogs/pull/7267)
+- Mistakenly include the "data" directory under the custom directory in the Docker setup. [#7343](https://github.com/gogs/gogs/pull/7343)
+- Unable to start after data recovery with an outdated migration version. [#7125](https://github.com/gogs/gogs/issues/7125)
+
+### Removed
+
+- ⚠️ Migrations before 0.12 are removed, installations not on 0.12 should upgrade to it to run the migrations and then upgrade to 0.13.
+- Configuration section `[mailer]` is no longer used, please use `[email]`.
+- Configuration section `[service]` is no longer used, please use `[auth]`.
+- Configuration option `APP_NAME` is no longer used, please use `BRAND_NAME`.
+- Configuration option `[security] REVERSE_PROXY_AUTHENTICATION_USER` is no longer used, please use `[auth] REVERSE_PROXY_AUTHENTICATION_HEADER`.
+- Configuration option `[auth] ACTIVE_CODE_LIVE_MINUTES` is no longer used, please use `[auth] ACTIVATE_CODE_LIVES`.
+- Configuration option `[auth] RESET_PASSWD_CODE_LIVE_MINUTES` is no longer used, please use `[auth] RESET_PASSWORD_CODE_LIVES`.
+- Configuration option `[auth] ENABLE_CAPTCHA` is no longer used, please use `[auth] ENABLE_REGISTRATION_CAPTCHA`.
+- Configuration option `[auth] ENABLE_NOTIFY_MAIL` is no longer used, please use `[user] ENABLE_EMAIL_NOTIFICATION`.
+- Configuration option `[auth] REGISTER_EMAIL_CONFIRM` is no longer used, please use `[auth] REQUIRE_EMAIL_CONFIRMATION`.
+- Configuration option `[session] GC_INTERVAL_TIME` is no longer used, please use `[session] GC_INTERVAL`.
+- Configuration option `[session] SESSION_LIFE_TIME` is no longer used, please use `[session] MAX_LIFE_TIME`.
+- Configuration option `[server] ROOT_URL` is no longer used, please use `[server] EXTERNAL_URL`.
+- Configuration option `[server] LANDING_PAGE` is no longer used, please use `[server] LANDING_URL`.
+- Configuration option `[database] DB_TYPE` is no longer used, please use `[database] TYPE`.
+- Configuration option `[database] PASSWD` is no longer used, please use `[database] PASSWORD`.
+- Remove option to use Makefile as the build tool. [#6980](https://github.com/gogs/gogs/pull/6980)
+
+## 0.12.11
+
+### Fixed
+
+- _Security:_ Stored XSS for issue assignees. [#7145](https://github.com/gogs/gogs/issues/7145)
+- _Security:_ OS Command Injection in repo editor on case-insensitive file systems. [#7030](https://github.com/gogs/gogs/issues/7030)
+- Unable to render repository pages with implicit submodules (e.g. `get submodule "REDACTED": revision does not exist`). [#6436](https://github.com/gogs/gogs/issues/6436)
+
+## 0.12.10
+
+### Changed
+
+- Support using `[security] LOCAL_NETWORK_ALLOWLIST = *` to allow all hostnames. [#7111](https://github.com/gogs/gogs/pull/7111)
+
+### Fixed
+
+- Unable to send webhooks to local network addresses after configured `[security] LOCAL_NETWORK_ALLOWLIST`. [#7074](https://github.com/gogs/gogs/issues/7074)
+
+## 0.12.9
+
+### Fixed
+
+- _Security:_ OS Command Injection in file editor. [#7000](https://github.com/gogs/gogs/issues/7000)
+- _Security:_ Sanitize `DisplayName` in repository issue list. [#7009](https://github.com/gogs/gogs/pull/7009)
+- _Security:_ Path Traversal in file editor on Windows. [#7001](https://github.com/gogs/gogs/issues/7001)
+- _Security:_ Path Traversal in Git HTTP endpoints. [#7002](https://github.com/gogs/gogs/issues/7002)
+- Unable to init repository during creation on Windows. [#6967](https://github.com/gogs/gogs/issues/6967)
+- Mysterious panic on `Value not found for type *repo.HTTPContext`. [#6963](https://github.com/gogs/gogs/issues/6963)
+
+## 0.12.8
+
+### Changed
+
+- All users (including admins) need to use the configuration option `[security] LOCAL_NETWORK_ALLOWLIST` to allow repository migration and webhooks to be able to access local network addresses, which is a comma separated list of hostnames. [#6988](https://github.com/gogs/gogs/pull/6988)
+
+### Fixed
+
+- _Security:_ SSRF in webhook. [#6901](https://github.com/gogs/gogs/issues/6901)
+- _Security:_ XSS in cookies. [#6953](https://github.com/gogs/gogs/issues/6953)
+- _Security:_ OS Command Injection in file uploading. [#6968](https://github.com/gogs/gogs/issues/6968)
+- _Security:_ Remote Command Execution in file editing. [#6555](https://github.com/gogs/gogs/issues/6555)
+
+## 0.12.7
+
+### Fixed
+
+- _Security:_ Stored XSS in issues. [#6919](https://github.com/gogs/gogs/issues/6919)
+- Invalid character in `Access-Control-Allow-Credentials` response header. [#4983](https://github.com/gogs/gogs/issues/4983)
+- Mysterious `ssh: overflow reading version string` errors from builtin SSH server. [#6882](https://github.com/gogs/gogs/issues/6882)
+
+## 0.12.6
+
+### Fixed
+
+- _Security:_ Remote command execution in file uploading. [#6833](https://github.com/gogs/gogs/issues/6833)
+- _Regression:_ Unable to migrate repository from other local Git hosting. Added a new configuration option `[security] LOCAL_NETWORK_ALLOWLIST`, which is a comma separated list of hostnames that are explicitly allowed to be accessed within the local network. [#6841](https://github.com/gogs/gogs/issues/6841)
+- Slow start of Docker containers using NAS devices. [#6554](https://github.com/gogs/gogs/issues/6554)
+
+## 0.12.5
+
+### Fixed
+
+- _Security:_ Potential SSRF in repository migration. [#6754](https://github.com/gogs/gogs/issues/6754)
+- _Security:_ Improper PAM authorization handling. [#6810](https://github.com/gogs/gogs/issues/6810)
+
+## 0.12.4
+
+### Fixed
+
+- _Security:_ Potential SSRF attack by CRLF injection via repository migration. [#6413](https://github.com/gogs/gogs/issues/6413)
+- _Regression:_ Fixed smart links for issues stops rendering. [#6506](https://github.com/gogs/gogs/issues/6506)
+- Added `X-Frame-Options` header to prevent Clickjacking. [#6409](https://github.com/gogs/gogs/issues/6409)
+
+## 0.12.3
+
+### Fixed
+
+- _Regression:_ When running Gogs on Windows, push commits no longer fail on a daily basis with the error "pre-receive hook declined". [#6316](https://github.com/gogs/gogs/issues/6316)
+- Auto-linked commit SHAs now have correct links. [#6300](https://github.com/gogs/gogs/issues/6300)
+- Git LFS client (with version >= 2.5.0) wasn't able to upload files with known format (e.g. PNG, JPEG), and the server is expecting the HTTP Header `Content-Type` to be `application/octet-stream`. The server now tells the LFS client to always use `Content-Type: application/octet-stream` when upload files.
+
+## 0.12.2
+
+### Fixed
+
+- _Regression:_ Pages are correctly rendered when requesting `?go-get=1` for subdirectories. [#6314](https://github.com/gogs/gogs/issues/6314)
+- _Regression:_ Submodule with a relative path is linked correctly. [#6319](https://github.com/gogs/gogs/issues/6319)
+- Backup can be processed when `--target` is specified on Windows. [#6339](https://github.com/gogs/gogs/issues/6339)
+- Commit message contains keywords look like an issue reference no longer fails the push entirely. [#6289](https://github.com/gogs/gogs/issues/6289)
+
+## 0.12.1
+
+### Fixed
+
+- The `updated_at` field is now correctly updated when updates an issue. [#6209](https://github.com/gogs/gogs/issues/6209)
+- Fixed a regression which created `login_source.cfg` column to have `VARCHAR(255)` instead of `TEXT` in MySQL. [#6280](https://github.com/gogs/gogs/issues/6280)
+
+## 0.12.0
+
+### Added
+
+- Support for Git LFS, you can read documentation for both [user](https://github.com/gogs/gogs/blob/main/docs/user/lfs.md) and [admin](https://github.com/gogs/gogs/blob/main/docs/admin/lfs.md). [#1322](https://github.com/gogs/gogs/issues/1322)
+- Allow admin to remove observers from the repository. [#5803](https://github.com/gogs/gogs/pull/5803)
+- Use `Last-Modified` HTTP header for raw files. [#5811](https://github.com/gogs/gogs/issues/5811)
+- Support syntax highlighting for SAS code files (i.e. `.r`, `.sas`, `.tex`, `.yaml`). [#5856](https://github.com/gogs/gogs/pull/5856)
+- Able to fill in pull request title with a template. [#5901](https://github.com/gogs/gogs/pull/5901)
+- Able to override static files under `public/` directory, please refer to [documentation](https://gogs.io/docs/features/custom_template) for usage. [#5920](https://github.com/gogs/gogs/pull/5920)
+- New API endpoint `GET /admin/teams/:teamid/members` to list members of a team. [#5877](https://github.com/gogs/gogs/issues/5877)
+- Support backup with retention policy for Docker deployments. [#6140](https://github.com/gogs/gogs/pull/6140)
+
+### Changed
+
+- The organization profile page has changed to display at most 12 members. [#5506](https://github.com/gogs/gogs/issues/5506)
+- The required Go version to compile source code changed to 1.14.
+- All assets are now embedded into binary and served from memory by default. Set `[server] LOAD_ASSETS_FROM_DISK = true` to load them from disk. [#5920](https://github.com/gogs/gogs/pull/5920)
+- Application and Go versions are removed from page footer and only show in the admin dashboard.
+- Build tag for running as Windows Service has been changed from `miniwinsvc` to `minwinsvc`.
+- Configuration option `APP_NAME` is deprecated and will end support in 0.13.0, please start using `BRAND_NAME`.
+- Configuration option `[server] ROOT_URL` is deprecated and will end support in 0.13.0, please start using `[server] EXTERNAL_URL`.
+- Configuration option `[server] LANDING_PAGE` is deprecated and will end support in 0.13.0, please start using `[server] LANDING_URL`.
+- Configuration option `[database] DB_TYPE` is deprecated and will end support in 0.13.0, please start using `[database] TYPE`.
+- Configuration option `[database] PASSWD` is deprecated and will end support in 0.13.0, please start using `[database] PASSWORD`.
+- Configuration option `[security] REVERSE_PROXY_AUTHENTICATION_USER` is deprecated and will end support in 0.13.0, please start using `[auth] REVERSE_PROXY_AUTHENTICATION_HEADER`.
+- Configuration section `[mailer]` is deprecated and will end support in 0.13.0, please start using `[email]`.
+- Configuration section `[service]` is deprecated and will end support in 0.13.0, please start using `[auth]`.
+- Configuration option `[auth] ACTIVE_CODE_LIVE_MINUTES` is deprecated and will end support in 0.13.0, please start using `[auth] ACTIVATE_CODE_LIVES`.
+- Configuration option `[auth] RESET_PASSWD_CODE_LIVE_MINUTES` is deprecated and will end support in 0.13.0, please start using `[auth] RESET_PASSWORD_CODE_LIVES`.
+- Configuration option `[auth] REGISTER_EMAIL_CONFIRM` is deprecated and will end support in 0.13.0, please start using `[auth] REQUIRE_EMAIL_CONFIRMATION`.
+- Configuration option `[auth] ENABLE_CAPTCHA` is deprecated and will end support in 0.13.0, please start using `[auth] ENABLE_REGISTRATION_CAPTCHA`.
+- Configuration option `[auth] ENABLE_NOTIFY_MAIL` is deprecated and will end support in 0.13.0, please start using `[user] ENABLE_EMAIL_NOTIFICATION`.
+- Configuration option `[session] GC_INTERVAL_TIME` is deprecated and will end support in 0.13.0, please start using `[session] GC_INTERVAL`.
+- Configuration option `[session] SESSION_LIFE_TIME` is deprecated and will end support in 0.13.0, please start using `[session] MAX_LIFE_TIME`.
+- The name `-` is reserved and cannot be used for users or organizations.
+
+### Fixed
+
+- [Security] Potential open redirection with i18n.
+- [Security] Potential ability to delete files outside a repository.
+- [Security] Potential ability to set primary email on others' behalf from their verified emails.
+- [Security] Potential XSS attack via `.ipynb`. [#5170](https://github.com/gogs/gogs/issues/5170)
+- [Security] Potential SSRF attack via webhooks. [#5366](https://github.com/gogs/gogs/issues/5366)
+- [Security] Potential CSRF attack in admin panel. [#5367](https://github.com/gogs/gogs/issues/5367)
+- [Security] Potential stored XSS attack in some browsers. [#5397](https://github.com/gogs/gogs/issues/5397)
+- [Security] Potential RCE on mirror repositories. [#5767](https://github.com/gogs/gogs/issues/5767)
+- [Security] Potential XSS attack with raw markdown API. [#5907](https://github.com/gogs/gogs/pull/5907)
+- File both modified and renamed within a commit treated as separate files. [#5056](https://github.com/gogs/gogs/issues/5056)
+- Unable to restore the database backup to MySQL 8.0 with syntax error. [#5602](https://github.com/gogs/gogs/issues/5602)
+- Open/close milestone redirects to a 404 page. [#5677](https://github.com/gogs/gogs/issues/5677)
+- Disallow multiple tokens with same name. [#5587](https://github.com/gogs/gogs/issues/5587) [#5820](https://github.com/gogs/gogs/pull/5820)
+- Enable Federated Avatar Lookup could cause server to crash. [#5848](https://github.com/gogs/gogs/issues/5848)
+- Private repositories are hidden in the organization's view. [#5869](https://github.com/gogs/gogs/issues/5869)
+- Users have access to base repository cannot view commits in forks. [#5878](https://github.com/gogs/gogs/issues/5878)
+- Server error when changing email address in user settings page. [#5899](https://github.com/gogs/gogs/issues/5899)
+- Fall back to use RFC 3339 as time layout when misconfigured. [#6098](https://github.com/gogs/gogs/issues/6098)
+- Unable to update team with server error. [#6185](https://github.com/gogs/gogs/issues/6185)
+- Webhooks are not fired after push when `[service] REQUIRE_SIGNIN_VIEW = true`.
+- Files with identical content are randomly displayed one of them.
+
+### Removed
+
+- Configuration option `[other] SHOW_FOOTER_VERSION`
+- Configuration option `[server] STATIC_ROOT_PATH`
+- Configuration option `[repository] MIRROR_QUEUE_LENGTH`
+- Configuration option `[repository] PULL_REQUEST_QUEUE_LENGTH`
+- Configuration option `[session] ENABLE_SET_COOKIE`
+- Configuration option `[release.attachment] PATH`
+- Configuration option `[webhook] QUEUE_LENGTH`
+- Build tag `sqlite`, which means CGO is now required.
+
+---
+
+**Older change logs can be found on [GitHub](https://github.com/gogs/gogs/releases?after=v0.12.0).**
--- a/2
+++ b/2
@@ -0,0 +1,2 @@
+# Default
+* @gogs/core
--- a/52
+++ b/52
@@ -1,22 +1,44 @@
-FROM alpine:3.3
-MAINTAINER jp@roemer.im
+FROM golang:alpine3.21 AS binarybuilder
+RUN apk --no-cache --no-progress add --virtual \
+  build-deps \
+  build-base \
+  git \
+  linux-pam-dev

-# Install system utils & Gogs runtime dependencies
-ADD https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64 /usr/sbin/gosu
-RUN chmod +x /usr/sbin/gosu \
- && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat
+WORKDIR /gogs.io/gogs
+COPY . .
+
+RUN ./docker/build/install-task.sh
+RUN TAGS="cert pam" task build
+
+FROM alpine:3.21
+RUN apk --no-cache --no-progress add \
+  bash \
+  ca-certificates \
+  curl \
+  git \
+  linux-pam \
+  openssh \
+  s6 \
+  shadow \
+  socat \
+  tzdata \
+  rsync

 ENV GOGS_CUSTOM /data/gogs

-COPY . /app/gogs/
-WORKDIR /app/gogs/
-RUN ./docker/build.sh
-
-# Configure LibC Name Service
+# Configure LibC Name Service
 COPY docker/nsswitch.conf /etc/nsswitch.conf

-# Configure Docker Container
-VOLUME ["/data"]
+WORKDIR /app/gogs
+COPY docker ./docker
+COPY --from=binarybuilder /gogs.io/gogs/gogs .
+
+RUN ./docker/build/finalize.sh
+
+# Configure Docker Container
+VOLUME ["/data", "/backup"]
 EXPOSE 22 3000
-ENTRYPOINT ["docker/start.sh"]
-CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]
+HEALTHCHECK CMD (curl -o /dev/null -sS http://localhost:3000/healthcheck) || exit 1
+ENTRYPOINT ["/app/gogs/docker/start.sh"]
+CMD ["/usr/bin/s6-svscan", "/app/gogs/docker/s6/"]
--- a/Dockerfile.rpi
+++ b/Dockerfile.rpi
@@ -1,25 +0,0 @@
-FROM hypriot/rpi-alpine-scratch:v3.2
-MAINTAINER jp@roemer.im, raxetul@gmail.com
-
-# Install system utils & Gogs runtime dependencies
-ADD https://github.com/tianon/gosu/releases/download/1.7/gosu-armhf /usr/sbin/gosu
-RUN chmod +x /usr/sbin/gosu \
- && echo "http://dl-4.alpinelinux.org/alpine/v3.3/main/"      | tee /etc/apk/repositories    \
- && echo "http://dl-4.alpinelinux.org/alpine/v3.3/community/" | tee -a /etc/apk/repositories \
- && apk -U --no-progress upgrade && rm -f /var/cache/apk/APKINDEX.* \
- && apk --no-cache --no-progress add ca-certificates bash git linux-pam s6 curl openssh socat
-
-ENV GOGS_CUSTOM /data/gogs
-
-COPY . /app/gogs/
-WORKDIR /app/gogs/
-RUN ./docker/build.sh
-
-# Configure LibC Name Service
-COPY docker/nsswitch.conf /etc/nsswitch.conf
-
-# Configure Docker Container
-VOLUME ["/data"]
-EXPOSE 22 3000
-ENTRYPOINT ["docker/start.sh"]
-CMD ["/bin/s6-svscan", "/app/gogs/docker/s6/"]
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-Copyright (c) 2014 All Gogs Contributors
+Copyright (c) The Gogs Authors

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/61
+++ b/61
@@ -1,61 +0,0 @@
-LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildTime=$(shell date -u '+%Y-%m-%d %I:%M:%S %Z')"
-LDFLAGS += -X "github.com/gogits/gogs/modules/setting.BuildGitHash=$(shell git rev-parse HEAD)"
-
-DATA_FILES := $(shell find conf | sed 's/ /\\ /g')
-LESS_FILES := $(wildcard public/less/gogs.less public/less/_*.less)
-GENERATED  := modules/bindata/bindata.go public/css/gogs.css
-
-TAGS = ""
-
-RELEASE_ROOT = "release"
-RELEASE_GOGS = "release/gogs"
-NOW = $(shell date -u '+%Y%m%d%I%M%S')
-
-.PHONY: build pack release bindata clean
-
-.IGNORE: public/css/gogs.css
-
-build: $(GENERATED)
-	go install -v -ldflags '$(LDFLAGS)' -tags '$(TAGS)'
-	cp '$(GOPATH)/bin/gogs' .
-
-govet:
-	go tool vet -composites=false -methods=false -structtags=false .
-
-build-dev: $(GENERATED) govet
-	go install -v -race -tags '$(TAGS)'
-	cp '$(GOPATH)/bin/gogs' .
-
-pack:
-	rm -rf $(RELEASE_GOGS)
-	mkdir -p $(RELEASE_GOGS)
-	cp -r gogs LICENSE README.md README_ZH.md templates public scripts $(RELEASE_GOGS)
-	rm -rf $(RELEASE_GOGS)/public/config.codekit $(RELEASE_GOGS)/public/less
-	cd $(RELEASE_ROOT) && zip -r gogs.$(NOW).zip "gogs"
-
-release: build pack
-
-bindata: modules/bindata/bindata.go
-
-modules/bindata/bindata.go: $(DATA_FILES)
-	go-bindata -o=$@ -ignore="\\.DS_Store|README.md|TRANSLATORS" -pkg=bindata conf/...
-
-less: public/css/gogs.css
-
-public/css/gogs.css: $(LESS_FILES)
-	lessc $< $@
-
-clean:
-	go clean -i ./...
-
-clean-mac: clean
-	find . -name ".DS_Store" -print0 | xargs -0 rm
-
-test:
-	go test -cover -race ./...
-
-fixme:
-	grep -rnw "FIXME" routers models modules
-
-todo:
-	grep -rnw "TODO" routers models modules
--- a/README.md
+++ b/README.md
@@ -1,131 +1,105 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/gogs/localized.svg)](https://crowdin.com/project/gogs) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-=====================
+![gogs-brand](https://user-images.githubusercontent.com/2946214/146899259-6a8b58ad-8d6e-40d2-ab02-79dc6aadabbf.png)

-![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
-
-##### Current version: 0.9.0
-
-| Web | UI  | Preview  |
-|:-------------:|:-------:|:-------:|
-|![Dashboard](https://gogs.io/img/screenshots/1.png)|![Repository](https://gogs.io/img/screenshots/2.png)|![Commits History](https://gogs.io/img/screenshots/3.png)|
-|![Profile](https://gogs.io/img/screenshots/4.png)|![Admin Dashboard](https://gogs.io/img/screenshots/5.png)|![Diff](https://gogs.io/img/screenshots/6.png)|
-|![Issues](https://gogs.io/img/screenshots/7.png)|![Releases](https://gogs.io/img/screenshots/8.png)|![Organization](https://gogs.io/img/screenshots/9.png)|
-
-### Important Notes
-
-1. **YOU MUST READ [Contributing Code](https://github.com/gogits/gogs/wiki/Contributing-Code) BEFORE STARTING TO WORK ON A PULL REQUEST**.
-2. Due to testing purpose, data of [try.gogs.io](https://try.gogs.io) was reset in **Jan 28, 2015** and will reset multiple times after. Please do **NOT** put your important data on the site.
-3. The demo site [try.gogs.io](https://try.gogs.io) is running under `develop` branch.
-4. If you think there are vulnerabilities in the project, please talk privately to **u@gogs.io**. Thanks!
-5. If you're interested in using APIs, we have experimental support with [documentation](https://github.com/gogits/go-gogs-client/wiki).
-6. If your team/company is using Gogs and would like to put your logo on [our website](http://gogs.io), contact us by any means.
+[![GitHub Workflow Status](https://img.shields.io/github/checks-status/gogs/gogs/main?logo=github&style=for-the-badge)](https://github.com/gogs/gogs/actions?query=branch%3Amain) [![Discord](https://img.shields.io/discord/382595433060499458.svg?style=for-the-badge&logo=discord)](https://discord.gg/9aqdHU7) [![Sourcegraph](https://img.shields.io/badge/view%20on-Sourcegraph-brightgreen.svg?style=for-the-badge&logo=sourcegraph)](https://sourcegraph.com/github.com/gogs/gogs)

 [简体中文](README_ZH.md)

-## Purpose
+## 🔮 Vision

-The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. With Go, this can be done with an independent binary distribution across **ALL platforms** that Go supports, including Linux, Mac OS X, Windows and ARM.
+The Gogs (`/gɑgz/`) project aims to build a simple, stable and extensible self-hosted Git service that can be set up in the most painless way. With Go, this can be done with an independent binary distribution across all platforms that Go supports, including Linux, macOS, Windows and ARM-based systems.

-## Overview
+## 📡 Overview

- Please see the [Documentation](http://gogs.io/docs/intro) for common usages and change log.
- See the [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) to follow the develop team.
+- Please visit [our home page](https://gogs.io) for user documentation.
+- Please refer to [CHANGELOG.md](CHANGELOG.md) for list of changes in each releases.
 - Want to try it before doing anything else? Do it [online](https://try.gogs.io/gogs/gogs)!
- Having trouble? Get help with [Troubleshooting](http://gogs.io/docs/intro/troubleshooting.html) or [User Forum](https://discuss.gogs.io/).
- Want to help with localization? Check out the [guide](http://gogs.io/docs/features/i18n.html)!
+- Having trouble? Help yourself with [troubleshooting](https://gogs.io/docs/intro/troubleshooting.html) or ask questions in [Discussions](https://github.com/gogs/gogs/discussions).
+- Want to help with localization? Check out the [localization documentation](https://gogs.io/docs/features/i18n.html).
+- Ready to get hands dirty? Read our [contributing guide](.github/CONTRIBUTING.md).
+- Hmm... What about APIs? We have experimental support with [documentation](https://github.com/gogs/docs-api).

-## Features
+## 💌 Features

- Activity timeline
- SSH and HTTP/HTTPS protocols
- SMTP/LDAP/Reverse proxy authentication
- Reverse proxy with sub-path
- Account/Organization/Repository management
- Repository/Organization webhooks (including Slack)
- Repository Git hooks/deploy keys
- Repository issues, pull requests and wiki
- Add/Remove repository collaborators
- Gravatar and custom source
- Mail service
- Administration panel
- Supports MySQL, PostgreSQL, SQLite3 and [TiDB](https://github.com/pingcap/tidb) (experimental)
- Multi-language support ([15 languages](https://crowdin.com/project/gogs))
+- User dashboard, user profile and activity timeline.
+- Access repositories via SSH, HTTP and HTTPS protocols.
+- User, organization and repository management.
+- Repository and organization webhooks, including Slack, Discord and Dingtalk.
+- Repository Git hooks, deploy keys and Git LFS.
+- Repository issues, pull requests, wiki, protected branches and collaboration.
+- Migrate and mirror repositories with wiki from other code hosts.
+- Web editor for quick editing repository files and wiki.
+- Jupyter Notebook and PDF rendering.
+- Authentication via SMTP, LDAP, reverse proxy, GitHub.com and GitHub Enterprise with 2FA.
+- Customize HTML templates, static files and many others.
+- Rich database backend, including PostgreSQL, MySQL, SQLite3 and [TiDB](https://github.com/pingcap/tidb).
+- Have localization over [31 languages](https://crowdin.com/project/gogs).

-## System Requirements
+## 💾 Hardware requirements

- A cheap Raspberry Pi is powerful enough for basic functionality.
- 2 CPU cores and 1GB RAM would be the baseline for teamwork.
+- A Raspberry Pi or $5 Digital Ocean Droplet is more than enough to get you started. Some even use 64MB RAM Docker [CaaS](https://www.docker.com/blog/containers-as-a-service-caas/).
+- 2 CPU cores and 512MB RAM would be the baseline for teamwork.
+- Increase CPU cores when your team size gets significantly larger, memory footprint remains low.

-## Browser Support
+## 💻 Browser support

 - Please see [Semantic UI](https://github.com/Semantic-Org/Semantic-UI#browser-support) for specific versions of supported browsers.
- The official support minimal size  is **1024*768**, UI may still looks right in smaller size but no promises and fixes.
+- The smallest resolution officially supported is **1024*768**, however the UI may still look right in smaller resolutions, but no promises or fixes.

-## Installation
+## 📜 Installation

-Make sure you install the [prerequisites](http://gogs.io/docs/installation) first.
+Make sure you install the [prerequisites](https://gogs.io/docs/installation) first.

-There are 5 ways to install Gogs:
+There are 6 ways to install Gogs:

- [Install from binary](http://gogs.io/docs/installation/install_from_binary.html)
- [Install from source](http://gogs.io/docs/installation/install_from_source.html)
- [Install from packages](http://gogs.io/docs/installation/install_from_packages.html)
- [Ship with Docker](https://github.com/gogits/gogs/tree/master/docker)
- [Install with Vagrant](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
+- [Install from binary](https://gogs.io/docs/installation/install_from_binary.html)
+- [Install from source](https://gogs.io/docs/installation/install_from_source.html)
+- [Install from packages](https://gogs.io/docs/installation/install_from_packages.html)
+- [Ship with Docker](https://github.com/gogs/gogs/tree/main/docker)
+- [Try with Vagrant](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
+
+### Deploy to cloud
+
+- [Cloudron](https://www.cloudron.io/store/io.gogs.cloudronapp.html)
+- [Sandstorm](https://github.com/cem/gogs-sandstorm)
+- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
+- [YunoHost](https://github.com/YunoHost-Apps/gogs_ynh)
+- [DPlatform](https://github.com/DFabric/DPlatform-Shell)
+- [LunaNode](https://github.com/LunaNode/launchgogs)
+- [alwaysdata](https://www.alwaysdata.com/en/marketplace/gogs/)

 ### Tutorials

+- [Private Git Web Portal in Raspberry PI With Gogs](https://peppe8o.com/private-git-web-portal-in-raspberry-pi-with-gogs/)
 - [How To Set Up Gogs on Ubuntu 14.04](https://www.digitalocean.com/community/tutorials/how-to-set-up-gogs-on-ubuntu-14-04)
- [Run your own GitHub-like service with the help of Docker](http://blog.hypriot.com/post/run-your-own-github-like-service-with-docker/)
- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs) (Chinese)
- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654) (Chinese)
+- [Run your own GitHub-like service with the help of Docker](https://blog.hypriot.com/post/run-your-own-github-like-service-with-docker/)
+- [Dockerized Gogs git server and alpine postgres in 20 minutes or less](https://garthwaite.org/docker-gogs.html)
+- [Host Your Own Private GitHub with Gogs](https://eladnava.com/host-your-own-private-github-with-gogs-io/)
+- [使用 Gogs 搭建自己的 Git 服务器](https://blog.mynook.info/post/host-your-own-git-server-using-gogs/) (Chinese)
+- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](https://my.oschina.net/luyao/blog/375654) (Chinese)
 - [Installing Gogs on FreeBSD](https://www.codejam.info/2015/03/installing-gogs-on-freebsd.html)
- [Gogs on Raspberry Pi](http://blog.meinside.pe.kr/Gogs-on-Raspberry-Pi/)
- [Cloudflare Full SSL with GOGS (Go Git Service) using NGINX](http://www.listekconsulting.com/articles/cloudflare-full-ssl-with-gogs-go-git-service-using-nginx/)
+- [How to install Gogs on a Linux Server (DigitalOcean)](https://www.youtube.com/watch?v=deSfX0gqefE)

-### Screencasts
+## 📦 Software, service and product support

- [Instalando Gogs no Ubuntu](https://www.youtube.com/watch?v=4UkHAR1F7ZA) (Português)
-
-### Deploy to Cloud
-
- [OpenShift](https://github.com/tkisme/gogs-openshift)
- [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
- [Scaleway](https://www.scaleway.com/imagehub/gogs/)
- [Portal](https://portaldemo.xyz/cloud/)
- [Sandstorm](https://github.com/cem/gogs-sandstorm)
- [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
- [YunoHost](https://github.com/mbugeia/gogs_ynh)
-
-## Software and Service Support
-
- [Drone](https://github.com/drone/drone) (CI)
 - [Fabric8](http://fabric8.io/) (DevOps)
- [Taiga](https://taiga.io/) (Project Management)
- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs) (IT)
- [Kanboard](http://kanboard.net/plugin/gogs-webhook) (Project Management)
- [BearyChat](https://bearychat.com/) (Team Communication)
-
-### Product Support
-
+- [Jenkins](https://plugins.jenkins.io/gogs-webhook/) (CI)
+- [Puppet](https://forge.puppet.com/modules/Siteminds/gogs) (IT)
 - [Synology](https://www.synology.com) (Docker)
- [One Space](http://www.onespace.cc) (App Store)
+- [Syncloud](https://syncloud.org/) (App Store)

-## Acknowledgments
+## 🙇‍♂️ Acknowledgments

- Router and middleware mechanism of [Macaron](https://github.com/go-macaron/macaron).
- System Monitor Status is inspired by [GoBlog](https://github.com/fuxiaohei/goblog).
- Thanks [lavachen](http://www.lavachen.cn/) and [Rocker](http://weibo.com/rocker1989) for designing Logo.
- Thanks [Crowdin](https://crowdin.com/project/gogs) for providing open source translation plan.
- Thanks [DigitalOcean](https://www.digitalocean.com) for hosting home and demo sites.
- Thanks [KeyCDN](https://www.keycdn.com/) for providing CDN service.
+- Thanks [Egon Elbre](https://twitter.com/egonelbre) for designing the original version of the logo.
+- Thanks [Crowdin](https://crowdin.com/project/gogs) for sponsoring open source translation plan.
+- Thanks [DigitalOcean](https://www.digitalocean.com), [VPSServer](https://www.vpsserver.com/), [Hosted.nl](https://www.hosted.nl/), [BitLaunch](https://bitlaunch.io), and [MonoVM](https://monovm.com/linux-vps/) for sponsoring VPS services.
+- Thanks [KeyCDN](https://www.keycdn.com/) for sponsoring CDN service.
+- Thanks [Buildkite](https://buildkite.com) for sponsoring open source CI/CD plan.

-## Contributors
+## 👋 Contributors

- Ex-team members [@lunny](https://github.com/lunny), [@fuxiaohei](https://github.com/fuxiaohei) and [@slene](https://github.com/slene).
- See [contributors page](https://github.com/gogits/gogs/graphs/contributors) for full list of contributors.
+- See [contributors page](https://github.com/gogs/gogs/graphs/contributors) for top 100 contributors.
 - See [TRANSLATORS](conf/locale/TRANSLATORS) for public list of translators.

-## License
+## ⚖️ License

-This project is under the MIT License. See the [LICENSE](https://github.com/gogits/gogs/blob/master/LICENSE) file for the full license text.
+This project is under the MIT License. See the [LICENSE](https://github.com/gogs/gogs/blob/main/LICENSE) file for the full license text.
--- a/README_ZH.md
+++ b/README_ZH.md
@@ -1,41 +1,43 @@
-Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs)
-=====================
+# Gogs

-Gogs (Go Git Service) 是一款极易搭建的自助 Git 服务。
+Gogs 是一款极易搭建的自助 Git 服务。

-## 开发目的
+## 项目愿景

-Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自助 Git 服务。使用 Go 语言开发使得 Gogs 能够通过独立的二进制分发，并且支持 Go 语言支持的 **所有平台**，包括 Linux、Mac OS X、Windows 以及 ARM 平台。
+Gogs（`/gɑgz/`）项目旨在打造一个以最简便的方式搭建简单、稳定和可扩展的自助 Git 服务。使用 Go 语言开发使得 Gogs 能够通过独立的二进制分发，并且支持 Go 语言支持的 **所有平台**，包括 Linux、macOS、Windows 和基于 ARM 的操作系统。

-## 项目概览
+## 概览

- 有关基本用法和变更日志，请通过 [使用手册](http://gogs.io/docs/intro/) 查看。
- 您可以到 [Trello Board](https://trello.com/b/uxAoeLUl/gogs-go-git-service) 跟随开发团队的脚步。
- 想要先睹为快？直接去 [在线体验](https://try.gogs.io/gogs/gogs) 。
- 使用过程中遇到问题？尝试从 [故障排查](http://gogs.io/docs/intro/troubleshooting.html) 页面或 [用户论坛](https://discuss.gogs.io/) 获取帮助。
- 希望帮助多国语言界面的翻译吗？请立即访问 [详情页面](http://gogs.io/docs/features/i18n.html)！
+- 请移步[官网](https://gogs.io)查看用户使用文档
+- 请通过 [CHANGELOG.md](CHANGELOG.md) 文件查看各个版本的变更历史
+- 想要先睹为快？直接去[在线体验](https://try.gogs.io/gogs/gogs)吧！
+- 使用过程中遇到问题？尝试[故障排查](https://gogs.io/docs/intro/troubleshooting.html)或者前往[用户论坛](https://discuss.gogs.io/)获取帮助
+- 希望帮助多国语言的翻译吗？请查看[本地化文档](https://gogs.io/docs/features/i18n.html)
+- 准备搞点事情？请阅读[开发指南](docs/dev/local_development.md)配置开发环境
+- 想调用 API 吗？请查看[文档](https://github.com/gogs/docs-api)吧

-## 功能特性
+## 主要特性

- 支持活动时间线
- 支持 SSH 以及 HTTP/HTTPS 协议
- 支持 SMTP、LDAP 和反向代理的用户认证
- 支持反向代理子路径
- 支持用户、组织和仓库管理系统
- 支持仓库和组织级别 Web 钩子（包括 Slack 集成）
- 支持仓库 Git 钩子和部署密钥
- 支持仓库工单（Issue）、合并请求（Pull Request）以及 Wiki
- 支持添加和删除仓库协作者
- 支持 Gravatar 以及自定义源
- 支持邮件服务
- 支持后台管理面板
- 支持 MySQL、PostgreSQL、SQLite3 和 [TiDB](https://github.com/pingcap/tidb)（实验性支持） 数据库
- 支持多语言本地化（[15 种语言]([more](https://crowdin.com/project/gogs))）
+- 控制面板、用户页面以及活动时间线
+- 通过 SSH、HTTP 和 HTTPS 协议操作仓库
+- 管理用户、组织和仓库
+- 仓库和组织级 Webhook，包括 Slack、Discord 和钉钉
+- 仓库 Git 钩子、部署密钥和 Git LFS
+- 仓库工单（Issue）、合并请求（Pull Request）、Wiki、保护分支和多人协作
+- 从其它代码平台迁移和镜像仓库以及 Wiki
+- 在线编辑仓库文件和 Wiki
+- Jupyter Notebook 和 PDF 的渲染
+- 通过 SMTP、LDAP、反向代理、GitHub.com 和 GitHub 企业版进行用户认证
+- 开启两步验证（2FA）登录
+- 自定义 HTML 模板、静态文件和许多其它组件
+- 多样的数据库后端，包括 PostgreSQL、MySQL、SQLite3 和 [TiDB](https://github.com/pingcap/tidb)
+- 超过 [31 种语言](https://crowdin.com/project/gogs)的本地化

-## 系统要求
+## 硬件要求

 - 最低的系统硬件要求为一个廉价的树莓派
- 如果用于团队项目，建议使用 2 核 CPU 及 1GB 内存
+- 如果用于团队项目管理，建议使用 2 核 CPU 及 512MB 内存
+- 当团队成员大量增加时，可以考虑添加 CPU 核数，内存占用保持不变

 ## 浏览器支持

@@ -44,60 +46,58 @@ Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自

 ## 安装部署

-在安装 Gogs 之前，您需要先安装 [基本环境](http://gogs.io/docs/installation)。
+在安装 Gogs 之前，您需要先安装 [基本环境](https://gogs.io/docs/installation)。

-然后，您可以通过以下 5 种方式来安装 Gogs：
+然后，您可以通过以下 6 种方式来安装 Gogs：

- [二进制安装](http://gogs.io/docs/installation/install_from_binary.html)
- [源码安装](http://gogs.io/docs/installation/install_from_source.html)
- [包管理安装](http://gogs.io/docs/installation/install_from_packages.html)
- [采用 Docker 部署](https://github.com/gogits/gogs/tree/master/docker)
+- [二进制安装](https://gogs.io/docs/installation/install_from_binary.html)
+- [源码安装](https://gogs.io/docs/installation/install_from_source.html)
+- [包管理安装](https://gogs.io/docs/installation/install_from_packages.html)
+- [采用 Docker 部署](https://github.com/gogs/gogs/tree/main/docker)
 - [通过 Vagrant 安装](https://github.com/geerlingguy/ansible-vagrant-examples/tree/master/gogs)
-
-### 使用教程
-
- [使用 Gogs 搭建自己的 Git 服务器](https://mynook.info/blog/post/host-your-own-git-server-using-gogs)
- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654)
+- [通过基于 Kubernetes 的 Helm Charts](https://github.com/helm/charts/tree/master/incubator/gogs)

 ### 云端部署

 - [OpenShift](https://github.com/tkisme/gogs-openshift)
 - [Cloudron](https://cloudron.io/appstore.html#io.gogs.cloudronapp)
 - [Scaleway](https://www.scaleway.com/imagehub/gogs/)
- [Portal](https://portaldemo.xyz/cloud/)
 - [Sandstorm](https://github.com/cem/gogs-sandstorm)
 - [sloppy.io](https://github.com/sloppyio/quickstarters/tree/master/gogs)
 - [YunoHost](https://github.com/mbugeia/gogs_ynh)
+- [DPlatform](https://github.com/j8r/DPlatform)
+- [LunaNode](https://github.com/LunaNode/launchgogs)

-## 软件及服务支持
+### 使用教程
+
+- [使用 Gogs 搭建自己的 Git 服务器](https://blog.mynook.info/post/host-your-own-git-server-using-gogs/)
+- [阿里云上 Ubuntu 14.04 64 位安装 Gogs](http://my.oschina.net/luyao/blog/375654)
+
+## 软件、服务以及产品支持

- [Drone](https://github.com/drone/drone)（CI）
 - [Fabric8](http://fabric8.io/)（DevOps）
+- [Jenkins](https://plugins.jenkins.io/gogs-webhook/)（CI）
 - [Taiga](https://taiga.io/)（项目管理）
- [Puppet](https://forge.puppetlabs.com/Siteminds/gogs)（IT）
- [Kanboard](http://kanboard.net/plugin/gogs-webhook)（项目管理）
+- [Puppet](https://forge.puppet.com/Siteminds/gogs)（IT）
+- [Kanboard](https://github.com/kanboard/plugin-gogs-webhook)（项目管理）
 - [BearyChat](https://bearychat.com/)（团队交流）
-
-### 产品支持
-
+- [GitPitch](https://gitpitch.com/)（Markdown 演示）
 - [Synology](https://www.synology.com)（Docker）
- [One Space](http://www.onespace.cc)（应用商店）
+- [Syncloud](https://syncloud.org/)（应用商店）

 ## 特别鸣谢

- 基于 [Macaron](https://github.com/go-macaron/macaron) 的路由与中间件机制。
- 基于 [GoBlog](https://github.com/fuxiaohei/goblog) 修改的系统监视状态。
- 感谢 [lavachen](http://www.lavachen.cn/) 和 [Rocker](http://weibo.com/rocker1989) 设计的 Logo。
+- 感谢 [Egon Elbre](https://twitter.com/egonelbre) 设计的 Logo。
 - 感谢 [Crowdin](https://crowdin.com/project/gogs) 提供免费的开源项目本地化支持。
- 感谢 [DigitalOcean](https://www.digitalocean.com) 提供主站和体验站点的服务器赞助。
+- 感谢 [DigitalOcean](https://www.digitalocean.com)、[VPSServer](https://www.vpsserver.com/)、[Hosted.nl](https://www.hosted.nl/)、[MonoVM](https://monovm.com) 和 [BitLaunch](https://bitlaunch.io) 提供服务器赞助。
 - 感谢 [KeyCDN](https://www.keycdn.com/) 提供 CDN 服务赞助。
+- 感谢 [Buildkite](https://buildkite.com) 提供免费的开源项目 CI/CD 支持。

 ## 贡献成员

- 前团队成员 [@lunny](https://github.com/lunny)、[@fuxiaohei](https://github.com/fuxiaohei) 和 [@slene](https://github.com/slene)。
- 您可以通过查看 [贡献者页面](https://github.com/gogits/gogs/graphs/contributors) 获取完整的贡献者列表。
+- 您可以通过查看 [贡献者页面](https://github.com/gogs/gogs/graphs/contributors) 获取 TOP 100 的贡献者列表。
 - 您可以通过查看 [TRANSLATORS](conf/locale/TRANSLATORS) 文件获取公开的翻译人员列表。

 ## 授权许可

-本项目采用 MIT 开源授权许可证，完整的授权说明已放置在 [LICENSE](https://github.com/gogits/gogs/blob/master/LICENSE) 文件中。
+本项目采用 MIT 开源授权许可证，完整的授权说明已放置在 [LICENSE](https://github.com/gogs/gogs/blob/main/LICENSE) 文件中。
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,23 @@
+# Security policy
+
+## Supported versions
+
+Only lastest two minor version releases are supported (>= 0.12) for accepting vulnerability reports and patching fixes.
+
+Existing vulnerability reports are being tracked in [Gogs Vulnerability Reports](https://jcunknwon.notion.site/Gogs-Vulnerability-Reports-81d7df52e45c4f159274e46ba48ed1b9).
+
+## Vulnerability lifecycle
+
+1. Report a vulnerability:
+    - We strongly enourage to use https://huntr.dev/ for submitting and managing status of vulnerability reports.
+    - Alternatively, you may send vulnerability reports through emails to [security@gogs.io](mailto:security@gogs.io).
+1. Create a [dummy issue](https://github.com/gogs/gogs/issues/6901) with high-level description of the security vulnerability for credibility and tracking purposes.
+1. Project maintainers review the report and either:
+    - Ask clarifying questions
+    - Confirm or deny the vulnerability
+1. Once the vulnerability is confirmed, the reporter may submit a patch or wait for project maintainers to patch.
+    - The latter is usually significantly slower.
+1. Patch releases will be made for the supported versions.
+1. Publish the original vulnerability report and a new [GitHub security advisory](https://github.com/gogs/gogs/security/advisories).
+
+Thank you!
--- a/Taskfile.yml
+++ b/Taskfile.yml
@@ -0,0 +1,92 @@
+version: '3'
+
+vars:
+  BINARY_EXT:
+    sh: echo '{{if eq OS "windows"}}.exe{{end}}'
+
+tasks:
+  default:
+    deps: [build]
+  web:
+    desc: Build the binary and start the web server
+    deps: [build]
+    cmds:
+      - ./gogs web
+
+  build:
+    desc: Build the binary
+    cmds:
+      - go build -v
+        -ldflags '
+          -X "{{.PKG_PATH}}.BuildTime={{.BUILD_TIME}}"
+          -X "{{.PKG_PATH}}.BuildCommit={{.BUILD_COMMIT}}"
+        '
+        -tags '{{.TAGS}}'
+        -trimpath -o gogs{{.BINARY_EXT}}
+    vars:
+      PKG_PATH: gogs.io/gogs/internal/conf
+      BUILD_TIME:
+        sh: date -u '+%Y-%m-%d %I:%M:%S %Z'
+      BUILD_COMMIT:
+        sh: git rev-parse HEAD
+    sources:
+      - go.mod
+      - gogs.go
+      - internal/**/*.go
+      - conf/**/*
+      - public/**/*
+      - templates/**/*
+      - custom/**/*
+    method: timestamp
+
+  generate-schemadoc:
+    desc: Generate database schema documentation
+    cmds:
+      - go generate ./internal/db/schemadoc
+
+  generate:
+    desc: Run all go:generate commands
+    cmds:
+      - go generate ./...
+
+  test:
+    desc: Run all tests.
+    cmds:
+      - go test -cover -race ./...
+
+  clean:
+    desc: Cleans up system meta files
+    cmds:
+      - find . -name "*.DS_Store" -type f -delete
+
+  release:
+    desc: Build the binary and pack resources to a ZIP file
+    deps: [build]
+    cmds:
+      - rm -rf {{.RELEASE_GOGS}}
+      - mkdir -p {{.RELEASE_GOGS}}
+      - cp -r gogs{{.BINARY_EXT}} LICENSE README.md README_ZH.md scripts {{.RELEASE_GOGS}}
+      - cd {{.RELEASE_ROOT}} && zip -r gogs.zip "gogs"
+    vars:
+      RELEASE_ROOT: release
+      RELEASE_GOGS: release/gogs
+
+  less:
+    desc: Generate CSS from LESS files
+    cmds:
+      - lessc --clean-css --source-map "public/less/gogs.less" public/css/gogs.min.css
+
+  fixme:
+    desc: Show all occurrences of "FIXME"
+    cmds:
+      - grep -rnw "FIXME" internal
+
+  todo:
+    desc: Show all occurrences of "TODO"
+    cmds:
+      - grep -rnw "TODO" internal
+
+  legacy:
+    desc: Identify legacy and deprecated lines
+    cmds:
+      - grep -rnw "\(LEGACY\|Deprecated\)" internal
--- a/cmd/dump.go
+++ b/cmd/dump.go
@@ -1,97 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"fmt"
-	"log"
-	"os"
-	"path"
-	"time"
-
-	"io/ioutil"
-
-	"github.com/Unknwon/cae/zip"
-	"github.com/codegangsta/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var CmdDump = cli.Command{
-	Name:  "dump",
-	Usage: "Dump Gogs files and database",
-	Description: `Dump compresses all related files and database into zip file.
-It can be used for backup and capture Gogs server image to send to maintainer`,
-	Action: runDump,
-	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-		boolFlag("verbose, v", "show process details"),
-	},
-}
-
-func runDump(ctx *cli.Context) {
-	if ctx.IsSet("config") {
-		setting.CustomConf = ctx.String("config")
-	}
-	setting.NewContext()
-	models.LoadConfigs()
-	models.SetEngine()
-
-	TmpWorkDir, err := ioutil.TempDir(os.TempDir(), "gogs-dump-")
-	if err != nil {
-		log.Fatalf("Fail to create tmp work directory: %v", err)
-	}
-	log.Printf("Creating tmp work dir: %s", TmpWorkDir)
-
-	reposDump := path.Join(TmpWorkDir, "gogs-repo.zip")
-	dbDump := path.Join(TmpWorkDir, "gogs-db.sql")
-
-	log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
-	zip.Verbose = ctx.Bool("verbose")
-	if err := zip.PackTo(setting.RepoRootPath, reposDump, true); err != nil {
-		log.Fatalf("Fail to dump local repositories: %v", err)
-	}
-
-	log.Printf("Dumping database...")
-	if err := models.DumpDatabase(dbDump); err != nil {
-		log.Fatalf("Fail to dump database: %v", err)
-	}
-
-	fileName := fmt.Sprintf("gogs-dump-%d.zip", time.Now().Unix())
-	log.Printf("Packing dump files...")
-	z, err := zip.Create(fileName)
-	if err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to create %s: %v", fileName, err)
-	}
-
-	if err := z.AddFile("gogs-repo.zip", reposDump); err !=nil {
-		log.Fatalf("Fail to include gogs-repo.zip: %v", err)
-	}
-	if err := z.AddFile("gogs-db.sql", dbDump); err !=nil {
-		log.Fatalf("Fail to include gogs-db.sql: %v", err)
-	}
-	customDir, err := os.Stat(setting.CustomPath)
-	if err == nil && customDir.IsDir() {
-		if err := z.AddDir("custom", setting.CustomPath); err !=nil {
-			log.Fatalf("Fail to include custom: %v", err)
-	    }
-	} else {
-		log.Printf("Custom dir %s doesn't exist, skipped", setting.CustomPath)
-	}
-	if err := z.AddDir("log", setting.LogRootPath); err !=nil {
-		log.Fatalf("Fail to include log: %v", err)
-	}
-	// FIXME: SSH key file.
-	if err = z.Close(); err != nil {
-		os.Remove(fileName)
-		log.Fatalf("Fail to save %s: %v", fileName, err)
-	}
-
-	log.Printf("Removing tmp work dir: %s", TmpWorkDir)
-	os.RemoveAll(TmpWorkDir)
-	log.Printf("Finish dumping in file %s", fileName)
-}
--- a/cmd/serve.go
+++ b/cmd/serve.go
@@ -1,293 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"crypto/tls"
-	"fmt"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strings"
-	"time"
-
-	"github.com/Unknwon/com"
-	"github.com/codegangsta/cli"
-	gouuid "github.com/satori/go.uuid"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/base"
-	"github.com/gogits/gogs/modules/httplib"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-const (
-	_ACCESS_DENIED_MESSAGE = "Repository does not exist or you do not have access"
-)
-
-var CmdServ = cli.Command{
-	Name:        "serv",
-	Usage:       "This command should only be called by SSH shell",
-	Description: `Serv provide access auth for repositories`,
-	Action:      runServ,
-	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-	},
-}
-
-func setup(logPath string) {
-	setting.NewContext()
-	log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
-
-	models.LoadConfigs()
-
-	if setting.UseSQLite3 || setting.UseTiDB {
-		workDir, _ := setting.WorkDir()
-		os.Chdir(workDir)
-	}
-
-	models.SetEngine()
-}
-
-func parseCmd(cmd string) (string, string) {
-	ss := strings.SplitN(cmd, " ", 2)
-	if len(ss) != 2 {
-		return "", ""
-	}
-	return ss[0], strings.Replace(ss[1], "'/", "'", 1)
-}
-
-var (
-	allowedCommands = map[string]models.AccessMode{
-		"git-upload-pack":    models.ACCESS_MODE_READ,
-		"git-upload-archive": models.ACCESS_MODE_READ,
-		"git-receive-pack":   models.ACCESS_MODE_WRITE,
-	}
-)
-
-func fail(userMessage, logMessage string, args ...interface{}) {
-	fmt.Fprintln(os.Stderr, "Gogs:", userMessage)
-
-	if len(logMessage) > 0 {
-		if !setting.ProdMode {
-			fmt.Fprintf(os.Stderr, logMessage+"\n", args...)
-		}
-		log.GitLogger.Fatal(3, logMessage, args...)
-		return
-	}
-
-	log.GitLogger.Close()
-	os.Exit(1)
-}
-
-func handleUpdateTask(uuid string, user, repoUser *models.User, reponame string, isWiki bool) {
-	task, err := models.GetUpdateTaskByUUID(uuid)
-	if err != nil {
-		if models.IsErrUpdateTaskNotExist(err) {
-			log.GitLogger.Trace("No update task is presented: %s", uuid)
-			return
-		}
-		log.GitLogger.Fatal(2, "GetUpdateTaskByUUID: %v", err)
-	} else if err = models.DeleteUpdateTaskByUUID(uuid); err != nil {
-		log.GitLogger.Fatal(2, "DeleteUpdateTaskByUUID: %v", err)
-	}
-
-	if isWiki {
-		return
-	}
-
-	if err = models.PushUpdate(models.PushUpdateOptions{
-		RefName:      task.RefName,
-		OldCommitID:  task.OldCommitID,
-		NewCommitID:  task.NewCommitID,
-		PusherID:     user.Id,
-		PusherName:   user.Name,
-		RepoUserName: repoUser.Name,
-		RepoName:     reponame,
-	}); err != nil {
-		log.GitLogger.Error(2, "Update: %v", err)
-	}
-
-	// Ask for running deliver hook and test pull request tasks.
-	reqURL := setting.LocalURL + repoUser.Name + "/" + reponame + "/tasks/trigger?branch=" +
-		strings.TrimPrefix(task.RefName, "refs/heads/") + "&secret=" + base.EncodeMD5(repoUser.Salt)
-	log.GitLogger.Trace("Trigger task: %s", reqURL)
-
-	resp, err := httplib.Head(reqURL).SetTLSClientConfig(&tls.Config{
-		InsecureSkipVerify: true,
-	}).Response()
-	if err == nil {
-		resp.Body.Close()
-		if resp.StatusCode/100 != 2 {
-			log.GitLogger.Error(2, "Fail to trigger task: not 2xx response code")
-		}
-	} else {
-		log.GitLogger.Error(2, "Fail to trigger task: %v", err)
-	}
-}
-
-func runServ(c *cli.Context) {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-
-	setup("serv.log")
-
-	if setting.SSH.Disabled {
-		println("Gogs: SSH has been disabled")
-		return
-	}
-
-	if len(c.Args()) < 1 {
-		fail("Not enough arguments", "Not enough arguments")
-	}
-
-	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
-	if len(cmd) == 0 {
-		println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.")
-		println("If this is unexpected, please log in with password and setup Gogs under another user.")
-		return
-	}
-
-	verb, args := parseCmd(cmd)
-	repoPath := strings.ToLower(strings.Trim(args, "'"))
-	rr := strings.SplitN(repoPath, "/", 2)
-	if len(rr) != 2 {
-		fail("Invalid repository path", "Invalid repository path: %v", args)
-	}
-	username := strings.ToLower(rr[0])
-	reponame := strings.ToLower(strings.TrimSuffix(rr[1], ".git"))
-
-	isWiki := false
-	if strings.HasSuffix(reponame, ".wiki") {
-		isWiki = true
-		reponame = reponame[:len(reponame)-5]
-	}
-
-	repoUser, err := models.GetUserByName(username)
-	if err != nil {
-		if models.IsErrUserNotExist(err) {
-			fail("Repository owner does not exist", "Unregistered owner: %s", username)
-		}
-		fail("Internal error", "Failed to get repository owner (%s): %v", username, err)
-	}
-
-	repo, err := models.GetRepositoryByName(repoUser.Id, reponame)
-	if err != nil {
-		if models.IsErrRepoNotExist(err) {
-			fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, reponame)
-		}
-		fail("Internal error", "Failed to get repository: %v", err)
-	}
-
-	requestedMode, has := allowedCommands[verb]
-	if !has {
-		fail("Unknown git command", "Unknown git command %s", verb)
-	}
-
-	// Prohibit push to mirror repositories.
-	if requestedMode > models.ACCESS_MODE_READ && repo.IsMirror {
-		fail("mirror repository is read-only", "")
-	}
-
-	// Allow anonymous clone for public repositories.
-	var (
-		keyID int64
-		user  *models.User
-	)
-	if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate {
-		keys := strings.Split(c.Args()[0], "-")
-		if len(keys) != 2 {
-			fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
-		}
-
-		key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
-		if err != nil {
-			fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err)
-		}
-		keyID = key.ID
-
-		// Check deploy key or user key.
-		if key.Type == models.KEY_TYPE_DEPLOY {
-			if key.Mode < requestedMode {
-				fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
-			}
-			// Check if this deploy key belongs to current repository.
-			if !models.HasDeployKey(key.ID, repo.ID) {
-				fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
-			}
-
-			// Update deploy key activity.
-			deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
-			if err != nil {
-				fail("Internal error", "GetDeployKey: %v", err)
-			}
-
-			deployKey.Updated = time.Now()
-			if err = models.UpdateDeployKey(deployKey); err != nil {
-				fail("Internal error", "UpdateDeployKey: %v", err)
-			}
-		} else {
-			user, err = models.GetUserByKeyID(key.ID)
-			if err != nil {
-				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
-			}
-
-			mode, err := models.AccessLevel(user, repo)
-			if err != nil {
-				fail("Internal error", "Fail to check access: %v", err)
-			} else if mode < requestedMode {
-				clientMessage := _ACCESS_DENIED_MESSAGE
-				if mode >= models.ACCESS_MODE_READ {
-					clientMessage = "You do not have sufficient authorization for this action"
-				}
-				fail(clientMessage,
-					"User %s does not have level %v access to repository %s",
-					user.Name, requestedMode, repoPath)
-			}
-		}
-	}
-
-	uuid := gouuid.NewV4().String()
-	os.Setenv("uuid", uuid)
-
-	// Special handle for Windows.
-	if setting.IsWindows {
-		verb = strings.Replace(verb, "-", " ", 1)
-	}
-
-	var gitcmd *exec.Cmd
-	verbs := strings.Split(verb, " ")
-	if len(verbs) == 2 {
-		gitcmd = exec.Command(verbs[0], verbs[1], repoPath)
-	} else {
-		gitcmd = exec.Command(verb, repoPath)
-	}
-	gitcmd.Dir = setting.RepoRootPath
-	gitcmd.Stdout = os.Stdout
-	gitcmd.Stdin = os.Stdin
-	gitcmd.Stderr = os.Stderr
-	if err = gitcmd.Run(); err != nil {
-		fail("Internal error", "Failed to execute git command: %v", err)
-	}
-
-	if requestedMode == models.ACCESS_MODE_WRITE {
-		handleUpdateTask(uuid, user, repoUser, reponame, isWiki)
-	}
-
-	// Update user key activity.
-	if keyID > 0 {
-		key, err := models.GetPublicKeyByID(keyID)
-		if err != nil {
-			fail("Internal error", "GetPublicKeyById: %v", err)
-		}
-
-		key.Updated = time.Now()
-		if err = models.UpdatePublicKey(key); err != nil {
-			fail("Internal error", "UpdatePublicKey: %v", err)
-		}
-	}
-}
--- a/cmd/update.go
+++ b/cmd/update.go
@@ -1,56 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"os"
-
-	"github.com/codegangsta/cli"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/setting"
-)
-
-var CmdUpdate = cli.Command{
-	Name:        "update",
-	Usage:       "This command should only be called by Git hook",
-	Description: `Update get pushed info and insert into database`,
-	Action:      runUpdate,
-	Flags: []cli.Flag{
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-	},
-}
-
-func runUpdate(c *cli.Context) {
-	if c.IsSet("config") {
-		setting.CustomConf = c.String("config")
-	}
-
-	setup("update.log")
-
-	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
-		log.GitLogger.Trace("SSH_ORIGINAL_COMMAND is empty")
-		return
-	}
-
-	args := c.Args()
-	if len(args) != 3 {
-		log.GitLogger.Fatal(2, "Arguments received are not equal to three")
-	} else if len(args[0]) == 0 {
-		log.GitLogger.Fatal(2, "First argument 'refName' is empty, shouldn't use")
-	}
-
-	task := models.UpdateTask{
-		UUID:        os.Getenv("uuid"),
-		RefName:     args[0],
-		OldCommitID: args[1],
-		NewCommitID: args[2],
-	}
-
-	if err := models.AddUpdateTask(&task); err != nil {
-		log.GitLogger.Fatal(2, "AddUpdateTask: %v", err)
-	}
-}
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -1,581 +0,0 @@
-// Copyright 2014 The Gogs Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"crypto/tls"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"net/http/fcgi"
-	"os"
-	"path"
-	"strings"
-
-	"github.com/codegangsta/cli"
-	"github.com/go-macaron/binding"
-	"github.com/go-macaron/cache"
-	"github.com/go-macaron/captcha"
-	"github.com/go-macaron/csrf"
-	"github.com/go-macaron/gzip"
-	"github.com/go-macaron/i18n"
-	"github.com/go-macaron/session"
-	"github.com/go-macaron/toolbox"
-	"github.com/go-xorm/xorm"
-	"github.com/mcuadros/go-version"
-	"gopkg.in/ini.v1"
-	"gopkg.in/macaron.v1"
-
-	"github.com/gogits/git-module"
-	"github.com/gogits/go-gogs-client"
-
-	"github.com/gogits/gogs/models"
-	"github.com/gogits/gogs/modules/auth"
-	"github.com/gogits/gogs/modules/bindata"
-	"github.com/gogits/gogs/modules/log"
-	"github.com/gogits/gogs/modules/middleware"
-	"github.com/gogits/gogs/modules/setting"
-	"github.com/gogits/gogs/modules/template"
-	"github.com/gogits/gogs/routers"
-	"github.com/gogits/gogs/routers/admin"
-	apiv1 "github.com/gogits/gogs/routers/api/v1"
-	"github.com/gogits/gogs/routers/dev"
-	"github.com/gogits/gogs/routers/org"
-	"github.com/gogits/gogs/routers/repo"
-	"github.com/gogits/gogs/routers/user"
-)
-
-var CmdWeb = cli.Command{
-	Name:  "web",
-	Usage: "Start Gogs web server",
-	Description: `Gogs web server is the only thing you need to run,
-and it takes care of all the other things for you`,
-	Action: runWeb,
-	Flags: []cli.Flag{
-		stringFlag("port, p", "3000", "Temporary port number to prevent conflict"),
-		stringFlag("config, c", "custom/conf/app.ini", "Custom configuration file path"),
-	},
-}
-
-type VerChecker struct {
-	ImportPath string
-	Version    func() string
-	Expected   string
-}
-
-// checkVersion checks if binary matches the version of templates files.
-func checkVersion() {
-	// Templates.
-	data, err := ioutil.ReadFile(setting.StaticRootPath + "/templates/.VERSION")
-	if err != nil {
-		log.Fatal(4, "Fail to read 'templates/.VERSION': %v", err)
-	}
-	if string(data) != setting.AppVer {
-		log.Fatal(4, "Binary and template file version does not match, did you forget to recompile?")
-	}
-
-	// Check dependency version.
-	checkers := []VerChecker{
-		{"github.com/go-xorm/xorm", func() string { return xorm.Version }, "0.5.2.0304"},
-		{"github.com/go-macaron/binding", binding.Version, "0.2.1"},
-		{"github.com/go-macaron/cache", cache.Version, "0.1.2"},
-		{"github.com/go-macaron/csrf", csrf.Version, "0.0.5"},
-		{"github.com/go-macaron/i18n", i18n.Version, "0.2.0"},
-		{"github.com/go-macaron/session", session.Version, "0.1.6"},
-		{"github.com/go-macaron/toolbox", toolbox.Version, "0.1.0"},
-		{"gopkg.in/ini.v1", ini.Version, "1.8.4"},
-		{"gopkg.in/macaron.v1", macaron.Version, "0.8.0"},
-		{"github.com/gogits/git-module", git.Version, "0.2.9"},
-		{"github.com/gogits/go-gogs-client", gogs.Version, "0.7.3"},
-	}
-	for _, c := range checkers {
-		if !version.Compare(c.Version(), c.Expected, ">=") {
-			log.Fatal(4, "Package '%s' version is too old (%s -> %s), did you forget to update?", c.ImportPath, c.Version(), c.Expected)
-		}
-	}
-}
-
-// newMacaron initializes Macaron instance.
-func newMacaron() *macaron.Macaron {
-	m := macaron.New()
-	if !setting.DisableRouterLog {
-		m.Use(macaron.Logger())
-	}
-	m.Use(macaron.Recovery())
-	if setting.EnableGzip {
-		m.Use(gzip.Gziper())
-	}
-	if setting.Protocol == setting.FCGI {
-		m.SetURLPrefix(setting.AppSubUrl)
-	}
-	m.Use(macaron.Static(
-		path.Join(setting.StaticRootPath, "public"),
-		macaron.StaticOptions{
-			SkipLogging: setting.DisableRouterLog,
-		},
-	))
-	m.Use(macaron.Static(
-		setting.AvatarUploadPath,
-		macaron.StaticOptions{
-			Prefix:      "avatars",
-			SkipLogging: setting.DisableRouterLog,
-		},
-	))
-	m.Use(macaron.Renderer(macaron.RenderOptions{
-		Directory:  path.Join(setting.StaticRootPath, "templates"),
-		Funcs:      template.NewFuncMap(),
-		IndentJSON: macaron.Env != macaron.PROD,
-	}))
-
-	localeNames, err := bindata.AssetDir("conf/locale")
-	if err != nil {
-		log.Fatal(4, "Fail to list locale files: %v", err)
-	}
-	localFiles := make(map[string][]byte)
-	for _, name := range localeNames {
-		localFiles[name] = bindata.MustAsset("conf/locale/" + name)
-	}
-	m.Use(i18n.I18n(i18n.Options{
-		SubURL:          setting.AppSubUrl,
-		Files:           localFiles,
-		CustomDirectory: path.Join(setting.CustomPath, "conf/locale"),
-		Langs:           setting.Langs,
-		Names:           setting.Names,
-		DefaultLang:     "en-US",
-		Redirect:        true,
-	}))
-	m.Use(cache.Cacher(cache.Options{
-		Adapter:       setting.CacheAdapter,
-		AdapterConfig: setting.CacheConn,
-		Interval:      setting.CacheInternal,
-	}))
-	m.Use(captcha.Captchaer(captcha.Options{
-		SubURL: setting.AppSubUrl,
-	}))
-	m.Use(session.Sessioner(setting.SessionConfig))
-	m.Use(csrf.Csrfer(csrf.Options{
-		Secret:     setting.SecretKey,
-		SetCookie:  true,
-		Header:     "X-Csrf-Token",
-		CookiePath: setting.AppSubUrl,
-	}))
-	m.Use(toolbox.Toolboxer(m, toolbox.Options{
-		HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
-			&toolbox.HealthCheckFuncDesc{
-				Desc: "Database connection",
-				Func: models.Ping,
-			},
-		},
-	}))
-	m.Use(middleware.Contexter())
-	return m
-}
-
-func runWeb(ctx *cli.Context) {
-	if ctx.IsSet("config") {
-		setting.CustomConf = ctx.String("config")
-	}
-	routers.GlobalInit()
-	checkVersion()
-
-	m := newMacaron()
-
-	reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true})
-	ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: setting.Service.RequireSignInView})
-	ignSignInAndCsrf := middleware.Toggle(&middleware.ToggleOptions{DisableCsrf: true})
-	reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true})
-
-	bindIgnErr := binding.BindIgnErr
-
-	// FIXME: not all routes need go through same middlewares.
-	// Especially some AJAX requests, we can reduce middleware number to improve performance.
-	// Routers.
-	m.Get("/", ignSignIn, routers.Home)
-	m.Get("/explore", ignSignIn, routers.Explore)
-	m.Combo("/install", routers.InstallInit).Get(routers.Install).
-		Post(bindIgnErr(auth.InstallForm{}), routers.InstallPost)
-	m.Get("/^:type(issues|pulls)$", reqSignIn, user.Issues)
-
-	// ***** START: API *****
-	m.Group("/api", func() {
-		apiv1.RegisterRoutes(m)
-	}, ignSignIn)
-	// ***** END: API *****
-
-	// ***** START: User *****
-	m.Group("/user", func() {
-		m.Get("/login", user.SignIn)
-		m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
-		m.Get("/sign_up", user.SignUp)
-		m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
-		m.Get("/reset_password", user.ResetPasswd)
-		m.Post("/reset_password", user.ResetPasswdPost)
-	}, reqSignOut)
-
-	m.Group("/user/settings", func() {
-		m.Get("", user.Settings)
-		m.Post("", bindIgnErr(auth.UpdateProfileForm{}), user.SettingsPost)
-		m.Post("/avatar", binding.MultipartForm(auth.UploadAvatarForm{}), user.SettingsAvatar)
-		m.Post("/avatar/delete", user.SettingsDeleteAvatar)
-		m.Combo("/email").Get(user.SettingsEmails).
-			Post(bindIgnErr(auth.AddEmailForm{}), user.SettingsEmailPost)
-		m.Post("/email/delete", user.DeleteEmail)
-		m.Get("/password", user.SettingsPassword)
-		m.Post("/password", bindIgnErr(auth.ChangePasswordForm{}), user.SettingsPasswordPost)
-		m.Combo("/ssh").Get(user.SettingsSSHKeys).
-			Post(bindIgnErr(auth.AddSSHKeyForm{}), user.SettingsSSHKeysPost)
-		m.Post("/ssh/delete", user.DeleteSSHKey)
-		m.Combo("/applications").Get(user.SettingsApplications).
-			Post(bindIgnErr(auth.NewAccessTokenForm{}), user.SettingsApplicationsPost)
-		m.Post("/applications/delete", user.SettingsDeleteApplication)
-		m.Route("/delete", "GET,POST", user.SettingsDelete)
-	}, reqSignIn, func(ctx *middleware.Context) {
-		ctx.Data["PageIsUserSettings"] = true
-	})
-
-	m.Group("/user", func() {
-		// r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds)
-		m.Any("/activate", user.Activate)
-		m.Any("/activate_email", user.ActivateEmail)
-		m.Get("/email2user", user.Email2User)
-		m.Get("/forget_password", user.ForgotPasswd)
-		m.Post("/forget_password", user.ForgotPasswdPost)
-		m.Get("/logout", user.SignOut)
-	})
-	// ***** END: User *****
-
-	adminReq := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true, AdminRequire: true})
-
-	// ***** START: Admin *****
-	m.Group("/admin", func() {
-		m.Get("", adminReq, admin.Dashboard)
-		m.Get("/config", admin.Config)
-		m.Post("/config/test_mail", admin.SendTestMail)
-		m.Get("/monitor", admin.Monitor)
-
-		m.Group("/users", func() {
-			m.Get("", admin.Users)
-			m.Combo("/new").Get(admin.NewUser).Post(bindIgnErr(auth.AdminCrateUserForm{}), admin.NewUserPost)
-			m.Combo("/:userid").Get(admin.EditUser).Post(bindIgnErr(auth.AdminEditUserForm{}), admin.EditUserPost)
-			m.Post("/:userid/delete", admin.DeleteUser)
-		})
-
-		m.Group("/orgs", func() {
-			m.Get("", admin.Organizations)
-		})
-
-		m.Group("/repos", func() {
-			m.Get("", admin.Repos)
-			m.Post("/delete", admin.DeleteRepo)
-		})
-
-		m.Group("/auths", func() {
-			m.Get("", admin.Authentications)
-			m.Combo("/new").Get(admin.NewAuthSource).Post(bindIgnErr(auth.AuthenticationForm{}), admin.NewAuthSourcePost)
-			m.Combo("/:authid").Get(admin.EditAuthSource).
-				Post(bindIgnErr(auth.AuthenticationForm{}), admin.EditAuthSourcePost)
-			m.Post("/:authid/delete", admin.DeleteAuthSource)
-		})
-
-		m.Group("/notices", func() {
-			m.Get("", admin.Notices)
-			m.Post("/delete", admin.DeleteNotices)
-			m.Get("/empty", admin.EmptyNotices)
-		})
-	}, adminReq)
-	// ***** END: Admin *****
-
-	m.Group("", func() {
-		m.Group("/:username", func() {
-			m.Get("", user.Profile)
-			m.Get("/followers", user.Followers)
-			m.Get("/following", user.Following)
-			m.Get("/stars", user.Stars)
-		})
-
-		m.Get("/attachments/:uuid", func(ctx *middleware.Context) {
-			attach, err := models.GetAttachmentByUUID(ctx.Params(":uuid"))
-			if err != nil {
-				if models.IsErrAttachmentNotExist(err) {
-					ctx.Error(404)
-				} else {
-					ctx.Handle(500, "GetAttachmentByUUID", err)
-				}
-				return
-			}
-
-			fr, err := os.Open(attach.LocalPath())
-			if err != nil {
-				ctx.Handle(500, "Open", err)
-				return
-			}
-			defer fr.Close()
-
-			ctx.Header().Set("Cache-Control", "public,max-age=86400")
-			// Fix #312. Attachments with , in their name are not handled correctly by Google Chrome.
-			// We must put the name in " manually.
-			if err = repo.ServeData(ctx, "\""+attach.Name+"\"", fr); err != nil {
-				ctx.Handle(500, "ServeData", err)
-				return
-			}
-		})
-		m.Post("/issues/attachments", repo.UploadIssueAttachment)
-	}, ignSignIn)
-
-	m.Group("/:username", func() {
-		m.Get("/action/:action", user.Action)
-	}, reqSignIn)
-
-	if macaron.Env == macaron.DEV {
-		m.Get("/template/*", dev.TemplatePreview)
-	}
-
-	reqRepoAdmin := middleware.RequireRepoAdmin()
-	reqRepoWriter := middleware.RequireRepoWriter()
-
-	// ***** START: Organization *****
-	m.Group("/org", func() {
-		m.Get("/create", org.Create)
-		m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost)
-
-		m.Group("/:org", func() {
-			m.Get("/dashboard", user.Dashboard)
-			m.Get("/^:type(issues|pulls)$", user.Issues)
-			m.Get("/members", org.Members)
-			m.Get("/members/action/:action", org.MembersAction)
-
-			m.Get("/teams", org.Teams)
-		}, middleware.OrgAssignment(true))
-
-		m.Group("/:org", func() {
-			m.Get("/teams/:team", org.TeamMembers)
-			m.Get("/teams/:team/repositories", org.TeamRepositories)
-			m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction)
-			m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction)
-		}, middleware.OrgAssignment(true, false, true))
-
-		m.Group("/:org", func() {
-			m.Get("/teams/new", org.NewTeam)
-			m.Post("/teams/new", bindIgnErr(auth.CreateTeamForm{}), org.NewTeamPost)
-			m.Get("/teams/:team/edit", org.EditTeam)
-			m.Post("/teams/:team/edit", bindIgnErr(auth.CreateTeamForm{}), org.EditTeamPost)
-			m.Post("/teams/:team/delete", org.DeleteTeam)
-
-			m.Group("/settings", func() {
-				m.Combo("").Get(org.Settings).
-					Post(bindIgnErr(auth.UpdateOrgSettingForm{}), org.SettingsPost)
-				m.Post("/avatar", binding.MultipartForm(auth.UploadAvatarForm{}), org.SettingsAvatar)
-				m.Post("/avatar/delete", org.SettingsDeleteAvatar)
-
-				m.Group("/hooks", func() {
-					m.Get("", org.Webhooks)
-					m.Post("/delete", org.DeleteWebhook)
-					m.Get("/:type/new", repo.WebhooksNew)
-					m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-					m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
-					m.Get("/:id", repo.WebHooksEdit)
-					m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-					m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
-				})
-
-				m.Route("/delete", "GET,POST", org.SettingsDelete)
-			})
-
-			m.Route("/invitations/new", "GET,POST", org.Invitation)
-		}, middleware.OrgAssignment(true, true))
-	}, reqSignIn)
-	// ***** END: Organization *****
-
-	// ***** START: Repository *****
-	m.Group("/repo", func() {
-		m.Get("/create", repo.Create)
-		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
-		m.Get("/migrate", repo.Migrate)
-		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-		m.Combo("/fork/:repoid").Get(repo.Fork).
-			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
-	}, reqSignIn)
-
-	m.Group("/:username/:reponame", func() {
-		m.Group("/settings", func() {
-			m.Combo("").Get(repo.Settings).
-				Post(bindIgnErr(auth.RepoSettingForm{}), repo.SettingsPost)
-			m.Group("/collaboration", func() {
-				m.Combo("").Get(repo.Collaboration).Post(repo.CollaborationPost)
-				m.Post("/access_mode", repo.ChangeCollaborationAccessMode)
-				m.Post("/delete", repo.DeleteCollaboration)
-			})
-
-			m.Group("/hooks", func() {
-				m.Get("", repo.Webhooks)
-				m.Post("/delete", repo.DeleteWebhook)
-				m.Get("/:type/new", repo.WebhooksNew)
-				m.Post("/gogs/new", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksNewPost)
-				m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost)
-				m.Get("/:id", repo.WebHooksEdit)
-				m.Post("/:id/test", repo.TestWebhook)
-				m.Post("/gogs/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
-				m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
-
-				m.Group("/git", func() {
-					m.Get("", repo.GitHooks)
-					m.Combo("/:name").Get(repo.GitHooksEdit).
-						Post(repo.GitHooksEditPost)
-				}, middleware.GitHookService())
-			})
-
-			m.Group("/keys", func() {
-				m.Combo("").Get(repo.DeployKeys).
-					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.DeployKeysPost)
-				m.Post("/delete", repo.DeleteDeployKey)
-			})
-
-		}, func(ctx *middleware.Context) {
-			ctx.Data["PageIsSettings"] = true
-		})
-	}, reqSignIn, middleware.RepoAssignment(), reqRepoAdmin, middleware.RepoRef())
-
-	m.Get("/:username/:reponame/action/:action", reqSignIn, middleware.RepoAssignment(), repo.Action)
-	m.Group("/:username/:reponame", func() {
-		m.Group("/issues", func() {
-			m.Combo("/new", repo.MustEnableIssues).Get(middleware.RepoRef(), repo.NewIssue).
-				Post(bindIgnErr(auth.CreateIssueForm{}), repo.NewIssuePost)
-
-			m.Combo("/:index/comments").Post(bindIgnErr(auth.CreateCommentForm{}), repo.NewComment)
-			m.Group("/:index", func() {
-				m.Post("/label", repo.UpdateIssueLabel)
-				m.Post("/milestone", repo.UpdateIssueMilestone)
-				m.Post("/assignee", repo.UpdateIssueAssignee)
-			}, reqRepoWriter)
-
-			m.Group("/:index", func() {
-				m.Post("/title", repo.UpdateIssueTitle)
-				m.Post("/content", repo.UpdateIssueContent)
-			})
-		})
-		m.Post("/comments/:id", repo.UpdateCommentContent)
-		m.Group("/labels", func() {
-			m.Post("/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
-			m.Post("/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
-			m.Post("/delete", repo.DeleteLabel)
-		}, reqRepoWriter, middleware.RepoRef())
-		m.Group("/milestones", func() {
-			m.Combo("/new").Get(repo.NewMilestone).
-				Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
-			m.Get("/:id/edit", repo.EditMilestone)
-			m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
-			m.Get("/:id/:action", repo.ChangeMilestonStatus)
-			m.Post("/delete", repo.DeleteMilestone)
-		}, reqRepoWriter, middleware.RepoRef())
-
-		m.Group("/releases", func() {
-			m.Get("/new", repo.NewRelease)
-			m.Post("/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost)
-			m.Get("/edit/:tagname", repo.EditRelease)
-			m.Post("/edit/:tagname", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost)
-			m.Post("/delete", repo.DeleteRelease)
-		}, reqRepoWriter, middleware.RepoRef())
-
-		m.Combo("/compare/*", repo.MustAllowPulls).Get(repo.CompareAndPullRequest).
-			Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost)
-	}, reqSignIn, middleware.RepoAssignment(), repo.MustBeNotBare)
-
-	m.Group("/:username/:reponame", func() {
-		m.Group("", func() {
-			m.Get("/releases", repo.Releases)
-			m.Get("/^:type(issues|pulls)$", repo.RetrieveLabels, repo.Issues)
-			m.Get("/^:type(issues|pulls)$/:index", repo.ViewIssue)
-			m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
-			m.Get("/milestones", repo.Milestones)
-		}, middleware.RepoRef())
-
-		// m.Get("/branches", repo.Branches)
-
-		m.Group("/wiki", func() {
-			m.Get("/?:page", repo.Wiki)
-			m.Get("/_pages", repo.WikiPages)
-
-			m.Group("", func() {
-				m.Combo("/_new").Get(repo.NewWiki).
-					Post(bindIgnErr(auth.NewWikiForm{}), repo.NewWikiPost)
-				m.Combo("/:page/_edit").Get(repo.EditWiki).
-					Post(bindIgnErr(auth.NewWikiForm{}), repo.EditWikiPost)
-				m.Post("/:page/delete", repo.DeleteWikiPagePost)
-			}, reqSignIn, reqRepoWriter)
-		}, repo.MustEnableWiki, middleware.RepoRef())
-
-		m.Get("/archive/*", repo.Download)
-
-		m.Group("/pulls/:index", func() {
-			m.Get("/commits", middleware.RepoRef(), repo.ViewPullCommits)
-			m.Get("/files", middleware.RepoRef(), repo.ViewPullFiles)
-			m.Post("/merge", reqRepoWriter, repo.MergePullRequest)
-		}, repo.MustAllowPulls)
-
-		m.Group("", func() {
-			m.Get("/src/*", repo.Home)
-			m.Get("/raw/*", repo.SingleDownload)
-			m.Get("/commits/*", repo.RefCommits)
-			m.Get("/commit/*", repo.Diff)
-			m.Get("/forks", repo.Forks)
-		}, middleware.RepoRef())
-
-		m.Get("/compare/:before([a-z0-9]{40})\\.\\.\\.:after([a-z0-9]{40})", repo.CompareDiff)
-	}, ignSignIn, middleware.RepoAssignment(), repo.MustBeNotBare)
-	m.Group("/:username/:reponame", func() {
-		m.Get("/stars", repo.Stars)
-		m.Get("/watchers", repo.Watchers)
-	}, ignSignIn, middleware.RepoAssignment(), middleware.RepoRef())
-
-	m.Group("/:username", func() {
-		m.Group("/:reponame", func() {
-			m.Get("", repo.Home)
-			m.Get("\\.git$", repo.Home)
-		}, ignSignIn, middleware.RepoAssignment(true), middleware.RepoRef())
-
-		m.Group("/:reponame", func() {
-			m.Any("/*", ignSignInAndCsrf, repo.HTTP)
-			m.Head("/tasks/trigger", repo.TriggerTask)
-		})
-	})
-	// ***** END: Repository *****
-
-	// robots.txt
-	m.Get("/robots.txt", func(ctx *middleware.Context) {
-		if setting.HasRobotsTxt {
-			ctx.ServeFileContent(path.Join(setting.CustomPath, "robots.txt"))
-		} else {
-			ctx.Error(404)
-		}
-	})
-
-	// Not found handler.
-	m.NotFound(routers.NotFound)
-
-	// Flag for port number in case first time run conflict.
-	if ctx.IsSet("port") {
-		setting.AppUrl = strings.Replace(setting.AppUrl, setting.HttpPort, ctx.String("port"), 1)
-		setting.HttpPort = ctx.String("port")
-	}
-
-	var err error
-	listenAddr := fmt.Sprintf("%s:%s", setting.HttpAddr, setting.HttpPort)
-	log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubUrl)
-	switch setting.Protocol {
-	case setting.HTTP:
-		err = http.ListenAndServe(listenAddr, m)
-	case setting.HTTPS:
-		server := &http.Server{Addr: listenAddr, TLSConfig: &tls.Config{MinVersion: tls.VersionTLS10}, Handler: m}
-		err = server.ListenAndServeTLS(setting.CertFile, setting.KeyFile)
-	case setting.FCGI:
-		err = fcgi.Serve(nil, m)
-	default:
-		log.Fatal(4, "Invalid protocol: %s", setting.Protocol)
-	}
-
-	if err != nil {
-		log.Fatal(4, "Fail to start server: %v", err)
-	}
-}
--- a/codecov.yml
+++ b/codecov.yml
@@ -0,0 +1,16 @@
+coverage:
+  range: "60...95"
+  status:
+    project:
+      default:
+        threshold: 1%
+        informational: true
+    patch:
+      default:
+        only_pulls: true
+        informational: true
+
+comment:
+  layout: 'diff'
+
+github_checks: false
--- a/conf/README.md
+++ b/conf/README.md
@@ -1,3 +0,0 @@
-Execute following command in ROOT directory when anything is changed:
-
-$ make bindata
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -1,24 +1,487 @@
-# NEVER EVER MODIFY THIS FILE
-# PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE
+# !!! NEVER EVER MODIFY THIS FILE !!!
+# !!! PLEASE MAKE CHANGES ON CORRESPONDING CUSTOM CONFIG FILE !!!
+# !!! IF YOU ARE PACKAGING PROVIDER, PLEASE MAKE OWN COPY OF IT !!!

-; App name that shows on every page title
-APP_NAME = Gogs: Go Git Service
-; Change it if you run locally
+; The brand name of the application, can be your company or team name.
+BRAND_NAME = Gogs
+; The system user who should be running the applications. It has no effect on Windows,
+; otherwise, it should match the value of $USER environment variable.
 RUN_USER = git
-; Either "dev", "prod" or "test", default is "dev"
+; The running mode of the application, can be either "dev", "prod" or "test".
 RUN_MODE = dev

+[server]
+; The public-facing URL for the application.
+EXTERNAL_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
+; The public-facing domain name for the application.
+DOMAIN = localhost
+; The protocol that is used to serve direct traffic to the application.
+; Currently supports "http", "https", "fcgi" and "unix".
+PROTOCOL = http
+; The address to be listened by the application.
+HTTP_ADDR = 0.0.0.0
+; The port number to be listened by the application.
+HTTP_PORT = 3000
+; Generate steps:
+; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
+;
+; Or from a .pfx file exported from the Windows certificate store (do
+; not forget to export the private key):
+; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
+; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
+CERT_FILE = custom/https/cert.pem
+KEY_FILE = custom/https/key.pem
+; The minimum allowed TLS version, currently supports "TLS10", "TLS11", "TLS12", and "TLS13".
+TLS_MIN_VERSION = TLS12
+; File permission when serve traffic via Unix domain socket.
+UNIX_SOCKET_PERMISSION = 666
+; Local (DMZ) URL for workers (e.g. SSH update) accessing web service.
+; In most cases you do not need to change the default value.
+; Alter it only if your SSH server node is not the same as HTTP node.
+LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
+
+; Whether to disable using CDN for static files regardless.
+OFFLINE_MODE = false
+; Whether to disable logging in router.
+DISABLE_ROUTER_LOG = true
+; Whether to enable application level GZIP compression.
+ENABLE_GZIP = false
+
+; The path for storing application specific data.
+APP_DATA_PATH = data
+; Whether to enable to load assets (i.e. "conf", "templates", "public") from disk instead of embedded bindata.
+LOAD_ASSETS_FROM_DISK = false
+
+; The landing page URL for anonymous users, the value should not include
+; subpath that is handled by the reverse proxy.
+LANDING_URL = /
+
+; Whether to disable SSH access to the application entirely.
+DISABLE_SSH = false
+; The domain name to be exposed in SSH clone URL.
+SSH_DOMAIN = %(DOMAIN)s
+; The port number to be exposed in SSH clone URL.
+SSH_PORT = 22
+; The path of SSH root directory, default is "$HOME/.ssh".
+SSH_ROOT_PATH =
+; The path to ssh-keygen, default is "ssh-keygen" and let shell find out which one to call.
+SSH_KEYGEN_PATH = ssh-keygen
+; The directory to create temporary files when test a public key using ssh-keygen,
+; default is the system temporary directory.
+SSH_KEY_TEST_PATH =
+; Whether to check minimum public key size with corresponding type.
+MINIMUM_KEY_SIZE_CHECK = false
+; Whether to rewrite "~/.ssh/authorized_keys" file at start, ignored when use builtin SSH server.
+REWRITE_AUTHORIZED_KEYS_AT_START = false
+; Whether to start a builtin SSH server.
+START_SSH_SERVER = false
+; The network interface for builtin SSH server to listen on.
+SSH_LISTEN_HOST = 0.0.0.0
+; The port number for builtin SSH server to listen on.
+SSH_LISTEN_PORT = %(SSH_PORT)s
+; The list of accepted ciphers for connections to builtin SSH server.
+SSH_SERVER_CIPHERS = aes128-ctr, aes192-ctr, aes256-ctr, aes128-gcm@openssh.com, arcfour256, arcfour128
+; The list of accepted MACs for connections to builtin SSH server.
+SSH_SERVER_MACS = hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1
+; The list of accepted key exchange algorithms for connections to builtin SSH server.
+SSH_SERVER_ALGORITHMS = rsa, ecdsa, ed25519
+
+; Define allowed algorithms and their minimum key length (use -1 to disable a type).
+[ssh.minimum_key_sizes]
+ED25519 = 256
+ECDSA   = 256
+RSA     = 2048
+DSA     = 1024
+
 [repository]
+; The root path for storing managed repositories, default is "~/gogs-repositories"
 ROOT =
+; The script type server supports, sometimes could be "sh".
 SCRIPT_TYPE = bash
-; Default ANSI charset
-ANSI_CHARSET = 
-; Force every new repository to be private
+; Default ANSI charset for an unrecognized charset.
+ANSI_CHARSET =
+; Whether to force every new repository to be private.
 FORCE_PRIVATE = false
-; Global maximum creation limit of repository per user, -1 means no limit
+; The global limit of number of repositories a user can create, -1 means no limit.
 MAX_CREATION_LIMIT = -1
-; Patch test queue length, make it as large as possible
-PULL_REQUEST_QUEUE_LENGTH = 10000
+; Preferred Licenses to place at the top of the list.
+; Name must match file name in "conf/license" or "custom/conf/license".
+PREFERRED_LICENSES = Apache License 2.0, MIT License
+; Whether to disable Git interaction with repositories via HTTP/HTTPS protocol.
+DISABLE_HTTP_GIT = false
+; Whether to enable ability to migrate repository by server local path.
+ENABLE_LOCAL_PATH_MIGRATION = false
+; Whether to enable render mode for raw file. There are potential security risks.
+ENABLE_RAW_FILE_RENDER_MODE = false
+; The maximum number of goroutines that can be run at the same time for a single
+; fetch request. Usually, the value depend of how many CPU (cores) you have. If
+; the value is non-positive, it matches the number of CPUs available to the application.
+COMMITS_FETCH_CONCURRENCY = 0
+; Default branch name when creating new repositories.
+DEFAULT_BRANCH = master
+
+[repository.editor]
+; List of file extensions that should have line wraps in the CodeMirror editor.
+; Separate extensions with a comma.
+LINE_WRAP_EXTENSIONS = .txt,.md,.markdown,.mdown,.mkd
+; Valid file modes that have a preview API associated with them, such as "/api/v1/markdown".
+; Separate values by commas. Preview tab in edit mode won't show if the file extension doesn't match.
+PREVIEWABLE_FILE_MODES = markdown
+
+[repository.upload]
+; Whether to enable repository file uploads.
+ENABLED = true
+; The path to temporarily store uploads (content under this path gets wiped out on every start).
+TEMP_PATH = data/tmp/uploads
+; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
+ALLOWED_TYPES =
+; The maximum size of each file in MB.
+FILE_MAX_SIZE = 3
+; The maximum number of files per upload.
+MAX_FILES = 5
+
+[database]
+; The database backend, either "postgres", "mysql" "sqlite3" or "mssql".
+; You can connect to TiDB with MySQL protocol.
+TYPE = postgres
+HOST = 127.0.0.1:5432
+NAME = gogs
+USER = gogs
+PASSWORD =
+; For "postgres" only
+SCHEMA = public
+; For "postgres" only, either "disable", "require" or "verify-full".
+SSL_MODE = disable
+; For "sqlite3" only, make sure to use absolute path.
+PATH = data/gogs.db
+; The maximum open connections of the pool.
+MAX_OPEN_CONNS = 30
+; The maximum idle connections of the pool.
+MAX_IDLE_CONNS = 30
+
+[security]
+; Whether to show the install page, set this to "true" to bypass it.
+INSTALL_LOCK = false
+; The secret to encrypt cookie values, 2FA code, etc.
+; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
+SECRET_KEY = !#@FDEWREWR&*(
+; The days remembered for auto-login.
+LOGIN_REMEMBER_DAYS = 7
+; The cookie name to store auto-login information.
+COOKIE_REMEMBER_NAME = gogs_incredible
+; The cookie name to store logged in username.
+COOKIE_USERNAME = gogs_awesome
+; Whether to set secure cookie.
+COOKIE_SECURE = false
+; Whether to set cookie to indicate user login status.
+ENABLE_LOGIN_STATUS_COOKIE = false
+; The cookie name to store user login status.
+LOGIN_STATUS_COOKIE_NAME = login_status
+; A comma separated list of hostnames that are explicitly allowed to be accessed within the local network.
+; Use "*" to allow all hostnames.
+LOCAL_NETWORK_ALLOWLIST =
+
+[email]
+; Whether to enable the email service.
+ENABLED = false
+; The prefix prepended to the subject line.
+SUBJECT_PREFIX = `[%(BRAND_NAME)s] `
+; The SMTP server with its port, e.g. smtp.mailgun.org:587, smtp.gmail.com:587, smtp.qq.com:465
+; If the port ends is "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409.
+; If the server supports STARTTLS it will always be used.
+HOST = smtp.mailgun.org:587
+; The email from address (RFC 5322). This can be just an email address, or the `"Name" <email@example.com>` format.
+FROM = noreply@gogs.localhost
+; The login user.
+USER = noreply@gogs.localhost
+; The login password.
+PASSWORD =
+
+; Whether to disable HELO operation when the hostname is different.
+DISABLE_HELO =
+; The custom hostname for HELO operation, default is from system.
+HELO_HOSTNAME =
+
+; Whether to skip verifying the certificate of the server. Only use this for self-signed certificates.
+SKIP_VERIFY = false
+; Whether to use client certificates.
+USE_CERTIFICATE = false
+CERT_FILE = custom/email/cert.pem
+KEY_FILE = custom/email/key.pem
+
+; Whether to use "text/plain" as content format.
+USE_PLAIN_TEXT = false
+; Whether to attach a plaintext alternative to the MIME message while sending HTML emails.
+; It is used to support older mail clients and make spam filters happier.
+ADD_PLAIN_TEXT_ALT = false
+
+[auth]
+; The valid duration of activate code in minutes.
+ACTIVATE_CODE_LIVES = 180
+; The valid duration of reset password code in minutes.
+RESET_PASSWORD_CODE_LIVES = 180
+; Whether to require email confirmation for adding new email addresses.
+; Enable this option will also require user to confirm the email for registration.
+REQUIRE_EMAIL_CONFIRMATION = false
+; Whether to disallow anonymous users visiting the site.
+REQUIRE_SIGNIN_VIEW = false
+; Whether to disable self-registration. When disabled, accounts would have to be created by admins.
+DISABLE_REGISTRATION = false
+; Whether to enable captcha validation for registration
+ENABLE_REGISTRATION_CAPTCHA = true
+
+; Whether to enable reverse proxy authentication via HTTP header.
+ENABLE_REVERSE_PROXY_AUTHENTICATION = false
+; Whether to automatically create new users for reverse proxy authentication.
+ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
+; The HTTP header used as username for reverse proxy authentication.
+REVERSE_PROXY_AUTHENTICATION_HEADER = X-WEBAUTH-USER
+
+[user]
+; Whether to enable email notifications for users.
+ENABLE_EMAIL_NOTIFICATION = false
+
+[session]
+; The session provider, either "memory", "file", or "redis".
+PROVIDER = memory
+; The configuration for respective provider:
+; - memory: does not need any config yet
+; - file: session file path, e.g. `data/sessions`
+; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
+PROVIDER_CONFIG = data/sessions
+; The cookie name to store the session identifier.
+COOKIE_NAME = i_like_gogs
+; Whether to set cookie in HTTPS only.
+COOKIE_SECURE = false
+; The GC interval in seconds for session data.
+GC_INTERVAL = 3600
+; The maximum life time in seconds for a session.
+MAX_LIFE_TIME = 86400
+; The cookie name for CSRF token.
+CSRF_COOKIE_NAME = _csrf
+
+[cache]
+; The cache adapter, either "memory", "redis", or "memcache".
+ADAPTER = memory
+; For "memory" only, GC interval in seconds.
+INTERVAL = 60
+; For "redis" and "memcache", connection host address:
+; - redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
+; - memcache: `127.0.0.1:11211`
+HOST =
+
+[http]
+; The value for "Access-Control-Allow-Origin" header, default is not to present.
+ACCESS_CONTROL_ALLOW_ORIGIN =
+
+[lfs]
+; The storage backend for uploading new objects.
+STORAGE = local
+; The root path to store LFS objects on local file system.
+OBJECTS_PATH = data/lfs-objects
+
+[attachment]
+; Whether to enabled upload attachments in general.
+ENABLED = true
+; The path to store attachments on the file system.
+PATH = data/attachments
+; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
+ALLOWED_TYPES = image/jpeg|image/png
+; The maximum size of each file in MB.
+MAX_SIZE = 4
+; The maximum number of files per upload.
+MAX_FILES = 5
+
+[release.attachment]
+; Whether to enabled upload attachments for releases.
+ENABLED = true
+; File types that are allowed to be uploaded, e.g. "image/jpeg|image/png". Leave empty to allow any file type.
+ALLOWED_TYPES = */*
+; The maximum size of each file in MB.
+MAX_SIZE = 32
+; The maximum number of files per upload.
+MAX_FILES = 10
+
+[time]
+; Specifies the format for fully outputed dates.
+; Values should be one of the following:
+; ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano.
+; For more information about the format see http://golang.org/pkg/time/#pkg-constants.
+FORMAT = RFC1123
+
+[picture]
+; The path to store user avatars on the file system.
+AVATAR_UPLOAD_PATH = data/avatars
+; The path to store repository avatars on the file system.
+REPOSITORY_AVATAR_UPLOAD_PATH = data/repo-avatars
+; Chinese users can use a custom avatar source, such as http://cn.gravatar.com/avatar/.
+GRAVATAR_SOURCE = gravatar
+; Whether to disable Gravatar, this value will be forced to be true in offline mode.
+DISABLE_GRAVATAR = false
+; Whether to enable federated avatar lookup uses DNS to discover avatar associated
+; with emails, see https://www.libravatar.org for details.
+; This value will be forced to be false in offline mode or when Gravatar is disabled.
+ENABLE_FEDERATED_AVATAR = false
+
+[markdown]
+; Whether to enable hard line break extension.
+ENABLE_HARD_LINE_BREAK = false
+; The list of custom URL schemes that are allowed as links when rendering Markdown.
+; For example, "git" (for "git://") and "magnet" (for "magnet://").
+CUSTOM_URL_SCHEMES =
+; The list of file extensions that should be rendered/edited as Markdown.
+; Separate extensions with a comma. To render files with no extension as markdown, just put a comma.
+FILE_EXTENSIONS = .md,.markdown,.mdown,.mkd
+
+[smartypants]
+; Whether to enable the Smartypants extension.
+ENABLED = false
+FRACTIONS = true
+DASHES = true
+LATEX_DASHES = true
+ANGLED_QUOTES = true
+
+[admin]
+; Whether to disable regular (non-admin) users to create organizations.
+DISABLE_REGULAR_ORG_CREATION = false
+
+[webhook]
+; The list of enabled types for users to use, can be "gogs", "slack", "discord", "dingtalk".
+TYPES = gogs, slack, discord, dingtalk
+; Deliver timeout in seconds.
+DELIVER_TIMEOUT = 15
+; Whether to allow insecure certification.
+SKIP_TLS_VERIFY = false
+; The number of history information in each page.
+PAGING_NUM = 10
+
+; General settings of loggers.
+[log]
+; The root path for all log files, default is "log/" subdirectory.
+ROOT_PATH =
+; Can be "console", "file", "slack" and "discord".
+; Use comma to separate multiple modes, e.g. "console, file"
+MODE = console
+; Buffer length of channel, keep it as it is if you don't know what it is.
+BUFFER_LEN = 100
+; Either "Trace", "Info", "Warn", "Error", "Fatal", default is "Trace"
+LEVEL = Trace
+
+; For "console" mode only
+[log.console]
+; Comment out to inherit
+; LEVEL =
+
+; For "file" mode only
+[log.file]
+; Comment out to inherit
+; LEVEL =
+; Whether to enable automated log rotate (switch of following options).
+LOG_ROTATE = true
+; Whether to segment log files daily.
+DAILY_ROTATE = true
+; The maximum size shift of single file, default is 28 means 1 << 28 = 256MB.
+MAX_SIZE_SHIFT = 28
+; The maximum number of lines of single file.
+MAX_LINES = 1000000
+; The expired days of log file (delete after max days).
+MAX_DAYS = 7
+
+; For "slack" mode only
+[log.slack]
+; Comment out to inherit
+; LEVEL =
+; Webhook URL
+URL =
+
+[log.discord]
+; Comment out to inherit
+; LEVEL =
+; Webhook URL
+URL =
+; The username to be displayed in notification.
+USERNAME = %(BRAND_NAME)s
+
+[log.xorm]
+; Enable file rotation
+ROTATE = true
+; Rotate every day
+ROTATE_DAILY = true
+; Rotate once file size excesses x MB
+MAX_SIZE = 100
+; Maximum days to keep logger files
+MAX_DAYS = 3
+
+[log.gorm]
+; Whether to enable file rotation.
+ROTATE = true
+; Whether to rotate file every day.
+ROTATE_DAILY = true
+; The maximum file size in MB before next rotate.
+MAX_SIZE = 100
+; The maximum days to keep files.
+MAX_DAYS = 3
+
+[cron]
+; Enable running cron tasks periodically.
+ENABLED = true
+; Run cron tasks when Gogs starts.
+RUN_AT_START = false
+
+[cron.update_mirrors]
+; Defines how often the mirror syncer checks if any mirror needs to be synchronized (based on the mirror update interval).
+SCHEDULE = @every 10m
+
+; Repository health check
+[cron.repo_health_check]
+SCHEDULE = @every 24h
+TIMEOUT = 60s
+; Arguments for command 'git fsck', e.g. "--unreachable --tags"
+; see more on http://git-scm.com/docs/git-fsck/1.7.5
+ARGS =
+
+; Check repository statistics
+[cron.check_repo_stats]
+RUN_AT_START = true
+SCHEDULE = @every 24h
+
+; Cleanup repository archives
+[cron.repo_archive_cleanup]
+RUN_AT_START = false
+SCHEDULE = @every 24h
+; Time duration to check if archive should be cleaned
+OLDER_THAN = 24h
+
+[git]
+; Disables highlight of added and removed changes
+DISABLE_DIFF_HIGHLIGHT = false
+; Max number of files shown in diff view
+MAX_GIT_DIFF_FILES = 100
+; Max number of lines allowed of a single file in diff view
+MAX_GIT_DIFF_LINES = 1000
+; Max number of characters of a line allowed in diff view
+MAX_GIT_DIFF_LINE_CHARACTERS = 2000
+; Arguments for command 'git gc', e.g. "--aggressive --auto"
+; see more on http://git-scm.com/docs/git-gc/1.7.5
+GC_ARGS =
+
+; Operation timeout in seconds
+[git.timeout]
+MIGRATE = 600
+MIRROR = 300
+CLONE = 300
+PULL = 300
+DIFF = 60
+GC = 60
+
+[mirror]
+; Defines the default interval (in hours) until the next sync for a mirror (after a successful mirror sync).
+; It can be overridden individually for each mirror repository in the settings.
+DEFAULT_INTERVAL = 8
+
+[api]
+; Max number of items will response in a page
+MAX_RESPONSE_ITEMS = 50

 [ui]
 ; Number of repositories that are showed in one explore page
@@ -27,10 +490,12 @@ EXPLORE_PAGING_NUM = 20
 ISSUE_PAGING_NUM = 10
 ; Number of maximum commits showed in one activity feed
 FEED_MAX_COMMIT_NUM = 5
-; Value of `theme-color` meta tag, used by Android >= 5.0
+; Value of "theme-color" meta tag, used by Android >= 5.0
 ; An invalid color like "none" or "disable" will have the default style
 ; More info: https://developers.google.com/web/updates/2014/11/Support-for-theme-color-in-Chrome-39-for-Android
 THEME_COLOR_META_TAG = `#ff5343`
+; Max size in bytes of files to be displayed (default is 8MB)
+MAX_DISPLAY_FILE_SIZE = 8388608

 [ui.admin]
 ; Number of users that are showed in one page
@@ -42,309 +507,39 @@ NOTICE_PAGING_NUM = 25
 ; Number of organization that are showed in one page
 ORG_PAGING_NUM = 50

-[markdown]
-; Enable hard line break extension
-ENABLE_HARD_LINE_BREAK = false
-; List of custom URL-Schemes that are allowed as links when rendering Markdown
-; for example git,magnet
-CUSTOM_URL_SCHEMES =
+[ui.user]
+; Number of repos that are showed in one page
+REPO_PAGING_NUM = 15
+; Number of news feeds that are showed in one page
+NEWS_FEED_PAGING_NUM = 20
+; Number of commits that are showed in one page
+COMMITS_PAGING_NUM = 30

-[server]
-PROTOCOL = http
-DOMAIN = localhost
-ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
-HTTP_ADDR =
-HTTP_PORT = 3000
-; Local (DMZ) URL for Gogs workers (such as SSH update) accessing web service.
-; In most cases you do not need to change the default value.
-; Alter it only if your SSH server node is not the same as HTTP node.
-LOCAL_ROOT_URL = http://localhost:%(HTTP_PORT)s/
-; Disable SSH feature when not available
-DISABLE_SSH = false
-; Whether use builtin SSH server or not.
-START_SSH_SERVER = false
-; Domain name to be exposed in clone URL
-SSH_DOMAIN = %(DOMAIN)s
-; Port number to be exposed in clone URL
-SSH_PORT = 22
-; Port number builtin SSH server listens on
-SSH_LISTEN_PORT = %(SSH_PORT)s
-; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
-SSH_ROOT_PATH = 
-; Directory to create temporary files when test publick key using ssh-keygen,
-; default is system temporary directory.
-SSH_KEY_TEST_PATH =
-; Path to ssh-keygen, default is 'ssh-keygen' and let shell find out which one to call.
-SSH_KEYGEN_PATH = ssh-keygen
-; Indicate whether to check minimum key size with corresponding type
-MINIMUM_KEY_SIZE_CHECK = false
-; Disable CDN even in "prod" mode
-OFFLINE_MODE = false
-DISABLE_ROUTER_LOG = false
-; Generate steps:
-; $ ./gogs cert -ca=true -duration=8760h0m0s -host=myhost.example.com
-;
-; Or from a .pfx file exported from the Windows certificate store (do
-; not forget to export the private key):
-; $ openssl pkcs12 -in cert.pfx -out cert.pem -nokeys
-; $ openssl pkcs12 -in cert.pfx -out key.pem -nocerts -nodes
-CERT_FILE = custom/https/cert.pem
-KEY_FILE = custom/https/key.pem
-; Upper level of template and static file path
-; default is the path where Gogs is executed
-STATIC_ROOT_PATH =
-; Application level GZIP support
-ENABLE_GZIP = false
-; Landing page for non-logged users, can be "home" or "explore"
-LANDING_PAGE = home
-
-; Define allowed algorithms and their minimum key length (use -1 to disable a type)
-[ssh.minimum_key_sizes]
-ED25519 = 256
-ECDSA   = 256
-RSA     = 2048
-DSA     = 1024
-
-[database]
-; Either "mysql", "postgres" or "sqlite3", it's your choice
-DB_TYPE = mysql
-HOST = 127.0.0.1:3306
-NAME = gogs
-USER = root
-PASSWD =
-; For "postgres" only, either "disable", "require" or "verify-full"
-SSL_MODE = disable
-; For "sqlite3" and "tidb", use absolute path when you start as service
-PATH = data/gogs.db
-
-[admin]
-
-[security]
-INSTALL_LOCK = false
-; !!CHANGE THIS TO KEEP YOUR USER DATA SAFE!!
-SECRET_KEY = !#@FDEWREWR&*(
-; Auto-login remember days
-LOGIN_REMEMBER_DAYS = 7
-COOKIE_USERNAME = gogs_awesome
-COOKIE_REMEMBER_NAME = gogs_incredible
-; Reverse proxy authentication header name of user name
-REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
-
-[service]
-ACTIVE_CODE_LIVE_MINUTES = 180
-RESET_PASSWD_CODE_LIVE_MINUTES = 180
-; User need to confirm e-mail for registration
-REGISTER_EMAIL_CONFIRM = false
-; Does not allow register and admin create account only
-DISABLE_REGISTRATION = false
-; User must sign in to view anything.
-REQUIRE_SIGNIN_VIEW = false
-; Mail notification
-ENABLE_NOTIFY_MAIL = false
-; More detail: https://github.com/gogits/gogs/issues/165
-ENABLE_REVERSE_PROXY_AUTHENTICATION = false
-ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false
-; Enable captcha validation for registration
-ENABLE_CAPTCHA = true
-
-[webhook]
-; Hook task queue length
-QUEUE_LENGTH = 1000
-; Deliver timeout in seconds
-DELIVER_TIMEOUT = 5
-; Allow insecure certification
-SKIP_TLS_VERIFY = false
-; Number of history information in each page
-PAGING_NUM = 10
-
-[mailer]
-ENABLED = false
-; Buffer length of channel, keep it as it is if you don't know what it is.
-SEND_BUFFER_LEN = 100
-; Name displayed in mail title
-SUBJECT = %(APP_NAME)s
-; Mail server
-; Gmail: smtp.gmail.com:587
-; QQ: smtp.qq.com:25
-; Note, if the port ends with "465", SMTPS will be used. Using STARTTLS on port 587 is recommended per RFC 6409. If the server supports STARTTLS it will always be used.
-HOST = 
-; Disable HELO operation when hostname are different.
-DISABLE_HELO = 
-; Custom hostname for HELO operation, default is from system.
-HELO_HOSTNAME = 
-; Do not verify the certificate of the server. Only use this for self-signed certificates
-SKIP_VERIFY = 
-; Use client certificate
-USE_CERTIFICATE = false
-CERT_FILE = custom/mailer/cert.pem
-KEY_FILE = custom/mailer/key.pem
-; Mail from address, RFC 5322. This can be just an email address, or the `"Name" <email@example.com>` format 
-FROM =
-; Mailer user name and password
-USER =
-PASSWD =
-
-[cache]
-; Either "memory", "redis", or "memcache", default is "memory"
-ADAPTER = memory
-; For "memory" only, GC interval in seconds, default is 60
-INTERVAL = 60
-; For "redis" and "memcache", connection host address
-; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
-; memcache: `127.0.0.1:11211`
-HOST =
-
-[session]
-; Either "memory", "file", "redis" or "mysql", default is "memory"
-PROVIDER = memory
-; Provider config options
-; memory: not have any config yet
-; file: session file path, e.g. `data/sessions`
-; redis: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180
-; mysql: go-sql-driver/mysql dsn config string, e.g. `root:password@/session_table`
-PROVIDER_CONFIG = data/sessions
-; Session cookie name
-COOKIE_NAME = i_like_gogits
-; If you use session in https only, default is false
-COOKIE_SECURE = false
-; Enable set cookie, default is true
-ENABLE_SET_COOKIE = true
-; Session GC time interval, default is 86400
-GC_INTERVAL_TIME = 86400
-; Session life time, default is 86400
-SESSION_LIFE_TIME = 86400
-
-[picture]
-AVATAR_UPLOAD_PATH = data/avatars
-; Chinese users can choose "duoshuo"
-; or a custom avatar source, like: http://cn.gravatar.com/avatar/
-GRAVATAR_SOURCE = gravatar
-DISABLE_GRAVATAR = false
-
-[attachment]
-; Whether attachments are enabled. Defaults to `true`
-ENABLE = true
-; Path for attachments. Defaults to `data/attachments`
-PATH = data/attachments
-; One or more allowed types, e.g. image/jpeg|image/png
-ALLOWED_TYPES = image/jpeg|image/png
-; Max size of each file. Defaults to 32MB
-MAX_SIZE = 4
-; Max number of files per upload. Defaults to 10
-MAX_FILES = 5
-
-[time]
-; Specifies the format for fully outputed dates. Defaults to RFC1123
-; Special supported values are ANSIC, UnixDate, RubyDate, RFC822, RFC822Z, RFC850, RFC1123, RFC1123Z, RFC3339, RFC3339Nano, Kitchen, Stamp, StampMilli, StampMicro and StampNano
-; For more information about the format see http://golang.org/pkg/time/#pkg-constants
-FORMAT =
-
-[log]
-ROOT_PATH =
-; Either "console", "file", "conn", "smtp" or "database", default is "console"
-; Use comma to separate multiple modes, e.g. "console, file"
-MODE = console
-; Buffer length of channel, keep it as it is if you don't know what it is.
-BUFFER_LEN = 10000
-; Either "Trace", "Debug", "Info", "Warn", "Error", "Critical", default is "Trace"
-LEVEL = Trace
-
-; For "console" mode only
-[log.console]
-LEVEL =
-
-; For "file" mode only
-[log.file]
-LEVEL =
-; This enables automated log rotate(switch of following options), default is true
-LOG_ROTATE = true
-; Max line number of single file, default is 1000000
-MAX_LINES = 1000000
-; Max size shift of single file, default is 28 means 1 << 28, 256MB
-MAX_SIZE_SHIFT = 28
-; Segment log daily, default is true
-DAILY_ROTATE = true
-; Expired days of log file(delete after max days), default is 7
-MAX_DAYS = 7
-
-; For "conn" mode only
-[log.conn]
-LEVEL =
-; Reconnect host for every single message, default is false
-RECONNECT_ON_MSG = false
-; Try to reconnect when connection is lost, default is false
-RECONNECT = false
-; Either "tcp", "unix" or "udp", default is "tcp"
-PROTOCOL = tcp
-; Host address
-ADDR =
-
-; For "smtp" mode only
-[log.smtp]
-LEVEL =
-; Name displayed in mail title, default is "Diagnostic message from server"
-SUBJECT = Diagnostic message from server
-; Mail server
-HOST =
-; Mailer user name and password
-USER =
-PASSWD =
-; Receivers, can be one or more, e.g. ["1@example.com","2@example.com"]
-RECEIVERS =
-
-; For "database" mode only
-[log.database]
-LEVEL =
-; Either "mysql" or "postgres"
-DRIVER =
-; Based on xorm, e.g.: root:root@localhost/gogs?charset=utf8
-CONN =
-
-[cron]
-; Enable running cron tasks periodically.
+[prometheus]
+; Whether to enable Prometheus metrics.
 ENABLED = true
-; Run cron tasks when Gogs starts.
-RUN_AT_START = false
+; Whether to enable HTTP Basic Authentication to protect metrics data.
+ENABLE_BASIC_AUTH = false
+; The username for HTTP Basic Authentication.
+BASIC_AUTH_USERNAME =
+; The password for HTTP Basic Authentication.
+BASIC_AUTH_PASSWORD =

-; Update mirrors
-[cron.update_mirrors]
-SCHEDULE = @every 1h
-
-; Repository health check
-[cron.repo_health_check]
-SCHEDULE = @every 24h
-TIMEOUT = 60s
-; Arguments for command 'git fsck', e.g. "--unreachable --tags"
-; see more on http://git-scm.com/docs/git-fsck/1.7.5
-ARGS = 
-
-; Check repository statistics
-[cron.check_repo_stats]
-RUN_AT_START = true
-SCHEDULE = @every 24h
-
-[git]
-MAX_GIT_DIFF_LINES = 10000
-; Arguments for command 'git gc', e.g. "--aggressive --auto"
-; see more on http://git-scm.com/docs/git-gc/1.7.5
-GC_ARGS = 
-
-; Operation timeout in seconds
-[git.timeout]
-MIGRATE = 600
-MIRROR = 300
-CLONE = 300
-PULL = 300
+; Extension mapping to highlight class
+; e.g. .toml=ini
+[highlight.mapping]

 [i18n]
-LANGS = en-US,zh-CN,zh-HK,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI
-NAMES = English,简体中文,繁體中文,Deutsch,Français,Nederlands,Latviešu,Русский,日本語,Español,Português do Brasil,Polski,български,Italiano,Suomalainen
+LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,ja-JP,es-ES,pt-BR,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR,gl-ES,uk-UA,en-GB,hu-HU,sk-SK,id-ID,fa-IR,vi-VN,pt-PT,mn-MN,ro-RO
+NAMES = English,简体中文,繁體中文（香港）,繁體中文（臺灣）,Deutsch,français,Nederlands,latviešu,русский,日本語,español,português do Brasil,polski,български,italiano,suomi,Türkçe,čeština,српски,svenska,한국어,galego,українська,English (United Kingdom),Magyar,Slovenčina,Indonesian,Persian,Vietnamese,Português,Монгол,Română

-; Used for datetimepicker
+; Used for jQuery DateTimePicker,
+; list of supported languages in https://xdsoft.net/jqplugins/datetimepicker/#lang
 [i18n.datelang]
 en-US = en
 zh-CN = zh
 zh-HK = zh-TW
+zh-TW = zh-TW
 de-DE = de
 fr-FR = fr
 nl-NL = nl
@@ -357,12 +552,24 @@ pl-PL = pl
 bg-BG = bg
 it-IT = it
 fi-FI = fi
-
-; Extension mapping to highlight class
-; e.g. .toml=ini
-[highlight.mapping]
+tr-TR = tr
+cs-CZ = cs-CZ
+sr-SP = sr
+sv-SE = sv
+ko-KR = ko
+gl-ES = gl
+uk-UA = uk
+en-GB = en-GB
+hu-HU = hu
+sk-SK = sk
+id-ID = id
+fa-IR = fa
+vi-VN = vi
+pt-PT = pt
+mn-MN = mn
+ro-RO = ro

 [other]
 SHOW_FOOTER_BRANDING = false
-; Show version information about gogs and go in the footer
-SHOW_FOOTER_VERSION = true
+; Show time of template execution in the footer
+SHOW_FOOTER_TEMPLATE_LOAD_TIME = true
--- a/conf/auth.d/github.conf.example
+++ b/conf/auth.d/github.conf.example
@@ -0,0 +1,10 @@
+# This is an example of GitHub authentication
+#
+id           = 105
+type         = github
+name         = GitHub
+is_activated = true
+
+[config]
+api_endpoint = https://api.github.com/
+
--- a/conf/auth.d/ldap_bind_dn.conf.example
+++ b/conf/auth.d/ldap_bind_dn.conf.example
@@ -0,0 +1,29 @@
+# This is an example of LDAP (BindDN) authentication
+#
+id           = 101
+type         = ldap_bind_dn
+name         = LDAP BindDN
+is_activated = true
+
+[config]
+host               = mydomain.com
+port               = 636
+# 0 - Unencrypted, 1 - LDAPS, 2 - StartTLS
+security_protocol  = 0
+skip_verify        = false
+bind_dn            = 
+bind_password      = 
+user_base          = ou=Users,dc=mydomain,dc=com
+attribute_username = 
+attribute_name     = 
+attribute_surname  = 
+attribute_mail     = mail
+attributes_in_bind = false
+filter             = (&(objectClass=posixAccount)(cn=%s))
+admin_filter       = 
+group_enabled      = false
+group_dn           = 
+group_filter       = 
+group_member_uid   = 
+user_uid           = 
+
--- a/conf/auth.d/ldap_simple_auth.conf.example
+++ b/conf/auth.d/ldap_simple_auth.conf.example
@@ -0,0 +1,30 @@
+# This is an example of LDAP (simple auth) authentication
+#
+id           = 102
+type         = ldap_simple_auth
+name         = LDAP Simple Auth
+is_activated = true
+
+[config]
+host               = mydomain.com
+port               = 636
+# 0 - Unencrypted, 1 - LDAPS, 2 - StartTLS
+security_protocol  = 0
+skip_verify        = false
+bind_dn            = 
+bind_password      = 
+user_base          = 
+user_dn            = cn=%s,ou=Users,dc=mydomain,dc=com
+attribute_username = 
+attribute_name     = 
+attribute_surname  = 
+attribute_mail     = mail
+attributes_in_bind = false
+filter             = (&(objectClass=posixAccount)(cn=%s))
+admin_filter       = 
+group_enabled      = false
+group_dn           = 
+group_filter       = 
+group_member_uid   = 
+user_uid           = 
+
--- a/conf/auth.d/pam.conf.example
+++ b/conf/auth.d/pam.conf.example
@@ -0,0 +1,10 @@
+# This is an example of PAM authentication
+#
+id           = 104
+type         = pam
+name         = System Auth
+is_activated = true
+
+[config]
+service_name = system-auth
+
--- a/conf/auth.d/smtp.conf.example
+++ b/conf/auth.d/smtp.conf.example
@@ -0,0 +1,16 @@
+# This is an example of SMTP authentication
+#
+id           = 103
+type         = smtp
+name         = GMail
+is_activated = true
+
+[config]
+# Either "PLAIN" or "LOGIN"
+auth            = PLAIN
+host            = smtp.gmail.com
+port            = 587
+allowed_domains = 
+tls             = true
+skip_verify     = false
+
--- a/conf/embed.go
+++ b/conf/embed.go
@@ -0,0 +1,27 @@
+// Copyright 2022 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package conf
+
+import (
+	"embed"
+)
+
+//go:embed app.ini **/*
+var Files embed.FS
+
+// FileNames returns a list of filenames exists in the given direction within
+// Files. The list includes names of subdirectories.
+func FileNames(dir string) ([]string, error) {
+	entries, err := Files.ReadDir(dir)
+	if err != nil {
+		return nil, err
+	}
+
+	fileNames := make([]string, 0, len(entries))
+	for _, entry := range entries {
+		fileNames = append(fileNames, entry.Name())
+	}
+	return fileNames, nil
+}
--- a/conf/embed_test.go
+++ b/conf/embed_test.go
@@ -0,0 +1,20 @@
+// Copyright 2022 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package conf
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestFileNames(t *testing.T) {
+	names, err := FileNames(".")
+	require.NoError(t, err)
+
+	want := []string{"app.ini", "auth.d", "gitignore", "label", "license", "locale", "readme"}
+	assert.Equal(t, want, names)
+}
--- a/conf/gitignore/PhpStorm
+++ b/conf/gitignore/PhpStorm
@@ -0,0 +1,63 @@
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff:
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/dictionaries
+
+# Sensitive or high-churn files:
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.xml
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+
+# Gradle:
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# CMake
+cmake-build-debug/
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+/out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Ruby plugin and RubyMine
+/.rakeTasks
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+### PhpStorm Patch ###
+# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
+
+# *.iml
+# modules.xml
+# .idea/misc.xml
+# *.ipr
+
+# Sonarlint plugin
+.idea/sonarlint
--- a/conf/gitignore/UnrealEngine
+++ b/conf/gitignore/UnrealEngine
@@ -0,0 +1,76 @@
+# Visual Studio 2015 user specific files
+.vs/
+
+# Compiled Object files
+*.slo
+*.lo
+*.o
+*.obj
+
+# Precompiled Headers
+*.gch
+*.pch
+
+# Compiled Dynamic libraries
+*.so
+*.dylib
+*.dll
+
+# Fortran module files
+*.mod
+
+# Compiled Static libraries
+*.lai
+*.la
+*.a
+*.lib
+
+# Executables
+*.exe
+*.out
+*.app
+*.ipa
+
+# These project files can be generated by the engine
+*.xcodeproj
+*.xcworkspace
+*.sln
+*.suo
+*.opensdf
+*.sdf
+*.VC.db
+*.VC.opendb
+
+# Precompiled Assets
+SourceArt/**/*.png
+SourceArt/**/*.tga
+
+# Binary Files
+Binaries/*
+Plugins/*/Binaries/*
+
+# Builds
+Build/*
+
+# Whitelist PakBlacklist-<BuildConfiguration>.txt files
+!Build/*/
+Build/*/**
+!Build/*/PakBlacklist*.txt
+
+# Don't ignore icon files in Build
+!Build/**/*.ico
+
+# Built data for maps
+*_BuiltData.uasset
+
+# Configuration files generated by the Editor
+Saved/*
+
+# Compiled source files for the engine to use
+Intermediate/*
+Plugins/*/Intermediate/*
+
+# Cache files for the editor to use
+DerivedDataCache/*
+
+
--- a/conf/gitignore/WebStorm
+++ b/conf/gitignore/WebStorm
@@ -0,0 +1,63 @@
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff:
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/dictionaries
+
+# Sensitive or high-churn files:
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.xml
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+
+# Gradle:
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# CMake
+cmake-build-debug/
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+/out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Ruby plugin and RubyMine
+/.rakeTasks
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+### WebStorm Patch ###
+# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
+
+# *.iml
+# modules.xml
+# .idea/misc.xml
+# *.ipr
+
+# Sonarlint plugin
+.idea/sonarlint
--- a/conf/gitignore/macOS
+++ b/conf/gitignore/macOS
@@ -1,24 +1,25 @@
-.DS_Store
-.AppleDouble
-.LSOverride
-
-# Icon must end with two \r
-Icon
-
-# Thumbnails
-._*
-
-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-
-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
--- a/conf/label/Default
+++ b/conf/label/Default
@@ -0,0 +1,7 @@
+#ee0701 bug
+#cccccc duplicate
+#84b6eb enhancement
+#128a0c help wanted
+#e6e6e6 invalid
+#cc317c question
+#ffffff wontfix
--- a/conf/license/ISC
+++ b/conf/license/ISC
@@ -1,6 +1,5 @@
 ISC License:
-Copyright (c) 2004-2010 by Internet Systems Consortium, Inc. ("ISC") 
-Copyright (c) 1995-2003 by Internet Software Consortium
+Copyright (c) Year(s), Company or Person's Name

 Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

--- a/conf/locale/TRANSLATORS
+++ b/conf/locale/TRANSLATORS
@@ -7,48 +7,82 @@ Akihiro YAGASAKI <yaggytter AT momiage DOT com>
 Aleksejs Grocevs <aleksejs AT grocevs DOT pro>
 Aleksey Tarakin <hukendo AT yandex DOT ru>
 Alexander Steinhöfer <kontakt AT lx-s DOT de>
+Alexandre Espinosa Menor <aemenor DOT gmail DOT com>
 Alexandre Magno <alexandre DOT mbm AT gmail DOT com>
+Anders B. Hansen <anders AT birkoe DOT com>
+András Schenkerik <moviesharkteam AT gmail DOT com>
 Andrey Nering <andrey AT nering DOT com DOT br>
+Andrey Paskal <apaskal AT gmail DOT com>
 Andrey Solomatin <toadron AT yandex DOT ru>
 Antoine GIRARD <sapk AT sapk DOT fr>
 Arthur Aslanyan <arthur DOT e DOT aslanyan AT gmail DOT com>
 Aurelien Darragon <aurelien DOT darragon AT gmail DOT com>
 Barış Arda Yılmaz <ardayilmazgamer AT gmail DOT com>
+Bo-Yi Wu <appleboy DOT tw AT gmail DOT com>
+Breton Corentin <contact AT neodarz DOT net>
+Camille Baronnet <gogs AT camillebaronnet DOT fr>
+Changwoo Ryu <cwryu AT debian DOT org>
 Christoph Kisfeld <christoph DOT kisfeld AT gmail DOT com>
 Cysioland
+Damaris Padieu <damizx AT hotmail DOT fr>
 Daniel Speichert <daniel AT speichert DOT pl>
 David Yzaguirre <dvdyzag AT gmail DOT com>
+Denys Khomenko
 Dmitriy Nogay <me AT catwhocode DOT ga>
 Enrico Testori hypertesto AT gmail DOT com
 Ezequiel Gonzalez Rial <gonrial AT gmail DOT com>
+Farhan Naysee <wpmagic70 AT gmail DOT com>
+Flávio Monteiro <flaviomonteiro2013 AT gmail DOT com>
+Gabriel Dugny <gabriel DOT dugny AT gmail DOT com>
+Ganesha <reekoheek AT gmail DOT com>
 Gregor Santner <gdev AT live DOT de>
+Halil Kaya <halil AT halilkaya DOT net>
 Hamid Feizabadi <hamidfzm AT gmail DOT com>
 Huimin Wang <wanghm2009 AT hotmail DOT co DOT jp>
 ilko <kontact-mr.k AT outlook DOT com">
 Ilya Makarov
-Robin Hübner <profan AT prfn DOT se>
 Jamie Mansfield <dev AT jamierocks DOT uk>
+Javier Ortiz Bultron <javier DOT ortiz DOT 78 AT gmail DOT com>
 Jean THOMAS <contact AT tibounise DOT com>
+John Behm <jxsl13 AT googlemail DOT com>
+Jonas De Kegel <jonasgithub [AT] gmail [DOT] com>
+Joubert RedRat <me+github AT redrat DOT com DOT br>
 Juraj Bubniak <contact AT jbub DOT eu>
 Lafriks <lafriks AT gmail DOT com>
 Lauri Ojansivu <x AT xet7 DOT org>
-Luc Stepniewski <luc AT stepniewski DOT fr>
+Luca Bozzo <luca AT bozzo DOT it>
 Luca Kröger <l DOT kroeger01 AT gmail DOT com>
+Luc Stepniewski <luc AT stepniewski DOT fr>
+Łukasz Jan Niemier <lukasz AT niemier DOT pl>
 Marc Schiller <marc AT schiller DOT im>
 Marvin Menzerath <github AT marvin-menzerath DOT de>
+Mathias Rangel Wulff <m AT rawu DOT dk>
 Michael Härtl <haertl DOT mike AT gmail DOT com>
 Miguel de la Cruz <miguel AT mcrx DOT me>
 Mikhail Burdin <xdshot9000 AT gmail DOT com>
+Mohammad Gholami <gholami DOT mohammad DOT mgh AT gmail DOT com>
 Morten Sørensen <klim8d AT gmail DOT com>
 Muhammad Fawwaz Orabi <mfawwaz93 AT gmail DOT com>
 Nakao Takamasa <at.mattenn AT gmail DOT com>
 Natan Albuquerque <natanalbuquerque5 AT gmail DOT com>
 Odilon Junior <odilon DOT junior93 AT gmail DOT com>
+Oleksandr Yermakov <olexander DOT yermakov AT gmail DOT com>
+Óscar García Amor <ogarcia AT connectical DOT com>
+Pablo Saavedra <psaavedra AT igalia DOT com>
+Pierre Prinetti >meatqrawldotnet<
+Richard Bukovansky <richard DOT bukovansky @ gmail DOT com>
+Robert Nuske <robert DOT nuske AT web DOT de>
+Robin Hübner <profan AT prfn DOT se>
+Rste Risafov <risafov AT lazy DOT com>
 SeongJae Park <sj38 DOT park AT gmail DOT com>
+Sergey Stepanov <sergystepanov AT gmail DOT com>
+Simona Iacob <s AT zp1 DOT net>
 Thomas Fanninger <gogs DOT thomas AT fanninger DOT at>
 Tilmann Bach <tilmann AT outlook DOT com>
 Toni Villena Jiménez <tonivj5 AT gmail DOT com>
+Vincent AMSTOUTZ <vincent DOT amstoutz AT outlook DOT fr>
 Vladimir Jigulin mogaika AT yandex DOT ru
 Vladimir Vissoultchev <wqweto AT gmail DOT com>
+Vongola <me AT vongola DOT tw>
 YJSoft <yjsoft AT yjsoft DOT pe DOT kr>
-Łukasz Jan Niemier <lukasz AT niemier DOT pl>
+Oscar Quisbert <quisbert_karos AT outlook DOT com>
--- a/conf/locale/locale_bg-BG.ini
+++ b/conf/locale/locale_bg-BG.ini
@@ -9,7 +9,6 @@ sign_out=Изход
 sign_up=Регистрирайте се
 register=Регистрация
 website=Уебсайт
-version=Версия
 page=Страница
 template=Шаблон
 language=Език
@@ -44,30 +43,27 @@ issues=Задачи

 cancel=Отказ

-[search]
-search=Търсене...
-repository=Хранилище
-user=Потребител
-issue=Задача
-code=Код
+[status]
+page_not_found=Page Not Found
+internal_server_error=Internal Server Error

 [install]
 install=Инсталация
 title=Стъпки за инсталиране при първоначално стартиране
 docker_helper=Ако Gogs е стартиран в Docker контейнер, моля прочетете <a target="_blank" href="%s">нашите указания</a> внимателно, преди да правите промени по настройките на тази страница!
-requite_db_desc=Gogs изисква MySQL, PostgreSQL, SQLite3 или TiDB.
+requite_db_desc=Gogs requires MySQL, PostgreSQL, SQLite3 or TiDB (via MySQL protocol).
 db_title=Настройки на базата данни
 db_type=Тип на база данни
 host=Сървър
 user=Потребител
 password=Парола
 db_name=Име на база данни
+db_schema=Schema
 db_helper=Моля, използвайте INNODB engine с utf8_general_ci кодиране на знаци за MySQL.
 ssl_mode=Режим SSL
 path=Път
-sqlite_helper=Файл на SQLite3 или TiDB база данни.<br>Моля използвайте абсолютен път до файл когато стартирате Gogs като услуга.
-err_empty_db_path=Пътят до SQLite3 или TiDB база данни не може да е празен.
-err_invalid_tidb_name=TiDB не позволява "." и "-" в името на базата данни.
+sqlite_helper=Път към файл на SQLite3 база от данни. <br>Моля използвайте абсолютен път, когато стартирате gogs като услуга.
+err_empty_db_path=Пътят към SQLite3 базата от данни не може да бъде празен.
 no_admin_and_disable_registration=Невъзможно изключване на регистрациите без предварително да е създаден поне един административен профил.
 err_empty_admin_password=Паролата на администратор не може да е празна.

@@ -82,12 +78,16 @@ domain=Домейн
 domain_helper=Тази настройка влияе на URL адреса за клониране чрез SSH.
 ssh_port=SSH порт
 ssh_port_helper=Номер на порт на SSH сървъра. Оставете празно за да изключите достъп през SSH.
+use_builtin_ssh_server=Използване на вграден SSH сървър
+use_builtin_ssh_server_popup=Стартиране на вграден SSH сървър за Git операции, различен от системния SSH демон.
 http_port=HTTP порт
 http_port_helper=Порт, на който приложението ще слуша.
 app_url=URL адрес на приложението
 app_url_helper=Този настройка променя HTTP/HTTPS адреса за клониране, а понякога и адреса на ел. поща.
 log_root_path=Път към журналите
 log_root_path_helper=Директория в която се записват журналите.
+enable_console_mode=Включване на конзолен режим
+enable_console_mode_popup=Изписване на логовете в конзолата, в допълнение към файловият режим.

 optional_title=Опционални настройки
 email_title=Настройки на пощенска услуга
@@ -103,13 +103,15 @@ offline_mode=Включи офлайн режима
 offline_mode_popup=Изключи CDN дори в продукционен режим, всички ресурсни файлове ще бъдат доставяни локално.
 disable_gravatar=Изключи връзка с Gravatar
 disable_gravatar_popup=Изключва Gravatar и външни източници, така че всички аватари трябва да са или качени от потребителите или да се ползват аватари по подразбиране.
+federated_avatar_lookup=Използване на външни аватари
+federated_avatar_lookup_popup=Позволява използване на външни аватари от услуги съвместими с libravatar.
 disable_registration=Изключи саморегистрацията
 disable_registration_popup=Изключи потребителската саморегистрация, само администратор може да създава профили.
 enable_captcha=Включи Captcha
 enable_captcha_popup=Изисква валидиране с captcha при саморегистрация на потребители.
 require_sign_in_view=Включи задължително вписване за преглед на страници
 require_sign_in_view_popup=Само вписани потребители могат да виждат страниците, анонимните посетители виждат само страниците за регистрация и вход.
-admin_setting_desc=Няма нужда от създаване на администраторски профил в момента, защото потребителят с първо ID в базата автоматично получава администраторски достъп.
+admin_setting_desc=Няма нужда да създавате администраторски профил в момента, защото потребителят с първо ID в базата автоматично получава администраторски достъп.
 admin_title=Настройки на профил на администратора
 admin_name=Потребителско име
 admin_password=Парола
@@ -121,7 +123,10 @@ sqlite3_not_available=Вашата версия не поддържа SQLite3,
 invalid_db_setting=Настройките на базата данни са некоректни: %v
 invalid_repo_path=Основният път към хранилищата е невалиден: %v
 run_user_not_match=Потребителският контекст на приложението не е на текущия потребител: %s -> %s
+smtp_host_missing_port=Липсва порт в зададения SMTP адрес.
+invalid_smtp_from=Невалидно поле От: %v
 save_config_failed=Неуспешно запазване на конфигурация: %v
+init_failed=Failed to initialize application: %v
 invalid_admin_setting=Настройките на профил на администратора са невалидни: %v
 install_success=Добре дошли! Радваме се, че избрахте Gogs, и Ви пожелаваме приятна работа и сърдечни поздрави!
 invalid_log_root_path=Основният път към журналите е невалиден: %v
@@ -131,6 +136,7 @@ uname_holder=Име или ел. поща
 password_holder=Парола
 switch_dashboard_context=Превключи контекст на таблото
 my_repos=Моите хранилища
+show_more_repos=Покажи още хранилища...
 collaborative_repos=Съвместни хранилища
 my_orgs=Моите организации
 my_mirrors=Моите огледала
@@ -140,6 +146,9 @@ issues.in_your_repos=Във Вашите хранилища

 [explore]
 repos=Хранилища
+users=Потребители
+organizations=Организации
+search=Търсене

 [auth]
 create_new_account=Създай нов профил
@@ -147,21 +156,33 @@ register_hepler_msg=Вече имате профил? Впишете се сег
 social_register_hepler_msg=Вече имате профил? Свържете се сега!
 disable_register_prompt=За съжаление създаването на нови регистрации е изключено. Обърнете се към администратора на сайта.
 disable_register_mail=За съжаление потвърждението на регистрации е изключено.
+auth_source=Authentication Source
+local=Local
 remember_me=Запомни ме
 forgot_password=Забравена парола
 forget_password=Забравена парола?
 sign_up_now=Нуждаете се от профил? Регистрирайте се сега.
 confirmation_mail_sent_prompt=Ново писмо за потвърждение е изпратено до <b>%s</b>. Моля проверете пощенската си кутия в рамките на следващите %d часа, за да завършите процеса на регистрация.
 active_your_account=Активиране на профил
+prohibit_login=Влизане забранено
+prohibit_login_desc=Вашият профил е със забрана за влизане, моля свържете се с администратора.
 resent_limit_prompt=За съжаление Вие съвсем наскоро изпратихте писмо за активация. Моля изчакайте 3 минути, след което опитайте отново.
 has_unconfirmed_mail=Здравейте %s, имате непотвърден адрес на ел. поща (<b>%s</b>). Ако не сте получили писмо за потвърждение или имате нужда да се изпрати ново писмо, моля щракнете бутона по-долу.
 resend_mail=Щракнете тук, за да се изпрати ново писмо за потвърждение
-email_not_associate=Този адрес на ел. поща не е свързан с никой профил.
 send_reset_mail=Щракнете тук, за да получите (отново) писмо за нулиране на паролата
 reset_password=Нулиране на паролата
 invalid_code=За съжаление Вашия код за потвърждение е изтекъл или е невалиден.
 reset_password_helper=Щракнете тук, за да нулирате паролата си
 password_too_short=Размерът на паролата не може да бъде по-малък от 6 знака.
+non_local_account=Нелокални потребители не могат да сменят паролата си през Gogs.
+
+login_two_factor=Двуфакторно удостоверяване
+login_two_factor_passcode=Парола за удостоверяване
+login_two_factor_enter_recovery_code=Enter a two-factor recovery code
+login_two_factor_recovery=Two-factor Recovery
+login_two_factor_recovery_code=Код за възстановяване
+login_two_factor_enter_passcode=Enter a two-factor passcode
+login_two_factor_invalid_recovery_code=Този код за възстановяване вече е бил използван или не е валиден.

 [mail]
 activate_account=Моля активирайте Вашия профил
@@ -188,9 +209,17 @@ TeamName=Име на екипа
 AuthName=Име на удостоверението
 AdminEmail=Ел. поща на администратора

+NewBranchName=Име на нов клон
+CommitSummary=Резюме на ревизия
+CommitMessage=Текст на ревизия
+CommitChoice=Избор на ревизия
+TreeName=Път до файл
+Content=Съдържание
+
 require_error=` не може да бъде празен.`
 alpha_dash_error=` трябва да e валидна буква, число или тире(-_).`
 alpha_dash_dot_error=` трябва да e валидна буква, число, тире(-_) или точка.`
+alpha_dash_dot_slash_error=` must be alphanumeric, dash (-_), dot or slash characters.`
 size_error=` трябва да е с размер %s.`
 min_size_error=` трябва да съдържа поне %s знака.`
 max_size_error=` трябва да съдържа най-много %s знака.`
@@ -207,6 +236,7 @@ org_name_been_taken=Името на организацията вече се п
 team_name_been_taken=Името на екипа вече се ползва.
 email_been_used=Този адрес на ел. поща вече се ползва.
 username_password_incorrect=Потребителското име или паролата не са верни.
+auth_source_mismatch=The authentication source selected is not associated with the user.
 enterred_invalid_repo_name=Моля уверете се, че въведеното име на хранилище е вярно.
 enterred_invalid_owner_name=Моля уверете се, че въведеното име на притежател е вярно.
 enterred_invalid_password=Моля уверете се, че въведената парола е вярна.
@@ -224,8 +254,7 @@ org_still_own_repo=Тази организация все още притежа
 target_branch_not_exist=Целевият клон не съществува.

 [user]
-change_avatar=Сменете Вашия аватар на gravatar.com
-change_custom_avatar=Сменете Вашия аватар в настройките
+change_avatar=Промени своя аватар
 join_on=Регистриран
 repositories=Хранилища
 activity=Публична дейност
@@ -235,18 +264,18 @@ following=Следване
 follow=Следване
 unfollow=Не следвай

-form.name_reserved=Потребителското име '%s' е запазено.
-form.name_pattern_not_allowed=Потребителското име '%s' не е допустимо.
+form.name_not_allowed=User name or pattern %q is not allowed.

 [settings]
 profile=Профил
 password=Парола
+avatar=Аватар
 ssh_keys=SSH ключове
-social=Социални профили
-applications=Приложения
+security=Сигурност
+repos=Хранилища
 orgs=Организации
+applications=Приложения
 delete=Изтрий профил
-uid=UID

 public_profile=Публичен профил
 profile_desc=Вашият адрес на ел. поща е публичен и ще бъде използван за всички свързани с профила Ви уведомления и всички уеб базирани операции, направени чрез сайта.
@@ -261,6 +290,8 @@ change_username_prompt=Този промяна ще засегне всички
 continue=Продължи
 cancel=Отказ

+lookup_avatar_by_mail=Търсене на аватари по адрес на ел. поща
+federated_avatar_lookup=Външно търсене на аватари
 enable_custom_avatar=Разреши потребителски аватар
 choose_new_avatar=Избор на нов аватар
 update_avatar=Запази настройките на аватара
@@ -310,10 +341,31 @@ no_activity=Няма скорошна дейност
 key_state_desc=Този ключ е използван през последните 7 дни
 token_state_desc=Този API ключ е използван през последните 7 дни

-manage_social=Управление на свързани профили в социалните мрежи
-social_desc=Това е списък на свързани профили в социалните мрежи. Премахнете всички, които не разпознавате.
-unbind=Освобождаване
-unbind_success=Социалния профил е освободен.
+two_factor=Two-factor Authentication
+two_factor_status=Статус:
+two_factor_on=Вкл.
+two_factor_off=Изкл.
+two_factor_enable=Активиране
+two_factor_disable=Деактивиране
+two_factor_view_recovery_codes=View and save <a href="%s%s">your recovery codes</a> in a safe place. You can use them as passcode if you lose access to your authentication application.
+two_factor_http=For HTTP/HTTPS operations, you are no longer able to use plain username and password. Please create and use <a href="%[1]s%[2]s">Personal Access Token</a> as your credential, e.g. <code>%[3]s</code>.
+two_factor_enable_title=Enable Two-factor Authentication
+two_factor_scan_qr=Please use your authentication application to scan the image:
+two_factor_or_enter_secret=Or enter the secret:
+two_factor_then_enter_passcode=След това въведете паролата:
+two_factor_verify=Потвърждаване
+two_factor_invalid_passcode=Въведената парола е невалидна! Моля опитайте отново.
+two_factor_reused_passcode=The passcode you entered has already been used, please try another one!
+two_factor_enable_error=Enable Two-factor authentication failed: %v
+two_factor_enable_success=Two-factor authentication has enabled for your account successfully!
+two_factor_recovery_codes_title=Two-factor Authentication Recovery Codes
+two_factor_recovery_codes_desc=Recovery codes are used when you temporarily lose access to your authentication application. Each recovery code can only be used once, <b>please keep these codes in a safe place</b>.
+two_factor_regenerate_recovery_codes=Ново генериране на кодове за възстановяване
+two_factor_regenerate_recovery_codes_error=Неуспешно генериране на кодове за възстановяване: %v
+two_factor_regenerate_recovery_codes_success=New recovery codes has been generated successfully!
+two_factor_disable_title=Disable Two-factor Authentication
+two_factor_disable_desc=Your account security level will decrease after disabled two-factor authentication. Do you want to continue?
+two_factor_disable_success=Two-factor authentication has disabled successfully!

 manage_access_token=Управление на индивидуални API ключове за достъп
 generate_new_token=Генериране на нов API ключ
@@ -326,6 +378,16 @@ delete_token=Изтрий
 access_token_deletion=Изтрий индивидуален API ключ за достъп
 access_token_deletion_desc=При изтриване на този индивидуален API ключ за достъп ще се премахнат всички свързани права на приложението. Желаете ли да продължите?
 delete_token_success=Индивидуалният API ключ за достъп е изтрит успешно! Не забравяйте да преконфигурирате приложението също.
+token_name_exists=Token with same name already exists.
+
+orgs.none=Не сте член на никоя организация.
+orgs.leave_title=Напусни организация
+orgs.leave_desc=Ще загубите достъп до всички хранилища и екипи, след като напуснете организацията. Желаете ли да продължите?
+
+repos.leave=Напускане
+repos.leave_title=Напускане на хранилище
+repos.leave_desc=You will lose access to the repository after you left. Do you want to continue?
+repos.leave_success=Вие успешно напуснахте хранилище "%s"!

 delete_account=Изтриване на собствения профил
 delete_prompt=Тази операция ще изтрие Вашия профил завинаги и тя <strong>НЕ МОЖЕ</strong> да бъде отменена в последствие!
@@ -338,7 +400,9 @@ owner=Притежател
 repo_name=Име на хранилището
 repo_name_helper=Добро име на хранилище е име, състоящо от кратки, запомнящи се и уникални ключови думи.
 visibility=Видимост
+unlisted=Unlisted
 visiblity_helper=Това хранилище е <span class="ui red text">Частно</span>
+unlisted_helper=This repository is <span class="ui red text">Unlisted</span>
 visiblity_helper_forced=Административна настройка задължава всички нови хранилища да бъдат <span class="ui red text">Частни</span>
 visiblity_fork_helper=(Промяна на тази стойност ще се отрази на всички разклонения)
 clone_helper=Нуждаете се от помощ при клониране? Посетете <a target="_blank" href="%s">Помощ</a>!
@@ -347,7 +411,7 @@ fork_from=Разклонение от
 fork_visiblity_helper=Не може да променяте видимостта на разклонено хранилище.
 repo_desc=Описание
 repo_lang=Програмен език
-repo_lang_helper=Изберете .gitignore файлове
+repo_gitignore_helper=Избор на .gitignore шаблони
 license=Лиценз
 license_helper=Изберете лицензионен файл
 readme=Readme
@@ -355,30 +419,35 @@ readme_helper=Изберете шаблон на readme
 auto_init=Инициализиране на това хранилище с избраните файлове и шаблон
 create_repo=Създай хранилище
 default_branch=Клон по подразбиране
+mirror_prune=Окастряне
+mirror_prune_desc=Премахва всички препратки за отдалечено проследяване, които не съществуват отдалечено
 mirror_interval=Интервал на отразяване (часове)
 mirror_address=Адрес на огледало
 mirror_address_desc=Моля включете потребител и парола в адреса ако са нужни.
+mirror_last_synced=Последна синхр.
 watchers=Наблюдаващи
 stargazers=Харесващи
 forks=Разклонения
+repo_description_helper=Description of repository. Maximum 512 characters length.
+repo_description_length=Available characters

 form.reach_limit_of_creation=Притежателят е достигнал настроения лимит от %d брой хранилища.
-form.name_reserved=Името на хранилището '%s' е запазено.
-form.name_pattern_not_allowed=Име на хранилището от вида '%s' не е позволено.
+form.name_not_allowed=Repository name or pattern %q is not allowed.

 need_auth=Изисква потребител и парола
 migrate_type=Тип мигриране
 migrate_type_helper=Това хранилище ще бъде <span class="text blue">огледало</span>
 migrate_repo=Мигрирай хранилище
 migrate.clone_address=Адрес за клониране
-migrate.clone_address_desc=Това може да е HTTP/HTTPS/GIT адрес или локален път на сървъра.
+migrate.clone_address_desc=Може да използвате HTTP/HTTPS/GIT адрес.
+migrate.clone_address_desc_import_local=Можете да мигрирате хранилище от локален път на сървъра.
 migrate.permission_denied=Недостатъчни права за импорт на локални хранилища.
 migrate.invalid_local_path=Невалиден път - не съществува или не е директория.
+migrate.clone_address_resolved_to_blocked_local_address=Clone address resolved to a local network address that is implicitly blocked.
 migrate.failed=Грешка при миграция: %v

 mirror_from=огледало от
 forked_from=разклонено от
-fork_from_self=Не можете да разклоните хранилище което си е Ваше!
 copy_link=Копирай
 copy_link_success=Копирано!
 copy_link_error=Натиснете ⌘-C или Ctrl-C за да копирате
@@ -394,9 +463,9 @@ quick_guide=Бърз справочник
 clone_this_repo=Клонирай хранилището
 create_new_repo_command=Създай ново хранилище чрез командния ред
 push_exist_repo=Предай съществуващо хранилище през командния ред
-repo_is_empty=Това хранилище е празно. Моля проверете по-късно пак!
+bare_message=Това хранилище все още не съдържа нищо.

-code=Код
+files=Файлове
 branch=Клон
 tree=ИН на ревизия
 filter_branch_and_tag=Филтър по маркер или клон
@@ -407,12 +476,63 @@ pulls=Заявки за сливане
 labels=Етикети
 milestones=Етапи
 commits=Ревизии
+git_branches=Клонове
 releases=Версии
 file_raw=Директен файл
 file_history=История
 file_view_raw=Виж директен файл
 file_permalink=Постоянна връзка
+file_too_large=Този файл е твърде голям за да се визуализира
+video_not_supported_in_browser=Вашият браузър не поддържа HTML5 видео тагове.

+branches.overview=Преглед
+branches.active_branches=Активни клонове
+branches.stale_branches=Застинали клонове
+branches.all=Всички клонове
+branches.updated_by=Актуализирани %[1]s от %[2]s
+branches.change_default_branch=Промяна на клон по подразбиране
+
+editor.new_file=Нов файл
+editor.upload_file=Качи файл
+editor.edit_file=Редактирай файл
+editor.preview_changes=Преглед на промени
+editor.cannot_edit_non_text_files=Невъзможна редакция на нетекстови файлове
+editor.edit_this_file=Редактирай този файл
+editor.must_be_on_a_branch=Трябва да сте избрали клон за да предложите промени в този файл
+editor.fork_before_edit=Първо трябва да разклоните хранилището преди да редактирате файл
+editor.delete_this_file=Изтрий този файл
+editor.must_have_write_access=Трябва да имате права за писане за да предложите промени в този файл
+editor.file_delete_success=Файл '%s' е изтрит успешно!
+editor.name_your_file=Име на файл...
+editor.filename_help=За да добавите директория, въведете името ѝ и натиснете /. За да я премахнете, позиционирайте се в началото на полето и натиснете BackSpace.
+editor.or=или
+editor.cancel_lower=отказ
+editor.commit_changes=Промени в ревизия
+editor.add_tmpl=Добави '%s/<filename>'
+editor.add=Добави '%s'
+editor.update=Модифицирай '%s'
+editor.delete=Изтрий '%s'
+editor.commit_message_desc=Добавяне на опционално разширено описание...
+editor.commit_directly_to_this_branch=Запази ревизия директно в клон <strong class="branch-name">%s</strong>.
+editor.create_new_branch=Създай <strong>нов клон</strong> от тази ревизия и изпрати заявки за сливане.
+editor.new_branch_name_desc=Име на нов клон...
+editor.cancel=Отказ
+editor.filename_cannot_be_empty=Името не може да бъде празно.
+editor.branch_already_exists=Клон '%s' вече съществува в това хранилище.
+editor.directory_is_a_file=Частта '%s' в пътя е файл, не директория в това хранилище.
+editor.file_is_a_symlink=Файл "%s" е символна връзка, която не може да се модифицира от редактора.
+editor.filename_is_a_directory=Име '%s' вече съществува като директория в това хранилище.
+editor.file_editing_no_longer_exists=Файл '%s' който редактирате вече не съществува в това хранилище.
+editor.file_changed_while_editing=Съдържанието на файла е било променено докато правихте редакциите. <a target="_blank" href="%s">Щракнете тук</a> за да прегледате какво е променено или <strong>натиснете Запис на ревизия</strong> отново за да презапишете чуждите промени.
+editor.file_already_exists=Файл с име '%s' вече съществува в това хранилище.
+editor.no_changes_to_show=Няма промени.
+editor.fail_to_update_file=Невъзможно модифициране/създаване на файл '%s' заради грешка: %v
+editor.fail_to_delete_file=Failed to delete file '%s' with error: %v
+editor.add_subdir=Добави поддиректория...
+editor.unable_to_upload_files=Невъзможно качване на файлове в '%s' заради грешка: %v
+editor.upload_files_to_dir=Качи файлове в '%s'
+
+commits.commit_history=Commit History
 commits.commits=Ревизии
 commits.search=Търсене в ревизии
 commits.find=Намери
@@ -438,6 +558,11 @@ issues.create=Създай задача
 issues.new_label=Нов етикет
 issues.new_label_placeholder=Име на етикета...
 issues.create_label=Създай етикет
+issues.label_templates.title=Зареждане на предварително зададен набор от етикети
+issues.label_templates.info=Липсват етикети все още. Можете да щракнете върху "Нов етикет" по-горе, за да създадете нов или да изберете предварително зададени набори от по-долу.
+issues.label_templates.helper=Изберете набор етикети
+issues.label_templates.use=Използвай този набор етикети
+issues.label_templates.fail_to_load_file=Неуспешно зареждане на шаблон с етикети '%s': %v
 issues.open_tab=%d отворени
 issues.close_tab=%d затворени
 issues.filter_label=Етикет
@@ -465,7 +590,8 @@ issues.next=Следваща
 issues.open_title=Отворени
 issues.closed_title=Затворени
 issues.num_comments=%d коментара
-issues.commented_at=`коментира <a id="%[1]s" href="#%[1]s">%[2]s</a>`
+issues.commented_at=`коментира <a href="#%s">%s</a>`
+issues.delete_comment_confirm=Желаете ли да изтриете този коментар?
 issues.no_content=Все още няма съдържание.
 issues.close_issue=Затвори
 issues.close_comment_issue=Kоментирай и затвори
@@ -478,8 +604,7 @@ issues.commit_ref_at=`посочи тази задача от ревизия <a
 issues.poster=Участник
 issues.collaborator=Сътрудник
 issues.owner=Притежател
-issues.sign_up_for_free=Регистрирай се безплатно
-issues.sign_in_require_desc=за да се включите в този разговор. Вече имате профил? <a href="%s">Влезте, за да коментирате</a>
+issues.sign_in_require_desc=<a href="%s">Впишете се</a> за да се присъедините към разговора.
 issues.edit=Редакция
 issues.cancel=Отказ
 issues.save=Запис
@@ -494,6 +619,8 @@ issues.label_deletion=Изтрий етикет
 issues.label_deletion_desc=При изтриване на този етикет ще се премахне информацията за него във всички свързани задачи. Желаете ли да продължите?
 issues.label_deletion_success=Етикетът е изтрит успешно!
 issues.num_participants=%d участника
+issues.attachment.open_tab=`Щракнете за да прегледате "%s" в нов раздел`
+issues.attachment.download=`Щракнете за да изтеглите "%s"`

 pulls.new=Нова заявка за сливане
 pulls.compare_changes=Сравни промените
@@ -503,6 +630,7 @@ pulls.compare_compare=сравни
 pulls.filter_branch=Филтър по клон
 pulls.no_results=Няма резултати.
 pulls.nothing_to_compare=Няма нищо за сравняване, защото родителският клон и върхът са еднакви.
+pulls.nothing_merge_base=Няма нищо за сравняване, защото двата клона имат напълно различна история.
 pulls.has_pull_request=`Вече има заявка за сливане между тези две цели: <a href="%[1]s/pulls/%[3]d">%[2]s#%[3]d</a>`
 pulls.create=Създай заявка за сливане
 pulls.title_desc=заяви обединяване на %[1]d ревизии от <code>%[2]s</code> във <code>%[3]s</code>
@@ -518,8 +646,13 @@ pulls.is_checking=Проверката за конфликт все още е в
 pulls.can_auto_merge_desc=Може да се извърши обединяване на тази заявка за сливане.
 pulls.cannot_auto_merge_desc=Не може да се извърши обединяване, защото съществуват конфликти между ревизиите.
 pulls.cannot_auto_merge_helper=Моля, използвайте инструменти на командния ред за да разрешите конфликтите.
+pulls.create_merge_commit=Create a merge commit
+pulls.rebase_before_merging=Rebase before merging
+pulls.commit_description=Commit Description
 pulls.merge_pull_request=Обедини заявка за сливане
 pulls.open_unmerged_pull_exists=`Невъзможно повторно отваряне, защото вече съществува заявка за сливане (#%d) от същото хранилище със същата информация за обединяване, която чака да бъде извършена`
+pulls.delete_branch=Изтрий клон
+pulls.delete_branch_has_new_commits=Клонът не може да бъде изтрит, защото има ревизии след последното обединяване.

 milestones.new=Нов етап
 milestones.open_tab=%d отворени
@@ -566,23 +699,65 @@ wiki.last_updated=Последна модификация на %s
 settings=Настройки
 settings.options=Опции
 settings.collaboration=Сътрудничество
+settings.collaboration.admin=За администрация
+settings.collaboration.write=За писане
+settings.collaboration.read=За четене
+settings.collaboration.undefined=Недефинирано
+settings.branches=Клонове
+settings.branches_bare=You cannot manage branches for bare repository. Please push some content first.
+settings.default_branch=Клон по подразбиране
+settings.default_branch_desc=The default branch is considered the "base" branch for code commits, pull requests and online editing.
+settings.update=Update
+settings.update_default_branch_unsupported=Промяна на клон по подразбиране не се поддържа от тази версия на Git сървъра.
+settings.update_default_branch_success=Default branch of this repository has been updated successfully!
+settings.protected_branches=Защитени клонове
+settings.protected_branches_desc=Protect branches from force pushing, accidental deletion and whitelist code committers.
+settings.choose_a_branch=Избор на клон...
+settings.branch_protection=Защита на клон
+settings.branch_protection_desc=Please choose protect options for branch <b>%s</b>.
+settings.protect_this_branch=Protect this branch
+settings.protect_this_branch_desc=Disable force pushes and prevent from deletion.
+settings.protect_require_pull_request=Require pull request instead direct pushing
+settings.protect_require_pull_request_desc=Enable this option to disable direct pushing to this branch. Commits have to be pushed to another non-protected branch and merged to this branch through pull request.
+settings.protect_whitelist_committers=Списък на всички, които могат да изпращат към този клон
+settings.protect_whitelist_committers_desc=Add people or teams to whitelist of direct push to this branch. Users in whitelist will bypass require pull request check.
+settings.protect_whitelist_users=Потребители, които могат да изпращат към този клон
+settings.protect_whitelist_search_users=Търсене на потребители
+settings.protect_whitelist_teams=Teams for which members of them can push to this branch
+settings.protect_whitelist_search_teams=Търсене на екипи
+settings.update_protect_branch_success=Protect options for this branch has been updated successfully!
 settings.hooks=Уеб-куки
 settings.githooks=Git куки
 settings.basic_settings=Основни настройки
+settings.mirror_settings=Настройки на огледало
+settings.sync_mirror=Синхр. сега
+settings.mirror_sync_in_progress=Синхронизация на огледалото е в ход, моля обновете страницата след минута.
 settings.site=Официален сайт
 settings.update_settings=Запази настройките
 settings.change_reponame_prompt=Тази промяна ще засегне връзките, които се отнасят до това хранилището.
 settings.advanced_settings=Разширени настройки
-settings.wiki_desc=Включва уики за да може потребителите да създават документи
+settings.wiki_desc=Включи система за уики
+settings.use_internal_wiki=Използвай вградено уики
+settings.allow_public_wiki_desc=Allow public access to wiki when repository is private
 settings.use_external_wiki=Използвай външно уики
 settings.external_wiki_url=URL адрес на външно уики
 settings.external_wiki_url_desc=Посетителите ще бъдат пренасочени към този URL адрес от връзката за раздел уики.
-settings.issues_desc=Включва вградена система за проследяване на задачи
+settings.issues_desc=Включи система за проследяване на задачи
+settings.use_internal_issue_tracker=Изполвай вградена система за проследяване на задачи
+settings.allow_public_issues_desc=Allow public access to issues when repository is private
 settings.use_external_issue_tracker=Използвай външна система за проследяване на задачи
+settings.external_tracker_url=URL адрес на външна система за проследяване на задачи
+settings.external_tracker_url_desc=Посетителите ще бъдат пренасочени към този URL адрес от връзката на раздела.
 settings.tracker_url_format=Формат на URL адрес на външна система за проследяване на задачи
+settings.tracker_issue_style=Стил на именуване на външна система за проследяване на задачи:
+settings.tracker_issue_style.numeric=Цифров
+settings.tracker_issue_style.alphanumeric=Символен
 settings.tracker_url_format_desc=Можете да използвате текстови маркери <code>{user} {repo} {index}</code> за потребителско име, име на хранилище и индекс на задача съответно.
-settings.pulls_desc=Включва заявки за сливане за да може да се приемат външни доработки
+settings.pulls_desc=Enable pull requests to accept contributions between repositories and branches
+settings.pulls.ignore_whitespace=Ignore changes in whitespace
+settings.pulls.allow_rebase_merge=Allow use rebase to merge commits
 settings.danger_zone=Опасна зона
+settings.cannot_fork_to_same_owner=You cannot fork a repository to its original owner.
 settings.new_owner_has_same_repo=Новият притежател вече има хранилище със същото име. Изберете друго име.
 settings.convert=Промени към редовно хранилище
 settings.convert_desc=Можете да промените това огледало към редовно хранилище. Конверсията не може да се отмени.
@@ -601,10 +776,8 @@ settings.wiki_deletion_success=Данните за уики на това хра
 settings.delete=Изтрий това хранилище
 settings.delete_desc=След като изтриете хранилището, няма връщане назад. Моля, бъдете сигурни.
 settings.delete_notices_1=- Тази операция <strong>НЕ МОЖЕ</strong> да бъде отменена в последствие.
-settings.delete_notices_2=- Тази операция ще изтрие всичко от това хранилище, включително Git данни, задачи, коментари и достъпа на сътрудници.
-settings.delete_notices_fork_1=- Ако това хранилище е публично, всички негови разклонения ще останат независими след изтриването му.
-settings.delete_notices_fork_2=- Ако това хранилище е частно, всички негови разклонения ще бъдат премахнати по време на изтриването.
-settings.delete_notices_fork_3=- Ако желаете да запазите всички разклонения след изтриването му, първо направете хранилището публично.
+settings.delete_notices_2=- This operation will permanently delete everything in this repository, including Git data, issues, comments and collaborator access.
+settings.delete_notices_fork_1=- Всички разклонения ще станат независими след изтриването.
 settings.deletion_success=Хранилището е изтрито успешно!
 settings.update_settings_success=Настройките на хранилището са запазени успешно.
 settings.transfer_owner=Нов притежател
@@ -619,20 +792,25 @@ settings.collaborator_deletion_desc=Този потребител няма да
 settings.remove_collaborator_success=Сътрудникът е премахнат.
 settings.search_user_placeholder=Име на потребител...
 settings.org_not_allowed_to_be_collaborator=Невъзможно добавяне на организация като сътрудник.
-settings.user_is_org_member=Потребителят вече участва в организацията и не може да бъде добавен като сътрудник.
-settings.add_webhook=Добави уеб-кука
 settings.hooks_desc=Уеб-куките много приличат на обикновен HTTP POST тригер. Когато нещо се случи в Gogs, ние ще изпратим уведомление до сървъра, който посочите. Научете повече в <a target="_blank" href="%s">Ръководство за уеб-куки</a>.
+settings.webhooks.add_new=Add a new webhook:
+settings.webhooks.choose_a_type=Choose a type...
+settings.add_webhook=Добави уеб-кука
 settings.webhook_deletion=Изтрий уеб-кука
 settings.webhook_deletion_desc=При изтриване на тази уеб-кука ще се премахне информацията за нея и цялата хронология на нейното изпращане. Желаете ли да продължите?
 settings.webhook_deletion_success=Уеб-куката е изтрита успешно!
 settings.webhook.test_delivery=Тестово изпращане
 settings.webhook.test_delivery_desc=Симулира тестово изпращане за тест на настройките на уеб-куката
 settings.webhook.test_delivery_success=Тестовата уеб-кука е добавена в опашката за изпращане. Може да отнеме няколко секунди преди да се появи в историята с доставени.
+settings.webhook.redelivery=Redelivery
+settings.webhook.redelivery_success=Hook task '%s' has been readded to delivery queue. It may take few seconds to update delivery status in history.
 settings.webhook.request=Заявка
 settings.webhook.response=Отговор
 settings.webhook.headers=Заглавки
 settings.webhook.payload=Съдържание
 settings.webhook.body=Тяло
+settings.webhook.err_cannot_parse_payload_url=Cannot parse payload URL: %v
+settings.webhook.url_resolved_to_blocked_local_address=Payload URL resolved to a local network address that is implicitly blocked.
 settings.githooks_desc=Git куките се изпълняват от Git. Вие може да промените файловете с поддържаните куки в списъка по-долу, за да изпълните външни операции.
 settings.githook_edit_desc=Ако куката е неактивна, ще бъде представено примерно съдържание. Ако оставите съдържанието празно, то тази кука ще бъде изключена.
 settings.githook_name=Име на куката
@@ -642,6 +820,7 @@ settings.add_webhook_desc=Gogs ще изпрати <code>POST</code> заявк
 settings.payload_url=URL адрес на изпращане
 settings.content_type=Тип на съдържанието
 settings.secret=Тайна
+settings.secret_desc=Secret will be sent as SHA256 HMAC hex digest of payload via <code>X-Gogs-Signature</code> header.
 settings.slack_username=Потребителско име
 settings.slack_icon_url=URL адрес на икона
 settings.slack_color=Цвят
@@ -651,8 +830,20 @@ settings.event_send_everything=При <strong>всички</strong> събити
 settings.event_choose=Нека избера от какво имам нужда.
 settings.event_create=Създаване
 settings.event_create_desc=Създаване на клон или маркер
+settings.event_delete=Изтриване
+settings.event_delete_desc=Изтрит клон или етикет
+settings.event_fork=Fork
+settings.event_fork_desc=Repository forked
 settings.event_push=Предаване
 settings.event_push_desc=Git предаване към хранилището
+settings.event_issues=Issues
+settings.event_issues_desc=Issue opened, closed, reopened, edited, assigned, unassigned, label updated, label cleared, milestoned, or demilestoned.
+settings.event_pull_request=Заявка за сливане
+settings.event_pull_request_desc=Pull request opened, closed, reopened, edited, assigned, unassigned, label updated, label cleared, milestoned, demilestoned, or synchronized.
+settings.event_issue_comment=Issue Comment
+settings.event_issue_comment_desc=Issue comment created, edited, or deleted.
+settings.event_release=Release
+settings.event_release_desc=Release published in a repository.
 settings.active=Активна
 settings.active_helper=Подробности относно събитието, което е задействало куката, също ще бъдат изпратени.
 settings.add_hook_success=Новата уеб-кука е добавена успешно.
@@ -662,10 +853,13 @@ settings.delete_webhook=Изтрий уеб-куката
 settings.recent_deliveries=Последни изпращания
 settings.hook_type=Тип на куката
 settings.add_slack_hook_desc=Добавяне на интеграция със <a href="%s">Slack</a> във Вашето хранилище.
+settings.add_discord_hook_desc=Добавяне на интеграция с <a href="%s">Discord</a> към хранилището.
+settings.add_dingtalk_hook_desc=Добавяне на интеграция с <a href="%s">Dingtalk</a> към хранилището.
 settings.slack_token=API ключ
 settings.slack_domain=Домейн
 settings.slack_channel=Канал
 settings.deploy_keys=Ключове за внедряване
+settings.deploy_keys_helper=<b>Common Gotcha!</b> If you're looking for adding personal public keys, please add them in your <a href="%s%s">account settings</a>.
 settings.add_deploy_key=Добави ключ за внедряване
 settings.deploy_key_desc=Този ключ за внедряване има права само за четене. Това не е същото като SSH ключове на персонален потребител.
 settings.no_deploy_keys=Все още няма настроен никакъв ключ за внедряване.
@@ -677,6 +871,8 @@ settings.add_key_success=Новият ключ за внедряване '%s' е
 settings.deploy_key_deletion=Изтрий ключ за внедряване
 settings.deploy_key_deletion_desc=При изтриването на този ключ за внедряване ще се премахнат свързаните права за достъп до това хранилище. Желаете ли да продължите?
 settings.deploy_key_deletion_success=Ключът за внедряване е изтрит успешно!
+settings.description_desc=Description of repository. Maximum 512 characters length.
+settings.description_length=Available characters

 diff.browse_source=Преглед на файлове
 diff.parent=родител
@@ -688,12 +884,13 @@ diff.show_unified_view=Обединен изглед
 diff.stats_desc=променени са <strong>%d файла</strong>, в които са <strong>добавени %d</strong> реда и са <strong>изтрити %d</strong> реда
 diff.bin=BIN
 diff.view_file=Целия файл
+diff.file_suppressed=Файловите разлики са ограничени, защото са твърде много
+diff.too_many_files=Някои файлове не бяха показани, защото твърде много файлове са промени

 release.releases=Версии
 release.new_release=Нова версия
 release.draft=Чернови
 release.prerelease=Предварителни
-release.stable=Стабилни
 release.edit=редактиране
 release.ahead=<strong>%d</strong> ревизии на %s след тази версия
 release.source_code=Изходен код
@@ -718,6 +915,7 @@ release.deletion=Изтрий версията
 release.deletion_desc=При изтриване на тази версия ще се премахне и съответния Git маркер. Желаете ли да продължите?
 release.deletion_success=Версията беше изтрита успешно!
 release.tag_name_already_exist=Версия с това име на маркер вече съществува.
+release.tag_name_invalid=Името на етикета е невалидно.
 release.downloads=Изтегляния

 [org]
@@ -739,8 +937,8 @@ team_name_helper=Ще използвате това име при спомена
 team_desc_helper=Каква е целта на този екип?
 team_permission_desc=Какво ниво на достъп трябва да има този екип?

-form.name_reserved=Името на организацията '%s' е запазено.
-form.name_pattern_not_allowed=Име на организацията от вида '%s' не е разрешено.
+form.name_not_allowed=Organization name or pattern %q is not allowed.
+form.team_name_not_allowed=Team name or pattern %q is not allowed.

 settings=Настройки
 settings.options=Опции
@@ -812,12 +1010,19 @@ first_page=Първа
 last_page=Последна
 total=Общо: %d

+dashboard.build_info=Build Information
+dashboard.app_ver=Application version
+dashboard.git_version=Git version
+dashboard.go_version=Go version
+dashboard.build_time=Build time
+dashboard.build_commit=Build commit
 dashboard.statistic=Статистика
 dashboard.operations=Операции
 dashboard.system_status=Наблюдение на системния статус
 dashboard.statistic_info=Gogs базата данни има <b>%d</b> потребители, <b>%d</b> организации, <b>%d</b> публични ключове, <b>%d</b> хранилища, <b>%d</b> наблюдавания, <b>%d</b> харесвания, <b>%d</b> действия, <b>%d</b> достъпи, <b>%d</b> задачи, <b>%d</b> коментари, <b>%d</b> социални регистрации, <b>%d</b> последователи, <b>%d</b> огледала, <b>%d</b> версии, <b>%d</b> начини на удостоверяване, <b>%d</b> уеб-куки, <b>%d</b> етапи, <b>%d</b> етикети, <b>%d</b> задачи на куки, <b>%d</b> екипи, <b>%d</b> задачи при актуализация, <b>%d</b> прикачени файлове.
 dashboard.operation_name=Име на операцията
 dashboard.operation_switch=Превключи
+dashboard.select_operation_to_run=Please select operation to run
 dashboard.operation_run=Изпълни
 dashboard.clean_unbind_oauth=Почисти несвързани OAuthes
 dashboard.clean_unbind_oauth_success=Всички несвързани OAuthes са изтрити успешно.
@@ -831,8 +1036,8 @@ dashboard.git_gc_repos=Почисти изтрити данни в хранил
 dashboard.git_gc_repos_success=Всички хранилища са почистени от изтрити данни успешно.
 dashboard.resync_all_sshkeys=Презапис на ".ssh/authorized_keys" файл (внимание: не-Gogs ключове ще бъдат загубени)
 dashboard.resync_all_sshkeys_success=Всички публични ключове са презаписани успешно.
-dashboard.resync_all_update_hooks=Презапис на всички куки, закачени на актуализация на хранилищата (необходимо, когато се ползва собствен път за конфигурацията)
-dashboard.resync_all_update_hooks_success=Всички куки, закачени на актуализация на хранилищата, са презаписани успешно.
+dashboard.resync_all_hooks=Resync pre-receive, update and post-receive hooks of all repositories
+dashboard.resync_all_hooks_success=All repositories' pre-receive, update and post-receive hooks have been resynced successfully.
 dashboard.reinit_missing_repos=Реинициализира всички записи за хранилища
 dashboard.reinit_missing_repos_success=Всички записи за хранилища със загубени Git файлове са реинициализирани успешно.

@@ -885,6 +1090,7 @@ users.edit_account=Редактирай профил
 users.max_repo_creation=Макс. брой хранилища
 users.max_repo_creation_desc=(Задайте -1 за да се използва глобалния лимит)
 users.is_activated=Този профил е активиран
+users.prohibit_login=Този профил има забрана за влизане
 users.is_admin=Този профил има административни права
 users.allow_git_hook=Този профил има разрешение да създава Git куки
 users.allow_import_local=Този профил има права за импорт на локални хранилища
@@ -906,28 +1112,37 @@ repos.private=Частно
 repos.watches=Наблюдавания
 repos.stars=Харесвания
 repos.issues=Задачи
+repos.size=Размер

-auths.auth_manage_panel=Управление на удостоверявания
+auths.auth_sources=Authentication Sources
 auths.new=Добави нов начин на удостоверяване
 auths.name=Име
 auths.type=Тип
 auths.enabled=Активно
+auths.default=Default
 auths.updated=Последна модификация
 auths.auth_type=Тип на удостоверяване
 auths.auth_name=Име на удостоверяване
+auths.security_protocol=Протокол за защита
 auths.domain=Домейн
 auths.host=Сървър
 auths.port=Порт
 auths.bind_dn=Име (DN) за свръзка
+auths.bind_dn_helper=You can use '%s' as placeholder for username, e.g. DOM\%s
 auths.bind_password=Парола за свръзка
 auths.bind_password_helper=Внимание: Тази парола се запазва некриптирана. Моля използвайте потребител, който няма административен достъп.
 auths.user_base=Базов OU за търсене
 auths.user_dn=Име (DN) на потребител
 auths.attribute_username=Атрибут за име
 auths.attribute_username_placeholder=Оставете празно за да използва потребителското име от форма за вписване.
-auths.attribute_name=Атрибут за име
+auths.attribute_name=First Name Attribute
 auths.attribute_surname=Атрибут за фамилия
 auths.attribute_mail=Атрибут за ел. поща
+auths.verify_group_membership=Verify group membership
+auths.group_search_base_dn=Group Search Base DN
+auths.group_filter=Group Filter
+auths.group_attribute_contain_user_list=Group Attribute Containing List of Users
+auths.user_attribute_listed_in_group=User Attribute Listed in Group
 auths.attributes_in_bind=Извличане на атрибути от контекста на име (DN) за свръзка
 auths.filter=Филтър за потребител
 auths.admin_filter=Филтър за администратор
@@ -941,9 +1156,9 @@ auths.enable_tls=Включи TLS криптиране
 auths.skip_tls_verify=Пропусни проверка на TLS сертификат
 auths.pam_service_name=Име на PAM услуга
 auths.enable_auto_register=Включи автоматична регистрация
-auths.tips=Съвети
 auths.edit=Редактирай настройки за удостоверяване
 auths.activated=Това удостоверяване е активно
+auths.default_auth=This authentication is default login source
 auths.new_success=Новото удостоверяване '%s' е добавено успешно.
 auths.update_success=Настройките за удостоверяване са запазени успешно.
 auths.update=Запази настройки за удостоверяване
@@ -952,86 +1167,187 @@ auths.delete_auth_title=Изтрий удостоверяването
 auths.delete_auth_desc=Това удостоверяване ще бъде изтрито. Желаете ли да продължите?
 auths.still_in_used=Това удостоверяване все още се използва от някои потребители. Моля изтрийте ги или ги конвертирайте до друг тип на влизане първо.
 auths.deletion_success=Удостоверяването е изтрито успешно!
+auths.login_source_exist=Източник за валидация на потребители "%s" вече съществува.
+auths.github_api_endpoint=API Endpoint

+config.not_set=(not set)
 config.server_config=Сървърни настройки
-config.app_name=Име на приложението
-config.app_ver=Версия на приложението
-config.app_url=URL адрес на приложението
-config.domain=Домейн
-config.offline_mode=Офлайн режим
-config.disable_router_log=Изключи журнал на маршрутизатора
+config.brand_name=Brand name
 config.run_user=Потребителски контекст
 config.run_mode=Режим на изпълнение
-config.repo_root_path=Основен път към хранилища
-config.static_file_root_path=Път към статични файлове
-config.log_file_root_path=Път към журнал
-config.script_type=Тип на скрипта
-config.reverse_auth_user=Потребителско име при обратно удостоверяване
+config.server.external_url=External URL
+config.server.domain=Domain
+config.server.protocol=Protocol
+config.server.http_addr=HTTP address
+config.server.http_port=HTTP port
+config.server.cert_file=Certificate file
+config.server.key_file=Key file
+config.server.tls_min_version=Minimum TLS version
+config.server.unix_socket_permission=Unix socket permission
+config.server.local_root_url=Local root URL
+config.server.offline_mode=Offline mode
+config.server.disable_router_log=Disable router log
+config.server.enable_gzip=Enable Gzip
+config.server.app_data_path=Application data path
+config.server.load_assets_from_disk=Load assets from disk
+config.server.landing_url=Landing URL

 config.ssh_config=SSH конфигурация
-config.ssh_enabled=Активен
-config.ssh_start_builtin_server=Стартирай вграден сървър
-config.ssh_domain=Домейн
-config.ssh_port=Порт
-config.ssh_listen_port=Порт за слушане
-config.ssh_root_path=Основен път
-config.ssh_key_test_path=Път до ключове
-config.ssh_keygen_path=Път до генератор ('ssh-keygen')
-config.ssh_minimum_key_size_check=Проверка за минимален размер на ключове
-config.ssh_minimum_key_sizes=Минимален размер на ключове
+config.ssh.enabled=Enabled
+config.ssh.domain=Exposed domain
+config.ssh.port=Exposed port
+config.ssh.root_path=Root path
+config.ssh.keygen_path=Keygen path
+config.ssh.key_test_path=Key test path
+config.ssh.minimum_key_size_check=Minimum key size check
+config.ssh.minimum_key_sizes=Minimum key sizes
+config.ssh.rewrite_authorized_keys_at_start=Rewrite "authorized_keys" at start
+config.ssh.start_builtin_server=Start builtin server
+config.ssh.listen_host=Listen host
+config.ssh.listen_port=Listen port
+config.ssh.server_ciphers=Server ciphers
+config.ssh.server_macs=Server MACs
+
+config.repo_config=Конфигурация на хранилище
+config.repo.root_path=Root path
+config.repo.script_type=Script type
+config.repo.ansi_chatset=ANSI charset
+config.repo.force_private=Force private
+config.repo.max_creation_limit=Max creation limit
+config.repo.preferred_licenses=Preferred licenses
+config.repo.disable_http_git=Disable HTTP Git
+config.repo.enable_local_path_migration=Enable local path migration
+config.repo.enable_raw_file_render_mode=Enable raw file render mode
+config.repo.commits_fetch_concurrency=Commits fetch concurrency
+config.repo.editor.line_wrap_extensions=Editor line wrap extensions
+config.repo.editor.previewable_file_modes=Editor previewable file modes
+config.repo.upload.enabled=Upload enabled
+config.repo.upload.temp_path=Upload temporary path
+config.repo.upload.allowed_types=Upload allowed types
+config.repo.upload.file_max_size=Upload file size limit
+config.repo.upload.max_files=Upload files limit

 config.db_config=Настройки на базата данни
-config.db_type=Тип
-config.db_host=Сървър
-config.db_name=Име
-config.db_user=Потребител
-config.db_ssl_mode=SSL режим
-config.db_ssl_mode_helper=(само за postgres)
-config.db_path=Път
-config.db_path_helper=(за "sqlite3" и "tidb")
-config.service_config=Настройка на услугата
-config.register_email_confirm=Изисквай потвърждение на адреси на ел. поща
-config.disable_register=Изключи нови регистрации
-config.show_registration_button=Покажи бутон за регистрация
-config.require_sign_in_view=Изисквай вписване за преглед
-config.mail_notify=Уведомяване по ел. поща
-config.disable_key_size_check=Изключи проверка минимален размер на ключ
-config.enable_captcha=Включи Captcha
-config.active_code_lives=Кодове за активиране
-config.reset_password_code_lives=Кодове за изчистване на парола
-config.webhook_config=Конфигурация на уеб-куки
-config.queue_length=Дължина на опашка
-config.deliver_timeout=Време за отказ при изпращане
-config.skip_tls_verify=Пропусни проверка на TLS
-config.mailer_config=Конфигурация на мейлър
-config.mailer_enabled=Активен
-config.mailer_disable_helo=Изключи HELO
-config.mailer_name=Име
-config.mailer_host=Сървър
-config.mailer_user=Потребител
-config.send_test_mail=Изпрати тестово писмо
-config.test_mail_failed=Невъзможно изпращане на тестово писмо до '%s': %v
-config.test_mail_sent=Тестово писмо беше изпратено до '%s'.
-config.oauth_config=OAuth конфигурация
-config.oauth_enabled=Активна
-config.cache_config=Конфигурация на кеша
-config.cache_adapter=Кеш адаптер
-config.cache_interval=Кеш интервал
-config.cache_conn=Кеш на връзката
+config.db.type=Type
+config.db.host=Host
+config.db.name=Name
+config.db.schema=Schema
+config.db.schema_helper=(for "postgres" only)
+config.db.user=User
+config.db.ssl_mode=SSL mode
+config.db.ssl_mode_helper=(for "postgres" only)
+config.db.path=Path
+config.db.path_helper=(for "sqlite3"only)
+config.db.max_open_conns=Maximum open connections
+config.db.max_idle_conns=Maximum idle connections
+
+config.security_config=Security configuration
+config.security.login_remember_days=Login remember days
+config.security.cookie_remember_name=Remember cookie
+config.security.cookie_username=Username cookie
+config.security.cookie_secure=Enable secure cookie
+config.security.reverse_proxy_auth_user=Reverse proxy authentication header
+config.security.enable_login_status_cookie=Enable login status cookie
+config.security.login_status_cookie_name=Login status cookie
+config.security.local_network_allowlist=Local network allowlist
+
+config.email_config=Email configuration
+config.email.enabled=Enabled
+config.email.subject_prefix=Subject prefix
+config.email.host=Host
+config.email.from=From
+config.email.user=User
+config.email.disable_helo=Disable HELO
+config.email.helo_hostname=HELO hostname
+config.email.skip_verify=Skip certificate verify
+config.email.use_certificate=Use custom certificate
+config.email.cert_file=Certificate file
+config.email.key_file=Key file
+config.email.use_plain_text=Use plain text
+config.email.add_plain_text_alt=Add plain text alternative
+config.email.send_test_mail=Send test email
+config.email.test_mail_failed=Failed to send test email to '%s': %v
+config.email.test_mail_sent=Test email has been sent to '%s'.
+
+config.auth_config=Authentication configuration
+config.auth.activate_code_lives=Activate code lives
+config.auth.reset_password_code_lives=Reset password code lives
+config.auth.require_email_confirm=Require email confirmation
+config.auth.require_sign_in_view=Require sign in view
+config.auth.disable_registration=Disable registration
+config.auth.enable_registration_captcha=Enable registration captcha
+config.auth.enable_reverse_proxy_authentication=Enable reverse proxy authentication
+config.auth.enable_reverse_proxy_auto_registration=Enable reverse proxy auto registration
+config.auth.reverse_proxy_authentication_header=Reverse proxy authentication header
+
+config.user_config=User configuration
+config.user.enable_email_notify=Enable email notification
+
 config.session_config=Конфигурация на сесии
-config.session_provider=Доставчик на сесии
-config.provider_config=Конфигурация на доставчик
-config.cookie_name=Име на бисквитката
-config.enable_set_cookie=Включи използване на бисквитки
-config.gc_interval_time=GC през интервал
-config.session_life_time=Период на валидност на сесиите
-config.https_only=HTTPS само
-config.cookie_life_time=Период на валидност на бисквитките
+config.session.provider=Provider
+config.session.provider_config=Provider config
+config.session.cookie_name=Cookie
+config.session.https_only=HTTPS only
+config.session.gc_interval=GC interval
+config.session.max_life_time=Max life time
+config.session.csrf_cookie_name=CSRF cookie
+
+config.cache_config=Конфигурация на кеша
+config.cache.adapter=Adapter
+config.cache.interval=GC interval
+config.cache.host=Host
+
+config.http_config=Конфигуриране на HTTP
+config.http.access_control_allow_origin=Access control allow origin
+
+config.attachment_config=Attachment configuration
+config.attachment.enabled=Enabled
+config.attachment.path=Path
+config.attachment.allowed_types=Allowed types
+config.attachment.max_size=Size limit
+config.attachment.max_files=Files limit
+
+config.release_config=Release configuration
+config.release.attachment.enabled=Attachment enabled
+config.release.attachment.allowed_types=Attachment allowed types
+config.release.attachment.max_size=Attachment size limit
+config.release.attachment.max_files=Attachment files limit
+
 config.picture_config=Конфигурация на изображения
-config.picture_service=Услуги за снимки
-config.disable_gravatar=Изключи Gravatar
+config.picture.avatar_upload_path=User avatar upload path
+config.picture.repo_avatar_upload_path=Repository avatar upload path
+config.picture.gravatar_source=Gravatar source
+config.picture.disable_gravatar=Disable Gravatar
+config.picture.enable_federated_avatar=Enable federated avatars
+
+config.mirror_config=Mirror configuration
+config.mirror.default_interval=Default interval
+
+config.webhook_config=Конфигурация на уеб-куки
+config.webhook.types=Types
+config.webhook.deliver_timeout=Deliver timeout
+config.webhook.skip_tls_verify=Skip TLS verify
+
+config.git_config=Конфигурация на git
+config.git.disable_diff_highlight=Disable diff syntax highlight
+config.git.max_diff_lines=Diff lines limit (for a single file)
+config.git.max_diff_line_characters=Diff characters limit (for a single line)
+config.git.max_diff_files=Diff files limit (for a single diff)
+config.git.gc_args=GC arguments
+config.git.migrate_timeout=Migration timeout
+config.git.mirror_timeout=Mirror fetch timeout
+config.git.clone_timeout=Clone timeout
+config.git.pull_timeout=Pull timeout
+config.git.gc_timeout=GC timeout
+
+config.lfs_config=LFS configuration
+config.lfs.storage=Storage
+config.lfs.objects_path=Objects path
+
 config.log_config=Конфигурация на журнал
-config.log_mode=Режим на журнал
+config.log_file_root_path=Път към журнал
+config.log_mode=Режим
+config.log_options=Настройки

 monitor.cron=Cron задачи
 monitor.name=Име
@@ -1062,17 +1378,24 @@ notices.delete_success=Системните съобщения са изтрит
 create_repo=създаде хранилище <a href="%s"> %s</a>
 rename_repo=преименува хранилище от <code>%[1]s</code> на <a href="%[2]s">%[3]s</a>
 commit_repo=предаде към <a href="%[1]s/src/%[2]s">%[3]s</a> в <a href="%[1]s">%[4]s</a>
+compare_commits=Сравнение между тези %d ревизии
+transfer_repo=прехвърли хранилище <code>%s</code> към <a href="%s">%s</a>
 create_issue=`отвори задача <a href="%s/issues/%s">%s#%[2]s"</a>`
 close_issue=`затвори <a href="%s/issues/%s">%s#%[2]s</a>`
 reopen_issue=`повторно отвори <a href="%s/issues/%s">%s#%[2]s</a>`
+comment_issue=`коментира задача <a href="%s/issues/%s">%s#%[2]s"</a>`
 create_pull_request=`създаде заявка за сливане <a href="%s/pulls/%s">%s#%[2]s</a>`
 close_pull_request=`затвори заявка за сливане <a href="%s/pulls/%s">%s#%[2]s</a>`
 reopen_pull_request=`повторно отвори заявка за сливане <a href="%s/pulls/%s">%s#%[2]s</a>`
-comment_issue=`коментира задача <a href="%s/issues/%s">%s#%[2]s"</a>`
 merge_pull_request=`обедини заявка за сливане <a href="%s/pulls/%s">%s#%[2]s</a>`
-transfer_repo=прехвърли хранилище <code>%s</code> към <a href="%s">%s</a>
+create_branch=създаде клон <a href="%[1]s/src/%[2]s"> %[3]s</a> % <a href="%[1]s">[4]s</a>
+delete_branch=изтри клон <code>%[2]s</code> % <a href="%[1]s">[3]s</a>
 push_tag=предаде маркер <a href="%s/src/%s">%[2]s</a> към <a href="%[1]s">[3]s</a>
-compare_commits=Сравнение между тези %d ревизии
+delete_tag=изтри етикет <code>%[2]s</code> % <a href="%[1]s">[3]s</a>
+fork_repo=forked a repository to <a href="%s">%s</a>
+mirror_sync_push=synced commits to <a href="%[1]s/src/%[2]s">%[3]s</a> at <a href="%[1]s">%[4]s</a> from mirror
+mirror_sync_create=synced new reference <a href="%s/src/%s">%[2]s</a> to <a href="%[1]s">%[3]s</a> from mirror
+mirror_sync_delete=synced and deleted reference <code>%[2]s</code> at <a href="%[1]s">%[3]s</a> from mirror

 [tool]
 ago=преди
@@ -1094,6 +1417,7 @@ months=%[2]s %[1]d месеца
 years=%[2]s %[1]d години
 raw_seconds=секунди
 raw_minutes=минути
+raw_hours=hours

 [dropzone]
 default_message=Тук пуснете файлове с влачене или просто щракнете за избор на файл за качване.
--- a/conf/locale/locale_cs-CZ.ini
+++ b/conf/locale/locale_cs-CZ.ini
--- a/conf/locale/locale_de-DE.ini
+++ b/conf/locale/locale_de-DE.ini
--- a/conf/locale/locale_en-GB.ini
+++ b/conf/locale/locale_en-GB.ini
--- a/conf/locale/locale_en-US.ini
+++ b/conf/locale/locale_en-US.ini
--- a/conf/locale/locale_es-ES.ini
+++ b/conf/locale/locale_es-ES.ini
--- a/conf/locale/locale_fa-IR.ini
+++ b/conf/locale/locale_fa-IR.ini
--- a/conf/locale/locale_fi-FI.ini
+++ b/conf/locale/locale_fi-FI.ini
--- a/conf/locale/locale_fr-FR.ini
+++ b/conf/locale/locale_fr-FR.ini
--- a/conf/locale/locale_gl-ES.ini
+++ b/conf/locale/locale_gl-ES.ini
--- a/conf/locale/locale_hu-HU.ini
+++ b/conf/locale/locale_hu-HU.ini
--- a/conf/locale/locale_id-ID.ini
+++ b/conf/locale/locale_id-ID.ini
--- a/conf/locale/locale_it-IT.ini
+++ b/conf/locale/locale_it-IT.ini
--- a/conf/locale/locale_ja-JP.ini
+++ b/conf/locale/locale_ja-JP.ini
--- a/conf/locale/locale_ko-KR.ini
+++ b/conf/locale/locale_ko-KR.ini
--- a/conf/locale/locale_lv-LV.ini
+++ b/conf/locale/locale_lv-LV.ini
--- a/conf/locale/locale_mn-MN.ini
+++ b/conf/locale/locale_mn-MN.ini
--- a/conf/locale/locale_nl-NL.ini
+++ b/conf/locale/locale_nl-NL.ini
--- a/conf/locale/locale_pl-PL.ini
+++ b/conf/locale/locale_pl-PL.ini
--- a/conf/locale/locale_pt-BR.ini
+++ b/conf/locale/locale_pt-BR.ini
--- a/conf/locale/locale_pt-PT.ini
+++ b/conf/locale/locale_pt-PT.ini
--- a/conf/locale/locale_ro-RO.ini
+++ b/conf/locale/locale_ro-RO.ini
--- a/conf/locale/locale_ru-RU.ini
+++ b/conf/locale/locale_ru-RU.ini
--- a/conf/locale/locale_sk-SK.ini
+++ b/conf/locale/locale_sk-SK.ini
--- a/conf/locale/locale_sr-SP.ini
+++ b/conf/locale/locale_sr-SP.ini
--- a/conf/locale/locale_sv-SE.ini
+++ b/conf/locale/locale_sv-SE.ini
--- a/conf/locale/locale_tr-TR.ini
+++ b/conf/locale/locale_tr-TR.ini
--- a/conf/locale/locale_uk-UA.ini
+++ b/conf/locale/locale_uk-UA.ini
--- a/conf/locale/locale_vi-VN.ini
+++ b/conf/locale/locale_vi-VN.ini
--- a/conf/locale/locale_zh-CN.ini
+++ b/conf/locale/locale_zh-CN.ini
--- a/conf/locale/locale_zh-HK.ini
+++ b/conf/locale/locale_zh-HK.ini
--- a/conf/locale/locale_zh-TW.ini
+++ b/conf/locale/locale_zh-TW.ini
--- a/docker/README.md
+++ b/docker/README.md
@@ -1,12 +1,14 @@
 # Docker for Gogs

-Visit [Docker Hub](https://hub.docker.com/r/gogs/gogs/) see all available tags.
+![Docker pulls](https://img.shields.io/docker/pulls/gogs/gogs?logo=docker&style=for-the-badge)
+
+Visit [Docker Hub](https://hub.docker.com/u/gogs) or [GitHub Container registry](https://github.com/gogs/gogs/pkgs/container/gogs) to see all available images and tags.

 ## Usage

 To keep your data out of Docker container, we do a volume (`/var/gogs` -> `/data`) here, and you can change it based on your situation.

-```
+```sh
 # Pull image from Docker Hub.
 $ docker pull gogs/gogs

@@ -14,13 +16,13 @@ $ docker pull gogs/gogs
 $ mkdir -p /var/gogs

 # Use `docker run` for the first time.
-$ docker run --name=gogs -p 10022:22 -p 10080:3000 -v /var/gogs:/data gogs/gogs
+$ docker run --name=gogs -p 10022:22 -p 10880:3000 -v /var/gogs:/data gogs/gogs

 # Use `docker start` if you have stopped it.
 $ docker start gogs
 ```

-Note: It is important to map the Gogs ssh service from the container to the host and set the appropriate SSH Port and URI settings when setting up Gogs for the first time. To access and clone Gogs Git repositories with the above configuration you would use: `git clone ssh://git@hostname:10022/username/myrepo.git` for example.
+Note: It is important to map the SSH service from the container to the host and set the appropriate SSH Port and URI settings when setting up Gogs for the first time. To access and clone Git repositories with the above configuration you would use: `git clone ssh://git@hostname:10022/username/myrepo.git` for example.

 Files will be store in local path `/var/gogs` in my case.

@@ -36,44 +38,103 @@ Directory `/var/gogs` keeps Git repositories and Gogs data:
        |-- data
        |-- log

-### Volume with data container
+#### Custom directory

-If you're more comfortable with mounting data to a data container, the commands you execute at the first time will look like as follows:
+The "custom" directory may not be obvious in Docker environment. The `/var/gogs/gogs` (in the host) and `/data/gogs` (in the container) is already the "custom" directory and you do not need to create another layer but directly edit corresponding files under this directory.

-```
-# Create data container
-docker run --name=gogs-data --entrypoint /bin/true gogs/gogs
-# Use `docker run` for the first time.
-docker run --name=gogs --volumes-from gogs-data -p 10022:22 -p 10080:3000 gogs/gogs
-```
-#### Using Docker 1.9 Volume command
+#### Using Docker volumes

-```
+```sh
 # Create docker volume.
 $ docker volume create --name gogs-data

 # Use `docker run` for the first time.
-$ docker run --name=gogs -p 10022:22 -p 10080:3000 -v gogs-data:/data gogs/gogs
+$ docker run --name=gogs -p 10022:22 -p 10880:3000 -v gogs-data:/data gogs/gogs
 ```

 ## Settings

 ### Application

-Most of settings are obvious and easy to understand, but there are some settings can be confusing by running Gogs inside Docker:
+Most of the settings are obvious and easy to understand, but there are some settings can be confusing by running Gogs inside Docker:

 - **Repository Root Path**: keep it as default value `/home/git/gogs-repositories` because `start.sh` already made a symbolic link for you.
- **Run User**: keep it as default value `git` because `start.sh` already setup a user with name `git`.
+- **Run User**: keep it as default value `git` because `build/finalize.sh` already setup a user with name `git`.
 - **Domain**: fill in with Docker container IP (e.g. `192.168.99.100`). But if you want to access your Gogs instance from a different physical machine, please fill in with the hostname or IP address of the Docker host machine.
- **SSH Port**: Use the exposed port from Docker container. For example, your SSH server listens on `22` inside Docker, but you expose it by `10022:22`, then use `10022` for this value. **Builtin SSH server is not recommended inside Docker Container**
- **HTTP Port**: Use port you want Gogs to listen on inside Docker container. For example, your Gogs listens on `3000` inside Docker, and you expose it by `10080:3000`, but you still use `3000` for this value.
- **Application URL**: Use combination of **Domain** and **exposed HTTP Port** values (e.g. `http://192.168.99.100:10080/`).
+- **SSH Port**: Use the exposed port from Docker container. For example, your SSH server listens on `22` inside Docker, **but** you expose it by `10022:22`, then use `10022` for this value. **Builtin SSH server is not recommended inside Docker Container**
+- **HTTP Port**: Use port you want Gogs to listen on inside Docker container. For example, your Gogs listens on `3000` inside Docker, **and** you expose it by `10880:3000`, but you still use `3000` for this value.
+- **Application URL**: Use combination of **Domain** and **exposed HTTP Port** values (e.g. `http://192.168.99.100:10880/`).

-Full documentation of application settings can be found [here](http://gogs.io/docs/advanced/configuration_cheat_sheet.html).
+Full documentation of application settings can be found [here](https://github.com/gogs/gogs/blob/main/conf/app.ini).

-### Crond
+### Container options

-Please set environment variable `RUN_CROND` to be `true` or `1` in order to start `crond` inside the container.
+This container has some options available via environment variables, these options are opt-in features that can help the administration of this container:
+
+- **SOCAT_LINK**:
+  - <u>Possible value:</u>
+      `true`, `false`, `1`, `0`
+  - <u>Default:</u>
+      `true`
+  - <u>Action:</u>
+      Bind linked docker container to localhost socket using socat.
+      Any exported port from a linked container will be binded to the matching port on localhost.
+  - <u>Disclaimer:</u>
+      As this option rely on the environment variable created by docker when a container is linked, this option should be deactivated in managed environment such as Rancher or Kubernetes (set to `0` or `false`)
+- **RUN_CROND**:
+  - <u>Possible value:</u>
+      `true`, `false`, `1`, `0`
+  - <u>Default:</u>
+      `false`
+  - <u>Action:</u>
+      Request crond to be run inside the container. Its default configuration will periodically run all scripts from `/etc/periodic/${period}` but custom crontabs can be added to `/var/spool/cron/crontabs/`.
+- **BACKUP_INTERVAL**:
+  - <u>Possible value:</u>
+      `3h`, `7d`, `3M`
+  - <u>Default:</u>
+      `null`
+  - <u>Action:</u>
+      In combination with `RUN_CROND` set to `true`, enables backup system.\
+      See: [Backup System](#backup-system)
+- **BACKUP_RETENTION**:
+  - <u>Possible value:</u>
+      `360m`, `7d`, `...m/d`
+  - <u>Default:</u>
+      `7d`
+  - <u>Action:</u>
+      Used by backup system. Backups older than specified in expression are deleted periodically.\
+      See: [Backup System](#backup-system)
+- **BACKUP_ARG_CONFIG**:
+  - <u>Possible value:</u>
+      `/app/gogs/example/custom/config`
+  - <u>Default:</u>
+      `null`
+  - <u>Action:</u>
+      Used by backup system. If defined, supplies `--config` argument to `gogs backup`.\
+      See: [Backup System](#backup-system)
+- **BACKUP_ARG_EXCLUDE_REPOS**:
+  - <u>Possible value:</u>
+      `test-repo1`, `test-repo2`
+  - <u>Default:</u>
+      `null`
+  - <u>Action:</u>
+      Used by backup system. If defined, supplies `--exclude-repos` argument to `gogs backup`.\
+      See: [Backup System](#backup-system)
+- **BACKUP_EXTRA_ARGS**:
+  - <u>Possible value:</u>
+      `--verbose --exclude-mirror-repos`
+  - <u>Default:</u>
+      `null`
+  - <u>Action:</u>
+      Used by backup system. If defined, append content to arguments to `gogs backup`.\
+      See: [Backup System](#backup-system)
+
+## Backup system
+
+Automated backups with retention policy:
+
+- `BACKUP_INTERVAL` controls how often the backup job runs and supports interval in hours (h), days (d), and months (M), eg. `3h`, `7d`, `3M`. The lowest possible value is one hour (`1h`).
+- `BACKUP_RETENTION` supports expressions in minutes (m) and days (d), eg. `360m`, `2d`. The lowest possible value is 60 minutes (`60m`).

 ## Upgrade

@@ -84,8 +145,12 @@ Steps to upgrade Gogs with Docker:
 - `docker pull gogs/gogs`
 - `docker stop gogs`
 - `docker rm gogs`
- Finally, create container as the first time and don't forget to do same volume and port mapping.
+- Finally, create a container for the first time and don't forget to do the same for the volume and port mapping.

-## Known Issues
+## Known issues

- The docker container can not currently be build on Raspberry 1 (armv6l) as our base image `alpine` does not have a `go` package available for this platform.
+- The docker container cannot currently be built on Raspberry 1 (armv6l) as our base image `alpine` does not have a `go` package available for this platform.
+
+## Useful links
+
+- [Share port 22 between Gogs inside Docker & the local system](http://www.ateijelo.com/blog/2016/07/09/share-port-22-between-docker-gogs-ssh-and-local-system)
--- a/docker/build.sh
+++ b/docker/build.sh
@@ -1,27 +0,0 @@
-#!/bin/sh
-set -x
-set -e
-
-# Set temp environment vars
-export GOPATH=/tmp/go
-export PATH=${PATH}:${GOPATH}/bin
-
-# Install build deps
-apk --no-cache --no-progress add --virtual build-deps linux-pam-dev go gcc musl-dev
-
-# Init go environment to build Gogs
-mkdir -p ${GOPATH}/src/github.com/gogits/
-ln -s /app/gogs/ ${GOPATH}/src/github.com/gogits/gogs
-cd ${GOPATH}/src/github.com/gogits/gogs
-go get -v -tags "sqlite cert pam"
-go build -tags "sqlite cert pam"
-
-# Cleanup GOPATH
-rm -r $GOPATH
-
-# Remove build deps
-apk --no-progress del build-deps
-
-# Create git user for Gogs
-adduser -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && passwd -u git
-echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" >> /etc/profile
--- a/docker/build/finalize.sh
+++ b/docker/build/finalize.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+set -xe
+
+# Install gosu
+if [ "$(uname -m)" = "aarch64" ]; then
+  export arch='arm64'
+  export checksum='c3805a85d17f4454c23d7059bcb97e1ec1af272b90126e79ed002342de08389b'
+elif [ "$(uname -m)" = "armv7l" ]; then
+  export arch='armhf'
+  export checksum='e5866286277ff2a2159fb9196fea13e0a59d3f1091ea46ddb985160b94b6841b'
+else
+  export arch='amd64'
+  export checksum='bbc4136d03ab138b1ad66fa4fc051bafc6cc7ffae632b069a53657279a450de3'
+fi
+
+wget --quiet https://github.com/tianon/gosu/releases/download/1.17/gosu-${arch} -O /usr/sbin/gosu
+echo "${checksum}  /usr/sbin/gosu" | sha256sum -cs
+chmod +x /usr/sbin/gosu
+
+# Create git user for Gogs
+addgroup -S git
+adduser -G git -H -D -g 'Gogs Git User' git -h /data/git -s /bin/bash && usermod -p '*' git && passwd -u git
+echo "export GOGS_CUSTOM=${GOGS_CUSTOM}" >> /etc/profile
+
+# Final cleaning
+rm -rf /app/gogs/build
+rm -rf /app/gogs/docker/build
+rm /app/gogs/docker/nsswitch.conf
+rm /app/gogs/docker/README.md
--- a/docker/build/install-task.sh
+++ b/docker/build/install-task.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -xe
+
+if [ "$(uname -m)" = "aarch64" ]; then
+  export arch='arm64'
+  export checksum='17f325293d08f6f964e0530842e9ef1410dd5f83ee6475b493087391032b0cfd'
+elif [ "$(uname -m)" = "armv7l" ]; then
+  export arch='arm'
+  export checksum='e5b0261e9f6563ce3ace9e038520eb59d2c77c8d85f2b47ab41e1fe7cf321528'
+else
+  export arch='amd64'
+  export checksum='a35462ec71410cccfc428072de830e4478bc57a919d0131ef7897759270dff8f'
+fi
+
+wget --quiet https://github.com/go-task/task/releases/download/v3.40.1/task_linux_${arch}.tar.gz -O task_linux_${arch}.tar.gz
+echo "${checksum}  task_linux_${arch}.tar.gz" | sha256sum -cs
+
+tar -xzf task_linux_${arch}.tar.gz
+mv task /usr/local/bin/task
--- a/docker/runtime/backup-init.sh
+++ b/docker/runtime/backup-init.sh
@@ -0,0 +1,144 @@
+#!/usr/bin/env bash
+set -e
+
+BACKUP_PATH="/backup"
+
+# Make sure that required directories exist
+mkdir -p "${BACKUP_PATH}"
+mkdir -p "/etc/crontabs"
+chown git:git /backup
+chmod 2770 /backup
+
+# [string] BACKUP_INTERVAL   Period expression
+# [string] BACKUP_RETENTION  Period expression
+if [ -z "${BACKUP_INTERVAL}" ]; then
+	echo "Backup disabled: BACKUP_INTERVAL has not been found" 1>&2
+	exit 1
+fi
+
+if [ -z "${BACKUP_RETENTION}" ]; then
+	echo "Backup retention period is not defined, default to 7 days" 1>&2
+	BACKUP_RETENTION='7d'
+fi
+
+# Parse BACKUP_INTERVAL environment variable and generate appropriate cron expression. Backup cron task will be run as scheduled.
+# Expected format: nu (n - number, u - unit) (eg. 3d means 3 days)
+# Supported units: h - hours, d - days, M - months
+parse_generate_cron_expression() {
+	CRON_EXPR_MINUTES="*"
+	CRON_EXPR_HOURS="*"
+	CRON_EXPR_DAYS="*"
+	CRON_EXPR_MONTHS="*"
+
+    # shellcheck disable=SC2001
+	TIME_INTERVAL=$(echo "${BACKUP_INTERVAL}" | sed -e 's/[hdM]$//')
+    # shellcheck disable=SC2001
+	TIME_UNIT=$(echo "${BACKUP_INTERVAL}" | sed -e 's/^[0-9]\+//')
+
+	if [ "${TIME_UNIT}" = "h" ]; then
+		if [ ! "${TIME_INTERVAL}" -le 23 ]; then
+			echo "Parse error: Time unit 'h' (hour) cannot be greater than 23" 1>&2
+			exit 1
+		fi
+
+		CRON_EXPR_MINUTES=0
+		CRON_EXPR_HOURS="*/${TIME_INTERVAL}"
+	elif [ "${TIME_UNIT}" = "d" ]; then
+		if [ ! "${TIME_INTERVAL}" -le 30 ]; then
+			echo "Parse error: Time unit 'd' (day) cannot be greater than 30" 1>&2
+			exit 1
+		fi
+
+		CRON_EXPR_MINUTES=0
+		CRON_EXPR_HOURS=0
+		CRON_EXPR_DAYS="*/${TIME_INTERVAL}"
+	elif [ "${TIME_UNIT}" = "M" ]; then
+		if [ ! "${TIME_INTERVAL}" -le 12 ]; then
+			echo "Parse error: Time unit 'M' (month) cannot be greater than 12" 1>&2
+			exit 1
+		fi
+
+		CRON_EXPR_MINUTES=0
+		CRON_EXPR_HOURS=0
+		CRON_EXPR_DAYS="1"
+		CRON_EXPR_MONTHS="*/${TIME_INTERVAL}"
+	else
+		echo "Parse error: BACKUP_INTERVAL expression is invalid" 1>&2
+		exit 1
+	fi
+
+	echo "${CRON_EXPR_MINUTES} ${CRON_EXPR_HOURS} ${CRON_EXPR_DAYS} ${CRON_EXPR_MONTHS} *"
+}
+
+# Parse BACKUP_RETENTION environment variable and generate appropriate find command expression.
+# Expected format: nu (n - number, u - unit) (eg. 3d means 3 days)
+# Supported units: m - minutes, d - days
+parse_generate_retention_expression() {
+	FIND_TIME_EXPR='mtime'
+
+	# shellcheck disable=SC2001
+	TIME_INTERVAL=$(echo "${BACKUP_RETENTION}" | sed -e 's/[mhdM]$//')
+	# shellcheck disable=SC2001
+	TIME_UNIT=$(echo "${BACKUP_RETENTION}" | sed -e 's/^[0-9]\+//')
+
+	if [ "${TIME_UNIT}" = "m" ]; then
+		if [ "${TIME_INTERVAL}" -le 59 ]; then
+			echo "Warning: Minimal retention is 60m. Value set to 60m" 1>&2
+			TIME_INTERVAL=60
+		fi
+
+		FIND_TIME_EXPR="mmin"
+	elif [ "${TIME_UNIT}" = "h" ]; then
+		echo "Error: Unsupported expression - Try: eg. 120m for 2 hours." 1>&2
+		exit 1
+	elif [ "${TIME_UNIT}" = "d" ]; then
+		FIND_TIME_EXPR="mtime"
+	elif [ "${TIME_UNIT}" = "M" ]; then
+		echo "Error: Unsupported expression - Try: eg. 60d for 2 months." 1>&2
+		exit 1
+	else
+		echo "Parse error: BACKUP_RETENTION expression is invalid" 1>&2
+		exit 1
+	fi
+
+	echo "${FIND_TIME_EXPR} +${TIME_INTERVAL:-7}"
+}
+
+add_backup_cronjob() {
+	CRONTAB_USER="${1:-git}"
+	CRONTAB_FILE="/etc/crontabs/${CRONTAB_USER}"
+	CRONJOB_EXPRESSION="${2:-}"
+	CRONJOB_EXECUTOR="${3:-}"
+	CRONJOB_EXECUTOR_ARGUMENTS="${4:-}"
+  CRONJOB_TASK="${CRONJOB_EXPRESSION} /bin/sh ${CRONJOB_EXECUTOR} ${CRONJOB_EXECUTOR_ARGUMENTS}"
+
+	if [ -f "${CRONTAB_FILE}" ]; then
+		CRONJOB_EXECUTOR_COUNT=$(grep -c "${CRONJOB_EXECUTOR}" "${CRONTAB_FILE}" || exit 0)
+		if [ "${CRONJOB_EXECUTOR_COUNT}" != "0" ]; then
+			echo "Cron job already exists for ${CRONJOB_EXECUTOR}. Updating existing." 1>&2
+			CRONJOB_TASK=$(echo "{CRONJOB_TASK}" | sed 's/\//\\\//g' )
+			CRONJOB_EXECUTOR=$(echo "{CRONJOB_EXECUTOR}" | sed 's/\//\\\//g' )
+			sed -i "/${CRONJOB_EXECUTOR}/c\\${CRONJOB_TASK}" "${CRONTAB_FILE}"
+			return 0
+		fi
+	fi
+
+	# Finally append new line with cron task expression
+	echo "${CRONJOB_TASK}" >>"${CRONTAB_FILE}"
+}
+
+CRONTAB_USER=$(awk -v val="${PUID}" -F ":" '$3==val{print $1}' /etc/passwd)
+
+# Up to this point, it was desirable that interpreter handles the command errors and halts execution upon any error.
+# From now, we handle the errors our self.
+set +e
+RETENTION_EXPRESSION="$(parse_generate_retention_expression)"
+
+if [ -z "${RETENTION_EXPRESSION}" ]; then
+	echo "Couldn't generate backup retention expression. Aborting backup setup" 1>&2
+	exit 1
+fi
+
+# Backup rotator cron will run every 5 minutes
+add_backup_cronjob "${CRONTAB_USER}" "*/5 * * * *" "/app/gogs/docker/runtime/backup-rotator.sh" "'${BACKUP_PATH}' '${RETENTION_EXPRESSION}'"
+add_backup_cronjob "${CRONTAB_USER}" "$(parse_generate_cron_expression)" "/app/gogs/docker/runtime/backup-job.sh" "'${BACKUP_PATH}'"
--- a/docker/runtime/backup-job.sh
+++ b/docker/runtime/backup-job.sh
@@ -0,0 +1,40 @@
+#!/usr/bin/env sh
+
+execute_backup_job() {
+	BACKUP_ARG_PATH="${1:-}"
+	BACKUP_ARG_CONFIG="${BACKUP_ARG_CONFIG:-}"
+	BACKUP_ARG_EXCLUDE_REPOS="${BACKUP_ARG_EXCLUDE_REPOS:-}"
+	BACKUP_EXTRA_ARGS="${BACKUP_EXTRA_ARGS:-}"
+	cd "/app/gogs" || exit 1
+
+	BACKUP_ARGS="--target=${BACKUP_ARG_PATH}"
+
+	if [ -n "${BACKUP_ARG_CONFIG}" ]; then
+		BACKUP_ARGS="${BACKUP_ARGS} --config=${BACKUP_ARG_CONFIG}"
+	fi
+
+	if [ -n "${BACKUP_ARG_EXCLUDE_REPOS}" ]; then
+		BACKUP_ARGS="${BACKUP_ARGS} --exclude-repos=${BACKUP_ARG_EXCLUDE_REPOS}"
+	fi
+
+	if [ -n "${BACKUP_EXTRA_ARGS}" ]; then
+		BACKUP_ARGS="${BACKUP_ARGS} ${BACKUP_EXTRA_ARGS}"
+	fi
+
+	# NOTE: We actually need word splitting to be able to pass multiple arguments.
+	# shellcheck disable=SC2086
+	./gogs backup ${BACKUP_ARGS} || echo "Error: Backup job returned non-successful code." && exit 1
+}
+
+main() {
+	BACKUP_PATH="${1:-}"
+
+	if [ -z "${BACKUP_PATH}" ]; then
+		echo "Required argument missing BACKUP_PATH" 1>&2
+		exit 1
+	fi
+
+	execute_backup_job "${BACKUP_PATH}"
+}
+
+main "$@"
--- a/docker/runtime/backup-rotator.sh
+++ b/docker/runtime/backup-rotator.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env sh
+
+# This is very simple, yet effective backup rotation script.
+# Using find command, all files that are older than BACKUP_RETENTION_DAYS are accumulated and deleted using rm.
+main() {
+	BACKUP_PATH="${1:-}"
+	FIND_EXPRESSION="${2:-mtime +7}"
+
+	if [ -z "${BACKUP_PATH}" ]; then
+		echo "Error: Required argument missing BACKUP_PATH" 1>&2
+		exit 1
+	fi
+
+	if [ "$(realpath "${BACKUP_PATH}")" = "/" ]; then
+		echo "Error: Dangerous BACKUP_PATH: /" 1>&2
+		exit 1
+	fi
+
+	if [ ! -d "${BACKUP_PATH}" ]; then
+	  echo "Error: BACKUP_PATH doesn't exist or is not a directory" 1>&2
+		exit 1
+	fi
+
+	# shellcheck disable=SC2086
+	find "${BACKUP_PATH}/" -type f -name "gogs-backup-*.zip" -${FIND_EXPRESSION} -print -exec rm "{}" +
+}
+
+main "$@"
--- a/Show More
+++ b/Show More