1.8.0 Changelog (#6678)

* Unfortunately MemProvider Init does not actually Init properly

Worse all of its members are private and you cannot update them.
Simple fix copy it in to modules session.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix misspelling

.eslintrc

@@ -1,27 +0,0 @@
-root: true
-
-extends:
-  - eslint:recommended
-
-parserOptions:
-  ecmaVersion: 2015
-
-env:
-  browser: true
-  jquery: true
-  es6: true
-
-globals:
-  Clipboard: false
-  CodeMirror: false
-  emojify: false
-  SimpleMDE: false
-  Vue: false
-  Dropzone: false
-  u2fApi: false
-  hljs: false
-
-rules:
-  no-unused-vars: [error, {args: all, argsIgnorePattern: ^_, varsIgnorePattern: ^_, ignoreRestSiblings: true}]
-  prefer-const: [2, {destructuring: all}]
-  no-var: [2]

.github/FUNDING.yml

@@ -1 +0,0 @@
-open_collective: gitea

.gitignore

@@ -66,8 +66,7 @@ coverage.all
 /integrations/mssql.ini
 /node_modules
 /modules/indexer/issues/indexers
-routers/repo/authorized_keys
-/yarn.lock
+
 
 # Snapcraft
 snap/.snapcraft/
@@ -77,4 +76,3 @@ prime/
 *.snap
 *.snap-build
 *_source.tar.bz2
-.DS_Store

.golangci.yml

@@ -1,94 +0,0 @@
-linters:
-  enable:
-    - gosimple
-    - deadcode
-    - typecheck
-    - govet
-    - errcheck
-    - staticcheck
-    - unused
-    - structcheck
-    - varcheck
-    - golint
-    - dupl
-    #- gocyclo # The cyclomatic complexety of a lot of functions is too high, we should refactor those another time.
-    - gofmt
-    - misspell
-    - gocritic
-  enable-all: false
-  disable-all: true
-  fast: false
-
-run:
-  timeout: 3m
-
-linters-settings:
-  gocritic:
-    disabled-checks:
-      - ifElseChain
-      - singleCaseSwitch # Every time this occured in the code, there  was no other way.
-
-issues:
-  exclude-rules:
-    # Exclude some linters from running on tests files.
-    - path: _test\.go
-      linters:
-        - gocyclo
-        - errcheck
-        - dupl
-        - gosec
-        - unparam
-        - staticcheck
-    - path: models/migrations/v
-      linters:
-        - gocyclo
-        - errcheck
-        - dupl
-        - gosec
-    - linters:
-        - dupl
-      text: "webhook"
-    - linters:
-        - gocritic
-      text: "`ID' should not be capitalized"
-    - path: modules/templates/helper.go
-      linters:
-        - gocritic
-    - linters:
-        - unused
-        - deadcode
-      text: "swagger"
-    - path: contrib/pr/checkout.go
-      linters:
-        - errcheck
-    - path: models/issue.go
-      linters:
-        - errcheck
-    - path: models/migrations/
-      linters:
-        - errcheck
-    - path: modules/log/
-      linters:
-        - errcheck
-    - path: routers/routes/routes.go
-      linters:
-        - dupl
-    - path: routers/repo/view.go
-      linters:
-        - dupl
-    - path: models/migrations/
-      linters:
-        - unused
-    - linters:
-        - staticcheck
-      text: "argument x is overwritten before first use"
-    - path: modules/httplib/httplib.go
-      linters:
-        - staticcheck
-    # Enabling this would require refactoring the methods and how they are called.
-    - path: models/issue_comment_list.go
-      linters:
-        - dupl
-    - linters:
-        - misspell
-      text: '`Unknwon` is a misspelling of `Unknown`'

.npmrc

@@ -1 +0,0 @@
-save-exact=true

.stylelintrc

@@ -1,11 +0,0 @@
-extends: stylelint-config-standard
-
-rules:
-  block-closing-brace-empty-line-before: null
-  color-hex-length: null
-  comment-empty-line-before: null
-  declaration-empty-line-before: null
-  indentation: 4
-  no-descending-specificity: null
-  rule-empty-line-before: null
-  selector-pseudo-element-colon-notation: null

CONTRIBUTING.md

@@ -11,7 +11,7 @@
   - [Translation](#translation)
   - [Code review](#code-review)
   - [Styleguide](#styleguide)
-  - [Developer Certificate of Origin (DCO)](#developer-certificate-of-origin-dco)
+  - [Sign-off your work](#sign-off-your-work)
   - [Release Cycle](#release-cycle)
   - [Maintainers](#maintainers)
   - [Owners](#owners)
@@ -65,19 +65,19 @@ high-level discussions.
 ## Testing redux
 
 Before submitting a pull request, run all the tests for the whole tree
-to make sure your changes don't cause regression elsewhere.
+to make sure your changes don't cause regression elsewhere.  
 
-Here's how to run the test suite:
+Here's how to run the test suite: 
 
 - Install the correct version of the drone-cli package.  As of this
   writing, the correct drone-cli version is
-  [1.1.0](https://docs.drone.io/cli/install/).
+  [0.8.6](https://0-8-0.docs.drone.io/cli-installation/).
 - Ensure you have enough free disk space.  You will need at least
   15-20 Gb of free disk space to hold all of the containers drone
   creates (a default AWS or GCE disk size won't work -- see
-  [#6243](https://github.com/go-gitea/gitea/issues/6243)).
+  [#6243](https://github.com/go-gitea/gitea/issues/6243)).  
 - Change into the base directory of your copy of the gitea repository,
-  and run `drone exec --event pull_request`.
+  and run `drone exec --local --build-event pull_request`.
 
 The drone version, command line, and disk requirements do change over
 time (see [#4053](https://github.com/go-gitea/gitea/issues/4053) and
@@ -88,7 +88,7 @@ update these instructions.
 ## Vendoring
 
 We keep a cached copy of dependencies within the `vendor/` directory,
-managing updates via [Modules](https://golang.org/cmd/go/#hdr-Module_maintenance).
+managing updates via [dep](https://github.com/golang/dep).
 
 Pull requests should only include `vendor/` updates if they are part of
 the same change, be it a bugfix or a feature addition.
@@ -97,7 +97,7 @@ The `vendor/` update needs to be justified as part of the PR description,
 and must be verified by the reviewers and/or merger to always reference
 an existing upstream commit.
 
-You can find more information on how to get started with it on the [Modules Wiki](https://github.com/golang/go/wiki/Modules).
+You can find more information on how to get started with it on the [dep project website](https://golang.github.io/dep/docs/introduction.html).
 
 ## Translation
 
@@ -114,7 +114,7 @@ Generally, the go build tools are installed as-needed in the `Makefile`.
 An exception are the tools to build the CSS and images.
 
 - To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager) at version 8.0 or above
-  with `npm` and then run `npm install` and `make css`.
+  with `npm` and then run `npm install` and `make generate-stylesheets`.
 - To build Images: ImageMagick, inkscape and zopflipng binaries must be
   available in your `PATH` to run `make generate-images`.
 
@@ -157,21 +157,22 @@ import (
 )
 ```
 
-## Developer Certificate of Origin (DCO)
+## Sign-off your work
 
-We consider the act of contributing to the code by submitting a Pull
-Request as the "Sign off" or agreement to the certifications and terms
-of the [DCO](DCO) and [MIT license](LICENSE). No further action is required.
-Additionally you could add a line at the end of your commit message.
+The sign-off is a simple line at the end of the explanation for the
+patch. Your signature certifies that you wrote the patch or otherwise
+have the right to pass it on as an open-source patch. The rules are
+pretty simple: If you can certify [DCO](DCO), then you just add a line
+to every git commit message:
 
 ```
 Signed-off-by: Joe Smith <joe.smith@email.com>
 ```
 
-If you set your `user.name` and `user.email` git configs, you can add the
-line to the end of your commit automatically with `git commit -s`.
-
-We assume in good faith that the information you provide is legally binding.
+Please use your real name; we really dislike pseudonyms or anonymous
+contributions. We are in the open-source world without secrets. If you
+set your `user.name` and `user.email` git configs, you can sign-off your
+commit automatically with `git commit -s`.
 
 ## Release Cycle
 
@@ -213,7 +214,7 @@ to the maintainers team. If a maintainer is inactive for more than 3
 months and forgets to leave the maintainers team, the owners may move
 him or her from the maintainers team to the advisors team.
 For security reasons, Maintainers should use 2FA for their accounts and
-if possible provide gpg signed commits.
+if possible provide gpg signed commits. 
 https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
 https://help.github.com/articles/signing-commits-with-gpg/
 
@@ -280,7 +281,7 @@ be reviewed by two maintainers and must pass the automatic tests.
   * Create `-dev` tag as `git tag -s -F release.notes v$vmaj.$vmin.0-dev` and push the tag as `git push origin v$vmaj.$vmin.0-dev`.
   * When CI has finished building tag then you have to create a new branch named `release/v$vmaj.$vmin`
 * If it is bugfix version create PR for changelog on branch `release/v$vmaj.$vmin` and wait till it is reviewed and merged.
-* Add a tag as `git tag -s -F release.notes v$vmaj.$vmin.$`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`.
+* Add a tag as `git tag -s -F release.notes v$vmaj.$vmin.$`, release.notes file could be a temporary file to only include the changelog this version which you added to `CHANGELOG.md`. 
 * And then push the tag as `git push origin v$vmaj.$vmin.$`. Drone CI will automatically created a release and upload all the compiled binary. (But currently it didn't add the release notes automatically. Maybe we should fix that.)
 * If needed send PR for changelog on branch `master`.
 * Send PR to [blog repository](https://github.com/go-gitea/blog) announcing the release.

Dockerfile

@@ -1,10 +1,7 @@
 
 ###################################
 #Build stage
-FROM golang:1.13-alpine3.10 AS build-env
-
-ARG GOPROXY
-ENV GOPROXY ${GOPROXY:-direct}
+FROM golang:1.12-alpine3.9 AS build-env
 
 ARG GITEA_VERSION
 ARG TAGS="sqlite sqlite_unlock_notify"
@@ -21,7 +18,7 @@ WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
  && make clean generate build
 
-FROM alpine:3.10
+FROM alpine:3.9
 LABEL maintainer="maintainers@gitea.io"
 
 EXPOSE 22 3000
@@ -59,6 +56,6 @@ VOLUME ["/data"]
 ENTRYPOINT ["/usr/bin/entrypoint"]
 CMD ["/bin/s6-svscan", "/etc/s6"]
 
-COPY docker/root /
+COPY docker /
 COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
 RUN ln -s /app/gitea/gitea /usr/local/bin/gitea

Gopkg.toml

@@ -0,0 +1,119 @@
+
+ignored = ["google.golang.org/appengine*"]
+
+[prune]
+  go-tests = true
+  unused-packages = true
+  non-go = true
+
+[[constraint]]
+  branch = "master"
+  name = "code.gitea.io/git"
+
+[[constraint]]
+  branch = "master"
+  name = "code.gitea.io/sdk"
+
+[[constraint]]
+  revision = "05d86ea8f6e30456949f612cf68cf4a27ce8c9c5"
+  name = "github.com/blevesearch/bleve"
+
+[[constraint]]
+  revision = "12dd70caea0268ac0d6c2707d0611ef601e7c64e"
+  name = "golang.org/x/crypto"
+
+[[constraint]]
+  branch = "master"
+  name = "golang.org/x/sys"
+
+[[constraint]]
+  revision = "2bf8f2a19ec09c670e931282edfe6567f6be21c9"
+  name = "golang.org/x/text"
+
+[[constraint]]
+  branch = "master"
+  name = "golang.org/x/net"
+
+[[override]]
+  name = "github.com/go-xorm/xorm"
+  revision = "a6300f2a45e05a8f75f00a1d6188049fe7851915"
+
+[[override]]
+  name = "github.com/go-xorm/builder"
+  version = "0.3.3"
+
+[[override]]
+  name = "github.com/go-sql-driver/mysql"
+  revision = "c45f530f8e7fe40f4687eaa50d0c8c5f1b66f9e0"
+
+[[override]]
+  name = "github.com/mattn/go-sqlite3"
+  revision = "c7c4067b79cc51e6dfdcef5c702e74b1e0fa7c75"
+
+[[override]]
+  name = "github.com/gorilla/mux"
+  revision = "757bef944d0f21880861c2dd9c871ca543023cba"
+
+[[constraint]]
+  name = "github.com/gorilla/context"
+  version = "1.1.1"
+
+[[constraint]]
+  name = "github.com/lafriks/xormstore"
+  version = "1.0.0"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/lunny/dingtalk_webhook"
+
+[[constraint]]
+  name = "github.com/markbates/goth"
+  version = "1.47.2"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/mcuadros/go-version"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/russross/blackfriday"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/tstranex/u2f"
+
+[[constraint]]
+  name = "gopkg.in/editorconfig/editorconfig-core-go.v1"
+  version = "1.2.0"
+
+[[constraint]]
+  branch = "v2"
+  name = "gopkg.in/gomail.v2"
+
+[[constraint]]
+  name = "gopkg.in/ini.v1"
+  version = "1.31.1"
+
+[[constraint]]
+  name = "gopkg.in/ldap.v3"
+  version = "3.0.1"
+
+[[constraint]]
+  name = "gopkg.in/macaron.v1"
+  version = "1.2.4"
+
+[[constraint]]
+  name = "gopkg.in/testfixtures.v2"
+  version = "2.0.0"
+
+[[override]]
+  branch = "master"
+  name = "golang.org/x/oauth2"
+
+[[constraint]]
+  name = "github.com/prometheus/client_golang"
+  version = "0.9.0"
+
+[[constraint]]
+  name = "github.com/mvdan/xurls"
+  version = "2.0.0"

MAINTAINERS

@@ -28,9 +28,3 @@ He-Long Zhang <outman99@hotmail.com> (@BetaCat0)
 Andrew Thornton <art27@cantab.net> (@zeripath)
 John Olheiser <john.olheiser@gmail.com> (@jolheiser)
 Richard Mahn <rich.mahn@unfoldingword.org> (@richmahn)
-Mrsdizzie <info@mrsdizzie.com> (@mrsdizzie)
-silverwind <me@silverwind.io> (@silverwind)
-Gary Kim <gary@garykim.dev> (@gary-kim)
-Guillermo Prandi <gitea.maint@mailfilter.com.ar> (@guillep2k)
-Mura Li <typeless@ctli.io> (@typeless)
-6543 <6543@obermui.de> (@6543)

README.md

@@ -10,9 +10,7 @@
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
 [![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
 [![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
-[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)
 
 ## Purpose
 

README_ZH.md

@@ -3,15 +3,13 @@
 # Gitea - Git with a cup of tea
 
 [![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
-[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/gitea)
+[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
 [![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
-[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
+[![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
 [![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
-[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)
 
 ## 目标
 
@@ -27,7 +25,7 @@ Gitea 的首要目标是创建一个极易安装，运行非常快速，安装
 
 ## 文档
 
-关于如何安装请访问我们的 [文档站](https://docs.gitea.io/zh-cn/)，如果没有找到对应的文档，你也可以通过 [Discord - 英文](https://discord.gg/gitea) 和 QQ群 328432459 来和我们交流。
+关于如何安装请访问我们的 [文档站](https://docs.gitea.io/zh-cn/)，如果没有找到对应的文档，你也可以通过 [Discord - 英文](https://discord.gg/NsatcWJ) 和 QQ群 328432459 来和我们交流。
 
 ## 贡献流程
 

cmd/cert.go

@@ -170,28 +170,17 @@ func runCert(c *cli.Context) error {
 	if err != nil {
 		log.Fatalf("Failed to open cert.pem for writing: %v", err)
 	}
-	err = pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
-	if err != nil {
-		log.Fatalf("Failed to encode certificate: %v", err)
-	}
-	err = certOut.Close()
-	if err != nil {
-		log.Fatalf("Failed to write cert: %v", err)
-	}
+	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
+	certOut.Close()
 	log.Println("Written cert.pem")
 
 	keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
 	if err != nil {
 		log.Fatalf("Failed to open key.pem for writing: %v", err)
 	}
-	err = pem.Encode(keyOut, pemBlockForKey(priv))
-	if err != nil {
-		log.Fatalf("Failed to encode key: %v", err)
-	}
-	err = keyOut.Close()
-	if err != nil {
-		log.Fatalf("Failed to write key: %v", err)
-	}
+	pem.Encode(keyOut, pemBlockForKey(priv))
+	keyOut.Close()
 	log.Println("Written key.pem")
+
 	return nil
 }

cmd/cmd.go

@@ -38,7 +38,7 @@ func initDB() error {
 
 func initDBDisableConsole(disableConsole bool) error {
 	setting.NewContext()
-	setting.InitDBConfig()
+	models.LoadConfigs()
 
 	setting.NewXORMLogService(disableConsole)
 	if err := models.SetEngine(); err != nil {

cmd/convert.go

@@ -1,49 +0,0 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package cmd
-
-import (
-	"fmt"
-
-	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
-
-	"github.com/urfave/cli"
-)
-
-// CmdConvert represents the available convert sub-command.
-var CmdConvert = cli.Command{
-	Name:        "convert",
-	Usage:       "Convert the database",
-	Description: "A command to convert an existing MySQL database from utf8 to utf8mb4",
-	Action:      runConvert,
-}
-
-func runConvert(ctx *cli.Context) error {
-	if err := initDB(); err != nil {
-		return err
-	}
-
-	log.Trace("AppPath: %s", setting.AppPath)
-	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
-	log.Trace("Custom path: %s", setting.CustomPath)
-	log.Trace("Log path: %s", setting.LogRootPath)
-	setting.InitDBConfig()
-
-	if !setting.Database.UseMySQL {
-		fmt.Println("This command can only be used with a MySQL database")
-		return nil
-	}
-
-	if err := models.ConvertUtf8ToUtf8mb4(); err != nil {
-		log.Fatal("Failed to convert database from utf8 to utf8mb4: %v", err)
-		return err
-	}
-
-	fmt.Println("Converted successfully, please confirm your database's character set is now utf8mb4")
-
-	return nil
-}

cmd/dump.go

@@ -17,8 +17,8 @@ import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/unknwon/cae/zip"
-	"github.com/unknwon/com"
+	"github.com/Unknwon/cae/zip"
+	"github.com/Unknwon/com"
 	"github.com/urfave/cli"
 )
 
@@ -31,12 +31,12 @@ It can be used for backup and capture Gitea server image to send to maintainer`,
 	Action: runDump,
 	Flags: []cli.Flag{
 		cli.StringFlag{
-			Name:  "file, f",
-			Value: fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix()),
-			Usage: "Name of the dump file which will be created.",
+			Name:  "config, c",
+			Value: "custom/conf/app.ini",
+			Usage: "Custom configuration file path",
 		},
 		cli.BoolFlag{
-			Name:  "verbose, V",
+			Name:  "verbose, v",
 			Usage: "Show process details",
 		},
 		cli.StringFlag{
@@ -56,8 +56,12 @@ It can be used for backup and capture Gitea server image to send to maintainer`,
 }
 
 func runDump(ctx *cli.Context) error {
+	if ctx.IsSet("config") {
+		setting.CustomConf = ctx.String("config")
+	}
 	setting.NewContext()
 	setting.NewServices() // cannot access session settings otherwise
+	models.LoadConfigs()
 
 	err := models.SetEngine()
 	if err != nil {
@@ -81,7 +85,7 @@ func runDump(ctx *cli.Context) error {
 
 	dbDump := path.Join(tmpWorkDir, "gitea-db.sql")
 
-	fileName := ctx.String("file")
+	fileName := fmt.Sprintf("gitea-dump-%d.zip", time.Now().Unix())
 	log.Printf("Packing dump files...")
 	z, err := zip.Create(fileName)
 	if err != nil {
@@ -103,8 +107,8 @@ func runDump(ctx *cli.Context) error {
 	}
 
 	targetDBType := ctx.String("database")
-	if len(targetDBType) > 0 && targetDBType != setting.Database.Type {
-		log.Printf("Dumping database %s => %s...", setting.Database.Type, targetDBType)
+	if len(targetDBType) > 0 && targetDBType != models.DbCfg.Type {
+		log.Printf("Dumping database %s => %s...", models.DbCfg.Type, targetDBType)
 	} else {
 		log.Printf("Dumping database...")
 	}
@@ -116,14 +120,6 @@ func runDump(ctx *cli.Context) error {
 	if err := z.AddFile("gitea-db.sql", dbDump); err != nil {
 		log.Fatalf("Failed to include gitea-db.sql: %v", err)
 	}
-
-	if len(setting.CustomConf) > 0 {
-		log.Printf("Adding custom configuration file from %s", setting.CustomConf)
-		if err := z.AddFile("app.ini", setting.CustomConf); err != nil {
-			log.Fatalf("Failed to include specified app.ini: %v", err)
-		}
-	}
-
 	customDir, err := os.Stat(setting.CustomPath)
 	if err == nil && customDir.IsDir() {
 		if err := z.AddDir("custom", setting.CustomPath); err != nil {

cmd/generate.go

@@ -40,10 +40,9 @@ var (
 	}
 
 	microcmdGenerateLfsJwtSecret = cli.Command{
-		Name:    "JWT_SECRET",
-		Aliases: []string{"LFS_JWT_SECRET"},
-		Usage:   "Generate a new JWT_SECRET",
-		Action:  runGenerateLfsJwtSecret,
+		Name:   "LFS_JWT_SECRET",
+		Usage:  "Generate a new LFS_JWT_SECRET",
+		Action: runGenerateLfsJwtSecret,
 	}
 
 	microcmdGenerateSecretKey = cli.Command{

cmd/hook.go

@@ -8,14 +8,16 @@ import (
 	"bufio"
 	"bytes"
 	"fmt"
-	"net/http"
 	"os"
 	"strconv"
 	"strings"
 
+	"code.gitea.io/git"
 	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/urfave/cli"
 )
@@ -26,6 +28,13 @@ var (
 		Name:        "hook",
 		Usage:       "Delegate commands to corresponding Git hooks",
 		Description: "This should only be called by Git",
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "config, c",
+				Value: "custom/conf/app.ini",
+				Usage: "Custom configuration file path",
+			},
+		},
 		Subcommands: []cli.Command{
 			subcmdHookPreReceive,
 			subcmdHookUpdate,
@@ -58,14 +67,21 @@ func runHookPreReceive(c *cli.Context) error {
 		return nil
 	}
 
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	} else if c.GlobalIsSet("config") {
+		setting.CustomConf = c.GlobalString("config")
+	}
+
 	setup("hooks/pre-receive.log")
 
 	// the environment setted on serv command
+	repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64)
 	isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
 	username := os.Getenv(models.EnvRepoUsername)
 	reponame := os.Getenv(models.EnvRepoName)
-	userID, _ := strconv.ParseInt(os.Getenv(models.EnvPusherID), 10, 64)
-	prID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchPRID), 10, 64)
+	userIDStr := os.Getenv(models.EnvPusherID)
+	repoPath := models.RepoPath(username, reponame)
 
 	buf := bytes.NewBuffer(nil)
 	scanner := bufio.NewScanner(os.Stdin)
@@ -87,23 +103,34 @@ func runHookPreReceive(c *cli.Context) error {
 		newCommitID := string(fields[1])
 		refFullName := string(fields[2])
 
-		// If the ref is a branch, check if it's protected
-		if strings.HasPrefix(refFullName, git.BranchPrefix) {
-			statusCode, msg := private.HookPreReceive(username, reponame, private.HookOptions{
-				OldCommitID:                     oldCommitID,
-				NewCommitID:                     newCommitID,
-				RefFullName:                     refFullName,
-				UserID:                          userID,
-				GitAlternativeObjectDirectories: os.Getenv(private.GitAlternativeObjectDirectories),
-				GitObjectDirectory:              os.Getenv(private.GitObjectDirectory),
-				GitQuarantinePath:               os.Getenv(private.GitQuarantinePath),
-				ProtectedBranchID:               prID,
-			})
-			switch statusCode {
-			case http.StatusInternalServerError:
-				fail("Internal Server Error", msg)
-			case http.StatusForbidden:
-				fail(msg, "")
+		branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
+		protectBranch, err := private.GetProtectedBranchBy(repoID, branchName)
+		if err != nil {
+			fail("Internal error", fmt.Sprintf("retrieve protected branches information failed: %v", err))
+		}
+
+		if protectBranch != nil && protectBranch.IsProtected() {
+			// check and deletion
+			if newCommitID == git.EmptySHA {
+				fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
+			}
+
+			// detect force push
+			if git.EmptySHA != oldCommitID {
+				output, err := git.NewCommand("rev-list", "--max-count=1", oldCommitID, "^"+newCommitID).RunInDir(repoPath)
+				if err != nil {
+					fail("Internal error", "Fail to detect force push: %v", err)
+				} else if len(output) > 0 {
+					fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
+				}
+			}
+
+			userID, _ := strconv.ParseInt(userIDStr, 10, 64)
+			canPush, err := private.CanUserPush(protectBranch.ID, userID)
+			if err != nil {
+				fail("Internal error", "Fail to detect user can push: %v", err)
+			} else if !canPush {
+				fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
 			}
 		}
 	}
@@ -116,6 +143,12 @@ func runHookUpdate(c *cli.Context) error {
 		return nil
 	}
 
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	} else if c.GlobalIsSet("config") {
+		setting.CustomConf = c.GlobalString("config")
+	}
+
 	setup("hooks/update.log")
 
 	return nil
@@ -126,9 +159,16 @@ func runHookPostReceive(c *cli.Context) error {
 		return nil
 	}
 
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	} else if c.GlobalIsSet("config") {
+		setting.CustomConf = c.GlobalString("config")
+	}
+
 	setup("hooks/post-receive.log")
 
 	// the environment setted on serv command
+	repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64)
 	repoUser := os.Getenv(models.EnvRepoUsername)
 	isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
 	repoName := os.Getenv(models.EnvRepoName)
@@ -155,31 +195,58 @@ func runHookPostReceive(c *cli.Context) error {
 		newCommitID := string(fields[1])
 		refFullName := string(fields[2])
 
-		res, err := private.HookPostReceive(repoUser, repoName, private.HookOptions{
-			OldCommitID: oldCommitID,
-			NewCommitID: newCommitID,
-			RefFullName: refFullName,
-			UserID:      pusherID,
-			UserName:    pusherName,
-		})
-
-		if res == nil {
-			fail("Internal Server Error", err)
+		if err := private.PushUpdate(models.PushUpdateOptions{
+			RefFullName:  refFullName,
+			OldCommitID:  oldCommitID,
+			NewCommitID:  newCommitID,
+			PusherID:     pusherID,
+			PusherName:   pusherName,
+			RepoUserName: repoUser,
+			RepoName:     repoName,
+		}); err != nil {
+			log.GitLogger.Error(2, "Update: %v", err)
 		}
 
-		if res["message"] == false {
-			continue
+		if newCommitID != git.EmptySHA && strings.HasPrefix(refFullName, git.BranchPrefix) {
+			branch := strings.TrimPrefix(refFullName, git.BranchPrefix)
+			repo, pullRequestAllowed, err := private.GetRepository(repoID)
+			if err != nil {
+				log.GitLogger.Error(2, "get repo: %v", err)
+				break
+			}
+			if !pullRequestAllowed {
+				break
+			}
+
+			baseRepo := repo
+			if repo.IsFork {
+				baseRepo = repo.BaseRepo
+			}
+
+			if !repo.IsFork && branch == baseRepo.DefaultBranch {
+				break
+			}
+
+			pr, err := private.ActivePullRequest(baseRepo.ID, repo.ID, baseRepo.DefaultBranch, branch)
+			if err != nil {
+				log.GitLogger.Error(2, "get active pr: %v", err)
+				break
+			}
+
+			fmt.Fprintln(os.Stderr, "")
+			if pr == nil {
+				if repo.IsFork {
+					branch = fmt.Sprintf("%s:%s", repo.OwnerName, branch)
+				}
+				fmt.Fprintf(os.Stderr, "Create a new pull request for '%s':\n", branch)
+				fmt.Fprintf(os.Stderr, "  %s/compare/%s...%s\n", baseRepo.HTMLURL(), util.PathEscapeSegments(baseRepo.DefaultBranch), util.PathEscapeSegments(branch))
+			} else {
+				fmt.Fprint(os.Stderr, "Visit the existing pull request:\n")
+				fmt.Fprintf(os.Stderr, "  %s/pulls/%d\n", baseRepo.HTMLURL(), pr.Index)
+			}
+			fmt.Fprintln(os.Stderr, "")
 		}
 
-		fmt.Fprintln(os.Stderr, "")
-		if res["create"] == true {
-			fmt.Fprintf(os.Stderr, "Create a new pull request for '%s':\n", res["branch"])
-			fmt.Fprintf(os.Stderr, "  %s\n", res["url"])
-		} else {
-			fmt.Fprint(os.Stderr, "Visit the existing pull request:\n")
-			fmt.Fprintf(os.Stderr, "  %s\n", res["url"])
-		}
-		fmt.Fprintln(os.Stderr, "")
 	}
 
 	return nil

cmd/keys.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/urfave/cli"
 )
@@ -40,10 +41,19 @@ var CmdKeys = cli.Command{
 			Value: "",
 			Usage: "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)",
 		},
+		cli.StringFlag{
+			Name:  "config, c",
+			Value: "custom/conf/app.ini",
+			Usage: "Custom configuration file path",
+		},
 	},
 }
 
 func runKeys(c *cli.Context) error {
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
 	if !c.IsSet("username") {
 		return errors.New("No username provided")
 	}

cmd/migrate.go

@@ -19,9 +19,20 @@ var CmdMigrate = cli.Command{
 	Usage:       "Migrate the database",
 	Description: "This is a command for migrating the database, so that you can run gitea admin create-user before starting the server.",
 	Action:      runMigrate,
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "config, c",
+			Value: "custom/conf/app.ini",
+			Usage: "Custom configuration file path",
+		},
+	},
 }
 
 func runMigrate(ctx *cli.Context) error {
+	if ctx.IsSet("config") {
+		setting.CustomConf = ctx.String("config")
+	}
+
 	if err := initDB(); err != nil {
 		return err
 	}
@@ -30,10 +41,10 @@ func runMigrate(ctx *cli.Context) error {
 	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
 	log.Trace("Custom path: %s", setting.CustomPath)
 	log.Trace("Log path: %s", setting.LogRootPath)
-	setting.InitDBConfig()
+	models.LoadConfigs()
 
 	if err := models.NewEngine(migrations.Migrate); err != nil {
-		log.Fatal("Failed to initialize ORM engine: %v", err)
+		log.Fatal(4, "Failed to initialize ORM engine: %v", err)
 		return err
 	}
 

cmd/web.go

@@ -5,6 +5,7 @@
 package cmd
 
 import (
+	"crypto/tls"
 	"fmt"
 	"net"
 	"net/http"
@@ -14,12 +15,13 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/markup/external"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/routers"
 	"code.gitea.io/gitea/routers/routes"
 
+	"github.com/Unknwon/com"
 	context2 "github.com/gorilla/context"
-	"github.com/unknwon/com"
 	"github.com/urfave/cli"
 	"golang.org/x/crypto/acme/autocert"
 	ini "gopkg.in/ini.v1"
@@ -38,6 +40,11 @@ and it takes care of all the other things for you`,
 			Value: "3000",
 			Usage: "Temporary port number to prevent conflict",
 		},
+		cli.StringFlag{
+			Name:  "config, c",
+			Value: "custom/conf/app.ini",
+			Usage: "Custom configuration file path",
+		},
 		cli.StringFlag{
 			Name:  "pid, P",
 			Value: "/var/run/gitea.pid",
@@ -62,7 +69,7 @@ func runHTTPRedirector() {
 	var err = runHTTP(source, context2.ClearHandler(handler))
 
 	if err != nil {
-		log.Fatal("Failed to start port redirection: %v", err)
+		log.Fatal(4, "Failed to start port redirection: %v", err)
 	}
 }
 
@@ -77,13 +84,15 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 		log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect)
 		var err = http.ListenAndServe(setting.HTTPAddr+":"+setting.PortToRedirect, certManager.HTTPHandler(http.HandlerFunc(runLetsEncryptFallbackHandler))) // all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
 		if err != nil {
-			log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
+			log.Fatal(4, "Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
 		}
 	}()
 	server := &http.Server{
-		Addr:      listenAddr,
-		Handler:   m,
-		TLSConfig: certManager.TLSConfig(),
+		Addr:    listenAddr,
+		Handler: m,
+		TLSConfig: &tls.Config{
+			GetCertificate: certManager.GetCertificate,
+		},
 	}
 	return server.ListenAndServeTLS("", "")
 }
@@ -101,12 +110,18 @@ func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) {
 }
 
 func runWeb(ctx *cli.Context) error {
+	if ctx.IsSet("config") {
+		setting.CustomConf = ctx.String("config")
+	}
+
 	if ctx.IsSet("pid") {
 		setting.CustomPID = ctx.String("pid")
 	}
 
 	routers.GlobalInit()
 
+	external.RegisterParsers()
+
 	m := routes.NewMacaron()
 	routes.RegisterRoutes(m)
 
@@ -175,20 +190,15 @@ func runWeb(ctx *cli.Context) error {
 		}
 		err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
 	case setting.FCGI:
-		var listener net.Listener
-		listener, err = net.Listen("tcp", listenAddr)
+		listener, err := net.Listen("tcp", listenAddr)
 		if err != nil {
-			log.Fatal("Failed to bind %s: %v", listenAddr, err)
+			log.Fatal(4, "Failed to bind %s", listenAddr, err)
 		}
-		defer func() {
-			if err := listener.Close(); err != nil {
-				log.Fatal("Failed to stop server: %v", err)
-			}
-		}()
+		defer listener.Close()
 		err = fcgi.Serve(listener, context2.ClearHandler(m))
 	case setting.UnixSocket:
 		if err := os.Remove(listenAddr); err != nil && !os.IsNotExist(err) {
-			log.Fatal("Failed to remove unix socket directory %s: %v", listenAddr, err)
+			log.Fatal(4, "Failed to remove unix socket directory %s: %v", listenAddr, err)
 		}
 		var listener *net.UnixListener
 		listener, err = net.ListenUnix("unix", &net.UnixAddr{Name: listenAddr, Net: "unix"})
@@ -199,15 +209,15 @@ func runWeb(ctx *cli.Context) error {
 		// FIXME: add proper implementation of signal capture on all protocols
 		// execute this on SIGTERM or SIGINT: listener.Close()
 		if err = os.Chmod(listenAddr, os.FileMode(setting.UnixSocketPermission)); err != nil {
-			log.Fatal("Failed to set permission of unix socket: %v", err)
+			log.Fatal(4, "Failed to set permission of unix socket: %v", err)
 		}
 		err = http.Serve(listener, context2.ClearHandler(m))
 	default:
-		log.Fatal("Invalid protocol: %s", setting.Protocol)
+		log.Fatal(4, "Invalid protocol: %s", setting.Protocol)
 	}
 
 	if err != nil {
-		log.Fatal("Failed to start server: %v", err)
+		log.Fatal(4, "Failed to start server: %v", err)
 	}
 
 	return nil

cmd/web_graceful.go

@@ -34,7 +34,7 @@ func runHTTPS(listenAddr, certFile, keyFile string, m http.Handler) error {
 	var err error
 	config.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
 	if err != nil {
-		log.Fatal("Failed to load https cert file %s: %v", listenAddr, err)
+		log.Fatal(4, "Failed to load https cert file %s: %v", listenAddr, err)
 	}
 
 	return gracehttp.Serve(&http.Server{