Add 1.5.0-rc2 changelog (#4488 )

Prevent html entity escaping (#4471 ) (#4485 )
Fix column droping for MSSQL that need new transaction for that (#4440 ) (#4484 )
2018-07-21 20:06:06 +03:00 · 2018-07-20 18:39:40 -04:00 · 2018-07-20 15:27:30 -04:00 · 2018-07-20 21:48:15 +03:00 · 2018-07-20 19:36:56 +03:00 · 2018-07-19 17:15:12 -04:00
1624 changed files with 107839 additions and 72370 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -1,5 +0,0 @@
-*
-!gitea
-!docker
-!public
-!templates
--- a/.drone.yml
+++ b/.drone.yml
@ -1,10 +1,10 @@
 workspace:
-  base: /srv/app
+  base: /go
  path: src/code.gitea.io/gitea

 clone:
  git:
-    image: plugins/git:1
+    image: plugins/git:next
    depth: 50
    tags: true

@ -55,18 +55,27 @@ pipeline:
    when:
      event: [ push, tag, pull_request ]

+  build-without-gcc:
+    image: golang:1.8
+    pull: true
+    commands:
+      - go build -o gitea_no_gcc # test if build succeeds without the sqlite tag
+    when:
+      event: [ push, tag, pull_request ]
+
  build:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    environment:
      TAGS: bindata sqlite
-      GOPATH: /srv/app
    commands:
      - make clean
      - make generate
      - make vet
      - make lint
      - make fmt-check
+      - make swagger-check
+#      - make swagger-validate
      - make misspell-check
      - make test-vendor
      - make build
@ -74,12 +83,11 @@ pipeline:
      event: [ push, tag, pull_request ]

  test:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata sqlite
-      GOPATH: /srv/app
    commands:
      - make unit-test-coverage
    when:
@ -87,12 +95,11 @@ pipeline:
      branch: [ master ]

  test:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata sqlite
-      GOPATH: /srv/app
    commands:
      - make test
    when:
@ -100,12 +107,11 @@ pipeline:
      branch: [ release/* ]

  test:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata
-      GOPATH: /srv/app
    commands:
      - make test
    when:
@ -113,60 +119,64 @@ pipeline:

  # Commented until db locking have been resolved!
  # test-sqlite:
-  #   image: webhippie/golang:edge
+  #   image: golang:1.10
  #   pull: true
  #   group: test
  #   environment:
  #     TAGS: bindata
-  #     GOPATH: /srv/app
  #   commands:
  #     - make test-sqlite
  #   when:
  #     event: [ push, tag, pull_request ]

  test-mysql:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata
-      GOPATH: /srv/app
+      TEST_LDAP: "1"
    commands:
+      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
+      - apt-get install -y git-lfs
      - make integration-test-coverage
    when:
      event: [ push, pull_request ]
      branch: [ master ]

  test-mysql:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata
-      GOPATH: /srv/app
+      TEST_LDAP: "1"
    commands:
+      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
+      - apt-get install -y git-lfs
      - make test-mysql
    when:
      event: [ tag ]

  test-pgsql:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    group: test
    environment:
      TAGS: bindata
-      GOPATH: /srv/app
+      TEST_LDAP: "1"
    commands:
+      - curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash
+      - apt-get install -y git-lfs
      - make test-pgsql
    when:
      event: [ push, tag, pull_request ]

  generate-coverage:
-    image: webhippie/golang:edge
+    image: golang:1.10
    pull: true
    environment:
      TAGS: bindata
-      GOPATH: /srv/app
    commands:
      - make coverage
    when:
@ -187,23 +197,47 @@ pipeline:
    pull: true
    environment:
      TAGS: bindata sqlite
-      GOPATH: /srv/app
    commands:
+      - export PATH=$PATH:$GOPATH/bin
      - make release
    when:
      event: [ push, tag ]

-  docker:
+  build_docs:
+    image: webhippie/hugo:latest
+    pull: true
+    commands:
+      - cd docs
+      - make trans-copy
+      - make clean
+      - make build
+
+  docker_docs:
    image: plugins/docker:17.05
    pull: true
    secrets: [ docker_username, docker_password ]
-    repo: gitea/gitea
-    tags: [ '${DRONE_TAG##v}' ]
+    repo: gitea/docs
+    context: docs
+    dockerfile: docs/Dockerfile
+    tags: [ '${DRONE_BRANCH##release/v}' ]
    when:
-      event: [ tag ]
+      event: [ push ]
+      branch: [ release/* ]
+
+  docker_docs:
+    image: plugins/docker:17.05
+    pull: true
+    secrets: [ docker_username, docker_password ]
+    repo: gitea/docs
+    context: docs
+    dockerfile: docs/Dockerfile
+    tags: [ 'latest' ]
+    when:
+      event: [ push ]
+      branch: [ master ]

  docker:
-    image: plugins/docker:17.05
+    image: plugins/docker:17.12
    pull: true
    secrets: [ docker_username, docker_password ]
    repo: gitea/gitea
@ -213,14 +247,25 @@ pipeline:
      branch: [ release/* ]

  docker:
-    image: plugins/docker:17.05
-    pull: true
+    image: plugins/docker:17.12
    secrets: [ docker_username, docker_password ]
+    pull: true
    repo: gitea/gitea
-    tags: [ 'latest' ]
+    default_tags: true
    when:
-      event: [ push ]
-      branch: [ master ]
+      event: [ push, tag ]
+
+  gpg-sign:
+    image: plugins/gpgsign:1
+    pull: true
+    secrets: [ gpgsign_key, gpgsign_passphrase ]
+    detach_sign: true
+    files:
+      - dist/release/*
+    excludes:
+      - dist/release/*.sha256
+    when:
+      event: [ push, tag ]

  release:
    image: plugins/s3:1
@ -308,3 +353,8 @@ services:
      - POSTGRES_DB=test
    when:
      event: [ push, tag, pull_request ]
+
+  ldap:
+    image: gitea/test-openldap:latest
+    when:
+      event: [ push, tag, pull_request ]
--- a/.gitignore
+++ b/.gitignore
@ -59,3 +59,13 @@ coverage.all
 /integrations/mysql.ini
 /integrations/pgsql.ini
 /node_modules
+
+
+# Snapcraft
+snap/.snapcraft/
+parts/
+stage/
+prime/
+*.snap
+*.snap-build
+*_source.tar.bz2
--- a/.lgtm
+++ b/.lgtm
@ -1,2 +1,3 @@
-self_approval_off = false
+pattern = "(?)LGTM"
+self_approval_off = true
 ignore_maintainers_file = true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,23 +1,231 @@
 # Changelog

-## [1.3.3](https://github.com/go-gitea/gitea/releases/tag/v1.3.3) - 2018-02-15
-* SECURITY
-  * Fix escaping changed title in comments (#3530) (#3535)
-  * Escape search query display (#3486) (#3489)
-* BUGFIXES
-  * Fix repo-transfer-and-team-repo-count bug (#3241) (#3244)
-  * Open external tracker in blank window, consistently with wiki (#3227) (#3228)
-  * Change SSL Mode from checkbox to string in admin page (#3208) (#3211)
+This changelog goes through all the changes that have been made in each release
+without substantial changes to our git log; to see the highlights of what has
+been added to each release, please refer to the [blog](https://blog.gitea.io).

-## [1.3.2](https://github.com/go-gitea/gitea/releases/tag/v1.3.2) - 2017-12-14
+## [1.5.0-RC2](https://github.com/go-gitea/gitea/releases/tag/v1.5.0-rc2) - 2018-07-21
+* SECURITY
+  * Check that repositories can only be migrated to own user or organizations (#4366) (#4370)
 * BUGFIXES
-  * fix run web with -p push failed (#3154) (#3179)
-  * Fix source download link when no code unit allowed (#3166) (#3169)
-  * Allow adding collaborators with (fullname) (#3103) (#3168)
-  * Fix repo links (#3093) (#3163)
-  * Fix Uninitialized variable in ParsePatch (#3156) (#3162)
-  * Fix migration order v1.3 (#3157)
-  * Fix avatar URLs (#3069) (#3143)
+  * Fix column droping for MSSQL that need new transaction for that (#4440) (#4484)
+  * Redirect to correct page after using scratch token (#4458) (#4472)
+  * Replace src with raw to fix image paths (#4377) (#4386)
+  * Fixes repo membership check in API (#4341) (#4379)
+  * Add default merge options when adding new repository (#4369) (#4373)
+  * Fix repository last updated time update when delete a user who watched the repo (#4363) (#4371)
+  * Fix html entity escaping in branch deletion message (#4471) (#4485)
+
+## [1.5.0-RC1](https://github.com/go-gitea/gitea/releases/tag/v1.5.0-rc1) - 2018-07-04
+* SECURITY
+  * Limit uploaded avatar image-size to 4096px x 3072px by default (#4353)
+  * Do not allow to reuse TOTP passcode (#3878)
+* FEATURE
+  * Add cli commands to regen hooks & keys (#3979)
+  * Add support for FIDO U2F (#3971)
+  * Added user language setting (#3875)
+  * LDAP Public SSH Keys synchronization (#1844)
+  * Add topic support (#3711)
+  * Multiple assignees (#3705)
+  * Add protected branch whitelists for merging (#3689)
+  * Global code search support (#3664)
+  * Add label descriptions (#3662)
+  * Add issue search via API (#3612)
+  * Add repository setting to enable/disable health checks (#3607)
+  * Emoji Autocomplete (#3433)
+  * Implements generator cli for secrets (#3531)
+* ENHANCEMENT
+  * Add more webhooks support and refactor webhook templates directory (#3929)
+  * Add new option to allow only OAuth2/OpenID user registration (#3910)
+  * Add option to use paged LDAP search when synchronizing users (#3895)
+  * Symlink icons (#1416)
+  * Improve release page UI (#3693)
+  * Add admin dashboard option to run health checks (#3606)
+  * Add branch link in branch list (#3576)
+  * Reduce sql query times in retrieveFeeds (#3547)
+  * Option to enable or disable swagger endpoints (#3502)
+  * Add missing licenses (#3497)
+  * Reduce repo indexer disk usage (#3452)
+  * Enable caching on assets and avatars (#3376)
+  * Add repository search ordered by stars/forks. Forks column in admin repo list (#3969)
+  * Add Environment Variables to Docker template (#4012)
+  * LFS: make HTTP auth period configurable (#4035)
+  * Add config path as an optionial flag when changing pass via CLI (#4184)
+  * Refactor User Settings sections (#3900)
+  * Allow square brackets in external issue patterns (#3408)
+  * Add Attachment API (#3478)
+  * Add EnableTimetracking option to app settings (#3719)
+  * Add config option to enable or disable log executed SQL (#3726)
+  * Shows total tracked time in issue and milestone list (#3341)
+* TRANSLATION
+  * Improve English grammar and consistency (#3614)
+* DEPLOYMENT
+  * Allow Gitea to run as different USER in Docker (#3961)
+  * Provide compressed release binaries (#3991)
+  * Sign release binaries (#4188)
+
+## [1.4.3](https://github.com/go-gitea/gitea/releases/tag/v1.4.3) - 2018-06-26
+* SECURITY
+  * HTML-escape plain-text READMEs (#4192) (#4214)
+  * Fix open redirect vulnerability on login screen (#4312) (#4312)
+* BUGFIXES
+  * Fix broken monitoring page when running processes are shown (#4203) (#4208)
+  * Fix delete comment bug (#4216) (#4228)
+  * Delete reactions added to issues and comments when deleting repository (#4232) (#4237)
+  * Fix wiki URL encoding bug (#4091) (#4254)
+  * Fix code tab link when viewing tags (#3908) (#4263)
+  * Fix webhook type conflation (#4285) (#4285)
+
+## [1.4.2](https://github.com/go-gitea/gitea/releases/tag/v1.4.2) - 2018-06-04
+* BUGFIXES
+  * Adjust z-index for floating labels (#3939) (#3950)
+  * Add missing token validation on application settings page (#3976) #3978
+  * Webhook and hook_task clean up (#4006)
+  * Fix webhook bug of response info is not displayed in UI (#4023)
+  * Fix writer cannot read bare repo guide (#4033) (#4039)
+  * Don't force due date to current time (#3830) (#4057)
+  * Fix wiki redirects (#3919) (#4065)
+  * Fix attachment ENABLED (#4064) (#4066)
+  * Added deletion of an empty line at the end of file (#4054) (#4074)
+  * Use ResolveReference instead of path.Join (#4073)
+  * Fix #4081 Check for leading / in base before removing it (#4083)
+  * Respository's home page not updated after first push (#4075)
+
+## [1.4.1](https://github.com/go-gitea/gitea/releases/tag/v1.4.1) - 2018-05-03
+* BREAKING
+  * Add "error" as reserved username (#3882) (#3886)
+* SECURITY
+  * Do not allow inactive users to access repositories using private key (#3887) (#3889)
+  * Fix path cleanup in file editor, when initilizing new repository and LFS oids  (#3871) (#3873)
+  * Remove unnecessary allowed safe HTML (#3778) (#3779)
+  * Correctly check http git access rights for reverse proxy authorized users (#3721) (#3743)
+* BUGFIXES
+  * Fix to use only needed columns from tables to get repository git paths (#3870) (#3883)
+  * Fix GPG expire time display when time is zero (#3584) (#3884)
+  * Fix to update only issue last update time when adding a comment (#3855) (#3860)
+  * Fix repository star count after deleting user (#3781) (#3783)
+  * Use the active branch for the code tab (#3720) (#3776)
+  * Set default branch name on first push (#3715) (#3723)
+  * Show clipboard button if disable HTTP of git protocol (#3773) (#3774)
+
+## [1.4.0](https://github.com/go-gitea/gitea/releases/tag/v1.4.0) - 2018-03-25
+* BREAKING
+  * Drop deprecated GOGS\_WORK\_DIR use (#2946)
+  * Fix API status code for hook creation (#2814)
+* SECURITY
+  * Escape branch name in dropdown menu (#3691) (#3692)
+  * Refactor and simplify to correctly validate redirect to URL (#3674) (#3676)
+  * Fix escaping changed title in comments (#3530) (#3534)
+  * Escape search query (#3486) (#3488)
+  * Sanitize logs for mirror sync (#3057)
+* FEATURE
+  * Serve .patch and .diff for pull requests (#3305, #3293)
+  * Add repo-sync-releases admin command (#3254)
+  * Support default private when creating or migrating repository (#3239)
+  * Writable deploy keys (closes #671) (#3225)
+  * Add Pull Request merge options - Ignore white-space for conflict checking, Rebase, Squash merge (#3188)
+  * Added progressbar for issues with checkboxes (#1146). (#3171)
+  * Mention completion for issue editor. (#3136)
+  * Add 'mark all read' option to notifications (#3097)
+  * Git LFS lock api (#2938)
+  * Add reactions to issues/PR and comments (#2856)
+  * Add dingtalk webhook  (#2777)
+  * Responsive view (#2750)
+* BUGFIXES
+  * Fix wiki inter-links with spaces (#3560) (#3632)
+  * Fix query protected branch bug (#3563) (#3571)
+  * Fix remove team member issue (#3566) (#3570)
+  * Fix the protected branch panic issue (#3567) (#3569)
+  * If Mirrors repository no content is fetched, updated time should not be changed (#3551) (#3565)
+  * Bug fix for mirrored repository releases sorted (#3522) (#3555)
+  * Add issue closed time column to fix activity closed issues list (#3537) (#3540)
+  * Update markbates/goth library to support OAuth2 with new dropbox API (#3533) (#3539)
+  * Fixes missing avatars in offline mode (#3471) (#3477)
+  * Fix synchronization bug in repo indexer (#3455) (#3461)
+  * Fix rendering of wiki page list if wiki repo contains other files (#3454) (#3463)
+  * Fix webhook X-GitHub-* headers casing for better compatibility (#3429)
+  * Add content type and doctype to requests made with go-get (#3426, #3423)
+  * Fix SQL type error for webhooks (#3424)
+  * Fix PR merge error (#3421)
+  * Recognize more characters in crossreferenced repo name (#3413)
+  * Fix MSSQL bug on org (#3405)
+  * HTML escape all lines of the search result (#3402)
+  * Change local copy origin url after repository rename (#3399)
+  * Force-push to base repo's ref/pull/#/head (#3393)
+  * Fix bug when a user delete but assigned on issue (#3318)
+  * Use issue number/index instead of id for API URL. Fix #3297 (#3298)
+  * Fix repo-transfer-and-team-repo-count bug (#3241)
+  * Fix always-on SSL Mode checkbox in admin page (#3208)
+  * Fix source download link when no code unit allowed (#3166)
+  * Fix org owner cannot be removed if he is not in owner team (#3164)
+  * Fix run web with -p push failed (#3154)
+  * Fix gpg tmpl (#3153)
+  * Fix SSH auth lfs locks (#3152)
+  * Improvements for supporting UI Location (#3146)
+  * Fix new pull request link (#3133)
+  * Fix missing branch in release bug (#3108)
+  * Allow adding collaborators with (fullname) (#3103)
+  * Fix repo links (#3093)
+  * fix lfs url refs + keep path upper/lowercase in db. (#3092)
+  * Fix redis session failed (#3086)
+  * Fix bugs in issue dashboard stats (#3073)
+  * Fix avatar URLs (#3069)
+  * Fix ref parsing in commit messages (#3067)
+  * Fix issue list branch link broken (#3061)
+  * sendmail: correct option to set envelope-sender (#3044)
+  * Fix missing password length check when change password (#3039)
+  * Fix git lfs path (#3016)
+  * Fix API-Endpoint release (#3005) (#3012)
+  * Set OpenID support on by default when installing new instance (#3010)
+  * Various wiki bug fixes (#2996)
+  * Fix go-get, src and raw urls to new scheme (#2978)
+  * Fix error when add user has full name to team (#2973)
+  * Fix memcache support when value is returned as string always (#2924)
+* ENHANCEMENT
+  * Use GiteaServer as the user agent for http requests (#3404)
+  * Delete indexer DB entries when (re)creating index (#3385)
+  * Change how merged PR commit info are prepared (#3368)
+  * Asynchronously populate the repo indexer (#3366)
+  * Make the default action for the gitea executable that of running the webserver (#3331)
+  * Templates for extra links in top navbar and repo tool tabs. (#3308)
+  * Fixed asterisk based tasklist items #3295 (#3296)
+  * Add more additional template snippets (#3286)
+  * Open external tracker in blank window, consistently with wiki (#3227)
+  * Fix repo links on user profile (#3197)
+  * Enable emoji for wiki view (#3158)
+  * Small improve on deleting attachements (#3145)
+  * Reduce overhead of upgrades for users with custom stylesheets/JS (#3051)
+  * Default log level to Info without hardcoding it in installer (#3041)
+  * Memory usage improvements (#3013)
+  * Add fingerprint to ssh key endpoints. (#3009)
+  * Improve memory usage when reaching diff limits (#2990)
+  * Expandable commit bodies (#2980)
+  * Update gitgraph.js to fix blurry commit graph on HiDPI screens (#2957)
+  * Fix language names (#2955)
+  * Remove render issue link (#2954)
+  * Page parameter for repo search API (#2915)
+  * Apply LANDING\_PAGE config options for logged in users (#2894)
+  * Enable admin to search by email (#2888)
+  * Hide add key button if SSH is disabled (#2873)
+  * Fix comment API paths (#2813)
+  * Add an option to allow redirect of http port 80 to https. (#1928)
+* MISC
+  * Fix organization profile on mobile devices (#3332)
+  * Fix guide link for webhooks in repository settings (#3291) (#3292)
+  * Enable Libravatar by default in new installations (#3287)
+  * Improve suppressed diff boxes (#3193)
+  * fix button heights on commits page (#3091)
+  * Minor copy changes (#3074)
+  * Sort repos in issues dashboard sidebar (#3072)
+  * Remove box-shadow from UI, fix dashboard issue (#3065)
+  * Adjust branch button size (#3063)
+  * Fix misalignment issue in repo header (#3062)
+  * Delete a user's public key via admin api (closes #3014) (#3059)
+  * Dashboard: Fix line height problem in issue titles (#3054)
+  * Remove duplicate "Max Diff Lines" from config view (#2987)
+  * Drop unmaintained gogs migration script (#2947)
+  * App restarts to quickly if it fails to start. (#2945)
+  * Add owner to delete repo message (#2886)

 ## [1.3.1](https://github.com/go-gitea/gitea/releases/tag/v1.3.1) - 2017-12-08
 * BUGFIXES
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -11,7 +11,7 @@
  - [Translation](#translation)
  - [Code review](#code-review)
  - [Styleguide](#styleguide)
-  - [Sign your work](#sign-your-work)
+  - [Sign-off your work](#sign-off-your-work)
  - [Release Cycle](#release-cycle)
  - [Maintainers](#maintainers)
  - [Owners](#owners)
@ -48,10 +48,12 @@ getting free help.

 ## Discuss your design

-The project welcomes submissions. If you want to change or add something, 
-please let everyone know what you're working on—[file an issue](https://github.com/go-gitea/gitea/issues/new)! 
-Significant changes must go through the [change proposal process](https://github.com/go-gitea/proposals) 
-before they can be accepted.
+The project welcomes submissions. If you want to change or add something,
+please let everyone know what you're working on—[file an issue](https://github.com/go-gitea/gitea/issues/new)!
+Significant changes must go through the change proposal process
+before they can be accepted. To create a proposal, file an issue with
+your proposed changes documented, and make sure to note in the title
+of the issue that it is a proposal.

 This process gives everyone a chance to validate the design, helps
 prevent duplication of effort, and ensures that the idea fits inside
@ -67,14 +69,14 @@ and keep the compatibility on upgrade. To make sure you are
 running the test suite exactly like we do, you should install
 the CLI for [Drone CI](https://github.com/drone/drone), as
 we are using the server for continous testing, following [these
-instructions](http://readme.drone.io/usage/getting-started-cli). After that, 
-you can simply call `drone exec` within your working directory and it will try 
-to run the test suite locally.
+instructions](http://docs.drone.io/cli-installation/). After that,
+you can simply call `drone exec --local --build-event "pull_request"` within
+your working directory and it will try to run the test suite locally.

 ## Vendoring

 We keep a cached copy of dependencies within the `vendor/` directory,
-managing updates via [govendor](http://github.com/kardianos/govendor).
+managing updates via [dep](https://github.com/golang/dep).

 Pull requests should only include `vendor/` updates if they are part of
 the same change, be it a bugfix or a feature addition.
@ -83,6 +85,8 @@ The `vendor/` update needs to be justified as part of the PR description,
 and must be verified by the reviewers and/or merger to always reference
 an existing upstream commit.

+You can find more information on how to get started with it on the [dep project website](https://golang.github.io/dep/docs/introduction.html).
+
 ## Translation

 We do all translation work inside [Crowdin](https://crowdin.com/project/gitea).
@ -98,7 +102,7 @@ Generally, the go build tools are installed as-needed in the `Makefile`.
 An exception are the tools to build the CSS and images.

 - To build CSS: Install [Node.js](https://nodejs.org/en/download/package-manager)
-  with `npm` and then run `npm install` and `make stylesheets`.
+  with `npm` and then run `npm install` and `make generate-stylesheets`.
 - To build Images: ImageMagick, inkscape and zopflipng binaries must be
  available in your `PATH` to run `make generate-images`.

@ -109,8 +113,8 @@ makes the change, even if they are an owner or a maintainer. We use GitHub's
 pull request workflow to do that. And, we also use [LGTM](http://lgtm.co)
 to ensure every PR is reviewed by at least 2 maintainers.

-Please try to make your pull request easy to review for us. And, please read 
-the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md)* guide;
+Please try to make your pull request easy to review for us. And, please read
+the *[How to get faster PR reviews](https://github.com/kubernetes/community/blob/261cb0fd089b64002c91e8eddceebf032462ccd6/contributors/guide/pull-requests.md#best-practices-for-faster-reviews)* guide;
 it has lots of useful tips for any project you may want to contribute.
 Some of the key points:

@ -172,11 +176,11 @@ obtain a final version that is maintained in this branch. A release is
 maintained by issuing patch releases to only correct critical problems
 such as crashes or security issues.

-Major release cycles are bimonthly. They always begin on the 25th and end on 
-the 24th (i.e., the 25th of December to February 24th). 
+Major release cycles are bimonthly. They always begin on the 25th and end on
+the 24th (i.e., the 25th of December to February 24th).

-During a development cycle, we may also publish any necessary minor releases 
-for the previous version. For example, if the latest, published release is 
+During a development cycle, we may also publish any necessary minor releases
+for the previous version. For example, if the latest, published release is
 v1.2, then minor changes for the previous release—e.g., v1.1.0 -> v1.1.1—are
 still possible.

@ -197,6 +201,10 @@ an advisor has time to code review, we will gladly welcome them back
 to the maintainers team. If a maintainer is inactive for more than 3
 months and forgets to leave the maintainers team, the owners may move
 him or her from the maintainers team to the advisors team.
+For security reasons, Maintainers should use 2FA for their accounts and
+if possible provide gpg signed commits. 
+https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/
+https://help.github.com/articles/signing-commits-with-gpg/

 ## Owners

@ -207,6 +215,9 @@ be the main owner, and the other two the assistant owners. When the new
 owners have been elected, the old owners will give up ownership to the
 newly elected owners. If an owner is unable to do so, the other owners
 will assist in ceding ownership to the newly elected owners.
+For security reasons, Owners or any account with write access (like a bot)
+must use 2FA.
+https://help.github.com/articles/securing-your-account-with-two-factor-authentication-2fa/

 After the election, the new owners should proactively agree
 with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
@ -227,6 +238,11 @@ they served:
  * [Thomas Boerger](https://github.com/tboerger) <thomas@webhippie.de>
  * [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>

+* 2018-01-01 ~ 2018-12-31
+  * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
+  * [Lauris Bukšis-Haberkorns](https://github.com/lafriks) <lauris@nix.lv>
+  * [Kim Carlbäcker](https://github.com/bkcsoft) <kim.carlbacker@gmail.com>
+
 ## Versions

 Gitea has the `master` branch as a tip branch and has version branches
@ -245,7 +261,7 @@ be reviewed by two maintainers and must pass the automatic tests.
 Code that you contribute should use the standard copyright header:

 ```
-// Copyright 2017 The Gitea Authors. All rights reserved.
+// Copyright 2018 The Gitea Authors. All rights reserved.
 // Use of this source code is governed by a MIT-style
 // license that can be found in the LICENSE file.
 ```
--- a/39
+++ b/39
@ -1,21 +1,41 @@
-FROM alpine:3.6

-LABEL maintainer="The Gitea Authors"
+###################################
+#Build stage
+FROM golang:1.10-alpine3.7 AS build-env
+
+ARG GITEA_VERSION
+ARG TAGS="sqlite"
+ENV TAGS "bindata $TAGS"
+
+#Build deps
+RUN apk --no-cache add build-base git
+
+#Setup repo
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
+
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean generate build
+
+FROM alpine:3.7
+LABEL maintainer="maintainers@gitea.io"

 EXPOSE 22 3000

 RUN apk --no-cache add \
-    su-exec \
-    ca-certificates \
-    sqlite \
    bash \
+    ca-certificates \
+    curl \
+    gettext \
    git \
    linux-pam \
-    s6 \
-    curl \
    openssh \
-    gettext \
+    s6 \
+    sqlite \
+    su-exec \
    tzdata
+
 RUN addgroup \
    -S -g 1000 \
    git && \
@ -30,7 +50,6 @@ RUN addgroup \

 ENV USER git
 ENV GITEA_CUSTOM /data/gitea
-ENV GODEBUG=netdns=go

 VOLUME ["/data"]

@ -38,4 +57,4 @@ ENTRYPOINT ["/usr/bin/entrypoint"]
 CMD ["/bin/s6-svscan", "/etc/s6"]

 COPY docker /
-COPY gitea /app/gitea/gitea
+COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@ -1,43 +0,0 @@
-FROM multiarch/alpine:aarch64-v3.6
-
-LABEL maintainer="The Gitea Authors"
-
-EXPOSE 22 3000
-
-RUN apk --no-cache add \
-    su-exec \
-    ca-certificates \
-    sqlite \
-    bash \
-    git \
-    linux-pam \
-    s6 \
-    curl \
-    openssh \
-    gettext \
-    tzdata
-RUN addgroup \
-    -S -g 1000 \
-    git && \
-  adduser \
-    -S -H -D \
-    -h /data/git \
-    -s /bin/bash \
-    -u 1000 \
-    -G git \
-    git && \
-  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
-
-ENV USER git
-ENV GITEA_CUSTOM /data/gitea
-
-COPY docker /
-COPY gitea /app/gitea/gitea
-
-ENV GODEBUG=netdns=go
-
-VOLUME ["/data"]
-
-ENTRYPOINT ["/usr/bin/entrypoint"]
-CMD ["/bin/s6-svscan", "/etc/s6"]
-
--- a/Dockerfile.rpi
+++ b/Dockerfile.rpi
@ -1,41 +0,0 @@
-FROM multiarch/alpine:armhf-v3.6
-
-LABEL maintainer="The Gitea Authors"
-
-EXPOSE 22 3000
-
-RUN apk --no-cache add \
-    su-exec \
-    ca-certificates \
-    sqlite \
-    bash \
-    git \
-    linux-pam \
-    s6 \
-    curl \
-    openssh \
-    gettext \
-    tzdata
-RUN addgroup \
-    -S -g 1000 \
-    git && \
-  adduser \
-    -S -H -D \
-    -h /data/git \
-    -s /bin/bash \
-    -u 1000 \
-    -G git \
-    git && \
-  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
-
-ENV USER git
-ENV GITEA_CUSTOM /data/gitea
-ENV GODEBUG=netdns=go
-
-VOLUME ["/data"]
-
-ENTRYPOINT ["/usr/bin/entrypoint"]
-CMD ["/bin/s6-svscan", "/etc/s6"]
-
-COPY docker /
-COPY gitea /app/gitea/gitea
--- a/Gopkg.lock
+++ b/Gopkg.lock
--- a/Gopkg.toml
+++ b/Gopkg.toml
@ -0,0 +1,106 @@
+
+ignored = ["google.golang.org/appengine*"]
+
+[prune]
+  go-tests = true
+  unused-packages = true
+  non-go = true
+
+[[constraint]]
+  branch = "master"
+  name = "code.gitea.io/git"
+
+[[constraint]]
+  branch = "master"
+  name = "code.gitea.io/sdk"
+
+[[constraint]]
+  revision = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94"
+  name = "golang.org/x/crypto"
+
+[[constraint]]
+  revision = "a646d33e2ee3172a661fc09bca23bb4889a41bc8"
+  name = "golang.org/x/sys"
+
+[[constraint]]
+  revision = "2bf8f2a19ec09c670e931282edfe6567f6be21c9"
+  name = "golang.org/x/text"
+
+[[constraint]]
+  revision = "f2499483f923065a842d38eb4c7f1927e6fc6e6d"
+  name = "golang.org/x/net"
+
+[[constraint]]
+  #version = "v1.0.0"
+  revision = "33197485abe227dcb254644cf5081c9a3c281669"
+  name = "github.com/pingcap/tidb"
+
+[[override]]
+  name = "github.com/go-xorm/xorm"
+  #version = "0.6.5"
+  revision = "ad69f7d8f0861a29438154bb0a20b60501298480"
+
+[[override]]
+  name = "github.com/gorilla/mux"
+  revision = "757bef944d0f21880861c2dd9c871ca543023cba"
+
+[[constraint]]
+  name = "github.com/gorilla/context"
+  version = "1.1.1"
+
+[[constraint]]
+  name = "github.com/lafriks/xormstore"
+  version = "1.0.0"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/lunny/dingtalk_webhook"
+
+[[constraint]]
+  name = "github.com/markbates/goth"
+  version = "1.45.5"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/mcuadros/go-version"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/russross/blackfriday"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/tstranex/u2f"
+
+[[constraint]]
+  name = "gopkg.in/editorconfig/editorconfig-core-go.v1"
+  version = "1.2.0"
+
+[[constraint]]
+  branch = "v2"
+  name = "gopkg.in/gomail.v2"
+
+[[constraint]]
+  name = "gopkg.in/ini.v1"
+  version = "1.31.1"
+
+[[constraint]]
+  name = "gopkg.in/ldap.v2"
+  version = "2.4.1"
+
+[[constraint]]
+  name = "gopkg.in/macaron.v1"
+  version = "1.2.4"
+
+[[constraint]]
+  name = "gopkg.in/testfixtures.v2"
+  version = "2.0.0"
+
+[[override]]
+  name = "github.com/boltdb/bolt"
+  revision = "ccd680d8c1a0179ac3d68f692b01e1a1589cbfc7"
+  source = "github.com/go-gitea/bolt"
+
+[[override]]
+  revision = "c10ba270aa0bf8b8c1c986e103859c67a9103061"
+  name = "golang.org/x/oauth2"
--- a/6
+++ b/6
@ -7,6 +7,7 @@ Kim Carlbäcker <kim.carlbacker@gmail.com> (@bkcsoft)
 LefsFlare <nobody@nobody.tld> (@LefsFlarey)
 Lunny Xiao <xiaolunwen@gmail.com> (@lunny)
 Matthias Loibl <mail@matthiasloibl.com> (@metalmatze)
+Morgan Bazalgette <the@howl.moe> (@thehowl)
 Rachid Zarouali <nobody@nobody.tld> (@xinity)
 Rémy Boulanouar <admin@dblk.org> (@DblK)
 Sandro Santilli <strk@kbt.io> (@strk)
@ -18,3 +19,8 @@ Lauris Bukšis-Haberkorns <lauris@nix.lv> (@lafriks)
 Jonas Östanbäck <jonas.ostanback@gmail.com> (@cez81)
 David Schneiderbauer <dschneiderbauer@gmail.com> (@daviian)
 Peter Žeby <morlinest@gmail.com> (@morlinest)
+Matti Ranta <matti@mdranta.net> (@techknowlogick)
+Michael Lustfield <mtecknology@debian.org> (@MTecknology)
+Jonas Franz <info@jonasfranz.software> (@JonasFranzDEV)
+Flynn Lufmons <fluf@warpmail.net> (@flufmonster)
+Alexey Terentyev <axifnx@gmail.com> (@axifive)
--- a/125
+++ b/125
@ -15,14 +15,25 @@ else
 endif

 BINDATA := modules/{options,public,templates}/bindata.go
-DOCKER_TAG := gitea/gitea:latest
 GOFILES := $(shell find . -name "*.go" -type f ! -path "./vendor/*" ! -path "*/bindata.go")
 GOFMT ?= gofmt -s

 GOFLAGS := -i -v
 EXTRA_GOFLAGS ?=

-LDFLAGS := -X "main.Version=$(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" -X "main.Tags=$(TAGS)"
+ifneq ($(DRONE_TAG),)
+	VERSION ?= $(subst v,,$(DRONE_TAG))
+	GITEA_VERSION := $(VERSION)
+else
+	ifneq ($(DRONE_BRANCH),)
+		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
+	else
+		VERSION ?= master
+	endif
+	GITEA_VERSION := $(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')
+endif
+
+LDFLAGS := -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)"

 PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/))
 SOURCES ?= $(shell find . -name "*.go" -type f)
@ -46,19 +57,11 @@ else
 	EXECUTABLE := gitea
 endif

-ifneq ($(DRONE_TAG),)
-	VERSION ?= $(subst v,,$(DRONE_TAG))
-else
-	ifneq ($(DRONE_BRANCH),)
-		VERSION ?= $(subst release/v,,$(DRONE_BRANCH))
-	else
-		VERSION ?= master
-	endif
-endif
-
 .PHONY: all
 all: build

+include docker/Makefile
+
 .PHONY: clean
 clean:
 	$(GO) clean -i ./...
@ -90,6 +93,22 @@ generate-swagger:
 	fi
 	swagger generate spec -o ./public/swagger.v1.json

+.PHONY: swagger-check
+swagger-check: generate-swagger
+	@diff=$$(git diff public/swagger.v1.json); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make generate-swagger' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+
+.PHONY: swagger-validate
+swagger-validate:
+	@hash swagger > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger; \
+	fi
+	swagger validate ./public/swagger.v1.json
+
 .PHONY: errcheck
 errcheck:
 	@hash errcheck > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
@ -130,38 +149,35 @@ fmt-check:

 .PHONY: test
 test:
-	$(GO) test $(PACKAGES)
+	$(GO) test -tags=sqlite $(PACKAGES)

 .PHONY: coverage
 coverage:
 	@hash gocovmerge > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		$(GO) get -u github.com/wadey/gocovmerge; \
 	fi
-	echo "mode: set" > coverage.all
-	for PKG in $(PACKAGES); do\
-		egrep "$$PKG[^/]*\.go" integration.coverage.out > int.coverage.out;\
-		gocovmerge $$GOPATH/src/$$PKG/coverage.out int.coverage.out > pkg.coverage.out;\
-		grep -h -v "^mode:" pkg.coverage.out >>  coverage.all;\
-		mv pkg.coverage.out $$GOPATH/src/$$PKG/coverage.out;\
-		rm int.coverage.out;\
-	done;
+	gocovmerge integration.coverage.out $(shell find . -type f -name "coverage.out") > coverage.all;\

 .PHONY: unit-test-coverage
 unit-test-coverage:
-	for PKG in $(PACKAGES); do $(GO) test -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
+	for PKG in $(PACKAGES); do $(GO) test -tags=sqlite -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
+
+.PHONY: vendor
+vendor:
+	@hash dep > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/golang/dep/cmd/dep; \
+	fi
+	dep ensure -vendor-only

 .PHONY: test-vendor
-test-vendor:
-	@hash govendor > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		$(GO) get -u github.com/kardianos/govendor; \
-	fi
-	govendor list +unused | tee "$(TMPDIR)/wc-gitea-unused"
-	[ $$(cat "$(TMPDIR)/wc-gitea-unused" | wc -l) -eq 0 ] || echo "Warning: /!\\ Some vendor are not used /!\\"
-
-	govendor list +outside | tee "$(TMPDIR)/wc-gitea-outside"
-	[ $$(cat "$(TMPDIR)/wc-gitea-outside" | wc -l) -eq 0 ] || exit 1
-
-	govendor status || exit 1
+test-vendor: vendor
+	@diff=$$(git diff vendor/); \
+	if [ -n "$$diff" ]; then \
+		echo "Please run 'make vendor' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi;
+#TODO add dep status -missing when implemented

 .PHONY: test-sqlite
 test-sqlite: integrations.sqlite.test
@ -180,35 +196,32 @@ generate-ini:
 			integrations/pgsql.ini.tmpl > integrations/pgsql.ini

 .PHONY: test-mysql
-test-mysql: integrations.mysql.test generate-ini
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test
+test-mysql: integrations.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test

 .PHONY: test-pgsql
-test-pgsql: integrations.pgsql.test generate-ini
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test
+test-pgsql: integrations.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test

 .PHONY: bench-sqlite
 bench-sqlite: integrations.sqlite.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.bench .
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: bench-mysql
-bench-mysql: integrations.mysql.test generate-ini
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.bench .
+bench-mysql: integrations.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: bench-pgsql
-bench-pgsql: integrations.pgsql.test generate-ini
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.bench .
+bench-pgsql: integrations.test generate-ini
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .


 .PHONY: integration-test-coverage
 integration-test-coverage: integrations.cover.test generate-ini
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out

-integrations.mysql.test: $(SOURCES)
-	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.mysql.test
-
-integrations.pgsql.test: $(SOURCES)
-	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.pgsql.test
+integrations.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.test

 integrations.sqlite.test: $(SOURCES)
 	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite'
@ -229,13 +242,8 @@ build: $(EXECUTABLE)
 $(EXECUTABLE): $(SOURCES)
 	$(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@

-.PHONY: docker
-docker:
-	docker run -ti --rm -v $(CURDIR):/srv/app/src/code.gitea.io/gitea -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" webhippie/golang:edge make clean generate build
-	docker build -t $(DOCKER_TAG) .
-
 .PHONY: release
-release: release-dirs release-windows release-linux release-darwin release-copy release-check
+release: release-dirs release-windows release-linux release-darwin release-copy release-compress release-check

 .PHONY: release-dirs
 release-dirs:
@ -279,6 +287,13 @@ release-copy:
 release-check:
 	cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/release/$(EXECUTABLE)-*),sha256sum $(notdir $(file)) > $(notdir $(file)).sha256;)

+.PHONY: release-compress
+release-compress:
+	@hash gxz > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
+		$(GO) get -u github.com/ulikunitz/xz/cmd/gxz; \
+	fi
+	cd $(DIST)/release; $(foreach file,$(wildcard $(DIST)/binaries/$(EXECUTABLE)-*),gxz -k -9 $(notdir $(file));)
+
 .PHONY: javascripts
 javascripts: public/js/index.js

@ -297,12 +312,12 @@ stylesheets-check: generate-stylesheets

 .PHONY: generate-stylesheets
 generate-stylesheets:
-	node_modules/.bin/lessc --no-ie-compat --clean-css public/less/index.less public/css/index.css
+	node_modules/.bin/lessc --clean-css public/less/index.less public/css/index.css

 .PHONY: swagger-ui
 swagger-ui:
 	rm -Rf public/vendor/assets/swagger-ui
-	git clone --depth=10 -b v3.3.2 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
+	git clone --depth=10 -b v3.13.4 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
 	mv $(TMPDIR)/swagger-ui/dist public/vendor/assets/swagger-ui
 	rm -Rf $(TMPDIR)/swagger-ui
 	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../../swagger.v1.json;g" public/vendor/assets/swagger-ui/index.html
--- a/README.md
+++ b/README.md
@ -4,19 +4,13 @@

 [![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
 [![Join the Discord chat at https://discord.gg/NsatcWJ](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
-[![Join the Matrix chat at https://matrix.to/#/#gitea:matrix.org](https://img.shields.io/badge/matrix-%23gitea%3Amatrix.org-7bc9a4.svg)](https://matrix.to/#/#gitea:matrix.org)
 [![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
 [![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![Release](https://github-release-version.herokuapp.com/github/go-gitea/gitea/release.svg?style=flat)](https://github.com/go-gitea/gitea/releases/latest)
-
-| | | |
-|:---:|:---:|:---:|
-|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
-|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
-|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
-|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|
+[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)

 ## Purpose

@ -31,24 +25,37 @@ This project has been
 [forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from
 [Gogs](https://gogs.io) since 2016.11 but changed a lot.

-## Notes
+## Building

-1. **YOU MUST READ THE [CONTRIBUTORS GUIDE](CONTRIBUTING.md) BEFORE STARTING TO WORK ON A PULL REQUEST.**
-2. If you have found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
-3. If you're interested in using our APIs, we have experimental support with [documentation](https://godoc.org/code.gitea.io/sdk/gitea).
+From the root of the source tree, run:

-## Docs
+    make generate all

-For more information and instructions about how to install Gitea, please look 
-at our [documentation](https://docs.gitea.io/en-us/). If you have questions 
-that are not covered by the documentation, you can get in contact with us on 
-our [Discord server](https://discord.gg/NsatcWJ), 
-[Matrix room](https://matrix.to/#/#gitea:matrix.org), 
-or [forum](https://discourse.gitea.io/)!
+More info: https://docs.gitea.io/en-us/install-from-source/
+
+## Using
+
+    ./gitea web
+
+NOTE: If you're interested in using our APIs, we have experimental
+support with [documentation](https://godoc.org/code.gitea.io/sdk/gitea).

 ## Contributing

-Fork -> Patch -> Push -> Pull Request
+Expected workflow is: Fork -> Patch -> Push -> Pull Request
+
+NOTES:
+
+1. **YOU MUST READ THE [CONTRIBUTORS GUIDE](CONTRIBUTING.md) BEFORE STARTING TO WORK ON A PULL REQUEST.**
+2. If you have found a vulnerability in the project, please write privately to **security@gitea.io**. Thanks!
+
+## Further information
+
+For more information and instructions about how to install Gitea, please look
+at our [documentation](https://docs.gitea.io/en-us/). If you have questions
+that are not covered by the documentation, you can get in contact with us on
+our [Discord server](https://discord.gg/NsatcWJ),
+or [forum](https://discourse.gitea.io/)!

 ## Authors

@ -56,8 +63,45 @@ Fork -> Patch -> Push -> Pull Request
 * [Contributors](https://github.com/go-gitea/gitea/graphs/contributors)
 * [Translators](options/locale/TRANSLATORS)

+## Backers
+
+Thank you to all our backers! 🙏 [[Become a backer](https://opencollective.com/gitea#backer)]
+
+<a href="https://opencollective.com/gitea#backers" target="_blank"><img src="https://opencollective.com/gitea/backers.svg?width=890"></a>
+
+## Sponsors
+
+Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [[Become a sponsor](https://opencollective.com/gitea#sponsor)]
+
+<a href="https://opencollective.com/gitea/sponsor/0/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/0/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/1/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/1/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/2/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/2/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/3/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/3/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/4/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/4/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/5/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/5/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/6/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/6/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/7/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/7/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/8/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/8/avatar.svg"></a>
+<a href="https://opencollective.com/gitea/sponsor/9/website" target="_blank"><img src="https://opencollective.com/gitea/sponsor/9/avatar.svg"></a>
+
+## FAQ
+
+**How do you pronounce Gitea?**
+
+Gitea is pronounced [/ɡɪ’ti:/](https://youtu.be/EM71-2uDAoY) as in "gi-tea" with a hard g.
+
 ## License

 This project is licensed under the MIT License.
 See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file
 for the full license text.
+
+## Screenshots
+Looking for an overview of the interface? Check it out!
+
+| | | |
+|:---:|:---:|:---:|
+|![Dashboard](https://image.ibb.co/dms6DG/1.png)|![Repository](https://image.ibb.co/m6MSLw/2.png)|![Commits History](https://image.ibb.co/cjrSLw/3.png)|
+|![Branches](https://image.ibb.co/e6vbDG/4.png)|![Issues](https://image.ibb.co/bJTJSb/5.png)|![Pull Request View](https://image.ibb.co/e02dSb/6.png)|
+|![Releases](https://image.ibb.co/cUzgfw/7.png)|![Activity](https://image.ibb.co/eZgGDG/8.png)|![Wiki](https://image.ibb.co/dYV9YG/9.png)|
+|![Diff](https://image.ibb.co/ewA9YG/10.png)|![Organization](https://image.ibb.co/ceOwDG/11.png)|![Profile](https://image.ibb.co/c44Q7b/12.png)|
--- a/README_ZH.md
+++ b/README_ZH.md
@ -8,7 +8,8 @@
 [![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
 [![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![Release](https://github-release-version.herokuapp.com/github/go-gitea/gitea/release.svg?style=flat)](https://github.com/go-gitea/gitea/releases/latest)
+[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
+[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backer/badge.svg?label=backer&color=brightgreen)](https://opencollective.com/gitea)

 | | | |
 |:---:|:---:|:---:|
--- a/cmd/admin.go
+++ b/cmd/admin.go
@ -8,7 +8,9 @@ package cmd
 import (
 	"fmt"

+	"code.gitea.io/git"
 	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"

 	"github.com/urfave/cli"
@ -18,12 +20,12 @@ var (
 	// CmdAdmin represents the available admin sub-command.
 	CmdAdmin = cli.Command{
 		Name:  "admin",
-		Usage: "Perform admin operations on command line",
-		Description: `Allow using internal logic of Gitea without hacking into the source code
-to make automatic initialization process more smoothly`,
+		Usage: "Command line interface to perform common administrative operations",
 		Subcommands: []cli.Command{
 			subcmdCreateUser,
 			subcmdChangePassword,
+			subcmdRepoSyncReleases,
+			subcmdRegenerate,
 		},
 	}

@ -34,17 +36,14 @@ to make automatic initialization process more smoothly`,
 		Flags: []cli.Flag{
 			cli.StringFlag{
 				Name:  "name",
-				Value: "",
 				Usage: "Username",
 			},
 			cli.StringFlag{
 				Name:  "password",
-				Value: "",
 				Usage: "User password",
 			},
 			cli.StringFlag{
 				Name:  "email",
-				Value: "",
 				Usage: "User email address",
 			},
 			cli.BoolFlag{
@ -74,62 +73,97 @@ to make automatic initialization process more smoothly`,
 				Value: "",
 				Usage: "New password to set for user",
 			},
+			cli.StringFlag{
+				Name:  "config, c",
+				Value: "custom/conf/app.ini",
+				Usage: "Custom configuration file path",
+			},
+		},
+	}
+
+	subcmdRepoSyncReleases = cli.Command{
+		Name:   "repo-sync-releases",
+		Usage:  "Synchronize repository releases with tags",
+		Action: runRepoSyncReleases,
+	}
+
+	subcmdRegenerate = cli.Command{
+		Name:  "regenerate",
+		Usage: "Regenerate specific files",
+		Subcommands: []cli.Command{
+			microcmdRegenHooks,
+			microcmdRegenKeys,
+		},
+	}
+
+	microcmdRegenHooks = cli.Command{
+		Name:   "hooks",
+		Usage:  "Regenerate git-hooks",
+		Action: runRegenerateHooks,
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "config, c",
+				Value: "custom/conf/app.ini",
+				Usage: "Custom configuration file path",
+			},
+		},
+	}
+
+	microcmdRegenKeys = cli.Command{
+		Name:   "keys",
+		Usage:  "Regenerate authorized_keys file",
+		Action: runRegenerateKeys,
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "config, c",
+				Value: "custom/conf/app.ini",
+				Usage: "Custom configuration file path",
+			},
 		},
 	}
 )

 func runChangePassword(c *cli.Context) error {
-	if !c.IsSet("password") {
-		return fmt.Errorf("Password is not specified")
-	} else if !c.IsSet("username") {
-		return fmt.Errorf("Username is not specified")
-	}
-
-	setting.NewContext()
-	models.LoadConfigs()
-
-	setting.NewXORMLogService(false)
-	if err := models.SetEngine(); err != nil {
-		return fmt.Errorf("models.SetEngine: %v", err)
-	}
-
-	uname := c.String("username")
-	user, err := models.GetUserByName(uname)
-	if err != nil {
-		return fmt.Errorf("%v", err)
-	}
-	user.Passwd = c.String("password")
-	if user.Salt, err = models.GetUserSalt(); err != nil {
-		return fmt.Errorf("%v", err)
-	}
-	user.EncodePasswd()
-	if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
-		return fmt.Errorf("%v", err)
-	}
-
-	fmt.Printf("User '%s' password has been successfully updated!\n", uname)
-	return nil
-}
-
-func runCreateUser(c *cli.Context) error {
-	if !c.IsSet("name") {
-		return fmt.Errorf("Username is not specified")
-	} else if !c.IsSet("password") {
-		return fmt.Errorf("Password is not specified")
-	} else if !c.IsSet("email") {
-		return fmt.Errorf("Email is not specified")
+	if err := argsSet(c, "username", "password"); err != nil {
+		return err
 	}

 	if c.IsSet("config") {
 		setting.CustomConf = c.String("config")
 	}

-	setting.NewContext()
-	models.LoadConfigs()
+	if err := initDB(); err != nil {
+		return err
+	}

-	setting.NewXORMLogService(false)
-	if err := models.SetEngine(); err != nil {
-		return fmt.Errorf("models.SetEngine: %v", err)
+	uname := c.String("username")
+	user, err := models.GetUserByName(uname)
+	if err != nil {
+		return err
+	}
+	if user.Salt, err = models.GetUserSalt(); err != nil {
+		return err
+	}
+	user.HashPassword(c.String("password"))
+	if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
+		return err
+	}
+
+	fmt.Printf("%s's password has been successfully updated!\n", user.Name)
+	return nil
+}
+
+func runCreateUser(c *cli.Context) error {
+	if err := argsSet(c, "name", "password", "email"); err != nil {
+		return err
+	}
+
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
+	if err := initDB(); err != nil {
+		return err
 	}

 	if err := models.CreateUser(&models.User{
@ -145,3 +179,86 @@ func runCreateUser(c *cli.Context) error {
 	fmt.Printf("New user '%s' has been successfully created!\n", c.String("name"))
 	return nil
 }
+
+func runRepoSyncReleases(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("Synchronizing repository releases (this may take a while)")
+	for page := 1; ; page++ {
+		repos, count, err := models.SearchRepositoryByName(&models.SearchRepoOptions{
+			Page:     page,
+			PageSize: models.RepositoryListDefaultPageSize,
+			Private:  true,
+		})
+		if err != nil {
+			return fmt.Errorf("SearchRepositoryByName: %v", err)
+		}
+		if len(repos) == 0 {
+			break
+		}
+		log.Trace("Processing next %d repos of %d", len(repos), count)
+		for _, repo := range repos {
+			log.Trace("Synchronizing repo %s with path %s", repo.FullName(), repo.RepoPath())
+			gitRepo, err := git.OpenRepository(repo.RepoPath())
+			if err != nil {
+				log.Warn("OpenRepository: %v", err)
+				continue
+			}
+
+			oldnum, err := getReleaseCount(repo.ID)
+			if err != nil {
+				log.Warn(" GetReleaseCountByRepoID: %v", err)
+			}
+			log.Trace(" currentNumReleases is %d, running SyncReleasesWithTags", oldnum)
+
+			if err = models.SyncReleasesWithTags(repo, gitRepo); err != nil {
+				log.Warn(" SyncReleasesWithTags: %v", err)
+				continue
+			}
+
+			count, err = getReleaseCount(repo.ID)
+			if err != nil {
+				log.Warn(" GetReleaseCountByRepoID: %v", err)
+				continue
+			}
+
+			log.Trace(" repo %s releases synchronized to tags: from %d to %d",
+				repo.FullName(), oldnum, count)
+		}
+	}
+
+	return nil
+}
+
+func getReleaseCount(id int64) (int64, error) {
+	return models.GetReleaseCountByRepoID(
+		id,
+		models.FindReleasesOptions{
+			IncludeTags: true,
+		},
+	)
+}
+
+func runRegenerateHooks(c *cli.Context) error {
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+	return models.SyncRepositoryHooks()
+}
+
+func runRegenerateKeys(c *cli.Context) error {
+	if c.IsSet("config") {
+		setting.CustomConf = c.String("config")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+	return models.RewriteAllPublicKeys()
+}
--- a/cmd/cert.go
+++ b/cmd/cert.go
@ -90,16 +90,16 @@ func pemBlockForKey(priv interface{}) *pem.Block {
 	}
 }

-func runCert(ctx *cli.Context) error {
-	if len(ctx.String("host")) == 0 {
-		log.Fatal("Missing required --host parameter")
+func runCert(c *cli.Context) error {
+	if err := argsSet(c, "host"); err != nil {
+		return err
 	}

 	var priv interface{}
 	var err error
-	switch ctx.String("ecdsa-curve") {
+	switch c.String("ecdsa-curve") {
 	case "":
-		priv, err = rsa.GenerateKey(rand.Reader, ctx.Int("rsa-bits"))
+		priv, err = rsa.GenerateKey(rand.Reader, c.Int("rsa-bits"))
 	case "P224":
 		priv, err = ecdsa.GenerateKey(elliptic.P224(), rand.Reader)
 	case "P256":
@ -109,23 +109,23 @@ func runCert(ctx *cli.Context) error {
 	case "P521":
 		priv, err = ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
 	default:
-		log.Fatalf("Unrecognized elliptic curve: %q", ctx.String("ecdsa-curve"))
+		log.Fatalf("Unrecognized elliptic curve: %q", c.String("ecdsa-curve"))
 	}
 	if err != nil {
 		log.Fatalf("Failed to generate private key: %v", err)
 	}

 	var notBefore time.Time
-	if len(ctx.String("start-date")) == 0 {
-		notBefore = time.Now()
-	} else {
-		notBefore, err = time.Parse("Jan 2 15:04:05 2006", ctx.String("start-date"))
+	if startDate := c.String("start-date"); startDate != "" {
+		notBefore, err = time.Parse("Jan 2 15:04:05 2006", startDate)
 		if err != nil {
 			log.Fatalf("Failed to parse creation date: %v", err)
 		}
+	} else {
+		notBefore = time.Now()
 	}

-	notAfter := notBefore.Add(ctx.Duration("duration"))
+	notAfter := notBefore.Add(c.Duration("duration"))

 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
@ -147,7 +147,7 @@ func runCert(ctx *cli.Context) error {
 		BasicConstraintsValid: true,
 	}

-	hosts := strings.Split(ctx.String("host"), ",")
+	hosts := strings.Split(c.String("host"), ",")
 	for _, h := range hosts {
 		if ip := net.ParseIP(h); ip != nil {
 			template.IPAddresses = append(template.IPAddresses, ip)
@ -156,7 +156,7 @@ func runCert(ctx *cli.Context) error {
 		}
 	}

-	if ctx.Bool("ca") {
+	if c.Bool("ca") {
 		template.IsCA = true
 		template.KeyUsage |= x509.KeyUsageCertSign
 	}
--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@ -0,0 +1,38 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+// Package cmd provides subcommands to the gitea binary - such as "web" or
+// "admin".
+package cmd
+
+import (
+	"errors"
+	"fmt"
+
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/setting"
+	"github.com/urfave/cli"
+)
+
+// argsSet checks that all the required arguments are set. args is a list of
+// arguments that must be set in the passed Context.
+func argsSet(c *cli.Context, args ...string) error {
+	for _, a := range args {
+		if !c.IsSet(a) {
+			return errors.New(a + " is not set")
+		}
+	}
+	return nil
+}
+
+func initDB() error {
+	setting.NewContext()
+	models.LoadConfigs()
+
+	setting.NewXORMLogService(false)
+	if err := models.SetEngine(); err != nil {
+		return fmt.Errorf("models.SetEngine: %v", err)
+	}
+	return nil
+}
--- a/cmd/dump.go
+++ b/cmd/dump.go
@ -68,19 +68,19 @@ func runDump(ctx *cli.Context) error {
 	if _, err := os.Stat(tmpDir); os.IsNotExist(err) {
 		log.Fatalf("Path does not exist: %s", tmpDir)
 	}
-	TmpWorkDir, err := ioutil.TempDir(tmpDir, "gitea-dump-")
+	tmpWorkDir, err := ioutil.TempDir(tmpDir, "gitea-dump-")
 	if err != nil {
 		log.Fatalf("Failed to create tmp work directory: %v", err)
 	}
-	log.Printf("Creating tmp work dir: %s", TmpWorkDir)
+	log.Printf("Creating tmp work dir: %s", tmpWorkDir)

 	// work-around #1103
 	if os.Getenv("TMPDIR") == "" {
-		os.Setenv("TMPDIR", TmpWorkDir)
+		os.Setenv("TMPDIR", tmpWorkDir)
 	}

-	reposDump := path.Join(TmpWorkDir, "gitea-repo.zip")
-	dbDump := path.Join(TmpWorkDir, "gitea-db.sql")
+	reposDump := path.Join(tmpWorkDir, "gitea-repo.zip")
+	dbDump := path.Join(tmpWorkDir, "gitea-db.sql")

 	log.Printf("Dumping local repositories...%s", setting.RepoRootPath)
 	zip.Verbose = ctx.Bool("verbose")
@ -146,10 +146,10 @@ func runDump(ctx *cli.Context) error {
 		log.Printf("Can't change file access permissions mask to 0600: %v", err)
 	}

-	log.Printf("Removing tmp work dir: %s", TmpWorkDir)
+	log.Printf("Removing tmp work dir: %s", tmpWorkDir)

-	if err := os.RemoveAll(TmpWorkDir); err != nil {
-		log.Fatalf("Failed to remove %s: %v", TmpWorkDir, err)
+	if err := os.RemoveAll(tmpWorkDir); err != nil {
+		log.Fatalf("Failed to remove %s: %v", tmpWorkDir, err)
 	}
 	log.Printf("Finish dumping in file %s", fileName)

--- a/cmd/generate.go
+++ b/cmd/generate.go
@ -0,0 +1,83 @@
+// Copyright 2016 The Gogs Authors. All rights reserved.
+// Copyright 2016 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/modules/generate"
+
+	"github.com/urfave/cli"
+)
+
+var (
+	// CmdGenerate represents the available generate sub-command.
+	CmdGenerate = cli.Command{
+		Name:  "generate",
+		Usage: "Command line interface for running generators",
+		Subcommands: []cli.Command{
+			subcmdSecret,
+		},
+	}
+
+	subcmdSecret = cli.Command{
+		Name:  "secret",
+		Usage: "Generate a secret token",
+		Subcommands: []cli.Command{
+			microcmdGenerateInternalToken,
+			microcmdGenerateLfsJwtSecret,
+			microcmdGenerateSecretKey,
+		},
+	}
+
+	microcmdGenerateInternalToken = cli.Command{
+		Name:   "INTERNAL_TOKEN",
+		Usage:  "Generate a new INTERNAL_TOKEN",
+		Action: runGenerateInternalToken,
+	}
+
+	microcmdGenerateLfsJwtSecret = cli.Command{
+		Name:   "LFS_JWT_SECRET",
+		Usage:  "Generate a new LFS_JWT_SECRET",
+		Action: runGenerateLfsJwtSecret,
+	}
+
+	microcmdGenerateSecretKey = cli.Command{
+		Name:   "SECRET_KEY",
+		Usage:  "Generate a new SECRET_KEY",
+		Action: runGenerateSecretKey,
+	}
+)
+
+func runGenerateInternalToken(c *cli.Context) error {
+	internalToken, err := generate.NewInternalToken()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", internalToken)
+	return nil
+}
+
+func runGenerateLfsJwtSecret(c *cli.Context) error {
+	JWTSecretBase64, err := generate.NewLfsJwtSecret()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", JWTSecretBase64)
+	return nil
+}
+
+func runGenerateSecretKey(c *cli.Context) error {
+	secretKey, err := generate.NewSecretKey()
+	if err != nil {
+		return err
+	}
+
+	fmt.Printf("%s\n", secretKey)
+	return nil
+}
--- a/cmd/hook.go
+++ b/cmd/hook.go
@ -37,7 +37,7 @@ var (
 		},
 		Subcommands: []cli.Command{
 			subcmdHookPreReceive,
-			subcmdHookUpadte,
+			subcmdHookUpdate,
 			subcmdHookPostReceive,
 		},
 	}
@ -48,7 +48,7 @@ var (
 		Description: "This command should only be called by Git",
 		Action:      runHookPreReceive,
 	}
-	subcmdHookUpadte = cli.Command{
+	subcmdHookUpdate = cli.Command{
 		Name:        "update",
 		Usage:       "Delegate update Git hook",
 		Description: "This command should only be called by Git",
--- a/cmd/serv.go
+++ b/cmd/serv.go
@ -18,6 +18,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/private"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"

 	"github.com/Unknwon/com"
 	"github.com/dgrijalva/jwt-go"
@ -158,18 +159,10 @@ func runServ(c *cli.Context) error {
 	}
 	os.Setenv(models.EnvRepoName, reponame)

-	repoUser, err := models.GetUserByName(username)
-	if err != nil {
-		if models.IsErrUserNotExist(err) {
-			fail("Repository owner does not exist", "Unregistered owner: %s", username)
-		}
-		fail("Internal error", "Failed to get repository owner (%s): %v", username, err)
-	}
-
-	repo, err := models.GetRepositoryByName(repoUser.ID, reponame)
+	repo, err := models.GetRepositoryByOwnerAndName(username, reponame)
 	if err != nil {
 		if models.IsErrRepoNotExist(err) {
-			fail(accessDenied, "Repository does not exist: %s/%s", repoUser.Name, reponame)
+			fail(accessDenied, "Repository does not exist: %s/%s", username, reponame)
 		}
 		fail("Internal error", "Failed to get repository: %v", err)
 	}
@ -227,8 +220,8 @@ func runServ(c *cli.Context) error {
 				fail("Internal error", "GetDeployKey: %v", err)
 			}

-			deployKey.Updated = time.Now()
-			if err = models.UpdateDeployKey(deployKey); err != nil {
+			deployKey.UpdatedUnix = util.TimeStampNow()
+			if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
 				fail("Internal error", "UpdateDeployKey: %v", err)
 			}
 		} else {
@ -237,6 +230,12 @@ func runServ(c *cli.Context) error {
 				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
 			}

+			if !user.IsActive || user.ProhibitLogin {
+				fail("Your account is not active or has been disabled by Administrator",
+					"User %s is disabled and have no access to repository %s",
+					user.Name, repoPath)
+			}
+
 			mode, err := models.AccessLevel(user.ID, repo)
 			if err != nil {
 				fail("Internal error", "Failed to check access: %v", err)
@ -263,15 +262,19 @@ func runServ(c *cli.Context) error {

 	//LFS token authentication
 	if verb == lfsAuthenticateVerb {
-		url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, repoUser.Name, repo.Name)
+		url := fmt.Sprintf("%s%s/%s.git/info/lfs", setting.AppURL, username, repo.Name)

 		now := time.Now()
-		token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		claims := jwt.MapClaims{
 			"repo": repo.ID,
 			"op":   lfsVerb,
-			"exp":  now.Add(5 * time.Minute).Unix(),
+			"exp":  now.Add(setting.LFS.HTTPAuthExpiry).Unix(),
 			"nbf":  now.Unix(),
-		})
+		}
+		if user != nil {
+			claims["user"] = user.ID
+		}
+		token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)

 		// Sign and get the complete encoded token as a string using the secret
 		tokenString, err := token.SignedString(setting.LFS.JWTSecretBytes)
--- a/cmd/web.go
+++ b/cmd/web.go
@ -51,6 +51,26 @@ and it takes care of all the other things for you`,
 	},
 }

+func runHTTPRedirector() {
+	source := fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.PortToRedirect)
+	dest := strings.TrimSuffix(setting.AppURL, "/")
+	log.Info("Redirecting: %s to %s", source, dest)
+
+	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		target := dest + r.URL.Path
+		if len(r.URL.RawQuery) > 0 {
+			target += "?" + r.URL.RawQuery
+		}
+		http.Redirect(w, r, target, http.StatusTemporaryRedirect)
+	})
+
+	var err = runHTTP(source, context2.ClearHandler(handler))
+
+	if err != nil {
+		log.Fatal(4, "Failed to start port redirection: %v", err)
+	}
+}
+
 func runWeb(ctx *cli.Context) error {
 	if ctx.IsSet("config") {
 		setting.CustomConf = ctx.String("config")
@ -101,11 +121,9 @@ func runWeb(ctx *cli.Context) error {
 		}
 	}

-	var listenAddr string
-	if setting.Protocol == setting.UnixSocket {
-		listenAddr = fmt.Sprintf("%s", setting.HTTPAddr)
-	} else {
-		listenAddr = fmt.Sprintf("%s:%s", setting.HTTPAddr, setting.HTTPPort)
+	listenAddr := setting.HTTPAddr
+	if setting.Protocol != setting.UnixSocket {
+		listenAddr += ":" + setting.HTTPPort
 	}
 	log.Info("Listen: %v://%s%s", setting.Protocol, listenAddr, setting.AppSubURL)

@ -115,6 +133,7 @@ func runWeb(ctx *cli.Context) error {

 	if setting.EnablePprof {
 		go func() {
+			log.Info("Starting pprof server on localhost:6060")
 			log.Info("%v", http.ListenAndServe("localhost:6060", nil))
 		}()
 	}
@ -124,6 +143,9 @@ func runWeb(ctx *cli.Context) error {
 	case setting.HTTP:
 		err = runHTTP(listenAddr, context2.ClearHandler(m))
 	case setting.HTTPS:
+		if setting.RedirectOtherPort {
+			go runHTTPRedirector()
+		}
 		err = runHTTPS(listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
 	case setting.FCGI:
 		listener, err := net.Listen("tcp", listenAddr)
--- a/contrib/init/centos/gitea
+++ b/contrib/init/centos/gitea
@ -24,8 +24,8 @@
 # Default values

 NAME=gitea
-GITEA_HOME=/home/git/gitea
-GITEA_PATH=${GITEA_HOME}/$NAME
+GITEA_HOME=/var/lib/${NAME}
+GITEA_PATH=/usr/local/bin/${NAME}
 GITEA_USER=git
 SERVICENAME="Gitea - Git with a cup of tea"
 LOCKFILE=/var/lock/subsys/gitea
@ -49,11 +49,11 @@ DAEMON_OPTS="--check $NAME"
 start() {
  cd ${GITEA_HOME}
  echo -n "Starting ${SERVICENAME}: "
-  daemon $DAEMON_OPTS "${GITEA_PATH} web > ${LOGFILE} 2>&1 &"
+  daemon $DAEMON_OPTS "${GITEA_PATH} web -c /etc/${NAME}/app.ini > ${LOGFILE} 2>&1 &"
  RETVAL=$?
  echo
  [ $RETVAL = 0 ] && touch ${LOCKFILE}
-        
+
  return $RETVAL
 }

@ -63,7 +63,7 @@ stop() {
        killproc ${NAME}
        RETVAL=$?
        echo
-        [ $RETVAL = 0 ] && rm -f ${LOCKFILE} 
+        [ $RETVAL = 0 ] && rm -f ${LOCKFILE}
 }

 case "$1" in
--- a/contrib/init/debian/gitea
+++ b/contrib/init/debian/gitea
@ -14,17 +14,20 @@
 # Do NOT "set -e"

 # PATH should only include /usr/* if it runs after the mountnfs.sh script
-PATH=/sbin:/usr/sbin:/bin:/usr/bin
-DESC="Git with a cup of tea"
+PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
+DESC="Gitea - Git with a cup of tea"
 NAME=gitea
 SERVICEVERBOSE=yes
 PIDFILE=/var/run/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME
-WORKINGDIR=/home/git/gitea
-DAEMON=$WORKINGDIR/$NAME
-DAEMON_ARGS="web"
+WORKINGDIR=/var/lib/$NAME
+DAEMON=/usr/local/bin/$NAME
+DAEMON_ARGS="web -c /etc/$NAME/app.ini"
 USER=git
-USERBIND="setcap cap_net_bind_service=+ep"
+USERBIND=""
+# If you want to bind Gitea to a port below 1024 uncomment
+# the line below
+#USERBIND="setcap cap_net_bind_service=+ep"
 STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}"

 # Read configuration variable file if it is present
@ -36,7 +39,7 @@ STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}"
 do_start()
 {
    $USERBIND $DAEMON
-    sh -c "USER=$USER start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \\
+    sh -c "USER=$USER HOME=/home/$USER GITEA_WORK_DIR=$WORKINGDIR start-stop-daemon --start --quiet --pidfile $PIDFILE --make-pidfile \\
        --background --chdir $WORKINGDIR --chuid $USER \\
        --exec $DAEMON -- $DAEMON_ARGS"
 }
--- a/contrib/init/freebsd/gitea
+++ b/contrib/init/freebsd/gitea
@ -19,9 +19,9 @@ load_rc_config $name

 : ${gitea_user:="git"}
 : ${gitea_enable:="NO"}
-: ${gitea_directory:="/home/git"}
+: ${gitea_directory:="/var/lib/gitea"}

-command="${gitea_directory}/gitea web"
+command="/usr/local/bin/gitea web -c /etc/gitea/app.ini"
 procname="$(echo $command |cut -d' ' -f1)"

 pidfile="${gitea_directory}/${name}.pid"
@ -33,6 +33,7 @@ gitea_start() {
 	cd ${gitea_directory}
 	export USER=${gitea_user}
 	export HOME=/usr/home/${gitea_user}
+	export GITEA_WORK_DIR=${gitea_directory}
 	/usr/sbin/daemon -f -u ${gitea_user} -p ${pidfile} $command
 }

--- a/contrib/init/gentoo/gitea
+++ b/contrib/init/gentoo/gitea
@ -1,11 +1,11 @@
 #!/sbin/openrc-run

-DIR=/home/git/gitea
+DIR=/var/lib/gitea
 USER=git

 start_stop_daemon_args="--user ${USER} --chdir ${DIR}"
-command="${DIR}/gitea"
-command_args="web"
+command="/usr/local/bin/gitea"
+command_args="web -c /etc/gitea/app.ini"
 command_background=yes
 pidfile=/var/run/gitea.pid

--- a/contrib/init/openbsd/gitea
+++ b/contrib/init/openbsd/gitea
@ -2,11 +2,11 @@
 #
 # $OpenBSD$

-daemon="/home/git/gitea/gitea"
+daemon="/usr/local/bin/gitea"
 daemon_user="git"
-daemon_flags="web"
+daemon_flags="web -c /etc/gitea/app.ini"

-gitea_directory="/home/git/gitea"
+gitea_directory="/var/lib/gitea"

 rc_bg=YES

--- a/contrib/init/sunos/gitea.xml
+++ b/contrib/init/sunos/gitea.xml
@ -0,0 +1,46 @@
+<?xml version="1.0"?>
+<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
+<service_bundle type="manifest" name="export">
+	<service name="gitea" type="service" version="1">
+		<create_default_instance enabled="false"/>
+
+		<dependency name="network" grouping="require_all" restart_on="refresh" type="service">
+			<service_fmri value="svc:/milestone/network:default"/>
+		</dependency>
+
+		<dependency name="filesystem" grouping="require_all" restart_on="refresh" type="service">
+			<service_fmri value="svc:/system/filesystem/local"/>
+		</dependency>
+
+		<exec_method
+		    type="method"
+		    name="start"
+		    exec="/opt/local/bin/gitea web"
+		    timeout_seconds="60">
+		  <method_context>
+		    <method_credential user="git" group="git" />
+		    <method_environment>
+		      <envvar name='GITEA_WORK_DIR' value='/opt/local/share/gitea'/>
+		      <envvar name='GITEA_CUSTOM' value='/opt/local/etc/gitea'/>
+		      <envvar name='HOME' value='/var/db/gitea'/>
+		      <envvar name='PATH' value='/opt/local/bin:${PATH}'/>
+		      <envvar name='USER' value='git'/>
+		    </method_environment>
+		  </method_context>
+		</exec_method>
+		<exec_method type="method" name="stop"	exec=":kill" timeout_seconds="60"/>
+
+		<property_group name="application" type="application"></property_group>
+		<property_group name="startd" type="framework">
+		  <propval name="duration" type="astring" value="child"/>
+		  <propval name="ignore_error" type="astring" value="core,signal"/>
+		</property_group>
+
+		<template>
+			<common_name>
+			  <loctext xml:lang="C">A painless, self-hosted Git service</loctext>
+			</common_name>
+		</template>
+
+	</service>
+</service_bundle>
--- a/contrib/init/suse/gitea
+++ b/contrib/init/suse/gitea
@ -18,10 +18,10 @@
 # Default values

 NAME=gitea
-GITEA_HOME=/home/git/gitea
-GITEA_PATH=${GITEA_HOME}/$NAME
+GITEA_HOME=/var/lib/$NAME
+GITEA_PATH=/usr/local/bin/$NAME
 GITEA_USER=git
-SERVICENAME="Git - with a cup of tea"
+SERVICENAME="Gitea - Git with a cup of tea"
 LOCKFILE=/var/lock/subsys/gitea
 LOGPATH=${GITEA_HOME}/log
 LOGFILE=${LOGPATH}/error.log
@ -58,7 +58,7 @@ case "$1" in
 			# return skipped as service is already running
 			(exit 5)
 		else
-			su - ${GITEA_USER} -c "USER=${GITEA_USER} ${GITEA_PATH} web 2>&1 >>${LOGFILE} &"
+			su - ${GITEA_USER} -c "USER=${GITEA_USER} GITEA_WORK_DIR=${GITEA_HOME} ${GITEA_PATH} web -c /etc/${NAME}/app.ini 2>&1 >>${LOGFILE} &"
 		fi

 		# Remember status and be verbose
--- a/Show More
+++ b/Show More