From 0387195abb82080b4c488966960f25a3e8c6fe66 Mon Sep 17 00:00:00 2001
From: Chai-Shi <changchaishi@gmail.com>
Date: Tue, 31 Dec 2024 12:22:09 +0800
Subject: [PATCH 01/55] [Feature] Private README.md for organization (#32872)

Implemented #29503

---------

Co-authored-by: Ben Chang <ben_chang@htc.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 modules/gitrepo/gitrepo.go            |  17 ++--
 modules/reqctx/datastore.go           |  26 ++++-
 modules/templates/helper.go           |  62 ++++++++----
 modules/templates/helper_test.go      |  55 +++++++++++
 modules/util/path.go                  |   1 +
 options/locale/locale_en-US.ini       |   8 +-
 routers/api/v1/repo/branch.go         |   4 +-
 routers/api/v1/repo/compare.go        |   2 +-
 routers/api/v1/repo/download.go       |   2 +-
 routers/api/v1/repo/file.go           |   2 +-
 routers/api/v1/repo/repo.go           |   2 +-
 routers/private/internal_repo.go      |   2 +-
 routers/web/org/home.go               |  74 +++++++++------
 routers/web/org/members.go            |   4 +-
 routers/web/org/teams.go              |   4 +-
 routers/web/shared/user/header.go     |  86 +++++++++++------
 routers/web/user/profile.go           |   7 +-
 services/context/api.go               |   2 +-
 services/context/base_form.go         |   9 +-
 services/context/repo.go              |   4 +-
 templates/org/home.tmpl               |  27 +++++-
 templates/org/menu.tmpl               |   4 +-
 templates/repo/create.tmpl            |   9 +-
 templates/user/overview/header.tmpl   |   2 +-
 tests/integration/org_profile_test.go | 132 ++++++++++++++++++++++++++
 web_src/css/form.css                  |  44 ++++-----
 web_src/js/features/repo-new.ts       |  42 +++++---
 27 files changed, 484 insertions(+), 149 deletions(-)
 create mode 100644 tests/integration/org_profile_test.go

diff --git a/modules/gitrepo/gitrepo.go b/modules/gitrepo/gitrepo.go
index 831b9d7bb7858..540b7244892a7 100644
--- a/modules/gitrepo/gitrepo.go
+++ b/modules/gitrepo/gitrepo.go
@@ -43,19 +43,20 @@ type contextKey struct {
 }
 
 // RepositoryFromContextOrOpen attempts to get the repository from the context or just opens it
+// The caller must call "defer gitRepo.Close()"
 func RepositoryFromContextOrOpen(ctx context.Context, repo Repository) (*git.Repository, io.Closer, error) {
-	ds := reqctx.GetRequestDataStore(ctx)
-	if ds != nil {
-		gitRepo, err := RepositoryFromRequestContextOrOpen(ctx, ds, repo)
+	reqCtx := reqctx.FromContext(ctx)
+	if reqCtx != nil {
+		gitRepo, err := RepositoryFromRequestContextOrOpen(reqCtx, repo)
 		return gitRepo, util.NopCloser{}, err
 	}
 	gitRepo, err := OpenRepository(ctx, repo)
 	return gitRepo, gitRepo, err
 }
 
-// RepositoryFromRequestContextOrOpen opens the repository at the given relative path in the provided request context
-// The repo will be automatically closed when the request context is done
-func RepositoryFromRequestContextOrOpen(ctx context.Context, ds reqctx.RequestDataStore, repo Repository) (*git.Repository, error) {
+// RepositoryFromRequestContextOrOpen opens the repository at the given relative path in the provided request context.
+// Caller shouldn't close the git repo manually, the git repo will be automatically closed when the request context is done.
+func RepositoryFromRequestContextOrOpen(ctx reqctx.RequestContext, repo Repository) (*git.Repository, error) {
 	ck := contextKey{repoPath: repoPath(repo)}
 	if gitRepo, ok := ctx.Value(ck).(*git.Repository); ok {
 		return gitRepo, nil
@@ -64,7 +65,7 @@ func RepositoryFromRequestContextOrOpen(ctx context.Context, ds reqctx.RequestDa
 	if err != nil {
 		return nil, err
 	}
-	ds.AddCloser(gitRepo)
-	ds.SetContextValue(ck, gitRepo)
+	ctx.AddCloser(gitRepo)
+	ctx.SetContextValue(ck, gitRepo)
 	return gitRepo, nil
 }
diff --git a/modules/reqctx/datastore.go b/modules/reqctx/datastore.go
index 66361a45874cf..94232450f33ca 100644
--- a/modules/reqctx/datastore.go
+++ b/modules/reqctx/datastore.go
@@ -88,6 +88,21 @@ func (r *requestDataStore) cleanUp() {
 	}
 }
 
+type RequestContext interface {
+	context.Context
+	RequestDataStore
+}
+
+func FromContext(ctx context.Context) RequestContext {
+	// here we must use the current ctx and the underlying store
+	// the current ctx guarantees that the ctx deadline/cancellation/values are respected
+	// the underlying store guarantees that the request-specific data is available
+	if store := GetRequestDataStore(ctx); store != nil {
+		return &requestContext{Context: ctx, RequestDataStore: store}
+	}
+	return nil
+}
+
 func GetRequestDataStore(ctx context.Context) RequestDataStore {
 	if req, ok := ctx.Value(RequestDataStoreKey).(*requestDataStore); ok {
 		return req
@@ -97,11 +112,11 @@ func GetRequestDataStore(ctx context.Context) RequestDataStore {
 
 type requestContext struct {
 	context.Context
-	dataStore *requestDataStore
+	RequestDataStore
 }
 
 func (c *requestContext) Value(key any) any {
-	if v := c.dataStore.GetContextValue(key); v != nil {
+	if v := c.GetContextValue(key); v != nil {
 		return v
 	}
 	return c.Context.Value(key)
@@ -109,9 +124,10 @@ func (c *requestContext) Value(key any) any {
 
 func NewRequestContext(parentCtx context.Context, profDesc string) (_ context.Context, finished func()) {
 	ctx, _, processFinished := process.GetManager().AddTypedContext(parentCtx, profDesc, process.RequestProcessType, true)
-	reqCtx := &requestContext{Context: ctx, dataStore: &requestDataStore{values: make(map[any]any)}}
+	store := &requestDataStore{values: make(map[any]any)}
+	reqCtx := &requestContext{Context: ctx, RequestDataStore: store}
 	return reqCtx, func() {
-		reqCtx.dataStore.cleanUp()
+		store.cleanUp()
 		processFinished()
 	}
 }
@@ -119,5 +135,5 @@ func NewRequestContext(parentCtx context.Context, profDesc string) (_ context.Co
 // NewRequestContextForTest creates a new RequestContext for testing purposes
 // It doesn't add the context to the process manager, nor do cleanup
 func NewRequestContextForTest(parentCtx context.Context) context.Context {
-	return &requestContext{Context: parentCtx, dataStore: &requestDataStore{values: make(map[any]any)}}
+	return &requestContext{Context: parentCtx, RequestDataStore: &requestDataStore{values: make(map[any]any)}}
 }
diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index b673450f5a9d8..7529cadca4d51 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -264,22 +264,42 @@ func userThemeName(user *user_model.User) string {
 	return setting.UI.DefaultTheme
 }
 
+func isQueryParamEmpty(v any) bool {
+	return v == nil || v == false || v == 0 || v == int64(0) || v == ""
+}
+
 // QueryBuild builds a query string from a list of key-value pairs.
-// It omits the nil and empty strings, but it doesn't omit other zero values,
-// because the zero value of number types may have a meaning.
+// It omits the nil, false, zero int/int64 and empty string values,
+// because they are default empty values for "ctx.FormXxx" calls.
+// If 0 or false need to be included, use string values: "0" and "false".
+// Build rules:
+// * Even parameters: always build as query string: a=b&c=d
+// * Odd parameters:
+// * * {"/anything", param-pairs...} => "/?param-paris"
+// * * {"anything?old-params", new-param-pairs...} => "anything?old-params&new-param-paris"
+// * * Otherwise: {"old&params", new-param-pairs...} => "old&params&new-param-paris"
+// * * Other behaviors are undefined yet.
 func QueryBuild(a ...any) template.URL {
-	var s string
+	var reqPath, s string
+	hasTrailingSep := false
 	if len(a)%2 == 1 {
 		if v, ok := a[0].(string); ok {
-			if v == "" || (v[0] != '?' && v[0] != '&') {
-				panic("QueryBuild: invalid argument")
-			}
 			s = v
 		} else if v, ok := a[0].(template.URL); ok {
 			s = string(v)
 		} else {
 			panic("QueryBuild: invalid argument")
 		}
+		hasTrailingSep = s != "&" && strings.HasSuffix(s, "&")
+		if strings.HasPrefix(s, "/") || strings.Contains(s, "?") {
+			if s1, s2, ok := strings.Cut(s, "?"); ok {
+				reqPath = s1 + "?"
+				s = s2
+			} else {
+				reqPath += s + "?"
+				s = ""
+			}
+		}
 	}
 	for i := len(a) % 2; i < len(a); i += 2 {
 		k, ok := a[i].(string)
@@ -290,19 +310,16 @@ func QueryBuild(a ...any) template.URL {
 		if va, ok := a[i+1].(string); ok {
 			v = va
 		} else if a[i+1] != nil {
-			v = fmt.Sprint(a[i+1])
+			if !isQueryParamEmpty(a[i+1]) {
+				v = fmt.Sprint(a[i+1])
+			}
 		}
 		// pos1 to pos2 is the "k=v&" part, "&" is optional
 		pos1 := strings.Index(s, "&"+k+"=")
 		if pos1 != -1 {
 			pos1++
-		} else {
-			pos1 = strings.Index(s, "?"+k+"=")
-			if pos1 != -1 {
-				pos1++
-			} else if strings.HasPrefix(s, k+"=") {
-				pos1 = 0
-			}
+		} else if strings.HasPrefix(s, k+"=") {
+			pos1 = 0
 		}
 		pos2 := len(s)
 		if pos1 == -1 {
@@ -315,7 +332,7 @@ func QueryBuild(a ...any) template.URL {
 		}
 		if v != "" {
 			sep := ""
-			hasPrefixSep := pos1 == 0 || (pos1 <= len(s) && (s[pos1-1] == '?' || s[pos1-1] == '&'))
+			hasPrefixSep := pos1 == 0 || (pos1 <= len(s) && s[pos1-1] == '&')
 			if !hasPrefixSep {
 				sep = "&"
 			}
@@ -324,9 +341,22 @@ func QueryBuild(a ...any) template.URL {
 			s = s[:pos1] + s[pos2:]
 		}
 	}
-	if s != "" && s != "&" && s[len(s)-1] == '&' {
+	if s != "" && s[len(s)-1] == '&' && !hasTrailingSep {
 		s = s[:len(s)-1]
 	}
+	if reqPath != "" {
+		if s == "" {
+			s = reqPath
+			if s != "?" {
+				s = s[:len(s)-1]
+			}
+		} else {
+			if s[0] == '&' {
+				s = s[1:]
+			}
+			s = reqPath + s
+		}
+	}
 	return template.URL(s)
 }
 
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go
index a530d484bc4ee..e35e8a28f86ed 100644
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -118,3 +118,58 @@ func TestTemplateEscape(t *testing.T) {
 		assert.Equal(t, `<a k="&#34;">&lt;&gt;</a>`, actual)
 	})
 }
+
+func TestQueryBuild(t *testing.T) {
+	t.Run("construct", func(t *testing.T) {
+		assert.Equal(t, "", string(QueryBuild()))
+		assert.Equal(t, "", string(QueryBuild("a", nil, "b", false, "c", 0, "d", "")))
+		assert.Equal(t, "a=1&b=true", string(QueryBuild("a", 1, "b", "true")))
+
+		// path with query parameters
+		assert.Equal(t, "/?k=1", string(QueryBuild("/", "k", 1)))
+		assert.Equal(t, "/", string(QueryBuild("/?k=a", "k", 0)))
+
+		// no path but question mark with query parameters
+		assert.Equal(t, "?k=1", string(QueryBuild("?", "k", 1)))
+		assert.Equal(t, "?", string(QueryBuild("?", "k", 0)))
+		assert.Equal(t, "path?k=1", string(QueryBuild("path?", "k", 1)))
+		assert.Equal(t, "path", string(QueryBuild("path?", "k", 0)))
+
+		// only query parameters
+		assert.Equal(t, "&k=1", string(QueryBuild("&", "k", 1)))
+		assert.Equal(t, "", string(QueryBuild("&", "k", 0)))
+		assert.Equal(t, "", string(QueryBuild("&k=a", "k", 0)))
+		assert.Equal(t, "", string(QueryBuild("k=a&", "k", 0)))
+		assert.Equal(t, "a=1&b=2", string(QueryBuild("a=1", "b", 2)))
+		assert.Equal(t, "&a=1&b=2", string(QueryBuild("&a=1", "b", 2)))
+		assert.Equal(t, "a=1&b=2&", string(QueryBuild("a=1&", "b", 2)))
+	})
+
+	t.Run("replace", func(t *testing.T) {
+		assert.Equal(t, "a=1&c=d&e=f", string(QueryBuild("a=b&c=d&e=f", "a", 1)))
+		assert.Equal(t, "a=b&c=1&e=f", string(QueryBuild("a=b&c=d&e=f", "c", 1)))
+		assert.Equal(t, "a=b&c=d&e=1", string(QueryBuild("a=b&c=d&e=f", "e", 1)))
+		assert.Equal(t, "a=b&c=d&e=f&k=1", string(QueryBuild("a=b&c=d&e=f", "k", 1)))
+	})
+
+	t.Run("replace-&", func(t *testing.T) {
+		assert.Equal(t, "&a=1&c=d&e=f", string(QueryBuild("&a=b&c=d&e=f", "a", 1)))
+		assert.Equal(t, "&a=b&c=1&e=f", string(QueryBuild("&a=b&c=d&e=f", "c", 1)))
+		assert.Equal(t, "&a=b&c=d&e=1", string(QueryBuild("&a=b&c=d&e=f", "e", 1)))
+		assert.Equal(t, "&a=b&c=d&e=f&k=1", string(QueryBuild("&a=b&c=d&e=f", "k", 1)))
+	})
+
+	t.Run("delete", func(t *testing.T) {
+		assert.Equal(t, "c=d&e=f", string(QueryBuild("a=b&c=d&e=f", "a", "")))
+		assert.Equal(t, "a=b&e=f", string(QueryBuild("a=b&c=d&e=f", "c", "")))
+		assert.Equal(t, "a=b&c=d", string(QueryBuild("a=b&c=d&e=f", "e", "")))
+		assert.Equal(t, "a=b&c=d&e=f", string(QueryBuild("a=b&c=d&e=f", "k", "")))
+	})
+
+	t.Run("delete-&", func(t *testing.T) {
+		assert.Equal(t, "&c=d&e=f", string(QueryBuild("&a=b&c=d&e=f", "a", "")))
+		assert.Equal(t, "&a=b&e=f", string(QueryBuild("&a=b&c=d&e=f", "c", "")))
+		assert.Equal(t, "&a=b&c=d", string(QueryBuild("&a=b&c=d&e=f", "e", "")))
+		assert.Equal(t, "&a=b&c=d&e=f", string(QueryBuild("&a=b&c=d&e=f", "k", "")))
+	})
+}
diff --git a/modules/util/path.go b/modules/util/path.go
index 1272f5af2ee84..d4594947c9e9a 100644
--- a/modules/util/path.go
+++ b/modules/util/path.go
@@ -203,6 +203,7 @@ func statDir(dirPath, recPath string, includeDir, isDirOnly, followSymlinks bool
 //
 // Slice does not include given path itself.
 // If subdirectories is enabled, they will have suffix '/'.
+// FIXME: it doesn't like dot-files, for example: "owner/.profile.git"
 func StatDir(rootPath string, includeDir ...bool) ([]string, error) {
 	if isDir, err := IsDir(rootPath); err != nil {
 		return nil, err
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 16d894aa266d5..ef66e9ce45ec4 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1015,7 +1015,9 @@ new_repo_helper = A repository contains all project files, including revision hi
 owner = Owner
 owner_helper = Some organizations may not show up in the dropdown due to a maximum repository count limit.
 repo_name = Repository Name
-repo_name_helper = Good repository names use short, memorable and unique keywords.
+repo_name_profile_public_hint= .profile is a special repository that you can use to add README.md to your public organization profile, visible to anyone. Make sure it’s public and initialize it with a README in the profile directory to get started.
+repo_name_profile_private_hint = .profile-private is a special repository that you can use to add a README.md to your organization member profile, visible only to organization members. Make sure it’s private and initialize it with a README in the profile directory to get started.
+repo_name_helper = Good repository names use short, memorable and unique keywords. A repository named '.profile' or '.profile-private' could be used to add a README.md for the user/organization profile.
 repo_size = Repository Size
 template = Template
 template_select = Select a template.
@@ -2862,6 +2864,10 @@ teams.invite.title = You have been invited to join team <strong>%s</strong> in o
 teams.invite.by = Invited by %s
 teams.invite.description = Please click the button below to join the team.
 
+view_as_role = View as: %s
+view_as_public_hint = You are viewing the README a public user.
+view_as_member_hint = You are viewing the README a member of this organization.
+
 [admin]
 maintenance = Maintenance
 dashboard = Dashboard
diff --git a/routers/api/v1/repo/branch.go b/routers/api/v1/repo/branch.go
index 67dfda39a8138..2fcdd0205875a 100644
--- a/routers/api/v1/repo/branch.go
+++ b/routers/api/v1/repo/branch.go
@@ -729,7 +729,7 @@ func CreateBranchProtection(ctx *context.APIContext) {
 	} else {
 		if !isPlainRule {
 			if ctx.Repo.GitRepo == nil {
-				ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+				ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 				if err != nil {
 					ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
 					return
@@ -1057,7 +1057,7 @@ func EditBranchProtection(ctx *context.APIContext) {
 	} else {
 		if !isPlainRule {
 			if ctx.Repo.GitRepo == nil {
-				ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+				ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 				if err != nil {
 					ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
 					return
diff --git a/routers/api/v1/repo/compare.go b/routers/api/v1/repo/compare.go
index 87b890cb62b33..a1813a8a76540 100644
--- a/routers/api/v1/repo/compare.go
+++ b/routers/api/v1/repo/compare.go
@@ -45,7 +45,7 @@ func CompareDiff(ctx *context.APIContext) {
 
 	if ctx.Repo.GitRepo == nil {
 		var err error
-		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
 			return
diff --git a/routers/api/v1/repo/download.go b/routers/api/v1/repo/download.go
index eb967772edfa7..a8a23c4a8d425 100644
--- a/routers/api/v1/repo/download.go
+++ b/routers/api/v1/repo/download.go
@@ -29,7 +29,7 @@ func DownloadArchive(ctx *context.APIContext) {
 
 	if ctx.Repo.GitRepo == nil {
 		var err error
-		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
 			return
diff --git a/routers/api/v1/repo/file.go b/routers/api/v1/repo/file.go
index 8a4f78a3d770f..1ad55d225b826 100644
--- a/routers/api/v1/repo/file.go
+++ b/routers/api/v1/repo/file.go
@@ -282,7 +282,7 @@ func GetArchive(ctx *context.APIContext) {
 
 	if ctx.Repo.GitRepo == nil {
 		var err error
-		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
 			return
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index a192e241b7be0..ce09e7fc0f9bd 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -726,7 +726,7 @@ func updateBasicProperties(ctx *context.APIContext, opts api.EditRepoOption) err
 
 	if ctx.Repo.GitRepo == nil && !repo.IsEmpty {
 		var err error
-		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, repo)
+		ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, repo)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "Unable to OpenRepository", err)
 			return err
diff --git a/routers/private/internal_repo.go b/routers/private/internal_repo.go
index 8a53e1ed23723..e111d6689e0ab 100644
--- a/routers/private/internal_repo.go
+++ b/routers/private/internal_repo.go
@@ -27,7 +27,7 @@ func RepoAssignment(ctx *gitea_context.PrivateContext) {
 		return
 	}
 
-	gitRepo, err := gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, repo)
+	gitRepo, err := gitrepo.RepositoryFromRequestContextOrOpen(ctx, repo)
 	if err != nil {
 		log.Error("Failed to open repository: %s/%s Error: %v", ownerName, repoName, err)
 		ctx.JSON(http.StatusInternalServerError, private.Response{
diff --git a/routers/web/org/home.go b/routers/web/org/home.go
index deeb18ae7c2a1..277adb60ca0e7 100644
--- a/routers/web/org/home.go
+++ b/routers/web/org/home.go
@@ -12,6 +12,7 @@ import (
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/renderhelper"
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup/markdown"
 	"code.gitea.io/gitea/modules/setting"
@@ -21,9 +22,7 @@ import (
 	"code.gitea.io/gitea/services/context"
 )
 
-const (
-	tplOrgHome templates.TplName = "org/home"
-)
+const tplOrgHome templates.TplName = "org/home"
 
 // Home show organization home page
 func Home(ctx *context.Context) {
@@ -110,15 +109,19 @@ func home(ctx *context.Context, viewRepositories bool) {
 	ctx.Data["DisableNewPullMirrors"] = setting.Mirror.DisableNewPull
 	ctx.Data["ShowMemberAndTeamTab"] = ctx.Org.IsMember || len(members) > 0
 
-	if !prepareOrgProfileReadme(ctx, viewRepositories) {
-		ctx.Data["PageIsViewRepositories"] = true
+	prepareResult, err := shared_user.PrepareOrgHeader(ctx)
+	if err != nil {
+		ctx.ServerError("PrepareOrgHeader", err)
+		return
 	}
 
-	var (
-		repos []*repo_model.Repository
-		count int64
-	)
-	repos, count, err = repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
+	// if no profile readme, it still means "view repositories"
+	isViewOverview := !viewRepositories && prepareOrgProfileReadme(ctx, prepareResult)
+	ctx.Data["PageIsViewRepositories"] = !isViewOverview
+	ctx.Data["PageIsViewOverview"] = isViewOverview
+	ctx.Data["ShowOrgProfileReadmeSelector"] = isViewOverview && prepareResult.ProfilePublicReadmeBlob != nil && prepareResult.ProfilePrivateReadmeBlob != nil
+
+	repos, count, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{
 		ListOptions: db.ListOptions{
 			PageSize: setting.UI.User.RepoPagingNum,
 			Page:     page,
@@ -151,28 +154,45 @@ func home(ctx *context.Context, viewRepositories bool) {
 	ctx.HTML(http.StatusOK, tplOrgHome)
 }
 
-func prepareOrgProfileReadme(ctx *context.Context, viewRepositories bool) bool {
-	profileDbRepo, profileGitRepo, profileReadme, profileClose := shared_user.FindUserProfileReadme(ctx, ctx.Doer)
-	defer profileClose()
-	ctx.Data["HasProfileReadme"] = profileReadme != nil
-
-	if profileGitRepo == nil || profileReadme == nil || viewRepositories {
-		return false
-	}
+func prepareOrgProfileReadme(ctx *context.Context, prepareResult *shared_user.PrepareOrgHeaderResult) bool {
+	viewAs := ctx.FormString("view_as", util.Iif(ctx.Org.IsMember, "member", "public"))
+	viewAsMember := viewAs == "member"
 
-	if bytes, err := profileReadme.GetBlobContent(setting.UI.MaxDisplayFileSize); err != nil {
-		log.Error("failed to GetBlobContent: %v", err)
+	var profileRepo *repo_model.Repository
+	var readmeBlob *git.Blob
+	if viewAsMember {
+		if prepareResult.ProfilePrivateReadmeBlob != nil {
+			profileRepo, readmeBlob = prepareResult.ProfilePrivateRepo, prepareResult.ProfilePrivateReadmeBlob
+		} else {
+			profileRepo, readmeBlob = prepareResult.ProfilePublicRepo, prepareResult.ProfilePublicReadmeBlob
+			viewAsMember = false
+		}
 	} else {
-		rctx := renderhelper.NewRenderContextRepoFile(ctx, profileDbRepo, renderhelper.RepoFileOptions{
-			CurrentRefPath: path.Join("branch", util.PathEscapeSegments(profileDbRepo.DefaultBranch)),
-		})
-		if profileContent, err := markdown.RenderString(rctx, bytes); err != nil {
-			log.Error("failed to RenderString: %v", err)
+		if prepareResult.ProfilePublicReadmeBlob != nil {
+			profileRepo, readmeBlob = prepareResult.ProfilePublicRepo, prepareResult.ProfilePublicReadmeBlob
 		} else {
-			ctx.Data["ProfileReadme"] = profileContent
+			profileRepo, readmeBlob = prepareResult.ProfilePrivateRepo, prepareResult.ProfilePrivateReadmeBlob
+			viewAsMember = true
 		}
 	}
+	if readmeBlob == nil {
+		return false
+	}
+
+	readmeBytes, err := readmeBlob.GetBlobContent(setting.UI.MaxDisplayFileSize)
+	if err != nil {
+		log.Error("failed to GetBlobContent for profile %q (view as %q) readme: %v", profileRepo.FullName(), viewAs, err)
+		return false
+	}
 
-	ctx.Data["PageIsViewOverview"] = true
+	rctx := renderhelper.NewRenderContextRepoFile(ctx, profileRepo, renderhelper.RepoFileOptions{
+		CurrentRefPath: path.Join("branch", util.PathEscapeSegments(profileRepo.DefaultBranch)),
+	})
+	ctx.Data["ProfileReadmeContent"], err = markdown.RenderString(rctx, readmeBytes)
+	if err != nil {
+		log.Error("failed to GetBlobContent for profile %q (view as %q) readme: %v", profileRepo.FullName(), viewAs, err)
+		return false
+	}
+	ctx.Data["IsViewingOrgAsMember"] = viewAsMember
 	return true
 }
diff --git a/routers/web/org/members.go b/routers/web/org/members.go
index 5a134caecb0a2..1665a123025ed 100644
--- a/routers/web/org/members.go
+++ b/routers/web/org/members.go
@@ -54,9 +54,9 @@ func Members(ctx *context.Context) {
 		return
 	}
 
-	err = shared_user.RenderOrgHeader(ctx)
+	_, err = shared_user.PrepareOrgHeader(ctx)
 	if err != nil {
-		ctx.ServerError("RenderOrgHeader", err)
+		ctx.ServerError("PrepareOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/org/teams.go b/routers/web/org/teams.go
index 0137f2cc961f2..26031029d662f 100644
--- a/routers/web/org/teams.go
+++ b/routers/web/org/teams.go
@@ -58,9 +58,9 @@ func Teams(ctx *context.Context) {
 	}
 	ctx.Data["Teams"] = ctx.Org.Teams
 
-	err := shared_user.RenderOrgHeader(ctx)
+	_, err := shared_user.PrepareOrgHeader(ctx)
 	if err != nil {
-		ctx.ServerError("RenderOrgHeader", err)
+		ctx.ServerError("PrepareOrgHeader", err)
 		return
 	}
 
diff --git a/routers/web/shared/user/header.go b/routers/web/shared/user/header.go
index d388d2b5d9a6c..62b146c7f3200 100644
--- a/routers/web/shared/user/header.go
+++ b/routers/web/shared/user/header.go
@@ -20,6 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/markup/markdown"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
 )
 
@@ -102,37 +103,46 @@ func PrepareContextForProfileBigAvatar(ctx *context.Context) {
 	}
 }
 
-func FindUserProfileReadme(ctx *context.Context, doer *user_model.User) (profileDbRepo *repo_model.Repository, profileGitRepo *git.Repository, profileReadmeBlob *git.Blob, profileClose func()) {
-	profileDbRepo, err := repo_model.GetRepositoryByName(ctx, ctx.ContextUser.ID, ".profile")
-	if err == nil {
-		perm, err := access_model.GetUserRepoPermission(ctx, profileDbRepo, doer)
-		if err == nil && !profileDbRepo.IsEmpty && perm.CanRead(unit.TypeCode) {
-			if profileGitRepo, err = gitrepo.OpenRepository(ctx, profileDbRepo); err != nil {
-				log.Error("FindUserProfileReadme failed to OpenRepository: %v", err)
-			} else {
-				if commit, err := profileGitRepo.GetBranchCommit(profileDbRepo.DefaultBranch); err != nil {
-					log.Error("FindUserProfileReadme failed to GetBranchCommit: %v", err)
-				} else {
-					profileReadmeBlob, _ = commit.GetBlobByPath("README.md")
-				}
-			}
+func FindOwnerProfileReadme(ctx *context.Context, doer *user_model.User, optProfileRepoName ...string) (profileDbRepo *repo_model.Repository, profileReadmeBlob *git.Blob) {
+	profileRepoName := util.OptionalArg(optProfileRepoName, RepoNameProfile)
+	profileDbRepo, err := repo_model.GetRepositoryByName(ctx, ctx.ContextUser.ID, profileRepoName)
+	if err != nil {
+		if !repo_model.IsErrRepoNotExist(err) {
+			log.Error("FindOwnerProfileReadme failed to GetRepositoryByName: %v", err)
 		}
-	} else if !repo_model.IsErrRepoNotExist(err) {
-		log.Error("FindUserProfileReadme failed to GetRepositoryByName: %v", err)
+		return nil, nil
 	}
-	return profileDbRepo, profileGitRepo, profileReadmeBlob, func() {
-		if profileGitRepo != nil {
-			_ = profileGitRepo.Close()
-		}
+
+	perm, err := access_model.GetUserRepoPermission(ctx, profileDbRepo, doer)
+	if err != nil {
+		log.Error("FindOwnerProfileReadme failed to GetRepositoryByName: %v", err)
+		return nil, nil
+	}
+	if profileDbRepo.IsEmpty || !perm.CanRead(unit.TypeCode) {
+		return nil, nil
 	}
+
+	profileGitRepo, err := gitrepo.RepositoryFromRequestContextOrOpen(ctx, profileDbRepo)
+	if err != nil {
+		log.Error("FindOwnerProfileReadme failed to OpenRepository: %v", err)
+		return nil, nil
+	}
+
+	commit, err := profileGitRepo.GetBranchCommit(profileDbRepo.DefaultBranch)
+	if err != nil {
+		log.Error("FindOwnerProfileReadme failed to GetBranchCommit: %v", err)
+		return nil, nil
+	}
+
+	profileReadmeBlob, _ = commit.GetBlobByPath("README.md") // no need to handle this error
+	return profileDbRepo, profileReadmeBlob
 }
 
 func RenderUserHeader(ctx *context.Context) {
 	prepareContextForCommonProfile(ctx)
 
-	_, _, profileReadmeBlob, profileClose := FindUserProfileReadme(ctx, ctx.Doer)
-	defer profileClose()
-	ctx.Data["HasProfileReadme"] = profileReadmeBlob != nil
+	_, profileReadmeBlob := FindOwnerProfileReadme(ctx, ctx.Doer)
+	ctx.Data["HasUserProfileReadme"] = profileReadmeBlob != nil
 }
 
 func LoadHeaderCount(ctx *context.Context) error {
@@ -169,14 +179,28 @@ func LoadHeaderCount(ctx *context.Context) error {
 	return nil
 }
 
-func RenderOrgHeader(ctx *context.Context) error {
-	if err := LoadHeaderCount(ctx); err != nil {
-		return err
-	}
+const (
+	RepoNameProfilePrivate = ".profile-private"
+	RepoNameProfile        = ".profile"
+)
 
-	_, _, profileReadmeBlob, profileClose := FindUserProfileReadme(ctx, ctx.Doer)
-	defer profileClose()
-	ctx.Data["HasProfileReadme"] = profileReadmeBlob != nil
+type PrepareOrgHeaderResult struct {
+	ProfilePublicRepo        *repo_model.Repository
+	ProfilePublicReadmeBlob  *git.Blob
+	ProfilePrivateRepo       *repo_model.Repository
+	ProfilePrivateReadmeBlob *git.Blob
+	HasOrgProfileReadme      bool
+}
 
-	return nil
+func PrepareOrgHeader(ctx *context.Context) (result *PrepareOrgHeaderResult, err error) {
+	if err = LoadHeaderCount(ctx); err != nil {
+		return nil, err
+	}
+
+	result = &PrepareOrgHeaderResult{}
+	result.ProfilePublicRepo, result.ProfilePublicReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer)
+	result.ProfilePrivateRepo, result.ProfilePrivateReadmeBlob = FindOwnerProfileReadme(ctx, ctx.Doer, RepoNameProfilePrivate)
+	result.HasOrgProfileReadme = result.ProfilePublicReadmeBlob != nil || result.ProfilePrivateReadmeBlob != nil
+	ctx.Data["HasOrgProfileReadme"] = result.HasOrgProfileReadme // many pages need it to show the "overview" tab
+	return result, nil
 }
diff --git a/routers/web/user/profile.go b/routers/web/user/profile.go
index 9c014bffdb79b..006ffdcf7e095 100644
--- a/routers/web/user/profile.go
+++ b/routers/web/user/profile.go
@@ -74,8 +74,7 @@ func userProfile(ctx *context.Context) {
 		ctx.Data["HeatmapTotalContributions"] = activities_model.GetTotalContributionsInHeatmap(data)
 	}
 
-	profileDbRepo, _ /*profileGitRepo*/, profileReadmeBlob, profileClose := shared_user.FindUserProfileReadme(ctx, ctx.Doer)
-	defer profileClose()
+	profileDbRepo, profileReadmeBlob := shared_user.FindOwnerProfileReadme(ctx, ctx.Doer)
 
 	showPrivate := ctx.IsSigned && (ctx.Doer.IsAdmin || ctx.Doer.ID == ctx.ContextUser.ID)
 	prepareUserProfileTabData(ctx, showPrivate, profileDbRepo, profileReadmeBlob)
@@ -96,7 +95,7 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 		}
 	}
 	ctx.Data["TabName"] = tab
-	ctx.Data["HasProfileReadme"] = profileReadme != nil
+	ctx.Data["HasUserProfileReadme"] = profileReadme != nil
 
 	page := ctx.FormInt("page")
 	if page <= 0 {
@@ -254,7 +253,7 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 			if profileContent, err := markdown.RenderString(rctx, bytes); err != nil {
 				log.Error("failed to RenderString: %v", err)
 			} else {
-				ctx.Data["ProfileReadme"] = profileContent
+				ctx.Data["ProfileReadmeContent"] = profileContent
 			}
 		}
 	case "organizations":
diff --git a/services/context/api.go b/services/context/api.go
index 7b604c5ea15de..bda705cb48304 100644
--- a/services/context/api.go
+++ b/services/context/api.go
@@ -274,7 +274,7 @@ func ReferencesGitRepo(allowEmpty ...bool) func(ctx *APIContext) {
 		// For API calls.
 		if ctx.Repo.GitRepo == nil {
 			var err error
-			ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+			ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 			if err != nil {
 				ctx.Error(http.StatusInternalServerError, fmt.Sprintf("Open Repository %v failed", ctx.Repo.Repository.FullName()), err)
 				return
diff --git a/services/context/base_form.go b/services/context/base_form.go
index ddf9734f5777d..5b8cae9e998b8 100644
--- a/services/context/base_form.go
+++ b/services/context/base_form.go
@@ -8,11 +8,16 @@ import (
 	"strings"
 
 	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // FormString returns the first value matching the provided key in the form as a string
-func (b *Base) FormString(key string) string {
-	return b.Req.FormValue(key)
+func (b *Base) FormString(key string, def ...string) string {
+	s := b.Req.FormValue(key)
+	if s == "" {
+		s = util.OptionalArg(def)
+	}
+	return s
 }
 
 // FormStrings returns a string slice for the provided key from the form
diff --git a/services/context/repo.go b/services/context/repo.go
index b537a050362c5..2a473f4a5419e 100644
--- a/services/context/repo.go
+++ b/services/context/repo.go
@@ -622,7 +622,7 @@ func RepoAssignment(ctx *Context) {
 		ctx.Repo.GitRepo = nil
 	}
 
-	ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, repo)
+	ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, repo)
 	if err != nil {
 		if strings.Contains(err.Error(), "repository does not exist") || strings.Contains(err.Error(), "no such file or directory") {
 			log.Error("Repository %-v has a broken repository on the file system: %s Error: %v", ctx.Repo.Repository, ctx.Repo.Repository.RepoPath(), err)
@@ -881,7 +881,7 @@ func RepoRefByType(detectRefType RepoRefType, opts ...RepoRefByTypeOptions) func
 		)
 
 		if ctx.Repo.GitRepo == nil {
-			ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx, ctx.Repo.Repository)
+			ctx.Repo.GitRepo, err = gitrepo.RepositoryFromRequestContextOrOpen(ctx, ctx.Repo.Repository)
 			if err != nil {
 				ctx.ServerError(fmt.Sprintf("Open Repository %v failed", ctx.Repo.Repository.FullName()), err)
 				return
diff --git a/templates/org/home.tmpl b/templates/org/home.tmpl
index 4851b6997967b..db750692bff18 100644
--- a/templates/org/home.tmpl
+++ b/templates/org/home.tmpl
@@ -5,8 +5,8 @@
 	<div class="ui container">
 		<div class="ui mobile reversed stackable grid">
 			<div class="ui {{if .ShowMemberAndTeamTab}}eleven wide{{end}} column">
-				{{if .ProfileReadme}}
-					<div id="readme_profile" class="markup">{{.ProfileReadme}}</div>
+				{{if .ProfileReadmeContent}}
+					<div id="readme_profile" class="markup" data-profile-view-as-member="{{.IsViewingOrgAsMember}}">{{.ProfileReadmeContent}}</div>
 				{{end}}
 				{{template "shared/repo_search" .}}
 				{{template "explore/repo_list" .}}
@@ -24,6 +24,29 @@
 					</div>
 					<div class="divider"></div>
 				{{end}}
+
+				{{if and .ShowMemberAndTeamTab .ShowOrgProfileReadmeSelector}}
+				<div class="tw-my-4">
+					<div id="org-home-view-as-dropdown" class="ui dropdown jump">
+						{{- $viewAsRole := Iif (.IsViewingOrgAsMember) (ctx.Locale.Tr "org.members.member") (ctx.Locale.Tr "settings.visibility.public") -}}
+						<span class="text">{{svg "octicon-eye"}} {{ctx.Locale.Tr "org.view_as_role" $viewAsRole}}</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							{{/* TODO: does it really need to use CurrentURL with query parameters? Why not construct a new link with clear parameters */}}
+							<a href="?view_as=public" class="item {{if not .IsViewingOrgAsMember}}selected{{end}}">
+								{{svg "octicon-check" 14 (Iif (not .IsViewingOrgAsMember) "" "tw-invisible")}} {{ctx.Locale.Tr "settings.visibility.public"}}
+							</a>
+							<a href="?view_as=member" class="item {{if .IsViewingOrgAsMember}}selected{{end}}">
+								{{svg "octicon-check" 14 (Iif .IsViewingOrgAsMember "" "tw-invisible")}}  {{ctx.Locale.Tr "org.members.member"}}
+							</a>
+						</div>
+					</div>
+					<div class="tw-my-2">
+						{{if .IsViewingOrgAsMember}}{{ctx.Locale.Tr "org.view_as_member_hint"}}{{else}}{{ctx.Locale.Tr "org.view_as_public_hint"}}{{end}}
+					</div>
+				</div>
+				{{end}}
+
 				{{if .NumMembers}}
 					<h4 class="ui top attached header tw-flex">
 						<strong class="tw-flex-1">{{ctx.Locale.Tr "org.members"}}</strong>
diff --git a/templates/org/menu.tmpl b/templates/org/menu.tmpl
index 29238f8d6bb9a..4a8aee68a7d37 100644
--- a/templates/org/menu.tmpl
+++ b/templates/org/menu.tmpl
@@ -1,12 +1,12 @@
 <div class="ui container">
 	<overflow-menu class="ui secondary pointing tabular borderless menu tw-mb-4">
 		<div class="overflow-menu-items">
-			{{if .HasProfileReadme}}
+			{{if .HasOrgProfileReadme}}
 				<a class="{{if .PageIsViewOverview}}active {{end}}item" href="{{$.Org.HomeLink}}">
 					{{svg "octicon-info"}} {{ctx.Locale.Tr "user.overview"}}
 				</a>
 			{{end}}
-			<a class="{{if .PageIsViewRepositories}}active {{end}}item" href="{{$.Org.HomeLink}}{{if .HasProfileReadme}}/-/repositories{{end}}">
+			<a class="{{if .PageIsViewRepositories}}active {{end}}item" href="{{$.Org.HomeLink}}{{if .HasOrgProfileReadme}}/-/repositories{{end}}">
 				{{svg "octicon-repo"}} {{ctx.Locale.Tr "user.repositories"}}
 				{{if .RepoCount}}
 					<div class="ui small label">{{.RepoCount}}</div>
diff --git a/templates/repo/create.tmpl b/templates/repo/create.tmpl
index 2e1de244ea19c..78eb2f704a210 100644
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@@ -1,8 +1,8 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content repository new repo">
+<div role="main" aria-label="{{.Title}}" class="page-content repository new-repo">
 	<div class="ui middle very relaxed page one column grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
+			<form class="ui form new-repo-form" action="{{.Link}}" method="post">
 				{{.CsrfTokenHtml}}
 				<h3 class="ui top attached header">
 					{{ctx.Locale.Tr "new_repo"}}
@@ -44,8 +44,11 @@
 					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
 						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
 						<input id="repo_name" name="repo_name" value="{{.repo_name}}" autofocus required maxlength="100">
-						<span class="help">{{ctx.Locale.Tr "repo.repo_name_helper"}}</span>
+						<span class="help" data-help-for-repo-name>{{ctx.Locale.Tr "repo.repo_name_helper"}}</span>
+						<span class="help tw-hidden" data-help-for-repo-name=".profile">{{ctx.Locale.Tr "repo.repo_name_profile_public_hint"}}</span>
+						<span class="help tw-hidden" data-help-for-repo-name=".profile-private">{{ctx.Locale.Tr "repo.repo_name_profile_private_hint"}}</span>
 					</div>
+
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
 						<div class="ui checkbox">
diff --git a/templates/user/overview/header.tmpl b/templates/user/overview/header.tmpl
index 275c4e295e447..f4664c704dcc8 100644
--- a/templates/user/overview/header.tmpl
+++ b/templates/user/overview/header.tmpl
@@ -1,6 +1,6 @@
 <overflow-menu class="ui secondary pointing tabular borderless menu">
 	<div class="overflow-menu-items">
-		{{if and .HasProfileReadme .ContextUser.IsIndividual}}
+		{{if and .HasUserProfileReadme .ContextUser.IsIndividual}}
 		<a class="{{if eq .TabName "overview"}}active {{end}}item" href="{{.ContextUser.HomeLink}}?tab=overview">
 			{{svg "octicon-info"}} {{ctx.Locale.Tr "user.overview"}}
 		</a>
diff --git a/tests/integration/org_profile_test.go b/tests/integration/org_profile_test.go
new file mode 100644
index 0000000000000..73cafd85c2b32
--- /dev/null
+++ b/tests/integration/org_profile_test.go
@@ -0,0 +1,132 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package integration
+
+import (
+	"encoding/base64"
+	"fmt"
+	"net/http"
+	"net/url"
+	"testing"
+	"time"
+
+	auth_model "code.gitea.io/gitea/models/auth"
+	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/routers/web/shared/user"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func getCreateProfileReadmeFileOptions(content string) api.CreateFileOptions {
+	contentEncoded := base64.StdEncoding.EncodeToString([]byte(content))
+	return api.CreateFileOptions{
+		FileOptions: api.FileOptions{
+			BranchName:    "main",
+			NewBranchName: "main",
+			Message:       "create the profile README.md",
+			Dates: api.CommitDateOptions{
+				Author:    time.Unix(946684810, 0),
+				Committer: time.Unix(978307190, 0),
+			},
+		},
+		ContentBase64: contentEncoded,
+	}
+}
+
+func createTestProfile(t *testing.T, orgName, profileRepoName, readmeContent string) {
+	isPrivate := profileRepoName == user.RepoNameProfilePrivate
+
+	ctx := NewAPITestContext(t, "user1", profileRepoName, auth_model.AccessTokenScopeAll)
+	session := loginUser(t, "user1")
+	tokenAdmin := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeAll)
+
+	// create repo
+	doAPICreateOrganizationRepository(ctx, orgName, &api.CreateRepoOption{Name: profileRepoName, Private: isPrivate})(t)
+
+	// create readme
+	createFileOptions := getCreateProfileReadmeFileOptions(readmeContent)
+	req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/api/v1/repos/%s/%s/contents/%s", orgName, profileRepoName, "README.md"), &createFileOptions).
+		AddTokenAuth(tokenAdmin)
+	MakeRequest(t, req, http.StatusCreated)
+}
+
+func TestOrgProfile(t *testing.T) {
+	onGiteaRun(t, testOrgProfile)
+}
+
+func testOrgProfile(t *testing.T, u *url.URL) {
+	const contentPublicReadme = "Public Readme Content"
+	const contentPrivateReadme = "Private Readme Content"
+	// HTML: "#org-home-view-as-dropdown" (indicate whether the view as dropdown menu is present)
+
+	// PART 1: Test Both Private and Public
+	createTestProfile(t, "org3", user.RepoNameProfile, contentPublicReadme)
+	createTestProfile(t, "org3", user.RepoNameProfilePrivate, contentPrivateReadme)
+
+	// Anonymous User
+	req := NewRequest(t, "GET", "org3")
+	resp := MakeRequest(t, req, http.StatusOK)
+	bodyString := util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPublicReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	// Logged in but not member
+	session := loginUser(t, "user24")
+	req = NewRequest(t, "GET", "org3")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPublicReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	// Site Admin
+	session = loginUser(t, "user1")
+	req = NewRequest(t, "GET", "/org3")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPrivateReadme) // as an org member, default to show the private profile
+	assert.Contains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	req = NewRequest(t, "GET", "/org3?view_as=member")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPrivateReadme)
+	assert.Contains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	req = NewRequest(t, "GET", "/org3?view_as=public")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPublicReadme)
+	assert.Contains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	// PART 2: Each org has either one of private pr public profile
+	createTestProfile(t, "org41", user.RepoNameProfile, contentPublicReadme)
+	createTestProfile(t, "org42", user.RepoNameProfilePrivate, contentPrivateReadme)
+
+	// Anonymous User
+	req = NewRequest(t, "GET", "/org41")
+	resp = MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPublicReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	req = NewRequest(t, "GET", "/org42")
+	resp = MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.NotContains(t, bodyString, contentPrivateReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	// Site Admin
+	req = NewRequest(t, "GET", "/org41")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPublicReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+
+	req = NewRequest(t, "GET", "/org42")
+	resp = session.MakeRequest(t, req, http.StatusOK)
+	bodyString = util.UnsafeBytesToString(resp.Body.Bytes())
+	assert.Contains(t, bodyString, contentPrivateReadme)
+	assert.NotContains(t, bodyString, `id="org-home-view-as-dropdown"`)
+}
diff --git a/web_src/css/form.css b/web_src/css/form.css
index 5dd5e05bec7f0..a92ba354b41a4 100644
--- a/web_src/css/form.css
+++ b/web_src/css/form.css
@@ -325,50 +325,50 @@ textarea:focus,
   margin: 0;
 }
 
-.repository.new.repo form,
+.repository.new-repo form,
 .repository.new.migrate form,
 .repository.new.fork form {
   margin: auto;
 }
 
-.repository.new.repo form .ui.message,
+.repository.new-repo form .ui.message,
 .repository.new.migrate form .ui.message,
 .repository.new.fork form .ui.message {
   text-align: center;
 }
 
 @media (min-width: 768px) {
-  .repository.new.repo form,
+  .repository.new-repo form,
   .repository.new.migrate form,
   .repository.new.fork form {
     width: 800px !important;
   }
-  .repository.new.repo form .header,
+  .repository.new-repo form .header,
   .repository.new.migrate form .header,
   .repository.new.fork form .header {
     padding-left: 280px !important;
   }
-  .repository.new.repo form .inline.field > label,
+  .repository.new-repo form .inline.field > label,
   .repository.new.migrate form .inline.field > label,
   .repository.new.fork form .inline.field > label {
     text-align: right;
     width: 250px !important;
     word-wrap: break-word;
   }
-  .repository.new.repo form .help,
+  .repository.new-repo form .help,
   .repository.new.migrate form .help,
   .repository.new.fork form .help {
     margin-left: 265px !important;
   }
-  .repository.new.repo form .optional .title,
+  .repository.new-repo form .optional .title,
   .repository.new.migrate form .optional .title,
   .repository.new.fork form .optional .title {
     margin-left: 250px !important;
   }
-  .repository.new.repo form .inline.field > input,
+  .repository.new-repo form .inline.field > input,
   .repository.new.migrate form .inline.field > input,
   .repository.new.fork form .inline.field > input,
-  .repository.new.repo form .inline.field > textarea,
+  .repository.new-repo form .inline.field > textarea,
   .repository.new.migrate form .inline.field > textarea,
   .repository.new.fork form .inline.field > textarea {
     width: 50%;
@@ -376,32 +376,32 @@ textarea:focus,
 }
 
 @media (max-width: 767.98px) {
-  .repository.new.repo form .optional .title,
+  .repository.new-repo form .optional .title,
   .repository.new.migrate form .optional .title,
   .repository.new.fork form .optional .title {
     margin-left: 15px;
   }
-  .repository.new.repo form .inline.field > label,
+  .repository.new-repo form .inline.field > label,
   .repository.new.migrate form .inline.field > label,
   .repository.new.fork form .inline.field > label {
     display: block;
   }
 }
 
-.repository.new.repo form .dropdown .text,
+.repository.new-repo form .dropdown .text,
 .repository.new.migrate form .dropdown .text,
 .repository.new.fork form .dropdown .text {
   margin-right: 0 !important;
 }
 
-.repository.new.repo form .header,
+.repository.new-repo form .header,
 .repository.new.migrate form .header,
 .repository.new.fork form .header {
   padding-left: 0 !important;
   text-align: center;
 }
 
-.repository.new.repo form .selection.dropdown,
+.repository.new-repo form .selection.dropdown,
 .repository.new.migrate form .selection.dropdown,
 .repository.new.fork form .selection.dropdown,
 .repository.new.fork form .field a {
@@ -410,22 +410,22 @@ textarea:focus,
 }
 
 @media (max-width: 767.98px) {
-  .repository.new.repo form label,
+  .repository.new-repo form label,
   .repository.new.migrate form label,
   .repository.new.fork form label,
-  .repository.new.repo form .inline.field > input,
+  .repository.new-repo form .inline.field > input,
   .repository.new.migrate form .inline.field > input,
   .repository.new.fork form .inline.field > input,
   .repository.new.fork form .field a,
-  .repository.new.repo form .selection.dropdown,
+  .repository.new-repo form .selection.dropdown,
   .repository.new.migrate form .selection.dropdown,
   .repository.new.fork form .selection.dropdown {
     width: 100% !important;
   }
-  .repository.new.repo form .field button,
+  .repository.new-repo form .field button,
   .repository.new.migrate form .field button,
   .repository.new.fork form .field button,
-  .repository.new.repo form .field a,
+  .repository.new-repo form .field a,
   .repository.new.migrate form .field a {
     margin-bottom: 1em;
     width: 100%;
@@ -433,17 +433,17 @@ textarea:focus,
 }
 
 @media (min-width: 768px) {
-  .repository.new.repo .ui.form #auto-init {
+  .repository.new-repo .ui.form #auto-init {
     margin-left: 265px !important;
   }
 }
 
-.repository.new.repo .ui.form .selection.dropdown:not(.owner) {
+.repository.new-repo .ui.form .selection.dropdown:not(.owner) {
   width: 50% !important;
 }
 
 @media (max-width: 767.98px) {
-  .repository.new.repo .ui.form .selection.dropdown:not(.owner) {
+  .repository.new-repo .ui.form .selection.dropdown:not(.owner) {
     width: 100% !important;
   }
 }
diff --git a/web_src/js/features/repo-new.ts b/web_src/js/features/repo-new.ts
index 436288325ae50..ec44a14ce02ab 100644
--- a/web_src/js/features/repo-new.ts
+++ b/web_src/js/features/repo-new.ts
@@ -1,14 +1,34 @@
-import $ from 'jquery';
+import {hideElem, showElem} from '../utils/dom.ts';
 
 export function initRepoNew() {
-  // Repo Creation
-  if ($('.repository.new.repo').length > 0) {
-    $('input[name="gitignores"], input[name="license"]').on('change', () => {
-      const gitignores = $('input[name="gitignores"]').val();
-      const license = $('input[name="license"]').val();
-      if (gitignores || license) {
-        document.querySelector<HTMLInputElement>('input[name="auto_init"]').checked = true;
-      }
-    });
-  }
+  const pageContent = document.querySelector('.page-content.repository.new-repo');
+  if (!pageContent) return;
+
+  const form = document.querySelector('.new-repo-form');
+  const inputGitIgnores = form.querySelector<HTMLInputElement>('input[name="gitignores"]');
+  const inputLicense = form.querySelector<HTMLInputElement>('input[name="license"]');
+  const inputAutoInit = form.querySelector<HTMLInputElement>('input[name="auto_init"]');
+  const updateUiAutoInit = () => {
+    inputAutoInit.checked = Boolean(inputGitIgnores.value || inputLicense.value);
+  };
+  form.addEventListener('change', updateUiAutoInit);
+  updateUiAutoInit();
+
+  const inputRepoName = form.querySelector<HTMLInputElement>('input[name="repo_name"]');
+  const inputPrivate = form.querySelector<HTMLInputElement>('input[name="private"]');
+  const updateUiRepoName = () => {
+    const helps = form.querySelectorAll(`.help[data-help-for-repo-name]`);
+    hideElem(helps);
+    let help = form.querySelector(`.help[data-help-for-repo-name="${CSS.escape(inputRepoName.value)}"]`);
+    if (!help) help = form.querySelector(`.help[data-help-for-repo-name=""]`);
+    showElem(help);
+    const repoNamePreferPrivate = {'.profile': false, '.profile-private': true};
+    const preferPrivate = repoNamePreferPrivate[inputRepoName.value];
+    // inputPrivate might be disabled because site admin "force private"
+    if (preferPrivate !== undefined && !inputPrivate.closest('.disabled, [disabled]')) {
+      inputPrivate.checked = preferPrivate;
+    }
+  };
+  inputRepoName.addEventListener('input', updateUiRepoName);
+  updateUiRepoName();
 }

From 54bd2205203c26fb55eacc3a987c5dff7f96aa61 Mon Sep 17 00:00:00 2001
From: Kerwin Bryant <kerwin612@qq.com>
Date: Tue, 31 Dec 2024 12:49:26 +0800
Subject: [PATCH 02/55] Optimize the installation page (#32994)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 options/locale/locale_en-US.ini |  1 +
 templates/post-install.tmpl     | 25 ++++++-------------------
 2 files changed, 7 insertions(+), 19 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index ef66e9ce45ec4..4050ed1a15dba 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -244,6 +244,7 @@ license_desc = Go get <a target="_blank" rel="noopener noreferrer" href="%[1]s">
 
 [install]
 install = Installation
+installing_desc = Installing now, please wait...
 title = Initial Configuration
 docker_helper = If you run Gitea inside Docker, please read the <a target="_blank" rel="noopener noreferrer" href="%s">documentation</a> before changing any settings.
 require_db_desc = Gitea requires MySQL, PostgreSQL, MSSQL, SQLite3 or TiDB (MySQL protocol).
diff --git a/templates/post-install.tmpl b/templates/post-install.tmpl
index fb234008fb4ee..fa10827295466 100644
--- a/templates/post-install.tmpl
+++ b/templates/post-install.tmpl
@@ -1,23 +1,10 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content install post-install">
-	<div class="ui container">
-		<div class="ui grid">
-			<div class="sixteen wide column content">
-				<div class="home">
-					<div class="ui stackable middle very relaxed page grid">
-						<div class="sixteen wide center aligned centered column">
-							<div>
-								<img src="{{AssetUrlPrefix}}/img/loading.png" alt="{{ctx.Locale.Tr "loading"}}">
-							</div>
-						</div>
-					</div>
-					<div class="ui stackable middle very relaxed page grid">
-						<div class="sixteen wide center aligned centered column">
-							<p><a id="goto-user-login" href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "loading"}}</a></p>
-						</div>
-					</div>
-				</div>
-			</div>
+<div role="main" aria-label="{{.Title}}" class="page-content install post-install tw-h-full">
+	<div class="home tw-text-center tw-h-full tw-flex tw-flex-col tw-justify-center"><!-- the "home" class makes the links green -->
+		<!-- the "cup" has a handler, so move it a little leftward to make it visually in the center -->
+		<div class="tw-ml-[-30px]"><img width="160" src="{{AssetUrlPrefix}}/img/loading.png" alt="" aria-hidden="true"></div>
+		<div class="tw-my-[2em] tw-text-[18px]">
+			<a id="goto-user-login" href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "install.installing_desc"}}</a>
 		</div>
 	</div>
 </div>

From e5c576e92b0fb10077fc3c0c21a101e2e47881f9 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 31 Dec 2024 13:30:52 +0800
Subject: [PATCH 03/55] Refactor maven package registry (#33049)

Close #33036
---
 models/packages/package.go                   |  12 +++
 modules/web/router_test.go                   |   5 +
 routers/api/packages/api.go                  |   2 -
 routers/api/packages/maven/maven.go          |  76 +++++++++----
 tests/integration/api_packages_maven_test.go | 108 ++++++++++++-------
 5 files changed, 143 insertions(+), 60 deletions(-)

diff --git a/models/packages/package.go b/models/packages/package.go
index c12f345f0e272..31e1277a6e37b 100644
--- a/models/packages/package.go
+++ b/models/packages/package.go
@@ -248,6 +248,18 @@ func GetPackageByID(ctx context.Context, packageID int64) (*Package, error) {
 	return p, nil
 }
 
+// UpdatePackageNameByID updates the package's name, it is only for internal usage, for example: rename some legacy packages
+func UpdatePackageNameByID(ctx context.Context, ownerID int64, packageType Type, packageID int64, name string) error {
+	var cond builder.Cond = builder.Eq{
+		"package.id":          packageID,
+		"package.owner_id":    ownerID,
+		"package.type":        packageType,
+		"package.is_internal": false,
+	}
+	_, err := db.GetEngine(ctx).Where(cond).Update(&Package{Name: name, LowerName: strings.ToLower(name)})
+	return err
+}
+
 // GetPackageByName gets a package by name
 func GetPackageByName(ctx context.Context, ownerID int64, packageType Type, name string) (*Package, error) {
 	var cond builder.Cond = builder.Eq{
diff --git a/modules/web/router_test.go b/modules/web/router_test.go
index bdcf623b951b6..582980a27ae87 100644
--- a/modules/web/router_test.go
+++ b/modules/web/router_test.go
@@ -183,6 +183,11 @@ func TestRouter(t *testing.T) {
 			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1/d2/fn", "dir": "d1/d2", "file": "fn"},
 			handlerMark: "match-path",
 		})
+		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1%2fd2/fn", resultStruct{
+			method:      "GET",
+			pathParams:  map[string]string{"username": "the-user", "reponame": "the-repo", "*": "d1%2fd2/fn", "dir": "d1%2fd2", "file": "fn"},
+			handlerMark: "match-path",
+		})
 		testRoute(t, "GET /api/v1/repos/the-user/the-repo/branches/d1/d2/000", resultStruct{
 			method:      "GET",
 			pathParams:  map[string]string{"reponame": "the-repo", "username": "the-user", "*": "d1/d2/000"},
diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go
index 8c06836ff80c2..5b035fbb7114f 100644
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@@ -430,8 +430,6 @@ func CommonRoutes() *web.Router {
 			r.Post("/api/charts", reqPackageAccess(perm.AccessModeWrite), helm.UploadPackage)
 		}, reqPackageAccess(perm.AccessModeRead))
 		r.Group("/maven", func() {
-			// FIXME: this path design is not right.
-			// It should be `/.../{groupId}/{artifactId}/{version}`, but not `/.../{groupId}-{artifactId}/{version}`
 			r.Put("/*", reqPackageAccess(perm.AccessModeWrite), maven.UploadPackageFile)
 			r.Get("/*", maven.DownloadPackageFile)
 			r.Head("/*", maven.ProvidePackageFileHeader)
diff --git a/routers/api/packages/maven/maven.go b/routers/api/packages/maven/maven.go
index 9474b17bc79d1..4d04d4d1e9f32 100644
--- a/routers/api/packages/maven/maven.go
+++ b/routers/api/packages/maven/maven.go
@@ -13,7 +13,7 @@ import (
 	"errors"
 	"io"
 	"net/http"
-	"path/filepath"
+	"path"
 	"regexp"
 	"sort"
 	"strconv"
@@ -25,6 +25,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	packages_module "code.gitea.io/gitea/modules/packages"
 	maven_module "code.gitea.io/gitea/modules/packages/maven"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/routers/api/packages/helper"
 	"code.gitea.io/gitea/services/context"
 	packages_service "code.gitea.io/gitea/services/packages"
@@ -44,7 +45,7 @@ const (
 
 var (
 	errInvalidParameters = errors.New("request parameters are invalid")
-	illegalCharacters    = regexp.MustCompile(`[\\/:"<>|?\*]`)
+	illegalCharacters    = regexp.MustCompile(`[\\/:"<>|?*]`)
 )
 
 func apiError(ctx *context.Context, status int, obj any) {
@@ -85,8 +86,10 @@ func handlePackageFile(ctx *context.Context, serveContent bool) {
 func serveMavenMetadata(ctx *context.Context, params parameters) {
 	// /com/foo/project/maven-metadata.xml[.md5/.sha1/.sha256/.sha512]
 
-	packageName := params.GroupID + "-" + params.ArtifactID
-	pvs, err := packages_model.GetVersionsByPackageName(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, packageName)
+	pvs, err := packages_model.GetVersionsByPackageName(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, params.toInternalPackageName())
+	if errors.Is(err, util.ErrNotExist) {
+		pvs, err = packages_model.GetVersionsByPackageName(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, params.toInternalPackageNameLegacy())
+	}
 	if err != nil {
 		apiError(ctx, http.StatusInternalServerError, err)
 		return
@@ -116,10 +119,10 @@ func serveMavenMetadata(ctx *context.Context, params parameters) {
 
 	latest := pds[len(pds)-1]
 	// http.TimeFormat required a UTC time, refer to https://pkg.go.dev/net/http#TimeFormat
-	lastModifed := latest.Version.CreatedUnix.AsTime().UTC().Format(http.TimeFormat)
-	ctx.Resp.Header().Set("Last-Modified", lastModifed)
+	lastModified := latest.Version.CreatedUnix.AsTime().UTC().Format(http.TimeFormat)
+	ctx.Resp.Header().Set("Last-Modified", lastModified)
 
-	ext := strings.ToLower(filepath.Ext(params.Filename))
+	ext := strings.ToLower(path.Ext(params.Filename))
 	if isChecksumExtension(ext) {
 		var hash []byte
 		switch ext {
@@ -147,11 +150,12 @@ func serveMavenMetadata(ctx *context.Context, params parameters) {
 }
 
 func servePackageFile(ctx *context.Context, params parameters, serveContent bool) {
-	packageName := params.GroupID + "-" + params.ArtifactID
-
-	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, packageName, params.Version)
+	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, params.toInternalPackageName(), params.Version)
+	if errors.Is(err, util.ErrNotExist) {
+		pv, err = packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, params.toInternalPackageNameLegacy(), params.Version)
+	}
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -161,14 +165,14 @@ func servePackageFile(ctx *context.Context, params parameters, serveContent bool
 
 	filename := params.Filename
 
-	ext := strings.ToLower(filepath.Ext(filename))
+	ext := strings.ToLower(path.Ext(filename))
 	if isChecksumExtension(ext) {
 		filename = filename[:len(filename)-len(ext)]
 	}
 
 	pf, err := packages_model.GetFileForVersionByName(ctx, pv.ID, filename, packages_model.EmptyFileKey)
 	if err != nil {
-		if err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -238,15 +242,17 @@ func UploadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	log.Trace("Parameters: %+v", params)
-
 	// Ignore the package index /<name>/maven-metadata.xml
 	if params.IsMeta && params.Version == "" {
 		ctx.Status(http.StatusOK)
 		return
 	}
 
-	packageName := params.GroupID + "-" + params.ArtifactID
+	packageName := params.toInternalPackageName()
+	if ctx.FormBool("use_legacy_package_name") {
+		// for testing purpose only
+		packageName = params.toInternalPackageNameLegacy()
+	}
 
 	// for the same package, only one upload at a time
 	releaser, err := globallock.Lock(ctx, mavenPkgNameKey(packageName))
@@ -274,13 +280,26 @@ func UploadPackageFile(ctx *context.Context) {
 		Creator:          ctx.Doer,
 	}
 
-	ext := filepath.Ext(params.Filename)
+	// old maven package uses "groupId-artifactId" as package name, so we need to update to the new format "groupId:artifactId"
+	legacyPackage, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, params.toInternalPackageNameLegacy())
+	if err != nil && !errors.Is(err, packages_model.ErrPackageNotExist) {
+		apiError(ctx, http.StatusInternalServerError, err)
+		return
+	} else if legacyPackage != nil {
+		err = packages_model.UpdatePackageNameByID(ctx, ctx.Package.Owner.ID, packages_model.TypeMaven, legacyPackage.ID, packageName)
+		if err != nil {
+			apiError(ctx, http.StatusInternalServerError, err)
+			return
+		}
+	}
+
+	ext := path.Ext(params.Filename)
 
 	// Do not upload checksum files but compare the hashes.
 	if isChecksumExtension(ext) {
 		pv, err := packages_model.GetVersionByNameAndVersion(ctx, pvci.Owner.ID, pvci.PackageType, pvci.Name, pvci.Version)
 		if err != nil {
-			if err == packages_model.ErrPackageNotExist {
+			if errors.Is(err, packages_model.ErrPackageNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 				return
 			}
@@ -289,7 +308,7 @@ func UploadPackageFile(ctx *context.Context) {
 		}
 		pf, err := packages_model.GetFileForVersionByName(ctx, pv.ID, params.Filename[:len(params.Filename)-len(ext)], packages_model.EmptyFileKey)
 		if err != nil {
-			if err == packages_model.ErrPackageFileNotExist {
+			if errors.Is(err, packages_model.ErrPackageFileNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 				return
 			}
@@ -343,7 +362,7 @@ func UploadPackageFile(ctx *context.Context) {
 
 		if pvci.Metadata != nil {
 			pv, err := packages_model.GetVersionByNameAndVersion(ctx, pvci.Owner.ID, pvci.PackageType, pvci.Name, pvci.Version)
-			if err != nil && err != packages_model.ErrPackageNotExist {
+			if err != nil && !errors.Is(err, packages_model.ErrPackageNotExist) {
 				apiError(ctx, http.StatusInternalServerError, err)
 				return
 			}
@@ -399,9 +418,26 @@ type parameters struct {
 	IsMeta     bool
 }
 
+func (p *parameters) toInternalPackageName() string {
+	// there cuold be 2 choices: "/" or ":"
+	// Maven says: "groupId:artifactId:version" in their document: https://maven.apache.org/pom.html#Maven_Coordinates
+	// but it would be slightly ugly in URL: "/-/packages/maven/group-id%3Aartifact-id"
+	return p.GroupID + ":" + p.ArtifactID
+}
+
+func (p *parameters) toInternalPackageNameLegacy() string {
+	return p.GroupID + "-" + p.ArtifactID
+}
+
 func extractPathParameters(ctx *context.Context) (parameters, error) {
 	parts := strings.Split(ctx.PathParam("*"), "/")
 
+	// formats:
+	// * /com/group/id/artifactId/maven-metadata.xml[.md5|.sha1|.sha256|.sha512]
+	// * /com/group/id/artifactId/version-SNAPSHOT/maven-metadata.xml[.md5|.sha1|.sha256|.sha512]
+	// * /com/group/id/artifactId/version/any-file
+	// * /com/group/id/artifactId/version-SNAPSHOT/any-file
+
 	p := parameters{
 		Filename: parts[len(parts)-1],
 	}
diff --git a/tests/integration/api_packages_maven_test.go b/tests/integration/api_packages_maven_test.go
index e54238858c2ea..486a5af93e17b 100644
--- a/tests/integration/api_packages_maven_test.go
+++ b/tests/integration/api_packages_maven_test.go
@@ -6,6 +6,7 @@ package integration
 import (
 	"fmt"
 	"net/http"
+	"net/url"
 	"strconv"
 	"strings"
 	"sync"
@@ -20,6 +21,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestPackageMaven(t *testing.T) {
@@ -29,16 +31,14 @@ func TestPackageMaven(t *testing.T) {
 
 	groupID := "com.gitea"
 	artifactID := "test-project"
-	packageName := groupID + "-" + artifactID
 	packageVersion := "1.0.1"
 	packageDescription := "Test Description"
 
-	root := fmt.Sprintf("/api/packages/%s/maven/%s/%s", user.Name, strings.ReplaceAll(groupID, ".", "/"), artifactID)
-	filename := fmt.Sprintf("%s-%s.jar", packageName, packageVersion)
+	root := "/api/packages/user2/maven/com/gitea/test-project"
+	filename := "any-name.jar"
 
 	putFile := func(t *testing.T, path, content string, expectedStatus int) {
-		req := NewRequestWithBody(t, "PUT", root+path, strings.NewReader(content)).
-			AddBasicAuth(user.Name)
+		req := NewRequestWithBody(t, "PUT", root+path, strings.NewReader(content)).AddBasicAuth(user.Name)
 		MakeRequest(t, req, expectedStatus)
 	}
 
@@ -56,27 +56,67 @@ func TestPackageMaven(t *testing.T) {
 		putFile(t, "/maven-metadata.xml", "test", http.StatusOK)
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeMaven)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pvs, 1)
 
 		pd, err := packages.GetPackageDescriptor(db.DefaultContext, pvs[0])
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Nil(t, pd.SemVer)
 		assert.Nil(t, pd.Metadata)
-		assert.Equal(t, packageName, pd.Package.Name)
+		assert.Equal(t, groupID+":"+artifactID, pd.Package.Name)
 		assert.Equal(t, packageVersion, pd.Version.Version)
 
 		pfs, err := packages.GetFilesByVersionID(db.DefaultContext, pvs[0].ID)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pfs, 1)
 		assert.Equal(t, filename, pfs[0].Name)
 		assert.False(t, pfs[0].IsLead)
 
 		pb, err := packages.GetBlobByID(db.DefaultContext, pfs[0].BlobID)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Equal(t, int64(4), pb.Size)
 	})
 
+	t.Run("UploadLegacy", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		legacyRootLink := "/api/packages/user2/maven/com/gitea/legacy-project"
+		req := NewRequestWithBody(t, "PUT", legacyRootLink+"/1.0.2/any-file-name?use_legacy_package_name=1", strings.NewReader("test-content")).AddBasicAuth(user.Name)
+		MakeRequest(t, req, http.StatusCreated)
+		p, err := packages.GetPackageByName(db.DefaultContext, user.ID, packages.TypeMaven, "com.gitea-legacy-project")
+		require.NoError(t, err)
+		assert.Equal(t, "com.gitea-legacy-project", p.Name)
+
+		req = NewRequest(t, "HEAD", legacyRootLink+"/1.0.2/any-file-name").AddBasicAuth(user.Name)
+		MakeRequest(t, req, http.StatusOK)
+
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea-legacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusOK)
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea:legacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusNotFound)
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea%3Alegacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusNotFound)
+
+		req = NewRequestWithBody(t, "PUT", legacyRootLink+"/1.0.3/any-file-name", strings.NewReader("test-content")).AddBasicAuth(user.Name)
+		MakeRequest(t, req, http.StatusCreated)
+		_, err = packages.GetPackageByName(db.DefaultContext, user.ID, packages.TypeMaven, "com.gitea-legacy-project")
+		require.ErrorIs(t, err, packages.ErrPackageNotExist)
+		p, err = packages.GetPackageByName(db.DefaultContext, user.ID, packages.TypeMaven, "com.gitea:legacy-project")
+		require.NoError(t, err)
+		assert.Equal(t, "com.gitea:legacy-project", p.Name)
+		req = NewRequest(t, "HEAD", legacyRootLink+"/1.0.2/any-file-name").AddBasicAuth(user.Name)
+		MakeRequest(t, req, http.StatusOK)
+
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea-legacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusNotFound)
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea:legacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusOK)
+		req = NewRequest(t, "GET", "/user2/-/packages/maven/com.gitea%3Alegacy-project/1.0.2")
+		MakeRequest(t, req, http.StatusOK)
+
+		require.NoError(t, packages.DeletePackageByID(db.DefaultContext, p.ID))
+	})
+
 	t.Run("UploadExists", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
@@ -86,14 +126,12 @@ func TestPackageMaven(t *testing.T) {
 	t.Run("Download", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "HEAD", fmt.Sprintf("%s/%s/%s", root, packageVersion, filename)).
-			AddBasicAuth(user.Name)
+		req := NewRequest(t, "HEAD", fmt.Sprintf("%s/%s/%s", root, packageVersion, filename)).AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
 		checkHeaders(t, resp.Header(), "application/java-archive", 4)
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s", root, packageVersion, filename)).
-			AddBasicAuth(user.Name)
+		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s", root, packageVersion, filename)).AddBasicAuth(user.Name)
 		resp = MakeRequest(t, req, http.StatusOK)
 
 		checkHeaders(t, resp.Header(), "application/java-archive", 4)
@@ -101,7 +139,7 @@ func TestPackageMaven(t *testing.T) {
 		assert.Equal(t, []byte("test"), resp.Body.Bytes())
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeMaven)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pvs, 1)
 		assert.Equal(t, int64(0), pvs[0].DownloadCount)
 	})
@@ -133,26 +171,26 @@ func TestPackageMaven(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeMaven)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pvs, 1)
 
 		pd, err := packages.GetPackageDescriptor(db.DefaultContext, pvs[0])
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Nil(t, pd.Metadata)
 
 		putFile(t, fmt.Sprintf("/%s/%s.pom", packageVersion, filename), pomContent, http.StatusCreated)
 
 		pvs, err = packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeMaven)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pvs, 1)
 
 		pd, err = packages.GetPackageDescriptor(db.DefaultContext, pvs[0])
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.IsType(t, &maven.Metadata{}, pd.Metadata)
 		assert.Equal(t, packageDescription, pd.Metadata.(*maven.Metadata).Description)
 
 		pfs, err := packages.GetFilesByVersionID(db.DefaultContext, pvs[0].ID)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pfs, 2)
 		for _, pf := range pfs {
 			if strings.HasSuffix(pf.Name, ".pom") {
@@ -167,14 +205,12 @@ func TestPackageMaven(t *testing.T) {
 	t.Run("DownloadPOM", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "HEAD", fmt.Sprintf("%s/%s/%s.pom", root, packageVersion, filename)).
-			AddBasicAuth(user.Name)
+		req := NewRequest(t, "HEAD", fmt.Sprintf("%s/%s/%s.pom", root, packageVersion, filename)).AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
 		checkHeaders(t, resp.Header(), "text/xml", int64(len(pomContent)))
 
-		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s.pom", root, packageVersion, filename)).
-			AddBasicAuth(user.Name)
+		req = NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s.pom", root, packageVersion, filename)).AddBasicAuth(user.Name)
 		resp = MakeRequest(t, req, http.StatusOK)
 
 		checkHeaders(t, resp.Header(), "text/xml", int64(len(pomContent)))
@@ -182,7 +218,7 @@ func TestPackageMaven(t *testing.T) {
 		assert.Equal(t, []byte(pomContent), resp.Body.Bytes())
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeMaven)
-		assert.NoError(t, err)
+		require.NoError(t, err)
 		assert.Len(t, pvs, 1)
 		assert.Equal(t, int64(1), pvs[0].DownloadCount)
 	})
@@ -190,8 +226,7 @@ func TestPackageMaven(t *testing.T) {
 	t.Run("DownloadChecksums", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/1.2.3/%s", root, filename)).
-			AddBasicAuth(user.Name)
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/1.2.3/%s", root, filename)).AddBasicAuth(user.Name)
 		MakeRequest(t, req, http.StatusNotFound)
 
 		for key, checksum := range map[string]string{
@@ -200,8 +235,7 @@ func TestPackageMaven(t *testing.T) {
 			"sha256": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08",
 			"sha512": "ee26b0dd4af7e749aa1a8ee3c10ae9923f618980772e473f8819a5d4940e0db27ac185f8a0e1d5f84f88bc887fd67b143732c304cc5fa9ad8e6f57f50028a8ff",
 		} {
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s.%s", root, packageVersion, filename, key)).
-				AddBasicAuth(user.Name)
+			req := NewRequest(t, "GET", fmt.Sprintf("%s/%s/%s.%s", root, packageVersion, filename, key)).AddBasicAuth(user.Name)
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			assert.Equal(t, checksum, resp.Body.String())
@@ -211,8 +245,7 @@ func TestPackageMaven(t *testing.T) {
 	t.Run("DownloadMetadata", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", root+"/maven-metadata.xml").
-			AddBasicAuth(user.Name)
+		req := NewRequest(t, "GET", root+"/maven-metadata.xml").AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
 		expectedMetadata := `<?xml version="1.0" encoding="UTF-8"?>` + "\n<metadata><groupId>com.gitea</groupId><artifactId>test-project</artifactId><versioning><release>1.0.1</release><latest>1.0.1</latest><versions><version>1.0.1</version></versions></versioning></metadata>"
@@ -227,8 +260,7 @@ func TestPackageMaven(t *testing.T) {
 			"sha256": "3f48322f81c4b2c3bb8649ae1e5c9801476162b520e1c2734ac06b2c06143208",
 			"sha512": "cb075aa2e2ef1a83cdc14dd1e08c505b72d633399b39e73a21f00f0deecb39a3e2c79f157c1163f8a3854828750706e0dec3a0f5e4778e91f8ec2cf351a855f2",
 		} {
-			req := NewRequest(t, "GET", fmt.Sprintf("%s/maven-metadata.xml.%s", root, key)).
-				AddBasicAuth(user.Name)
+			req := NewRequest(t, "GET", fmt.Sprintf("%s/maven-metadata.xml.%s", root, key)).AddBasicAuth(user.Name)
 			resp := MakeRequest(t, req, http.StatusOK)
 
 			assert.Equal(t, checksum, resp.Body.String())
@@ -245,9 +277,10 @@ func TestPackageMaven(t *testing.T) {
 	})
 
 	t.Run("InvalidFile", func(t *testing.T) {
-		ver := packageVersion + "-invalid"
-		putFile(t, fmt.Sprintf("/%s/%s", ver, filename), "any invalid content", http.StatusCreated)
-		req := NewRequestf(t, "GET", "/%s/-/packages/maven/%s-%s/%s", user.Name, groupID, artifactID, ver)
+		invalidVersion := packageVersion + "-invalid"
+		putFile(t, fmt.Sprintf("/%s/%s", invalidVersion, filename), "any invalid content", http.StatusCreated)
+
+		req := NewRequestf(t, "GET", "/%s/-/packages/maven/%s/%s", user.Name, url.QueryEscape(groupID+":"+artifactID), invalidVersion)
 		resp := MakeRequest(t, req, http.StatusOK)
 		assert.Contains(t, resp.Body.String(), "No metadata.")
 		assert.True(t, test.IsNormalPageCompleted(resp.Body.String()))
@@ -266,8 +299,7 @@ func TestPackageMavenConcurrent(t *testing.T) {
 	root := fmt.Sprintf("/api/packages/%s/maven/%s/%s", user.Name, strings.ReplaceAll(groupID, ".", "/"), artifactID)
 
 	putFile := func(t *testing.T, path, content string, expectedStatus int) {
-		req := NewRequestWithBody(t, "PUT", root+path, strings.NewReader(content)).
-			AddBasicAuth(user.Name)
+		req := NewRequestWithBody(t, "PUT", root+path, strings.NewReader(content)).AddBasicAuth(user.Name)
 		MakeRequest(t, req, expectedStatus)
 	}
 

From 58c092cfead130f775df6b430d459208c6ce5977 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 31 Dec 2024 14:37:37 +0800
Subject: [PATCH 04/55] Fix locale type (#33059)

Follow #32872
---
 options/locale/locale_en-US.ini | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 4050ed1a15dba..4e9ec275ddced 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1018,7 +1018,7 @@ owner_helper = Some organizations may not show up in the dropdown due to a maxim
 repo_name = Repository Name
 repo_name_profile_public_hint= .profile is a special repository that you can use to add README.md to your public organization profile, visible to anyone. Make sure it’s public and initialize it with a README in the profile directory to get started.
 repo_name_profile_private_hint = .profile-private is a special repository that you can use to add a README.md to your organization member profile, visible only to organization members. Make sure it’s private and initialize it with a README in the profile directory to get started.
-repo_name_helper = Good repository names use short, memorable and unique keywords. A repository named '.profile' or '.profile-private' could be used to add a README.md for the user/organization profile.
+repo_name_helper = Good repository names use short, memorable and unique keywords. A repository named ".profile" or ".profile-private" could be used to add a README.md for the user/organization profile.
 repo_size = Repository Size
 template = Template
 template_select = Select a template.
@@ -2866,8 +2866,8 @@ teams.invite.by = Invited by %s
 teams.invite.description = Please click the button below to join the team.
 
 view_as_role = View as: %s
-view_as_public_hint = You are viewing the README a public user.
-view_as_member_hint = You are viewing the README a member of this organization.
+view_as_public_hint = You are viewing the README as a public user.
+view_as_member_hint = You are viewing the README as a member of this organization.
 
 [admin]
 maintenance = Maintenance

From a0853e2278642b597fd4164f8cf17108b610f220 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 31 Dec 2024 18:45:05 +0800
Subject: [PATCH 05/55] Fix unittest and repo create bug (#33061)

1. `StatDir` was not right, fix the FIXME
2. Clarify the test cases for `IsUsableRepoName`
3. Fix regression bug in `repo-new.ts`

Fix #33060
---
 models/db/name.go               | 19 +++----
 models/repo/repo.go             | 11 +++--
 models/repo/repo_test.go        | 12 +++++
 models/unittest/fscopy.go       |  6 +--
 modules/assetfs/layered.go      |  2 +-
 modules/repository/init.go      |  2 +-
 modules/util/path.go            | 87 +++++++++++----------------------
 modules/util/path_test.go       | 20 ++++++++
 web_src/js/features/repo-new.ts |  3 +-
 9 files changed, 80 insertions(+), 82 deletions(-)

diff --git a/models/db/name.go b/models/db/name.go
index 55c9dffb6ab28..5f98edbb28de8 100644
--- a/models/db/name.go
+++ b/models/db/name.go
@@ -5,20 +5,13 @@ package db
 
 import (
 	"fmt"
-	"regexp"
 	"strings"
 	"unicode/utf8"
 
 	"code.gitea.io/gitea/modules/util"
 )
 
-var (
-	// ErrNameEmpty name is empty error
-	ErrNameEmpty = util.SilentWrap{Message: "name is empty", Err: util.ErrInvalidArgument}
-
-	// AlphaDashDotPattern characters prohibited in a username (anything except A-Za-z0-9_.-)
-	AlphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`)
-)
+var ErrNameEmpty = util.SilentWrap{Message: "name is empty", Err: util.ErrInvalidArgument}
 
 // ErrNameReserved represents a "reserved name" error.
 type ErrNameReserved struct {
@@ -82,20 +75,20 @@ func (err ErrNameCharsNotAllowed) Unwrap() error {
 
 // IsUsableName checks if name is reserved or pattern of name is not allowed
 // based on given reserved names and patterns.
-// Names are exact match, patterns can be prefix or suffix match with placeholder '*'.
-func IsUsableName(names, patterns []string, name string) error {
+// Names are exact match, patterns can be a prefix or suffix match with placeholder '*'.
+func IsUsableName(reservedNames, reservedPatterns []string, name string) error {
 	name = strings.TrimSpace(strings.ToLower(name))
 	if utf8.RuneCountInString(name) == 0 {
 		return ErrNameEmpty
 	}
 
-	for i := range names {
-		if name == names[i] {
+	for i := range reservedNames {
+		if name == reservedNames[i] {
 			return ErrNameReserved{name}
 		}
 	}
 
-	for _, pat := range patterns {
+	for _, pat := range reservedPatterns {
 		if pat[0] == '*' && strings.HasSuffix(name, pat[1:]) ||
 			(pat[len(pat)-1] == '*' && strings.HasPrefix(name, pat[:len(pat)-1])) {
 			return ErrNamePatternNotAllowed{pat}
diff --git a/models/repo/repo.go b/models/repo/repo.go
index 2d9b9de88d499..5ef4d470c3bf6 100644
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@@ -11,6 +11,7 @@ import (
 	"net"
 	"net/url"
 	"path/filepath"
+	"regexp"
 	"strconv"
 	"strings"
 
@@ -60,13 +61,15 @@ func (err ErrRepoIsArchived) Error() string {
 }
 
 var (
-	reservedRepoNames    = []string{".", "..", "-"}
-	reservedRepoPatterns = []string{"*.git", "*.wiki", "*.rss", "*.atom"}
+	validRepoNamePattern   = regexp.MustCompile(`[-.\w]+`)
+	invalidRepoNamePattern = regexp.MustCompile(`[.]{2,}`)
+	reservedRepoNames      = []string{".", "..", "-"}
+	reservedRepoPatterns   = []string{"*.git", "*.wiki", "*.rss", "*.atom"}
 )
 
-// IsUsableRepoName returns true when repository is usable
+// IsUsableRepoName returns true when name is usable
 func IsUsableRepoName(name string) error {
-	if db.AlphaDashDotPattern.MatchString(name) {
+	if !validRepoNamePattern.MatchString(name) || invalidRepoNamePattern.MatchString(name) {
 		// Note: usually this error is normally caught up earlier in the UI
 		return db.ErrNameCharsNotAllowed{Name: name}
 	}
diff --git a/models/repo/repo_test.go b/models/repo/repo_test.go
index 6d88d170da377..001f8ecd84819 100644
--- a/models/repo/repo_test.go
+++ b/models/repo/repo_test.go
@@ -217,3 +217,15 @@ func TestComposeSSHCloneURL(t *testing.T) {
 	setting.SSH.Port = 123
 	assert.Equal(t, "ssh://git@[::1]:123/user/repo.git", ComposeSSHCloneURL("user", "repo"))
 }
+
+func TestIsUsableRepoName(t *testing.T) {
+	assert.NoError(t, IsUsableRepoName("a"))
+	assert.NoError(t, IsUsableRepoName("-1_."))
+	assert.NoError(t, IsUsableRepoName(".profile"))
+
+	assert.Error(t, IsUsableRepoName("-"))
+	assert.Error(t, IsUsableRepoName("🌞"))
+	assert.Error(t, IsUsableRepoName("the..repo"))
+	assert.Error(t, IsUsableRepoName("foo.wiki"))
+	assert.Error(t, IsUsableRepoName("foo.git"))
+}
diff --git a/models/unittest/fscopy.go b/models/unittest/fscopy.go
index 4d7ee2151dc29..690089bbc50b1 100644
--- a/models/unittest/fscopy.go
+++ b/models/unittest/fscopy.go
@@ -67,7 +67,7 @@ func SyncDirs(srcPath, destPath string) error {
 	}
 
 	// find and delete all untracked files
-	destFiles, err := util.StatDir(destPath, true)
+	destFiles, err := util.ListDirRecursively(destPath, &util.ListDirOptions{IncludeDir: true})
 	if err != nil {
 		return err
 	}
@@ -86,13 +86,13 @@ func SyncDirs(srcPath, destPath string) error {
 	}
 
 	// sync src files to dest
-	srcFiles, err := util.StatDir(srcPath, true)
+	srcFiles, err := util.ListDirRecursively(srcPath, &util.ListDirOptions{IncludeDir: true})
 	if err != nil {
 		return err
 	}
 	for _, srcFile := range srcFiles {
 		destFilePath := filepath.Join(destPath, srcFile)
-		// util.StatDir appends a slash to the directory name
+		// util.ListDirRecursively appends a slash to the directory name
 		if strings.HasSuffix(srcFile, "/") {
 			err = os.MkdirAll(destFilePath, os.ModePerm)
 		} else {
diff --git a/modules/assetfs/layered.go b/modules/assetfs/layered.go
index 9678d23ad675f..4f3811ba2b2fc 100644
--- a/modules/assetfs/layered.go
+++ b/modules/assetfs/layered.go
@@ -103,7 +103,7 @@ func (l *LayeredFS) ReadLayeredFile(elems ...string) ([]byte, string, error) {
 }
 
 func shouldInclude(info fs.FileInfo, fileMode ...bool) bool {
-	if util.CommonSkip(info.Name()) {
+	if util.IsCommonHiddenFileName(info.Name()) {
 		return false
 	}
 	if len(fileMode) == 0 {
diff --git a/modules/repository/init.go b/modules/repository/init.go
index 5f500c5233faa..24602ae090108 100644
--- a/modules/repository/init.go
+++ b/modules/repository/init.go
@@ -81,7 +81,7 @@ func LoadRepoConfig() error {
 		if isDir, err := util.IsDir(customPath); err != nil {
 			return fmt.Errorf("failed to check custom %s dir: %w", t, err)
 		} else if isDir {
-			if typeFiles[i].custom, err = util.StatDir(customPath); err != nil {
+			if typeFiles[i].custom, err = util.ListDirRecursively(customPath, &util.ListDirOptions{SkipCommonHiddenNames: true}); err != nil {
 				return fmt.Errorf("failed to list custom %s files: %w", t, err)
 			}
 		}
diff --git a/modules/util/path.go b/modules/util/path.go
index d4594947c9e9a..d9f17bd124ba0 100644
--- a/modules/util/path.go
+++ b/modules/util/path.go
@@ -140,82 +140,51 @@ func IsExist(path string) (bool, error) {
 	return false, err
 }
 
-func statDir(dirPath, recPath string, includeDir, isDirOnly, followSymlinks bool) ([]string, error) {
-	dir, err := os.Open(dirPath)
+func listDirRecursively(result *[]string, fsDir, recordParentPath string, opts *ListDirOptions) error {
+	dir, err := os.Open(fsDir)
 	if err != nil {
-		return nil, err
+		return err
 	}
 	defer dir.Close()
 
 	fis, err := dir.Readdir(0)
 	if err != nil {
-		return nil, err
+		return err
 	}
 
-	statList := make([]string, 0)
 	for _, fi := range fis {
-		if CommonSkip(fi.Name()) {
+		if opts.SkipCommonHiddenNames && IsCommonHiddenFileName(fi.Name()) {
 			continue
 		}
-
-		relPath := path.Join(recPath, fi.Name())
-		curPath := path.Join(dirPath, fi.Name())
+		relPath := path.Join(recordParentPath, fi.Name())
+		curPath := filepath.Join(fsDir, fi.Name())
 		if fi.IsDir() {
-			if includeDir {
-				statList = append(statList, relPath+"/")
-			}
-			s, err := statDir(curPath, relPath, includeDir, isDirOnly, followSymlinks)
-			if err != nil {
-				return nil, err
-			}
-			statList = append(statList, s...)
-		} else if !isDirOnly {
-			statList = append(statList, relPath)
-		} else if followSymlinks && fi.Mode()&os.ModeSymlink != 0 {
-			link, err := os.Readlink(curPath)
-			if err != nil {
-				return nil, err
-			}
-
-			isDir, err := IsDir(link)
-			if err != nil {
-				return nil, err
+			if opts.IncludeDir {
+				*result = append(*result, relPath+"/")
 			}
-			if isDir {
-				if includeDir {
-					statList = append(statList, relPath+"/")
-				}
-				s, err := statDir(curPath, relPath, includeDir, isDirOnly, followSymlinks)
-				if err != nil {
-					return nil, err
-				}
-				statList = append(statList, s...)
+			if err = listDirRecursively(result, curPath, relPath, opts); err != nil {
+				return err
 			}
+		} else {
+			*result = append(*result, relPath)
 		}
 	}
-	return statList, nil
+	return nil
 }
 
-// StatDir gathers information of given directory by depth-first.
-// It returns slice of file list and includes subdirectories if enabled;
-// it returns error and nil slice when error occurs in underlying functions,
-// or given path is not a directory or does not exist.
-//
+type ListDirOptions struct {
+	IncludeDir            bool // subdirectories are also included with suffix slash
+	SkipCommonHiddenNames bool
+}
+
+// ListDirRecursively gathers information of given directory by depth-first.
+// The paths are always in "dir/slash/file" format (not "\\" even in Windows)
 // Slice does not include given path itself.
-// If subdirectories is enabled, they will have suffix '/'.
-// FIXME: it doesn't like dot-files, for example: "owner/.profile.git"
-func StatDir(rootPath string, includeDir ...bool) ([]string, error) {
-	if isDir, err := IsDir(rootPath); err != nil {
+func ListDirRecursively(rootDir string, opts *ListDirOptions) (res []string, err error) {
+	if err = listDirRecursively(&res, rootDir, "", opts); err != nil {
 		return nil, err
-	} else if !isDir {
-		return nil, errors.New("not a directory or does not exist: " + rootPath)
-	}
-
-	isIncludeDir := false
-	if len(includeDir) != 0 {
-		isIncludeDir = includeDir[0]
 	}
-	return statDir(rootPath, "", isIncludeDir, false, false)
+	return res, nil
 }
 
 func isOSWindows() bool {
@@ -266,8 +235,8 @@ func HomeDir() (home string, err error) {
 	return home, nil
 }
 
-// CommonSkip will check a provided name to see if it represents file or directory that should not be watched
-func CommonSkip(name string) bool {
+// IsCommonHiddenFileName will check a provided name to see if it represents file or directory that should not be watched
+func IsCommonHiddenFileName(name string) bool {
 	if name == "" {
 		return true
 	}
@@ -276,9 +245,9 @@ func CommonSkip(name string) bool {
 	case '.':
 		return true
 	case 't', 'T':
-		return name[1:] == "humbs.db"
+		return name[1:] == "humbs.db" // macOS
 	case 'd', 'D':
-		return name[1:] == "esktop.ini"
+		return name[1:] == "esktop.ini" // Windows
 	}
 
 	return false
diff --git a/modules/util/path_test.go b/modules/util/path_test.go
index 6a38bf4ace863..79c37e55f7a57 100644
--- a/modules/util/path_test.go
+++ b/modules/util/path_test.go
@@ -5,10 +5,12 @@ package util
 
 import (
 	"net/url"
+	"os"
 	"runtime"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestFileURLToPath(t *testing.T) {
@@ -210,3 +212,21 @@ func TestCleanPath(t *testing.T) {
 		assert.Equal(t, c.expected, FilePathJoinAbs(c.elems[0], c.elems[1:]...), "case: %v", c.elems)
 	}
 }
+
+func TestListDirRecursively(t *testing.T) {
+	tmpDir := t.TempDir()
+	_ = os.WriteFile(tmpDir+"/.config", nil, 0o644)
+	_ = os.Mkdir(tmpDir+"/d1", 0o755)
+	_ = os.WriteFile(tmpDir+"/d1/f-d1", nil, 0o644)
+	_ = os.Mkdir(tmpDir+"/d1/s1", 0o755)
+	_ = os.WriteFile(tmpDir+"/d1/s1/f-d1s1", nil, 0o644)
+	_ = os.Mkdir(tmpDir+"/d2", 0o755)
+
+	res, err := ListDirRecursively(tmpDir, &ListDirOptions{IncludeDir: true})
+	require.NoError(t, err)
+	assert.ElementsMatch(t, []string{".config", "d1/", "d1/f-d1", "d1/s1/", "d1/s1/f-d1s1", "d2/"}, res)
+
+	res, err = ListDirRecursively(tmpDir, &ListDirOptions{SkipCommonHiddenNames: true})
+	require.NoError(t, err)
+	assert.ElementsMatch(t, []string{"d1/f-d1", "d1/s1/f-d1s1"}, res)
+}
diff --git a/web_src/js/features/repo-new.ts b/web_src/js/features/repo-new.ts
index ec44a14ce02ab..101545735f6a2 100644
--- a/web_src/js/features/repo-new.ts
+++ b/web_src/js/features/repo-new.ts
@@ -11,7 +11,8 @@ export function initRepoNew() {
   const updateUiAutoInit = () => {
     inputAutoInit.checked = Boolean(inputGitIgnores.value || inputLicense.value);
   };
-  form.addEventListener('change', updateUiAutoInit);
+  inputGitIgnores.addEventListener('change', updateUiAutoInit);
+  inputLicense.addEventListener('change', updateUiAutoInit);
   updateUiAutoInit();
 
   const inputRepoName = form.querySelector<HTMLInputElement>('input[name="repo_name"]');

From 20c7fba60157067252af49da41b6f8929a5ae31a Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Tue, 31 Dec 2024 03:19:53 -0800
Subject: [PATCH 06/55] Use project's redirect url instead of composing url
 (#33058)

Fix #32992

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 models/project/project.go     | 12 ++++++++++--
 routers/web/org/projects.go   |  6 +++---
 routers/web/repo/issue_new.go | 13 ++++++++++---
 routers/web/repo/projects.go  |  6 +++---
 4 files changed, 26 insertions(+), 11 deletions(-)

diff --git a/models/project/project.go b/models/project/project.go
index 87e679e1b73fe..edeb0b474228e 100644
--- a/models/project/project.go
+++ b/models/project/project.go
@@ -126,6 +126,14 @@ func (p *Project) LoadRepo(ctx context.Context) (err error) {
 	return err
 }
 
+func ProjectLinkForOrg(org *user_model.User, projectID int64) string { //nolint
+	return fmt.Sprintf("%s/-/projects/%d", org.HomeLink(), projectID)
+}
+
+func ProjectLinkForRepo(repo *repo_model.Repository, projectID int64) string { //nolint
+	return fmt.Sprintf("%s/projects/%d", repo.Link(), projectID)
+}
+
 // Link returns the project's relative URL.
 func (p *Project) Link(ctx context.Context) string {
 	if p.OwnerID > 0 {
@@ -134,7 +142,7 @@ func (p *Project) Link(ctx context.Context) string {
 			log.Error("LoadOwner: %v", err)
 			return ""
 		}
-		return fmt.Sprintf("%s/-/projects/%d", p.Owner.HomeLink(), p.ID)
+		return ProjectLinkForOrg(p.Owner, p.ID)
 	}
 	if p.RepoID > 0 {
 		err := p.LoadRepo(ctx)
@@ -142,7 +150,7 @@ func (p *Project) Link(ctx context.Context) string {
 			log.Error("LoadRepo: %v", err)
 			return ""
 		}
-		return fmt.Sprintf("%s/projects/%d", p.Repo.Link(), p.ID)
+		return ProjectLinkForRepo(p.Repo, p.ID)
 	}
 	return ""
 }
diff --git a/routers/web/org/projects.go b/routers/web/org/projects.go
index c037d4a7fd0df..32da1b41d16d4 100644
--- a/routers/web/org/projects.go
+++ b/routers/web/org/projects.go
@@ -211,7 +211,7 @@ func ChangeProjectStatus(ctx *context.Context) {
 		ctx.NotFoundOrServerError("ChangeProjectStatusByRepoIDAndID", project_model.IsErrProjectNotExist, err)
 		return
 	}
-	ctx.JSONRedirect(fmt.Sprintf("%s/-/projects/%d", ctx.ContextUser.HomeLink(), id))
+	ctx.JSONRedirect(project_model.ProjectLinkForOrg(ctx.ContextUser, id))
 }
 
 // DeleteProject delete a project
@@ -261,7 +261,7 @@ func RenderEditProject(ctx *context.Context) {
 	ctx.Data["redirect"] = ctx.FormString("redirect")
 	ctx.Data["HomeLink"] = ctx.ContextUser.HomeLink()
 	ctx.Data["card_type"] = p.CardType
-	ctx.Data["CancelLink"] = fmt.Sprintf("%s/-/projects/%d", ctx.ContextUser.HomeLink(), p.ID)
+	ctx.Data["CancelLink"] = project_model.ProjectLinkForOrg(ctx.ContextUser, p.ID)
 
 	ctx.HTML(http.StatusOK, tplProjectsNew)
 }
@@ -275,7 +275,7 @@ func EditProjectPost(ctx *context.Context) {
 	ctx.Data["PageIsViewProjects"] = true
 	ctx.Data["CanWriteProjects"] = canWriteProjects(ctx)
 	ctx.Data["CardTypes"] = project_model.GetCardConfig()
-	ctx.Data["CancelLink"] = fmt.Sprintf("%s/-/projects/%d", ctx.ContextUser.HomeLink(), projectID)
+	ctx.Data["CancelLink"] = project_model.ProjectLinkForOrg(ctx.ContextUser, projectID)
 
 	shared_user.RenderUserHeader(ctx)
 
diff --git a/routers/web/repo/issue_new.go b/routers/web/repo/issue_new.go
index 9a941ce85714b..32daa3e48fabd 100644
--- a/routers/web/repo/issue_new.go
+++ b/routers/web/repo/issue_new.go
@@ -396,8 +396,15 @@ func NewIssuePost(ctx *context.Context) {
 
 	log.Trace("Issue created: %d/%d", repo.ID, issue.ID)
 	if ctx.FormString("redirect_after_creation") == "project" && projectID > 0 {
-		ctx.JSONRedirect(ctx.Repo.RepoLink + "/projects/" + strconv.FormatInt(projectID, 10))
-	} else {
-		ctx.JSONRedirect(issue.Link())
+		project, err := project_model.GetProjectByID(ctx, projectID)
+		if err == nil {
+			if project.Type == project_model.TypeOrganization {
+				ctx.JSONRedirect(project_model.ProjectLinkForOrg(ctx.Repo.Owner, project.ID))
+			} else {
+				ctx.JSONRedirect(project_model.ProjectLinkForRepo(repo, project.ID))
+			}
+			return
+		}
 	}
+	ctx.JSONRedirect(issue.Link())
 }
diff --git a/routers/web/repo/projects.go b/routers/web/repo/projects.go
index 1800f60eaead6..346132102f6c7 100644
--- a/routers/web/repo/projects.go
+++ b/routers/web/repo/projects.go
@@ -181,7 +181,7 @@ func ChangeProjectStatus(ctx *context.Context) {
 		ctx.NotFoundOrServerError("ChangeProjectStatusByRepoIDAndID", project_model.IsErrProjectNotExist, err)
 		return
 	}
-	ctx.JSONRedirect(fmt.Sprintf("%s/projects/%d", ctx.Repo.RepoLink, id))
+	ctx.JSONRedirect(project_model.ProjectLinkForRepo(ctx.Repo.Repository, id))
 }
 
 // DeleteProject delete a project
@@ -235,7 +235,7 @@ func RenderEditProject(ctx *context.Context) {
 	ctx.Data["content"] = p.Description
 	ctx.Data["card_type"] = p.CardType
 	ctx.Data["redirect"] = ctx.FormString("redirect")
-	ctx.Data["CancelLink"] = fmt.Sprintf("%s/projects/%d", ctx.Repo.Repository.Link(), p.ID)
+	ctx.Data["CancelLink"] = project_model.ProjectLinkForRepo(ctx.Repo.Repository, p.ID)
 
 	ctx.HTML(http.StatusOK, tplProjectsNew)
 }
@@ -249,7 +249,7 @@ func EditProjectPost(ctx *context.Context) {
 	ctx.Data["PageIsEditProjects"] = true
 	ctx.Data["CanWriteProjects"] = ctx.Repo.Permission.CanWrite(unit.TypeProjects)
 	ctx.Data["CardTypes"] = project_model.GetCardConfig()
-	ctx.Data["CancelLink"] = fmt.Sprintf("%s/projects/%d", ctx.Repo.Repository.Link(), projectID)
+	ctx.Data["CancelLink"] = project_model.ProjectLinkForRepo(ctx.Repo.Repository, projectID)
 
 	if ctx.HasError() {
 		ctx.HTML(http.StatusOK, tplProjectsNew)

From 6c89de494a1f6c0cbaf34efe7a18f310c408cd23 Mon Sep 17 00:00:00 2001
From: Bo-Yi Wu <appleboy.tw@gmail.com>
Date: Tue, 31 Dec 2024 20:08:36 +0800
Subject: [PATCH 07/55] feat(action): issue change title notifications (#33050)

- Add `IssueChangeTitle` method to handle issue title changes
- Add `notifyIssueChangeWithTitleOrContent` method to generalize
notification handling for issue title or content changes

action file as below:

```yaml
name: Semantic Pull Request

on:
  pull_request_target:
    types: [edited]
```

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 services/actions/notifier.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/services/actions/notifier.go b/services/actions/notifier.go
index a4ebdf9e888ee..67e33e7cce0a8 100644
--- a/services/actions/notifier.go
+++ b/services/actions/notifier.go
@@ -58,7 +58,15 @@ func (n *actionsNotifier) NewIssue(ctx context.Context, issue *issues_model.Issu
 // IssueChangeContent notifies change content of issue
 func (n *actionsNotifier) IssueChangeContent(ctx context.Context, doer *user_model.User, issue *issues_model.Issue, oldContent string) {
 	ctx = withMethod(ctx, "IssueChangeContent")
+	n.notifyIssueChangeWithTitleOrContent(ctx, doer, issue)
+}
+
+func (n *actionsNotifier) IssueChangeTitle(ctx context.Context, doer *user_model.User, issue *issues_model.Issue, oldTitle string) {
+	ctx = withMethod(ctx, "IssueChangeTitle")
+	n.notifyIssueChangeWithTitleOrContent(ctx, doer, issue)
+}
 
+func (n *actionsNotifier) notifyIssueChangeWithTitleOrContent(ctx context.Context, doer *user_model.User, issue *issues_model.Issue) {
 	var err error
 	if err = issue.LoadRepo(ctx); err != nil {
 		log.Error("LoadRepo: %v", err)

From 92a2900a2d3130558d4965c5c220aa726c29a0d5 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Wed, 1 Jan 2025 00:35:43 +0000
Subject: [PATCH 08/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_cs-CZ.ini | 2 +-
 options/locale/locale_de-DE.ini | 2 +-
 options/locale/locale_el-GR.ini | 2 +-
 options/locale/locale_es-ES.ini | 2 +-
 options/locale/locale_fa-IR.ini | 2 +-
 options/locale/locale_fi-FI.ini | 2 +-
 options/locale/locale_fr-FR.ini | 2 +-
 options/locale/locale_ga-IE.ini | 2 +-
 options/locale/locale_hu-HU.ini | 2 +-
 options/locale/locale_id-ID.ini | 2 +-
 options/locale/locale_is-IS.ini | 1 +
 options/locale/locale_it-IT.ini | 2 +-
 options/locale/locale_ja-JP.ini | 2 +-
 options/locale/locale_ko-KR.ini | 2 +-
 options/locale/locale_lv-LV.ini | 2 +-
 options/locale/locale_nl-NL.ini | 2 +-
 options/locale/locale_pl-PL.ini | 2 +-
 options/locale/locale_pt-BR.ini | 2 +-
 options/locale/locale_pt-PT.ini | 2 +-
 options/locale/locale_ru-RU.ini | 2 +-
 options/locale/locale_si-LK.ini | 2 +-
 options/locale/locale_sk-SK.ini | 2 +-
 options/locale/locale_sv-SE.ini | 2 +-
 options/locale/locale_tr-TR.ini | 2 +-
 options/locale/locale_uk-UA.ini | 2 +-
 options/locale/locale_zh-CN.ini | 2 +-
 options/locale/locale_zh-HK.ini | 1 +
 options/locale/locale_zh-TW.ini | 2 +-
 28 files changed, 28 insertions(+), 26 deletions(-)

diff --git a/options/locale/locale_cs-CZ.ini b/options/locale/locale_cs-CZ.ini
index 57b209aaf9755..beeb1dc3b89c2 100644
--- a/options/locale/locale_cs-CZ.ini
+++ b/options/locale/locale_cs-CZ.ini
@@ -1012,7 +1012,6 @@ new_repo_helper=Repozitář obsahuje všechny projektové soubory, včetně hist
 owner=Vlastník
 owner_helper=Některé organizace se nemusejí v seznamu zobrazit kvůli maximálnímu dosaženému počtu repozitářů.
 repo_name=Název repozitáře
-repo_name_helper=Dobrý název repozitáře většinou používá krátká, zapamatovatelná a unikátní klíčová slova.
 repo_size=Velikost repozitáře
 template=Šablona
 template_select=Vyberte šablonu.
@@ -2833,6 +2832,7 @@ teams.invite.title=Byli jste pozváni do týmu <strong>%s</strong> v organizaci
 teams.invite.by=Pozvání od %s
 teams.invite.description=Pro připojení k týmu klikněte na tlačítko níže.
 
+
 [admin]
 maintenance=Údržba
 dashboard=Přehled
diff --git a/options/locale/locale_de-DE.ini b/options/locale/locale_de-DE.ini
index 5f2f16bfdf34c..ce2c43cb568d0 100644
--- a/options/locale/locale_de-DE.ini
+++ b/options/locale/locale_de-DE.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=Ein Repository enthält alle Projektdateien, einschließlich des
 owner=Besitzer
 owner_helper=Einige Organisationen könnten in der Dropdown-Liste nicht angezeigt werden, da die Anzahl an Repositories begrenzt ist.
 repo_name=Repository-Name
-repo_name_helper=Ein guter Repository-Name besteht normalerweise aus kurzen, unvergesslichen und einzigartigen Schlagwörtern.
 repo_size=Repository-Größe
 template=Template
 template_select=Vorlage auswählen
@@ -2861,6 +2860,7 @@ teams.invite.title=Du wurdest eingeladen, dem Team <strong>%s</strong> in der Or
 teams.invite.by=Von %s eingeladen
 teams.invite.description=Bitte klicke auf die folgende Schaltfläche, um dem Team beizutreten.
 
+
 [admin]
 maintenance=Wartung
 dashboard=Dashboard
diff --git a/options/locale/locale_el-GR.ini b/options/locale/locale_el-GR.ini
index fa9c41d5de049..31e57bbf97819 100644
--- a/options/locale/locale_el-GR.ini
+++ b/options/locale/locale_el-GR.ini
@@ -908,7 +908,6 @@ new_repo_helper=Ένα αποθετήριο περιέχει όλα τα αρχ
 owner=Ιδιοκτήτης
 owner_helper=Ορισμένοι οργανισμοί ενδέχεται να μην εμφανίζονται στο αναπτυσσόμενο μενού λόγω του μέγιστου αριθμού αποθετηρίων.
 repo_name=Όνομα αποθετηρίου
-repo_name_helper=Τα καλά ονόματα αποθετηρίων χρησιμοποιούν σύντομες, αξέχαστες και μοναδικές λέξεις-κλειδιά.
 repo_size=Μέγεθος Αποθετηρίου
 template=Πρότυπο
 template_select=Επιλέξτε πρότυπο.
@@ -2593,6 +2592,7 @@ teams.invite.title=Έχετε προσκληθεί να συμμετάσχετε
 teams.invite.by=Προσκλήθηκε από %s
 teams.invite.description=Παρακαλώ κάντε κλικ στον παρακάτω σύνδεσμο για συμμετοχή στην ομάδα.
 
+
 [admin]
 dashboard=Πίνακας Ελέγχου
 identity_access=Ταυτότητα & Πρόσβαση
diff --git a/options/locale/locale_es-ES.ini b/options/locale/locale_es-ES.ini
index d7d1cadd089a6..cdfe1fb2e5848 100644
--- a/options/locale/locale_es-ES.ini
+++ b/options/locale/locale_es-ES.ini
@@ -898,7 +898,6 @@ visibility.private_tooltip=Visible sólo para los miembros de organizaciones a l
 owner=Propietario
 owner_helper=Algunas organizaciones pueden no aparecer en el menú desplegable debido a un límite máximo de recuento de repositorios.
 repo_name=Nombre del repositorio
-repo_name_helper=Un buen nombre de repositorio está compuesto por palabras clave cortas, memorables y únicas.
 repo_size=Tamaño del repositorio
 template=Plantilla
 template_select=Seleccionar una plantilla.
@@ -2574,6 +2573,7 @@ teams.invite.title=Has sido invitado a unirte al equipo <strong>%s</strong> en l
 teams.invite.by=Invitado por %s
 teams.invite.description=Por favor, haga clic en el botón de abajo para unirse al equipo.
 
+
 [admin]
 dashboard=Panel de control
 identity_access=Identidad y acceso
diff --git a/options/locale/locale_fa-IR.ini b/options/locale/locale_fa-IR.ini
index 6dcd35560a64d..4d90cf98762db 100644
--- a/options/locale/locale_fa-IR.ini
+++ b/options/locale/locale_fa-IR.ini
@@ -704,7 +704,6 @@ visibility.private=خصوصی
 owner=مالک
 owner_helper=بخاطر بیشینه تعداد مخزن، ممکن است برخی از سازمان‌ها در لیست کشویی دیده نشود.
 repo_name=نام مخزن
-repo_name_helper=نام خوب مخزن معمولا از کلمات کلیدی کوتاه و به یاد ماندنی و منحصر به فرد تشکیل شده است.
 repo_size=اندازه مخزن
 template=قالب / الگو
 template_select=انتخاب یک قالب/ الگو.
@@ -1993,6 +1992,7 @@ teams.all_repositories_read_permission_desc=این تیم دسترسی<strong> 
 teams.all_repositories_write_permission_desc=این تیم دسترسی<strong> نوشتن </strong> <strong> مخازن همه</strong> را می بخشد: اعضا می توانند مخازن را مشاهده و درج کنند.
 teams.all_repositories_admin_permission_desc=این تیم دسترسی<strong> مدیر </strong> به <strong> مخازن همه</strong> را می بخشد: اعضا می توانند مخازن را بخواند، همکار و مخزن اضافه کنند.
 
+
 [admin]
 dashboard=پیشخوان
 users=حساب کاربران
diff --git a/options/locale/locale_fi-FI.ini b/options/locale/locale_fi-FI.ini
index b4f3869db41eb..b5fa5c8afcd15 100644
--- a/options/locale/locale_fi-FI.ini
+++ b/options/locale/locale_fi-FI.ini
@@ -635,7 +635,6 @@ visibility.private=Yksityinen
 owner=Omistaja
 owner_helper=Jotkin organisaatiot eivät välttämättä näy pudotusvalikossa, koska repojen maksimimäärää on rajoitettu.
 repo_name=Repon nimi
-repo_name_helper=Hyvä repon nimi on lyhyt, mieleenpainuva ja yksilöllinen.
 repo_size=Repon koko
 template=Malli
 template_select=Valitse malli.
@@ -1361,6 +1360,7 @@ teams.repositories=Tiimin repot
 teams.members.none=Ei jäseniä tässä tiimissä.
 teams.all_repositories=Kaikki repot
 
+
 [admin]
 dashboard=Kojelauta
 users=Käyttäjätilit
diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini
index b024be4d882bd..743b7662565bd 100644
--- a/options/locale/locale_fr-FR.ini
+++ b/options/locale/locale_fr-FR.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=Un dépôt contient tous les fichiers d’un projet, ainsi que l
 owner=Propriétaire
 owner_helper=Certaines organisations peuvent ne pas apparaître dans la liste déroulante en raison d'une limite maximale du nombre de dépôts.
 repo_name=Nom du dépôt
-repo_name_helper=Idéalement, le nom d'un dépôt devrait être court, mémorisable et unique.
 repo_size=Taille du dépôt
 template=Modèle
 template_select=Répliquer un modèle
@@ -2861,6 +2860,7 @@ teams.invite.title=Vous avez été invité à rejoindre l'équipe <strong>%s</st
 teams.invite.by=Invité par %s
 teams.invite.description=Veuillez cliquer sur le bouton ci-dessous pour rejoindre l’équipe.
 
+
 [admin]
 maintenance=Maintenance
 dashboard=Tableau de bord
diff --git a/options/locale/locale_ga-IE.ini b/options/locale/locale_ga-IE.ini
index 7bf6941e35ec1..cf6c76a9dbfc0 100644
--- a/options/locale/locale_ga-IE.ini
+++ b/options/locale/locale_ga-IE.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=Tá gach comhad tionscadail i stór, lena n-áirítear stair ath
 owner=Úinéir
 owner_helper=B'fhéidir nach dtaispeánfar roinnt eagraíochtaí sa anuas mar gheall ar theorainn uasta comhaireamh stórais.
 repo_name=Ainm Stórais
-repo_name_helper=Úsáideann dea-ainmneacha stórtha eochairfhocail ghearr, i gcuimhne agus uathúla.
 repo_size=Méid an Stóras
 template=Teimpléad
 template_select=Roghnaigh teimpléad.
@@ -2861,6 +2860,7 @@ teams.invite.title=Tugadh cuireadh duit dul isteach i bhfoireann <strong>%s</str
 teams.invite.by=Ar cuireadh ó %s
 teams.invite.description=Cliceáil ar an gcnaipe thíos le do thoil chun dul isteach san fhoireann.
 
+
 [admin]
 maintenance=Cothabháil
 dashboard=Deais
diff --git a/options/locale/locale_hu-HU.ini b/options/locale/locale_hu-HU.ini
index 8e11f07d33ab4..f0935a2916c5e 100644
--- a/options/locale/locale_hu-HU.ini
+++ b/options/locale/locale_hu-HU.ini
@@ -563,7 +563,6 @@ visibility.private=Privát
 [repo]
 owner=Tulajdonos
 repo_name=Tároló neve
-repo_name_helper=A jó tárolónév általában rövid, megjegyezhető és egyedi kulcsszavakból tevődik össze.
 repo_size=Repozitórium mérete
 template=Sablon
 template_select=Válasszon sablont.
@@ -1229,6 +1228,7 @@ teams.members.none=Ennek a csapatnak nincsenek tagjai.
 teams.specific_repositories=Meghatározott tárolók
 teams.all_repositories=Minden tároló
 
+
 [admin]
 dashboard=Műszerfal
 users=Felhasználói fiókok
diff --git a/options/locale/locale_id-ID.ini b/options/locale/locale_id-ID.ini
index 7c8271b98b403..1fcf6d59b6c90 100644
--- a/options/locale/locale_id-ID.ini
+++ b/options/locale/locale_id-ID.ini
@@ -585,7 +585,6 @@ visibility.private=Pribadi
 [repo]
 owner=Pemilik
 repo_name=Nama Repositori
-repo_name_helper=Nama repositori yang baik menggunakan kata kunci yang pendek, unik, dan bisa diingat.
 repo_size=Ukuran Repositori
 template=Templat
 template_select=Pilih template.
@@ -1083,6 +1082,7 @@ teams.add_team_member=Tambahkan Anggota Tim
 teams.delete_team_success=Tim sudah di hapus.
 teams.repositories=Tim repositori
 
+
 [admin]
 dashboard=Dasbor
 organizations=Organisasi
diff --git a/options/locale/locale_is-IS.ini b/options/locale/locale_is-IS.ini
index d3824f83a2146..1eab4d58be7a1 100644
--- a/options/locale/locale_is-IS.ini
+++ b/options/locale/locale_is-IS.ini
@@ -1136,6 +1136,7 @@ teams.settings=Stillingar
 teams.update_settings=Uppfæra Stillingar
 teams.all_repositories=Öll hugbúnaðarsöfn
 
+
 [admin]
 repositories=Hugbúnaðarsöfn
 config=Stilling
diff --git a/options/locale/locale_it-IT.ini b/options/locale/locale_it-IT.ini
index 1268f156735d4..17f0aa83d2538 100644
--- a/options/locale/locale_it-IT.ini
+++ b/options/locale/locale_it-IT.ini
@@ -755,7 +755,6 @@ visibility.private=Privato
 owner=Proprietario
 owner_helper=Alcune organizzazioni potrebbero non essere visualizzate nel menu a discesa a causa di un limite massimo al numero di repository.
 repo_name=Nome Repository
-repo_name_helper=Un buon nome per un repository è costituito da parole chiave corte, facili da ricordare e uniche.
 repo_size=Dimensione repository
 template=Modello
 template_select=Seleziona un modello.
@@ -2154,6 +2153,7 @@ teams.all_repositories_read_permission_desc=Questo team concede <strong>permessi
 teams.all_repositories_write_permission_desc=Questo team concede <strong>permessi di scrittura</strong> accesso a <strong>tutte le repository</strong>: i membri possono leggere e pushare le repository.
 teams.all_repositories_admin_permission_desc=Questo team concede a <strong>Amministratore</strong> l'accesso a <strong>tutte le repository</strong>: i membri possono leggere, pushare e aggiungere collaboratori alle repository.
 
+
 [admin]
 dashboard=Pannello di Controllo
 users=Account utenti
diff --git a/options/locale/locale_ja-JP.ini b/options/locale/locale_ja-JP.ini
index efcf34806a4cb..89582af89c3ac 100644
--- a/options/locale/locale_ja-JP.ini
+++ b/options/locale/locale_ja-JP.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=リポジトリには、プロジェクトのすべてのファ
 owner=オーナー
 owner_helper=リポジトリ数の上限により、一部の組織はドロップダウンに表示されない場合があります。
 repo_name=リポジトリ名
-repo_name_helper=リポジトリ名は、短く、覚えやすく、他と重複しないキーワードを使用しましょう。
 repo_size=リポジトリサイズ
 template=テンプレート
 template_select=テンプレートを選択してください。
@@ -2853,6 +2852,7 @@ teams.invite.title=あなたは組織 <strong>%[2]s</strong> 内のチーム <st
 teams.invite.by=%s からの招待
 teams.invite.description=下のボタンをクリックしてチームに参加してください。
 
+
 [admin]
 maintenance=メンテナンス
 dashboard=ダッシュボード
diff --git a/options/locale/locale_ko-KR.ini b/options/locale/locale_ko-KR.ini
index 361ab23e4cd81..4ce66282b22c9 100644
--- a/options/locale/locale_ko-KR.ini
+++ b/options/locale/locale_ko-KR.ini
@@ -531,7 +531,6 @@ visibility.private=비공개
 [repo]
 owner=소유자
 repo_name=저장소 이름
-repo_name_helper=좋은 저장소 이름은 보통 짧고 기억하기 좋은 특별한 키워드로 이루어 집니다.
 repo_size=저장소 용량
 template=템플릿
 template_select=템플릿 고르기
@@ -1191,6 +1190,7 @@ teams.repositories=팀 저장소
 teams.add_duplicate_users=사용자가 이미 팀 멤버입니다.
 teams.members.none=이 팀에 멤버가 없습니다.
 
+
 [admin]
 dashboard=대시보드
 users=사용자 계정
diff --git a/options/locale/locale_lv-LV.ini b/options/locale/locale_lv-LV.ini
index 4aa069b663922..0dfc5683ecdbc 100644
--- a/options/locale/locale_lv-LV.ini
+++ b/options/locale/locale_lv-LV.ini
@@ -913,7 +913,6 @@ new_repo_helper=Repozitorijs satur visus projekta failus, tajā skaitā izmaiņu
 owner=Īpašnieks
 owner_helper=Ņemot vērā maksimālā repozitoriju skaita ierobežojumu, ne visas organizācijas var tikt parādītas sarakstā.
 repo_name=Repozitorija nosaukums
-repo_name_helper=Labi repozitorija nosaukumi ir īsi, unikāli un tādi, ko viegli atcerēties.
 repo_size=Repozitorija izmērs
 template=Sagatave
 template_select=Izvēlieties sagatavi.
@@ -2596,6 +2595,7 @@ teams.invite.title=Tu esi uzaicināts pievienoties organizācijas <strong>%[2]s<
 teams.invite.by=Uzaicināja %s
 teams.invite.description=Nospiediet pogu zemāk, lai pievienotos komandai.
 
+
 [admin]
 dashboard=Infopanelis
 self_check=Pašpārbaude
diff --git a/options/locale/locale_nl-NL.ini b/options/locale/locale_nl-NL.ini
index fe41c4529aa95..8a6dabbceb2df 100644
--- a/options/locale/locale_nl-NL.ini
+++ b/options/locale/locale_nl-NL.ini
@@ -753,7 +753,6 @@ visibility.private=Privé
 owner=Eigenaar
 owner_helper=Sommige organisaties kunnen niet worden weergegeven in de dropdown vanwege een limiet op het maximale aantal repositories.
 repo_name=Naam van repository
-repo_name_helper=Goede repository-namen zijn kort, makkelijk te onthouden en uniek.
 repo_size=Repositorygrootte
 template=Sjabloon
 template_select=Selecteer een sjabloon.
@@ -2055,6 +2054,7 @@ teams.all_repositories=Alle repositories
 teams.all_repositories_helper=Team heeft toegang tot alle repositories. Door dit te selecteren worden <strong>alle bestaande</strong> repositories aan het team toegevoegd.
 teams.all_repositories_read_permission_desc=Dit team heeft <strong>Lees</strong> toegang tot <strong>alle repositories</strong>: leden kunnen repositories bekijken en klonen.
 
+
 [admin]
 dashboard=Overzicht
 users=Gebruikersacount
diff --git a/options/locale/locale_pl-PL.ini b/options/locale/locale_pl-PL.ini
index 13c05eebe079b..4d049c83d18e9 100644
--- a/options/locale/locale_pl-PL.ini
+++ b/options/locale/locale_pl-PL.ini
@@ -711,7 +711,6 @@ visibility.private=Prywatny
 owner=Właściciel
 owner_helper=Niektóre organizacje mogą nie pojawiać się w liście ze względu na limit maksymalnej liczby repozytoriów.
 repo_name=Nazwa repozytorium
-repo_name_helper=Dobra nazwa repozytorium jest utworzona z krótkich, łatwych do zapamiętania i unikalnych słów kluczowych.
 repo_size=Rozmiar repozytorium
 template=Szablon
 template_select=Wybierz szablon.
@@ -1934,6 +1933,7 @@ teams.all_repositories_read_permission_desc=Ten zespół nadaje uprawnienie <str
 teams.all_repositories_write_permission_desc=Ten zespół nadaje uprawnienie <strong>Zapisu</strong> do <strong>wszystkich repozytoriów</strong>: jego członkowie mogą odczytywać i przesyłać do repozytoriów.
 teams.all_repositories_admin_permission_desc=Ten zespół nadaje uprawnienia <strong>Administratora</strong> do <strong>wszystkich repozytoriów</strong>: jego członkowie mogą odczytywać, przesyłać oraz dodawać innych współtwórców do repozytoriów.
 
+
 [admin]
 dashboard=Pulpit
 users=Konta użytkownika
diff --git a/options/locale/locale_pt-BR.ini b/options/locale/locale_pt-BR.ini
index 9a8b6aeb62ca5..f0c034a1331f3 100644
--- a/options/locale/locale_pt-BR.ini
+++ b/options/locale/locale_pt-BR.ini
@@ -908,7 +908,6 @@ new_repo_helper=Um repositório contém todos os arquivos do projeto, inclusive
 owner=Proprietário
 owner_helper=Algumas organizações podem não aparecer no menu devido a um limite de contagem dos repositórios.
 repo_name=Nome do repositório
-repo_name_helper=Um bom nome de repositório é composto por palavras curtas, memorizáveis e únicas.
 repo_size=Tamanho do repositório
 template=Modelo
 template_select=Selecione um modelo.
@@ -2551,6 +2550,7 @@ teams.invite.title=Você foi convidado para fazer parte da equipe <strong>%s</st
 teams.invite.by=Convidado por %s
 teams.invite.description=Por favor, clique no botão abaixo para se juntar à equipe.
 
+
 [admin]
 dashboard=Painel
 identity_access=Identidade e acesso
diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index b59a3cd9b6624..d7d37180835dc 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=Um repositório contém todos os ficheiros do trabalho, incluind
 owner=Proprietário(a)
 owner_helper=Algumas organizações podem não aparecer na lista suspensa devido a um limite máximo de contagem de repositórios.
 repo_name=Nome do repositório
-repo_name_helper=Um bom nome de repositório utiliza palavras curtas, memoráveis e únicas.
 repo_size=Tamanho do repositório
 template=Modelo
 template_select=Escolha um modelo.
@@ -2861,6 +2860,7 @@ teams.invite.title=Foi-lhe feito um convite para se juntar à equipa <strong>%s<
 teams.invite.by=Convidado(a) por %s
 teams.invite.description=Clique no botão abaixo para se juntar à equipa.
 
+
 [admin]
 maintenance=Manutenção
 dashboard=Painel de controlo
diff --git a/options/locale/locale_ru-RU.ini b/options/locale/locale_ru-RU.ini
index dc72dd7621bb0..027a2cb19d3b8 100644
--- a/options/locale/locale_ru-RU.ini
+++ b/options/locale/locale_ru-RU.ini
@@ -899,7 +899,6 @@ visibility.private_tooltip=Виден только членам организа
 owner=Владелец
 owner_helper=Некоторые организации могут не отображаться в раскрывающемся списке из-за максимального ограничения количества репозиториев.
 repo_name=Название репозитория
-repo_name_helper=Лучшие названия репозиториев состоят из коротких, легко запоминаемых и уникальных ключевых слов.
 repo_size=Размер репозитория
 template=Шаблон
 template_select=Выбрать шаблон.
@@ -2542,6 +2541,7 @@ teams.invite.title=Вас пригласили присоединиться к 
 teams.invite.by=Приглашен(а) %s
 teams.invite.description=Нажмите на кнопку ниже, чтобы присоединиться к команде.
 
+
 [admin]
 dashboard=Панель
 identity_access=Идентификация и доступ
diff --git a/options/locale/locale_si-LK.ini b/options/locale/locale_si-LK.ini
index f722d160eb58c..167ecaf24a315 100644
--- a/options/locale/locale_si-LK.ini
+++ b/options/locale/locale_si-LK.ini
@@ -693,7 +693,6 @@ visibility.private=පෞද්ගලික
 owner=හිමිකරු
 owner_helper=උපරිම නිධි ගණන් සීමාවක් හේතුවෙන් සමහර සංවිධාන පහත වැටීමේ දී පෙන්විය නොහැක.
 repo_name=කෝෂ්ඨයේ නම
-repo_name_helper=හොඳ ගබඩාවක් නම් කෙටි, අමතක නොවන සහ අද්විතීය මූල පද භාවිතා කරයි.
 repo_size=කෝෂ්ඨයේ ප්‍රමාණය
 template=සැකිල්ල
 template_select=අච්චුවක් තෝරන්න.
@@ -1955,6 +1954,7 @@ teams.all_repositories_read_permission_desc=මෙම කණ්ඩායම ප
 teams.all_repositories_write_permission_desc=මෙම කණ්ඩායම ප්රදානය කරයි <strong></strong> වෙත ප්රවේශය ලියන්න <strong>සියලු ගබඩාවන්ට</strong>: සාමාජිකයින්ට කියවීමට සහ ගබඩාවන්ට තල්ලු කළ හැකිය.
 teams.all_repositories_admin_permission_desc=මෙම කණ්ඩායම ප්රදානය කරයි <strong>පරිපාලක</strong> වෙත ප්රවේශය <strong>සියලු ගබඩාවන්ට</strong>: සාමාජිකයින්ට කියවීමට, තල්ලු කිරීමට සහ ගබඩාවන්ට සහයෝගීකයින් එකතු කිරීමට.
 
+
 [admin]
 dashboard=උපකරණ පුවරුව
 users=පරිශීලක ගිණුම්
diff --git a/options/locale/locale_sk-SK.ini b/options/locale/locale_sk-SK.ini
index 39c13c358efb5..43b190098ff93 100644
--- a/options/locale/locale_sk-SK.ini
+++ b/options/locale/locale_sk-SK.ini
@@ -817,7 +817,6 @@ visibility.private=Súkromný
 owner=Vlastník
 owner_helper=Niektoré organizácie sa nemusia zobraziť v rozbaľovacej ponuke z dôvodu maximálneho limitu počtu repozitárov.
 repo_name=Názov repozitára
-repo_name_helper=Dobrý názov repozitára sa zvyčajne skladá z krátkych, jedinečných a ľahko zapamätateľných kľúčových slov.
 repo_size=Veľkosť repozitára
 template=Šablóna
 template_select=Vyberte šablónu.
@@ -1235,6 +1234,7 @@ teams.all_repositories_read_permission_desc=Tomuto tímu je pridelený prístup
 teams.all_repositories_write_permission_desc=Tomuto tímu je pridelený prístup na <strong>Zápis</strong> do <strong>všetkých repozitárov</strong>: členovia môžu prezerať a nahrávať do repozitárov.
 teams.all_repositories_admin_permission_desc=Tomuto tímu je pridelený <strong>Admin</strong> prístup ku <strong>všetkým repozitárom</strong>: členovia môžu prezerať, nahrávať do repozitárov a pridávať do nich spolupracovníkov.
 
+
 [admin]
 repositories=Repozitáre
 hooks=Webhooky
diff --git a/options/locale/locale_sv-SE.ini b/options/locale/locale_sv-SE.ini
index 2fd8277b76f1c..0315ebe9a1178 100644
--- a/options/locale/locale_sv-SE.ini
+++ b/options/locale/locale_sv-SE.ini
@@ -598,7 +598,6 @@ visibility.private=Privat
 [repo]
 owner=Ägare
 repo_name=Utvecklingskatalogens namn
-repo_name_helper=Bra namn på utvecklingskataloger består utav korta, unika nyckelord som är enkla att komma ihåg.
 repo_size=Utvecklingskatalogens storlek
 template=Mall
 template_select=Välj mall.
@@ -1592,6 +1591,7 @@ teams.all_repositories_read_permission_desc=Detta team beviljar <strong>Läs</st
 teams.all_repositories_write_permission_desc=Detta team beviljar <strong>Skriv</strong>-rättigheter till <strong>alla utvecklingskataloger</strong>: medlemmar kan läsa från och pusha till utvecklingskataloger.
 teams.all_repositories_admin_permission_desc=Detta team beviljar <strong>Admin</strong>-rättigheter till <strong>alla utvecklingskataloger</strong>: medlemmar kan läsa från, pusha till och lägga till kollaboratörer för utvecklingskatalogerna.
 
+
 [admin]
 dashboard=Instrumentpanel
 users=Användarkonto
diff --git a/options/locale/locale_tr-TR.ini b/options/locale/locale_tr-TR.ini
index 0c3884fd64887..ea938bab59ad8 100644
--- a/options/locale/locale_tr-TR.ini
+++ b/options/locale/locale_tr-TR.ini
@@ -984,7 +984,6 @@ new_repo_helper=Bir depo, sürüm geçmişi dahil tüm proje dosyalarını içer
 owner=Sahibi
 owner_helper=Bazı organizasyonlar, en çok depo sayısı sınırı nedeniyle açılır menüde görünmeyebilir.
 repo_name=Depo İsmi
-repo_name_helper=İyi bir depo ismi kısa, akılda kalıcı ve özgün anahtar kelimelerden oluşur.
 repo_size=Depo Boyutu
 template=Şablon
 template_select=Bir şablon seçin.
@@ -2747,6 +2746,7 @@ teams.invite.title=<strong>%s</strong> takımına (Organizasyon: <strong>%s</str
 teams.invite.by=%s tarafından davet edildi
 teams.invite.description=Takıma katılmak için aşağıdaki düğmeye tıklayın.
 
+
 [admin]
 maintenance=Bakım
 dashboard=Pano
diff --git a/options/locale/locale_uk-UA.ini b/options/locale/locale_uk-UA.ini
index e8553594a0375..2b0e57c8e0614 100644
--- a/options/locale/locale_uk-UA.ini
+++ b/options/locale/locale_uk-UA.ini
@@ -712,7 +712,6 @@ visibility.private=Приватний
 owner=Власник
 owner_helper=Деякі організації можуть не відображатися у випадаючому списку через максимальну кількість репозиторііїв.
 repo_name=Назва репозиторію
-repo_name_helper=Хороші назви репозиторіїв використовують короткі, унікальні ключові слова що легко запам'ятати.
 repo_size=Розмір репозиторію
 template=Шаблон
 template_select=Оберіть шаблон.
@@ -2003,6 +2002,7 @@ teams.all_repositories_read_permission_desc=Ця команда надає до
 teams.all_repositories_write_permission_desc=Ця команда надає дозвіл <strong>Запис</strong> для <strong>всіх репозиторіїв</strong>: учасники можуть переглядати та виконувати push в репозиторіях.
 teams.all_repositories_admin_permission_desc=Ця команда надає дозвіл <strong>Адміністрування</strong> для <strong>всіх репозиторіїв</strong>: учасники можуть переглядати, виконувати push та додавати співробітників.
 
+
 [admin]
 dashboard=Панель управління
 users=Облікові записи користувачів
diff --git a/options/locale/locale_zh-CN.ini b/options/locale/locale_zh-CN.ini
index 572ad2d667c7e..5e4723a4cd848 100644
--- a/options/locale/locale_zh-CN.ini
+++ b/options/locale/locale_zh-CN.ini
@@ -1015,7 +1015,6 @@ new_repo_helper=代码仓库包含了所有的项目文件，包括版本历史
 owner=拥有者
 owner_helper=由于最大仓库数量限制，一些组织可能不会显示在下拉列表中。
 repo_name=仓库名称
-repo_name_helper=好的仓库名称应当使用简短、有意义和独特的关键字。
 repo_size=仓库大小
 template=模板
 template_select=选择模板
@@ -2861,6 +2860,7 @@ teams.invite.title=您已被邀请加入组织 <strong>%s</strong> 中的团队
 teams.invite.by=邀请人 %s
 teams.invite.description=请点击下面的按钮加入团队。
 
+
 [admin]
 maintenance=维护
 dashboard=管理面板
diff --git a/options/locale/locale_zh-HK.ini b/options/locale/locale_zh-HK.ini
index e1ca6ebfc83ca..77f8d8a25d8b1 100644
--- a/options/locale/locale_zh-HK.ini
+++ b/options/locale/locale_zh-HK.ini
@@ -684,6 +684,7 @@ teams.add_team_member=新增團隊成員
 teams.delete_team_success=該團隊已被刪除。
 teams.repositories=團隊儲存庫
 
+
 [admin]
 dashboard=控制面版
 organizations=組織管理
diff --git a/options/locale/locale_zh-TW.ini b/options/locale/locale_zh-TW.ini
index a3bf6ca88863c..948b47bc9cb67 100644
--- a/options/locale/locale_zh-TW.ini
+++ b/options/locale/locale_zh-TW.ini
@@ -1012,7 +1012,6 @@ new_repo_helper=儲存庫包含所有專案檔案，包括修訂歷史。已經
 owner=擁有者
 owner_helper=組織可能因為儲存庫數量上限而未列入此選單。
 repo_name=儲存庫名稱
-repo_name_helper=好的儲存庫名稱通常是簡短的、好記的、且獨特的。
 repo_size=儲存庫大小
 template=範本
 template_select=選擇範本
@@ -2852,6 +2851,7 @@ teams.invite.title=您已被邀請加入組織 <strong>%s</strong> 中的團隊
 teams.invite.by=邀請人 %s
 teams.invite.description=請點擊下方按鈕加入團隊。
 
+
 [admin]
 maintenance=維護
 dashboard=資訊主頁

From 57eb9d0b644bb893ffb90d0066066a3971de3f1a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Steffen=20Schr=C3=B6ter?= <steffen@vexar.de>
Date: Wed, 1 Jan 2025 03:55:13 +0100
Subject: [PATCH 09/55] Inherit submodules from template repository content
 (#16237)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fix #10316

---------

Signed-off-by: Steffen Schröter <steffen@vexar.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 modules/git/batch_reader.go                   |   6 +-
 modules/git/parse.go                          |  78 +++++++++++
 modules/git/parse_nogogit.go                  |  67 ++-------
 modules/git/pipeline/lfs_nogogit.go           |   2 +-
 modules/git/submodule.go                      |  66 +++++++++
 modules/git/submodule_test.go                 |  48 +++++++
 modules/git/tests/repos/repo4_submodules/HEAD |   1 +
 .../git/tests/repos/repo4_submodules/config   |   4 +
 .../97/c3d30df0e6492348292600920a6482feaebb74 | Bin 0 -> 110 bytes
 .../c7/e064ed49b44523cba8a5dfbc37d2ce1bb41d34 | Bin 0 -> 112 bytes
 .../e1/e59caba97193d48862d6809912043871f37437 |   2 +
 .../repos/repo4_submodules/refs/heads/master  |   1 +
 modules/git/tree.go                           |   4 +-
 modules/git/tree_blob_nogogit.go              |   1 -
 modules/git/tree_entry_nogogit.go             |  12 +-
 services/repository/generate.go               | 130 +++++++++---------
 templates/repo/view_list.tmpl                 |   4 +-
 17 files changed, 290 insertions(+), 136 deletions(-)
 create mode 100644 modules/git/parse.go
 create mode 100644 modules/git/submodule.go
 create mode 100644 modules/git/submodule_test.go
 create mode 100644 modules/git/tests/repos/repo4_submodules/HEAD
 create mode 100644 modules/git/tests/repos/repo4_submodules/config
 create mode 100644 modules/git/tests/repos/repo4_submodules/objects/97/c3d30df0e6492348292600920a6482feaebb74
 create mode 100644 modules/git/tests/repos/repo4_submodules/objects/c7/e064ed49b44523cba8a5dfbc37d2ce1bb41d34
 create mode 100644 modules/git/tests/repos/repo4_submodules/objects/e1/e59caba97193d48862d6809912043871f37437
 create mode 100644 modules/git/tests/repos/repo4_submodules/refs/heads/master

diff --git a/modules/git/batch_reader.go b/modules/git/batch_reader.go
index 532dbad9894b5..33e54fe75cb3e 100644
--- a/modules/git/batch_reader.go
+++ b/modules/git/batch_reader.go
@@ -242,7 +242,7 @@ func BinToHex(objectFormat ObjectFormat, sha, out []byte) []byte {
 	return out
 }
 
-// ParseTreeLine reads an entry from a tree in a cat-file --batch stream
+// ParseCatFileTreeLine reads an entry from a tree in a cat-file --batch stream
 // This carefully avoids allocations - except where fnameBuf is too small.
 // It is recommended therefore to pass in an fnameBuf large enough to avoid almost all allocations
 //
@@ -250,7 +250,7 @@ func BinToHex(objectFormat ObjectFormat, sha, out []byte) []byte {
 // <mode-in-ascii-dropping-initial-zeros> SP <fname> NUL <binary HASH>
 //
 // We don't attempt to convert the raw HASH to save a lot of time
-func ParseTreeLine(objectFormat ObjectFormat, rd *bufio.Reader, modeBuf, fnameBuf, shaBuf []byte) (mode, fname, sha []byte, n int, err error) {
+func ParseCatFileTreeLine(objectFormat ObjectFormat, rd *bufio.Reader, modeBuf, fnameBuf, shaBuf []byte) (mode, fname, sha []byte, n int, err error) {
 	var readBytes []byte
 
 	// Read the Mode & fname
@@ -260,7 +260,7 @@ func ParseTreeLine(objectFormat ObjectFormat, rd *bufio.Reader, modeBuf, fnameBu
 	}
 	idx := bytes.IndexByte(readBytes, ' ')
 	if idx < 0 {
-		log.Debug("missing space in readBytes ParseTreeLine: %s", readBytes)
+		log.Debug("missing space in readBytes ParseCatFileTreeLine: %s", readBytes)
 		return mode, fname, sha, n, &ErrNotExist{}
 	}
 
diff --git a/modules/git/parse.go b/modules/git/parse.go
new file mode 100644
index 0000000000000..eb26632cc0e5c
--- /dev/null
+++ b/modules/git/parse.go
@@ -0,0 +1,78 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+import (
+	"bytes"
+	"fmt"
+	"strconv"
+	"strings"
+
+	"code.gitea.io/gitea/modules/optional"
+)
+
+var sepSpace = []byte{' '}
+
+type LsTreeEntry struct {
+	ID        ObjectID
+	EntryMode EntryMode
+	Name      string
+	Size      optional.Option[int64]
+}
+
+func parseLsTreeLine(line []byte) (*LsTreeEntry, error) {
+	// expect line to be of the form:
+	// <mode> <type> <sha> <space-padded-size>\t<filename>
+	// <mode> <type> <sha>\t<filename>
+
+	var err error
+	posTab := bytes.IndexByte(line, '\t')
+	if posTab == -1 {
+		return nil, fmt.Errorf("invalid ls-tree output (no tab): %q", line)
+	}
+
+	entry := new(LsTreeEntry)
+
+	entryAttrs := line[:posTab]
+	entryName := line[posTab+1:]
+
+	entryMode, entryAttrs, _ := bytes.Cut(entryAttrs, sepSpace)
+	_ /* entryType */, entryAttrs, _ = bytes.Cut(entryAttrs, sepSpace) // the type is not used, the mode is enough to determine the type
+	entryObjectID, entryAttrs, _ := bytes.Cut(entryAttrs, sepSpace)
+	if len(entryAttrs) > 0 {
+		entrySize := entryAttrs // the last field is the space-padded-size
+		size, _ := strconv.ParseInt(strings.TrimSpace(string(entrySize)), 10, 64)
+		entry.Size = optional.Some(size)
+	}
+
+	switch string(entryMode) {
+	case "100644":
+		entry.EntryMode = EntryModeBlob
+	case "100755":
+		entry.EntryMode = EntryModeExec
+	case "120000":
+		entry.EntryMode = EntryModeSymlink
+	case "160000":
+		entry.EntryMode = EntryModeCommit
+	case "040000", "040755": // git uses 040000 for tree object, but some users may get 040755 for unknown reasons
+		entry.EntryMode = EntryModeTree
+	default:
+		return nil, fmt.Errorf("unknown type: %v", string(entryMode))
+	}
+
+	entry.ID, err = NewIDFromString(string(entryObjectID))
+	if err != nil {
+		return nil, fmt.Errorf("invalid ls-tree output (invalid object id): %q, err: %w", line, err)
+	}
+
+	if len(entryName) > 0 && entryName[0] == '"' {
+		entry.Name, err = strconv.Unquote(string(entryName))
+		if err != nil {
+			return nil, fmt.Errorf("invalid ls-tree output (invalid name): %q, err: %w", line, err)
+		}
+	} else {
+		entry.Name = string(entryName)
+	}
+	return entry, nil
+}
diff --git a/modules/git/parse_nogogit.go b/modules/git/parse_nogogit.go
index 546b38be37964..676bb3c76c09f 100644
--- a/modules/git/parse_nogogit.go
+++ b/modules/git/parse_nogogit.go
@@ -10,8 +10,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"strconv"
-	"strings"
 
 	"code.gitea.io/gitea/modules/log"
 )
@@ -21,71 +19,30 @@ func ParseTreeEntries(data []byte) ([]*TreeEntry, error) {
 	return parseTreeEntries(data, nil)
 }
 
-var sepSpace = []byte{' '}
-
+// parseTreeEntries FIXME this function's design is not right, it should make the caller read all data into memory
 func parseTreeEntries(data []byte, ptree *Tree) ([]*TreeEntry, error) {
-	var err error
 	entries := make([]*TreeEntry, 0, bytes.Count(data, []byte{'\n'})+1)
 	for pos := 0; pos < len(data); {
-		// expect line to be of the form:
-		// <mode> <type> <sha> <space-padded-size>\t<filename>
-		// <mode> <type> <sha>\t<filename>
 		posEnd := bytes.IndexByte(data[pos:], '\n')
 		if posEnd == -1 {
 			posEnd = len(data)
 		} else {
 			posEnd += pos
 		}
-		line := data[pos:posEnd]
-		posTab := bytes.IndexByte(line, '\t')
-		if posTab == -1 {
-			return nil, fmt.Errorf("invalid ls-tree output (no tab): %q", line)
-		}
-
-		entry := new(TreeEntry)
-		entry.ptree = ptree
-
-		entryAttrs := line[:posTab]
-		entryName := line[posTab+1:]
-
-		entryMode, entryAttrs, _ := bytes.Cut(entryAttrs, sepSpace)
-		_ /* entryType */, entryAttrs, _ = bytes.Cut(entryAttrs, sepSpace) // the type is not used, the mode is enough to determine the type
-		entryObjectID, entryAttrs, _ := bytes.Cut(entryAttrs, sepSpace)
-		if len(entryAttrs) > 0 {
-			entrySize := entryAttrs // the last field is the space-padded-size
-			entry.size, _ = strconv.ParseInt(strings.TrimSpace(string(entrySize)), 10, 64)
-			entry.sized = true
-		}
 
-		switch string(entryMode) {
-		case "100644":
-			entry.entryMode = EntryModeBlob
-		case "100755":
-			entry.entryMode = EntryModeExec
-		case "120000":
-			entry.entryMode = EntryModeSymlink
-		case "160000":
-			entry.entryMode = EntryModeCommit
-		case "040000", "040755": // git uses 040000 for tree object, but some users may get 040755 for unknown reasons
-			entry.entryMode = EntryModeTree
-		default:
-			return nil, fmt.Errorf("unknown type: %v", string(entryMode))
-		}
-
-		entry.ID, err = NewIDFromString(string(entryObjectID))
+		line := data[pos:posEnd]
+		lsTreeLine, err := parseLsTreeLine(line)
 		if err != nil {
-			return nil, fmt.Errorf("invalid ls-tree output (invalid object id): %q, err: %w", line, err)
+			return nil, err
 		}
-
-		if len(entryName) > 0 && entryName[0] == '"' {
-			entry.name, err = strconv.Unquote(string(entryName))
-			if err != nil {
-				return nil, fmt.Errorf("invalid ls-tree output (invalid name): %q, err: %w", line, err)
-			}
-		} else {
-			entry.name = string(entryName)
+		entry := &TreeEntry{
+			ptree:     ptree,
+			ID:        lsTreeLine.ID,
+			entryMode: lsTreeLine.EntryMode,
+			name:      lsTreeLine.Name,
+			size:      lsTreeLine.Size.Value(),
+			sized:     lsTreeLine.Size.Has(),
 		}
-
 		pos = posEnd + 1
 		entries = append(entries, entry)
 	}
@@ -100,7 +57,7 @@ func catBatchParseTreeEntries(objectFormat ObjectFormat, ptree *Tree, rd *bufio.
 
 loop:
 	for sz > 0 {
-		mode, fname, sha, count, err := ParseTreeLine(objectFormat, rd, modeBuf, fnameBuf, shaBuf)
+		mode, fname, sha, count, err := ParseCatFileTreeLine(objectFormat, rd, modeBuf, fnameBuf, shaBuf)
 		if err != nil {
 			if err == io.EOF {
 				break loop
diff --git a/modules/git/pipeline/lfs_nogogit.go b/modules/git/pipeline/lfs_nogogit.go
index b22805c1327e9..92e35c5a1028a 100644
--- a/modules/git/pipeline/lfs_nogogit.go
+++ b/modules/git/pipeline/lfs_nogogit.go
@@ -114,7 +114,7 @@ func FindLFSFile(repo *git.Repository, objectID git.ObjectID) ([]*LFSResult, err
 			case "tree":
 				var n int64
 				for n < size {
-					mode, fname, binObjectID, count, err := git.ParseTreeLine(objectID.Type(), batchReader, modeBuf, fnameBuf, workingShaBuf)
+					mode, fname, binObjectID, count, err := git.ParseCatFileTreeLine(objectID.Type(), batchReader, modeBuf, fnameBuf, workingShaBuf)
 					if err != nil {
 						return nil, err
 					}
diff --git a/modules/git/submodule.go b/modules/git/submodule.go
new file mode 100644
index 0000000000000..017b644052b93
--- /dev/null
+++ b/modules/git/submodule.go
@@ -0,0 +1,66 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+import (
+	"bufio"
+	"context"
+	"fmt"
+	"os"
+
+	"code.gitea.io/gitea/modules/log"
+)
+
+type TemplateSubmoduleCommit struct {
+	Path   string
+	Commit string
+}
+
+// GetTemplateSubmoduleCommits returns a list of submodules paths and their commits from a repository
+// This function is only for generating new repos based on existing template, the template couldn't be too large.
+func GetTemplateSubmoduleCommits(ctx context.Context, repoPath string) (submoduleCommits []TemplateSubmoduleCommit, _ error) {
+	stdoutReader, stdoutWriter, err := os.Pipe()
+	if err != nil {
+		return nil, err
+	}
+	opts := &RunOpts{
+		Dir:    repoPath,
+		Stdout: stdoutWriter,
+		PipelineFunc: func(ctx context.Context, cancel context.CancelFunc) error {
+			_ = stdoutWriter.Close()
+			defer stdoutReader.Close()
+
+			scanner := bufio.NewScanner(stdoutReader)
+			for scanner.Scan() {
+				entry, err := parseLsTreeLine(scanner.Bytes())
+				if err != nil {
+					cancel()
+					return err
+				}
+				if entry.EntryMode == EntryModeCommit {
+					submoduleCommits = append(submoduleCommits, TemplateSubmoduleCommit{Path: entry.Name, Commit: entry.ID.String()})
+				}
+			}
+			return scanner.Err()
+		},
+	}
+	err = NewCommand(ctx, "ls-tree", "-r", "--", "HEAD").Run(opts)
+	if err != nil {
+		return nil, fmt.Errorf("GetTemplateSubmoduleCommits: error running git ls-tree: %v", err)
+	}
+	return submoduleCommits, nil
+}
+
+// AddTemplateSubmoduleIndexes Adds the given submodules to the git index.
+// It is only for generating new repos based on existing template, requires the .gitmodules file to be already present in the work dir.
+func AddTemplateSubmoduleIndexes(ctx context.Context, repoPath string, submodules []TemplateSubmoduleCommit) error {
+	for _, submodule := range submodules {
+		cmd := NewCommand(ctx, "update-index", "--add", "--cacheinfo", "160000").AddDynamicArguments(submodule.Commit, submodule.Path)
+		if stdout, _, err := cmd.RunStdString(&RunOpts{Dir: repoPath}); err != nil {
+			log.Error("Unable to add %s as submodule to repo %s: stdout %s\nError: %v", submodule.Path, repoPath, stdout, err)
+			return err
+		}
+	}
+	return nil
+}
diff --git a/modules/git/submodule_test.go b/modules/git/submodule_test.go
new file mode 100644
index 0000000000000..d53946a27d40f
--- /dev/null
+++ b/modules/git/submodule_test.go
@@ -0,0 +1,48 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package git
+
+import (
+	"context"
+	"os"
+	"path/filepath"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestGetTemplateSubmoduleCommits(t *testing.T) {
+	testRepoPath := filepath.Join(testReposDir, "repo4_submodules")
+	submodules, err := GetTemplateSubmoduleCommits(DefaultContext, testRepoPath)
+	require.NoError(t, err)
+
+	assert.Len(t, submodules, 2)
+
+	assert.EqualValues(t, "<°)))><", submodules[0].Path)
+	assert.EqualValues(t, "d2932de67963f23d43e1c7ecf20173e92ee6c43c", submodules[0].Commit)
+
+	assert.EqualValues(t, "libtest", submodules[1].Path)
+	assert.EqualValues(t, "1234567890123456789012345678901234567890", submodules[1].Commit)
+}
+
+func TestAddTemplateSubmoduleIndexes(t *testing.T) {
+	ctx := context.Background()
+	tmpDir := t.TempDir()
+	var err error
+	_, _, err = NewCommand(ctx, "init").RunStdString(&RunOpts{Dir: tmpDir})
+	require.NoError(t, err)
+	_ = os.Mkdir(filepath.Join(tmpDir, "new-dir"), 0o755)
+	err = AddTemplateSubmoduleIndexes(ctx, tmpDir, []TemplateSubmoduleCommit{{Path: "new-dir", Commit: "1234567890123456789012345678901234567890"}})
+	require.NoError(t, err)
+	_, _, err = NewCommand(ctx, "add", "--all").RunStdString(&RunOpts{Dir: tmpDir})
+	require.NoError(t, err)
+	_, _, err = NewCommand(ctx, "-c", "user.name=a", "-c", "user.email=b", "commit", "-m=test").RunStdString(&RunOpts{Dir: tmpDir})
+	require.NoError(t, err)
+	submodules, err := GetTemplateSubmoduleCommits(DefaultContext, tmpDir)
+	require.NoError(t, err)
+	assert.Len(t, submodules, 1)
+	assert.EqualValues(t, "new-dir", submodules[0].Path)
+	assert.EqualValues(t, "1234567890123456789012345678901234567890", submodules[0].Commit)
+}
diff --git a/modules/git/tests/repos/repo4_submodules/HEAD b/modules/git/tests/repos/repo4_submodules/HEAD
new file mode 100644
index 0000000000000..cb089cd89a7d7
--- /dev/null
+++ b/modules/git/tests/repos/repo4_submodules/HEAD
@@ -0,0 +1 @@
+ref: refs/heads/master
diff --git a/modules/git/tests/repos/repo4_submodules/config b/modules/git/tests/repos/repo4_submodules/config
new file mode 100644
index 0000000000000..07d359d07cf1e
--- /dev/null
+++ b/modules/git/tests/repos/repo4_submodules/config
@@ -0,0 +1,4 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = true
diff --git a/modules/git/tests/repos/repo4_submodules/objects/97/c3d30df0e6492348292600920a6482feaebb74 b/modules/git/tests/repos/repo4_submodules/objects/97/c3d30df0e6492348292600920a6482feaebb74
new file mode 100644
index 0000000000000000000000000000000000000000..7596090b49fc8304d4c5599e09fa97e65fd86ceb
GIT binary patch
literal 110
zcmV-!0FnQA0V^p=O;s>7G+;0^FfcPQQP4}zEXmDJDa}bOW;p&J<*nxySLM?ymfqiE
ze(9X_7FiQRGXo${usO6rQ&ZE<hT+m=-Dj1_pKP5U9)I(RvG}Flvm-W8H946{C8@<F
Q3_>Ph6%)`10HMe&nHoGW2LJ#7

literal 0
HcmV?d00001

diff --git a/modules/git/tests/repos/repo4_submodules/objects/c7/e064ed49b44523cba8a5dfbc37d2ce1bb41d34 b/modules/git/tests/repos/repo4_submodules/objects/c7/e064ed49b44523cba8a5dfbc37d2ce1bb41d34
new file mode 100644
index 0000000000000000000000000000000000000000..e3a13c156dce4d306921d33f4414867aea4b58c0
GIT binary patch
literal 112
zcmV-$0FVE80ZYosPf{>6HDQP@E=|hKPbtkwRZz;wOe#q&E>Vi*;w(rk$xyIWfQoQ&
zmKNmzxfvxT1;tkS`Z@W@i8&eh#U=Vs1$yb3C0xix*&N!Ssi|pa12jtk3ZO>9WZ>cu
SqxDO23-n=fVB-M&&@!0EvNJaT

literal 0
HcmV?d00001

diff --git a/modules/git/tests/repos/repo4_submodules/objects/e1/e59caba97193d48862d6809912043871f37437 b/modules/git/tests/repos/repo4_submodules/objects/e1/e59caba97193d48862d6809912043871f37437
new file mode 100644
index 0000000000000..a8d6e5c17c8f2
--- /dev/null
+++ b/modules/git/tests/repos/repo4_submodules/objects/e1/e59caba97193d48862d6809912043871f37437
@@ -0,0 +1,2 @@
+x
��[
+�0E��*�_��$M�5tifBk Iŕ�
7�k~��9ܘ��ܠ���.j��	�O���"z�`�#I�irF��͹��$%����|4)��?t��=��
:K��#[$D����^�����Ӓy�HU/�f?G
\ No newline at end of file
diff --git a/modules/git/tests/repos/repo4_submodules/refs/heads/master b/modules/git/tests/repos/repo4_submodules/refs/heads/master
new file mode 100644
index 0000000000000..102bc34da8ca0
--- /dev/null
+++ b/modules/git/tests/repos/repo4_submodules/refs/heads/master
@@ -0,0 +1 @@
+e1e59caba97193d48862d6809912043871f37437
diff --git a/modules/git/tree.go b/modules/git/tree.go
index d35dc58d8d0ed..5a644f6c87aa1 100644
--- a/modules/git/tree.go
+++ b/modules/git/tree.go
@@ -17,7 +17,7 @@ func NewTree(repo *Repository, id ObjectID) *Tree {
 	}
 }
 
-// SubTree get a sub tree by the sub dir path
+// SubTree get a subtree by the sub dir path
 func (t *Tree) SubTree(rpath string) (*Tree, error) {
 	if len(rpath) == 0 {
 		return t, nil
@@ -63,7 +63,7 @@ func (repo *Repository) LsTree(ref string, filenames ...string) ([]string, error
 	return filelist, err
 }
 
-// GetTreePathLatestCommitID returns the latest commit of a tree path
+// GetTreePathLatestCommit returns the latest commit of a tree path
 func (repo *Repository) GetTreePathLatestCommit(refName, treePath string) (*Commit, error) {
 	stdout, _, err := NewCommand(repo.Ctx, "rev-list", "-1").
 		AddDynamicArguments(refName).AddDashesAndList(treePath).
diff --git a/modules/git/tree_blob_nogogit.go b/modules/git/tree_blob_nogogit.go
index 92d3d107a7425..b7bcf40edd2a9 100644
--- a/modules/git/tree_blob_nogogit.go
+++ b/modules/git/tree_blob_nogogit.go
@@ -17,7 +17,6 @@ func (t *Tree) GetTreeEntryByPath(relpath string) (*TreeEntry, error) {
 			ptree:     t,
 			ID:        t.ID,
 			name:      "",
-			fullName:  "",
 			entryMode: EntryModeTree,
 		}, nil
 	}
diff --git a/modules/git/tree_entry_nogogit.go b/modules/git/tree_entry_nogogit.go
index 1c3bcd197a01d..81fb638d56fbe 100644
--- a/modules/git/tree_entry_nogogit.go
+++ b/modules/git/tree_entry_nogogit.go
@@ -9,23 +9,17 @@ import "code.gitea.io/gitea/modules/log"
 
 // TreeEntry the leaf in the git tree
 type TreeEntry struct {
-	ID ObjectID
-
+	ID    ObjectID
 	ptree *Tree
 
 	entryMode EntryMode
 	name      string
-
-	size     int64
-	sized    bool
-	fullName string
+	size      int64
+	sized     bool
 }
 
 // Name returns the name of the entry
 func (te *TreeEntry) Name() string {
-	if te.fullName != "" {
-		return te.fullName
-	}
 	return te.name
 }
 
diff --git a/services/repository/generate.go b/services/repository/generate.go
index 24cf9d1b9bfc1..ef9a8dc94065b 100644
--- a/services/repository/generate.go
+++ b/services/repository/generate.go
@@ -9,7 +9,6 @@ import (
 	"context"
 	"fmt"
 	"os"
-	"path"
 	"path/filepath"
 	"regexp"
 	"strconv"
@@ -123,7 +122,7 @@ func (gt *GiteaTemplate) Globs() []glob.Glob {
 	return gt.globs
 }
 
-func checkGiteaTemplate(tmpDir string) (*GiteaTemplate, error) {
+func readGiteaTemplateFile(tmpDir string) (*GiteaTemplate, error) {
 	gtPath := filepath.Join(tmpDir, ".gitea", "template")
 	if _, err := os.Stat(gtPath); os.IsNotExist(err) {
 		return nil, nil
@@ -136,12 +135,55 @@ func checkGiteaTemplate(tmpDir string) (*GiteaTemplate, error) {
 		return nil, err
 	}
 
-	gt := &GiteaTemplate{
-		Path:    gtPath,
-		Content: content,
+	return &GiteaTemplate{Path: gtPath, Content: content}, nil
+}
+
+func processGiteaTemplateFile(tmpDir string, templateRepo, generateRepo *repo_model.Repository, giteaTemplateFile *GiteaTemplate) error {
+	if err := util.Remove(giteaTemplateFile.Path); err != nil {
+		return fmt.Errorf("remove .giteatemplate: %w", err)
 	}
+	if len(giteaTemplateFile.Globs()) == 0 {
+		return nil // Avoid walking tree if there are no globs
+	}
+	tmpDirSlash := strings.TrimSuffix(filepath.ToSlash(tmpDir), "/") + "/"
+	return filepath.WalkDir(tmpDirSlash, func(path string, d os.DirEntry, walkErr error) error {
+		if walkErr != nil {
+			return walkErr
+		}
+
+		if d.IsDir() {
+			return nil
+		}
+
+		base := strings.TrimPrefix(filepath.ToSlash(path), tmpDirSlash)
+		for _, g := range giteaTemplateFile.Globs() {
+			if g.Match(base) {
+				content, err := os.ReadFile(path)
+				if err != nil {
+					return err
+				}
 
-	return gt, nil
+				generatedContent := []byte(generateExpansion(string(content), templateRepo, generateRepo, false))
+				if err := os.WriteFile(path, generatedContent, 0o644); err != nil {
+					return err
+				}
+
+				substPath := filepath.FromSlash(filepath.Join(tmpDirSlash, generateExpansion(base, templateRepo, generateRepo, true)))
+
+				// Create parent subdirectories if needed or continue silently if it exists
+				if err = os.MkdirAll(filepath.Dir(substPath), 0o755); err != nil {
+					return err
+				}
+
+				// Substitute filename variables
+				if err = os.Rename(path, substPath); err != nil {
+					return err
+				}
+				break
+			}
+		}
+		return nil
+	}) // end: WalkDir
 }
 
 func generateRepoCommit(ctx context.Context, repo, templateRepo, generateRepo *repo_model.Repository, tmpDir string) error {
@@ -167,81 +209,43 @@ func generateRepoCommit(ctx context.Context, repo, templateRepo, generateRepo *r
 		return fmt.Errorf("git clone: %w", err)
 	}
 
-	if err := util.RemoveAll(path.Join(tmpDir, ".git")); err != nil {
+	// Get active submodules from the template
+	submodules, err := git.GetTemplateSubmoduleCommits(ctx, tmpDir)
+	if err != nil {
+		return fmt.Errorf("GetTemplateSubmoduleCommits: %w", err)
+	}
+
+	if err = util.RemoveAll(filepath.Join(tmpDir, ".git")); err != nil {
 		return fmt.Errorf("remove git dir: %w", err)
 	}
 
 	// Variable expansion
-	gt, err := checkGiteaTemplate(tmpDir)
+	giteaTemplateFile, err := readGiteaTemplateFile(tmpDir)
 	if err != nil {
-		return fmt.Errorf("checkGiteaTemplate: %w", err)
+		return fmt.Errorf("readGiteaTemplateFile: %w", err)
 	}
 
-	if gt != nil {
-		if err := util.Remove(gt.Path); err != nil {
-			return fmt.Errorf("remove .giteatemplate: %w", err)
-		}
-
-		// Avoid walking tree if there are no globs
-		if len(gt.Globs()) > 0 {
-			tmpDirSlash := strings.TrimSuffix(filepath.ToSlash(tmpDir), "/") + "/"
-			if err := filepath.WalkDir(tmpDirSlash, func(path string, d os.DirEntry, walkErr error) error {
-				if walkErr != nil {
-					return walkErr
-				}
-
-				if d.IsDir() {
-					return nil
-				}
-
-				base := strings.TrimPrefix(filepath.ToSlash(path), tmpDirSlash)
-				for _, g := range gt.Globs() {
-					if g.Match(base) {
-						content, err := os.ReadFile(path)
-						if err != nil {
-							return err
-						}
-
-						if err := os.WriteFile(path,
-							[]byte(generateExpansion(string(content), templateRepo, generateRepo, false)),
-							0o644); err != nil {
-							return err
-						}
-
-						substPath := filepath.FromSlash(filepath.Join(tmpDirSlash,
-							generateExpansion(base, templateRepo, generateRepo, true)))
-
-						// Create parent subdirectories if needed or continue silently if it exists
-						if err := os.MkdirAll(filepath.Dir(substPath), 0o755); err != nil {
-							return err
-						}
-
-						// Substitute filename variables
-						if err := os.Rename(path, substPath); err != nil {
-							return err
-						}
-
-						break
-					}
-				}
-				return nil
-			}); err != nil {
-				return err
-			}
+	if giteaTemplateFile != nil {
+		err = processGiteaTemplateFile(tmpDir, templateRepo, generateRepo, giteaTemplateFile)
+		if err != nil {
+			return err
 		}
 	}
 
-	if err := git.InitRepository(ctx, tmpDir, false, templateRepo.ObjectFormatName); err != nil {
+	if err = git.InitRepository(ctx, tmpDir, false, templateRepo.ObjectFormatName); err != nil {
 		return err
 	}
 
-	repoPath := repo.RepoPath()
-	if stdout, _, err := git.NewCommand(ctx, "remote", "add", "origin").AddDynamicArguments(repoPath).
+	if stdout, _, err := git.NewCommand(ctx, "remote", "add", "origin").AddDynamicArguments(repo.RepoPath()).
 		RunStdString(&git.RunOpts{Dir: tmpDir, Env: env}); err != nil {
 		log.Error("Unable to add %v as remote origin to temporary repo to %s: stdout %s\nError: %v", repo, tmpDir, stdout, err)
 		return fmt.Errorf("git remote add: %w", err)
 	}
 
+	if err = git.AddTemplateSubmoduleIndexes(ctx, tmpDir, submodules); err != nil {
+		return fmt.Errorf("failed to add submodules: %v", err)
+	}
+
 	// set default branch based on whether it's specified in the newly generated repo or not
 	defaultBranch := repo.DefaultBranch
 	if strings.TrimSpace(defaultBranch) == "" {
diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl
index 01bb70e06ff43..c8e97d2617fd1 100644
--- a/templates/repo/view_list.tmpl
+++ b/templates/repo/view_list.tmpl
@@ -19,9 +19,9 @@
 					{{svg "octicon-file-submodule"}}
 					{{$refURL := $subModuleFile.RefURL AppUrl $.Repository.FullName $.SSHDomain}} {{/* FIXME: the usage of AppUrl seems incorrect, it would be fixed in the future, use AppSubUrl instead */}}
 					{{if $refURL}}
-						<a class="muted" href="{{$refURL}}">{{$entry.Name}}</a><span class="at">@</span><a href="{{$refURL}}/commit/{{PathEscape $subModuleFile.RefID}}">{{ShortSha $subModuleFile.RefID}}</a>
+						<a class="muted" href="{{$refURL}}">{{$entry.Name}}</a> <span class="at">@</span> <a href="{{$refURL}}/commit/{{PathEscape $subModuleFile.RefID}}">{{ShortSha $subModuleFile.RefID}}</a>
 					{{else}}
-						{{$entry.Name}}<span class="at">@</span>{{ShortSha $subModuleFile.RefID}}
+						{{$entry.Name}} <span class="at">@</span> {{ShortSha $subModuleFile.RefID}}
 					{{end}}
 				{{else}}
 					{{if $entry.IsDir}}

From 2564c15cb006a551ab21dac66369c363a4e78473 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Wed, 1 Jan 2025 18:02:34 +0800
Subject: [PATCH 10/55] Remove some unnecessary template helpers (#33069)

DisableGitHooks and DisableImportLocal are only used when editing a
user, so only set them in `editUserCommon`
---
 modules/setting/security.go                   |   5 +-
 modules/templates/helper.go                   |   6 -
 routers/web/admin/users.go                    |   2 +
 templates/admin/user/edit.tmpl                |   8 +-
 .../hooks/pre-receive.d/pre-receive           |   3 +-
 tests/integration/api_repo_git_hook_test.go   | 343 +++++++++---------
 tests/mssql.ini.tmpl                          |   1 -
 tests/mysql.ini.tmpl                          |   1 -
 tests/pgsql.ini.tmpl                          |   1 -
 tests/sqlite.ini.tmpl                         |   1 -
 10 files changed, 184 insertions(+), 187 deletions(-)

diff --git a/modules/setting/security.go b/modules/setting/security.go
index 3d12fcf8d9fdd..2f798b75c7e73 100644
--- a/modules/setting/security.go
+++ b/modules/setting/security.go
@@ -13,8 +13,9 @@ import (
 	"code.gitea.io/gitea/modules/log"
 )
 
+// Security settings
+
 var (
-	// Security settings
 	InstallLock                        bool
 	SecretKey                          string
 	InternalToken                      string // internal access token
@@ -27,7 +28,7 @@ var (
 	ReverseProxyTrustedProxies         []string
 	MinPasswordLength                  int
 	ImportLocalPaths                   bool
-	DisableGitHooks                    bool
+	DisableGitHooks                    = true
 	DisableWebhooks                    bool
 	OnlyAllowPushIfGiteaEnvironmentSet bool
 	PasswordComplexity                 []string
diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index 7529cadca4d51..48d3a8ff89aed 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -131,15 +131,9 @@ func NewFuncMap() template.FuncMap {
 		"EnableTimetracking": func() bool {
 			return setting.Service.EnableTimetracking
 		},
-		"DisableGitHooks": func() bool {
-			return setting.DisableGitHooks
-		},
 		"DisableWebhooks": func() bool {
 			return setting.DisableWebhooks
 		},
-		"DisableImportLocal": func() bool {
-			return !setting.ImportLocalPaths
-		},
 		"UserThemeName": userThemeName,
 		"NotificationSettings": func() map[string]any {
 			return map[string]any{
diff --git a/routers/web/admin/users.go b/routers/web/admin/users.go
index be2ba4424cdc6..f6a3af1c866d4 100644
--- a/routers/web/admin/users.go
+++ b/routers/web/admin/users.go
@@ -313,6 +313,8 @@ func editUserCommon(ctx *context.Context) {
 	ctx.Data["PageIsAdminUsers"] = true
 	ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation
 	ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
+	ctx.Data["DisableGitHooks"] = setting.DisableGitHooks
+	ctx.Data["DisableImportLocal"] = !setting.ImportLocalPaths
 	ctx.Data["AllowedUserVisibilityModes"] = setting.Service.AllowedUserVisibilityModesSlice.ToVisibleTypeSlice()
 	ctx.Data["DisableGravatar"] = setting.Config().Picture.DisableGravatar.Value(ctx)
 }
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 41b00defb4549..d591a645d8983 100644
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -128,16 +128,16 @@
 						<input name="restricted" type="checkbox" {{if .User.IsRestricted}}checked{{end}}>
 					</div>
 				</div>
-				<div class="inline field {{if DisableGitHooks}}tw-hidden{{end}}">
+				<div class="inline field {{if .DisableGitHooks}}tw-hidden{{end}}">
 					<div class="ui checkbox" data-tooltip-content="{{ctx.Locale.Tr "admin.users.allow_git_hook_tooltip"}}">
 						<label><strong>{{ctx.Locale.Tr "admin.users.allow_git_hook"}}</strong></label>
-						<input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}>
+						<input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if .DisableGitHooks}}disabled{{end}}>
 					</div>
 				</div>
-				<div class="inline field {{if or (DisableImportLocal) (.DisableMigrations)}}tw-hidden{{end}}">
+				<div class="inline field {{if or (.DisableImportLocal) (.DisableMigrations)}}tw-hidden{{end}}">
 					<div class="ui checkbox">
 						<label><strong>{{ctx.Locale.Tr "admin.users.allow_import_local"}}</strong></label>
-						<input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}} {{if DisableImportLocal}}disabled{{end}}>
+						<input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}} {{if .DisableImportLocal}}disabled{{end}}>
 					</div>
 				</div>
 				{{if not .DisableRegularOrgCreation}}
diff --git a/tests/gitea-repositories-meta/user2/git_hooks_test.git/hooks/pre-receive.d/pre-receive b/tests/gitea-repositories-meta/user2/git_hooks_test.git/hooks/pre-receive.d/pre-receive
index b26a3b9b6876f..205086810d4c6 100755
--- a/tests/gitea-repositories-meta/user2/git_hooks_test.git/hooks/pre-receive.d/pre-receive
+++ b/tests/gitea-repositories-meta/user2/git_hooks_test.git/hooks/pre-receive.d/pre-receive
@@ -1,3 +1,2 @@
 #!/bin/bash
-
-echo Hello, World!
+echo "TestGitHookScript"
diff --git a/tests/integration/api_repo_git_hook_test.go b/tests/integration/api_repo_git_hook_test.go
index 9917b41790d12..c28c4336e2d78 100644
--- a/tests/integration/api_repo_git_hook_test.go
+++ b/tests/integration/api_repo_git_hook_test.go
@@ -12,185 +12,190 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/setting"
 	api "code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/test"
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
 )
 
-const testHookContent = `#!/bin/bash
+func TestAPIGitHooks(t *testing.T) {
+	defer tests.PrepareTestEnv(t)()
+	defer test.MockVariableValue(&setting.DisableGitHooks, false)()
 
-echo Hello, World!
+	const testHookContent = `#!/bin/bash
+echo "TestGitHookScript"
 `
 
-func TestAPIListGitHooks(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	// user1 is an admin user
-	session := loginUser(t, "user1")
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiGitHooks []*api.GitHook
-	DecodeJSON(t, resp, &apiGitHooks)
-	assert.Len(t, apiGitHooks, 3)
-	for _, apiGitHook := range apiGitHooks {
-		if apiGitHook.Name == "pre-receive" {
-			assert.True(t, apiGitHook.IsActive)
-			assert.Equal(t, testHookContent, apiGitHook.Content)
-		} else {
+	t.Run("ListGitHooks", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		// user1 is an admin user
+		session := loginUser(t, "user1")
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiGitHooks []*api.GitHook
+		DecodeJSON(t, resp, &apiGitHooks)
+		assert.Len(t, apiGitHooks, 3)
+		for _, apiGitHook := range apiGitHooks {
+			if apiGitHook.Name == "pre-receive" {
+				assert.True(t, apiGitHook.IsActive)
+				assert.Equal(t, testHookContent, apiGitHook.Content)
+			} else {
+				assert.False(t, apiGitHook.IsActive)
+				assert.Empty(t, apiGitHook.Content)
+			}
+		}
+	})
+
+	t.Run("NoGitHooks", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		// user1 is an admin user
+		session := loginUser(t, "user1")
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiGitHooks []*api.GitHook
+		DecodeJSON(t, resp, &apiGitHooks)
+		assert.Len(t, apiGitHooks, 3)
+		for _, apiGitHook := range apiGitHooks {
 			assert.False(t, apiGitHook.IsActive)
 			assert.Empty(t, apiGitHook.Content)
 		}
-	}
-}
-
-func TestAPIListGitHooksNoHooks(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	// user1 is an admin user
-	session := loginUser(t, "user1")
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiGitHooks []*api.GitHook
-	DecodeJSON(t, resp, &apiGitHooks)
-	assert.Len(t, apiGitHooks, 3)
-	for _, apiGitHook := range apiGitHooks {
-		assert.False(t, apiGitHook.IsActive)
-		assert.Empty(t, apiGitHook.Content)
-	}
-}
-
-func TestAPIListGitHooksNoAccess(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusForbidden)
-}
-
-func TestAPIGetGitHook(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	// user1 is an admin user
-	session := loginUser(t, "user1")
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiGitHook *api.GitHook
-	DecodeJSON(t, resp, &apiGitHook)
-	assert.True(t, apiGitHook.IsActive)
-	assert.Equal(t, testHookContent, apiGitHook.Content)
-}
-
-func TestAPIGetGitHookNoAccess(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
-	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusForbidden)
-}
-
-func TestAPIEditGitHook(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	// user1 is an admin user
-	session := loginUser(t, "user1")
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
-
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive",
-		owner.Name, repo.Name)
-	req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
-		Content: testHookContent,
-	}).AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiGitHook *api.GitHook
-	DecodeJSON(t, resp, &apiGitHook)
-	assert.True(t, apiGitHook.IsActive)
-	assert.Equal(t, testHookContent, apiGitHook.Content)
-
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	resp = MakeRequest(t, req, http.StatusOK)
-	var apiGitHook2 *api.GitHook
-	DecodeJSON(t, resp, &apiGitHook2)
-	assert.True(t, apiGitHook2.IsActive)
-	assert.Equal(t, testHookContent, apiGitHook2.Content)
-}
-
-func TestAPIEditGitHookNoAccess(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
-	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name)
-	req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
-		Content: testHookContent,
-	}).AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusForbidden)
-}
-
-func TestAPIDeleteGitHook(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	// user1 is an admin user
-	session := loginUser(t, "user1")
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
-
-	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusNoContent)
-
-	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	resp := MakeRequest(t, req, http.StatusOK)
-	var apiGitHook2 *api.GitHook
-	DecodeJSON(t, resp, &apiGitHook2)
-	assert.False(t, apiGitHook2.IsActive)
-	assert.Empty(t, apiGitHook2.Content)
-}
-
-func TestAPIDeleteGitHookNoAccess(t *testing.T) {
-	defer tests.PrepareTestEnv(t)()
-
-	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
-
-	session := loginUser(t, owner.Name)
-	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
-	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
-		AddTokenAuth(token)
-	MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("ListGitHooksNoAccess", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("GetGitHook", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		// user1 is an admin user
+		session := loginUser(t, "user1")
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiGitHook *api.GitHook
+		DecodeJSON(t, resp, &apiGitHook)
+		assert.True(t, apiGitHook.IsActive)
+		assert.Equal(t, testHookContent, apiGitHook.Content)
+	})
+	t.Run("GetGitHookNoAccess", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeReadRepository)
+		req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("EditGitHook", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		// user1 is an admin user
+		session := loginUser(t, "user1")
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+		urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive",
+			owner.Name, repo.Name)
+		req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
+			Content: testHookContent,
+		}).AddTokenAuth(token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiGitHook *api.GitHook
+		DecodeJSON(t, resp, &apiGitHook)
+		assert.True(t, apiGitHook.IsActive)
+		assert.Equal(t, testHookContent, apiGitHook.Content)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		resp = MakeRequest(t, req, http.StatusOK)
+		var apiGitHook2 *api.GitHook
+		DecodeJSON(t, resp, &apiGitHook2)
+		assert.True(t, apiGitHook2.IsActive)
+		assert.Equal(t, testHookContent, apiGitHook2.Content)
+	})
+
+	t.Run("EditGitHookNoAccess", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+		urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name)
+		req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
+			Content: testHookContent,
+		}).AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
+
+	t.Run("DeleteGitHook", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 37})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		// user1 is an admin user
+		session := loginUser(t, "user1")
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+
+		req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusNoContent)
+
+		req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		resp := MakeRequest(t, req, http.StatusOK)
+		var apiGitHook2 *api.GitHook
+		DecodeJSON(t, resp, &apiGitHook2)
+		assert.False(t, apiGitHook2.IsActive)
+		assert.Empty(t, apiGitHook2.Content)
+	})
+
+	t.Run("DeleteGitHookNoAccess", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
+		owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})
+
+		session := loginUser(t, owner.Name)
+		token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteRepository)
+		req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive", owner.Name, repo.Name).
+			AddTokenAuth(token)
+		MakeRequest(t, req, http.StatusForbidden)
+	})
 }
diff --git a/tests/mssql.ini.tmpl b/tests/mssql.ini.tmpl
index 77c969e813611..b50816b2cdec8 100644
--- a/tests/mssql.ini.tmpl
+++ b/tests/mssql.ini.tmpl
@@ -93,7 +93,6 @@ COLORIZE             = true
 LEVEL                = Debug
 
 [security]
-DISABLE_GIT_HOOKS = false
 INSTALL_LOCK   = true
 SECRET_KEY     = 9pCviYTWSb
 INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTU1NTE2MTh9.hhSVGOANkaKk3vfCd2jDOIww4pUk0xtg9JRde5UogyQ
diff --git a/tests/mysql.ini.tmpl b/tests/mysql.ini.tmpl
index 0fddde46de69e..ec8307acc3632 100644
--- a/tests/mysql.ini.tmpl
+++ b/tests/mysql.ini.tmpl
@@ -94,7 +94,6 @@ COLORIZE             = true
 LEVEL                = Debug
 
 [security]
-DISABLE_GIT_HOOKS = false
 INSTALL_LOCK   = true
 SECRET_KEY     = 9pCviYTWSb
 INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTU1NTE2MTh9.hhSVGOANkaKk3vfCd2jDOIww4pUk0xtg9JRde5UogyQ
diff --git a/tests/pgsql.ini.tmpl b/tests/pgsql.ini.tmpl
index 695662c2e9d2e..139ea9c2b7ab7 100644
--- a/tests/pgsql.ini.tmpl
+++ b/tests/pgsql.ini.tmpl
@@ -94,7 +94,6 @@ COLORIZE             = true
 LEVEL                = Debug
 
 [security]
-DISABLE_GIT_HOOKS = false
 INSTALL_LOCK   = true
 SECRET_KEY     = 9pCviYTWSb
 INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTU1NTE2MTh9.hhSVGOANkaKk3vfCd2jDOIww4pUk0xtg9JRde5UogyQ
diff --git a/tests/sqlite.ini.tmpl b/tests/sqlite.ini.tmpl
index 1cbcd8b2e591a..2f7a3e8182eef 100644
--- a/tests/sqlite.ini.tmpl
+++ b/tests/sqlite.ini.tmpl
@@ -93,7 +93,6 @@ COLORIZE             = true
 LEVEL                = Debug
 
 [security]
-DISABLE_GIT_HOOKS = false
 INSTALL_LOCK   = true
 SECRET_KEY     = 9pCviYTWSb
 INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE0OTI3OTU5ODN9.OQkH5UmzID2XBdwQ9TAI6Jj2t1X-wElVTjbE7aoN4I8

From d030cace1a6fc19874ab5a2ae20544c702fcb6c5 Mon Sep 17 00:00:00 2001
From: lonix1 <40320097+lonix1@users.noreply.github.com>
Date: Wed, 1 Jan 2025 13:07:10 +0200
Subject: [PATCH 11/55] feat: link to nuget dependencies (#26554)

Add links to dependencies and their versions, as done in nuget site.
Makes it easier to use.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 options/locale/locale_en-US.ini      | 1 +
 templates/package/content/nuget.tmpl | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 4e9ec275ddced..6029d49ade0bc 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -3538,6 +3538,7 @@ versions = Versions
 versions.view_all = View all
 dependency.id = ID
 dependency.version = Version
+search_in_external_registry = Search in %s
 alpine.registry = Setup this registry by adding the url in your <code>/etc/apk/repositories</code> file:
 alpine.registry.key = Download the registry public RSA key into the <code>/etc/apk/keys/</code> folder to verify the index signature:
 alpine.registry.info = Choose $branch and $repository from the list below.
diff --git a/templates/package/content/nuget.tmpl b/templates/package/content/nuget.tmpl
index 5bb98a86ddf9e..4a4ea8ca43657 100644
--- a/templates/package/content/nuget.tmpl
+++ b/templates/package/content/nuget.tmpl
@@ -35,11 +35,12 @@
 					</tr>
 				</thead>
 				<tbody>
+					{{$tooltipSearchInNuget := ctx.Locale.Tr "packages.search_in_external_registry" "nuget.org"}}
 					{{range $framework, $dependencies := .PackageDescriptor.Metadata.Dependencies}}
 						{{range $dependencies}}
 						<tr>
-							<td>{{.ID}}</td>
-							<td>{{.Version}}</td>
+							<td>{{.ID}} <a target="_blank" rel="noreferrer" href="https://www.nuget.org/packages/{{.ID}}" data-tooltip-content="{{$tooltipSearchInNuget}}">{{svg "octicon-link-external"}}</a></td>
+							<td>{{.Version}} <a target="_blank" rel="noreferrer" href="https://www.nuget.org/packages/{{.ID}}/{{.Version}}" data-tooltip-content="{{$tooltipSearchInNuget}}">{{svg "octicon-link-external"}}</a></td>
 							<td>{{$framework}}</td>
 						</tr>
 						{{end}}

From 85c756e2799c6e427c6b05901dd60d52c9b25142 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Thu, 2 Jan 2025 01:16:09 +0800
Subject: [PATCH 12/55] Refactor pull-request compare&create page (#33071)

The old code is unnecessarily complex.
---
 templates/repo/diff/compare.tmpl          | 359 +++++++++++-----------
 tests/integration/compare_test.go         |   4 +-
 web_src/css/repo.css                      |   9 -
 web_src/js/features/repo-issue-sidebar.ts |   2 +-
 web_src/js/features/repo-legacy.ts        |  74 +----
 5 files changed, 195 insertions(+), 253 deletions(-)

diff --git a/templates/repo/diff/compare.tmpl b/templates/repo/diff/compare.tmpl
index 118d6478d19a6..9a7a04a328bc3 100644
--- a/templates/repo/diff/compare.tmpl
+++ b/templates/repo/diff/compare.tmpl
@@ -1,230 +1,229 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository diff {{if .PageIsComparePull}}compare pull{{end}}">
 	{{template "repo/header" .}}
-	{{$showDiffBox := false}}
+
 	<div class="ui container fluid padded">
-	<h2 class="ui header">
-		{{if and $.PageIsComparePull $.IsSigned (not .Repository.IsArchived)}}
-			{{ctx.Locale.Tr "repo.pulls.compare_changes"}}
-			<div class="sub header">{{ctx.Locale.Tr "repo.pulls.compare_changes_desc"}}</div>
-		{{else}}
-			{{ctx.Locale.Tr "action.compare_commits_general"}}
-		{{end}}
-	</h2>
-	{{$BaseCompareName := $.BaseName -}}
-	{{- $HeadCompareName := $.HeadRepo.OwnerName -}}
-	{{- if and (eq $.BaseName $.HeadRepo.OwnerName) (ne $.Repository.Name $.HeadRepo.Name) -}}
-		{{- $HeadCompareName = printf "%s/%s" $.HeadRepo.OwnerName $.HeadRepo.Name -}}
-	{{- end -}}
-	{{- $OwnForkCompareName := "" -}}
-	{{- if .OwnForkRepo -}}
-		{{- $OwnForkCompareName = .OwnForkRepo.OwnerName -}}
-	{{- end -}}
-	{{- $RootRepoCompareName := "" -}}
-	{{- if .RootRepo -}}
-		{{- $RootRepoCompareName = .RootRepo.OwnerName -}}
-		{{- if eq $.HeadRepo.OwnerName .RootRepo.OwnerName -}}
+		<h2 class="ui header">
+			{{if and $.PageIsComparePull $.IsSigned (not .Repository.IsArchived)}}
+				{{ctx.Locale.Tr "repo.pulls.compare_changes"}}
+				<div class="sub header">{{ctx.Locale.Tr "repo.pulls.compare_changes_desc"}}</div>
+			{{else}}
+				{{ctx.Locale.Tr "action.compare_commits_general"}}
+			{{end}}
+		</h2>
+		{{$BaseCompareName := $.BaseName -}}
+		{{- $HeadCompareName := $.HeadRepo.OwnerName -}}
+		{{- if and (eq $.BaseName $.HeadRepo.OwnerName) (ne $.Repository.Name $.HeadRepo.Name) -}}
 			{{- $HeadCompareName = printf "%s/%s" $.HeadRepo.OwnerName $.HeadRepo.Name -}}
 		{{- end -}}
-	{{- end -}}
-	<div class="ui segment choose branch">
-		<a class="tw-mr-2" href="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments $.HeadBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{end}}{{PathEscapeSegments $.BaseBranch}}" title="{{ctx.Locale.Tr "repo.pulls.switch_head_and_base"}}">{{svg "octicon-git-compare"}}</a>
-		<div class="ui floating filter dropdown" data-no-results="{{ctx.Locale.Tr "no_results_found"}}">
-			<div class="ui basic small button">
-				<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_base"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_base"}}{{end}}: {{$BaseCompareName}}:{{$.BaseBranch}}</span>
-				{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-			</div>
-			<div class="menu">
-				<div class="ui icon search input">
-					<i class="icon">{{svg "octicon-filter" 16}}</i>
-					<input name="search" placeholder="{{ctx.Locale.Tr "repo.filter_branch_and_tag"}}...">
+		{{- $OwnForkCompareName := "" -}}
+		{{- if .OwnForkRepo -}}
+			{{- $OwnForkCompareName = .OwnForkRepo.OwnerName -}}
+		{{- end -}}
+		{{- $RootRepoCompareName := "" -}}
+		{{- if .RootRepo -}}
+			{{- $RootRepoCompareName = .RootRepo.OwnerName -}}
+			{{- if eq $.HeadRepo.OwnerName .RootRepo.OwnerName -}}
+				{{- $HeadCompareName = printf "%s/%s" $.HeadRepo.OwnerName $.HeadRepo.Name -}}
+			{{- end -}}
+		{{- end -}}
+
+		<div class="ui segment choose branch">
+			<a class="tw-mr-2" href="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments $.HeadBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{end}}{{PathEscapeSegments $.BaseBranch}}" title="{{ctx.Locale.Tr "repo.pulls.switch_head_and_base"}}">{{svg "octicon-git-compare"}}</a>
+			<div class="ui dropdown jump select-branch">
+				<div class="ui basic small button">
+					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_base"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_base"}}{{end}}: {{$BaseCompareName}}:{{$.BaseBranch}}</span>
+					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 				</div>
-				<div class="header">
-					<div class="ui grid">
-						<div class="two column row">
-							<a class="reference column" href="#" data-target=".base-branch-list">
-								<span class="text black">
-									{{svg "octicon-git-branch" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.branches"}}
-								</span>
-							</a>
-							<a class="reference column" href="#" data-target=".base-tag-list">
-								<span class="text black">
-									{{svg "octicon-tag" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.tags"}}
-								</span>
-							</a>
+				<div class="menu">
+					<div class="ui icon search input">
+						<i class="icon">{{svg "octicon-filter" 16}}</i>
+						<input name="search" placeholder="{{ctx.Locale.Tr "repo.filter_branch_and_tag"}}...">
+					</div>
+					<div class="header">
+						<div class="ui grid">
+							<div class="two column row">
+								<a class="reference column" href="#" data-target=".base-branch-list">
+									<span class="text black">
+										{{svg "octicon-git-branch"}} {{ctx.Locale.Tr "repo.branches"}}
+									</span>
+								</a>
+								<a class="reference column" href="#" data-target=".base-tag-list">
+									<span class="text black">
+										{{svg "octicon-tag"}} {{ctx.Locale.Tr "repo.tags"}}
+									</span>
+								</a>
+							</div>
 						</div>
 					</div>
-				</div>
-				<div class="scrolling menu reference-list-menu base-branch-list">
-					{{range .Branches}}
-						<div class="item {{if eq $.BaseBranch .}}selected{{end}}" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}">{{$BaseCompareName}}:{{.}}</div>
-					{{end}}
-					{{if not .PullRequestCtx.SameRepo}}
-						{{range .HeadBranches}}
-							<div class="item" data-url="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$HeadCompareName}}:{{.}}</div>
+					<div class="scrolling menu reference-list-menu base-branch-list">
+						{{range .Branches}}
+							<a class="item {{if eq $.BaseBranch .}}selected{{end}}" href="{{$.RepoLink}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}">{{$BaseCompareName}}:{{.}}</a>
 						{{end}}
-					{{end}}
-					{{if .OwnForkRepo}}
-						{{range .OwnForkRepoBranches}}
-							<div class="item" data-url="{{$.OwnForkRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$OwnForkCompareName}}:{{.}}</div>
+						{{if not .PullRequestCtx.SameRepo}}
+							{{range .HeadBranches}}
+								<a class="item" href="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$HeadCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-					{{if and .RootRepo (.RootRepo.AllowsPulls ctx)}}
-						{{range .RootRepoBranches}}
-							<div class="item" data-url="{{$.RootRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$RootRepoCompareName}}:{{.}}</div>
+						{{if .OwnForkRepo}}
+							{{range .OwnForkRepoBranches}}
+								<a class="item" href="{{$.OwnForkRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$OwnForkCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-				</div>
-				<div class="scrolling menu reference-list-menu base-tag-list tw-hidden">
-					{{range .Tags}}
-						<div class="item {{if eq $.BaseBranch .}}selected{{end}}" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}">{{$BaseCompareName}}:{{.}}</div>
-					{{end}}
-					{{if not .PullRequestCtx.SameRepo}}
-						{{range .HeadTags}}
-							<div class="item" data-url="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$HeadCompareName}}:{{.}}</div>
+						{{if and .RootRepo (.RootRepo.AllowsPulls ctx)}}
+							{{range .RootRepoBranches}}
+								<a class="item" href="{{$.RootRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$RootRepoCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-					{{if .OwnForkRepo}}
-						{{range .OwnForkRepoTags}}
-							<div class="item" data-url="{{$.OwnForkRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$OwnForkCompareName}}:{{.}}</div>
+					</div>
+					<div class="scrolling menu reference-list-menu base-tag-list tw-hidden">
+						{{range .Tags}}
+							<a class="item {{if eq $.BaseBranch .}}selected{{end}}" href="{{$.RepoLink}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}">{{$BaseCompareName}}:{{.}}</a>
 						{{end}}
-					{{end}}
-					{{if .RootRepo}}
-						{{range .RootRepoTags}}
-							<div class="item" data-url="{{$.RootRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$RootRepoCompareName}}:{{.}}</div>
+						{{if not .PullRequestCtx.SameRepo}}
+							{{range .HeadTags}}
+								<a class="item" href="{{$.HeadRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$HeadCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
+						{{if .OwnForkRepo}}
+							{{range .OwnForkRepoTags}}
+								<a class="item" href="{{$.OwnForkRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$OwnForkCompareName}}:{{.}}</a>
+							{{end}}
+						{{end}}
+						{{if .RootRepo}}
+							{{range .RootRepoTags}}
+								<a class="item" href="{{$.RootRepo.Link}}/compare/{{PathEscapeSegments .}}{{$.CompareSeparator}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{PathEscapeSegments $.HeadBranch}}">{{$RootRepoCompareName}}:{{.}}</a>
+							{{end}}
+						{{end}}
+					</div>
 				</div>
 			</div>
-		</div>
-		<a href="{{.RepoLink}}/compare/{{PathEscapeSegments .BaseBranch}}{{.OtherCompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}" title="{{ctx.Locale.Tr "repo.pulls.switch_comparison_type"}}">{{svg "octicon-arrow-left" 16}}<div class="compare-separator">{{.CompareSeparator}}</div></a>
-		<div class="ui floating filter dropdown">
-			<div class="ui basic small button">
-				<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_compare"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_head"}}{{end}}: {{$HeadCompareName}}:{{$.HeadBranch}}</span>
-				{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-			</div>
-			<div class="menu">
-				<div class="ui icon search input">
-					<i class="icon">{{svg "octicon-filter" 16}}</i>
-					<input name="search" placeholder="{{ctx.Locale.Tr "repo.filter_branch_and_tag"}}...">
+
+			<a href="{{.RepoLink}}/compare/{{PathEscapeSegments .BaseBranch}}{{.OtherCompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments $.HeadBranch}}" title="{{ctx.Locale.Tr "repo.pulls.switch_comparison_type"}}">{{svg "octicon-arrow-left" 16}}<div class="compare-separator">{{.CompareSeparator}}</div></a>
+
+			<div class="ui dropdown jump select-branch">
+				<div class="ui basic small button">
+					<span class="text">{{if $.PageIsComparePull}}{{ctx.Locale.Tr "repo.pulls.compare_compare"}}{{else}}{{ctx.Locale.Tr "repo.compare.compare_head"}}{{end}}: {{$HeadCompareName}}:{{$.HeadBranch}}</span>
+					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 				</div>
-				<div class="header">
-					<div class="ui grid">
-						<div class="two column row">
-							<a class="reference column" href="#" data-target=".head-branch-list">
-								<span class="text black">
-									{{svg "octicon-git-branch" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.branches"}}
-								</span>
-							</a>
-							<a class="reference column" href="#" data-target=".head-tag-list">
-								<span class="text black">
-									{{svg "octicon-tag" 16 "tw-mr-1"}}{{ctx.Locale.Tr "repo.tags"}}
-								</span>
-							</a>
+				<div class="menu">
+					<div class="ui icon search input">
+						<i class="icon">{{svg "octicon-filter" 16}}</i>
+						<input name="search" placeholder="{{ctx.Locale.Tr "repo.filter_branch_and_tag"}}...">
+					</div>
+					<div class="header">
+						<div class="ui grid">
+							<div class="two column row">
+								<a class="reference column" href="#" data-target=".head-branch-list">
+									<span class="text black">
+										{{svg "octicon-git-branch"}} {{ctx.Locale.Tr "repo.branches"}}
+									</span>
+								</a>
+								<a class="reference column" href="#" data-target=".head-tag-list">
+									<span class="text black">
+										{{svg "octicon-tag"}} {{ctx.Locale.Tr "repo.tags"}}
+									</span>
+								</a>
+							</div>
 						</div>
 					</div>
-				</div>
-				<div class="scrolling menu reference-list-menu head-branch-list">
-					{{range .HeadBranches}}
-						<div class="{{if eq $.HeadBranch .}}selected{{end}} item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments .}}">{{$HeadCompareName}}:{{.}}</div>
-					{{end}}
-					{{if not .PullRequestCtx.SameRepo}}
-						{{range .Branches}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{PathEscapeSegments .}}">{{$BaseCompareName}}:{{.}}</div>
+					<div class="scrolling menu reference-list-menu head-branch-list">
+						{{range .HeadBranches}}
+							<a class="{{if eq $.HeadBranch .}}selected{{end}} item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments .}}">{{$HeadCompareName}}:{{.}}</a>
 						{{end}}
-					{{end}}
-					{{if .OwnForkRepo}}
-						{{range .OwnForkRepoBranches}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.OwnForkRepo.OwnerName}}/{{PathEscape $.OwnForkRepo.Name}}:{{PathEscapeSegments .}}">{{$OwnForkCompareName}}:{{.}}</div>
+						{{if not .PullRequestCtx.SameRepo}}
+							{{range .Branches}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{PathEscapeSegments .}}">{{$BaseCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-					{{if .RootRepo}}
-						{{range .RootRepoBranches}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.RootRepo.OwnerName}}/{{PathEscape $.RootRepo.Name}}:{{PathEscapeSegments .}}">{{$RootRepoCompareName}}:{{.}}</div>
+						{{if .OwnForkRepo}}
+							{{range .OwnForkRepoBranches}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.OwnForkRepo.OwnerName}}/{{PathEscape $.OwnForkRepo.Name}}:{{PathEscapeSegments .}}">{{$OwnForkCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-				</div>
-				<div class="scrolling menu reference-list-menu head-tag-list tw-hidden">
-					{{range .HeadTags}}
-						<div class="{{if eq $.HeadBranch .}}selected{{end}} item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments .}}">{{$HeadCompareName}}:{{.}}</div>
-					{{end}}
-					{{if not .PullRequestCtx.SameRepo}}
-						{{range .Tags}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{PathEscapeSegments .}}">{{$BaseCompareName}}:{{.}}</div>
+						{{if .RootRepo}}
+							{{range .RootRepoBranches}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.RootRepo.OwnerName}}/{{PathEscape $.RootRepo.Name}}:{{PathEscapeSegments .}}">{{$RootRepoCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
-					{{if .OwnForkRepo}}
-						{{range .OwnForkRepoTags}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.OwnForkRepo.OwnerName}}/{{PathEscape $.OwnForkRepo.Name}}:{{PathEscapeSegments .}}">{{$OwnForkCompareName}}:{{.}}</div>
+					</div>
+					<div class="scrolling menu reference-list-menu head-tag-list tw-hidden">
+						{{range .HeadTags}}
+							<a class="{{if eq $.HeadBranch .}}selected{{end}} item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{if not $.PullRequestCtx.SameRepo}}{{PathEscape $.HeadUser.Name}}/{{PathEscape $.HeadRepo.Name}}:{{end}}{{PathEscapeSegments .}}">{{$HeadCompareName}}:{{.}}</a>
 						{{end}}
-					{{end}}
-					{{if .RootRepo}}
-						{{range .RootRepoTags}}
-							<div class="item" data-url="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.RootRepo.OwnerName}}/{{PathEscape $.RootRepo.Name}}:{{PathEscapeSegments .}}">{{$RootRepoCompareName}}:{{.}}</div>
+						{{if not .PullRequestCtx.SameRepo}}
+							{{range .Tags}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.BaseName}}/{{PathEscape $.Repository.Name}}:{{PathEscapeSegments .}}">{{$BaseCompareName}}:{{.}}</a>
+							{{end}}
 						{{end}}
-					{{end}}
+						{{if .OwnForkRepo}}
+							{{range .OwnForkRepoTags}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.OwnForkRepo.OwnerName}}/{{PathEscape $.OwnForkRepo.Name}}:{{PathEscapeSegments .}}">{{$OwnForkCompareName}}:{{.}}</a>
+							{{end}}
+						{{end}}
+						{{if .RootRepo}}
+							{{range .RootRepoTags}}
+								<a class="item" href="{{$.RepoLink}}/compare/{{PathEscapeSegments $.BaseBranch}}{{$.CompareSeparator}}{{PathEscape $.RootRepo.OwnerName}}/{{PathEscape $.RootRepo.Name}}:{{PathEscapeSegments .}}">{{$RootRepoCompareName}}:{{.}}</a>
+							{{end}}
+						{{end}}
+					</div>
 				</div>
 			</div>
 		</div>
-	</div>
 
-	{{if .IsNothingToCompare}}
-		{{if and $.IsSigned $.AllowEmptyPr (not .Repository.IsArchived) .PageIsComparePull}}
-			<div class="ui segment">{{ctx.Locale.Tr "repo.pulls.nothing_to_compare_and_allow_empty_pr"}}</div>
-			<div class="ui info message show-form-container {{if .Flash}}tw-hidden{{end}}">
-				<button class="ui button primary show-form">{{ctx.Locale.Tr "repo.pulls.new"}}</button>
-			</div>
-			<div class="pullrequest-form {{if not .Flash}}tw-hidden{{end}}">
-				{{template "repo/issue/new_form" .}}
-			</div>
-		{{else if and .HeadIsBranch .BaseIsBranch}}
-			<div class="ui segment">{{ctx.Locale.Tr "repo.pulls.nothing_to_compare"}}</div>
-		{{else}}
-			<div class="ui segment">{{ctx.Locale.Tr "repo.pulls.nothing_to_compare_have_tag"}}</div>
-		{{end}}
-	{{else if and .PageIsComparePull (gt .CommitCount 0)}}
-		{{if .HasPullRequest}}
-			<div class="ui segment flex-text-block tw-gap-4">
-				{{template "shared/issueicon" .}}
-				<div class="issue-title tw-break-anywhere">
-					{{ctx.RenderUtils.RenderIssueTitle .PullRequest.Issue.Title ($.Repository.ComposeMetas ctx)}}
-					<span class="index">#{{.PullRequest.Issue.Index}}</span>
+		{{$showDiffBox := and .CommitCount (not .IsNothingToCompare)}}
+		{{if and .IsSigned .PageIsComparePull}}
+			{{$allowCreatePR := or $.AllowEmptyPr (not .IsNothingToCompare)}}
+			{{if .IsNothingToCompare}}
+				<div class="ui segment">
+					{{if $allowCreatePR}}
+						{{ctx.Locale.Tr "repo.pulls.nothing_to_compare_and_allow_empty_pr"}}
+					{{else if and .HeadIsBranch .BaseIsBranch}}
+						{{ctx.Locale.Tr "repo.pulls.nothing_to_compare"}}
+					{{else}}
+						{{ctx.Locale.Tr "repo.pulls.nothing_to_compare_have_tag"}}
+					{{end}}
 				</div>
-				<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui compact button primary">
-					{{ctx.Locale.Tr "repo.pulls.view"}}
-				</a>
-			</div>
-		{{else}}
-			{{if and $.IsSigned (not .Repository.IsArchived)}}
-				<div class="ui info message show-form-container {{if .Flash}}tw-hidden{{end}}">
-					<button class="ui button primary show-form">{{ctx.Locale.Tr "repo.pulls.new"}}</button>
+			{{end}}
+			{{if .HasPullRequest}}
+				<div class="ui segment flex-text-block tw-gap-4">
+					{{template "shared/issueicon" .}}
+					<div class="issue-title tw-break-anywhere">
+						{{ctx.RenderUtils.RenderIssueTitle .PullRequest.Issue.Title ($.Repository.ComposeMetas ctx)}}
+						<span class="index">#{{.PullRequest.Issue.Index}}</span>
+					</div>
+					<a href="{{$.RepoLink}}/pulls/{{.PullRequest.Issue.Index}}" class="ui compact button primary">
+						{{ctx.Locale.Tr "repo.pulls.view"}}
+					</a>
 				</div>
 			{{else if .Repository.IsArchived}}
-				<div class="ui warning message tw-text-center">
+				<div class="ui warning message">
 					{{if .Repository.ArchivedUnix.IsZero}}
 						{{ctx.Locale.Tr "repo.archive.title"}}
 					{{else}}
 						{{ctx.Locale.Tr "repo.archive.title_date" (DateUtils.AbsoluteLong .Repository.ArchivedUnix)}}
 					{{end}}
 				</div>
-			{{end}}
-			{{if $.IsSigned}}
+			{{else if $allowCreatePR}}
+				<div class="ui info message pullrequest-form-toggle {{if .Flash}}tw-hidden{{end}}">
+					<button class="ui button primary show-panel toggle" data-panel=".pullrequest-form-toggle, .pullrequest-form">{{ctx.Locale.Tr "repo.pulls.new"}}</button>
+				</div>
 				<div class="pullrequest-form {{if not .Flash}}tw-hidden{{end}}">
 					{{template "repo/issue/new_form" .}}
 				</div>
 			{{end}}
-			{{$showDiffBox = true}}
+		{{else}}{{/* not singed-in or not for pull-request */}}
+			{{if not .CommitCount}}
+				<div class="ui segment">{{ctx.Locale.Tr "repo.commits.nothing_to_compare"}}</div>
+			{{end}}
 		{{end}}
-	{{else if not .IsNothingToCompare}}
-		{{$showDiffBox = true}}
-	{{end}}
 	</div>
 
 	{{if $showDiffBox}}
-	<div class="ui container fluid padded">
-		{{template "repo/commits_table" .}}
-		{{template "repo/diff/box" .}}
-	</div>
+		<div class="ui container fluid padded tw-my-4">
+			{{template "repo/commits_table" .}}
+			{{template "repo/diff/box" .}}
+		</div>
 	{{end}}
 </div>
 {{template "base/footer" .}}
diff --git a/tests/integration/compare_test.go b/tests/integration/compare_test.go
index d960416b3a970..cbf927813e102 100644
--- a/tests/integration/compare_test.go
+++ b/tests/integration/compare_test.go
@@ -27,7 +27,7 @@ func TestCompareTag(t *testing.T) {
 	req := NewRequest(t, "GET", "/user2/repo1/compare/v1.1...master")
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
-	selection := htmlDoc.doc.Find(".choose.branch .filter.dropdown")
+	selection := htmlDoc.doc.Find(".ui.dropdown.select-branch")
 	// A dropdown for both base and head.
 	assert.Lenf(t, selection.Nodes, 2, "The template has changed")
 
@@ -44,7 +44,7 @@ func TestCompareDefault(t *testing.T) {
 	req := NewRequest(t, "GET", "/user2/repo1/compare/v1.1")
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	htmlDoc := NewHTMLParser(t, resp.Body)
-	selection := htmlDoc.doc.Find(".choose.branch .filter.dropdown")
+	selection := htmlDoc.doc.Find(".ui.dropdown.select-branch")
 	assert.Lenf(t, selection.Nodes, 2, "The template has changed")
 }
 
diff --git a/web_src/css/repo.css b/web_src/css/repo.css
index 65eb3b6cf4a6c..22bbe3cc23d44 100644
--- a/web_src/css/repo.css
+++ b/web_src/css/repo.css
@@ -825,10 +825,6 @@ td .commit-summary {
   height: 10px;
 }
 
-.repository.compare.pull .show-form-container {
-  text-align: left;
-}
-
 .repository .choose.branch {
   display: flex;
   align-items: center;
@@ -866,11 +862,6 @@ td .commit-summary {
   margin-top: -8px;
 }
 
-.repository.compare.pull .pullrequest-form {
-  margin-top: 16px;
-  margin-bottom: 16px;
-}
-
 .repository.compare.pull .markup {
   font-size: 14px;
 }
diff --git a/web_src/js/features/repo-issue-sidebar.ts b/web_src/js/features/repo-issue-sidebar.ts
index ef2b7d143cdd6..e0f68aa05943a 100644
--- a/web_src/js/features/repo-issue-sidebar.ts
+++ b/web_src/js/features/repo-issue-sidebar.ts
@@ -5,7 +5,7 @@ import {initIssueSidebarComboList} from './repo-issue-sidebar-combolist.ts';
 
 function initBranchSelector() {
   // TODO: RemoveIssueRef: see "repo/issue/branch_selector_field.tmpl"
-  const elSelectBranch = document.querySelector('.ui.dropdown.select-branch');
+  const elSelectBranch = document.querySelector('.ui.dropdown.select-branch.branch-selector-dropdown');
   if (!elSelectBranch) return;
 
   const urlUpdateIssueRef = elSelectBranch.getAttribute('data-url-update-issueref');
diff --git a/web_src/js/features/repo-legacy.ts b/web_src/js/features/repo-legacy.ts
index 04267d1dda9d6..33f02be865eff 100644
--- a/web_src/js/features/repo-legacy.ts
+++ b/web_src/js/features/repo-legacy.ts
@@ -1,4 +1,3 @@
-import $ from 'jquery';
 import {
   initRepoCommentFormAndSidebar,
   initRepoIssueBranchSelect, initRepoIssueCodeCommentCancel, initRepoIssueCommentDelete,
@@ -15,7 +14,7 @@ import {initCompReactionSelector} from './comp/ReactionSelector.ts';
 import {initRepoSettings} from './repo-settings.ts';
 import {initRepoPullRequestMergeForm} from './repo-issue-pr-form.ts';
 import {initRepoPullRequestCommitStatus} from './repo-issue-pr-status.ts';
-import {hideElem, queryElemChildren, showElem} from '../utils/dom.ts';
+import {hideElem, queryElemChildren, queryElems, showElem} from '../utils/dom.ts';
 import {initRepoIssueCommentEdit} from './repo-issue-edit.ts';
 import {initRepoMilestone} from './repo-milestone.ts';
 import {initRepoNew} from './repo-new.ts';
@@ -29,47 +28,20 @@ function initRepoBranchTagSelector(selector: string) {
 }
 
 export function initBranchSelectorTabs() {
-  const elSelectBranch = document.querySelector('.ui.dropdown.select-branch');
-  if (!elSelectBranch) return;
-
-  $(elSelectBranch).find('.reference.column').on('click', function () {
-    hideElem($(elSelectBranch).find('.scrolling.reference-list-menu'));
-    showElem(this.getAttribute('data-target'));
-    queryElemChildren(this.parentNode, '.branch-tag-item', (el) => el.classList.remove('active'));
-    this.classList.add('active');
-    return false;
-  });
-}
-
-function initRepoCommonBranchOrTagDropdown(selector: string) {
-  $(selector).each(function () {
-    const $dropdown = $(this);
-    $dropdown.find('.reference.column').on('click', function () {
-      hideElem($dropdown.find('.scrolling.reference-list-menu'));
-      showElem($($(this).data('target')));
-      return false;
-    });
-  });
-}
-
-function initRepoCommonFilterSearchDropdown(selector: string) {
-  const $dropdown = $(selector);
-  if (!$dropdown.length) return;
-
-  $dropdown.dropdown({
-    fullTextSearch: 'exact',
-    selectOnKeydown: false,
-    onChange(_text, _value, $choice) {
-      if ($choice[0].getAttribute('data-url')) {
-        window.location.href = $choice[0].getAttribute('data-url');
-      }
-    },
-    message: {noResults: $dropdown[0].getAttribute('data-no-results')},
-  });
+  const elSelectBranches = document.querySelectorAll('.ui.dropdown.select-branch');
+  for (const elSelectBranch of elSelectBranches) {
+    queryElems(elSelectBranch, '.reference.column', (el) => el.addEventListener('click', () => {
+      hideElem(elSelectBranch.querySelectorAll('.scrolling.reference-list-menu'));
+      showElem(el.getAttribute('data-target'));
+      queryElemChildren(el.parentNode, '.branch-tag-item', (el) => el.classList.remove('active'));
+      el.classList.add('active');
+    }));
+  }
 }
 
 export function initRepository() {
-  if (!$('.page-content.repository').length) return;
+  const pageContent = document.querySelector('.page-content.repository');
+  if (!pageContent) return;
 
   initRepoBranchTagSelector('.js-branch-tag-selector');
   initRepoCommentFormAndSidebar();
@@ -79,19 +51,12 @@ export function initRepository() {
   initRepoMilestone();
   initRepoNew();
 
-  // Compare or pull request
-  const $repoDiff = $('.repository.diff');
-  if ($repoDiff.length) {
-    initRepoCommonBranchOrTagDropdown('.choose.branch .dropdown');
-    initRepoCommonFilterSearchDropdown('.choose.branch .dropdown');
-  }
-
   initRepoCloneButtons();
   initCitationFileCopyContent();
   initRepoSettings();
 
   // Issues
-  if ($('.repository.view.issue').length > 0) {
+  if (pageContent.matches('.page-content.repository.view.issue')) {
     initRepoIssueCommentEdit();
 
     initRepoIssueBranchSelect();
@@ -112,18 +77,5 @@ export function initRepository() {
     initRepoPullRequestCommitStatus();
   }
 
-  // Pull request
-  const $repoComparePull = $('.repository.compare.pull');
-  if ($repoComparePull.length > 0) {
-    // show pull request form
-    $repoComparePull.find('button.show-form').on('click', function (e) {
-      e.preventDefault();
-      hideElem($(this).parent());
-
-      const $form = $repoComparePull.find('.pullrequest-form');
-      showElem($form);
-    });
-  }
-
   initUnicodeEscapeButton();
 }

From c1167709ed1cba035d8c0809a6da6d5d1c8638e5 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Thu, 2 Jan 2025 01:21:13 +0800
Subject: [PATCH 13/55] Refactor repo-new.ts (#33070)

1. merge `repo-template.ts` into `repo-new.ts` (they are all for "/repo/create")
2. remove jquery
3. fix an anonying fomantic dropdown bug, see the comment of `onResponseKeepSelectedItem`
---
 web_src/js/features/repo-new.ts         | 49 +++++++++++++++++++++++-
 web_src/js/features/repo-template.ts    | 51 -------------------------
 web_src/js/globals.d.ts                 |  3 +-
 web_src/js/index.ts                     |  2 -
 web_src/js/modules/fomantic.ts          |  3 +-
 web_src/js/modules/fomantic/dropdown.ts | 18 +++++++++
 6 files changed, 69 insertions(+), 57 deletions(-)
 delete mode 100644 web_src/js/features/repo-template.ts

diff --git a/web_src/js/features/repo-new.ts b/web_src/js/features/repo-new.ts
index 101545735f6a2..8a77a77b4ac26 100644
--- a/web_src/js/features/repo-new.ts
+++ b/web_src/js/features/repo-new.ts
@@ -1,10 +1,53 @@
-import {hideElem, showElem} from '../utils/dom.ts';
+import {hideElem, showElem, toggleElem} from '../utils/dom.ts';
+import {htmlEscape} from 'escape-goat';
+import {fomanticQuery} from '../modules/fomantic/base.ts';
+
+const {appSubUrl} = window.config;
+
+function initRepoNewTemplateSearch(form: HTMLFormElement) {
+  const inputRepoOwnerUid = form.querySelector<HTMLInputElement>('#uid');
+  const elRepoTemplateDropdown = form.querySelector<HTMLInputElement>('#repo_template_search');
+  const inputRepoTemplate = form.querySelector<HTMLInputElement>('#repo_template');
+  const elTemplateUnits = form.querySelector('#template_units');
+  const elNonTemplate = form.querySelector('#non_template');
+  const checkTemplate = function () {
+    const hasSelectedTemplate = inputRepoTemplate.value !== '' && inputRepoTemplate.value !== '0';
+    toggleElem(elTemplateUnits, hasSelectedTemplate);
+    toggleElem(elNonTemplate, !hasSelectedTemplate);
+  };
+  inputRepoTemplate.addEventListener('change', checkTemplate);
+  checkTemplate();
+
+  const $dropdown = fomanticQuery(elRepoTemplateDropdown);
+  const onChangeOwner = function () {
+    $dropdown.dropdown('setting', {
+      apiSettings: {
+        url: `${appSubUrl}/repo/search?q={query}&template=true&priority_owner_id=${inputRepoOwnerUid.value}`,
+        onResponse(response) {
+          const results = [];
+          results.push({name: '', value: ''}); // empty item means not using template
+          for (const tmplRepo of response.data) {
+            results.push({
+              name: htmlEscape(tmplRepo.repository.full_name),
+              value: String(tmplRepo.repository.id),
+            });
+          }
+          $dropdown.fomanticExt.onResponseKeepSelectedItem($dropdown, inputRepoTemplate.value);
+          return {results};
+        },
+        cache: false,
+      },
+    });
+  };
+  inputRepoOwnerUid.addEventListener('change', onChangeOwner);
+  onChangeOwner();
+}
 
 export function initRepoNew() {
   const pageContent = document.querySelector('.page-content.repository.new-repo');
   if (!pageContent) return;
 
-  const form = document.querySelector('.new-repo-form');
+  const form = document.querySelector<HTMLFormElement>('.new-repo-form');
   const inputGitIgnores = form.querySelector<HTMLInputElement>('input[name="gitignores"]');
   const inputLicense = form.querySelector<HTMLInputElement>('input[name="license"]');
   const inputAutoInit = form.querySelector<HTMLInputElement>('input[name="auto_init"]');
@@ -32,4 +75,6 @@ export function initRepoNew() {
   };
   inputRepoName.addEventListener('input', updateUiRepoName);
   updateUiRepoName();
+
+  initRepoNewTemplateSearch(form);
 }
diff --git a/web_src/js/features/repo-template.ts b/web_src/js/features/repo-template.ts
deleted file mode 100644
index fbd7b656ed941..0000000000000
--- a/web_src/js/features/repo-template.ts
+++ /dev/null
@@ -1,51 +0,0 @@
-import $ from 'jquery';
-import {htmlEscape} from 'escape-goat';
-import {hideElem, showElem} from '../utils/dom.ts';
-
-const {appSubUrl} = window.config;
-
-export function initRepoTemplateSearch() {
-  const $repoTemplate = $('#repo_template');
-  const checkTemplate = function () {
-    const $templateUnits = $('#template_units');
-    const $nonTemplate = $('#non_template');
-    if ($repoTemplate.val() !== '' && $repoTemplate.val() !== '0') {
-      showElem($templateUnits);
-      hideElem($nonTemplate);
-    } else {
-      hideElem($templateUnits);
-      showElem($nonTemplate);
-    }
-  };
-  $repoTemplate.on('change', checkTemplate);
-  checkTemplate();
-
-  const changeOwner = function () {
-    $('#repo_template_search')
-      .dropdown({
-        apiSettings: {
-          url: `${appSubUrl}/repo/search?q={query}&template=true&priority_owner_id=${$('#uid').val()}`,
-          onResponse(response) {
-            const filteredResponse = {success: true, results: []};
-            filteredResponse.results.push({
-              name: '',
-              value: '',
-            });
-            // Parse the response from the api to work with our dropdown
-            $.each(response.data, (_r, repo) => {
-              filteredResponse.results.push({
-                name: htmlEscape(repo.repository.full_name),
-                value: repo.repository.id,
-              });
-            });
-            return filteredResponse;
-          },
-          cache: false,
-        },
-
-        fullTextSearch: true,
-      });
-  };
-  $('#uid').on('change', changeOwner);
-  changeOwner();
-}
diff --git a/web_src/js/globals.d.ts b/web_src/js/globals.d.ts
index c08ff9976b1a5..0c540ac296fc7 100644
--- a/web_src/js/globals.d.ts
+++ b/web_src/js/globals.d.ts
@@ -36,8 +36,9 @@ declare module 'swagger-ui-dist/swagger-ui-es-bundle.js' {
 }
 
 interface JQuery {
-  api: any, // fomantic
   areYouSure: any, // jquery.are-you-sure
+  fomanticExt: any; // fomantic extension
+  api: any, // fomantic
   dimmer: any, // fomantic
   dropdown: any; // fomantic
   modal: any; // fomantic
diff --git a/web_src/js/index.ts b/web_src/js/index.ts
index 51d8c96fbdfbf..4d400d3b8f67a 100644
--- a/web_src/js/index.ts
+++ b/web_src/js/index.ts
@@ -34,7 +34,6 @@ import {
 import {initRepoEllipsisButton, initCommitStatuses} from './features/repo-commit.ts';
 import {initRepoTopicBar} from './features/repo-home.ts';
 import {initAdminCommon} from './features/admin/common.ts';
-import {initRepoTemplateSearch} from './features/repo-template.ts';
 import {initRepoCodeView} from './features/repo-code.ts';
 import {initSshKeyFormParser} from './features/sshkey-helper.ts';
 import {initUserSettings} from './features/user-settings.ts';
@@ -193,7 +192,6 @@ onDomReady(() => {
     initRepoPullRequestReview,
     initRepoRelease,
     initRepoReleaseNew,
-    initRepoTemplateSearch,
     initRepoTopicBar,
     initRepoWikiForm,
     initRepository,
diff --git a/web_src/js/modules/fomantic.ts b/web_src/js/modules/fomantic.ts
index af47c8fb510ca..18a3c18c9c1ae 100644
--- a/web_src/js/modules/fomantic.ts
+++ b/web_src/js/modules/fomantic.ts
@@ -11,9 +11,10 @@ import {svg} from '../svg.ts';
 export const fomanticMobileScreen = window.matchMedia('only screen and (max-width: 767.98px)');
 
 export function initGiteaFomantic() {
+  // our extensions
+  $.fn.fomanticExt = {};
   // Silence fomantic's error logging when tabs are used without a target content element
   $.fn.tab.settings.silent = true;
-
   // By default, use "exact match" for full text search
   $.fn.dropdown.settings.fullTextSearch = 'exact';
   // Do not use "cursor: pointer" for dropdown labels
diff --git a/web_src/js/modules/fomantic/dropdown.ts b/web_src/js/modules/fomantic/dropdown.ts
index 6d0f12cb43887..9bdc9bfc33ea1 100644
--- a/web_src/js/modules/fomantic/dropdown.ts
+++ b/web_src/js/modules/fomantic/dropdown.ts
@@ -1,6 +1,7 @@
 import $ from 'jquery';
 import {generateAriaId} from './base.ts';
 import type {FomanticInitFunction} from '../../types.ts';
+import {queryElems} from '../../utils/dom.ts';
 
 const ariaPatchKey = '_giteaAriaPatchDropdown';
 const fomanticDropdownFn = $.fn.dropdown;
@@ -9,6 +10,7 @@ const fomanticDropdownFn = $.fn.dropdown;
 export function initAriaDropdownPatch() {
   if ($.fn.dropdown === ariaDropdownFn) throw new Error('initAriaDropdownPatch could only be called once');
   $.fn.dropdown = ariaDropdownFn;
+  $.fn.fomanticExt.onResponseKeepSelectedItem = onResponseKeepSelectedItem;
   (ariaDropdownFn as FomanticInitFunction).settings = fomanticDropdownFn.settings;
 }
 
@@ -351,3 +353,19 @@ export function hideScopedEmptyDividers(container: Element) {
     if (item.nextElementSibling?.matches('.divider')) hideDivider(item);
   }
 }
+
+function onResponseKeepSelectedItem(dropdown: typeof $|HTMLElement, selectedValue: string) {
+  // There is a bug in fomantic dropdown when using "apiSettings" to fetch data
+  // * when there is a selected item, the dropdown insists on hiding the selected one from the list:
+  // * in the "filter" function: ('[data-value="'+value+'"]').addClass(className.filtered)
+  //
+  // When user selects one item, and click the dropdown again,
+  // then the dropdown only shows other items and will select another (wrong) one.
+  // It can't be easily fix by using setTimeout(patch, 0) in `onResponse` because the `onResponse` is called before another `setTimeout(..., timeLeft)`
+  // Fortunately, the "timeLeft" is controlled by "loadingDuration" which is always zero at the moment, so we can use `setTimeout(..., 10)`
+  const elDropdown = (dropdown instanceof HTMLElement) ? dropdown : dropdown[0];
+  setTimeout(() => {
+    queryElems(elDropdown, `.menu .item[data-value="${CSS.escape(selectedValue)}"].filtered`, (el) => el.classList.remove('filtered'));
+    $(elDropdown).dropdown('set selected', selectedValue ?? '');
+  }, 10);
+}

From 233b7959e0518c47ef83c6a80c617546983433eb Mon Sep 17 00:00:00 2001
From: JonRB <4564448+eeyrjmr@users.noreply.github.com>
Date: Wed, 1 Jan 2025 22:37:35 +0000
Subject: [PATCH 14/55] unset XDG_HOME_CONFIG as gitea manages configuration
 locations (#33067)

unset XDG_CONFIG_HOME early to enable gitea to manage git configuration.
simple error checking to satisfy the linting. Closes #33039

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 cmd/main.go                   | 1 +
 models/unittest/testdb.go     | 1 +
 modules/setting/config_env.go | 5 +++++
 3 files changed, 7 insertions(+)

diff --git a/cmd/main.go b/cmd/main.go
index fd648946efa39..7251bd09a3fe3 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -165,6 +165,7 @@ func NewMainApp(appVer AppVersion) *cli.App {
 	app.Commands = append(app.Commands, subCmdWithConfig...)
 	app.Commands = append(app.Commands, subCmdStandalone...)
 
+	setting.InitGiteaEnvVars()
 	return app
 }
 
diff --git a/models/unittest/testdb.go b/models/unittest/testdb.go
index 75044d19e8e44..43d084845ce6b 100644
--- a/models/unittest/testdb.go
+++ b/models/unittest/testdb.go
@@ -59,6 +59,7 @@ func InitSettings() {
 	_ = hash.Register("dummy", hash.NewDummyHasher)
 
 	setting.PasswordHashAlgo, _ = hash.SetDefaultPasswordHashAlgorithm("dummy")
+	setting.InitGiteaEnvVars()
 }
 
 // TestOptions represents test options
diff --git a/modules/setting/config_env.go b/modules/setting/config_env.go
index dfcb7db3c8624..f05e8a4d7bb35 100644
--- a/modules/setting/config_env.go
+++ b/modules/setting/config_env.go
@@ -166,3 +166,8 @@ func EnvironmentToConfig(cfg ConfigProvider, envs []string) (changed bool) {
 	}
 	return changed
 }
+
+// InitGiteaEnvVars initilises the environment for gitea
+func InitGiteaEnvVars() {
+	_ = os.Unsetenv("XDG_CONFIG_HOME") // unset if set as HOME is managed by gitea
+}

From 2852708fdf52a784182786cc2969fe5cb44400f9 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Thu, 2 Jan 2025 00:31:55 +0000
Subject: [PATCH 15/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_pt-PT.ini | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index d7d37180835dc..790384b0ea73f 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -244,6 +244,7 @@ license_desc=Vá buscar <a target="_blank" rel="noopener noreferrer" href="%[1]s
 
 [install]
 install=Instalação
+installing_desc=Instalando agora, por favor aguarde...
 title=Configuração inicial
 docker_helper=Se correr o Gitea dentro do Docker, leia a <a target="_blank" rel="noopener noreferrer" href="%s">documentação</a> antes de alterar quaisquer configurações.
 require_db_desc=Gitea requer MySQL, PostgreSQL, MSSQL, SQLite3 ou TiDB (protocolo MySQL).
@@ -1015,6 +1016,7 @@ new_repo_helper=Um repositório contém todos os ficheiros do trabalho, incluind
 owner=Proprietário(a)
 owner_helper=Algumas organizações podem não aparecer na lista suspensa devido a um limite máximo de contagem de repositórios.
 repo_name=Nome do repositório
+repo_name_profile_public_hint=.profile é um repositório especial que pode usar para adicionar README.md ao seu perfil público da organização, visível para qualquer pessoa. Certifique-se que é público e inicialize-o com um README na pasta do perfil para começar.
 repo_size=Tamanho do repositório
 template=Modelo
 template_select=Escolha um modelo.
@@ -2860,6 +2862,9 @@ teams.invite.title=Foi-lhe feito um convite para se juntar à equipa <strong>%s<
 teams.invite.by=Convidado(a) por %s
 teams.invite.description=Clique no botão abaixo para se juntar à equipa.
 
+view_as_role=Ver como: %s
+view_as_public_hint=Está a ver o README como um utilizador público.
+view_as_member_hint=Está a ver o README como um membro desta organização.
 
 [admin]
 maintenance=Manutenção

From 4f386e2c5e39b860424faf4cbc02c16f641f956e Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Thu, 2 Jan 2025 11:36:50 +0800
Subject: [PATCH 16/55] Refactor env var related code (#33075)

And add more comments
---
 cmd/main_test.go                      | 41 +++++++--------------------
 models/unittest/testdb.go             |  6 ++++
 modules/setting/config_env.go         | 18 ++++++++++--
 tests/e2e/e2e_test.go                 |  7 -----
 tests/integration/integration_test.go | 12 --------
 5 files changed, 32 insertions(+), 52 deletions(-)

diff --git a/cmd/main_test.go b/cmd/main_test.go
index c182b440199d2..3ec584d323641 100644
--- a/cmd/main_test.go
+++ b/cmd/main_test.go
@@ -6,7 +6,6 @@ package cmd
 import (
 	"fmt"
 	"io"
-	"os"
 	"path/filepath"
 	"strings"
 	"testing"
@@ -113,37 +112,17 @@ func TestCliCmd(t *testing.T) {
 		_, _ = fmt.Fprint(ctx.App.Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
 		return nil
 	})
-	var envBackup []string
-	for _, s := range os.Environ() {
-		if strings.HasPrefix(s, "GITEA_") && strings.Contains(s, "=") {
-			envBackup = append(envBackup, s)
-		}
-	}
-	clearGiteaEnv := func() {
-		for _, s := range os.Environ() {
-			if strings.HasPrefix(s, "GITEA_") {
-				_ = os.Unsetenv(s)
-			}
-		}
-	}
-	defer func() {
-		clearGiteaEnv()
-		for _, s := range envBackup {
-			k, v, _ := strings.Cut(s, "=")
-			_ = os.Setenv(k, v)
-		}
-	}()
-
 	for _, c := range cases {
-		clearGiteaEnv()
-		for k, v := range c.env {
-			_ = os.Setenv(k, v)
-		}
-		args := strings.Split(c.cmd, " ") // for test only, "split" is good enough
-		r, err := runTestApp(app, args...)
-		assert.NoError(t, err, c.cmd)
-		assert.NotEmpty(t, c.exp, c.cmd)
-		assert.Contains(t, r.Stdout, c.exp, c.cmd)
+		t.Run(c.cmd, func(t *testing.T) {
+			for k, v := range c.env {
+				t.Setenv(k, v)
+			}
+			args := strings.Split(c.cmd, " ") // for test only, "split" is good enough
+			r, err := runTestApp(app, args...)
+			assert.NoError(t, err, c.cmd)
+			assert.NotEmpty(t, c.exp, c.cmd)
+			assert.Contains(t, r.Stdout, c.exp, c.cmd)
+		})
 	}
 }
 
diff --git a/models/unittest/testdb.go b/models/unittest/testdb.go
index 43d084845ce6b..7bf9829b6f621 100644
--- a/models/unittest/testdb.go
+++ b/models/unittest/testdb.go
@@ -60,6 +60,12 @@ func InitSettings() {
 
 	setting.PasswordHashAlgo, _ = hash.SetDefaultPasswordHashAlgorithm("dummy")
 	setting.InitGiteaEnvVars()
+
+	// Avoid loading the git's system config.
+	// On macOS, system config sets the osxkeychain credential helper, which will cause tests to freeze with a dialog.
+	// But we do not set it in production at the moment, because it might be a "breaking" change,
+	// more details are in "modules/git.commonBaseEnvs".
+	_ = os.Setenv("GIT_CONFIG_NOSYSTEM", "true")
 }
 
 // TestOptions represents test options
diff --git a/modules/setting/config_env.go b/modules/setting/config_env.go
index f05e8a4d7bb35..e72249d82c182 100644
--- a/modules/setting/config_env.go
+++ b/modules/setting/config_env.go
@@ -167,7 +167,21 @@ func EnvironmentToConfig(cfg ConfigProvider, envs []string) (changed bool) {
 	return changed
 }
 
-// InitGiteaEnvVars initilises the environment for gitea
+// InitGiteaEnvVars initializes the environment variables for gitea
 func InitGiteaEnvVars() {
-	_ = os.Unsetenv("XDG_CONFIG_HOME") // unset if set as HOME is managed by gitea
+	// Ideally Gitea should only accept the environment variables which it clearly knows instead of unsetting the ones it doesn't want,
+	// but the ideal behavior would be a breaking change, and it seems not bringing enough benefits to end users,
+	// so at the moment we could still keep "unsetting the unnecessary environments"
+
+	// HOME is managed by Gitea, Gitea's git should use "HOME/.gitconfig".
+	// But git would try "XDG_CONFIG_HOME/git/config" first if "HOME/.gitconfig" does not exist,
+	// then our git.InitFull would still write to "XDG_CONFIG_HOME/git/config" if XDG_CONFIG_HOME is set.
+	_ = os.Unsetenv("XDG_CONFIG_HOME")
+
+	_ = os.Unsetenv("GIT_AUTHOR_NAME")
+	_ = os.Unsetenv("GIT_AUTHOR_EMAIL")
+	_ = os.Unsetenv("GIT_AUTHOR_DATE")
+	_ = os.Unsetenv("GIT_COMMITTER_NAME")
+	_ = os.Unsetenv("GIT_COMMITTER_EMAIL")
+	_ = os.Unsetenv("GIT_COMMITTER_DATE")
 }
diff --git a/tests/e2e/e2e_test.go b/tests/e2e/e2e_test.go
index 78e42777bb2cb..ece136be50ebd 100644
--- a/tests/e2e/e2e_test.go
+++ b/tests/e2e/e2e_test.go
@@ -40,13 +40,6 @@ func TestMain(m *testing.M) {
 	tests.InitTest(false)
 	testE2eWebRoutes = routers.NormalRoutes()
 
-	os.Unsetenv("GIT_AUTHOR_NAME")
-	os.Unsetenv("GIT_AUTHOR_EMAIL")
-	os.Unsetenv("GIT_AUTHOR_DATE")
-	os.Unsetenv("GIT_COMMITTER_NAME")
-	os.Unsetenv("GIT_COMMITTER_EMAIL")
-	os.Unsetenv("GIT_COMMITTER_DATE")
-
 	err := unittest.InitFixtures(
 		unittest.FixturesOptions{
 			Dir: filepath.Join(filepath.Dir(setting.AppPath), "models/fixtures/"),
diff --git a/tests/integration/integration_test.go b/tests/integration/integration_test.go
index 9b3b2f2b92443..46b93b0a1087b 100644
--- a/tests/integration/integration_test.go
+++ b/tests/integration/integration_test.go
@@ -88,18 +88,6 @@ func TestMain(m *testing.M) {
 	tests.InitTest(true)
 	testWebRoutes = routers.NormalRoutes()
 
-	os.Unsetenv("GIT_AUTHOR_NAME")
-	os.Unsetenv("GIT_AUTHOR_EMAIL")
-	os.Unsetenv("GIT_AUTHOR_DATE")
-	os.Unsetenv("GIT_COMMITTER_NAME")
-	os.Unsetenv("GIT_COMMITTER_EMAIL")
-	os.Unsetenv("GIT_COMMITTER_DATE")
-
-	// Avoid loading the default system config. On MacOS, this config
-	// sets the osxkeychain credential helper, which will cause tests
-	// to freeze with a dialog.
-	os.Setenv("GIT_CONFIG_NOSYSTEM", "true")
-
 	err := unittest.InitFixtures(
 		unittest.FixturesOptions{
 			Dir: filepath.Join(filepath.Dir(setting.AppPath), "models/fixtures/"),

From 9882917bce9d582c9c1ed202d554e4a6d61ed5e4 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Thu, 2 Jan 2025 12:38:27 +0800
Subject: [PATCH 17/55] Try to fix ACME directory problem (#33072)

---
 cmd/web_acme.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmd/web_acme.go b/cmd/web_acme.go
index 90e4a02764b67..2fe14c1f54c04 100644
--- a/cmd/web_acme.go
+++ b/cmd/web_acme.go
@@ -54,7 +54,7 @@ func runACME(listenAddr string, m http.Handler) error {
 		altTLSALPNPort = p
 	}
 
-	magic := certmagic.NewDefault()
+	magic := &certmagic.Default
 	magic.Storage = &certmagic.FileStorage{Path: setting.AcmeLiveDirectory}
 	// Try to use private CA root if provided, otherwise defaults to system's trust
 	var certPool *x509.CertPool

From 45973a100ba2a70c9035076eb88be37177918138 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 3 Jan 2025 00:32:02 +0800
Subject: [PATCH 18/55] Fix bleve fuzziness search (#33078)

Close #31565
---
 custom/conf/app.example.ini                 |  4 +++
 modules/indexer/code/indexer.go             |  3 +-
 modules/indexer/code/indexer_test.go        |  4 ++-
 modules/indexer/internal/bleve/util.go      |  9 ++---
 modules/indexer/internal/bleve/util_test.go |  7 +++-
 modules/setting/indexer.go                  |  3 ++
 routers/common/codesearch.go                | 39 +++++++++++++++++++++
 routers/web/explore/code.go                 | 19 ++++------
 routers/web/repo/search.go                  | 24 +++++--------
 routers/web/user/code.go                    | 20 ++++-------
 templates/shared/search/code/search.tmpl    |  3 +-
 11 files changed, 83 insertions(+), 52 deletions(-)
 create mode 100644 routers/common/codesearch.go

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index d819b55d282f5..eacc732c223de 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -1485,6 +1485,10 @@ LEVEL = Info
 ;REPO_INDEXER_EXCLUDE =
 ;;
 ;MAX_FILE_SIZE = 1048576
+;;
+;; Bleve engine has performance problems with fuzzy search, so we limit the fuzziness to 0 by default to disable it.
+;; If you'd like to enable it, you can set it to a value between 0 and 2.
+;TYPE_BLEVE_MAX_FUZZINESS = 0
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
diff --git a/modules/indexer/code/indexer.go b/modules/indexer/code/indexer.go
index c1ab26569c6f4..728b37fab6ecd 100644
--- a/modules/indexer/code/indexer.go
+++ b/modules/indexer/code/indexer.go
@@ -123,13 +123,12 @@ func Init() {
 			for _, indexerData := range items {
 				log.Trace("IndexerData Process Repo: %d", indexerData.RepoID)
 				if err := index(ctx, indexer, indexerData.RepoID); err != nil {
-					unhandled = append(unhandled, indexerData)
 					if !setting.IsInTesting {
 						log.Error("Codes indexer handler: index error for repo %v: %v", indexerData.RepoID, err)
 					}
 				}
 			}
-			return unhandled
+			return nil // do not re-queue the failed items, otherwise some broken repo will block the queue
 		}
 
 		indexerQueue = queue.CreateUniqueQueue(ctx, "code_indexer", handler)
diff --git a/modules/indexer/code/indexer_test.go b/modules/indexer/code/indexer_test.go
index d04088531ac28..f358bbe785110 100644
--- a/modules/indexer/code/indexer_test.go
+++ b/modules/indexer/code/indexer_test.go
@@ -15,6 +15,8 @@ import (
 	"code.gitea.io/gitea/modules/indexer/code/bleve"
 	"code.gitea.io/gitea/modules/indexer/code/elasticsearch"
 	"code.gitea.io/gitea/modules/indexer/code/internal"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	_ "code.gitea.io/gitea/models"
 	_ "code.gitea.io/gitea/models/actions"
@@ -279,7 +281,7 @@ func testIndexer(name string, t *testing.T, indexer internal.Indexer) {
 
 func TestBleveIndexAndSearch(t *testing.T) {
 	unittest.PrepareTestEnv(t)
-
+	defer test.MockVariableValue(&setting.Indexer.TypeBleveMaxFuzzniess, 2)()
 	dir := t.TempDir()
 
 	idx := bleve.NewIndexer(dir)
diff --git a/modules/indexer/internal/bleve/util.go b/modules/indexer/internal/bleve/util.go
index a0c3dc4ad459e..b6daa9e14b46a 100644
--- a/modules/indexer/internal/bleve/util.go
+++ b/modules/indexer/internal/bleve/util.go
@@ -9,6 +9,7 @@ import (
 	"unicode"
 
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/blevesearch/bleve/v2"
@@ -54,9 +55,9 @@ func openIndexer(path string, latestVersion int) (bleve.Index, int, error) {
 	return index, 0, nil
 }
 
-// This method test the GuessFuzzinessByKeyword method. The fuzziness is based on the levenshtein distance and determines how many chars
-// may be different on two string and they still be considered equivalent.
-// Given a phrasse, its shortest word determines its fuzziness. If a phrase uses CJK (eg: `갃갃갃` `啊啊啊`), the fuzziness is zero.
+// GuessFuzzinessByKeyword guesses fuzziness based on the levenshtein distance and determines how many chars
+// may be different on two string, and they still be considered equivalent.
+// Given a phrase, its shortest word determines its fuzziness. If a phrase uses CJK (eg: `갃갃갃` `啊啊啊`), the fuzziness is zero.
 func GuessFuzzinessByKeyword(s string) int {
 	tokenizer := unicode_tokenizer.NewUnicodeTokenizer()
 	tokens := tokenizer.Tokenize([]byte(s))
@@ -85,5 +86,5 @@ func guessFuzzinessByKeyword(s string) int {
 			return 0
 		}
 	}
-	return min(maxFuzziness, len(s)/4)
+	return min(min(setting.Indexer.TypeBleveMaxFuzzniess, maxFuzziness), len(s)/4)
 }
diff --git a/modules/indexer/internal/bleve/util_test.go b/modules/indexer/internal/bleve/util_test.go
index 8f7844464e739..1a7e4db0f4234 100644
--- a/modules/indexer/internal/bleve/util_test.go
+++ b/modules/indexer/internal/bleve/util_test.go
@@ -7,10 +7,15 @@ import (
 	"fmt"
 	"testing"
 
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
 	"github.com/stretchr/testify/assert"
 )
 
 func TestBleveGuessFuzzinessByKeyword(t *testing.T) {
+	defer test.MockVariableValue(&setting.Indexer.TypeBleveMaxFuzzniess, 2)()
+
 	scenarios := []struct {
 		Input     string
 		Fuzziness int // See util.go for the definition of fuzziness in this particular context
@@ -46,7 +51,7 @@ func TestBleveGuessFuzzinessByKeyword(t *testing.T) {
 	}
 
 	for _, scenario := range scenarios {
-		t.Run(fmt.Sprintf("ensure fuzziness of '%s' is '%d'", scenario.Input, scenario.Fuzziness), func(t *testing.T) {
+		t.Run(fmt.Sprintf("Fuziniess:%s=%d", scenario.Input, scenario.Fuzziness), func(t *testing.T) {
 			assert.Equal(t, scenario.Fuzziness, GuessFuzzinessByKeyword(scenario.Input))
 		})
 	}
diff --git a/modules/setting/indexer.go b/modules/setting/indexer.go
index 34b4eac15b971..e34baae012b32 100644
--- a/modules/setting/indexer.go
+++ b/modules/setting/indexer.go
@@ -31,6 +31,8 @@ var Indexer = struct {
 	IncludePatterns      []*GlobMatcher
 	ExcludePatterns      []*GlobMatcher
 	ExcludeVendored      bool
+
+	TypeBleveMaxFuzzniess int
 }{
 	IssueType:        "bleve",
 	IssuePath:        "indexers/issues.bleve",
@@ -88,6 +90,7 @@ func loadIndexerFrom(rootCfg ConfigProvider) {
 	Indexer.ExcludeVendored = sec.Key("REPO_INDEXER_EXCLUDE_VENDORED").MustBool(true)
 	Indexer.MaxIndexerFileSize = sec.Key("MAX_FILE_SIZE").MustInt64(1024 * 1024)
 	Indexer.StartupTimeout = sec.Key("STARTUP_TIMEOUT").MustDuration(30 * time.Second)
+	Indexer.TypeBleveMaxFuzzniess = sec.Key("TYPE_BLEVE_MAX_FUZZINESS").MustInt(0)
 }
 
 // IndexerGlobFromString parses a comma separated list of patterns and returns a glob.Glob slice suited for repo indexing
diff --git a/routers/common/codesearch.go b/routers/common/codesearch.go
new file mode 100644
index 0000000000000..a14af126e55bc
--- /dev/null
+++ b/routers/common/codesearch.go
@@ -0,0 +1,39 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package common
+
+import (
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/services/context"
+)
+
+func PrepareCodeSearch(ctx *context.Context) (ret struct {
+	Keyword  string
+	Language string
+	IsFuzzy  bool
+},
+) {
+	ret.Language = ctx.FormTrim("l")
+	ret.Keyword = ctx.FormTrim("q")
+
+	fuzzyDefault := setting.Indexer.RepoIndexerEnabled
+	fuzzyAllow := true
+	if setting.Indexer.RepoType == "bleve" && setting.Indexer.TypeBleveMaxFuzzniess == 0 {
+		fuzzyDefault = false
+		fuzzyAllow = false
+	}
+	isFuzzy := ctx.FormOptionalBool("fuzzy").ValueOrDefault(fuzzyDefault)
+	if isFuzzy && !fuzzyAllow {
+		ctx.Flash.Info("Fuzzy search is disabled by default due to performance reasons")
+		isFuzzy = false
+	}
+
+	ctx.Data["IsBleveFuzzyDisabled"] = true
+	ctx.Data["Keyword"] = ret.Keyword
+	ctx.Data["Language"] = ret.Language
+	ctx.Data["IsFuzzy"] = isFuzzy
+
+	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
+	return ret
+}
diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go
index 3658144610900..ae5ff3db761bd 100644
--- a/routers/web/explore/code.go
+++ b/routers/web/explore/code.go
@@ -11,6 +11,7 @@ import (
 	code_indexer "code.gitea.io/gitea/modules/indexer/code"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/routers/common"
 	"code.gitea.io/gitea/services/context"
 )
 
@@ -32,18 +33,10 @@ func Code(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("explore")
 	ctx.Data["PageIsExplore"] = true
 	ctx.Data["PageIsExploreCode"] = true
-
-	language := ctx.FormTrim("l")
-	keyword := ctx.FormTrim("q")
-
-	isFuzzy := ctx.FormOptionalBool("fuzzy").ValueOrDefault(true)
-
-	ctx.Data["Keyword"] = keyword
-	ctx.Data["Language"] = language
-	ctx.Data["IsFuzzy"] = isFuzzy
 	ctx.Data["PageIsViewCode"] = true
 
-	if keyword == "" {
+	prepareSearch := common.PrepareCodeSearch(ctx)
+	if prepareSearch.Keyword == "" {
 		ctx.HTML(http.StatusOK, tplExploreCode)
 		return
 	}
@@ -80,9 +73,9 @@ func Code(ctx *context.Context) {
 	if (len(repoIDs) > 0) || isAdmin {
 		total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, &code_indexer.SearchOptions{
 			RepoIDs:        repoIDs,
-			Keyword:        keyword,
-			IsKeywordFuzzy: isFuzzy,
-			Language:       language,
+			Keyword:        prepareSearch.Keyword,
+			IsKeywordFuzzy: prepareSearch.IsFuzzy,
+			Language:       prepareSearch.Language,
 			Paginator: &db.ListOptions{
 				Page:     page,
 				PageSize: setting.UI.RepoSearchPagingNum,
diff --git a/routers/web/repo/search.go b/routers/web/repo/search.go
index cbc7e2e0fe88d..c60301475f357 100644
--- a/routers/web/repo/search.go
+++ b/routers/web/repo/search.go
@@ -12,6 +12,7 @@ import (
 	code_indexer "code.gitea.io/gitea/modules/indexer/code"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/routers/common"
 	"code.gitea.io/gitea/services/context"
 )
 
@@ -29,18 +30,9 @@ func indexSettingToGitGrepPathspecList() (list []string) {
 
 // Search render repository search page
 func Search(ctx *context.Context) {
-	language := ctx.FormTrim("l")
-	keyword := ctx.FormTrim("q")
-
-	isFuzzy := ctx.FormOptionalBool("fuzzy").ValueOrDefault(true)
-
-	ctx.Data["Keyword"] = keyword
-	ctx.Data["Language"] = language
-	ctx.Data["IsFuzzy"] = isFuzzy
 	ctx.Data["PageIsViewCode"] = true
-	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
-
-	if keyword == "" {
+	prepareSearch := common.PrepareCodeSearch(ctx)
+	if prepareSearch.Keyword == "" {
 		ctx.HTML(http.StatusOK, tplSearch)
 		return
 	}
@@ -57,9 +49,9 @@ func Search(ctx *context.Context) {
 		var err error
 		total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, &code_indexer.SearchOptions{
 			RepoIDs:        []int64{ctx.Repo.Repository.ID},
-			Keyword:        keyword,
-			IsKeywordFuzzy: isFuzzy,
-			Language:       language,
+			Keyword:        prepareSearch.Keyword,
+			IsKeywordFuzzy: prepareSearch.IsFuzzy,
+			Language:       prepareSearch.Language,
 			Paginator: &db.ListOptions{
 				Page:     page,
 				PageSize: setting.UI.RepoSearchPagingNum,
@@ -75,9 +67,9 @@ func Search(ctx *context.Context) {
 			ctx.Data["CodeIndexerUnavailable"] = !code_indexer.IsAvailable(ctx)
 		}
 	} else {
-		res, err := git.GrepSearch(ctx, ctx.Repo.GitRepo, keyword, git.GrepOptions{
+		res, err := git.GrepSearch(ctx, ctx.Repo.GitRepo, prepareSearch.Keyword, git.GrepOptions{
 			ContextLineNumber: 1,
-			IsFuzzy:           isFuzzy,
+			IsFuzzy:           prepareSearch.IsFuzzy,
 			RefName:           git.RefNameFromBranch(ctx.Repo.BranchName).String(), // BranchName should be default branch or the first existing branch
 			PathspecList:      indexSettingToGitGrepPathspecList(),
 		})
diff --git a/routers/web/user/code.go b/routers/web/user/code.go
index 9d515596f11f7..665ce1a6a6fc1 100644
--- a/routers/web/user/code.go
+++ b/routers/web/user/code.go
@@ -11,6 +11,7 @@ import (
 	code_indexer "code.gitea.io/gitea/modules/indexer/code"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/routers/common"
 	shared_user "code.gitea.io/gitea/routers/web/shared/user"
 	"code.gitea.io/gitea/services/context"
 )
@@ -34,20 +35,11 @@ func CodeSearch(ctx *context.Context) {
 	}
 
 	ctx.Data["IsPackageEnabled"] = setting.Packages.Enabled
-	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
 	ctx.Data["Title"] = ctx.Tr("explore.code")
-
-	language := ctx.FormTrim("l")
-	keyword := ctx.FormTrim("q")
-
-	isFuzzy := ctx.FormOptionalBool("fuzzy").ValueOrDefault(true)
-
-	ctx.Data["Keyword"] = keyword
-	ctx.Data["Language"] = language
-	ctx.Data["IsFuzzy"] = isFuzzy
 	ctx.Data["IsCodePage"] = true
 
-	if keyword == "" {
+	prepareSearch := common.PrepareCodeSearch(ctx)
+	if prepareSearch.Keyword == "" {
 		ctx.HTML(http.StatusOK, tplUserCode)
 		return
 	}
@@ -77,9 +69,9 @@ func CodeSearch(ctx *context.Context) {
 	if len(repoIDs) > 0 {
 		total, searchResults, searchResultLanguages, err = code_indexer.PerformSearch(ctx, &code_indexer.SearchOptions{
 			RepoIDs:        repoIDs,
-			Keyword:        keyword,
-			IsKeywordFuzzy: isFuzzy,
-			Language:       language,
+			Keyword:        prepareSearch.Keyword,
+			IsKeywordFuzzy: prepareSearch.IsFuzzy,
+			Language:       prepareSearch.Language,
 			Paginator: &db.ListOptions{
 				Page:     page,
 				PageSize: setting.UI.RepoSearchPagingNum,
diff --git a/templates/shared/search/code/search.tmpl b/templates/shared/search/code/search.tmpl
index e49ea47e03482..dde45c0fbfa01 100644
--- a/templates/shared/search/code/search.tmpl
+++ b/templates/shared/search/code/search.tmpl
@@ -2,7 +2,8 @@
 	{{template "shared/search/combo_fuzzy" dict "Value" .Keyword "Disabled" .CodeIndexerUnavailable "IsFuzzy" .IsFuzzy "Placeholder" (ctx.Locale.Tr "search.code_kind")}}
 </form>
 <div class="divider"></div>
-<div class="ui user list">
+<div class="ui list">
+	{{template "base/alert" .}}
 	{{if .CodeIndexerUnavailable}}
 		<div class="ui error message">
 			<p>{{ctx.Locale.Tr "search.code_search_unavailable"}}</p>

From 9ac536a904b1ca8362d7fd59fc204662ff52139e Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 3 Jan 2025 04:01:05 +0800
Subject: [PATCH 19/55] Fix "stop time tracking button" on navbar (#33084)

Fix #33083

By the way (something I was working on):

1. relax color/background-color for more markup elements
2. fix a command line sentence error
---
 cmd/migrate.go                      | 2 +-
 modules/markup/sanitizer_default.go | 2 +-
 templates/base/head_navbar.tmpl     | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cmd/migrate.go b/cmd/migrate.go
index 4e4dd45af3a15..459805a76d732 100644
--- a/cmd/migrate.go
+++ b/cmd/migrate.go
@@ -18,7 +18,7 @@ import (
 var CmdMigrate = &cli.Command{
 	Name:        "migrate",
 	Usage:       "Migrate the database",
-	Description: "This is a command for migrating the database, so that you can run gitea admin create-user before starting the server.",
+	Description: `This is a command for migrating the database, so that you can run "gitea admin create user" before starting the server.`,
 	Action:      runMigrate,
 }
 
diff --git a/modules/markup/sanitizer_default.go b/modules/markup/sanitizer_default.go
index 5eeafe940a4da..14161eb533794 100644
--- a/modules/markup/sanitizer_default.go
+++ b/modules/markup/sanitizer_default.go
@@ -48,7 +48,7 @@ func (st *Sanitizer) createDefaultPolicy() *bluemonday.Policy {
 	policy.AllowAttrs("class").Matching(regexp.MustCompile(`^(unchecked|checked|indeterminate)$`)).OnElements("li")
 
 	// Allow 'color' and 'background-color' properties for the style attribute on text elements.
-	policy.AllowStyles("color", "background-color").OnElements("span", "p")
+	policy.AllowStyles("color", "background-color").OnElements("div", "span", "p", "tr", "th", "td")
 
 	policy.AllowAttrs("src", "autoplay", "controls").OnElements("video")
 
diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index ed7a8d6f2433e..bf0e7e632b71e 100644
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -192,7 +192,7 @@
 					<span class="stopwatch-issue">{{.ActiveStopwatch.RepoSlug}}#{{.ActiveStopwatch.IssueIndex}}</span>
 				</a>
 				<div class="tw-flex tw-gap-1">
-					<form class="stopwatch-commit" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/toggle">
+					<form class="stopwatch-commit form-fetch-action" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/toggle">
 						{{.CsrfTokenHtml}}
 						<button
 							type="submit"
@@ -200,7 +200,7 @@
 							data-tooltip-content="{{ctx.Locale.Tr "repo.issues.stop_tracking"}}"
 						>{{svg "octicon-square-fill"}}</button>
 					</form>
-					<form class="stopwatch-cancel" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/cancel">
+					<form class="stopwatch-cancel form-fetch-action" method="post" action="{{.ActiveStopwatch.IssueLink}}/times/stopwatch/cancel">
 						{{.CsrfTokenHtml}}
 						<button
 							type="submit"

From e709cc76da6b6136d3134c0c702eb7e8f98abce2 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 3 Jan 2025 04:26:48 +0800
Subject: [PATCH 20/55] Make Gitea always use its internal config, ignore
 `/etc/gitconfig` (#33076)

In history, Gitea could use the system config `/etc/gitconfig` because
some users said that "they might put certNonceSeed in it"

Actually, we shouldn't not use it, because it also causes conflicts
(there are already some fixes like #28848)

To make the system clear, I think it's worth to introduce the breaking
change: add `GIT_CONFIG_NOSYSTEM=1` to all git commands.


## :warning: BREAKING :warning:

 For most users, nothing need to do.

If you have made changes to `/etc/gitconfig` to affect Gitea's behavior,
you need to move these config options to Gitea's internal git config
file, it is usually in Gitea's `{AppDataPath}/home/.git` directory.
---
 models/unittest/testdb.go     |  8 +-------
 modules/git/command.go        | 12 +++++++++---
 modules/git/repo_archive.go   |  5 -----
 modules/setting/config_env.go |  3 +++
 4 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/models/unittest/testdb.go b/models/unittest/testdb.go
index 7bf9829b6f621..0dcff166cc3b1 100644
--- a/models/unittest/testdb.go
+++ b/models/unittest/testdb.go
@@ -59,13 +59,7 @@ func InitSettings() {
 	_ = hash.Register("dummy", hash.NewDummyHasher)
 
 	setting.PasswordHashAlgo, _ = hash.SetDefaultPasswordHashAlgorithm("dummy")
-	setting.InitGiteaEnvVars()
-
-	// Avoid loading the git's system config.
-	// On macOS, system config sets the osxkeychain credential helper, which will cause tests to freeze with a dialog.
-	// But we do not set it in production at the moment, because it might be a "breaking" change,
-	// more details are in "modules/git.commonBaseEnvs".
-	_ = os.Setenv("GIT_CONFIG_NOSYSTEM", "true")
+	setting.InitGiteaEnvVarsForTesting()
 }
 
 // TestOptions represents test options
diff --git a/modules/git/command.go b/modules/git/command.go
index b231c3beea012..2584e3cc57c45 100644
--- a/modules/git/command.go
+++ b/modules/git/command.go
@@ -236,10 +236,16 @@ type RunOpts struct {
 }
 
 func commonBaseEnvs() []string {
-	// at the moment, do not set "GIT_CONFIG_NOSYSTEM", users may have put some configs like "receive.certNonceSeed" in it
 	envs := []string{
-		"HOME=" + HomeDir(),        // make Gitea use internal git config only, to prevent conflicts with user's git config
-		"GIT_NO_REPLACE_OBJECTS=1", // ignore replace references (https://git-scm.com/docs/git-replace)
+		// Make Gitea use internal git config only, to prevent conflicts with user's git config
+		// It's better to use GIT_CONFIG_GLOBAL, but it requires git >= 2.32, so we still use HOME at the moment.
+		"HOME=" + HomeDir(),
+		// Avoid using system git config, it would cause problems (eg: use macOS osxkeychain to show a modal dialog, auto installing lfs hooks)
+		// This might be a breaking change in 1.24, because some users said that they have put some configs like "receive.certNonceSeed" in "/etc/gitconfig"
+		// For these users, they need to migrate the necessary configs to Gitea's git config file manually.
+		"GIT_CONFIG_NOSYSTEM=1",
+		// Ignore replace references (https://git-scm.com/docs/git-replace)
+		"GIT_NO_REPLACE_OBJECTS=1",
 	}
 
 	// some environment variables should be passed to git command
diff --git a/modules/git/repo_archive.go b/modules/git/repo_archive.go
index 1bf1aa41b9417..2b45a50f191b6 100644
--- a/modules/git/repo_archive.go
+++ b/modules/git/repo_archive.go
@@ -8,7 +8,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"os"
 	"path/filepath"
 	"strings"
 )
@@ -63,15 +62,11 @@ func (repo *Repository) CreateArchive(ctx context.Context, format ArchiveType, t
 	cmd.AddOptionFormat("--format=%s", format.String())
 	cmd.AddDynamicArguments(commitID)
 
-	// Avoid LFS hooks getting installed because of /etc/gitconfig, which can break pull requests.
-	env := append(os.Environ(), "GIT_CONFIG_NOSYSTEM=1")
-
 	var stderr strings.Builder
 	err := cmd.Run(&RunOpts{
 		Dir:    repo.Path,
 		Stdout: target,
 		Stderr: &stderr,
-		Env:    env,
 	})
 	if err != nil {
 		return ConcatenateError(err, stderr.String())
diff --git a/modules/setting/config_env.go b/modules/setting/config_env.go
index e72249d82c182..5d94a9641f782 100644
--- a/modules/setting/config_env.go
+++ b/modules/setting/config_env.go
@@ -177,7 +177,10 @@ func InitGiteaEnvVars() {
 	// But git would try "XDG_CONFIG_HOME/git/config" first if "HOME/.gitconfig" does not exist,
 	// then our git.InitFull would still write to "XDG_CONFIG_HOME/git/config" if XDG_CONFIG_HOME is set.
 	_ = os.Unsetenv("XDG_CONFIG_HOME")
+}
 
+func InitGiteaEnvVarsForTesting() {
+	InitGiteaEnvVars()
 	_ = os.Unsetenv("GIT_AUTHOR_NAME")
 	_ = os.Unsetenv("GIT_AUTHOR_EMAIL")
 	_ = os.Unsetenv("GIT_AUTHOR_DATE")

From 83b7e12d4c04c3234855306c632ea70dddfba4ff Mon Sep 17 00:00:00 2001
From: metiftikci <metiftikci@hotmail.com>
Date: Fri, 3 Jan 2025 02:00:26 +0300
Subject: [PATCH 21/55] add myself to maintainers (#33088)

---
 MAINTAINERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index ad02ecc755705..f0caae4d22176 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -31,7 +31,6 @@ Gary Kim <gary@garykim.dev> (@gary-kim)
 Guillermo Prandi <gitea.maint@mailfilter.com.ar> (@guillep2k)
 Mura Li <typeless@ctli.io> (@typeless)
 6543 <6543@obermui.de> (@6543)
-jaqra <jaqra@hotmail.com> (@jaqra)
 David Svantesson <davidsvantesson@gmail.com> (@davidsvantesson)
 a1012112796 <1012112796@qq.com> (@a1012112796)
 Karl Heinz Marbaise <kama@soebes.de> (@khmarbaise)
@@ -63,3 +62,4 @@ Yu Liu <1240335630@qq.com> (@HEREYUA)
 Kemal Zebari <kemalzebra@gmail.com> (@kemzeb)
 Rowan Bohde <rowan.bohde@gmail.com> (@bohde)
 hiifong <i@hiif.ong> (@hiifong)
+metiftikci <metiftikci@hotmail.com> (@metiftikci)

From a739c784d9fde9952d8979abcb529b4f720d8362 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Fri, 3 Jan 2025 00:31:40 +0000
Subject: [PATCH 22/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_pt-PT.ini | 1 +
 options/locale/locale_tr-TR.ini | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index 790384b0ea73f..0fb56f6763528 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -3535,6 +3535,7 @@ versions=Versões
 versions.view_all=Ver todas
 dependency.id=ID
 dependency.version=Versão
+search_in_external_registry=Procurar em %s
 alpine.registry=Configure este registo adicionando o URL no seu ficheiro <code>/etc/apk/repositories</code>:
 alpine.registry.key=Descarregue a chave RSA pública do registo para dentro da pasta <code>/etc/apk/keys/</code> para verificar a assinatura do índice:
 alpine.registry.info=Escolha $branch e $repository da lista abaixo.
diff --git a/options/locale/locale_tr-TR.ini b/options/locale/locale_tr-TR.ini
index ea938bab59ad8..fb30ab3b67b6f 100644
--- a/options/locale/locale_tr-TR.ini
+++ b/options/locale/locale_tr-TR.ini
@@ -104,6 +104,7 @@ copy_url=URL'yi kopyala
 copy_hash=Hash'i kopyala
 copy_content=İçeriği kopyala
 copy_branch=Dal adını kopyala
+copy_path=Yolu kopyala
 copy_success=Kopyalandı!
 copy_error=Kopyalama başarısız oldu
 copy_type_unsupported=Bu dosya türü kopyalanamaz
@@ -144,6 +145,7 @@ confirm_delete_selected=Tüm seçili öğeleri gerçekten silmek istiyor musunuz
 
 name=İsim
 value=Değer
+readme=Benioku
 
 filter=Filtre
 filter.clear=Filtreyi Temizle
@@ -159,6 +161,7 @@ filter.public=Genel
 filter.private=Özel
 
 no_results_found=Sonuç bulunamadı.
+internal_error_skipped=Dahili bir hata oluştu ama atlandı: %s
 
 [search]
 search=Ara...
@@ -177,6 +180,8 @@ code_search_by_git_grep=Mevcut kod arama sonuçları "git grep" ile sağlanıyor
 package_kind=Paketleri ara...
 project_kind=Projeleri ara...
 branch_kind=Dalları ara...
+tag_kind=Etiketleri ara...
+tag_tooltip=Eşleşen etiketler için arama. Herhangi bir numara serisi bulmak için '%' kullanın.
 commit_kind=İşlemeleri ara...
 runner_kind=Çalıştırıcıları ara...
 no_results=Eşleşen sonuç bulunamadı.
@@ -206,7 +211,10 @@ buttons.link.tooltip=Bağlantı ekle
 buttons.list.unordered.tooltip=Maddeli liste ekle
 buttons.list.ordered.tooltip=Numaralandırılmış liste ekle
 buttons.list.task.tooltip=Görev listesi ekle
+buttons.table.add.tooltip=Tablo ekle
 buttons.table.add.insert=Ekle
+buttons.table.rows=Satırlar
+buttons.table.cols=Sütunlar
 buttons.mention.tooltip=Bir kişiye veya takıma değin
 buttons.ref.tooltip=Bir konuya veya değişiklik isteğine değin
 buttons.switch_to_legacy.tooltip=Eski düzenleyiciyi kullan
@@ -219,6 +227,7 @@ string.desc=Z - A
 
 [error]
 occurred=Bir hata oluştu
+report_message=Bunun bir Gitea hatası olduğunu düşünüyorsanız, lütfen <a href="%s" target="_blank">GitHub</a> sayfasında sorunu arayın veya gerekiyorsa yeni bir sorun oluşturun.
 not_found=Hedef bulunamadı.
 network_error=Ağ hatası
 

From 68972a994719ae5c74e28d8fa82fa27c23399bc8 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 3 Jan 2025 12:01:19 +0800
Subject: [PATCH 23/55] Clean up legacy form CSS styles (#33081)

---
 routers/web/repo/repo.go                      |  43 +--
 templates/org/create.tmpl                     |  32 +-
 templates/repo/create.tmpl                    |  35 +-
 templates/repo/migrate/codebase.tmpl          |  22 +-
 templates/repo/migrate/codecommit.tmpl        |  22 +-
 templates/repo/migrate/git.tmpl               |  22 +-
 templates/repo/migrate/gitbucket.tmpl         |  24 +-
 templates/repo/migrate/gitea.tmpl             |  22 +-
 templates/repo/migrate/github.tmpl            |  22 +-
 templates/repo/migrate/gitlab.tmpl            |  22 +-
 templates/repo/migrate/gogs.tmpl              |  22 +-
 templates/repo/migrate/onedev.tmpl            |  25 +-
 templates/repo/pulls/fork.tmpl                |  18 +-
 templates/user/auth/finalize_openid.tmpl      |  47 ---
 templates/user/auth/reset_passwd.tmpl         |  24 +-
 templates/user/auth/signin_inner.tmpl         |   6 +-
 .../user/auth/signup_openid_connect.tmpl      |  44 +--
 .../user/auth/signup_openid_register.tmpl     |   2 +-
 web_src/css/base.css                          |  16 -
 web_src/css/form.css                          | 352 ++----------------
 web_src/css/org.css                           |  87 -----
 21 files changed, 229 insertions(+), 680 deletions(-)
 delete mode 100644 templates/user/auth/finalize_openid.tmpl

diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
index 85a745acbd32e..0f408b22e096d 100644
--- a/routers/web/repo/repo.go
+++ b/routers/web/repo/repo.go
@@ -147,27 +147,33 @@ func getRepoPrivate(ctx *context.Context) bool {
 	}
 }
 
-// Create render creating repository page
-func Create(ctx *context.Context) {
+func createCommon(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("new_repo")
-
-	// Give default value for template to render.
 	ctx.Data["Gitignores"] = repo_module.Gitignores
 	ctx.Data["LabelTemplateFiles"] = repo_module.LabelTemplateFiles
 	ctx.Data["Licenses"] = repo_module.Licenses
 	ctx.Data["Readmes"] = repo_module.Readmes
-	ctx.Data["readme"] = "Default"
-	ctx.Data["private"] = getRepoPrivate(ctx)
 	ctx.Data["IsForcedPrivate"] = setting.Repository.ForcePrivate
-	ctx.Data["default_branch"] = setting.Repository.DefaultBranch
+	ctx.Data["CanCreateRepo"] = ctx.Doer.CanCreateRepo()
+	ctx.Data["MaxCreationLimit"] = ctx.Doer.MaxCreationLimit()
+	ctx.Data["SupportedObjectFormats"] = git.DefaultFeatures().SupportedObjectFormats
+	ctx.Data["DefaultObjectFormat"] = git.Sha1ObjectFormat
+}
 
+// Create render creating repository page
+func Create(ctx *context.Context) {
+	createCommon(ctx)
 	ctxUser := checkContextUser(ctx, ctx.FormInt64("org"))
 	if ctx.Written() {
 		return
 	}
 	ctx.Data["ContextUser"] = ctxUser
 
+	ctx.Data["readme"] = "Default"
+	ctx.Data["private"] = getRepoPrivate(ctx)
+	ctx.Data["default_branch"] = setting.Repository.DefaultBranch
 	ctx.Data["repo_template_name"] = ctx.Tr("repo.template_select")
+
 	templateID := ctx.FormInt64("template_id")
 	if templateID > 0 {
 		templateRepo, err := repo_model.GetRepositoryByID(ctx, templateID)
@@ -177,11 +183,6 @@ func Create(ctx *context.Context) {
 		}
 	}
 
-	ctx.Data["CanCreateRepo"] = ctx.Doer.CanCreateRepo()
-	ctx.Data["MaxCreationLimit"] = ctx.Doer.MaxCreationLimit()
-	ctx.Data["SupportedObjectFormats"] = git.DefaultFeatures().SupportedObjectFormats
-	ctx.Data["DefaultObjectFormat"] = git.Sha1ObjectFormat
-
 	ctx.HTML(http.StatusOK, tplCreate)
 }
 
@@ -219,16 +220,8 @@ func handleCreateError(ctx *context.Context, owner *user_model.User, err error,
 
 // CreatePost response for creating repository
 func CreatePost(ctx *context.Context) {
+	createCommon(ctx)
 	form := web.GetForm(ctx).(*forms.CreateRepoForm)
-	ctx.Data["Title"] = ctx.Tr("new_repo")
-
-	ctx.Data["Gitignores"] = repo_module.Gitignores
-	ctx.Data["LabelTemplateFiles"] = repo_module.LabelTemplateFiles
-	ctx.Data["Licenses"] = repo_module.Licenses
-	ctx.Data["Readmes"] = repo_module.Readmes
-
-	ctx.Data["CanCreateRepo"] = ctx.Doer.CanCreateRepo()
-	ctx.Data["MaxCreationLimit"] = ctx.Doer.MaxCreationLimit()
 
 	ctxUser := checkContextUser(ctx, form.UID)
 	if ctx.Written() {
@@ -236,6 +229,14 @@ func CreatePost(ctx *context.Context) {
 	}
 	ctx.Data["ContextUser"] = ctxUser
 
+	if form.RepoTemplate > 0 {
+		templateRepo, err := repo_model.GetRepositoryByID(ctx, form.RepoTemplate)
+		if err == nil && access_model.CheckRepoUnitUser(ctx, templateRepo, ctxUser, unit.TypeCode) {
+			ctx.Data["repo_template"] = form.RepoTemplate
+			ctx.Data["repo_template_name"] = templateRepo.Name
+		}
+	}
+
 	if ctx.HasError() {
 		ctx.HTML(http.StatusOK, tplCreate)
 		return
diff --git a/templates/org/create.tmpl b/templates/org/create.tmpl
index 004cd9be800ab..2f19fd817f449 100644
--- a/templates/org/create.tmpl
+++ b/templates/org/create.tmpl
@@ -2,22 +2,22 @@
 <div role="main" aria-label="{{.Title}}" class="page-content organization new org">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "new_org"}}
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "new_org"}}
+			</h3>
+			<div class="ui attached segment">
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_OrgName}}error{{end}}">
 						<label for="org_name">{{ctx.Locale.Tr "org.org_name_holder"}}</label>
 						<input id="org_name" name="org_name" value="{{.org_name}}" autofocus required maxlength="40">
 						<span class="help">{{ctx.Locale.Tr "org.org_name_helper"}}</span>
 					</div>
 
-					<div class="inline field {{if .Err_OrgVisibility}}error{{end}}">
-						<span class="inline required field"><label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label></span>
-						<div class="inline-grouped-list">
+					<div class="inline field required {{if .Err_OrgVisibility}}error{{end}}">
+						<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
+						<div class="inline-right">
 							<div class="ui radio checkbox">
 								<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if .DefaultOrgVisibilityMode.IsPublic}}checked{{end}}>
 								<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
@@ -35,11 +35,9 @@
 
 					<div class="inline field" id="permission_box">
 						<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
-						<div class="inline-grouped-list">
-							<div class="ui checkbox">
-								<input type="checkbox" name="repo_admin_change_team_access" checked>
-								<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input type="checkbox" name="repo_admin_change_team_access" checked>
+							<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
 						</div>
 					</div>
 
@@ -49,8 +47,8 @@
 							{{ctx.Locale.Tr "org.create_org"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/create.tmpl b/templates/repo/create.tmpl
index 78eb2f704a210..36283b35e07b4 100644
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@@ -2,20 +2,20 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new-repo">
 	<div class="ui middle very relaxed page one column grid">
 		<div class="column">
-			<form class="ui form new-repo-form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "new_repo"}}
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
-					{{template "repo/create_helper" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "new_repo"}}
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				{{template "repo/create_helper" .}}
 
-					{{if not .CanCreateRepo}}
-						<div class="ui negative message">
-							<p>{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimit}}</p>
-						</div>
-					{{end}}
+				{{if not .CanCreateRepo}}
+				<div class="ui negative message">
+					<p>{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimit}}</p>
+				</div>
+				{{end}}
+				<form class="ui form left-right-form new-repo-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_Owner}}error{{end}}">
 						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
 						<div class="ui selection owner dropdown">
@@ -69,7 +69,7 @@
 					<div class="inline field">
 						<label>{{ctx.Locale.Tr "repo.template"}}</label>
 						<div id="repo_template_search" class="ui search selection dropdown">
-							<input type="hidden" id="repo_template" name="repo_template" value="{{.repo_template}}">
+							<input type="hidden" id="repo_template" name="repo_template" value="{{or .repo_template ""}}">
 							<div class="default text">{{.repo_template_name}}</div>
 							<div class="menu">
 							</div>
@@ -178,6 +178,7 @@
 							<span class="help">{{ctx.Locale.Tr "repo.readme_helper_desc"}}</span>
 						</div>
 						<div class="inline field">
+							<label></label>
 							<div class="ui checkbox" id="auto-init">
 								<input name="auto_init" type="checkbox" {{if .auto_init}}checked{{end}}>
 								<label>{{ctx.Locale.Tr "repo.auto_init"}}</label>
@@ -191,7 +192,7 @@
 						<div class="inline field">
 							<label>{{ctx.Locale.Tr "repo.object_format"}}</label>
 							<div class="ui selection owner dropdown">
-								<input type="hidden" id="object_format_name" name="object_format_name" value="{{.DefaultObjectFormat.Name}}" required>
+								<input type="hidden" id="object_format_name" name="object_format_name" value="{{or .object_format_name .DefaultObjectFormat.Name}}" required>
 								<div class="default text">{{.DefaultObjectFormat.Name}}</div>
 								<div class="menu">
 									{{range .SupportedObjectFormats}}
@@ -216,8 +217,8 @@
 							{{ctx.Locale.Tr "repo.create_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/codebase.tmpl b/templates/repo/migrate/codebase.tmpl
index c8059b7c7b099..6f82d835c6105 100644
--- a/templates/repo/migrate/codebase.tmpl
+++ b/templates/repo/migrate/codebase.tmpl
@@ -2,15 +2,15 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{template "base/disable_form_autofill"}}
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{template "base/disable_form_autofill"}}
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -108,8 +108,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/codecommit.tmpl b/templates/repo/migrate/codecommit.tmpl
index d1cebd0e48521..8681f47e6cf33 100644
--- a/templates/repo/migrate/codecommit.tmpl
+++ b/templates/repo/migrate/codecommit.tmpl
@@ -2,15 +2,15 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{template "base/disable_form_autofill"}}
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{template "base/disable_form_autofill"}}
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -109,8 +109,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/git.tmpl b/templates/repo/migrate/git.tmpl
index 9c5f0d7d6dad2..5162998036d9e 100644
--- a/templates/repo/migrate/git.tmpl
+++ b/templates/repo/migrate/git.tmpl
@@ -2,15 +2,15 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{template "base/disable_form_autofill"}}
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{template "base/disable_form_autofill"}}
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -82,8 +82,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitbucket.tmpl b/templates/repo/migrate/gitbucket.tmpl
index b667fa828a2fd..07e27423bc2d3 100644
--- a/templates/repo/migrate/gitbucket.tmpl
+++ b/templates/repo/migrate/gitbucket.tmpl
@@ -2,15 +2,15 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{template "base/disable_form_autofill"}}
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{template "base/disable_form_autofill"}}
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -38,7 +38,7 @@
 						</div>
 					</div>
 
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
 						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 						<div class="inline field">
 							<label></label>
@@ -124,8 +124,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitea.tmpl b/templates/repo/migrate/gitea.tmpl
index 3b8f377096cc3..cde05df017190 100644
--- a/templates/repo/migrate/gitea.tmpl
+++ b/templates/repo/migrate/gitea.tmpl
@@ -2,14 +2,14 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -34,7 +34,7 @@
 						</div>
 					</div>
 
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
 						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 						<div class="inline field">
 							<label></label>
@@ -120,8 +120,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/github.tmpl b/templates/repo/migrate/github.tmpl
index 3535eddfc2067..c455d228c3503 100644
--- a/templates/repo/migrate/github.tmpl
+++ b/templates/repo/migrate/github.tmpl
@@ -2,14 +2,14 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -36,7 +36,7 @@
 							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
 						</div>
 					</div>
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
 						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 						<div class="inline field">
 							<label></label>
@@ -122,8 +122,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitlab.tmpl b/templates/repo/migrate/gitlab.tmpl
index f705fb3090c60..0066e90aa8095 100644
--- a/templates/repo/migrate/gitlab.tmpl
+++ b/templates/repo/migrate/gitlab.tmpl
@@ -2,14 +2,14 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -33,7 +33,7 @@
 							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
 						</div>
 					</div>
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
 						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 						<div class="inline field">
 							<label></label>
@@ -119,8 +119,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gogs.tmpl b/templates/repo/migrate/gogs.tmpl
index eca83b163617f..b52cbe6b0dd8d 100644
--- a/templates/repo/migrate/gogs.tmpl
+++ b/templates/repo/migrate/gogs.tmpl
@@ -2,14 +2,14 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -34,7 +34,7 @@
 						</div>
 					</div>
 
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
 						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 						<div class="inline field">
 							<label></label>
@@ -122,8 +122,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/onedev.tmpl b/templates/repo/migrate/onedev.tmpl
index e1aad96ba4049..6bc4d3f9eed9b 100644
--- a/templates/repo/migrate/onedev.tmpl
+++ b/templates/repo/migrate/onedev.tmpl
@@ -2,15 +2,15 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{template "base/disable_form_autofill"}}
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-					<input id="service_type" type="hidden" name="service" value="{{.service}}">
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+				<input id="service_type" type="hidden" name="service" value="{{.service}}">
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{template "base/disable_form_autofill"}}
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
 						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
 						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
@@ -30,7 +30,8 @@
 
 					{{template "repo/migrate/options" .}}
 
-					<div id="migrate_items">
+					<div id="migrate_items" class="inline field">
+						<label></label>
 						<div class="inline field">
 							<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
 							<div class="ui checkbox">
@@ -108,8 +109,8 @@
 							{{ctx.Locale.Tr "repo.migrate_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/pulls/fork.tmpl b/templates/repo/pulls/fork.tmpl
index 7af535f1d303b..c34da57d17570 100644
--- a/templates/repo/pulls/fork.tmpl
+++ b/templates/repo/pulls/fork.tmpl
@@ -2,13 +2,13 @@
 <div role="main" aria-label="{{.Title}}" class="page-content repository new fork">
 	<div class="ui middle very relaxed page grid">
 		<div class="column">
-			<form class="ui form" action="{{.Link}}" method="post">
-				{{.CsrfTokenHtml}}
-				<h3 class="ui top attached header">
-					{{ctx.Locale.Tr "new_fork"}}
-				</h3>
-				<div class="ui attached segment">
-					{{template "base/alert" .}}
+			<h3 class="ui top attached header">
+				{{ctx.Locale.Tr "new_fork"}}
+			</h3>
+			<div class="ui attached segment">
+				{{template "base/alert" .}}
+				<form class="ui form left-right-form" action="{{.Link}}" method="post">
+					{{.CsrfTokenHtml}}
 					<div class="inline required field {{if .Err_Owner}}error{{end}}">
 						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
 						<div class="ui selection owner dropdown">
@@ -80,8 +80,8 @@
 							{{ctx.Locale.Tr "repo.fork_repo"}}
 						</button>
 					</div>
-				</div>
-			</form>
+				</form>
+			</div>
 		</div>
 	</div>
 </div>
diff --git a/templates/user/auth/finalize_openid.tmpl b/templates/user/auth/finalize_openid.tmpl
deleted file mode 100644
index 1c1dcdb825bb7..0000000000000
--- a/templates/user/auth/finalize_openid.tmpl
+++ /dev/null
@@ -1,47 +0,0 @@
-{{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content user signin">
-	<div class="ui container">
-		<div class="ui grid">
-			{{template "user/auth/finalize_openid_navbar" .}}
-			<div class="twelve wide column content">
-				{{template "base/alert" .}}
-				<h4 class="ui top attached header">
-					{{ctx.Locale.Tr "auth.login_userpass"}}
-				</h4>
-				<div class="ui attached segment">
-					<form class="ui form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="required inline field {{if .Err_UserName}}error{{end}}">
-						<label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
-						<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
-					</div>
-					<div class="required inline field {{if .Err_Password}}error{{end}}">
-						<label for="password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
-					</div>
-					<div class="inline field">
-						<label></label>
-						<div class="ui checkbox">
-							<label>{{ctx.Locale.Tr "auth.remember_me"}}</label>
-							<input name="remember" type="checkbox">
-						</div>
-					</div>
-
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">{{ctx.Locale.Tr "sign_in"}}</button>
-						<a href="{{AppSubUrl}}/user/forget_password">{{ctx.Locale.Tr "auth.forget_password"}}</a>
-					</div>
-					{{if .ShowRegistrationButton}}
-						<div class="inline field">
-							<label></label>
-							<a href="{{AppSubUrl}}/user/sign_up">{{ctx.Locale.Tr "auth.sign_up_now"}}</a>
-						</div>
-					{{end}}
-					</form>
-				</div>
-			</div>
-		</div>
-	</div>
-</div>
-{{template "base/footer" .}}
diff --git a/templates/user/auth/reset_passwd.tmpl b/templates/user/auth/reset_passwd.tmpl
index f8303feef38d9..37a23b3e5592b 100644
--- a/templates/user/auth/reset_passwd.tmpl
+++ b/templates/user/auth/reset_passwd.tmpl
@@ -34,18 +34,18 @@
 							{{ctx.Locale.Tr "twofa"}}
 						</h4>
 						<div class="ui warning visible message">{{ctx.Locale.Tr "settings.twofa_is_enrolled"}}</div>
-						{{if .scratch_code}}
-						<div class="required inline field {{if .Err_Token}}error{{end}}">
-							<label for="token">{{ctx.Locale.Tr "auth.scratch_code"}}</label>
-							<input id="token" name="token" type="text" autocomplete="off" autofocus required>
-						</div>
-						<input type="hidden" name="scratch_code" value="true">
-						{{else}}
-						<div class="required field {{if .Err_Passcode}}error{{end}}">
-							<label for="passcode">{{ctx.Locale.Tr "passcode"}}</label>
-							<input id="passcode" name="passcode" type="number" autocomplete="off" autofocus required>
-						</div>
-						{{end}}
+							{{if .scratch_code}}
+							<div class="required inline field {{if .Err_Token}}error{{end}}">
+								<label for="token">{{ctx.Locale.Tr "auth.scratch_code"}}</label>
+								<input id="token" name="token" type="text" autocomplete="off" autofocus required>
+							</div>
+							<input type="hidden" name="scratch_code" value="true">
+							{{else}}
+							<div class="required field {{if .Err_Passcode}}error{{end}}">
+								<label for="passcode">{{ctx.Locale.Tr "passcode"}}</label>
+								<input id="passcode" name="passcode" type="number" autocomplete="off" autofocus required>
+							</div>
+							{{end}}
 						{{end}}
 						<div class="divider"></div>
 						<div class="inline field">
diff --git a/templates/user/auth/signin_inner.tmpl b/templates/user/auth/signin_inner.tmpl
index dd608e5aa1e53..fbf86a92bf636 100644
--- a/templates/user/auth/signin_inner.tmpl
+++ b/templates/user/auth/signin_inner.tmpl
@@ -18,9 +18,9 @@
 				<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required tabindex="1">
 			</div>
 			{{if or (not .DisablePassword) .LinkAccountMode}}
-			<div class="required field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}} form-field-content-aside-label">
-				<label for="password">{{ctx.Locale.Tr "password"}}</label>
-				<div>
+			<div class="required field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
+				<div class="tw-flex tw-mb-1">
+					<label for="password" class="tw-flex-1">{{ctx.Locale.Tr "password"}}</label>
 					<a href="{{AppSubUrl}}/user/forgot_password" tabindex="4">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
 				</div>
 				<input id="password" name="password" type="password" value="{{.password}}" autocomplete="current-password" required tabindex="2">
diff --git a/templates/user/auth/signup_openid_connect.tmpl b/templates/user/auth/signup_openid_connect.tmpl
index e4b7936374355..b27093d853dab 100644
--- a/templates/user/auth/signup_openid_connect.tmpl
+++ b/templates/user/auth/signup_openid_connect.tmpl
@@ -7,28 +7,28 @@
 					{{ctx.Locale.Tr "auth.openid_connect_title"}}
 				</h4>
 				<div class="ui attached segment">
-					<p>
-						{{ctx.Locale.Tr "auth.openid_connect_desc"}}
-					</p>
-					<form class="ui form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="required inline field {{if .Err_UserName}}error{{end}}">
-						<label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
-						<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
-					</div>
-					<div class="required inline field {{if .Err_Password}}error{{end}}">
-						<label for="password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
-					</div>
-					<div class="inline field">
-						<label for="openid">OpenID URI</label>
-						<input id="openid" value="{{.OpenID}}" readonly>
-					</div>
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">{{ctx.Locale.Tr "auth.openid_connect_submit"}}</button>
-						<a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
-					</div>
+					<form class="ui form left-right-form" action="{{.Link}}" method="post">
+						{{.CsrfTokenHtml}}
+						<div class="inline field">
+							<span class="help">{{ctx.Locale.Tr "auth.openid_connect_desc"}}</span>
+						</div>
+						<div class="required inline field {{if .Err_UserName}}error{{end}}">
+							<label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
+							<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
+						</div>
+						<div class="required inline field {{if .Err_Password}}error{{end}}">
+							<label for="password">{{ctx.Locale.Tr "password"}}</label>
+							<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
+						</div>
+						<div class="inline field">
+							<label for="openid">OpenID URI</label>
+							<input id="openid" value="{{.OpenID}}" readonly>
+						</div>
+						<div class="inline field">
+							<label></label>
+							<button class="ui primary button">{{ctx.Locale.Tr "auth.openid_connect_submit"}}</button>
+							<a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
+						</div>
 					</form>
 				</div>
 	</div>
diff --git a/templates/user/auth/signup_openid_register.tmpl b/templates/user/auth/signup_openid_register.tmpl
index c017a0e65b26a..df6268d151142 100644
--- a/templates/user/auth/signup_openid_register.tmpl
+++ b/templates/user/auth/signup_openid_register.tmpl
@@ -7,7 +7,7 @@
 					{{ctx.Locale.Tr "auth.openid_register_title"}}
 				</h4>
 				<div class="ui attached segment">
-					<p class="tw-max-w-2xl tw-mx-auto">
+					<p>
 						{{ctx.Locale.Tr "auth.openid_register_desc"}}
 					</p>
 					<form class="ui form" action="{{.Link}}" method="post">
diff --git a/web_src/css/base.css b/web_src/css/base.css
index d6ab5e1009c54..49d5743158444 100644
--- a/web_src/css/base.css
+++ b/web_src/css/base.css
@@ -985,22 +985,6 @@ overflow-menu .ui.label {
   margin-top: 3em !important;
 }
 
-/* multiple radio or checkboxes as inline element */
-.inline-grouped-list {
-  display: inline-block;
-  vertical-align: top;
-}
-
-.inline-grouped-list > .ui {
-  display: block;
-  margin-top: 5px;
-  margin-bottom: 10px;
-}
-
-.inline-grouped-list > .ui:first-child {
-  margin-top: 1px;
-}
-
 .lines-blame-btn {
   padding: 0 0 0 5px;
   display: flex;
diff --git a/web_src/css/form.css b/web_src/css/form.css
index a92ba354b41a4..266b8c73f27e8 100644
--- a/web_src/css/form.css
+++ b/web_src/css/form.css
@@ -38,11 +38,6 @@ textarea,
   color: var(--color-input-text);
 }
 
-/* fix fomantic small dropdown having inconsistent padding with input */
-.ui.small.selection.dropdown {
-  padding: .67857143em 1.6em .67857143em 1em;
-}
-
 input:hover,
 textarea:hover,
 .ui.input input:hover,
@@ -109,9 +104,8 @@ textarea:focus,
   color: var(--color-input-text);
 }
 
-/* match <select> padding to <input> */
-.ui.form select {
-  padding: 0.67857143em 1em;
+.ui.form .field > .selection.dropdown {
+  min-width: 14em; /* matches the default min width */
 }
 
 .form .help {
@@ -120,47 +114,6 @@ textarea:focus,
   display: inline-block;
 }
 
-#create-page-form form {
-  margin: auto;
-}
-
-#create-page-form form .ui.message {
-  text-align: center;
-}
-
-@media (min-width: 768px) {
-  #create-page-form form {
-    width: 800px !important;
-  }
-  #create-page-form form .header {
-    padding-left: 280px !important;
-  }
-  #create-page-form form .inline.field > label {
-    text-align: right;
-    width: 250px !important;
-    word-wrap: break-word;
-  }
-  #create-page-form form .help {
-    margin-left: 265px !important;
-  }
-  #create-page-form form .optional .title {
-    margin-left: 250px !important;
-  }
-  #create-page-form form .inline.field > input,
-  #create-page-form form .inline.field > textarea {
-    width: 50%;
-  }
-}
-
-@media (max-width: 767.98px) {
-  #create-page-form form .optional .title {
-    margin-left: 15px;
-  }
-  #create-page-form form .inline.field > label {
-    display: block;
-  }
-}
-
 .m-captcha-style {
   width: 100%;
   height: 5em;
@@ -187,7 +140,7 @@ textarea:focus,
 }
 
 @media (max-height: 575px) {
-  #rc-imageselect,
+  #rc-imageselect, /* google recaptcha */
   .g-recaptcha-style,
   .h-captcha-style {
     transform: scale(0.77);
@@ -195,295 +148,40 @@ textarea:focus,
   }
 }
 
-.user.forgot.password form,
-.user.reset.password form,
-.user.signup form {
-  margin: auto;
-  width: 700px !important;
-}
-
-.user.activate form .ui.message,
-.user.forgot.password form .ui.message,
-.user.reset.password form .ui.message,
-.user.link-account form .ui.message,
-.user.signin form .ui.message,
-.user.signup form .ui.message {
-  text-align: center;
-}
-
-@media (min-width: 768px) {
-  .user.activate form,
-  .user.forgot.password form,
-  .user.reset.password form,
-  .user.link-account form,
-  .user.signin form,
-  .user.signup form {
-    width: 800px !important;
-  }
-  .user.activate form .header,
-  .user.forgot.password form .header,
-  .user.reset.password form .header,
-  .user.link-account form .header,
-  .user.signin form .header,
-  .user.signup form .header {
-    padding-left: 280px !important;
-  }
-  .user.activate form .inline.field > label {
-    text-align: right;
-    width: 250px !important;
-    word-wrap: break-word;
-  }
-  .user.activate form .help,
-  .user.forgot.password form .help,
-  .user.reset.password form .help,
-  .user.link-account form .help,
-  .user.signin form .help,
-  .user.signup form .help {
-    margin-left: 265px !important;
-  }
-  .user.activate form .optional .title,
-  .user.forgot.password form .optional .title,
-  .user.reset.password form .optional .title,
-  .user.link-account form .optional .title,
-  .user.signin form .optional .title,
-  .user.signup form .optional .title {
-    margin-left: 250px !important;
-  }
-}
-
-@media (max-width: 767.98px) {
-  .user.activate form .optional .title,
-  .user.forgot.password form .optional .title,
-  .user.reset.password form .optional .title,
-  .user.link-account form .optional .title,
-  .user.signin form .optional .title,
-  .user.signup form .optional .title {
-    margin-left: 15px;
-  }
-  .user.activate form .inline.field > label,
-  .user.forgot.password form .inline.field > label,
-  .user.reset.password form .inline.field > label,
-  .user.link-account form .inline.field > label,
-  .user.signin form .inline.field > label,
-  .user.signup form .inline.field > label {
-    display: block;
-  }
-}
-
-.user.activate form .header,
-.user.forgot.password form .header,
-.user.reset.password form .header,
-.user.link-account form .header,
-.user.signin form .header,
-.user.signup form .header {
-  padding-left: 0 !important;
-  text-align: center;
-}
-
-.user.activate form .inline.field > label,
-.user.forgot.password form .inline.field > label,
-.user.reset.password form .inline.field > label,
-.user.link-account form .inline.field > label,
-.user.signin form .inline.field > label,
-.user.signup form .inline.field > label {
-  width: 200px;
-}
-
-@media (max-width: 767.98px) {
-  .user.activate form .inline.field > label,
-  .user.forgot.password form .inline.field > label,
-  .user.reset.password form .inline.field > label,
-  .user.link-account form .inline.field > label,
-  .user.signin form .inline.field > label,
-  .user.signup form .inline.field > label {
-    width: 100% !important;
-  }
-}
-
-.user.activate form input[type="number"],
-.user.forgot.password form input[type="number"],
-.user.reset.password form input[type="number"],
-.user.link-account form input[type="number"],
-.user.signin form input[type="number"],
-.user.signup form input[type="number"] {
-  -moz-appearance: textfield;
-}
-
-.user.activate form input::-webkit-outer-spin-button,
-.user.forgot.password form input::-webkit-outer-spin-button,
-.user.reset.password form input::-webkit-outer-spin-button,
-.user.link-account form input::-webkit-outer-spin-button,
-.user.signin form input::-webkit-outer-spin-button,
-.user.signup form input::-webkit-outer-spin-button,
-.user.activate form input::-webkit-inner-spin-button,
-.user.forgot.password form input::-webkit-inner-spin-button,
-.user.reset.password form input::-webkit-inner-spin-button,
-.user.link-account form input::-webkit-inner-spin-button,
-.user.signin form input::-webkit-inner-spin-button,
-.user.signup form input::-webkit-inner-spin-button {
-  -webkit-appearance: none;
-  margin: 0;
-}
-
-.repository.new-repo form,
-.repository.new.migrate form,
-.repository.new.fork form {
-  margin: auto;
-}
-
-.repository.new-repo form .ui.message,
-.repository.new.migrate form .ui.message,
-.repository.new.fork form .ui.message {
-  text-align: center;
-}
-
-@media (min-width: 768px) {
-  .repository.new-repo form,
-  .repository.new.migrate form,
-  .repository.new.fork form {
-    width: 800px !important;
-  }
-  .repository.new-repo form .header,
-  .repository.new.migrate form .header,
-  .repository.new.fork form .header {
-    padding-left: 280px !important;
-  }
-  .repository.new-repo form .inline.field > label,
-  .repository.new.migrate form .inline.field > label,
-  .repository.new.fork form .inline.field > label {
-    text-align: right;
-    width: 250px !important;
-    word-wrap: break-word;
-  }
-  .repository.new-repo form .help,
-  .repository.new.migrate form .help,
-  .repository.new.fork form .help {
-    margin-left: 265px !important;
-  }
-  .repository.new-repo form .optional .title,
-  .repository.new.migrate form .optional .title,
-  .repository.new.fork form .optional .title {
-    margin-left: 250px !important;
-  }
-  .repository.new-repo form .inline.field > input,
-  .repository.new.migrate form .inline.field > input,
-  .repository.new.fork form .inline.field > input,
-  .repository.new-repo form .inline.field > textarea,
-  .repository.new.migrate form .inline.field > textarea,
-  .repository.new.fork form .inline.field > textarea {
-    width: 50%;
-  }
-}
-
-@media (max-width: 767.98px) {
-  .repository.new-repo form .optional .title,
-  .repository.new.migrate form .optional .title,
-  .repository.new.fork form .optional .title {
-    margin-left: 15px;
-  }
-  .repository.new-repo form .inline.field > label,
-  .repository.new.migrate form .inline.field > label,
-  .repository.new.fork form .inline.field > label {
-    display: block;
-  }
+.ui.form.left-right-form .inline.field > label {
+  text-align: right;
+  width: 250px;
+  margin-right: 10px;
 }
 
-.repository.new-repo form .dropdown .text,
-.repository.new.migrate form .dropdown .text,
-.repository.new.fork form .dropdown .text {
-  margin-right: 0 !important;
+.ui.form.left-right-form .inline.field > .help {
+  margin-left: calc(250px + 15px);
 }
 
-.repository.new-repo form .header,
-.repository.new.migrate form .header,
-.repository.new.fork form .header {
-  padding-left: 0 !important;
-  text-align: center;
+.ui.form.left-right-form .inline.field input:not([type="checkbox"], [type="radio"]),
+.ui.form.left-right-form .inline.field .ui.dropdown,
+.ui.form.left-right-form .inline.field textarea {
+  width: 50%;
 }
 
-.repository.new-repo form .selection.dropdown,
-.repository.new.migrate form .selection.dropdown,
-.repository.new.fork form .selection.dropdown,
-.repository.new.fork form .field a {
-  vertical-align: middle;
-  width: 50% !important;
+.ui.form.left-right-form .inline.field .inline-right {
+  display: inline-flex;
+  flex-direction: column;
+  gap: 0.5em;
 }
 
 @media (max-width: 767.98px) {
-  .repository.new-repo form label,
-  .repository.new.migrate form label,
-  .repository.new.fork form label,
-  .repository.new-repo form .inline.field > input,
-  .repository.new.migrate form .inline.field > input,
-  .repository.new.fork form .inline.field > input,
-  .repository.new.fork form .field a,
-  .repository.new-repo form .selection.dropdown,
-  .repository.new.migrate form .selection.dropdown,
-  .repository.new.fork form .selection.dropdown {
-    width: 100% !important;
-  }
-  .repository.new-repo form .field button,
-  .repository.new.migrate form .field button,
-  .repository.new.fork form .field button,
-  .repository.new-repo form .field a,
-  .repository.new.migrate form .field a {
-    margin-bottom: 1em;
+  .ui.form.left-right-form .inline.field > label {
     width: 100%;
+    margin: 0;
+    text-align: left;
   }
-}
-
-@media (min-width: 768px) {
-  .repository.new-repo .ui.form #auto-init {
-    margin-left: 265px !important;
-  }
-}
-
-.repository.new-repo .ui.form .selection.dropdown:not(.owner) {
-  width: 50% !important;
-}
-
-@media (max-width: 767.98px) {
-  .repository.new-repo .ui.form .selection.dropdown:not(.owner) {
-    width: 100% !important;
+  .ui.form.left-right-form .inline.field > .help {
+    margin: 0;
   }
-}
-
-/* form fields with additional content besides their label, used on login form
- * use like <div class="field"><label/><a/><input/></div> */
-.form-field-content-aside-label {
-  display: grid;
-  grid-template-columns: 1fr 1fr;
-}
-.form-field-content-aside-label > *:nth-child(2) {
-  text-align: right;
-}
-.form-field-content-aside-label input {
-  grid-column: span 2;
-}
-
-.ui.form .field > .selection.dropdown {
-  min-width: 14em; /* matches the default min width */
-}
-
-.new.webhook form .help {
-  margin-left: 25px;
-}
-
-.new.webhook .events.fields .column {
-  padding-left: 40px;
-}
-
-.githook textarea {
-  font-family: var(--fonts-monospace);
-}
-
-@media (max-width: 767.98px) {
-  .new.org .ui.form .field button,
-  .new.org .ui.form .field a {
-    margin-bottom: 1em;
+  .ui.form.left-right-form .inline.field input:not([type="checkbox"], [type="radio"]),
+  .ui.form.left-right-form .inline.field .ui.dropdown,
+  .ui.form.left-right-form .inline.field textarea {
     width: 100%;
   }
-  .new.org .ui.form .field input {
-    width: 100% !important;
-  }
 }
diff --git a/web_src/css/org.css b/web_src/css/org.css
index 1082625041901..48b41de297e97 100644
--- a/web_src/css/org.css
+++ b/web_src/css/org.css
@@ -1,94 +1,7 @@
-#create-page-form form {
-  margin: auto;
-}
-
-#create-page-form form .ui.message {
-  text-align: center;
-}
-
-@media (min-width: 768px) {
-  #create-page-form form {
-    width: 800px !important;
-  }
-  #create-page-form form .header {
-    padding-left: 280px !important;
-  }
-  #create-page-form form .inline.field > label {
-    text-align: right;
-    width: 250px !important;
-    word-wrap: break-word;
-  }
-  #create-page-form form .help {
-    margin-left: 265px !important;
-  }
-  #create-page-form form .optional .title {
-    margin-left: 250px !important;
-  }
-  #create-page-form form .inline.field > input,
-  #create-page-form form .inline.field > textarea {
-    width: 50%;
-  }
-}
-
-@media (max-width: 767.98px) {
-  #create-page-form form .optional .title {
-    margin-left: 15px;
-  }
-  #create-page-form form .inline.field > label {
-    display: block;
-  }
-}
-
 .organization .head .ui.header .ui.right {
   margin-top: 5px;
 }
 
-.organization.new.org form {
-  margin: auto;
-}
-
-.organization.new.org form .ui.message {
-  text-align: center;
-}
-
-@media (min-width: 768px) {
-  .organization.new.org form {
-    width: 800px !important;
-  }
-  .organization.new.org form .header {
-    padding-left: 280px !important;
-  }
-  .organization.new.org form .inline.field > label {
-    text-align: right;
-    width: 250px !important;
-    word-wrap: break-word;
-  }
-  .organization.new.org form .help {
-    margin-left: 265px !important;
-  }
-  .organization.new.org form .optional .title {
-    margin-left: 250px !important;
-  }
-  .organization.new.org form .inline.field > input,
-  .organization.new.org form .inline.field > textarea {
-    width: 50%;
-  }
-}
-
-@media (max-width: 767.98px) {
-  .organization.new.org form .optional .title {
-    margin-left: 15px;
-  }
-  .organization.new.org form .inline.field > label {
-    display: block;
-  }
-}
-
-.organization.new.org form .header {
-  padding-left: 0 !important;
-  text-align: center;
-}
-
 .page-content.organization .org-avatar {
   margin-right: 15px;
 }

From 188e0ee8e40ad0b32f9db33a0a217043cfdf3610 Mon Sep 17 00:00:00 2001
From: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
Date: Fri, 3 Jan 2025 13:09:47 -0800
Subject: [PATCH 24/55] Use `Project-URL` metadata field to get a PyPI
 package's homepage URL (#33089)

Resolves #33085.
---
 routers/api/packages/pypi/pypi.go           | 47 ++++++++++++--
 routers/api/packages/pypi/pypi_test.go      | 10 +++
 tests/integration/api_packages_pypi_test.go | 69 +++++++++++++++++++--
 3 files changed, 116 insertions(+), 10 deletions(-)

diff --git a/routers/api/packages/pypi/pypi.go b/routers/api/packages/pypi/pypi.go
index 5ea86071a9e64..19aa54628d278 100644
--- a/routers/api/packages/pypi/pypi.go
+++ b/routers/api/packages/pypi/pypi.go
@@ -10,6 +10,7 @@ import (
 	"regexp"
 	"sort"
 	"strings"
+	"unicode"
 
 	packages_model "code.gitea.io/gitea/models/packages"
 	packages_module "code.gitea.io/gitea/modules/packages"
@@ -139,9 +140,30 @@ func UploadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	projectURL := ctx.Req.FormValue("home_page")
-	if !validation.IsValidURL(projectURL) {
-		projectURL = ""
+	// Ensure ctx.Req.Form exists.
+	_ = ctx.Req.ParseForm()
+
+	var homepageURL string
+	projectURLs := ctx.Req.Form["project_urls"]
+	for _, purl := range projectURLs {
+		label, url, found := strings.Cut(purl, ",")
+		if !found {
+			continue
+		}
+		if normalizeLabel(label) != "homepage" {
+			continue
+		}
+		homepageURL = strings.TrimSpace(url)
+		break
+	}
+
+	if len(homepageURL) == 0 {
+		// TODO: Home-page is a deprecated metadata field. Remove this branch once it's no longer apart of the spec.
+		homepageURL = ctx.Req.FormValue("home_page")
+	}
+
+	if !validation.IsValidURL(homepageURL) {
+		homepageURL = ""
 	}
 
 	_, _, err = packages_service.CreatePackageOrAddFileToExisting(
@@ -160,7 +182,7 @@ func UploadPackageFile(ctx *context.Context) {
 				Description:     ctx.Req.FormValue("description"),
 				LongDescription: ctx.Req.FormValue("long_description"),
 				Summary:         ctx.Req.FormValue("summary"),
-				ProjectURL:      projectURL,
+				ProjectURL:      homepageURL,
 				License:         ctx.Req.FormValue("license"),
 				RequiresPython:  ctx.Req.FormValue("requires_python"),
 			},
@@ -189,6 +211,23 @@ func UploadPackageFile(ctx *context.Context) {
 	ctx.Status(http.StatusCreated)
 }
 
+// Normalizes a Project-URL label.
+// See https://packaging.python.org/en/latest/specifications/well-known-project-urls/#label-normalization.
+func normalizeLabel(label string) string {
+	var builder strings.Builder
+
+	// "A label is normalized by deleting all ASCII punctuation and whitespace, and then converting the result
+	// to lowercase."
+	for _, r := range label {
+		if unicode.IsPunct(r) || unicode.IsSpace(r) {
+			continue
+		}
+		builder.WriteRune(unicode.ToLower(r))
+	}
+
+	return builder.String()
+}
+
 func isValidNameAndVersion(packageName, packageVersion string) bool {
 	return nameMatcher.MatchString(packageName) && versionMatcher.MatchString(packageVersion)
 }
diff --git a/routers/api/packages/pypi/pypi_test.go b/routers/api/packages/pypi/pypi_test.go
index 3023692177fd9..786105693f169 100644
--- a/routers/api/packages/pypi/pypi_test.go
+++ b/routers/api/packages/pypi/pypi_test.go
@@ -36,3 +36,13 @@ func TestIsValidNameAndVersion(t *testing.T) {
 	assert.False(t, isValidNameAndVersion("test-name", "1.0.1aa"))
 	assert.False(t, isValidNameAndVersion("test-name", "1.0.0-alpha.beta"))
 }
+
+func TestNormalizeLabel(t *testing.T) {
+	// Cases fetched from https://packaging.python.org/en/latest/specifications/well-known-project-urls/#label-normalization.
+	assert.Equal(t, "homepage", normalizeLabel("Homepage"))
+	assert.Equal(t, "homepage", normalizeLabel("Home-page"))
+	assert.Equal(t, "homepage", normalizeLabel("Home page"))
+	assert.Equal(t, "changelog", normalizeLabel("Change_Log"))
+	assert.Equal(t, "whatsnew", normalizeLabel("What's New?"))
+	assert.Equal(t, "github", normalizeLabel("github"))
+}
diff --git a/tests/integration/api_packages_pypi_test.go b/tests/integration/api_packages_pypi_test.go
index e973f6a52af77..2dabb5005bcf8 100644
--- a/tests/integration/api_packages_pypi_test.go
+++ b/tests/integration/api_packages_pypi_test.go
@@ -32,15 +32,16 @@ func TestPackagePyPI(t *testing.T) {
 	packageVersion := "1!1.0.1+r1234"
 	packageAuthor := "KN4CK3R"
 	packageDescription := "Test Description"
+	projectURL := "https://example.com"
 
 	content := "test"
 	hashSHA256 := "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
 
 	root := fmt.Sprintf("/api/packages/%s/pypi", user.Name)
 
-	uploadFile := func(t *testing.T, filename, content string, expectedStatus int) {
-		body := &bytes.Buffer{}
-		writer := multipart.NewWriter(body)
+	createBasicMultipartFile := func(filename, packageName, content string) (body *bytes.Buffer, writer *multipart.Writer, closer func() error) {
+		body = &bytes.Buffer{}
+		writer = multipart.NewWriter(body)
 		part, _ := writer.CreateFormFile("content", filename)
 		_, _ = io.Copy(part, strings.NewReader(content))
 
@@ -52,14 +53,27 @@ func TestPackagePyPI(t *testing.T) {
 		writer.WriteField("sha256_digest", hashSHA256)
 		writer.WriteField("requires_python", "3.6")
 
-		_ = writer.Close()
+		return body, writer, writer.Close
+	}
 
+	uploadHelper := func(t *testing.T, body *bytes.Buffer, contentType string, expectedStatus int) {
 		req := NewRequestWithBody(t, "POST", root, body).
-			SetHeader("Content-Type", writer.FormDataContentType()).
+			SetHeader("Content-Type", contentType).
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, expectedStatus)
 	}
 
+	uploadFile := func(t *testing.T, filename, content string, expectedStatus int) {
+		body, writer, closeFunc := createBasicMultipartFile(filename, packageName, content)
+
+		writer.WriteField("project_urls", "DOCUMENTATION , https://readthedocs.org")
+		writer.WriteField("project_urls", fmt.Sprintf("Home-page, %s", projectURL))
+
+		_ = closeFunc()
+
+		uploadHelper(t, body, writer.FormDataContentType(), expectedStatus)
+	}
+
 	t.Run("Upload", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
@@ -74,6 +88,7 @@ func TestPackagePyPI(t *testing.T) {
 		assert.NoError(t, err)
 		assert.Nil(t, pd.SemVer)
 		assert.IsType(t, &pypi.Metadata{}, pd.Metadata)
+		assert.Equal(t, projectURL, pd.Metadata.(*pypi.Metadata).ProjectURL)
 		assert.Equal(t, packageName, pd.Package.Name)
 		assert.Equal(t, packageVersion, pd.Version.Version)
 
@@ -133,6 +148,48 @@ func TestPackagePyPI(t *testing.T) {
 		uploadFile(t, "test.tar.gz", content, http.StatusConflict)
 	})
 
+	t.Run("UploadUsingDeprecatedHomepageMetadata", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		pkgName := "homepage-package"
+		body, writer, closeFunc := createBasicMultipartFile("test.whl", pkgName, content)
+
+		writer.WriteField("home_page", projectURL)
+
+		_ = closeFunc()
+
+		uploadHelper(t, body, writer.FormDataContentType(), http.StatusCreated)
+
+		pvs, err := packages.GetVersionsByPackageName(db.DefaultContext, user.ID, packages.TypePyPI, pkgName)
+		assert.NoError(t, err)
+		assert.Len(t, pvs, 1)
+
+		pd, err := packages.GetPackageDescriptor(db.DefaultContext, pvs[0])
+		assert.NoError(t, err)
+		assert.IsType(t, &pypi.Metadata{}, pd.Metadata)
+		assert.Equal(t, projectURL, pd.Metadata.(*pypi.Metadata).ProjectURL)
+	})
+
+	t.Run("UploadWithoutAnyHomepageURLMetadata", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+
+		pkgName := "no-project-url-or-homepage-package"
+		body, writer, closeFunc := createBasicMultipartFile("test.whl", pkgName, content)
+
+		_ = closeFunc()
+
+		uploadHelper(t, body, writer.FormDataContentType(), http.StatusCreated)
+
+		pvs, err := packages.GetVersionsByPackageName(db.DefaultContext, user.ID, packages.TypePyPI, pkgName)
+		assert.NoError(t, err)
+		assert.Len(t, pvs, 1)
+
+		pd, err := packages.GetPackageDescriptor(db.DefaultContext, pvs[0])
+		assert.NoError(t, err)
+		assert.IsType(t, &pypi.Metadata{}, pd.Metadata)
+		assert.Empty(t, pd.Metadata.(*pypi.Metadata).ProjectURL)
+	})
+
 	t.Run("Download", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
@@ -147,7 +204,7 @@ func TestPackagePyPI(t *testing.T) {
 		downloadFile("test.whl")
 		downloadFile("test.tar.gz")
 
-		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypePyPI)
+		pvs, err := packages.GetVersionsByPackageName(db.DefaultContext, user.ID, packages.TypePyPI, packageName)
 		assert.NoError(t, err)
 		assert.Len(t, pvs, 1)
 		assert.Equal(t, int64(2), pvs[0].DownloadCount)

From 2b064b8637dee3904e882baada99221204f4f874 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sat, 4 Jan 2025 10:56:07 +0800
Subject: [PATCH 25/55] Refactor legacy line-number and scroll code (#33094)

1. remove jquery
2. rewrite the "line number selection", fix various edge cases
3. fix the scroll
---
 web_src/css/base.css                  |   9 +-
 web_src/js/features/repo-code.test.ts |  17 ---
 web_src/js/features/repo-code.ts      | 162 ++++++++++----------------
 web_src/js/features/repo-diff.ts      |   5 +
 web_src/js/features/repo-issue.ts     |  21 +---
 5 files changed, 73 insertions(+), 141 deletions(-)
 delete mode 100644 web_src/js/features/repo-code.test.ts

diff --git a/web_src/css/base.css b/web_src/css/base.css
index 49d5743158444..a1ee7044ecf80 100644
--- a/web_src/css/base.css
+++ b/web_src/css/base.css
@@ -336,8 +336,13 @@ a.label,
   border-color: var(--color-secondary);
 }
 
+.ui.dropdown .menu > .header {
+  text-transform: none; /* reset fomantic's "uppercase" */
+}
+
 .ui.dropdown .menu > .header:not(.ui) {
   color: var(--color-text);
+  font-size: 0.95em; /* reset fomantic's small font-size */
 }
 
 .ui.dropdown .menu > .item {
@@ -691,10 +696,6 @@ input:-webkit-autofill:active,
   box-shadow: 0 6px 18px var(--color-shadow) !important;
 }
 
-.ui.dropdown .menu > .header {
-  font-size: 0.8em;
-}
-
 .ui .text.left {
   text-align: left !important;
 }
diff --git a/web_src/js/features/repo-code.test.ts b/web_src/js/features/repo-code.test.ts
deleted file mode 100644
index 27554aa847efc..0000000000000
--- a/web_src/js/features/repo-code.test.ts
+++ /dev/null
@@ -1,17 +0,0 @@
-import {singleAnchorRegex, rangeAnchorRegex} from './repo-code.ts';
-
-test('singleAnchorRegex', () => {
-  expect(singleAnchorRegex.test('#L0')).toEqual(false);
-  expect(singleAnchorRegex.test('#L1')).toEqual(true);
-  expect(singleAnchorRegex.test('#L01')).toEqual(false);
-  expect(singleAnchorRegex.test('#n0')).toEqual(false);
-  expect(singleAnchorRegex.test('#n1')).toEqual(true);
-  expect(singleAnchorRegex.test('#n01')).toEqual(false);
-});
-
-test('rangeAnchorRegex', () => {
-  expect(rangeAnchorRegex.test('#L0-L10')).toEqual(false);
-  expect(rangeAnchorRegex.test('#L1-L10')).toEqual(true);
-  expect(rangeAnchorRegex.test('#L01-L10')).toEqual(false);
-  expect(rangeAnchorRegex.test('#L1-L01')).toEqual(false);
-});
diff --git a/web_src/js/features/repo-code.ts b/web_src/js/features/repo-code.ts
index a8d6e8f97ddd5..207022ca42c6e 100644
--- a/web_src/js/features/repo-code.ts
+++ b/web_src/js/features/repo-code.ts
@@ -1,12 +1,8 @@
-import $ from 'jquery';
 import {svg} from '../svg.ts';
-import {invertFileFolding} from './file-fold.ts';
 import {createTippy} from '../modules/tippy.ts';
 import {clippie} from 'clippie';
 import {toAbsoluteUrl} from '../utils.ts';
-
-export const singleAnchorRegex = /^#(L|n)([1-9][0-9]*)$/;
-export const rangeAnchorRegex = /^#(L[1-9][0-9]*)-(L[1-9][0-9]*)$/;
+import {addDelegatedEventListener} from '../utils/dom.ts';
 
 function changeHash(hash: string) {
   if (window.history.pushState) {
@@ -16,20 +12,11 @@ function changeHash(hash: string) {
   }
 }
 
-function isBlame() {
-  return Boolean(document.querySelector('div.blame'));
-}
+// it selects the code lines defined by range: `L1-L3` (3 lines) or `L2` (singe line)
+function selectRange(range: string): Element {
+  for (const el of document.querySelectorAll('.code-view tr.active')) el.classList.remove('active');
+  const elLineNums = document.querySelectorAll(`.code-view td.lines-num span[data-line-number]`);
 
-function getLineEls() {
-  return document.querySelectorAll(`.code-view td.lines-code${isBlame() ? '.blame-code' : ''}`);
-}
-
-function selectRange($linesEls, $selectionEndEl, $selectionStartEls?) {
-  for (const el of $linesEls) {
-    el.closest('tr').classList.remove('active');
-  }
-
-  // add hashchange to permalink
   const refInNewIssue = document.querySelector('a.ref-in-new-issue');
   const copyPermalink = document.querySelector('a.copy-line-permalink');
   const viewGitBlame = document.querySelector('a.view_git_blame');
@@ -59,37 +46,30 @@ function selectRange($linesEls, $selectionEndEl, $selectionStartEls?) {
     copyPermalink.setAttribute('data-url', link);
   };
 
-  if ($selectionStartEls) {
-    let a = parseInt($selectionEndEl[0].getAttribute('rel').slice(1));
-    let b = parseInt($selectionStartEls[0].getAttribute('rel').slice(1));
-    let c;
-    if (a !== b) {
-      if (a > b) {
-        c = a;
-        a = b;
-        b = c;
-      }
-      const classes = [];
-      for (let i = a; i <= b; i++) {
-        classes.push(`[rel=L${i}]`);
-      }
-      $linesEls.filter(classes.join(',')).each(function () {
-        this.closest('tr').classList.add('active');
-      });
-      changeHash(`#L${a}-L${b}`);
-
-      updateIssueHref(`L${a}-L${b}`);
-      updateViewGitBlameFragment(`L${a}-L${b}`);
-      updateCopyPermalinkUrl(`L${a}-L${b}`);
-      return;
-    }
+  const rangeFields = range ? range.split('-') : [];
+  const start = rangeFields[0] ?? '';
+  if (!start) return null;
+  const stop = rangeFields[1] || start;
+
+  // format is i.e. 'L14-L26'
+  let startLineNum = parseInt(start.substring(1));
+  let stopLineNum = parseInt(stop.substring(1));
+  if (startLineNum > stopLineNum) {
+    const tmp = startLineNum;
+    startLineNum = stopLineNum;
+    stopLineNum = tmp;
+    range = `${stop}-${start}`;
   }
-  $selectionEndEl[0].closest('tr').classList.add('active');
-  changeHash(`#${$selectionEndEl[0].getAttribute('rel')}`);
 
-  updateIssueHref($selectionEndEl[0].getAttribute('rel'));
-  updateViewGitBlameFragment($selectionEndEl[0].getAttribute('rel'));
-  updateCopyPermalinkUrl($selectionEndEl[0].getAttribute('rel'));
+  const first = elLineNums[startLineNum - 1] ?? null;
+  for (let i = startLineNum - 1; i <= stopLineNum - 1 && i < elLineNums.length; i++) {
+    elLineNums[i].closest('tr').classList.add('active');
+  }
+  changeHash(`#${range}`);
+  updateIssueHref(range);
+  updateViewGitBlameFragment(range);
+  updateCopyPermalinkUrl(range);
+  return first;
 }
 
 function showLineButton() {
@@ -103,6 +83,8 @@ function showLineButton() {
 
   // find active row and add button
   const tr = document.querySelector('.code-view tr.active');
+  if (!tr) return;
+
   const td = tr.querySelector('td.lines-num');
   const btn = document.createElement('button');
   btn.classList.add('code-line-button', 'ui', 'basic', 'button');
@@ -128,62 +110,36 @@ function showLineButton() {
 }
 
 export function initRepoCodeView() {
-  if ($('.code-view .lines-num').length > 0) {
-    $(document).on('click', '.lines-num span', function (e) {
-      const linesEls = getLineEls();
-      const selectedEls = Array.from(linesEls).filter((el) => {
-        return el.matches(`[rel=${this.getAttribute('id')}]`);
-      });
-
-      let from;
-      if (e.shiftKey) {
-        from = Array.from(linesEls).filter((el) => {
-          return el.closest('tr').classList.contains('active');
-        });
-      }
-      selectRange($(linesEls), $(selectedEls), from ? $(from) : null);
-      window.getSelection().removeAllRanges();
-      showLineButton();
-    });
-
-    $(window).on('hashchange', () => {
-      let m = rangeAnchorRegex.exec(window.location.hash);
-      const $linesEls = $(getLineEls());
-      let $first;
-      if (m) {
-        $first = $linesEls.filter(`[rel=${m[1]}]`);
-        if ($first.length) {
-          selectRange($linesEls, $first, $linesEls.filter(`[rel=${m[2]}]`));
-
-          // show code view menu marker (don't show in blame page)
-          if (!isBlame()) {
-            showLineButton();
-          }
-
-          $('html, body').scrollTop($first.offset().top - 200);
-          return;
-        }
-      }
-      m = singleAnchorRegex.exec(window.location.hash);
-      if (m) {
-        $first = $linesEls.filter(`[rel=L${m[2]}]`);
-        if ($first.length) {
-          selectRange($linesEls, $first);
-
-          // show code view menu marker (don't show in blame page)
-          if (!isBlame()) {
-            showLineButton();
-          }
-
-          $('html, body').scrollTop($first.offset().top - 200);
-        }
-      }
-    }).trigger('hashchange');
-  }
-  $(document).on('click', '.fold-file', ({currentTarget}) => {
-    invertFileFolding(currentTarget.closest('.file-content'), currentTarget);
+  if (!document.querySelector('.code-view .lines-num')) return;
+
+  let selRangeStart: string;
+  addDelegatedEventListener(document, 'click', '.lines-num span', (el: HTMLElement, e: KeyboardEvent) => {
+    if (!selRangeStart || !e.shiftKey) {
+      selRangeStart = el.getAttribute('id');
+      selectRange(selRangeStart);
+    } else {
+      const selRangeStop = el.getAttribute('id');
+      selectRange(`${selRangeStart}-${selRangeStop}`);
+    }
+    window.getSelection().removeAllRanges();
+    showLineButton();
   });
-  $(document).on('click', '.copy-line-permalink', async ({currentTarget}) => {
-    await clippie(toAbsoluteUrl(currentTarget.getAttribute('data-url')));
+
+  const onHashChange = () => {
+    if (!window.location.hash) return;
+    const range = window.location.hash.substring(1);
+    const first = selectRange(range);
+    if (first) {
+      // set scrollRestoration to 'manual' when there is a hash in url, so that the scroll position will not be remembered after refreshing
+      if (window.history.scrollRestoration !== 'manual') window.history.scrollRestoration = 'manual';
+      first.scrollIntoView({block: 'start'});
+      showLineButton();
+    }
+  };
+  onHashChange();
+  window.addEventListener('hashchange', onHashChange);
+
+  addDelegatedEventListener(document, 'click', '.copy-line-permalink', (el) => {
+    clippie(toAbsoluteUrl(el.getAttribute('data-url')));
   });
 }
diff --git a/web_src/js/features/repo-diff.ts b/web_src/js/features/repo-diff.ts
index 2b405abb9bc61..0cb2e566c057d 100644
--- a/web_src/js/features/repo-diff.ts
+++ b/web_src/js/features/repo-diff.ts
@@ -19,6 +19,7 @@ import {
 import {POST, GET} from '../modules/fetch.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
 import {createTippy} from '../modules/tippy.ts';
+import {invertFileFolding} from './file-fold.ts';
 
 const {pageData, i18n} = window.config;
 
@@ -244,4 +245,8 @@ export function initRepoDiffView() {
   initRepoDiffFileViewToggle();
   initViewedCheckboxListenerFor();
   initExpandAndCollapseFilesButton();
+
+  addDelegatedEventListener(document, 'click', '.fold-file', (el) => {
+    invertFileFolding(el.closest('.file-content'), el);
+  });
 }
diff --git a/web_src/js/features/repo-issue.ts b/web_src/js/features/repo-issue.ts
index a9dda39a7f07a..d74d3f7700258 100644
--- a/web_src/js/features/repo-issue.ts
+++ b/web_src/js/features/repo-issue.ts
@@ -373,10 +373,6 @@ export async function handleReply(el) {
 
 export function initRepoPullRequestReview() {
   if (window.location.hash && window.location.hash.startsWith('#issuecomment-')) {
-    // set scrollRestoration to 'manual' when there is a hash in url, so that the scroll position will not be remembered after refreshing
-    if (window.history.scrollRestoration !== 'manual') {
-      window.history.scrollRestoration = 'manual';
-    }
     const commentDiv = document.querySelector(window.location.hash);
     if (commentDiv) {
       // get the name of the parent id
@@ -384,14 +380,6 @@ export function initRepoPullRequestReview() {
       if (groupID && groupID.startsWith('code-comments-')) {
         const id = groupID.slice(14);
         const ancestorDiffBox = commentDiv.closest('.diff-file-box');
-        // on pages like conversation, there is no diff header
-        const diffHeader = ancestorDiffBox?.querySelector('.diff-file-header');
-
-        // offset is for scrolling
-        let offset = 30;
-        if (diffHeader) {
-          offset += $('.diff-detail-box').outerHeight() + $(diffHeader).outerHeight();
-        }
 
         hideElem(`#show-outdated-${id}`);
         showElem(`#code-comments-${id}, #code-preview-${id}, #hide-outdated-${id}`);
@@ -399,12 +387,11 @@ export function initRepoPullRequestReview() {
         if (ancestorDiffBox?.getAttribute('data-folded') === 'true') {
           setFileFolding(ancestorDiffBox, ancestorDiffBox.querySelector('.fold-file'), false);
         }
-
-        window.scrollTo({
-          top: $(commentDiv).offset().top - offset,
-          behavior: 'instant',
-        });
       }
+      // set scrollRestoration to 'manual' when there is a hash in url, so that the scroll position will not be remembered after refreshing
+      if (window.history.scrollRestoration !== 'manual') window.history.scrollRestoration = 'manual';
+      // wait for a while because some elements (eg: image, editor, etc.) may change the viewport's height.
+      setTimeout(() => commentDiv.scrollIntoView({block: 'start'}), 100);
     }
   }
 

From 3d544a3ad35f221d48591757ae3beaab0820e4ff Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sat, 4 Jan 2025 18:47:24 +0800
Subject: [PATCH 26/55] Fix empty git repo handling logic (#33101)

Fix #33092
---
 models/repo/repo.go             |  2 ++
 options/locale/locale_en-US.ini |  1 +
 routers/web/repo/view_home.go   | 46 +++++++++++++++++++++------------
 services/context/repo.go        |  3 ---
 templates/repo/empty.tmpl       | 21 +++++++--------
 templates/repo/header.tmpl      |  2 +-
 6 files changed, 43 insertions(+), 32 deletions(-)

diff --git a/models/repo/repo.go b/models/repo/repo.go
index 5ef4d470c3bf6..af4a1f7fb5888 100644
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@@ -279,6 +279,8 @@ func (repo *Repository) IsBroken() bool {
 }
 
 // MarkAsBrokenEmpty marks the repo as broken and empty
+// FIXME: the status "broken" and "is_empty" were abused,
+// The code always set them together, no way to distinguish whether a repo is really "empty" or "broken"
 func (repo *Repository) MarkAsBrokenEmpty() {
 	repo.Status = RepositoryBroken
 	repo.IsEmpty = true
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 6029d49ade0bc..07c9ffa9fc5ad 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1235,6 +1235,7 @@ create_new_repo_command = Creating a new repository on the command line
 push_exist_repo = Pushing an existing repository from the command line
 empty_message = This repository does not contain any content.
 broken_message = The Git data underlying this repository cannot be read. Contact the administrator of this instance or delete this repository.
+no_branch = This repository doesn’t have any branches.
 
 code = Code
 code.desc = Access source code, files, commits and branches.
diff --git a/routers/web/repo/view_home.go b/routers/web/repo/view_home.go
index 70ba07f9a89a3..3fcd7bba8ebbb 100644
--- a/routers/web/repo/view_home.go
+++ b/routers/web/repo/view_home.go
@@ -223,16 +223,37 @@ func prepareRecentlyPushedNewBranches(ctx *context.Context) {
 	}
 }
 
+func updateContextRepoEmptyAndStatus(ctx *context.Context, empty bool, status repo_model.RepositoryStatus) {
+	ctx.Repo.Repository.IsEmpty = empty
+	if ctx.Repo.Repository.Status == repo_model.RepositoryReady || ctx.Repo.Repository.Status == repo_model.RepositoryBroken {
+		ctx.Repo.Repository.Status = status // only handle ready and broken status, leave other status as-is
+	}
+	if err := repo_model.UpdateRepositoryCols(ctx, ctx.Repo.Repository, "is_empty", "status"); err != nil {
+		ctx.ServerError("updateContextRepoEmptyAndStatus: UpdateRepositoryCols", err)
+		return
+	}
+}
+
 func handleRepoEmptyOrBroken(ctx *context.Context) {
 	showEmpty := true
-	var err error
 	if ctx.Repo.GitRepo != nil {
-		showEmpty, err = ctx.Repo.GitRepo.IsEmpty()
+		reallyEmpty, err := ctx.Repo.GitRepo.IsEmpty()
 		if err != nil {
+			showEmpty = true // the repo is broken
+			updateContextRepoEmptyAndStatus(ctx, true, repo_model.RepositoryBroken)
 			log.Error("GitRepo.IsEmpty: %v", err)
-			ctx.Repo.Repository.Status = repo_model.RepositoryBroken
-			showEmpty = true
 			ctx.Flash.Error(ctx.Tr("error.occurred"), true)
+		} else if reallyEmpty {
+			showEmpty = true // the repo is really empty
+			updateContextRepoEmptyAndStatus(ctx, true, repo_model.RepositoryReady)
+		} else if ctx.Repo.Commit == nil {
+			showEmpty = true // it is not really empty, but there is no branch
+			// at the moment, other repo units like "actions" are not able to handle such case,
+			// so we just mark the repo as empty to prevent from displaying these units.
+			updateContextRepoEmptyAndStatus(ctx, true, repo_model.RepositoryReady)
+		} else {
+			// the repo is actually not empty and has branches, need to update the database later
+			showEmpty = false
 		}
 	}
 	if showEmpty {
@@ -240,18 +261,11 @@ func handleRepoEmptyOrBroken(ctx *context.Context) {
 		return
 	}
 
-	// the repo is not really empty, so we should update the modal in database
-	// such problem may be caused by:
-	// 1) an error occurs during pushing/receiving.  2) the user replaces an empty git repo manually
-	// and even more: the IsEmpty flag is deeply broken and should be removed with the UI changed to manage to cope with empty repos.
-	// it's possible for a repository to be non-empty by that flag but still 500
-	// because there are no branches - only tags -or the default branch is non-extant as it has been 0-pushed.
-	ctx.Repo.Repository.IsEmpty = false
-	if err = repo_model.UpdateRepositoryCols(ctx, ctx.Repo.Repository, "is_empty"); err != nil {
-		ctx.ServerError("UpdateRepositoryCols", err)
-		return
-	}
-	if err = repo_module.UpdateRepoSize(ctx, ctx.Repo.Repository); err != nil {
+	// The repo is not really empty, so we should update the model in database, such problem may be caused by:
+	// 1) an error occurs during pushing/receiving.
+	// 2) the user replaces an empty git repo manually.
+	updateContextRepoEmptyAndStatus(ctx, false, repo_model.RepositoryReady)
+	if err := repo_module.UpdateRepoSize(ctx, ctx.Repo.Repository); err != nil {
 		ctx.ServerError("UpdateRepoSize", err)
 		return
 	}
diff --git a/services/context/repo.go b/services/context/repo.go
index 2a473f4a5419e..63529e1d81128 100644
--- a/services/context/repo.go
+++ b/services/context/repo.go
@@ -897,10 +897,8 @@ func RepoRefByType(detectRefType RepoRefType, opts ...RepoRefByTypeOptions) func
 					refName = brs[0].Name
 				} else if len(brs) == 0 {
 					log.Error("No branches in non-empty repository %s", ctx.Repo.GitRepo.Path)
-					ctx.Repo.Repository.MarkAsBrokenEmpty()
 				} else {
 					log.Error("GetBranches error: %v", err)
-					ctx.Repo.Repository.MarkAsBrokenEmpty()
 				}
 			}
 			ctx.Repo.RefName = refName
@@ -911,7 +909,6 @@ func RepoRefByType(detectRefType RepoRefType, opts ...RepoRefByTypeOptions) func
 			} else if strings.Contains(err.Error(), "fatal: not a git repository") || strings.Contains(err.Error(), "object does not exist") {
 				// if the repository is broken, we can continue to the handler code, to show "Settings -> Delete Repository" for end users
 				log.Error("GetBranchCommit: %v", err)
-				ctx.Repo.Repository.MarkAsBrokenEmpty()
 			} else {
 				ctx.ServerError("GetBranchCommit", err)
 				return
diff --git a/templates/repo/empty.tmpl b/templates/repo/empty.tmpl
index 7170fe360203d..dfda5b7b2b4d2 100644
--- a/templates/repo/empty.tmpl
+++ b/templates/repo/empty.tmpl
@@ -14,14 +14,13 @@
 						{{end}}
 					</div>
 				{{end}}
+
 				{{if .Repository.IsBroken}}
-						<div class="ui segment center">
-							{{ctx.Locale.Tr "repo.broken_message"}}
-						</div>
+					<div class="ui segment center">{{ctx.Locale.Tr "repo.broken_message"}}</div>
+				{{else if .Repository.IsEmpty}}
+					<div class="ui segment center">{{ctx.Locale.Tr "repo.no_branch"}}</div>
 				{{else if .CanWriteCode}}
-					<h4 class="ui top attached header">
-						{{ctx.Locale.Tr "repo.quick_guide"}}
-					</h4>
+					<h4 class="ui top attached header">{{ctx.Locale.Tr "repo.quick_guide"}}</h4>
 					<div class="ui attached guide table segment empty-repo-guide">
 						<div class="item">
 							<h3>{{ctx.Locale.Tr "repo.clone_this_repo"}} <small>{{ctx.Locale.Tr "repo.clone_helper" "http://git-scm.com/book/en/v2/Git-Basics-Getting-a-Git-Repository"}}</small></h3>
@@ -66,12 +65,10 @@ git push -u origin {{.Repository.DefaultBranch}}</code></pre>
 								</div>
 							</div>
 						{{end}}
-					{{else}}
-						<div class="ui segment center">
-							{{ctx.Locale.Tr "repo.empty_message"}}
-						</div>
-					{{end}}
-				</div>
+					</div>
+				{{else}}
+					<div class="ui segment center">{{ctx.Locale.Tr "repo.empty_message"}}</div>
+				{{end}}
 			</div>
 		</div>
 	</div>
diff --git a/templates/repo/header.tmpl b/templates/repo/header.tmpl
index c3ae697f31fbf..e187ef1a87dd7 100644
--- a/templates/repo/header.tmpl
+++ b/templates/repo/header.tmpl
@@ -162,7 +162,7 @@
 						</a>
 					{{end}}
 
-					{{if and .EnableActions (.Permission.CanRead ctx.Consts.RepoUnitTypeActions)}}
+					{{if and .EnableActions (.Permission.CanRead ctx.Consts.RepoUnitTypeActions) (not .IsEmptyRepo)}}
 						<a class="{{if .PageIsActions}}active {{end}}item" href="{{.RepoLink}}/actions">
 							{{svg "octicon-play"}} {{ctx.Locale.Tr "actions.actions"}}
 							{{if .Repository.NumOpenActionRuns}}

From df9d1fe8c5a628f57b74c04fed91e7dafa5eb1a5 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sun, 5 Jan 2025 06:25:50 +0800
Subject: [PATCH 27/55] Trivial fixes (#33103)

1. remove `gock` dependency, it is not needed
2. fix a regression from org private profile readme
---
 go.mod                                |  2 --
 go.sum                                |  6 -----
 modules/auth/password/pwn/pwn_test.go | 33 ++++++++++++++++++---------
 templates/user/profile.tmpl           |  2 +-
 4 files changed, 23 insertions(+), 20 deletions(-)

diff --git a/go.mod b/go.mod
index dc80d2ca2bb3a..084b2946091f1 100644
--- a/go.mod
+++ b/go.mod
@@ -71,7 +71,6 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/feeds v1.2.0
 	github.com/gorilla/sessions v1.4.0
-	github.com/h2non/gock v1.2.0
 	github.com/hashicorp/go-version v1.7.0
 	github.com/hashicorp/golang-lru/v2 v2.0.7
 	github.com/huandu/xstrings v1.5.0
@@ -230,7 +229,6 @@ require (
 	github.com/gorilla/handlers v1.5.2 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
-	github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
diff --git a/go.sum b/go.sum
index b5e64321b53ed..40add64289dce 100644
--- a/go.sum
+++ b/go.sum
@@ -452,10 +452,6 @@ github.com/gorilla/sessions v1.2.0/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/z
 github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
 github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
 github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
-github.com/h2non/gock v1.2.0 h1:K6ol8rfrRkUOefooBC8elXoaNGYkpp7y2qcxGG6BzUE=
-github.com/h2non/gock v1.2.0/go.mod h1:tNhoxHYW2W42cYkYb1WqzdbYIieALC99kpYr7rH/BQk=
-github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542 h1:2VTzZjLZBgl62/EtslCrtky5vbi9dd7HrQPQIx6wqiw=
-github.com/h2non/parth v0.0.0-20190131123155-b4df798d6542/go.mod h1:Ow0tF8D4Kplbc8s8sSb3V2oUCygFHVp8gC3Dn6U4MNI=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
 github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
@@ -599,8 +595,6 @@ github.com/msteinert/pam v1.2.0 h1:mYfjlvN2KYs2Pb9G6nb/1f/nPfAttT/Jee5Sq9r3bGE=
 github.com/msteinert/pam v1.2.0/go.mod h1:d2n0DCUK8rGecChV3JzvmsDjOY4R7AYbsNxAT+ftQl0=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32 h1:W6apQkHrMkS0Muv8G/TipAy/FJl/rCYT0+EuS8+Z0z4=
-github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms=
 github.com/niklasfasching/go-org v1.7.0 h1:vyMdcMWWTe/XmANk19F4k8XGBYg0GQ/gJGMimOjGMek=
 github.com/niklasfasching/go-org v1.7.0/go.mod h1:WuVm4d45oePiE0eX25GqTDQIt/qPW1T9DGkRscqLW5o=
 github.com/nwaples/rardecode v1.1.0/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0=
diff --git a/modules/auth/password/pwn/pwn_test.go b/modules/auth/password/pwn/pwn_test.go
index b3e7734c3fc1e..ae03fabc57905 100644
--- a/modules/auth/password/pwn/pwn_test.go
+++ b/modules/auth/password/pwn/pwn_test.go
@@ -4,46 +4,57 @@
 package pwn
 
 import (
+	"errors"
+	"io"
 	"net/http"
+	"strings"
 	"testing"
-	"time"
 
-	"github.com/h2non/gock"
 	"github.com/stretchr/testify/assert"
 )
 
-var client = New(WithHTTP(&http.Client{
-	Timeout: time.Second * 2,
-}))
+type mockTransport struct{}
+
+func (mockTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+	if req.URL.Host != "api.pwnedpasswords.com" {
+		return nil, errors.New("unsupported host")
+	}
+	respMap := map[string]string{
+		"/range/5c1d8": "EAF2F254732680E8AC339B84F3266ECCBB5:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2",
+		"/range/ba189": "FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4",
+		"/range/a1733": "C4CE0F1F0062B27B9E2F41AF0C08218017C:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2\r\nFE81480327C992FE62065A827429DD1318B:0",
+		"/range/5617b": "FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0",
+		"/range/79082": "FDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0\r\nAFEF386F56EB0B4BE314E07696E5E6E6536:0",
+	}
+	if resp, ok := respMap[req.URL.Path]; ok {
+		return &http.Response{Request: req, Body: io.NopCloser(strings.NewReader(resp))}, nil
+	}
+	return nil, errors.New("unsupported path")
+}
 
 func TestPassword(t *testing.T) {
-	defer gock.Off()
+	client := New(WithHTTP(&http.Client{Transport: mockTransport{}}))
 
 	count, err := client.CheckPassword("", false)
 	assert.ErrorIs(t, err, ErrEmptyPassword, "blank input should return ErrEmptyPassword")
 	assert.Equal(t, -1, count)
 
-	gock.New("https://api.pwnedpasswords.com").Get("/range/5c1d8").Times(1).Reply(200).BodyString("EAF2F254732680E8AC339B84F3266ECCBB5:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2")
 	count, err = client.CheckPassword("pwned", false)
 	assert.NoError(t, err)
 	assert.Equal(t, 1, count)
 
-	gock.New("https://api.pwnedpasswords.com").Get("/range/ba189").Times(1).Reply(200).BodyString("FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4")
 	count, err = client.CheckPassword("notpwned", false)
 	assert.NoError(t, err)
 	assert.Equal(t, 0, count)
 
-	gock.New("https://api.pwnedpasswords.com").Get("/range/a1733").Times(1).Reply(200).BodyString("C4CE0F1F0062B27B9E2F41AF0C08218017C:1\r\nFC446EB88938834178CB9322C1EE273C2A7:2\r\nFE81480327C992FE62065A827429DD1318B:0")
 	count, err = client.CheckPassword("paddedpwned", true)
 	assert.NoError(t, err)
 	assert.Equal(t, 1, count)
 
-	gock.New("https://api.pwnedpasswords.com").Get("/range/5617b").Times(1).Reply(200).BodyString("FD4CB34F0378BCB15D23F6FFD28F0775C9E:3\r\nFDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0")
 	count, err = client.CheckPassword("paddednotpwned", true)
 	assert.NoError(t, err)
 	assert.Equal(t, 0, count)
 
-	gock.New("https://api.pwnedpasswords.com").Get("/range/79082").Times(1).Reply(200).BodyString("FDF342FCD8C3611DAE4D76E8A992A3E4169:4\r\nFE81480327C992FE62065A827429DD1318B:0\r\nAFEF386F56EB0B4BE314E07696E5E6E6536:0")
 	count, err = client.CheckPassword("paddednotpwnedzero", true)
 	assert.NoError(t, err)
 	assert.Equal(t, 0, count)
diff --git a/templates/user/profile.tmpl b/templates/user/profile.tmpl
index 2c83ce97cd3df..345872b00d17e 100644
--- a/templates/user/profile.tmpl
+++ b/templates/user/profile.tmpl
@@ -26,7 +26,7 @@
 				{{else if eq .TabName "followers"}}
 					{{template "repo/user_cards" .}}
 				{{else if eq .TabName "overview"}}
-					<div id="readme_profile" class="markup">{{.ProfileReadme}}</div>
+					<div id="readme_profile" class="markup">{{.ProfileReadmeContent}}</div>
 				{{else if eq .TabName "organizations"}}
 					{{template "repo/user_cards" .}}
 				{{else}}

From 3078826d0111e818dc765d94c650f4cb5b3ecce7 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Sun, 5 Jan 2025 00:35:35 +0000
Subject: [PATCH 28/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_pt-PT.ini | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index 0fb56f6763528..cbb7f09c82bc2 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -495,7 +495,7 @@ register_notify.text_3=Se esta conta foi criada para si, <a href="%s">defina a s
 
 reset_password=Recupere a sua conta
 reset_password.title=%s, você pediu para recuperar a sua conta
-reset_password.text=Por favor clique na seguinte ligação para recuperar a sua conta em <b>%s</b>:
+reset_password.text=Para recuperar a sua conta, clique na ligação seguinte (válida por <b>%s</b>):
 
 register_success=Inscrição bem sucedida
 
@@ -1017,6 +1017,8 @@ owner=Proprietário(a)
 owner_helper=Algumas organizações podem não aparecer na lista suspensa devido a um limite máximo de contagem de repositórios.
 repo_name=Nome do repositório
 repo_name_profile_public_hint=.profile é um repositório especial que pode usar para adicionar README.md ao seu perfil público da organização, visível para qualquer pessoa. Certifique-se que é público e inicialize-o com um README na pasta do perfil para começar.
+repo_name_profile_private_hint=.profile-private é um repositório especial que pode usar para adicionar um README.md ao seu perfil de membro da organização, visível apenas para membros da organização. Certifique-se que é privado e inicialize-o com um README na pasta de perfil para começar.
+repo_name_helper=Bons nomes de repositórios usam palavras-chave curtas, memorizáveis e únicas. Um repositório chamado ".profile" ou ".profile-private" pode ser usado para adicionar um README.md ao perfil do utilizador ou da organização.
 repo_size=Tamanho do repositório
 template=Modelo
 template_select=Escolha um modelo.

From 42377360296b7c810b284472ba6743bf684186fb Mon Sep 17 00:00:00 2001
From: ChristopherHX <christopher.homberger@web.de>
Date: Sun, 5 Jan 2025 14:47:18 +0100
Subject: [PATCH 29/55] workflow_dispatch use workflow from trigger branch
 (#33098)

* htmx updates the input form on branch switch
* add workflow warning to dispatch modal
* use name if description of input is empty
* show error if workflow_dispatch not available on branch

Closes #33073
Closes #33099

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 options/locale/locale_en-US.ini               |   1 +
 routers/web/repo/actions/actions.go           | 216 +++++++++++-------
 routers/web/repo/actions/view.go              |   9 +-
 routers/web/web.go                            |   3 +-
 templates/repo/actions/workflow_dispatch.tmpl |  27 +--
 .../actions/workflow_dispatch_inputs.tmpl     |  45 ++++
 6 files changed, 184 insertions(+), 117 deletions(-)
 create mode 100644 templates/repo/actions/workflow_dispatch_inputs.tmpl

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 07c9ffa9fc5ad..96404a6143189 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -3765,6 +3765,7 @@ workflow.not_found = Workflow '%s' not found.
 workflow.run_success = Workflow '%s' run successfully.
 workflow.from_ref = Use workflow from
 workflow.has_workflow_dispatch = This workflow has a workflow_dispatch event trigger.
+workflow.has_no_workflow_dispatch = Workflow '%s' has no workflow_dispatch event trigger.
 
 need_approval_desc = Need approval to run workflows for fork pull request.
 
diff --git a/routers/web/repo/actions/actions.go b/routers/web/repo/actions/actions.go
index f0d8d81fee598..539c4b6ed003c 100644
--- a/routers/web/repo/actions/actions.go
+++ b/routers/web/repo/actions/actions.go
@@ -32,8 +32,9 @@ import (
 )
 
 const (
-	tplListActions templates.TplName = "repo/actions/list"
-	tplViewActions templates.TplName = "repo/actions/view"
+	tplListActions           templates.TplName = "repo/actions/list"
+	tplDispatchInputsActions templates.TplName = "repo/actions/workflow_dispatch_inputs"
+	tplViewActions           templates.TplName = "repo/actions/view"
 )
 
 type Workflow struct {
@@ -64,107 +65,143 @@ func MustEnableActions(ctx *context.Context) {
 func List(ctx *context.Context) {
 	ctx.Data["Title"] = ctx.Tr("actions.actions")
 	ctx.Data["PageIsActions"] = true
+
+	commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
+	if err != nil {
+		ctx.ServerError("GetBranchCommit", err)
+		return
+	}
+
+	workflows := prepareWorkflowDispatchTemplate(ctx, commit)
+	if ctx.Written() {
+		return
+	}
+
+	prepareWorkflowList(ctx, workflows)
+	if ctx.Written() {
+		return
+	}
+
+	ctx.HTML(http.StatusOK, tplListActions)
+}
+
+func WorkflowDispatchInputs(ctx *context.Context) {
+	ref := ctx.FormString("ref")
+	if ref == "" {
+		ctx.NotFound("WorkflowDispatchInputs: no ref", nil)
+		return
+	}
+	// get target commit of run from specified ref
+	refName := git.RefName(ref)
+	var commit *git.Commit
+	var err error
+	if refName.IsTag() {
+		commit, err = ctx.Repo.GitRepo.GetTagCommit(refName.TagName())
+	} else if refName.IsBranch() {
+		commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName.BranchName())
+	} else {
+		ctx.ServerError("UnsupportedRefType", nil)
+		return
+	}
+	if err != nil {
+		ctx.ServerError("GetTagCommit/GetBranchCommit", err)
+		return
+	}
+	prepareWorkflowDispatchTemplate(ctx, commit)
+	if ctx.Written() {
+		return
+	}
+	ctx.HTML(http.StatusOK, tplDispatchInputsActions)
+}
+
+func prepareWorkflowDispatchTemplate(ctx *context.Context, commit *git.Commit) (workflows []Workflow) {
 	workflowID := ctx.FormString("workflow")
-	actorID := ctx.FormInt64("actor")
-	status := ctx.FormInt("status")
 	ctx.Data["CurWorkflow"] = workflowID
+	ctx.Data["CurWorkflowExists"] = false
 
-	var workflows []Workflow
 	var curWorkflow *model.Workflow
-	if empty, err := ctx.Repo.GitRepo.IsEmpty(); err != nil {
-		ctx.ServerError("IsEmpty", err)
-		return
-	} else if !empty {
-		commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
-		if err != nil {
-			ctx.ServerError("GetBranchCommit", err)
-			return
-		}
-		entries, err := actions.ListWorkflows(commit)
-		if err != nil {
-			ctx.ServerError("ListWorkflows", err)
-			return
-		}
 
-		// Get all runner labels
-		runners, err := db.Find[actions_model.ActionRunner](ctx, actions_model.FindRunnerOptions{
-			RepoID:        ctx.Repo.Repository.ID,
-			IsOnline:      optional.Some(true),
-			WithAvailable: true,
-		})
+	entries, err := actions.ListWorkflows(commit)
+	if err != nil {
+		ctx.ServerError("ListWorkflows", err)
+		return nil
+	}
+
+	// Get all runner labels
+	runners, err := db.Find[actions_model.ActionRunner](ctx, actions_model.FindRunnerOptions{
+		RepoID:        ctx.Repo.Repository.ID,
+		IsOnline:      optional.Some(true),
+		WithAvailable: true,
+	})
+	if err != nil {
+		ctx.ServerError("FindRunners", err)
+		return nil
+	}
+	allRunnerLabels := make(container.Set[string])
+	for _, r := range runners {
+		allRunnerLabels.AddMultiple(r.AgentLabels...)
+	}
+
+	workflows = make([]Workflow, 0, len(entries))
+	for _, entry := range entries {
+		workflow := Workflow{Entry: *entry}
+		content, err := actions.GetContentFromEntry(entry)
 		if err != nil {
-			ctx.ServerError("FindRunners", err)
-			return
+			ctx.ServerError("GetContentFromEntry", err)
+			return nil
 		}
-		allRunnerLabels := make(container.Set[string])
-		for _, r := range runners {
-			allRunnerLabels.AddMultiple(r.AgentLabels...)
+		wf, err := model.ReadWorkflow(bytes.NewReader(content))
+		if err != nil {
+			workflow.ErrMsg = ctx.Locale.TrString("actions.runs.invalid_workflow_helper", err.Error())
+			workflows = append(workflows, workflow)
+			continue
 		}
-
-		workflows = make([]Workflow, 0, len(entries))
-		for _, entry := range entries {
-			workflow := Workflow{Entry: *entry}
-			content, err := actions.GetContentFromEntry(entry)
-			if err != nil {
-				ctx.ServerError("GetContentFromEntry", err)
-				return
-			}
-			wf, err := model.ReadWorkflow(bytes.NewReader(content))
-			if err != nil {
-				workflow.ErrMsg = ctx.Locale.TrString("actions.runs.invalid_workflow_helper", err.Error())
-				workflows = append(workflows, workflow)
+		// The workflow must contain at least one job without "needs". Otherwise, a deadlock will occur and no jobs will be able to run.
+		hasJobWithoutNeeds := false
+		// Check whether you have matching runner and a job without "needs"
+		emptyJobsNumber := 0
+		for _, j := range wf.Jobs {
+			if j == nil {
+				emptyJobsNumber++
 				continue
 			}
-			// The workflow must contain at least one job without "needs". Otherwise, a deadlock will occur and no jobs will be able to run.
-			hasJobWithoutNeeds := false
-			// Check whether have matching runner and a job without "needs"
-			emptyJobsNumber := 0
-			for _, j := range wf.Jobs {
-				if j == nil {
-					emptyJobsNumber++
+			if !hasJobWithoutNeeds && len(j.Needs()) == 0 {
+				hasJobWithoutNeeds = true
+			}
+			runsOnList := j.RunsOn()
+			for _, ro := range runsOnList {
+				if strings.Contains(ro, "${{") {
+					// Skip if it contains expressions.
+					// The expressions could be very complex and could not be evaluated here,
+					// so just skip it, it's OK since it's just a tooltip message.
 					continue
 				}
-				if !hasJobWithoutNeeds && len(j.Needs()) == 0 {
-					hasJobWithoutNeeds = true
-				}
-				runsOnList := j.RunsOn()
-				for _, ro := range runsOnList {
-					if strings.Contains(ro, "${{") {
-						// Skip if it contains expressions.
-						// The expressions could be very complex and could not be evaluated here,
-						// so just skip it, it's OK since it's just a tooltip message.
-						continue
-					}
-					if !allRunnerLabels.Contains(ro) {
-						workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_matching_online_runner_helper", ro)
-						break
-					}
-				}
-				if workflow.ErrMsg != "" {
+				if !allRunnerLabels.Contains(ro) {
+					workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_matching_online_runner_helper", ro)
 					break
 				}
 			}
-			if !hasJobWithoutNeeds {
-				workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_job_without_needs")
-			}
-			if emptyJobsNumber == len(wf.Jobs) {
-				workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_job")
+			if workflow.ErrMsg != "" {
+				break
 			}
-			workflows = append(workflows, workflow)
+		}
+		if !hasJobWithoutNeeds {
+			workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_job_without_needs")
+		}
+		if emptyJobsNumber == len(wf.Jobs) {
+			workflow.ErrMsg = ctx.Locale.TrString("actions.runs.no_job")
+		}
+		workflows = append(workflows, workflow)
 
-			if workflow.Entry.Name() == workflowID {
-				curWorkflow = wf
-			}
+		if workflow.Entry.Name() == workflowID {
+			curWorkflow = wf
+			ctx.Data["CurWorkflowExists"] = true
 		}
 	}
+
 	ctx.Data["workflows"] = workflows
 	ctx.Data["RepoLink"] = ctx.Repo.Repository.Link()
 
-	page := ctx.FormInt("page")
-	if page <= 0 {
-		page = 1
-	}
-
 	actionsConfig := ctx.Repo.Repository.MustGetUnit(ctx, unit.TypeActions).ActionsConfig()
 	ctx.Data["ActionsConfig"] = actionsConfig
 
@@ -188,7 +225,7 @@ func List(ctx *context.Context) {
 				branches, err := git_model.FindBranchNames(ctx, branchOpts)
 				if err != nil {
 					ctx.ServerError("FindBranchNames", err)
-					return
+					return nil
 				}
 				// always put default branch on the top if it exists
 				if slices.Contains(branches, ctx.Repo.Repository.DefaultBranch) {
@@ -200,12 +237,23 @@ func List(ctx *context.Context) {
 				tags, err := repo_model.GetTagNamesByRepoID(ctx, ctx.Repo.Repository.ID)
 				if err != nil {
 					ctx.ServerError("GetTagNamesByRepoID", err)
-					return
+					return nil
 				}
 				ctx.Data["Tags"] = tags
 			}
 		}
 	}
+	return workflows
+}
+
+func prepareWorkflowList(ctx *context.Context, workflows []Workflow) {
+	actorID := ctx.FormInt64("actor")
+	status := ctx.FormInt("status")
+	workflowID := ctx.FormString("workflow")
+	page := ctx.FormInt("page")
+	if page <= 0 {
+		page = 1
+	}
 
 	// if status or actor query param is not given to frontend href, (href="/<repoLink>/actions")
 	// they will be 0 by default, which indicates get all status or actors
@@ -264,8 +312,6 @@ func List(ctx *context.Context) {
 	pager.AddParamFromRequest(ctx.Req)
 	ctx.Data["Page"] = pager
 	ctx.Data["HasWorkflowsOrRuns"] = len(workflows) > 0 || len(runs) > 0
-
-	ctx.HTML(http.StatusOK, tplListActions)
 }
 
 // loadIsRefDeleted loads the IsRefDeleted field for each run in the list.
diff --git a/routers/web/repo/actions/view.go b/routers/web/repo/actions/view.go
index ba17fa427d1a8..9a18ca530582f 100644
--- a/routers/web/repo/actions/view.go
+++ b/routers/web/repo/actions/view.go
@@ -812,13 +812,8 @@ func Run(ctx *context_module.Context) {
 		return
 	}
 
-	// get workflow entry from default branch commit
-	defaultBranchCommit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch)
-	if err != nil {
-		ctx.Error(http.StatusInternalServerError, err.Error())
-		return
-	}
-	entries, err := actions.ListWorkflows(defaultBranchCommit)
+	// get workflow entry from runTargetCommit
+	entries, err := actions.ListWorkflows(runTargetCommit)
 	if err != nil {
 		ctx.Error(http.StatusInternalServerError, err.Error())
 		return
diff --git a/routers/web/web.go b/routers/web/web.go
index 5e0995545e814..ff91bda3d2e65 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -1412,6 +1412,7 @@ func registerRoutes(m *web.Router) {
 		m.Post("/disable", reqRepoAdmin, actions.DisableWorkflowFile)
 		m.Post("/enable", reqRepoAdmin, actions.EnableWorkflowFile)
 		m.Post("/run", reqRepoActionsWriter, actions.Run)
+		m.Get("/workflow-dispatch-inputs", reqRepoActionsWriter, actions.WorkflowDispatchInputs)
 
 		m.Group("/runs/{run}", func() {
 			m.Combo("").
@@ -1433,7 +1434,7 @@ func registerRoutes(m *web.Router) {
 		m.Group("/workflows/{workflow_name}", func() {
 			m.Get("/badge.svg", actions.GetWorkflowBadge)
 		})
-	}, optSignIn, context.RepoAssignment, reqRepoActionsReader, actions.MustEnableActions)
+	}, optSignIn, context.RepoAssignment, repo.MustBeNotEmpty, reqRepoActionsReader, actions.MustEnableActions)
 	// end "/{username}/{reponame}/actions"
 
 	m.Group("/{username}/{reponame}/wiki", func() {
diff --git a/templates/repo/actions/workflow_dispatch.tmpl b/templates/repo/actions/workflow_dispatch.tmpl
index 21f3ef2077294..55fe1224194ea 100644
--- a/templates/repo/actions/workflow_dispatch.tmpl
+++ b/templates/repo/actions/workflow_dispatch.tmpl
@@ -11,7 +11,7 @@
 					<label>{{ctx.Locale.Tr "actions.workflow.from_ref"}}:</label>
 				</span>
 				<div class="ui inline field dropdown button select-branch branch-selector-dropdown ellipsis-items-nowrap">
-					<input type="hidden" name="ref" value="refs/heads/{{index .Branches 0}}">
+					<input type="hidden" name="ref" hx-sync="this:replace" hx-target="#runWorkflowDispatchModalInputs" hx-swap="innerHTML" hx-get="{{$.Link}}/workflow-dispatch-inputs?workflow={{$.CurWorkflow}}" hx-trigger="change" value="refs/heads/{{index .Branches 0}}">
 					{{svg "octicon-git-branch" 14}}
 					<div class="default text">{{index .Branches 0}}</div>
 					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
@@ -49,30 +49,9 @@
 
 			<div class="divider"></div>
 
-			{{range $item := .WorkflowDispatchConfig.Inputs}}
-			<div class="ui field {{if .Required}}required{{end}}">
-				{{if eq .Type "choice"}}
-					<label>{{.Description}}:</label>
-					<select class="ui selection type dropdown" name="{{.Name}}">
-						{{range .Options}}
-						<option value="{{.}}" {{if eq $item.Default .}}selected{{end}} >{{.}}</option>
-						{{end}}
-					</select>
-				{{else if eq .Type "boolean"}}
-					<div class="ui inline checkbox">
-						<label>{{.Description}}</label>
-						<input type="checkbox" name="{{.Name}}" {{if eq .Default "true"}}checked{{end}}>
-					</div>
-				{{else if eq .Type "number"}}
-					<label>{{.Description}}:</label>
-					<input name="{{.Name}}" value="{{.Default}}" {{if .Required}}required{{end}}>
-				{{else}}
-					<label>{{.Description}}:</label>
-					<input name="{{.Name}}" value="{{.Default}}" {{if .Required}}required{{end}}>
-				{{end}}
+			<div id="runWorkflowDispatchModalInputs">
+				{{template "repo/actions/workflow_dispatch_inputs" .}}
 			</div>
-			{{end}}
-			<button class="ui tiny primary button" type="submit">Submit</button>
 		</form>
 	</div>
 </div>
diff --git a/templates/repo/actions/workflow_dispatch_inputs.tmpl b/templates/repo/actions/workflow_dispatch_inputs.tmpl
new file mode 100644
index 0000000000000..8b8292af1d84e
--- /dev/null
+++ b/templates/repo/actions/workflow_dispatch_inputs.tmpl
@@ -0,0 +1,45 @@
+{{if not .WorkflowDispatchConfig}}
+	<div class="ui error message tw-block">{{/* using "ui message" in "ui form" needs to force to display */}}
+		{{if not .CurWorkflowExists}}
+			{{ctx.Locale.Tr "actions.workflow.not_found" $.CurWorkflow}}
+		{{else}}
+			{{ctx.Locale.Tr "actions.workflow.has_no_workflow_dispatch" $.CurWorkflow}}
+		{{end}}
+	</div>
+{{else}}
+	{{range $item := .WorkflowDispatchConfig.Inputs}}
+		<div class="ui field {{if .Required}}required{{end}}">
+			{{if eq .Type "choice"}}
+				<label>{{or .Description .Name}}:</label>
+				{{/* htmx won't initialize the fomantic dropdown, so it is a standard "select" input */}}
+				<select class="ui selection dropdown" name="{{.Name}}">
+					{{range .Options}}
+						<option value="{{.}}" {{if eq $item.Default .}}selected{{end}}>{{.}}</option>
+					{{end}}
+				</select>
+			{{else if eq .Type "boolean"}}
+				{{/* htmx doesn't trigger our JS code to attach fomantic label to checkbox, so here we use standard checkbox */}}
+				<label class="tw-flex flex-text-inline">
+					<input type="checkbox" name="{{.Name}}" {{if eq .Default "true"}}checked{{end}}>
+					{{or .Description .Name}}
+				</label>
+			{{else if eq .Type "number"}}
+				<label>{{or .Description .Name}}:</label>
+				<input name="{{.Name}}" value="{{.Default}}" {{if .Required}}required{{end}}>
+			{{else}}
+				<label>{{or .Description .Name}}:</label>
+				<input name="{{.Name}}" value="{{.Default}}" {{if .Required}}required{{end}}>
+			{{end}}
+		</div>
+	{{end}}
+	<div class="ui field">
+		<button class="ui tiny primary button" type="submit">{{ctx.Locale.Tr "actions.workflow.run"}}</button>
+	</div>
+{{end}}
+{{range .workflows}}
+	{{if and .ErrMsg (eq .Entry.Name $.CurWorkflow)}}
+		<div class="ui field">
+			<div>{{svg "octicon-alert" 16 "text red"}} {{.ErrMsg}}</div>
+		</div>
+	{{end}}
+{{end}}

From cf60734a4d05215095cb2089c6fb898793dd4e37 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 6 Jan 2025 05:20:22 +0800
Subject: [PATCH 30/55] Fix dropdown menu header and mobile view (#33108)

![image](https://github.com/user-attachments/assets/3f831c8c-ef87-4282-880a-c2738f3e1d17)

----

![image](https://github.com/user-attachments/assets/c4c0519b-cfa6-42b4-bd28-205ee514eb34)

----

![image](https://github.com/user-attachments/assets/8624a605-9f2b-4905-9cbc-0af073972874)
---
 templates/base/head_navbar.tmpl      | 4 ++--
 templates/repo/commit_page.tmpl      | 2 +-
 templates/user/dashboard/navbar.tmpl | 4 ++--
 web_src/css/modules/navbar.css       | 3 ++-
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index bf0e7e632b71e..baf37494b98d3 100644
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -70,7 +70,7 @@
 					<span class="not-mobile">{{svg "octicon-triangle-down"}}</span>
 				</span>
 				<div class="menu user-menu">
-					<div class="ui header">
+					<div class="header">
 						{{ctx.Locale.Tr "signed_in_as"}} <strong>{{.SignedUser.Name}}</strong>
 					</div>
 
@@ -130,7 +130,7 @@
 				{{/* do not localize it, here it needs the fixed length (width) to make UI comfortable */}}
 				{{if .IsAdmin}}<span class="navbar-profile-admin">admin</span>{{end}}
 				<div class="menu user-menu">
-					<div class="ui header">
+					<div class="header">
 						{{ctx.Locale.Tr "signed_in_as"}} <strong>{{.SignedUser.Name}}</strong>
 					</div>
 
diff --git a/templates/repo/commit_page.tmpl b/templates/repo/commit_page.tmpl
index 3d95e8a715df6..bc63db9b62713 100644
--- a/templates/repo/commit_page.tmpl
+++ b/templates/repo/commit_page.tmpl
@@ -16,7 +16,7 @@
 								{{ctx.Locale.Tr "repo.commit.operations"}}
 								{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 								<div class="menu">
-									<div class="ui header">{{ctx.Locale.Tr "repo.commit.operations"}}</div>
+									<div class="header">{{ctx.Locale.Tr "repo.commit.operations"}}</div>
 									<div class="divider"></div>
 									<div class="item show-create-branch-modal"
 										data-content="{{ctx.Locale.Tr "repo.branch.new_branch_from" (.CommitID)}}" {{/* used by the form */}}
diff --git a/templates/user/dashboard/navbar.tmpl b/templates/user/dashboard/navbar.tmpl
index 7982cbd9509af..a828bc90e44c5 100644
--- a/templates/user/dashboard/navbar.tmpl
+++ b/templates/user/dashboard/navbar.tmpl
@@ -12,7 +12,7 @@
 					{{svg "octicon-triangle-down" 14 "dropdown icon tw-ml-1"}}
 				</span>
 				<div class="context user overflow menu">
-					<div class="ui header">
+					<div class="header">
 						{{ctx.Locale.Tr "home.switch_dashboard_context"}}
 					</div>
 					<div class="scrolling menu items">
@@ -56,7 +56,7 @@
 					</span>
 					{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 					<div class="context user overflow menu">
-						<div class="ui header">
+						<div class="header">
 							{{ctx.Locale.Tr "home.filter_by_team_repositories"}}
 						</div>
 						<div class="scrolling menu items">
diff --git a/web_src/css/modules/navbar.css b/web_src/css/modules/navbar.css
index b60d25977d95f..b09b271ad48dd 100644
--- a/web_src/css/modules/navbar.css
+++ b/web_src/css/modules/navbar.css
@@ -48,7 +48,8 @@
     align-items: stretch;
   }
   /* hide all items */
-  #navbar .item {
+  #navbar .navbar-left > .item,
+  #navbar .navbar-right > .item {
     display: none;
   }
   #navbar #navbar-logo {

From 3c1c508421159970682c7d002bc8a180c8a1aeb7 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Mon, 6 Jan 2025 00:34:05 +0000
Subject: [PATCH 31/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_pt-PT.ini | 1 +
 1 file changed, 1 insertion(+)

diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index cbb7f09c82bc2..e4ba777506c56 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -1235,6 +1235,7 @@ create_new_repo_command=Criando um novo repositório na linha de comandos
 push_exist_repo=Enviando, pela linha de comandos, um repositório existente
 empty_message=Este repositório não contém qualquer conteúdo.
 broken_message=Os dados Git subjacentes a este repositório não podem ser lidos. Contacte o administrador desta instância ou elimine este repositório.
+no_branch=Este repositório não tem quaisquer ramos.
 
 code=Código
 code.desc=Aceder ao código fonte, ficheiros, cometimentos e ramos.

From 40765b5d45f1bcde7193b6273875707ff238cf92 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 6 Jan 2025 12:07:52 +0800
Subject: [PATCH 32/55] Fix repo empty guide (#33114)

---
 routers/web/repo/view_home.go        | 1 +
 templates/repo/empty.tmpl            | 2 +-
 tests/integration/empty_repo_test.go | 6 +++++-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/routers/web/repo/view_home.go b/routers/web/repo/view_home.go
index 3fcd7bba8ebbb..f890225d67bdf 100644
--- a/routers/web/repo/view_home.go
+++ b/routers/web/repo/view_home.go
@@ -250,6 +250,7 @@ func handleRepoEmptyOrBroken(ctx *context.Context) {
 			showEmpty = true // it is not really empty, but there is no branch
 			// at the moment, other repo units like "actions" are not able to handle such case,
 			// so we just mark the repo as empty to prevent from displaying these units.
+			ctx.Data["RepoHasContentsWithoutBranch"] = true
 			updateContextRepoEmptyAndStatus(ctx, true, repo_model.RepositoryReady)
 		} else {
 			// the repo is actually not empty and has branches, need to update the database later
diff --git a/templates/repo/empty.tmpl b/templates/repo/empty.tmpl
index dfda5b7b2b4d2..ae3f95045bc58 100644
--- a/templates/repo/empty.tmpl
+++ b/templates/repo/empty.tmpl
@@ -17,7 +17,7 @@
 
 				{{if .Repository.IsBroken}}
 					<div class="ui segment center">{{ctx.Locale.Tr "repo.broken_message"}}</div>
-				{{else if .Repository.IsEmpty}}
+				{{else if .RepoHasContentsWithoutBranch}}
 					<div class="ui segment center">{{ctx.Locale.Tr "repo.no_branch"}}</div>
 				{{else if .CanWriteCode}}
 					<h4 class="ui top attached header">{{ctx.Locale.Tr "repo.quick_guide"}}</h4>
diff --git a/tests/integration/empty_repo_test.go b/tests/integration/empty_repo_test.go
index 630a3c03af89b..0801b093dfb07 100644
--- a/tests/integration/empty_repo_test.go
+++ b/tests/integration/empty_repo_test.go
@@ -58,8 +58,12 @@ func TestEmptyRepoAddFile(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	session := loginUser(t, "user30")
-	req := NewRequest(t, "GET", "/user30/empty/_new/"+setting.Repository.DefaultBranch)
+	req := NewRequest(t, "GET", "/user30/empty")
 	resp := session.MakeRequest(t, req, http.StatusOK)
+	assert.Contains(t, resp.Body.String(), "empty-repo-guide")
+
+	req = NewRequest(t, "GET", "/user30/empty/_new/"+setting.Repository.DefaultBranch)
+	resp = session.MakeRequest(t, req, http.StatusOK)
 	doc := NewHTMLParser(t, resp.Body).Find(`input[name="commit_choice"]`)
 	assert.Empty(t, doc.AttrOr("checked", "_no_"))
 	req = NewRequestWithValues(t, "POST", "/user30/empty/_new/"+setting.Repository.DefaultBranch, map[string]string{

From ef736b7e27f6eee292183c0f054f1595179db559 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 6 Jan 2025 17:38:42 +0800
Subject: [PATCH 33/55] Refactor legacy JS (#33115)

---
 templates/org/team/repositories.tmpl      |  2 +-
 web_src/js/features/notification.ts       |  6 ++--
 web_src/js/features/org-team.ts           | 39 +++++++++++++----------
 web_src/js/features/repo-issue-sidebar.ts |  8 ++---
 web_src/js/index.ts                       |  5 ++-
 5 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/templates/org/team/repositories.tmpl b/templates/org/team/repositories.tmpl
index 92c3d724ba621..4f4667ca8bff6 100644
--- a/templates/org/team/repositories.tmpl
+++ b/templates/org/team/repositories.tmpl
@@ -9,7 +9,7 @@
 				{{template "org/team/navbar" .}}
 				{{$canAddRemove := and $.IsOrganizationOwner (not $.Team.IncludesAllRepositories)}}
 				{{if $canAddRemove}}
-					<div class="ui attached segment tw-flex tw-flex-wrap tw-gap-2">
+					<div class="ui top attached segment tw-flex tw-flex-wrap tw-gap-2">
 						<form class="ui form ignore-dirty tw-flex-1 tw-flex" action="{{$.OrgLink}}/teams/{{$.Team.LowerName | PathEscape}}/action/repo/add" method="post">
 							{{.CsrfTokenHtml}}
 							<div id="search-repo-box" data-uid="{{.Org.ID}}" class="ui search">
diff --git a/web_src/js/features/notification.ts b/web_src/js/features/notification.ts
index adfdb157a150b..dc0acb0244edd 100644
--- a/web_src/js/features/notification.ts
+++ b/web_src/js/features/notification.ts
@@ -1,6 +1,5 @@
-import $ from 'jquery';
 import {GET} from '../modules/fetch.ts';
-import {toggleElem, type DOMEvent} from '../utils/dom.ts';
+import {toggleElem, type DOMEvent, createElementFromHTML} from '../utils/dom.ts';
 import {logoutFromWorker} from '../modules/worker.ts';
 
 const {appSubUrl, notificationSettings, assetVersionEncoded} = window.config;
@@ -158,7 +157,8 @@ async function updateNotificationTable() {
       }
 
       const data = await response.text();
-      if ($(data).data('sequence-number') === notificationSequenceNumber) {
+      const el = createElementFromHTML(data);
+      if (parseInt(el.getAttribute('data-sequence-number')) === notificationSequenceNumber) {
         notificationDiv.outerHTML = data;
         initNotificationsTable();
       }
diff --git a/web_src/js/features/org-team.ts b/web_src/js/features/org-team.ts
index e4e98fd9907f0..e160f07bf2722 100644
--- a/web_src/js/features/org-team.ts
+++ b/web_src/js/features/org-team.ts
@@ -1,35 +1,34 @@
-import $ from 'jquery';
-import {hideElem, showElem} from '../utils/dom.ts';
+import {queryElems, toggleElem} from '../utils/dom.ts';
+import {fomanticQuery} from '../modules/fomantic/base.ts';
 
 const {appSubUrl} = window.config;
 
-export function initOrgTeamSettings() {
-  // Change team access mode
-  $('.organization.new.team input[name=permission]').on('change', () => {
-    const val = $('input[name=permission]:checked', '.organization.new.team').val();
-    if (val === 'admin') {
-      hideElem('.organization.new.team .team-units');
-    } else {
-      showElem('.organization.new.team .team-units');
-    }
-  });
+function initOrgTeamSettings() {
+  // on the page "page-content organization new team"
+  const pageContent = document.querySelector('.page-content.organization.new.team');
+  if (!pageContent) return;
+  queryElems(pageContent, 'input[name=permission]', (el) => el.addEventListener('change', () => {
+    // Change team access mode
+    const val = pageContent.querySelector<HTMLInputElement>('input[name=permission]:checked')?.value;
+    toggleElem(pageContent.querySelectorAll('.team-units'), val !== 'admin');
+  }));
 }
 
-export function initOrgTeamSearchRepoBox() {
-  const $searchRepoBox = $('#search-repo-box');
+function initOrgTeamSearchRepoBox() {
+  // on the page "page-content organization teams"
+  const $searchRepoBox = fomanticQuery('#search-repo-box');
   $searchRepoBox.search({
     minCharacters: 2,
     apiSettings: {
       url: `${appSubUrl}/repo/search?q={query}&uid=${$searchRepoBox.data('uid')}`,
       onResponse(response) {
         const items = [];
-        $.each(response.data, (_i, item) => {
+        for (const item of response.data) {
           items.push({
             title: item.repository.full_name.split('/')[1],
             description: item.repository.full_name,
           });
-        });
-
+        }
         return {results: items};
       },
     },
@@ -37,3 +36,9 @@ export function initOrgTeamSearchRepoBox() {
     showNoResults: false,
   });
 }
+
+export function initOrgTeam() {
+  if (!document.querySelector('.page-content.organization')) return;
+  initOrgTeamSettings();
+  initOrgTeamSearchRepoBox();
+}
diff --git a/web_src/js/features/repo-issue-sidebar.ts b/web_src/js/features/repo-issue-sidebar.ts
index e0f68aa05943a..f84bed127f4d4 100644
--- a/web_src/js/features/repo-issue-sidebar.ts
+++ b/web_src/js/features/repo-issue-sidebar.ts
@@ -1,4 +1,3 @@
-import $ from 'jquery';
 import {POST} from '../modules/fetch.ts';
 import {queryElems, toggleElem} from '../utils/dom.ts';
 import {initIssueSidebarComboList} from './repo-issue-sidebar-combolist.ts';
@@ -9,9 +8,8 @@ function initBranchSelector() {
   if (!elSelectBranch) return;
 
   const urlUpdateIssueRef = elSelectBranch.getAttribute('data-url-update-issueref');
-  const $selectBranch = $(elSelectBranch);
-  const $branchMenu = $selectBranch.find('.reference-list-menu');
-  $branchMenu.find('.item:not(.no-select)').on('click', async function (e) {
+  const elBranchMenu = elSelectBranch.querySelector('.reference-list-menu');
+  queryElems(elBranchMenu, '.item:not(.no-select)', (el) => el.addEventListener('click', async function (e) {
     e.preventDefault();
     const selectedValue = this.getAttribute('data-id'); // eg: "refs/heads/my-branch"
     const selectedText = this.getAttribute('data-name'); // eg: "my-branch"
@@ -29,7 +27,7 @@ function initBranchSelector() {
       document.querySelector<HTMLInputElement>(selectedHiddenSelector).value = selectedValue;
       elSelectBranch.querySelector('.text-branch-name').textContent = selectedText;
     }
-  });
+  }));
 }
 
 function initRepoIssueDue() {
diff --git a/web_src/js/index.ts b/web_src/js/index.ts
index 4d400d3b8f67a..022be033da25f 100644
--- a/web_src/js/index.ts
+++ b/web_src/js/index.ts
@@ -40,7 +40,7 @@ import {initUserSettings} from './features/user-settings.ts';
 import {initRepoActivityTopAuthorsChart, initRepoArchiveLinks} from './features/repo-common.ts';
 import {initRepoMigrationStatusChecker} from './features/repo-migrate.ts';
 import {initRepoDiffView} from './features/repo-diff.ts';
-import {initOrgTeamSearchRepoBox, initOrgTeamSettings} from './features/org-team.ts';
+import {initOrgTeam} from './features/org-team.ts';
 import {initUserAuthWebAuthn, initUserAuthWebAuthnRegister} from './features/user-auth-webauthn.ts';
 import {initRepoRelease, initRepoReleaseNew} from './features/repo-release.ts';
 import {initRepoEditor} from './features/repo-editor.ts';
@@ -166,8 +166,7 @@ onDomReady(() => {
     initNotificationCount,
     initNotificationsTable,
 
-    initOrgTeamSearchRepoBox,
-    initOrgTeamSettings,
+    initOrgTeam,
 
     initRepoActivityTopAuthorsChart,
     initRepoArchiveLinks,

From 80e4f4c4eb80dbbcd4c306ac05bfcf75a005d742 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 6 Jan 2025 22:45:20 +0800
Subject: [PATCH 34/55] Refactor package (routes and error handling, npm peer
 dependency) (#33111)

---
 modules/packages/npm/creator.go             |   2 +
 modules/packages/npm/metadata.go            |   1 +
 modules/web/router_path.go                  |  14 +-
 routers/api/packages/alpine/alpine.go       |   2 +-
 routers/api/packages/api.go                 | 159 +++-----------------
 routers/api/packages/arch/arch.go           |   2 +-
 routers/api/packages/cargo/cargo.go         |   4 +-
 routers/api/packages/chef/chef.go           |   6 +-
 routers/api/packages/composer/composer.go   |   2 +-
 routers/api/packages/conan/conan.go         |  23 +--
 routers/api/packages/conan/search.go        |  11 +-
 routers/api/packages/container/blob.go      |   9 +-
 routers/api/packages/container/container.go |  18 +--
 routers/api/packages/container/manifest.go  |  31 ++--
 routers/api/packages/debian/debian.go       |   2 +-
 routers/api/packages/generic/generic.go     |   6 +-
 routers/api/packages/helm/helm.go           |   2 +-
 routers/api/packages/npm/api.go             |   1 +
 routers/api/packages/npm/npm.go             |   8 +-
 routers/api/packages/nuget/nuget.go         |  10 +-
 routers/api/packages/pub/pub.go             |   6 +-
 routers/api/packages/pypi/pypi.go           |   3 +-
 routers/api/packages/rubygems/rubygems.go   |   4 +-
 routers/api/packages/vagrant/vagrant.go     |   3 +-
 routers/api/v1/repo/file.go                 |   2 +-
 routers/api/v1/repo/git_hook.go             |   7 +-
 services/packages/packages.go               |  14 +-
 tests/integration/api_packages_npm_test.go  |  47 +++---
 28 files changed, 154 insertions(+), 245 deletions(-)

diff --git a/modules/packages/npm/creator.go b/modules/packages/npm/creator.go
index 7d3d7cd6b55f3..8ba4dbfba710c 100644
--- a/modules/packages/npm/creator.go
+++ b/modules/packages/npm/creator.go
@@ -81,6 +81,7 @@ type PackageMetadataVersion struct {
 	BundleDependencies   []string            `json:"bundleDependencies,omitempty"`
 	DevDependencies      map[string]string   `json:"devDependencies,omitempty"`
 	PeerDependencies     map[string]string   `json:"peerDependencies,omitempty"`
+	PeerDependenciesMeta map[string]any      `json:"peerDependenciesMeta,omitempty"`
 	Bin                  map[string]string   `json:"bin,omitempty"`
 	OptionalDependencies map[string]string   `json:"optionalDependencies,omitempty"`
 	Readme               string              `json:"readme,omitempty"`
@@ -222,6 +223,7 @@ func ParsePackage(r io.Reader) (*Package, error) {
 				BundleDependencies:      meta.BundleDependencies,
 				DevelopmentDependencies: meta.DevDependencies,
 				PeerDependencies:        meta.PeerDependencies,
+				PeerDependenciesMeta:    meta.PeerDependenciesMeta,
 				OptionalDependencies:    meta.OptionalDependencies,
 				Bin:                     meta.Bin,
 				Readme:                  meta.Readme,
diff --git a/modules/packages/npm/metadata.go b/modules/packages/npm/metadata.go
index 6bb77f302bb16..d1d026338780c 100644
--- a/modules/packages/npm/metadata.go
+++ b/modules/packages/npm/metadata.go
@@ -19,6 +19,7 @@ type Metadata struct {
 	BundleDependencies      []string          `json:"bundleDependencies,omitempty"`
 	DevelopmentDependencies map[string]string `json:"development_dependencies,omitempty"`
 	PeerDependencies        map[string]string `json:"peer_dependencies,omitempty"`
+	PeerDependenciesMeta    map[string]any    `json:"peer_dependencies_meta,omitempty"`
 	OptionalDependencies    map[string]string `json:"optional_dependencies,omitempty"`
 	Bin                     map[string]string `json:"bin,omitempty"`
 	Readme                  string            `json:"readme,omitempty"`
diff --git a/modules/web/router_path.go b/modules/web/router_path.go
index 39082c072455c..b59948581a94e 100644
--- a/modules/web/router_path.go
+++ b/modules/web/router_path.go
@@ -89,11 +89,23 @@ func (p *routerPathMatcher) matchPath(chiCtx *chi.Context, path string) bool {
 	return true
 }
 
+func isValidMethod(name string) bool {
+	switch name {
+	case http.MethodGet, http.MethodPost, http.MethodPut, http.MethodPatch, http.MethodDelete, http.MethodHead, http.MethodOptions, http.MethodConnect, http.MethodTrace:
+		return true
+	}
+	return false
+}
+
 func newRouterPathMatcher(methods, pattern string, h ...any) *routerPathMatcher {
 	middlewares, handlerFunc := wrapMiddlewareAndHandler(nil, h)
 	p := &routerPathMatcher{methods: make(container.Set[string]), middlewares: middlewares, handlerFunc: handlerFunc}
 	for _, method := range strings.Split(methods, ",") {
-		p.methods.Add(strings.TrimSpace(method))
+		method = strings.TrimSpace(method)
+		if !isValidMethod(method) {
+			panic(fmt.Sprintf("invalid HTTP method: %s", method))
+		}
+		p.methods.Add(method)
 	}
 	re := []byte{'^'}
 	lastEnd := 0
diff --git a/routers/api/packages/alpine/alpine.go b/routers/api/packages/alpine/alpine.go
index 4b652c9ecc31b..f35cff3df2391 100644
--- a/routers/api/packages/alpine/alpine.go
+++ b/routers/api/packages/alpine/alpine.go
@@ -114,7 +114,7 @@ func UploadPackageFile(ctx *context.Context) {
 
 	pck, err := alpine_module.ParsePackage(buf)
 	if err != nil {
-		if errors.Is(err, util.ErrInvalidArgument) || err == io.EOF {
+		if errors.Is(err, util.ErrInvalidArgument) || errors.Is(err, io.EOF) {
 			apiError(ctx, http.StatusBadRequest, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go
index 5b035fbb7114f..41c3eb95e9011 100644
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@@ -138,7 +138,8 @@ func CommonRoutes() *web.Router {
 		}, reqPackageAccess(perm.AccessModeRead))
 		r.Group("/arch", func() {
 			r.Methods("HEAD,GET", "/repository.key", arch.GetRepositoryKey)
-			r.PathGroup("*", func(g *web.RouterPathGroup) {
+			r.Methods("PUT", "" /* no repository */, reqPackageAccess(perm.AccessModeWrite), arch.UploadPackageFile)
+			r.PathGroup("/*", func(g *web.RouterPathGroup) {
 				g.MatchPath("PUT", "/<repository:*>", reqPackageAccess(perm.AccessModeWrite), arch.UploadPackageFile)
 				g.MatchPath("HEAD,GET", "/<repository:*>/<architecture>/<filename>", arch.GetPackageOrRepositoryFile)
 				g.MatchPath("DELETE", "/<repository:*>/<name>/<version>/<architecture>", reqPackageAccess(perm.AccessModeWrite), arch.DeletePackageVersion)
@@ -698,150 +699,28 @@ func ContainerRoutes() *web.Router {
 	})
 	r.Get("/_catalog", container.ReqContainerAccess, container.GetRepositoryList)
 	r.Group("/{username}", func() {
-		r.Group("/{image}", func() {
-			r.Group("/blobs/uploads", func() {
-				r.Post("", container.InitiateUploadBlob)
-				r.Group("/{uuid}", func() {
-					r.Get("", container.GetUploadBlob)
-					r.Patch("", container.UploadBlob)
-					r.Put("", container.EndUploadBlob)
-					r.Delete("", container.CancelUploadBlob)
-				})
-			}, reqPackageAccess(perm.AccessModeWrite))
-			r.Group("/blobs/{digest}", func() {
-				r.Head("", container.HeadBlob)
-				r.Get("", container.GetBlob)
-				r.Delete("", reqPackageAccess(perm.AccessModeWrite), container.DeleteBlob)
-			})
-			r.Group("/manifests/{reference}", func() {
-				r.Put("", reqPackageAccess(perm.AccessModeWrite), container.UploadManifest)
-				r.Head("", container.HeadManifest)
-				r.Get("", container.GetManifest)
-				r.Delete("", reqPackageAccess(perm.AccessModeWrite), container.DeleteManifest)
-			})
-			r.Get("/tags/list", container.GetTagList)
-		}, container.VerifyImageName)
-
-		var (
-			blobsUploadsPattern = regexp.MustCompile(`\A(.+)/blobs/uploads/([a-zA-Z0-9-_.=]+)\z`)
-			blobsPattern        = regexp.MustCompile(`\A(.+)/blobs/([^/]+)\z`)
-			manifestsPattern    = regexp.MustCompile(`\A(.+)/manifests/([^/]+)\z`)
-		)
-
-		// Manual mapping of routes because {image} can contain slashes which chi does not support
-		r.Methods("HEAD,GET,POST,PUT,PATCH,DELETE", "/*", func(ctx *context.Context) {
-			path := ctx.PathParam("*")
-			isHead := ctx.Req.Method == "HEAD"
-			isGet := ctx.Req.Method == "GET"
-			isPost := ctx.Req.Method == "POST"
-			isPut := ctx.Req.Method == "PUT"
-			isPatch := ctx.Req.Method == "PATCH"
-			isDelete := ctx.Req.Method == "DELETE"
-
-			if isPost && strings.HasSuffix(path, "/blobs/uploads") {
-				reqPackageAccess(perm.AccessModeWrite)(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				ctx.SetPathParam("image", path[:len(path)-14])
-				container.VerifyImageName(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				container.InitiateUploadBlob(ctx)
-				return
-			}
-			if isGet && strings.HasSuffix(path, "/tags/list") {
-				ctx.SetPathParam("image", path[:len(path)-10])
-				container.VerifyImageName(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				container.GetTagList(ctx)
-				return
-			}
-
-			m := blobsUploadsPattern.FindStringSubmatch(path)
-			if len(m) == 3 && (isGet || isPut || isPatch || isDelete) {
-				reqPackageAccess(perm.AccessModeWrite)(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				ctx.SetPathParam("image", m[1])
-				container.VerifyImageName(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				ctx.SetPathParam("uuid", m[2])
-
-				if isGet {
+		r.PathGroup("/*", func(g *web.RouterPathGroup) {
+			g.MatchPath("POST", "/<image:*>/blobs/uploads", reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, container.InitiateUploadBlob)
+			g.MatchPath("GET", "/<image:*>/tags/list", container.VerifyImageName, container.GetTagList)
+			g.MatchPath("GET,PATCH,PUT,DELETE", `/<image:*>/blobs/uploads/<uuid:[-.=\w]+>`, reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, func(ctx *context.Context) {
+				if ctx.Req.Method == http.MethodGet {
 					container.GetUploadBlob(ctx)
-				} else if isPatch {
+				} else if ctx.Req.Method == http.MethodPatch {
 					container.UploadBlob(ctx)
-				} else if isPut {
+				} else if ctx.Req.Method == http.MethodPut {
 					container.EndUploadBlob(ctx)
-				} else {
+				} else /* DELETE */ {
 					container.CancelUploadBlob(ctx)
 				}
-				return
-			}
-			m = blobsPattern.FindStringSubmatch(path)
-			if len(m) == 3 && (isHead || isGet || isDelete) {
-				ctx.SetPathParam("image", m[1])
-				container.VerifyImageName(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				ctx.SetPathParam("digest", m[2])
-
-				if isHead {
-					container.HeadBlob(ctx)
-				} else if isGet {
-					container.GetBlob(ctx)
-				} else {
-					reqPackageAccess(perm.AccessModeWrite)(ctx)
-					if ctx.Written() {
-						return
-					}
-					container.DeleteBlob(ctx)
-				}
-				return
-			}
-			m = manifestsPattern.FindStringSubmatch(path)
-			if len(m) == 3 && (isHead || isGet || isPut || isDelete) {
-				ctx.SetPathParam("image", m[1])
-				container.VerifyImageName(ctx)
-				if ctx.Written() {
-					return
-				}
-
-				ctx.SetPathParam("reference", m[2])
-
-				if isHead {
-					container.HeadManifest(ctx)
-				} else if isGet {
-					container.GetManifest(ctx)
-				} else {
-					reqPackageAccess(perm.AccessModeWrite)(ctx)
-					if ctx.Written() {
-						return
-					}
-					if isPut {
-						container.UploadManifest(ctx)
-					} else {
-						container.DeleteManifest(ctx)
-					}
-				}
-				return
-			}
-
-			ctx.Status(http.StatusNotFound)
+			})
+			g.MatchPath("HEAD", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.HeadBlob)
+			g.MatchPath("GET", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.GetBlob)
+			g.MatchPath("DELETE", `/<image:*>/blobs/<digest>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteBlob)
+
+			g.MatchPath("HEAD", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.HeadManifest)
+			g.MatchPath("GET", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.GetManifest)
+			g.MatchPath("PUT", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.UploadManifest)
+			g.MatchPath("DELETE", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteManifest)
 		})
 	}, container.ReqContainerAccess, context.UserAssignmentWeb(), context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead))
 
diff --git a/routers/api/packages/arch/arch.go b/routers/api/packages/arch/arch.go
index 573e93cfb016f..f5dc6c1d019d8 100644
--- a/routers/api/packages/arch/arch.go
+++ b/routers/api/packages/arch/arch.go
@@ -62,7 +62,7 @@ func UploadPackageFile(ctx *context.Context) {
 
 	pck, err := arch_module.ParsePackage(buf)
 	if err != nil {
-		if errors.Is(err, util.ErrInvalidArgument) || err == io.EOF {
+		if errors.Is(err, util.ErrInvalidArgument) || errors.Is(err, io.EOF) {
 			apiError(ctx, http.StatusBadRequest, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/cargo/cargo.go b/routers/api/packages/cargo/cargo.go
index 3d8407e6b6000..42ef13476c1d1 100644
--- a/routers/api/packages/cargo/cargo.go
+++ b/routers/api/packages/cargo/cargo.go
@@ -181,7 +181,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -276,7 +276,7 @@ func UnyankPackage(ctx *context.Context) {
 func yankPackage(ctx *context.Context, yank bool) {
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeCargo, ctx.PathParam("package"), ctx.PathParam("version"))
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/chef/chef.go b/routers/api/packages/chef/chef.go
index b3cdf126977e9..a0c8c5696c6ff 100644
--- a/routers/api/packages/chef/chef.go
+++ b/routers/api/packages/chef/chef.go
@@ -216,7 +216,7 @@ func PackageVersionMetadata(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeChef, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -327,7 +327,7 @@ func UploadPackage(ctx *context.Context) {
 func DownloadPackage(ctx *context.Context) {
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeChef, ctx.PathParam("name"), ctx.PathParam("version"))
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -368,7 +368,7 @@ func DeletePackageVersion(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/composer/composer.go b/routers/api/packages/composer/composer.go
index 40f72f6484832..c6c14e5cf4fb0 100644
--- a/routers/api/packages/composer/composer.go
+++ b/routers/api/packages/composer/composer.go
@@ -176,7 +176,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/conan/conan.go b/routers/api/packages/conan/conan.go
index 4a9f0a3ffc7b0..8019eee9f7440 100644
--- a/routers/api/packages/conan/conan.go
+++ b/routers/api/packages/conan/conan.go
@@ -5,6 +5,7 @@ package conan
 
 import (
 	std_ctx "context"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -183,7 +184,7 @@ func serveSnapshot(ctx *context.Context, fileKey string) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeConan, rref.Name, rref.Version)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -244,7 +245,7 @@ func serveDownloadURLs(ctx *context.Context, fileKey, downloadURL string) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeConan, rref.Name, rref.Version)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -493,7 +494,7 @@ func downloadFile(ctx *context.Context, fileFilter container.Set[string], fileKe
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -509,7 +510,7 @@ func DeleteRecipeV1(ctx *context.Context) {
 	rref := ctx.Data[recipeReferenceKey].(*conan_module.RecipeReference)
 
 	if err := deleteRecipeOrPackage(ctx, rref, true, nil, false); err != nil {
-		if err == packages_model.ErrPackageNotExist || err == conan_model.ErrPackageReferenceNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -524,7 +525,7 @@ func DeleteRecipeV2(ctx *context.Context) {
 	rref := ctx.Data[recipeReferenceKey].(*conan_module.RecipeReference)
 
 	if err := deleteRecipeOrPackage(ctx, rref, rref.Revision == "", nil, false); err != nil {
-		if err == packages_model.ErrPackageNotExist || err == conan_model.ErrPackageReferenceNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -571,7 +572,7 @@ func DeletePackageV1(ctx *context.Context) {
 		for _, reference := range references {
 			pref, _ := conan_module.NewPackageReference(currentRref, reference.Value, conan_module.DefaultRevision)
 			if err := deleteRecipeOrPackage(ctx, currentRref, true, pref, true); err != nil {
-				if err == packages_model.ErrPackageNotExist || err == conan_model.ErrPackageReferenceNotExist {
+				if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 					apiError(ctx, http.StatusNotFound, err)
 				} else {
 					apiError(ctx, http.StatusInternalServerError, err)
@@ -590,7 +591,7 @@ func DeletePackageV2(ctx *context.Context) {
 
 	if pref != nil { // has package reference
 		if err := deleteRecipeOrPackage(ctx, rref, false, pref, pref.Revision == ""); err != nil {
-			if err == packages_model.ErrPackageNotExist || err == conan_model.ErrPackageReferenceNotExist {
+			if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 			} else {
 				apiError(ctx, http.StatusInternalServerError, err)
@@ -615,7 +616,7 @@ func DeletePackageV2(ctx *context.Context) {
 		pref, _ := conan_module.NewPackageReference(rref, reference.Value, conan_module.DefaultRevision)
 
 		if err := deleteRecipeOrPackage(ctx, rref, false, pref, true); err != nil {
-			if err == packages_model.ErrPackageNotExist || err == conan_model.ErrPackageReferenceNotExist {
+			if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 			} else {
 				apiError(ctx, http.StatusInternalServerError, err)
@@ -749,7 +750,7 @@ func LatestRecipeRevision(ctx *context.Context) {
 
 	revision, err := conan_model.GetLastRecipeRevision(ctx, ctx.Package.Owner.ID, rref)
 	if err != nil {
-		if err == conan_model.ErrRecipeReferenceNotExist || err == conan_model.ErrPackageReferenceNotExist {
+		if errors.Is(err, conan_model.ErrRecipeReferenceNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -766,7 +767,7 @@ func LatestPackageRevision(ctx *context.Context) {
 
 	revision, err := conan_model.GetLastPackageRevision(ctx, ctx.Package.Owner.ID, pref)
 	if err != nil {
-		if err == conan_model.ErrRecipeReferenceNotExist || err == conan_model.ErrPackageReferenceNotExist {
+		if errors.Is(err, conan_model.ErrRecipeReferenceNotExist) || errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -796,7 +797,7 @@ func listRevisionFiles(ctx *context.Context, fileKey string) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeConan, rref.Name, rref.Version)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/conan/search.go b/routers/api/packages/conan/search.go
index 7370c702cd668..0dbbd500d2899 100644
--- a/routers/api/packages/conan/search.go
+++ b/routers/api/packages/conan/search.go
@@ -4,6 +4,7 @@
 package conan
 
 import (
+	"errors"
 	"net/http"
 	"strings"
 
@@ -76,7 +77,7 @@ func searchPackages(ctx *context.Context, searchAllRevisions bool) {
 	if !searchAllRevisions && rref.Revision == "" {
 		lastRevision, err := conan_model.GetLastRecipeRevision(ctx, ctx.Package.Owner.ID, rref)
 		if err != nil {
-			if err == conan_model.ErrRecipeReferenceNotExist {
+			if errors.Is(err, conan_model.ErrRecipeReferenceNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 			} else {
 				apiError(ctx, http.StatusInternalServerError, err)
@@ -87,7 +88,7 @@ func searchPackages(ctx *context.Context, searchAllRevisions bool) {
 	} else {
 		has, err := conan_model.RecipeExists(ctx, ctx.Package.Owner.ID, rref)
 		if err != nil {
-			if err == conan_model.ErrRecipeReferenceNotExist {
+			if errors.Is(err, conan_model.ErrRecipeReferenceNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 			} else {
 				apiError(ctx, http.StatusInternalServerError, err)
@@ -119,7 +120,7 @@ func searchPackages(ctx *context.Context, searchAllRevisions bool) {
 		}
 		packageReferences, err := conan_model.GetPackageReferences(ctx, ctx.Package.Owner.ID, currentRef)
 		if err != nil {
-			if err == conan_model.ErrRecipeReferenceNotExist {
+			if errors.Is(err, conan_model.ErrRecipeReferenceNotExist) {
 				apiError(ctx, http.StatusNotFound, err)
 			} else {
 				apiError(ctx, http.StatusInternalServerError, err)
@@ -133,7 +134,7 @@ func searchPackages(ctx *context.Context, searchAllRevisions bool) {
 			pref, _ := conan_module.NewPackageReference(currentRef, packageReference.Value, "")
 			lastPackageRevision, err := conan_model.GetLastPackageRevision(ctx, ctx.Package.Owner.ID, pref)
 			if err != nil {
-				if err == conan_model.ErrPackageReferenceNotExist {
+				if errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 					apiError(ctx, http.StatusNotFound, err)
 				} else {
 					apiError(ctx, http.StatusInternalServerError, err)
@@ -143,7 +144,7 @@ func searchPackages(ctx *context.Context, searchAllRevisions bool) {
 			pref = pref.WithRevision(lastPackageRevision.Value)
 			infoRaw, err := conan_model.GetPackageInfo(ctx, ctx.Package.Owner.ID, pref)
 			if err != nil {
-				if err == conan_model.ErrPackageReferenceNotExist {
+				if errors.Is(err, conan_model.ErrPackageReferenceNotExist) {
 					apiError(ctx, http.StatusNotFound, err)
 				} else {
 					apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/container/blob.go b/routers/api/packages/container/blob.go
index 4595b9a33deb4..671803788aa34 100644
--- a/routers/api/packages/container/blob.go
+++ b/routers/api/packages/container/blob.go
@@ -111,12 +111,11 @@ func getOrCreateUploadVersion(ctx context.Context, pi *packages_service.PackageI
 		}
 		var err error
 		if p, err = packages_model.TryInsertPackage(ctx, p); err != nil {
-			if err == packages_model.ErrDuplicatePackage {
-				created = false
-			} else {
+			if !errors.Is(err, packages_model.ErrDuplicatePackage) {
 				log.Error("Error inserting package: %v", err)
 				return err
 			}
+			created = false
 		}
 
 		if created {
@@ -135,7 +134,7 @@ func getOrCreateUploadVersion(ctx context.Context, pi *packages_service.PackageI
 			MetadataJSON: "null",
 		}
 		if pv, err = packages_model.GetOrInsertVersion(ctx, pv); err != nil {
-			if err != packages_model.ErrDuplicatePackageVersion {
+			if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
 				log.Error("Error inserting package: %v", err)
 				return err
 			}
@@ -161,7 +160,7 @@ func createFileForBlob(ctx context.Context, pv *packages_model.PackageVersion, p
 	}
 	var err error
 	if pf, err = packages_model.TryInsertFile(ctx, pf); err != nil {
-		if err == packages_model.ErrDuplicatePackageFile {
+		if errors.Is(err, packages_model.ErrDuplicatePackageFile) {
 			return nil
 		}
 		log.Error("Error inserting package file: %v", err)
diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go
index 3a470ad68523a..bb14db9db79d2 100644
--- a/routers/api/packages/container/container.go
+++ b/routers/api/packages/container/container.go
@@ -324,7 +324,7 @@ func GetUploadBlob(ctx *context.Context) {
 
 	upload, err := packages_model.GetBlobUploadByID(ctx, uuid)
 	if err != nil {
-		if err == packages_model.ErrPackageBlobUploadNotExist {
+		if errors.Is(err, packages_model.ErrPackageBlobUploadNotExist) {
 			apiErrorDefined(ctx, errBlobUploadUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -345,7 +345,7 @@ func UploadBlob(ctx *context.Context) {
 
 	uploader, err := container_service.NewBlobUploader(ctx, ctx.PathParam("uuid"))
 	if err != nil {
-		if err == packages_model.ErrPackageBlobUploadNotExist {
+		if errors.Is(err, packages_model.ErrPackageBlobUploadNotExist) {
 			apiErrorDefined(ctx, errBlobUploadUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -396,7 +396,7 @@ func EndUploadBlob(ctx *context.Context) {
 
 	uploader, err := container_service.NewBlobUploader(ctx, ctx.PathParam("uuid"))
 	if err != nil {
-		if err == packages_model.ErrPackageBlobUploadNotExist {
+		if errors.Is(err, packages_model.ErrPackageBlobUploadNotExist) {
 			apiErrorDefined(ctx, errBlobUploadUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -465,7 +465,7 @@ func CancelUploadBlob(ctx *context.Context) {
 
 	_, err := packages_model.GetBlobUploadByID(ctx, uuid)
 	if err != nil {
-		if err == packages_model.ErrPackageBlobUploadNotExist {
+		if errors.Is(err, packages_model.ErrPackageBlobUploadNotExist) {
 			apiErrorDefined(ctx, errBlobUploadUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -501,7 +501,7 @@ func getBlobFromContext(ctx *context.Context) (*packages_model.PackageFileDescri
 func HeadBlob(ctx *context.Context) {
 	blob, err := getBlobFromContext(ctx)
 	if err != nil {
-		if err == container_model.ErrContainerBlobNotExist {
+		if errors.Is(err, container_model.ErrContainerBlobNotExist) {
 			apiErrorDefined(ctx, errBlobUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -520,7 +520,7 @@ func HeadBlob(ctx *context.Context) {
 func GetBlob(ctx *context.Context) {
 	blob, err := getBlobFromContext(ctx)
 	if err != nil {
-		if err == container_model.ErrContainerBlobNotExist {
+		if errors.Is(err, container_model.ErrContainerBlobNotExist) {
 			apiErrorDefined(ctx, errBlobUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -639,7 +639,7 @@ func getManifestFromContext(ctx *context.Context) (*packages_model.PackageFileDe
 func HeadManifest(ctx *context.Context) {
 	manifest, err := getManifestFromContext(ctx)
 	if err != nil {
-		if err == container_model.ErrContainerBlobNotExist {
+		if errors.Is(err, container_model.ErrContainerBlobNotExist) {
 			apiErrorDefined(ctx, errManifestUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -659,7 +659,7 @@ func HeadManifest(ctx *context.Context) {
 func GetManifest(ctx *context.Context) {
 	manifest, err := getManifestFromContext(ctx)
 	if err != nil {
-		if err == container_model.ErrContainerBlobNotExist {
+		if errors.Is(err, container_model.ErrContainerBlobNotExist) {
 			apiErrorDefined(ctx, errManifestUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
@@ -739,7 +739,7 @@ func GetTagList(ctx *context.Context) {
 	image := ctx.PathParam("image")
 
 	if _, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.TypeContainer, image); err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiErrorDefined(ctx, errNameUnknown)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/container/manifest.go b/routers/api/packages/container/manifest.go
index 4a79a58f51f09..ad035cf473e7c 100644
--- a/routers/api/packages/container/manifest.go
+++ b/routers/api/packages/container/manifest.go
@@ -240,7 +240,7 @@ func processImageManifestIndex(ctx context.Context, mci *manifestCreationInfo, b
 				IsManifest: true,
 			})
 			if err != nil {
-				if err == container_model.ErrContainerBlobNotExist {
+				if errors.Is(err, container_model.ErrContainerBlobNotExist) {
 					return errManifestBlobUnknown
 				}
 				return err
@@ -321,12 +321,11 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
 	}
 	var err error
 	if p, err = packages_model.TryInsertPackage(ctx, p); err != nil {
-		if err == packages_model.ErrDuplicatePackage {
-			created = false
-		} else {
+		if !errors.Is(err, packages_model.ErrDuplicatePackage) {
 			log.Error("Error inserting package: %v", err)
 			return nil, err
 		}
+		created = false
 	}
 
 	if created {
@@ -352,21 +351,23 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
 	}
 	var pv *packages_model.PackageVersion
 	if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
-		if err == packages_model.ErrDuplicatePackageVersion {
-			if err := packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
-				return nil, err
-			}
+		if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
+			log.Error("Error inserting package: %v", err)
+			return nil, err
+		}
 
-			// keep download count on overwrite
-			_pv.DownloadCount = pv.DownloadCount
+		if err = packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
+			return nil, err
+		}
+
+		// keep download count on overwrite
+		_pv.DownloadCount = pv.DownloadCount
 
-			if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
+		if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
+			if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
 				log.Error("Error inserting package: %v", err)
 				return nil, err
 			}
-		} else {
-			log.Error("Error inserting package: %v", err)
-			return nil, err
 		}
 	}
 
@@ -417,7 +418,7 @@ func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *package
 	}
 	var err error
 	if pf, err = packages_model.TryInsertFile(ctx, pf); err != nil {
-		if err == packages_model.ErrDuplicatePackageFile {
+		if errors.Is(err, packages_model.ErrDuplicatePackageFile) {
 			// Skip this blob because the manifest contains the same filesystem layer multiple times.
 			return nil
 		}
diff --git a/routers/api/packages/debian/debian.go b/routers/api/packages/debian/debian.go
index 162122ccbdced..fec34c91a6eb1 100644
--- a/routers/api/packages/debian/debian.go
+++ b/routers/api/packages/debian/debian.go
@@ -68,7 +68,7 @@ func GetRepositoryFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 		} else {
 			apiError(ctx, http.StatusInternalServerError, err)
diff --git a/routers/api/packages/generic/generic.go b/routers/api/packages/generic/generic.go
index 868caf9cf062a..0b5daa7334a34 100644
--- a/routers/api/packages/generic/generic.go
+++ b/routers/api/packages/generic/generic.go
@@ -44,7 +44,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -155,7 +155,7 @@ func DeletePackage(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -182,7 +182,7 @@ func DeletePackageFile(ctx *context.Context) {
 		return pv, pf, nil
 	}()
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/helm/helm.go b/routers/api/packages/helm/helm.go
index cb30a20074e3f..fb12daaa46ab5 100644
--- a/routers/api/packages/helm/helm.go
+++ b/routers/api/packages/helm/helm.go
@@ -130,7 +130,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/npm/api.go b/routers/api/packages/npm/api.go
index b4379f3f49702..636680242a480 100644
--- a/routers/api/packages/npm/api.go
+++ b/routers/api/packages/npm/api.go
@@ -67,6 +67,7 @@ func createPackageMetadataVersion(registryURL string, pd *packages_model.Package
 		BundleDependencies:   metadata.BundleDependencies,
 		DevDependencies:      metadata.DevelopmentDependencies,
 		PeerDependencies:     metadata.PeerDependencies,
+		PeerDependenciesMeta: metadata.PeerDependenciesMeta,
 		OptionalDependencies: metadata.OptionalDependencies,
 		Readme:               metadata.Readme,
 		Bin:                  metadata.Bin,
diff --git a/routers/api/packages/npm/npm.go b/routers/api/packages/npm/npm.go
index 284723e0d7d0b..13723030498a9 100644
--- a/routers/api/packages/npm/npm.go
+++ b/routers/api/packages/npm/npm.go
@@ -98,7 +98,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -140,7 +140,7 @@ func DownloadPackageFileByName(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -267,7 +267,7 @@ func DeletePackageVersion(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -341,7 +341,7 @@ func AddPackageTag(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeNpm, packageName, version)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/nuget/nuget.go b/routers/api/packages/nuget/nuget.go
index 70b95e6a77406..07a8de0a68458 100644
--- a/routers/api/packages/nuget/nuget.go
+++ b/routers/api/packages/nuget/nuget.go
@@ -259,7 +259,7 @@ func RegistrationLeafV2(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeNuGet, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -288,7 +288,7 @@ func RegistrationLeafV3(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeNuGet, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -418,7 +418,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -671,7 +671,7 @@ func DownloadSymbolFile(ctx *context.Context) {
 
 	s, u, pf, err := packages_service.GetPackageFileStream(ctx, pfs[0])
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -699,7 +699,7 @@ func DeletePackage(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/pub/pub.go b/routers/api/packages/pub/pub.go
index 2be27323fd16f..e7b07aefd07ab 100644
--- a/routers/api/packages/pub/pub.go
+++ b/routers/api/packages/pub/pub.go
@@ -124,7 +124,7 @@ func PackageVersionMetadata(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypePub, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -233,7 +233,7 @@ func FinalizePackage(ctx *context.Context) {
 
 	_, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypePub, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -258,7 +258,7 @@ func DownloadPackageFile(ctx *context.Context) {
 
 	pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypePub, packageName, packageVersion)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/pypi/pypi.go b/routers/api/packages/pypi/pypi.go
index 19aa54628d278..199f4e747871c 100644
--- a/routers/api/packages/pypi/pypi.go
+++ b/routers/api/packages/pypi/pypi.go
@@ -5,6 +5,7 @@ package pypi
 
 import (
 	"encoding/hex"
+	"errors"
 	"io"
 	"net/http"
 	"regexp"
@@ -94,7 +95,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/rubygems/rubygems.go b/routers/api/packages/rubygems/rubygems.go
index 958063e70abcc..de8c7ef3ed009 100644
--- a/routers/api/packages/rubygems/rubygems.go
+++ b/routers/api/packages/rubygems/rubygems.go
@@ -185,7 +185,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
@@ -288,7 +288,7 @@ func DeletePackage(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/packages/vagrant/vagrant.go b/routers/api/packages/vagrant/vagrant.go
index 1daf2a0527a72..3afaa5de1f3c3 100644
--- a/routers/api/packages/vagrant/vagrant.go
+++ b/routers/api/packages/vagrant/vagrant.go
@@ -4,6 +4,7 @@
 package vagrant
 
 import (
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -230,7 +231,7 @@ func DownloadPackageFile(ctx *context.Context) {
 		},
 	)
 	if err != nil {
-		if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
+		if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
 			apiError(ctx, http.StatusNotFound, err)
 			return
 		}
diff --git a/routers/api/v1/repo/file.go b/routers/api/v1/repo/file.go
index 1ad55d225b826..7c7f53a56520d 100644
--- a/routers/api/v1/repo/file.go
+++ b/routers/api/v1/repo/file.go
@@ -188,7 +188,7 @@ func GetRawFileOrLFS(ctx *context.APIContext) {
 	meta, err := git_model.GetLFSMetaObjectByOid(ctx, ctx.Repo.Repository.ID, pointer.Oid)
 
 	// If there isn't one, just serve the data directly
-	if err == git_model.ErrLFSObjectNotExist {
+	if errors.Is(err, git_model.ErrLFSObjectNotExist) {
 		// Handle caching for the blob SHA (not the LFS object OID)
 		if httpcache.HandleGenericETagTimeCache(ctx.Req, ctx.Resp, `"`+blob.ID.String()+`"`, lastModified) {
 			return
diff --git a/routers/api/v1/repo/git_hook.go b/routers/api/v1/repo/git_hook.go
index 9b66b69068abb..868acf3d853ba 100644
--- a/routers/api/v1/repo/git_hook.go
+++ b/routers/api/v1/repo/git_hook.go
@@ -4,6 +4,7 @@
 package repo
 
 import (
+	"errors"
 	"net/http"
 
 	"code.gitea.io/gitea/modules/git"
@@ -82,7 +83,7 @@ func GetGitHook(ctx *context.APIContext) {
 	hookID := ctx.PathParam("id")
 	hook, err := ctx.Repo.GitRepo.GetHook(hookID)
 	if err != nil {
-		if err == git.ErrNotValidHook {
+		if errors.Is(err, git.ErrNotValidHook) {
 			ctx.NotFound()
 		} else {
 			ctx.Error(http.StatusInternalServerError, "GetHook", err)
@@ -129,7 +130,7 @@ func EditGitHook(ctx *context.APIContext) {
 	hookID := ctx.PathParam("id")
 	hook, err := ctx.Repo.GitRepo.GetHook(hookID)
 	if err != nil {
-		if err == git.ErrNotValidHook {
+		if errors.Is(err, git.ErrNotValidHook) {
 			ctx.NotFound()
 		} else {
 			ctx.Error(http.StatusInternalServerError, "GetHook", err)
@@ -178,7 +179,7 @@ func DeleteGitHook(ctx *context.APIContext) {
 	hookID := ctx.PathParam("id")
 	hook, err := ctx.Repo.GitRepo.GetHook(hookID)
 	if err != nil {
-		if err == git.ErrNotValidHook {
+		if errors.Is(err, git.ErrNotValidHook) {
 			ctx.NotFound()
 		} else {
 			ctx.Error(http.StatusInternalServerError, "GetHook", err)
diff --git a/services/packages/packages.go b/services/packages/packages.go
index 55351afce2943..bd1d460fd3ba8 100644
--- a/services/packages/packages.go
+++ b/services/packages/packages.go
@@ -132,12 +132,11 @@ func createPackageAndVersion(ctx context.Context, pvci *PackageCreationInfo, all
 	}
 	var err error
 	if p, err = packages_model.TryInsertPackage(ctx, p); err != nil {
-		if err == packages_model.ErrDuplicatePackage {
-			packageCreated = false
-		} else {
+		if !errors.Is(err, packages_model.ErrDuplicatePackage) {
 			log.Error("Error inserting package: %v", err)
 			return nil, false, err
 		}
+		packageCreated = false
 	}
 
 	if packageCreated {
@@ -163,11 +162,10 @@ func createPackageAndVersion(ctx context.Context, pvci *PackageCreationInfo, all
 		MetadataJSON: string(metadataJSON),
 	}
 	if pv, err = packages_model.GetOrInsertVersion(ctx, pv); err != nil {
-		if err == packages_model.ErrDuplicatePackageVersion {
+		if errors.Is(err, packages_model.ErrDuplicatePackageVersion) && allowDuplicate {
 			versionCreated = false
-		}
-		if err != packages_model.ErrDuplicatePackageVersion || !allowDuplicate {
-			log.Error("Error inserting package: %v", err)
+		} else {
+			log.Error("Error inserting package: %v", err) // other error, or disallowing duplicates
 			return nil, false, err
 		}
 	}
@@ -433,7 +431,7 @@ func GetOrCreateInternalPackageVersion(ctx context.Context, ownerID int64, packa
 		}
 		var err error
 		if p, err = packages_model.TryInsertPackage(ctx, p); err != nil {
-			if err != packages_model.ErrDuplicatePackage {
+			if !errors.Is(err, packages_model.ErrDuplicatePackage) {
 				log.Error("Error inserting package: %v", err)
 				return err
 			}
diff --git a/tests/integration/api_packages_npm_test.go b/tests/integration/api_packages_npm_test.go
index b9660aeeb9ab6..ae1dd876f7ef3 100644
--- a/tests/integration/api_packages_npm_test.go
+++ b/tests/integration/api_packages_npm_test.go
@@ -52,24 +52,33 @@ func TestPackageNpm(t *testing.T) {
 			  "` + packageTag + `": "` + version + `"
 			},
 			"versions": {
-			  "` + version + `": {
-				"name": "` + packageName + `",
-				"version": "` + version + `",
-				"description": "` + packageDescription + `",
-				"author": {
-				  "name": "` + packageAuthor + `"
-				},
-        "bin": {
-          "` + packageBinName + `": "` + packageBinPath + `"
-        },
-				"dist": {
-				  "integrity": "sha512-yA4FJsVhetynGfOC1jFf79BuS+jrHbm0fhh+aHzCQkOaOBXKf9oBnC4a6DnLLnEsHQDRLYd00cwj8sCXpC+wIg==",
-				  "shasum": "aaa7eaf852a948b0aa05afeda35b1badca155d90"
-				},
-				"repository": {
-					"type": "` + repoType + `",
-					"url": "` + repoURL + `"
-				}
+			  	"` + version + `": {
+					"name": "` + packageName + `",
+					"version": "` + version + `",
+					"description": "` + packageDescription + `",
+					"author": {
+				  	"name": "` + packageAuthor + `"
+					},
+        	"bin": {
+        	  "` + packageBinName + `": "` + packageBinPath + `"
+      	  },
+					"dist": {
+					  "integrity": "sha512-yA4FJsVhetynGfOC1jFf79BuS+jrHbm0fhh+aHzCQkOaOBXKf9oBnC4a6DnLLnEsHQDRLYd00cwj8sCXpC+wIg==",
+					  "shasum": "aaa7eaf852a948b0aa05afeda35b1badca155d90"
+					},
+					"repository": {
+						"type": "` + repoType + `",
+						"url": "` + repoURL + `"
+					},
+					"peerDependencies": {
+						"tea": "2.x",
+						"soy-milk": "1.2"
+					},
+					"peerDependenciesMeta": {
+						"soy-milk": {
+							"optional": true
+						}
+					}
 			  }
 			},
 			"_attachments": {
@@ -178,6 +187,8 @@ func TestPackageNpm(t *testing.T) {
 		assert.Equal(t, fmt.Sprintf("%s%s/-/%s/%s", setting.AppURL, root[1:], packageVersion, filename), pmv.Dist.Tarball)
 		assert.Equal(t, repoType, result.Repository.Type)
 		assert.Equal(t, repoURL, result.Repository.URL)
+		assert.Equal(t, map[string]string{"tea": "2.x", "soy-milk": "1.2"}, pmv.PeerDependencies)
+		assert.Equal(t, map[string]any{"soy-milk": map[string]any{"optional": true}}, pmv.PeerDependenciesMeta)
 	})
 
 	t.Run("AddTag", func(t *testing.T) {

From 1a95d9d6a1e3a02136ce42864776db30e1062e35 Mon Sep 17 00:00:00 2001
From: Chai-Shi <changchaishi@gmail.com>
Date: Tue, 7 Jan 2025 01:54:06 +0800
Subject: [PATCH 35/55] fix empty repo updated time (#33120)

fixes #33119

routers/web/repo/view_home.go

![image](https://github.com/user-attachments/assets/b0d6c5f5-7abc-478a-8d41-4b44dbd460aa)

Calling `updateContextRepoEmptyAndStatus` will always ask the DB to
update the updated Unix attributes.
When revisiting the repo's home page, the timestamp will be updated
unexpectedly, so I added the needsUpdate variable to check whether, in
the end, the commitment to db update is necessary if columns have not
changed at all.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 models/repo/update.go         | 6 ++++++
 routers/web/repo/view_home.go | 5 ++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/models/repo/update.go b/models/repo/update.go
index e7ca2240282f2..fce357a1acf35 100644
--- a/models/repo/update.go
+++ b/models/repo/update.go
@@ -46,6 +46,12 @@ func UpdateRepositoryCols(ctx context.Context, repo *Repository, cols ...string)
 	return err
 }
 
+// UpdateRepositoryColsNoAutoTime updates repository's columns and but applies time change automatically
+func UpdateRepositoryColsNoAutoTime(ctx context.Context, repo *Repository, cols ...string) error {
+	_, err := db.GetEngine(ctx).ID(repo.ID).Cols(cols...).NoAutoTime().Update(repo)
+	return err
+}
+
 // ErrReachLimitOfRepo represents a "ReachLimitOfRepo" kind of error.
 type ErrReachLimitOfRepo struct {
 	Limit int
diff --git a/routers/web/repo/view_home.go b/routers/web/repo/view_home.go
index f890225d67bdf..8c9f54656b0c0 100644
--- a/routers/web/repo/view_home.go
+++ b/routers/web/repo/view_home.go
@@ -224,11 +224,14 @@ func prepareRecentlyPushedNewBranches(ctx *context.Context) {
 }
 
 func updateContextRepoEmptyAndStatus(ctx *context.Context, empty bool, status repo_model.RepositoryStatus) {
+	if ctx.Repo.Repository.IsEmpty == empty && ctx.Repo.Repository.Status == status {
+		return
+	}
 	ctx.Repo.Repository.IsEmpty = empty
 	if ctx.Repo.Repository.Status == repo_model.RepositoryReady || ctx.Repo.Repository.Status == repo_model.RepositoryBroken {
 		ctx.Repo.Repository.Status = status // only handle ready and broken status, leave other status as-is
 	}
-	if err := repo_model.UpdateRepositoryCols(ctx, ctx.Repo.Repository, "is_empty", "status"); err != nil {
+	if err := repo_model.UpdateRepositoryColsNoAutoTime(ctx, ctx.Repo.Repository, "is_empty", "status"); err != nil {
 		ctx.ServerError("updateContextRepoEmptyAndStatus: UpdateRepositoryCols", err)
 		return
 	}

From 4a18c722623870e7c5c7a6757c2eac73b9c91669 Mon Sep 17 00:00:00 2001
From: TheFox0x7 <thefox0x7@gmail.com>
Date: Tue, 7 Jan 2025 00:23:50 +0100
Subject: [PATCH 36/55] Remove extended glob pattern from branch protection UI
 (#33125)

Underlying go library has no support for it

Fixes: https://github.com/go-gitea/gitea/issues/33121

---

I never touched frontend tests so pointers how to write them are
welcome.

This can be either fix or workaround, depending if this is something
gitea should support in the future or not. The golang side is unlikely
to get updates though.
---
 web_src/js/features/repo-settings.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web_src/js/features/repo-settings.ts b/web_src/js/features/repo-settings.ts
index 1d2d447205f3d..90b0219f3e257 100644
--- a/web_src/js/features/repo-settings.ts
+++ b/web_src/js/features/repo-settings.ts
@@ -107,7 +107,7 @@ function initRepoSettingsBranches() {
       let matched = false;
       const statusCheck = el.getAttribute('data-status-check');
       for (const pattern of validPatterns) {
-        if (minimatch(statusCheck, pattern)) {
+        if (minimatch(statusCheck, pattern, {noext: true})) { // https://github.com/go-gitea/gitea/issues/33121 disable extended glob syntax
           matched = true;
           break;
         }

From 485d184a5c7c4de4082ef2c1743f8a3d14491468 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Tue, 7 Jan 2025 00:32:09 +0000
Subject: [PATCH 37/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_ja-JP.ini | 2 ++
 options/locale/locale_pt-PT.ini | 1 +
 2 files changed, 3 insertions(+)

diff --git a/options/locale/locale_ja-JP.ini b/options/locale/locale_ja-JP.ini
index 89582af89c3ac..8ee9112c349f4 100644
--- a/options/locale/locale_ja-JP.ini
+++ b/options/locale/locale_ja-JP.ini
@@ -3763,6 +3763,8 @@ variables.creation.success=変数 "%s" を追加しました。
 variables.update.failed=変数を更新できませんでした。
 variables.update.success=変数を更新しました。
 
+logs.always_auto_scroll=常にログを自動スクロール
+logs.always_expand_running=常に実行中のログを展開
 
 [projects]
 deleted.display_name=削除されたプロジェクト
diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index e4ba777506c56..586b8d89b6239 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -3764,6 +3764,7 @@ workflow.not_found=A sequência de trabalho '%s' não foi encontrada.
 workflow.run_success=A sequência de trabalho '%s' foi executada com sucesso.
 workflow.from_ref=Usar sequência de trabalho de
 workflow.has_workflow_dispatch=Esta sequência de trabalho tem um despoletador de eventos workflow_dispatch.
+workflow.has_no_workflow_dispatch=A sequência de trabalho '%s' não tem nenhum despoletador de eventos workflow_dispatch.
 
 need_approval_desc=É necessária aprovação para executar sequências de trabalho para a derivação do pedido de integração.
 

From 98637fe76e70d8b963827354b2eed2e8f151ebd6 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Mon, 6 Jan 2025 18:50:09 -0800
Subject: [PATCH 38/55] Filter reviews of one pull request in memory instead of
 database to reduce slow response because of lacking database index (#33106)

This PR fixes a performance problem when reviewing a pull request in a
big instance which have many records in the `review` table.
Traditionally, we should add more indexes in that table. But since
dismissed reviews of 1 pull request will not be too many as expected in
a common repository. Filtering reviews in the memory should be more
quick .

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 models/issues/pull.go               |  4 +-
 models/issues/review_list.go        | 75 ++++++++++++++++++-----------
 models/issues/review_test.go        |  3 +-
 routers/web/repo/issue_page_meta.go | 10 +---
 4 files changed, 53 insertions(+), 39 deletions(-)

diff --git a/models/issues/pull.go b/models/issues/pull.go
index 8c43eb19ddfda..786b2aa130d01 100644
--- a/models/issues/pull.go
+++ b/models/issues/pull.go
@@ -301,7 +301,7 @@ func (pr *PullRequest) LoadRequestedReviewers(ctx context.Context) error {
 		return nil
 	}
 
-	reviews, err := GetReviewsByIssueID(ctx, pr.Issue.ID)
+	reviews, _, err := GetReviewsByIssueID(ctx, pr.Issue.ID)
 	if err != nil {
 		return err
 	}
@@ -320,7 +320,7 @@ func (pr *PullRequest) LoadRequestedReviewers(ctx context.Context) error {
 
 // LoadRequestedReviewersTeams loads the requested reviewers teams.
 func (pr *PullRequest) LoadRequestedReviewersTeams(ctx context.Context) error {
-	reviews, err := GetReviewsByIssueID(ctx, pr.Issue.ID)
+	reviews, _, err := GetReviewsByIssueID(ctx, pr.Issue.ID)
 	if err != nil {
 		return err
 	}
diff --git a/models/issues/review_list.go b/models/issues/review_list.go
index bc7d7ec0f0168..928f24fb2dcd7 100644
--- a/models/issues/review_list.go
+++ b/models/issues/review_list.go
@@ -5,6 +5,8 @@ package issues
 
 import (
 	"context"
+	"slices"
+	"sort"
 
 	"code.gitea.io/gitea/models/db"
 	organization_model "code.gitea.io/gitea/models/organization"
@@ -153,43 +155,60 @@ func CountReviews(ctx context.Context, opts FindReviewOptions) (int64, error) {
 	return db.GetEngine(ctx).Where(opts.toCond()).Count(&Review{})
 }
 
-// GetReviewersFromOriginalAuthorsByIssueID gets the latest review of each original authors for a pull request
-func GetReviewersFromOriginalAuthorsByIssueID(ctx context.Context, issueID int64) (ReviewList, error) {
+// GetReviewsByIssueID gets the latest review of each reviewer for a pull request
+// The first returned parameter is the latest review of each individual reviewer or team
+// The second returned parameter is the latest review of each original author which is migrated from other systems
+// The reviews are sorted by updated time
+func GetReviewsByIssueID(ctx context.Context, issueID int64) (latestReviews, migratedOriginalReviews ReviewList, err error) {
 	reviews := make([]*Review, 0, 10)
 
-	// Get latest review of each reviewer, sorted in order they were made
-	if err := db.GetEngine(ctx).SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id = 0 AND type in (?, ?, ?) AND original_author_id <> 0 GROUP BY issue_id, original_author_id) ORDER BY review.updated_unix ASC",
-		issueID, ReviewTypeApprove, ReviewTypeReject, ReviewTypeRequest).
-		Find(&reviews); err != nil {
-		return nil, err
+	// Get all reviews for the issue id
+	if err := db.GetEngine(ctx).Where("issue_id=?", issueID).OrderBy("updated_unix ASC").Find(&reviews); err != nil {
+		return nil, nil, err
 	}
 
-	return reviews, nil
-}
-
-// GetReviewsByIssueID gets the latest review of each reviewer for a pull request
-func GetReviewsByIssueID(ctx context.Context, issueID int64) (ReviewList, error) {
-	reviews := make([]*Review, 0, 10)
-
-	sess := db.GetEngine(ctx)
+	// filter them in memory to get the latest review of each reviewer
+	// Since the reviews should not be too many for one issue, less than 100 commonly, it's acceptable to do this in memory
+	// And since there are too less indexes in review table, it will be very slow to filter in the database
+	reviewersMap := make(map[int64][]*Review)         // key is reviewer id
+	originalReviewersMap := make(map[int64][]*Review) // key is original author id
+	reviewTeamsMap := make(map[int64][]*Review)       // key is reviewer team id
+	countedReivewTypes := []ReviewType{ReviewTypeApprove, ReviewTypeReject, ReviewTypeRequest}
+	for _, review := range reviews {
+		if review.ReviewerTeamID == 0 && slices.Contains(countedReivewTypes, review.Type) && !review.Dismissed {
+			if review.OriginalAuthorID != 0 {
+				originalReviewersMap[review.OriginalAuthorID] = append(originalReviewersMap[review.OriginalAuthorID], review)
+			} else {
+				reviewersMap[review.ReviewerID] = append(reviewersMap[review.ReviewerID], review)
+			}
+		} else if review.ReviewerTeamID != 0 && review.OriginalAuthorID == 0 {
+			reviewTeamsMap[review.ReviewerTeamID] = append(reviewTeamsMap[review.ReviewerTeamID], review)
+		}
+	}
 
-	// Get latest review of each reviewer, sorted in order they were made
-	if err := sess.SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id = 0 AND type in (?, ?, ?) AND dismissed = ? AND original_author_id = 0 GROUP BY issue_id, reviewer_id) ORDER BY review.updated_unix ASC",
-		issueID, ReviewTypeApprove, ReviewTypeReject, ReviewTypeRequest, false).
-		Find(&reviews); err != nil {
-		return nil, err
+	individualReviews := make([]*Review, 0, 10)
+	for _, reviews := range reviewersMap {
+		individualReviews = append(individualReviews, reviews[len(reviews)-1])
 	}
+	sort.Slice(individualReviews, func(i, j int) bool {
+		return individualReviews[i].UpdatedUnix < individualReviews[j].UpdatedUnix
+	})
 
-	teamReviewRequests := make([]*Review, 0, 5)
-	if err := sess.SQL("SELECT * FROM review WHERE id IN (SELECT max(id) as id FROM review WHERE issue_id = ? AND reviewer_team_id <> 0 AND original_author_id = 0 GROUP BY issue_id, reviewer_team_id) ORDER BY review.updated_unix ASC",
-		issueID).
-		Find(&teamReviewRequests); err != nil {
-		return nil, err
+	originalReviews := make([]*Review, 0, 10)
+	for _, reviews := range originalReviewersMap {
+		originalReviews = append(originalReviews, reviews[len(reviews)-1])
 	}
+	sort.Slice(originalReviews, func(i, j int) bool {
+		return originalReviews[i].UpdatedUnix < originalReviews[j].UpdatedUnix
+	})
 
-	if len(teamReviewRequests) > 0 {
-		reviews = append(reviews, teamReviewRequests...)
+	teamReviewRequests := make([]*Review, 0, 5)
+	for _, reviews := range reviewTeamsMap {
+		teamReviewRequests = append(teamReviewRequests, reviews[len(reviews)-1])
 	}
+	sort.Slice(teamReviewRequests, func(i, j int) bool {
+		return teamReviewRequests[i].UpdatedUnix < teamReviewRequests[j].UpdatedUnix
+	})
 
-	return reviews, nil
+	return append(individualReviews, teamReviewRequests...), originalReviews, nil
 }
diff --git a/models/issues/review_test.go b/models/issues/review_test.go
index 50330e3ff2c60..2588b8ba41b05 100644
--- a/models/issues/review_test.go
+++ b/models/issues/review_test.go
@@ -162,8 +162,9 @@ func TestGetReviewersByIssueID(t *testing.T) {
 		},
 	)
 
-	allReviews, err := issues_model.GetReviewsByIssueID(db.DefaultContext, issue.ID)
+	allReviews, migratedReviews, err := issues_model.GetReviewsByIssueID(db.DefaultContext, issue.ID)
 	assert.NoError(t, err)
+	assert.Empty(t, migratedReviews)
 	for _, review := range allReviews {
 		assert.NoError(t, review.LoadReviewer(db.DefaultContext))
 	}
diff --git a/routers/web/repo/issue_page_meta.go b/routers/web/repo/issue_page_meta.go
index b536b04d7c603..272343f460ff3 100644
--- a/routers/web/repo/issue_page_meta.go
+++ b/routers/web/repo/issue_page_meta.go
@@ -193,6 +193,7 @@ func (d *IssuePageMetaData) retrieveReviewersData(ctx *context.Context) {
 	var posterID int64
 	var isClosed bool
 	var reviews issues_model.ReviewList
+	var err error
 
 	if d.Issue == nil {
 		if ctx.Doer != nil {
@@ -206,14 +207,7 @@ func (d *IssuePageMetaData) retrieveReviewersData(ctx *context.Context) {
 
 		isClosed = d.Issue.IsClosed || d.Issue.PullRequest.HasMerged
 
-		originalAuthorReviews, err := issues_model.GetReviewersFromOriginalAuthorsByIssueID(ctx, d.Issue.ID)
-		if err != nil {
-			ctx.ServerError("GetReviewersFromOriginalAuthorsByIssueID", err)
-			return
-		}
-		data.OriginalReviews = originalAuthorReviews
-
-		reviews, err = issues_model.GetReviewsByIssueID(ctx, d.Issue.ID)
+		reviews, data.OriginalReviews, err = issues_model.GetReviewsByIssueID(ctx, d.Issue.ID)
 		if err != nil {
 			ctx.ServerError("GetReviewersByIssueID", err)
 			return

From 34dfc25b8311117ae83f1c070ce4a6114ffe2843 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 7 Jan 2025 13:17:44 +0800
Subject: [PATCH 39/55] Make git clone URL could use current signed-in user
 (#33091)

close #33086

* Add a special value for "SSH_USER" setting: `(DOER_USERNAME)`
* Improve parseRepositoryURL and add tests (now it doesn't have hard
dependency on some setting values)

Many changes are just adding "ctx" and "doer" argument to functions.

By the way, improve app.example.ini, remove all `%(key)s` syntax, it
only makes messy and no user really cares about it.

Document: https://gitea.com/gitea/docs/pulls/138
---
 custom/conf/app.example.ini            |  55 +++++----
 models/migrations/v1_21/v276.go        |   2 +-
 models/repo/repo.go                    | 124 +++++++++++++-------
 models/repo/repo_test.go               | 156 ++++++++++++++++++-------
 models/repo/wiki.go                    |   5 +-
 models/repo/wiki_test.go               |   3 +-
 models/unittest/testdb.go              |   1 +
 modules/git/remote.go                  |   2 +-
 modules/git/url/url.go                 |   9 +-
 modules/git/url/url_test.go            |   2 +-
 modules/httplib/url.go                 |   9 +-
 modules/templates/util_misc.go         |   2 +-
 routers/api/packages/npm/npm.go        |   2 +-
 routers/web/goget.go                   |   4 +-
 routers/web/web.go                     |   2 +-
 services/context/repo.go               |   6 +-
 services/convert/repository.go         |   4 +-
 services/mirror/mirror_pull.go         |   2 +-
 services/repository/create.go          |   2 +-
 services/repository/generate.go        |  18 +--
 tests/integration/dump_restore_test.go |   4 +-
 21 files changed, 272 insertions(+), 142 deletions(-)

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index eacc732c223de..8e64c834d7373 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -78,8 +78,9 @@ RUN_USER = ; git
 ;; Set the domain for the server
 ;DOMAIN = localhost
 ;;
-;; Overwrite the automatically generated public URL. Necessary for proxies and docker.
-;ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
+;; The AppURL used by Gitea to generate absolute links, defaults to "{PROTOCOL}://{DOMAIN}:{HTTP_PORT}/".
+;; Most users should set it to the real website URL of their Gitea instance.
+;ROOT_URL =
 ;;
 ;; For development purpose only. It makes Gitea handle sub-path ("/sub-path/owner/repo/...") directly when debugging without a reverse proxy.
 ;; DO NOT USE IT IN PRODUCTION!!!
@@ -103,8 +104,8 @@ RUN_USER = ; git
 ;REDIRECT_OTHER_PORT = false
 ;PORT_TO_REDIRECT = 80
 ;;
-;; expect PROXY protocol header on connections to https redirector.
-;REDIRECTOR_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL)s
+;; expect PROXY protocol header on connections to https redirector, defaults to USE_PROXY_PROTOCOL
+;REDIRECTOR_USE_PROXY_PROTOCOL =
 ;; Minimum and maximum supported TLS versions
 ;SSL_MIN_VERSION=TLSv1.2
 ;SSL_MAX_VERSION=
@@ -128,13 +129,14 @@ RUN_USER = ; git
 ;; most cases you do not need to change the default value. Alter it only if
 ;; your SSH server node is not the same as HTTP node. For different protocol, the default
 ;; values are different. If `PROTOCOL` is `http+unix`, the default value is `http://unix/`.
-;; If `PROTOCOL` is `fcgi` or `fcgi+unix`, the default value is `%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/`.
-;; If listen on `0.0.0.0`, the default value is `%(PROTOCOL)s://localhost:%(HTTP_PORT)s/`, Otherwise the default
-;; value is `%(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/`.
-;LOCAL_ROOT_URL = %(PROTOCOL)s://%(HTTP_ADDR)s:%(HTTP_PORT)s/
+;; If `PROTOCOL` is `fcgi` or `fcgi+unix`, the default value is `{PROTOCOL}://{HTTP_ADDR}:{HTTP_PORT}/`.
+;; If listen on `0.0.0.0`, the default value is `{PROTOCOL}://localhost:{HTTP_PORT}/`.
+;; Otherwise the default value is `{PROTOCOL}://{HTTP_ADDR}:{HTTP_PORT}/`.
+;; Most users don't need (and shouldn't) set this value.
+;LOCAL_ROOT_URL =
 ;;
-;; When making local connections pass the PROXY protocol header.
-;LOCAL_USE_PROXY_PROTOCOL = %(USE_PROXY_PROTOCOL)s
+;; When making local connections pass the PROXY protocol header, defaults to USE_PROXY_PROTOCOL
+;LOCAL_USE_PROXY_PROTOCOL =
 ;;
 ;; Disable SSH feature when not available
 ;DISABLE_SSH = false
@@ -146,13 +148,17 @@ RUN_USER = ; git
 ;SSH_SERVER_USE_PROXY_PROTOCOL = false
 ;;
 ;; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
-;BUILTIN_SSH_SERVER_USER = %(RUN_USER)s
+;BUILTIN_SSH_SERVER_USER =
 ;;
-;; Domain name to be exposed in clone URL
-;SSH_DOMAIN = %(DOMAIN)s
+;; Domain name to be exposed in clone URL, defaults to DOMAIN or the domain part of ROOT_URL
+;SSH_DOMAIN =
 ;;
-;; SSH username displayed in clone URLs.
-;SSH_USER = %(BUILTIN_SSH_SERVER_USER)s
+;; SSH username displayed in clone URLs. It defaults to BUILTIN_SSH_SERVER_USER or RUN_USER.
+;; If it is set to "(DOER_USERNAME)", it will use current signed-in user's username.
+;; This option is only for some advanced users who have configured their SSH reverse-proxy
+;; and need to use different usernames for git SSH clone.
+;; Most users should just leave it blank.
+;SSH_USER =
 ;;
 ;; The network interface the builtin SSH server should listen on
 ;SSH_LISTEN_HOST =
@@ -160,8 +166,8 @@ RUN_USER = ; git
 ;; Port number to be exposed in clone URL
 ;SSH_PORT = 22
 ;;
-;; The port number the builtin SSH server should listen on
-;SSH_LISTEN_PORT = %(SSH_PORT)s
+;; The port number the builtin SSH server should listen on, defaults to SSH_PORT
+;SSH_LISTEN_PORT =
 ;;
 ;; Root path of SSH directory, default is '~/.ssh', but you have to use '/home/git/.ssh'.
 ;SSH_ROOT_PATH =
@@ -188,7 +194,7 @@ RUN_USER = ; git
 ;;
 ;; For the built-in SSH server, choose the keypair to offer as the host key
 ;; The private key should be at SSH_SERVER_HOST_KEY and the public SSH_SERVER_HOST_KEY.pub
-;; relative paths are made absolute relative to the %(APP_DATA_PATH)s
+;; relative paths are made absolute relative to the APP_DATA_PATH
 ;SSH_SERVER_HOST_KEYS=ssh/gitea.rsa, ssh/gogs.rsa
 ;;
 ;; Directory to create temporary files in when testing public keys using ssh-keygen,
@@ -582,7 +588,7 @@ ENABLED = true
 [log]
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Root path for the log files - defaults to %(GITEA_WORK_DIR)/log
+;; Root path for the log files - defaults to "{AppWorkPath}/log"
 ;ROOT_PATH =
 ;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -682,8 +688,8 @@ LEVEL = Info
 ;; The path of git executable. If empty, Gitea searches through the PATH environment.
 ;PATH =
 ;;
-;; The HOME directory for Git
-;HOME_PATH = %(APP_DATA_PATH)s/home
+;; The HOME directory for Git, defaults to "{APP_DATA_PATH}/home"
+;HOME_PATH =
 ;;
 ;; Disables highlight of added and removed changes
 ;DISABLE_DIFF_HIGHLIGHT = false
@@ -946,8 +952,8 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;[repository]
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; Root path for storing all repository data. By default, it is set to %(APP_DATA_PATH)s/gitea-repositories.
-;; A relative path is interpreted as _`AppWorkPath`_/%(ROOT)s
+;; Root path for storing all repository data. By default, it is set to "{APP_DATA_PATH}/gitea-repositories".
+;; A relative path is interpreted as "{AppWorkPath}/{ROOT}" (use AppWorkPath as base path).
 ;ROOT =
 ;;
 ;; The script type this server supports. Usually this is `bash`, but some users report that only `sh` is available.
@@ -1506,7 +1512,8 @@ LEVEL = Info
 ;TYPE = persistable-channel
 ;;
 ;; data-dir for storing persistable queues and level queues, individual queues will default to `queues/common` meaning the queue is shared.
-;DATADIR = queues/ ; Relative paths will be made absolute against `%(APP_DATA_PATH)s`.
+;; Relative paths will be made absolute against "APP_DATA_PATH"
+;DATADIR = queues/
 ;;
 ;; Default queue length before a channel queue will block
 ;LENGTH = 100000
diff --git a/models/migrations/v1_21/v276.go b/models/migrations/v1_21/v276.go
index 15177bf0406df..9d22c9052e18c 100644
--- a/models/migrations/v1_21/v276.go
+++ b/models/migrations/v1_21/v276.go
@@ -172,7 +172,7 @@ func getRemoteAddress(ownerName, repoName, remoteName string) (string, error) {
 		return "", fmt.Errorf("get remote %s's address of %s/%s failed: %v", remoteName, ownerName, repoName, err)
 	}
 
-	u, err := giturl.Parse(remoteURL)
+	u, err := giturl.ParseGitURL(remoteURL)
 	if err != nil {
 		return "", err
 	}
diff --git a/models/repo/repo.go b/models/repo/repo.go
index af4a1f7fb5888..4432fef810211 100644
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@@ -20,6 +20,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/git"
+	giturl "code.gitea.io/gitea/modules/git/url"
 	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
@@ -637,14 +638,26 @@ type CloneLink struct {
 }
 
 // ComposeHTTPSCloneURL returns HTTPS clone URL based on given owner and repository name.
-func ComposeHTTPSCloneURL(owner, repo string) string {
-	return fmt.Sprintf("%s%s/%s.git", setting.AppURL, url.PathEscape(owner), url.PathEscape(repo))
+func ComposeHTTPSCloneURL(ctx context.Context, owner, repo string) string {
+	return fmt.Sprintf("%s%s/%s.git", httplib.GuessCurrentAppURL(ctx), url.PathEscape(owner), url.PathEscape(repo))
 }
 
-func ComposeSSHCloneURL(ownerName, repoName string) string {
+func ComposeSSHCloneURL(doer *user_model.User, ownerName, repoName string) string {
 	sshUser := setting.SSH.User
 	sshDomain := setting.SSH.Domain
 
+	if sshUser == "(DOER_USERNAME)" {
+		// Some users use SSH reverse-proxy and need to use the current signed-in username as the SSH user
+		// to make the SSH reverse-proxy could prepare the user's public keys ahead.
+		// For most cases we have the correct "doer", then use it as the SSH user.
+		// If we can't get the doer, then use the built-in SSH user.
+		if doer != nil {
+			sshUser = doer.Name
+		} else {
+			sshUser = setting.SSH.BuiltinServerUser
+		}
+	}
+
 	// non-standard port, it must use full URI
 	if setting.SSH.Port != 22 {
 		sshHost := net.JoinHostPort(sshDomain, strconv.Itoa(setting.SSH.Port))
@@ -662,21 +675,20 @@ func ComposeSSHCloneURL(ownerName, repoName string) string {
 	return fmt.Sprintf("%s@%s:%s/%s.git", sshUser, sshHost, url.PathEscape(ownerName), url.PathEscape(repoName))
 }
 
-func (repo *Repository) cloneLink(isWiki bool) *CloneLink {
-	repoName := repo.Name
-	if isWiki {
-		repoName += ".wiki"
-	}
-
+func (repo *Repository) cloneLink(ctx context.Context, doer *user_model.User, repoPathName string) *CloneLink {
 	cl := new(CloneLink)
-	cl.SSH = ComposeSSHCloneURL(repo.OwnerName, repoName)
-	cl.HTTPS = ComposeHTTPSCloneURL(repo.OwnerName, repoName)
+	cl.SSH = ComposeSSHCloneURL(doer, repo.OwnerName, repoPathName)
+	cl.HTTPS = ComposeHTTPSCloneURL(ctx, repo.OwnerName, repoPathName)
 	return cl
 }
 
 // CloneLink returns clone URLs of repository.
-func (repo *Repository) CloneLink() (cl *CloneLink) {
-	return repo.cloneLink(false)
+func (repo *Repository) CloneLink(ctx context.Context, doer *user_model.User) (cl *CloneLink) {
+	return repo.cloneLink(ctx, doer, repo.Name)
+}
+
+func (repo *Repository) CloneLinkGeneral(ctx context.Context) (cl *CloneLink) {
+	return repo.cloneLink(ctx, nil /* no doer, use a general git user */, repo.Name)
 }
 
 // GetOriginalURLHostname returns the hostname of a URL or the URL
@@ -772,47 +784,75 @@ func GetRepositoryByName(ctx context.Context, ownerID int64, name string) (*Repo
 	return &repo, err
 }
 
-// getRepositoryURLPathSegments returns segments (owner, reponame) extracted from a url
-func getRepositoryURLPathSegments(repoURL string) []string {
-	if strings.HasPrefix(repoURL, setting.AppURL) {
-		return strings.Split(strings.TrimPrefix(repoURL, setting.AppURL), "/")
+func parseRepositoryURL(ctx context.Context, repoURL string) (ret struct {
+	OwnerName, RepoName, RemainingPath string
+},
+) {
+	// possible urls for git:
+	//  https://my.domain/sub-path/<owner>/<repo>[.git]
+	//  git+ssh://user@my.domain/<owner>/<repo>[.git]
+	//  ssh://user@my.domain/<owner>/<repo>[.git]
+	//  user@my.domain:<owner>/<repo>[.git]
+
+	fillPathParts := func(s string) {
+		s = strings.TrimPrefix(s, "/")
+		fields := strings.SplitN(s, "/", 3)
+		if len(fields) >= 2 {
+			ret.OwnerName = fields[0]
+			ret.RepoName = strings.TrimSuffix(fields[1], ".git")
+			if len(fields) == 3 {
+				ret.RemainingPath = "/" + fields[2]
+			}
+		}
 	}
 
-	sshURLVariants := [4]string{
-		setting.SSH.Domain + ":",
-		setting.SSH.User + "@" + setting.SSH.Domain + ":",
-		"git+ssh://" + setting.SSH.Domain + "/",
-		"git+ssh://" + setting.SSH.User + "@" + setting.SSH.Domain + "/",
+	parsed, err := giturl.ParseGitURL(repoURL)
+	if err != nil {
+		return ret
 	}
-
-	for _, sshURL := range sshURLVariants {
-		if strings.HasPrefix(repoURL, sshURL) {
-			return strings.Split(strings.TrimPrefix(repoURL, sshURL), "/")
+	if parsed.URL.Scheme == "http" || parsed.URL.Scheme == "https" {
+		if !httplib.IsCurrentGiteaSiteURL(ctx, repoURL) {
+			return ret
+		}
+		fillPathParts(strings.TrimPrefix(parsed.URL.Path, setting.AppSubURL))
+	} else if parsed.URL.Scheme == "ssh" || parsed.URL.Scheme == "git+ssh" {
+		domainSSH := setting.SSH.Domain
+		domainCur := httplib.GuessCurrentHostDomain(ctx)
+		urlDomain, _, _ := net.SplitHostPort(parsed.URL.Host)
+		urlDomain = util.IfZero(urlDomain, parsed.URL.Host)
+		if urlDomain == "" {
+			return ret
+		}
+		// check whether URL domain is the App domain
+		domainMatches := domainSSH == urlDomain
+		// check whether URL domain is current domain from context
+		domainMatches = domainMatches || (domainCur != "" && domainCur == urlDomain)
+		if domainMatches {
+			fillPathParts(parsed.URL.Path)
 		}
 	}
-
-	return nil
+	return ret
 }
 
 // GetRepositoryByURL returns the repository by given url
 func GetRepositoryByURL(ctx context.Context, repoURL string) (*Repository, error) {
-	// possible urls for git:
-	//  https://my.domain/sub-path/<owner>/<repo>.git
-	//  https://my.domain/sub-path/<owner>/<repo>
-	//  git+ssh://user@my.domain/<owner>/<repo>.git
-	//  git+ssh://user@my.domain/<owner>/<repo>
-	//  user@my.domain:<owner>/<repo>.git
-	//  user@my.domain:<owner>/<repo>
-
-	pathSegments := getRepositoryURLPathSegments(repoURL)
-
-	if len(pathSegments) != 2 {
+	ret := parseRepositoryURL(ctx, repoURL)
+	if ret.OwnerName == "" {
 		return nil, fmt.Errorf("unknown or malformed repository URL")
 	}
+	return GetRepositoryByOwnerAndName(ctx, ret.OwnerName, ret.RepoName)
+}
 
-	ownerName := pathSegments[0]
-	repoName := strings.TrimSuffix(pathSegments[1], ".git")
-	return GetRepositoryByOwnerAndName(ctx, ownerName, repoName)
+// GetRepositoryByURLRelax also accepts an SSH clone URL without user part
+func GetRepositoryByURLRelax(ctx context.Context, repoURL string) (*Repository, error) {
+	if !strings.Contains(repoURL, "://") && !strings.Contains(repoURL, "@") {
+		// convert "example.com:owner/repo" to "@example.com:owner/repo"
+		p1, p2, p3 := strings.Index(repoURL, "."), strings.Index(repoURL, ":"), strings.Index(repoURL, "/")
+		if 0 < p1 && p1 < p2 && p2 < p3 {
+			repoURL = "@" + repoURL
+		}
+	}
+	return GetRepositoryByURL(ctx, repoURL)
 }
 
 // GetRepositoryByID returns the repository by given id if exists.
diff --git a/models/repo/repo_test.go b/models/repo/repo_test.go
index 001f8ecd84819..ffae642285d30 100644
--- a/models/repo/repo_test.go
+++ b/models/repo/repo_test.go
@@ -4,18 +4,23 @@
 package repo
 
 import (
+	"context"
+	"net/http"
+	"net/url"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 var (
@@ -127,65 +132,121 @@ func TestMetas(t *testing.T) {
 	assert.Equal(t, ",owners,team1,", metas["teams"])
 }
 
+func TestParseRepositoryURLPathSegments(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000")()
+
+	ctxURL, _ := url.Parse("https://gitea")
+	ctxReq := &http.Request{URL: ctxURL, Header: http.Header{}}
+	ctxReq.Host = ctxURL.Host
+	ctxReq.Header.Add("X-Forwarded-Proto", ctxURL.Scheme)
+	ctx := context.WithValue(context.Background(), httplib.RequestContextKey, ctxReq)
+	cases := []struct {
+		input                          string
+		ownerName, repoName, remaining string
+	}{
+		{input: "/user/repo"},
+
+		{input: "https://localhost:3000/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "https://external:3000/user/repo"},
+
+		{input: "https://localhost:3000/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
+
+		{input: "https://gitea/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "https://gitea:3333/user/repo"},
+
+		{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "ssh://external:2222/user/repo"},
+
+		{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "git+ssh://user@external/user/repo.git"},
+
+		{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "root@gitea:user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "root@external:user/repo.git"},
+	}
+
+	for _, c := range cases {
+		t.Run(c.input, func(t *testing.T) {
+			ret := parseRepositoryURL(ctx, c.input)
+			assert.Equal(t, c.ownerName, ret.OwnerName)
+			assert.Equal(t, c.repoName, ret.RepoName)
+			assert.Equal(t, c.remaining, ret.RemainingPath)
+		})
+	}
+
+	t.Run("WithSubpath", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000/subpath")()
+		defer test.MockVariableValue(&setting.AppSubURL, "/subpath")()
+		cases = []struct {
+			input                          string
+			ownerName, repoName, remaining string
+		}{
+			{input: "https://localhost:3000/user/repo"},
+			{input: "https://localhost:3000/subpath/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
+
+			{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
+			{input: "ssh://external:2222/user/repo"},
+
+			{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
+			{input: "git+ssh://user@external/user/repo.git"},
+
+			{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
+			{input: "root@external:user/repo.git"},
+		}
+
+		for _, c := range cases {
+			t.Run(c.input, func(t *testing.T) {
+				ret := parseRepositoryURL(ctx, c.input)
+				assert.Equal(t, c.ownerName, ret.OwnerName)
+				assert.Equal(t, c.repoName, ret.RepoName)
+				assert.Equal(t, c.remaining, ret.RemainingPath)
+			})
+		}
+	})
+}
+
 func TestGetRepositoryByURL(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
 	t.Run("InvalidPath", func(t *testing.T) {
 		repo, err := GetRepositoryByURL(db.DefaultContext, "something")
-
 		assert.Nil(t, repo)
 		assert.Error(t, err)
 	})
 
-	t.Run("ValidHttpURL", func(t *testing.T) {
-		test := func(t *testing.T, url string) {
-			repo, err := GetRepositoryByURL(db.DefaultContext, url)
-
-			assert.NotNil(t, repo)
-			assert.NoError(t, err)
-
-			assert.Equal(t, int64(2), repo.ID)
-			assert.Equal(t, int64(2), repo.OwnerID)
-		}
+	testRepo2 := func(t *testing.T, url string) {
+		repo, err := GetRepositoryByURL(db.DefaultContext, url)
+		require.NoError(t, err)
+		assert.EqualValues(t, 2, repo.ID)
+		assert.EqualValues(t, 2, repo.OwnerID)
+	}
 
-		test(t, "https://try.gitea.io/user2/repo2")
-		test(t, "https://try.gitea.io/user2/repo2.git")
+	t.Run("ValidHttpURL", func(t *testing.T) {
+		testRepo2(t, "https://try.gitea.io/user2/repo2")
+		testRepo2(t, "https://try.gitea.io/user2/repo2.git")
 	})
 
 	t.Run("ValidGitSshURL", func(t *testing.T) {
-		test := func(t *testing.T, url string) {
-			repo, err := GetRepositoryByURL(db.DefaultContext, url)
-
-			assert.NotNil(t, repo)
-			assert.NoError(t, err)
+		testRepo2(t, "git+ssh://sshuser@try.gitea.io/user2/repo2")
+		testRepo2(t, "git+ssh://sshuser@try.gitea.io/user2/repo2.git")
 
-			assert.Equal(t, int64(2), repo.ID)
-			assert.Equal(t, int64(2), repo.OwnerID)
-		}
-
-		test(t, "git+ssh://sshuser@try.gitea.io/user2/repo2")
-		test(t, "git+ssh://sshuser@try.gitea.io/user2/repo2.git")
-
-		test(t, "git+ssh://try.gitea.io/user2/repo2")
-		test(t, "git+ssh://try.gitea.io/user2/repo2.git")
+		testRepo2(t, "git+ssh://try.gitea.io/user2/repo2")
+		testRepo2(t, "git+ssh://try.gitea.io/user2/repo2.git")
 	})
 
 	t.Run("ValidImplicitSshURL", func(t *testing.T) {
-		test := func(t *testing.T, url string) {
-			repo, err := GetRepositoryByURL(db.DefaultContext, url)
-
-			assert.NotNil(t, repo)
-			assert.NoError(t, err)
+		testRepo2(t, "sshuser@try.gitea.io:user2/repo2")
+		testRepo2(t, "sshuser@try.gitea.io:user2/repo2.git")
 
+		testRelax := func(t *testing.T, url string) {
+			repo, err := GetRepositoryByURLRelax(db.DefaultContext, url)
+			require.NoError(t, err)
 			assert.Equal(t, int64(2), repo.ID)
 			assert.Equal(t, int64(2), repo.OwnerID)
 		}
-
-		test(t, "sshuser@try.gitea.io:user2/repo2")
-		test(t, "sshuser@try.gitea.io:user2/repo2.git")
-
-		test(t, "try.gitea.io:user2/repo2")
-		test(t, "try.gitea.io:user2/repo2.git")
+		// TODO: it doesn't seem to be common git ssh URL, should we really support this?
+		testRelax(t, "try.gitea.io:user2/repo2")
+		testRelax(t, "try.gitea.io:user2/repo2.git")
 	})
 }
 
@@ -199,23 +260,30 @@ func TestComposeSSHCloneURL(t *testing.T) {
 	setting.SSH.Domain = "domain"
 	setting.SSH.Port = 22
 	setting.Repository.UseCompatSSHURI = false
-	assert.Equal(t, "git@domain:user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "git@domain:user/repo.git", ComposeSSHCloneURL(&user_model.User{Name: "doer"}, "user", "repo"))
 	setting.Repository.UseCompatSSHURI = true
-	assert.Equal(t, "ssh://git@domain/user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "ssh://git@domain/user/repo.git", ComposeSSHCloneURL(&user_model.User{Name: "doer"}, "user", "repo"))
 	// test SSH_DOMAIN while use non-standard SSH port
 	setting.SSH.Port = 123
 	setting.Repository.UseCompatSSHURI = false
-	assert.Equal(t, "ssh://git@domain:123/user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "ssh://git@domain:123/user/repo.git", ComposeSSHCloneURL(nil, "user", "repo"))
 	setting.Repository.UseCompatSSHURI = true
-	assert.Equal(t, "ssh://git@domain:123/user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "ssh://git@domain:123/user/repo.git", ComposeSSHCloneURL(nil, "user", "repo"))
 
 	// test IPv6 SSH_DOMAIN
 	setting.Repository.UseCompatSSHURI = false
 	setting.SSH.Domain = "::1"
 	setting.SSH.Port = 22
-	assert.Equal(t, "git@[::1]:user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "git@[::1]:user/repo.git", ComposeSSHCloneURL(nil, "user", "repo"))
+	setting.SSH.Port = 123
+	assert.Equal(t, "ssh://git@[::1]:123/user/repo.git", ComposeSSHCloneURL(nil, "user", "repo"))
+
+	setting.SSH.User = "(DOER_USERNAME)"
+	setting.SSH.Domain = "domain"
+	setting.SSH.Port = 22
+	assert.Equal(t, "doer@domain:user/repo.git", ComposeSSHCloneURL(&user_model.User{Name: "doer"}, "user", "repo"))
 	setting.SSH.Port = 123
-	assert.Equal(t, "ssh://git@[::1]:123/user/repo.git", ComposeSSHCloneURL("user", "repo"))
+	assert.Equal(t, "ssh://doer@domain:123/user/repo.git", ComposeSSHCloneURL(&user_model.User{Name: "doer"}, "user", "repo"))
 }
 
 func TestIsUsableRepoName(t *testing.T) {
diff --git a/models/repo/wiki.go b/models/repo/wiki.go
index b378666a20620..4239a815b28ca 100644
--- a/models/repo/wiki.go
+++ b/models/repo/wiki.go
@@ -5,6 +5,7 @@
 package repo
 
 import (
+	"context"
 	"fmt"
 	"path/filepath"
 	"strings"
@@ -72,8 +73,8 @@ func (err ErrWikiInvalidFileName) Unwrap() error {
 }
 
 // WikiCloneLink returns clone URLs of repository wiki.
-func (repo *Repository) WikiCloneLink() *CloneLink {
-	return repo.cloneLink(true)
+func (repo *Repository) WikiCloneLink(ctx context.Context, doer *user_model.User) *CloneLink {
+	return repo.cloneLink(ctx, doer, repo.Name+".wiki")
 }
 
 // WikiPath returns wiki data path by given user and repository name.
diff --git a/models/repo/wiki_test.go b/models/repo/wiki_test.go
index 629986f741a5e..0157b7735d08a 100644
--- a/models/repo/wiki_test.go
+++ b/models/repo/wiki_test.go
@@ -4,6 +4,7 @@
 package repo_test
 
 import (
+	"context"
 	"path/filepath"
 	"testing"
 
@@ -18,7 +19,7 @@ func TestRepository_WikiCloneLink(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
-	cloneLink := repo.WikiCloneLink()
+	cloneLink := repo.WikiCloneLink(context.Background(), nil)
 	assert.Equal(t, "ssh://sshuser@try.gitea.io:3000/user2/repo1.wiki.git", cloneLink.SSH)
 	assert.Equal(t, "https://try.gitea.io/user2/repo1.wiki.git", cloneLink.HTTPS)
 }
diff --git a/models/unittest/testdb.go b/models/unittest/testdb.go
index 0dcff166cc3b1..7a9ca9698d0e9 100644
--- a/models/unittest/testdb.go
+++ b/models/unittest/testdb.go
@@ -84,6 +84,7 @@ func MainTest(m *testing.M, testOptsArg ...*TestOptions) {
 
 	setting.IsInTesting = true
 	setting.AppURL = "https://try.gitea.io/"
+	setting.Domain = "try.gitea.io"
 	setting.RunUser = "runuser"
 	setting.SSH.User = "sshuser"
 	setting.SSH.BuiltinServerUser = "builtinuser"
diff --git a/modules/git/remote.go b/modules/git/remote.go
index de8d74eded75f..88d824b52b496 100644
--- a/modules/git/remote.go
+++ b/modules/git/remote.go
@@ -39,7 +39,7 @@ func GetRemoteURL(ctx context.Context, repoPath, remoteName string) (*giturl.Git
 	if err != nil {
 		return nil, err
 	}
-	return giturl.Parse(addr)
+	return giturl.ParseGitURL(addr)
 }
 
 // ErrInvalidCloneAddr represents a "InvalidCloneAddr" kind of error.
diff --git a/modules/git/url/url.go b/modules/git/url/url.go
index 637685183e5aa..667e542199c8f 100644
--- a/modules/git/url/url.go
+++ b/modules/git/url/url.go
@@ -21,7 +21,7 @@ func (err ErrWrongURLFormat) Error() string {
 // GitURL represents a git URL
 type GitURL struct {
 	*stdurl.URL
-	extraMark int // 0 no extra 1 scp 2 file path with no prefix
+	extraMark int // 0: standard URL with scheme, 1: scp short syntax (no scheme), 2: file path with no prefix
 }
 
 // String returns the URL's string
@@ -38,8 +38,11 @@ func (u *GitURL) String() string {
 	}
 }
 
-// Parse parse all kinds of git URL
-func Parse(remote string) (*GitURL, error) {
+// ParseGitURL parse all kinds of git URL:
+// * Full URL: http://git@host/path, http://git@host:port/path
+// * SCP short syntax: git@host:/path
+// * File path: /dir/repo/path
+func ParseGitURL(remote string) (*GitURL, error) {
 	if strings.Contains(remote, "://") {
 		u, err := stdurl.Parse(remote)
 		if err != nil {
diff --git a/modules/git/url/url_test.go b/modules/git/url/url_test.go
index da820ed889751..a23121a907ad9 100644
--- a/modules/git/url/url_test.go
+++ b/modules/git/url/url_test.go
@@ -157,7 +157,7 @@ func TestParseGitURLs(t *testing.T) {
 
 	for _, kase := range kases {
 		t.Run(kase.kase, func(t *testing.T) {
-			u, err := Parse(kase.kase)
+			u, err := ParseGitURL(kase.kase)
 			assert.NoError(t, err)
 			assert.EqualValues(t, kase.expected.extraMark, u.extraMark)
 			assert.EqualValues(t, *kase.expected, *u)
diff --git a/modules/httplib/url.go b/modules/httplib/url.go
index e3bad1e5fba40..f543c09190673 100644
--- a/modules/httplib/url.go
+++ b/modules/httplib/url.go
@@ -5,6 +5,7 @@ package httplib
 
 import (
 	"context"
+	"net"
 	"net/http"
 	"net/url"
 	"strings"
@@ -81,6 +82,12 @@ func GuessCurrentHostURL(ctx context.Context) string {
 	return reqScheme + "://" + req.Host
 }
 
+func GuessCurrentHostDomain(ctx context.Context) string {
+	_, host, _ := strings.Cut(GuessCurrentHostURL(ctx), "://")
+	domain, _, _ := net.SplitHostPort(host)
+	return util.IfZero(domain, host)
+}
+
 // MakeAbsoluteURL tries to make a link to an absolute URL:
 // * If link is empty, it returns the current app URL.
 // * If link is absolute, it returns the link.
@@ -105,7 +112,7 @@ func IsCurrentGiteaSiteURL(ctx context.Context, s string) bool {
 		if cleanedPath == "" || cleanedPath == "." {
 			u.Path = "/"
 		} else {
-			u.Path += "/" + cleanedPath + "/"
+			u.Path = "/" + cleanedPath + "/"
 		}
 	}
 	if urlIsRelative(s, u) {
diff --git a/modules/templates/util_misc.go b/modules/templates/util_misc.go
index d645fa013e81e..2d42bc76b5434 100644
--- a/modules/templates/util_misc.go
+++ b/modules/templates/util_misc.go
@@ -150,7 +150,7 @@ func mirrorRemoteAddress(ctx context.Context, m *repo_model.Repository, remoteNa
 		return ret
 	}
 
-	u, err := giturl.Parse(remoteURL)
+	u, err := giturl.ParseGitURL(remoteURL)
 	if err != nil {
 		log.Error("giturl.Parse %v", err)
 		return ret
diff --git a/routers/api/packages/npm/npm.go b/routers/api/packages/npm/npm.go
index 13723030498a9..6ec46bcb36573 100644
--- a/routers/api/packages/npm/npm.go
+++ b/routers/api/packages/npm/npm.go
@@ -163,7 +163,7 @@ func UploadPackage(ctx *context.Context) {
 		return
 	}
 
-	repo, err := repo_model.GetRepositoryByURL(ctx, npmPackage.Metadata.Repository.URL)
+	repo, err := repo_model.GetRepositoryByURLRelax(ctx, npmPackage.Metadata.Repository.URL)
 	if err == nil {
 		canWrite := repo.OwnerID == ctx.Doer.ID
 
diff --git a/routers/web/goget.go b/routers/web/goget.go
index 3714dd8eb0fc1..79d5c2b20763e 100644
--- a/routers/web/goget.go
+++ b/routers/web/goget.go
@@ -69,9 +69,9 @@ func goGet(ctx *context.Context) {
 
 	var cloneURL string
 	if setting.Repository.GoGetCloneURLProtocol == "ssh" {
-		cloneURL = repo_model.ComposeSSHCloneURL(ownerName, repoName)
+		cloneURL = repo_model.ComposeSSHCloneURL(ctx.Doer, ownerName, repoName)
 	} else {
-		cloneURL = repo_model.ComposeHTTPSCloneURL(ownerName, repoName)
+		cloneURL = repo_model.ComposeHTTPSCloneURL(ctx, ownerName, repoName)
 	}
 	goImportContent := fmt.Sprintf("%s git %s", goGetImport, cloneURL /*CloneLink*/)
 	goSourceContent := fmt.Sprintf("%s _ %s %s", goGetImport, prefix+"{/dir}" /*GoDocDirectory*/, prefix+"{/dir}/{file}#L{line}" /*GoDocFile*/)
diff --git a/routers/web/web.go b/routers/web/web.go
index ff91bda3d2e65..32d65865ac068 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -1450,7 +1450,7 @@ func registerRoutes(m *web.Router) {
 		m.Get("/raw/*", repo.WikiRaw)
 	}, optSignIn, context.RepoAssignment, repo.MustEnableWiki, reqRepoWikiReader, func(ctx *context.Context) {
 		ctx.Data["PageIsWiki"] = true
-		ctx.Data["CloneButtonOriginLink"] = ctx.Repo.Repository.WikiCloneLink()
+		ctx.Data["CloneButtonOriginLink"] = ctx.Repo.Repository.WikiCloneLink(ctx, ctx.Doer)
 	})
 	// end "/{username}/{reponame}/wiki"
 
diff --git a/services/context/repo.go b/services/context/repo.go
index 63529e1d81128..4de905ef2cb73 100644
--- a/services/context/repo.go
+++ b/services/context/repo.go
@@ -325,9 +325,9 @@ func EarlyResponseForGoGetMeta(ctx *Context) {
 
 	var cloneURL string
 	if setting.Repository.GoGetCloneURLProtocol == "ssh" {
-		cloneURL = repo_model.ComposeSSHCloneURL(username, reponame)
+		cloneURL = repo_model.ComposeSSHCloneURL(ctx.Doer, username, reponame)
 	} else {
-		cloneURL = repo_model.ComposeHTTPSCloneURL(username, reponame)
+		cloneURL = repo_model.ComposeHTTPSCloneURL(ctx, username, reponame)
 	}
 	goImportContent := fmt.Sprintf("%s git %s", ComposeGoGetImport(ctx, username, reponame), cloneURL)
 	htmlMeta := fmt.Sprintf(`<meta name="go-import" content="%s">`, html.EscapeString(goImportContent))
@@ -564,7 +564,7 @@ func RepoAssignment(ctx *Context) {
 	// If multiple forks are available or if the user can fork to another account, but there is already a fork: open selection dialog
 	ctx.Data["ShowForkModal"] = len(userAndOrgForks) > 1 || (canSignedUserFork && len(userAndOrgForks) > 0)
 
-	ctx.Data["RepoCloneLink"] = repo.CloneLink()
+	ctx.Data["RepoCloneLink"] = repo.CloneLink(ctx, ctx.Doer)
 
 	cloneButtonShowHTTPS := !setting.Repository.DisableHTTPGit
 	cloneButtonShowSSH := !setting.SSH.Disabled && (ctx.IsSigned || setting.SSH.ExposeAnonymous)
diff --git a/services/convert/repository.go b/services/convert/repository.go
index 88ccd88fcfec6..632b6392d57d2 100644
--- a/services/convert/repository.go
+++ b/services/convert/repository.go
@@ -33,7 +33,9 @@ func innerToRepo(ctx context.Context, repo *repo_model.Repository, permissionInR
 		permissionInRepo.SetUnitsWithDefaultAccessMode(repo.Units, permissionInRepo.AccessMode)
 	}
 
-	cloneLink := repo.CloneLink()
+	// TODO: ideally we should pass "doer" into "ToRepo" to to make CloneLink could generate user-related links
+	// And passing "doer" in will also fix other FIXMEs in this file.
+	cloneLink := repo.CloneLinkGeneral(ctx) // no doer at the moment
 	permission := &api.Permission{
 		Admin: permissionInRepo.AccessMode >= perm.AccessModeAdmin,
 		Push:  permissionInRepo.UnitAccessMode(unit_model.TypeCode) >= perm.AccessModeWrite,
diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go
index 22d380e8e68a6..400444a26badd 100644
--- a/services/mirror/mirror_pull.go
+++ b/services/mirror/mirror_pull.go
@@ -32,7 +32,7 @@ const gitShortEmptySha = "0000000"
 
 // UpdateAddress writes new address to Git repository and database
 func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error {
-	u, err := giturl.Parse(addr)
+	u, err := giturl.ParseGitURL(addr)
 	if err != nil {
 		return fmt.Errorf("invalid addr: %v", err)
 	}
diff --git a/services/repository/create.go b/services/repository/create.go
index a3199f2a40aac..23aacd6f958d8 100644
--- a/services/repository/create.go
+++ b/services/repository/create.go
@@ -79,7 +79,7 @@ func prepareRepoCommit(ctx context.Context, repo *repo_model.Repository, tmpDir,
 		return fmt.Errorf("GetRepoInitFile[%s]: %w", opts.Readme, err)
 	}
 
-	cloneLink := repo.CloneLink()
+	cloneLink := repo.CloneLink(ctx, nil /* no doer so do not generate user-related SSH link */)
 	match := map[string]string{
 		"Name":           repo.Name,
 		"Description":    repo.Description,
diff --git a/services/repository/generate.go b/services/repository/generate.go
index ef9a8dc94065b..d5c07e980057a 100644
--- a/services/repository/generate.go
+++ b/services/repository/generate.go
@@ -51,7 +51,7 @@ var defaultTransformers = []transformer{
 	{Name: "TITLE", Transform: util.ToTitleCase},
 }
 
-func generateExpansion(src string, templateRepo, generateRepo *repo_model.Repository, sanitizeFileName bool) string {
+func generateExpansion(ctx context.Context, src string, templateRepo, generateRepo *repo_model.Repository, sanitizeFileName bool) string {
 	year, month, day := time.Now().Date()
 	expansions := []expansion{
 		{Name: "YEAR", Value: strconv.Itoa(year), Transformers: nil},
@@ -66,10 +66,10 @@ func generateExpansion(src string, templateRepo, generateRepo *repo_model.Reposi
 		{Name: "TEMPLATE_OWNER", Value: templateRepo.OwnerName, Transformers: defaultTransformers},
 		{Name: "REPO_LINK", Value: generateRepo.Link(), Transformers: nil},
 		{Name: "TEMPLATE_LINK", Value: templateRepo.Link(), Transformers: nil},
-		{Name: "REPO_HTTPS_URL", Value: generateRepo.CloneLink().HTTPS, Transformers: nil},
-		{Name: "TEMPLATE_HTTPS_URL", Value: templateRepo.CloneLink().HTTPS, Transformers: nil},
-		{Name: "REPO_SSH_URL", Value: generateRepo.CloneLink().SSH, Transformers: nil},
-		{Name: "TEMPLATE_SSH_URL", Value: templateRepo.CloneLink().SSH, Transformers: nil},
+		{Name: "REPO_HTTPS_URL", Value: generateRepo.CloneLinkGeneral(ctx).HTTPS, Transformers: nil},
+		{Name: "TEMPLATE_HTTPS_URL", Value: templateRepo.CloneLinkGeneral(ctx).HTTPS, Transformers: nil},
+		{Name: "REPO_SSH_URL", Value: generateRepo.CloneLinkGeneral(ctx).SSH, Transformers: nil},
+		{Name: "TEMPLATE_SSH_URL", Value: templateRepo.CloneLinkGeneral(ctx).SSH, Transformers: nil},
 	}
 
 	expansionMap := make(map[string]string)
@@ -138,7 +138,7 @@ func readGiteaTemplateFile(tmpDir string) (*GiteaTemplate, error) {
 	return &GiteaTemplate{Path: gtPath, Content: content}, nil
 }
 
-func processGiteaTemplateFile(tmpDir string, templateRepo, generateRepo *repo_model.Repository, giteaTemplateFile *GiteaTemplate) error {
+func processGiteaTemplateFile(ctx context.Context, tmpDir string, templateRepo, generateRepo *repo_model.Repository, giteaTemplateFile *GiteaTemplate) error {
 	if err := util.Remove(giteaTemplateFile.Path); err != nil {
 		return fmt.Errorf("remove .giteatemplate: %w", err)
 	}
@@ -163,12 +163,12 @@ func processGiteaTemplateFile(tmpDir string, templateRepo, generateRepo *repo_mo
 					return err
 				}
 
-				generatedContent := []byte(generateExpansion(string(content), templateRepo, generateRepo, false))
+				generatedContent := []byte(generateExpansion(ctx, string(content), templateRepo, generateRepo, false))
 				if err := os.WriteFile(path, generatedContent, 0o644); err != nil {
 					return err
 				}
 
-				substPath := filepath.FromSlash(filepath.Join(tmpDirSlash, generateExpansion(base, templateRepo, generateRepo, true)))
+				substPath := filepath.FromSlash(filepath.Join(tmpDirSlash, generateExpansion(ctx, base, templateRepo, generateRepo, true)))
 
 				// Create parent subdirectories if needed or continue silently if it exists
 				if err = os.MkdirAll(filepath.Dir(substPath), 0o755); err != nil {
@@ -226,7 +226,7 @@ func generateRepoCommit(ctx context.Context, repo, templateRepo, generateRepo *r
 	}
 
 	if giteaTemplateFile != nil {
-		err = processGiteaTemplateFile(tmpDir, templateRepo, generateRepo, giteaTemplateFile)
+		err = processGiteaTemplateFile(ctx, tmpDir, templateRepo, generateRepo, giteaTemplateFile)
 		if err != nil {
 			return err
 		}
diff --git a/tests/integration/dump_restore_test.go b/tests/integration/dump_restore_test.go
index 47bb6f76e9791..abec8f300c41a 100644
--- a/tests/integration/dump_restore_test.go
+++ b/tests/integration/dump_restore_test.go
@@ -66,7 +66,7 @@ func TestDumpRestore(t *testing.T) {
 			Milestones:     true,
 			Comments:       true,
 			AuthToken:      token,
-			CloneAddr:      repo.CloneLink().HTTPS,
+			CloneAddr:      repo.CloneLinkGeneral(context.Background()).HTTPS,
 			RepoName:       reponame,
 		}
 		err = migrations.DumpRepository(ctx, basePath, repoOwner.Name, opts)
@@ -96,7 +96,7 @@ func TestDumpRestore(t *testing.T) {
 		// Phase 3: dump restored from the Gitea instance to the filesystem
 		//
 		opts.RepoName = newreponame
-		opts.CloneAddr = newrepo.CloneLink().HTTPS
+		opts.CloneAddr = newrepo.CloneLinkGeneral(context.Background()).HTTPS
 		err = migrations.DumpRepository(ctx, basePath, repoOwner.Name, opts)
 		assert.NoError(t, err)
 

From 0d7d2ed39d0c0435cdc6403ee7764850154dca5a Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Tue, 7 Jan 2025 21:42:45 +0900
Subject: [PATCH 40/55] Support the new exit code for `git remote` subcommands
 for git version >=2.30.0 (#33129)

Fix #32889

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 modules/git/remote.go          | 9 +++++++++
 services/mirror/mirror_pull.go | 8 ++++----
 services/repository/migrate.go | 7 +++----
 3 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/modules/git/remote.go b/modules/git/remote.go
index 88d824b52b496..ff8c040eb154e 100644
--- a/modules/git/remote.go
+++ b/modules/git/remote.go
@@ -79,6 +79,15 @@ func (err *ErrInvalidCloneAddr) Unwrap() error {
 	return util.ErrInvalidArgument
 }
 
+// IsRemoteNotExistError checks the prefix of the error message to see whether a remote does not exist.
+func IsRemoteNotExistError(err error) bool {
+	// see: https://github.com/go-gitea/gitea/issues/32889#issuecomment-2571848216
+	// Should not add space in the end, sometimes git will add a `:`
+	prefix1 := "exit status 128 - fatal: No such remote" // git < 2.30
+	prefix2 := "exit status 2 - error: No such remote"   // git >= 2.30
+	return strings.HasPrefix(err.Error(), prefix1) || strings.HasPrefix(err.Error(), prefix2)
+}
+
 // ParseRemoteAddr checks if given remote address is valid,
 // and returns composed URL with needed username and password.
 func ParseRemoteAddr(remoteAddr, authUsername, authPassword string) (string, error) {
diff --git a/services/mirror/mirror_pull.go b/services/mirror/mirror_pull.go
index 400444a26badd..948222a436cc6 100644
--- a/services/mirror/mirror_pull.go
+++ b/services/mirror/mirror_pull.go
@@ -41,13 +41,13 @@ func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error
 	repoPath := m.GetRepository(ctx).RepoPath()
 	// Remove old remote
 	_, _, err = git.NewCommand(ctx, "remote", "rm").AddDynamicArguments(remoteName).RunStdString(&git.RunOpts{Dir: repoPath})
-	if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
+	if err != nil && !git.IsRemoteNotExistError(err) {
 		return err
 	}
 
 	cmd := git.NewCommand(ctx, "remote", "add").AddDynamicArguments(remoteName).AddArguments("--mirror=fetch").AddDynamicArguments(addr)
 	_, _, err = cmd.RunStdString(&git.RunOpts{Dir: repoPath})
-	if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
+	if err != nil && !git.IsRemoteNotExistError(err) {
 		return err
 	}
 
@@ -56,13 +56,13 @@ func UpdateAddress(ctx context.Context, m *repo_model.Mirror, addr string) error
 		wikiRemotePath := repo_module.WikiRemoteURL(ctx, addr)
 		// Remove old remote of wiki
 		_, _, err = git.NewCommand(ctx, "remote", "rm").AddDynamicArguments(remoteName).RunStdString(&git.RunOpts{Dir: wikiPath})
-		if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
+		if err != nil && !git.IsRemoteNotExistError(err) {
 			return err
 		}
 
 		cmd = git.NewCommand(ctx, "remote", "add").AddDynamicArguments(remoteName).AddArguments("--mirror=fetch").AddDynamicArguments(wikiRemotePath)
 		_, _, err = cmd.RunStdString(&git.RunOpts{Dir: wikiPath})
-		if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
+		if err != nil && !git.IsRemoteNotExistError(err) {
 			return err
 		}
 	}
diff --git a/services/repository/migrate.go b/services/repository/migrate.go
index 7fe63eb5ca7c6..6f3a87afa3e6b 100644
--- a/services/repository/migrate.go
+++ b/services/repository/migrate.go
@@ -8,7 +8,6 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
-	"strings"
 	"time"
 
 	"code.gitea.io/gitea/models/db"
@@ -254,10 +253,10 @@ func MigrateRepositoryGitData(ctx context.Context, u *user_model.User,
 func cleanUpMigrateGitConfig(ctx context.Context, repoPath string) error {
 	cmd := git.NewCommand(ctx, "remote", "rm", "origin")
 	// if the origin does not exist
-	_, stderr, err := cmd.RunStdString(&git.RunOpts{
+	_, _, err := cmd.RunStdString(&git.RunOpts{
 		Dir: repoPath,
 	})
-	if err != nil && !strings.HasPrefix(stderr, "fatal: No such remote") {
+	if err != nil && !git.IsRemoteNotExistError(err) {
 		return err
 	}
 	return nil
@@ -276,7 +275,7 @@ func CleanUpMigrateInfo(ctx context.Context, repo *repo_model.Repository) (*repo
 	}
 
 	_, _, err := git.NewCommand(ctx, "remote", "rm", "origin").RunStdString(&git.RunOpts{Dir: repoPath})
-	if err != nil && !strings.HasPrefix(err.Error(), "exit status 128 - fatal: No such remote ") {
+	if err != nil && !git.IsRemoteNotExistError(err) {
 		return repo, fmt.Errorf("CleanUpMigrateInfo: %w", err)
 	}
 

From 32d45ee0696cd8d489f5ee36b5fc43eb2ff9460f Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Wed, 8 Jan 2025 02:58:47 +0900
Subject: [PATCH 41/55] Update status check for all supported
 on.pull_request.types in Gitea (#33117)

Thanks @Zettat123
Follow #33116
Fix #33051

on.pull_request.types doc:

https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request

on.pull_request.types added in this PR:
```
assigned, unassigned, review_requested, review_request_removed, milestoned, demilestoned, labeled, unlabeled
```

unsupported types in Gitea:
```
// Unsupported activity types:
// converted_to_draft, ready_for_review, locked, unlocked, auto_merge_enabled, auto_merge_disabled, enqueued, dequeued
```

TODO:
- [x] add test
---
 models/actions/run.go                     |   2 +-
 modules/webhook/type.go                   |   4 +
 services/actions/commit_status.go         |   8 +-
 tests/integration/actions_trigger_test.go | 244 ++++++++++++++++++++--
 4 files changed, 234 insertions(+), 24 deletions(-)

diff --git a/models/actions/run.go b/models/actions/run.go
index a224a910ab59a..147a8d8b3e29b 100644
--- a/models/actions/run.go
+++ b/models/actions/run.go
@@ -154,7 +154,7 @@ func (run *ActionRun) GetPushEventPayload() (*api.PushPayload, error) {
 }
 
 func (run *ActionRun) GetPullRequestEventPayload() (*api.PullRequestPayload, error) {
-	if run.Event == webhook_module.HookEventPullRequest || run.Event == webhook_module.HookEventPullRequestSync {
+	if run.Event.IsPullRequest() {
 		var payload api.PullRequestPayload
 		if err := json.Unmarshal([]byte(run.EventPayload), &payload); err != nil {
 			return nil, err
diff --git a/modules/webhook/type.go b/modules/webhook/type.go
index fbec8892722b7..aa4de45eb407d 100644
--- a/modules/webhook/type.go
+++ b/modules/webhook/type.go
@@ -69,6 +69,10 @@ func (h HookEventType) Event() string {
 	return ""
 }
 
+func (h HookEventType) IsPullRequest() bool {
+	return h.Event() == "pull_request"
+}
+
 // HookType is the type of a webhook
 type HookType = string
 
diff --git a/services/actions/commit_status.go b/services/actions/commit_status.go
index 7f52c9d31b590..94ab89a3b7d63 100644
--- a/services/actions/commit_status.go
+++ b/services/actions/commit_status.go
@@ -54,7 +54,13 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
 			return fmt.Errorf("head commit is missing in event payload")
 		}
 		sha = payload.HeadCommit.ID
-	case webhook_module.HookEventPullRequest, webhook_module.HookEventPullRequestSync:
+	case // pull_request
+		webhook_module.HookEventPullRequest,
+		webhook_module.HookEventPullRequestSync,
+		webhook_module.HookEventPullRequestAssign,
+		webhook_module.HookEventPullRequestLabel,
+		webhook_module.HookEventPullRequestReviewRequest,
+		webhook_module.HookEventPullRequestMilestone:
 		if run.TriggerEvent == actions_module.GithubEventPullRequestTarget {
 			event = "pull_request_target"
 		} else {
diff --git a/tests/integration/actions_trigger_test.go b/tests/integration/actions_trigger_test.go
index 4718aa7e7352c..f18ad9e85d78c 100644
--- a/tests/integration/actions_trigger_test.go
+++ b/tests/integration/actions_trigger_test.go
@@ -17,17 +17,20 @@ import (
 	issues_model "code.gitea.io/gitea/models/issues"
 	"code.gitea.io/gitea/models/perm"
 	repo_model "code.gitea.io/gitea/models/repo"
-	unit_model "code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
 	actions_module "code.gitea.io/gitea/modules/actions"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/gitrepo"
 	"code.gitea.io/gitea/modules/setting"
+	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/test"
+	"code.gitea.io/gitea/modules/timeutil"
+	issue_service "code.gitea.io/gitea/services/issue"
 	pull_service "code.gitea.io/gitea/services/pull"
 	release_service "code.gitea.io/gitea/services/release"
 	repo_service "code.gitea.io/gitea/services/repository"
+	commitstatus_service "code.gitea.io/gitea/services/repository/commitstatus"
 	files_service "code.gitea.io/gitea/services/repository/files"
 
 	"github.com/stretchr/testify/assert"
@@ -52,13 +55,6 @@ func TestPullRequestTargetEvent(t *testing.T) {
 		assert.NoError(t, err)
 		assert.NotEmpty(t, baseRepo)
 
-		// enable actions
-		err = repo_service.UpdateRepositoryUnits(db.DefaultContext, baseRepo, []repo_model.RepoUnit{{
-			RepoID: baseRepo.ID,
-			Type:   unit_model.TypeActions,
-		}}, nil)
-		assert.NoError(t, err)
-
 		// add user4 as the collaborator
 		ctx := NewAPITestContext(t, baseRepo.OwnerName, baseRepo.Name, auth_model.AccessTokenScopeWriteRepository)
 		t.Run("AddUser4AsCollaboratorWithReadAccess", doAPIAddCollaborator(ctx, "user4", perm.AccessModeRead))
@@ -228,13 +224,6 @@ func TestSkipCI(t *testing.T) {
 		assert.NoError(t, err)
 		assert.NotEmpty(t, repo)
 
-		// enable actions
-		err = repo_service.UpdateRepositoryUnits(db.DefaultContext, repo, []repo_model.RepoUnit{{
-			RepoID: repo.ID,
-			Type:   unit_model.TypeActions,
-		}}, nil)
-		assert.NoError(t, err)
-
 		// add workflow file to the repo
 		addWorkflowToBaseResp, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
 			Files: []*files_service.ChangeRepoFile{
@@ -354,13 +343,6 @@ func TestCreateDeleteRefEvent(t *testing.T) {
 		assert.NoError(t, err)
 		assert.NotEmpty(t, repo)
 
-		// enable actions
-		err = repo_service.UpdateRepositoryUnits(db.DefaultContext, repo, []repo_model.RepoUnit{{
-			RepoID: repo.ID,
-			Type:   unit_model.TypeActions,
-		}}, nil)
-		assert.NoError(t, err)
-
 		// add workflow file to the repo
 		addWorkflowToBaseResp, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
 			Files: []*files_service.ChangeRepoFile{
@@ -451,3 +433,221 @@ func TestCreateDeleteRefEvent(t *testing.T) {
 		assert.NotNil(t, run)
 	})
 }
+
+func TestPullRequestCommitStatusEvent(t *testing.T) {
+	onGiteaRun(t, func(t *testing.T, u *url.URL) {
+		user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) // owner of the repo
+		user4 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 4}) // contributor of the repo
+
+		// create a repo
+		repo, err := repo_service.CreateRepository(db.DefaultContext, user2, user2, repo_service.CreateRepoOptions{
+			Name:          "repo-pull-request",
+			Description:   "test pull-request event",
+			AutoInit:      true,
+			Gitignores:    "Go",
+			License:       "MIT",
+			Readme:        "Default",
+			DefaultBranch: "main",
+			IsPrivate:     false,
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, repo)
+
+		// add user4 as the collaborator
+		ctx := NewAPITestContext(t, repo.OwnerName, repo.Name, auth_model.AccessTokenScopeWriteRepository)
+		t.Run("AddUser4AsCollaboratorWithReadAccess", doAPIAddCollaborator(ctx, "user4", perm.AccessModeRead))
+
+		// add the workflow file to the repo
+		addWorkflow, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			Files: []*files_service.ChangeRepoFile{
+				{
+					Operation:     "create",
+					TreePath:      ".gitea/workflows/pr.yml",
+					ContentReader: strings.NewReader("name: test\non:\n  pull_request:\n    types: [assigned, unassigned, labeled, unlabeled, opened, edited, closed, reopened, synchronize, milestoned, demilestoned, review_requested, review_request_removed]\njobs:\n  test:\n    runs-on: ubuntu-latest\n    steps:\n      - run: echo helloworld\n"),
+				},
+			},
+			Message:   "add workflow",
+			OldBranch: "main",
+			NewBranch: "main",
+			Author: &files_service.IdentityOptions{
+				Name:  user2.Name,
+				Email: user2.Email,
+			},
+			Committer: &files_service.IdentityOptions{
+				Name:  user2.Name,
+				Email: user2.Email,
+			},
+			Dates: &files_service.CommitDateOptions{
+				Author:    time.Now(),
+				Committer: time.Now(),
+			},
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, addWorkflow)
+		sha := addWorkflow.Commit.SHA
+
+		// create a new branch
+		testBranch := "test-branch"
+		gitRepo, err := git.OpenRepository(git.DefaultContext, ".")
+		assert.NoError(t, err)
+		err = repo_service.CreateNewBranch(git.DefaultContext, user2, repo, gitRepo, "main", testBranch)
+		assert.NoError(t, err)
+
+		// create Pull
+		pullIssue := &issues_model.Issue{
+			RepoID:   repo.ID,
+			Title:    "A test PR",
+			PosterID: user2.ID,
+			Poster:   user2,
+			IsPull:   true,
+		}
+		pullRequest := &issues_model.PullRequest{
+			HeadRepoID: repo.ID,
+			BaseRepoID: repo.ID,
+			HeadBranch: testBranch,
+			BaseBranch: "main",
+			HeadRepo:   repo,
+			BaseRepo:   repo,
+			Type:       issues_model.PullRequestGitea,
+		}
+		prOpts := &pull_service.NewPullRequestOptions{Repo: repo, Issue: pullIssue, PullRequest: pullRequest}
+		err = pull_service.NewPullRequest(db.DefaultContext, prOpts)
+		assert.NoError(t, err)
+
+		// opened
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// edited
+		err = issue_service.ChangeContent(db.DefaultContext, pullIssue, user2, "test", 0)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// closed
+		err = issue_service.CloseIssue(db.DefaultContext, pullIssue, user2, "")
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// reopened
+		err = issue_service.ReopenIssue(db.DefaultContext, pullIssue, user2, "")
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// assign
+		removed, _, err := issue_service.ToggleAssigneeWithNotify(db.DefaultContext, pullIssue, user2, user4.ID)
+		assert.False(t, removed)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// unassign
+		removed, _, err = issue_service.ToggleAssigneeWithNotify(db.DefaultContext, pullIssue, user2, user4.ID)
+		assert.True(t, removed)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// labeled
+		label := &issues_model.Label{
+			RepoID:      repo.ID,
+			Name:        "test",
+			Exclusive:   false,
+			Description: "test",
+			Color:       "#e11d21",
+		}
+		err = issues_model.NewLabel(db.DefaultContext, label)
+		assert.NoError(t, err)
+		err = issue_service.AddLabel(db.DefaultContext, pullIssue, user2, label)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// unlabeled
+		err = issue_service.RemoveLabel(db.DefaultContext, pullIssue, user2, label)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// synchronize
+		addFileResp, err := files_service.ChangeRepoFiles(git.DefaultContext, repo, user2, &files_service.ChangeRepoFilesOptions{
+			Files: []*files_service.ChangeRepoFile{
+				{
+					Operation:     "create",
+					TreePath:      "test.txt",
+					ContentReader: strings.NewReader("test"),
+				},
+			},
+			Message:   "add file",
+			OldBranch: testBranch,
+			NewBranch: testBranch,
+			Author: &files_service.IdentityOptions{
+				Name:  user2.Name,
+				Email: user2.Email,
+			},
+			Committer: &files_service.IdentityOptions{
+				Name:  user2.Name,
+				Email: user2.Email,
+			},
+			Dates: &files_service.CommitDateOptions{
+				Author:    time.Now(),
+				Committer: time.Now(),
+			},
+		})
+		assert.NoError(t, err)
+		assert.NotEmpty(t, addFileResp)
+		sha = addFileResp.Commit.SHA
+		assert.Eventually(t, func() bool {
+			latestCommitStatuses, _, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
+			assert.NoError(t, err)
+			if len(latestCommitStatuses) == 0 {
+				return false
+			}
+			if latestCommitStatuses[0].State == api.CommitStatusPending {
+				insertFakeStatus(t, repo, sha, latestCommitStatuses[0].TargetURL, latestCommitStatuses[0].Context)
+				return true
+			}
+			return false
+		}, 1*time.Second, 100*time.Millisecond)
+
+		// milestoned
+		milestone := &issues_model.Milestone{
+			RepoID:       repo.ID,
+			Name:         "test",
+			Content:      "test",
+			DeadlineUnix: timeutil.TimeStampNow(),
+		}
+		err = issues_model.NewMilestone(db.DefaultContext, milestone)
+		assert.NoError(t, err)
+		err = issue_service.ChangeMilestoneAssign(db.DefaultContext, pullIssue, user2, milestone.ID)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// demilestoned
+		err = issue_service.ChangeMilestoneAssign(db.DefaultContext, pullIssue, user2, milestone.ID)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// review_requested
+		_, err = issue_service.ReviewRequest(db.DefaultContext, pullIssue, user2, nil, user4, true)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+
+		// review_request_removed
+		_, err = issue_service.ReviewRequest(db.DefaultContext, pullIssue, user2, nil, user4, false)
+		assert.NoError(t, err)
+		checkCommitStatusAndInsertFakeStatus(t, repo, sha)
+	})
+}
+
+func checkCommitStatusAndInsertFakeStatus(t *testing.T, repo *repo_model.Repository, sha string) {
+	latestCommitStatuses, _, err := git_model.GetLatestCommitStatus(db.DefaultContext, repo.ID, sha, db.ListOptionsAll)
+	assert.NoError(t, err)
+	assert.Len(t, latestCommitStatuses, 1)
+	assert.Equal(t, api.CommitStatusPending, latestCommitStatuses[0].State)
+
+	insertFakeStatus(t, repo, sha, latestCommitStatuses[0].TargetURL, latestCommitStatuses[0].Context)
+}
+
+func insertFakeStatus(t *testing.T, repo *repo_model.Repository, sha, targetURL, context string) {
+	err := commitstatus_service.CreateCommitStatus(db.DefaultContext, repo, user_model.NewActionsUser(), sha, &git_model.CommitStatus{
+		State:     api.CommitStatusSuccess,
+		TargetURL: targetURL,
+		Context:   context,
+	})
+	assert.NoError(t, err)
+}

From ec84687df9253dc693f2da1d23f0fef8f392e07b Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Wed, 8 Jan 2025 00:32:07 +0000
Subject: [PATCH 42/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_ko-KR.ini | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/options/locale/locale_ko-KR.ini b/options/locale/locale_ko-KR.ini
index 4ce66282b22c9..5485a53c811cd 100644
--- a/options/locale/locale_ko-KR.ini
+++ b/options/locale/locale_ko-KR.ini
@@ -111,7 +111,7 @@ license=오픈 소스
 [install]
 install=설치
 title=초기 설정
-docker_helper="Gitea를 Docker에서 실행하려면 설정 전에 이 <a target=\"_blank\" rel=\"noopener noreferrer\" href=\"%s\">문서</a>를 읽어보세요."
+docker_helper=Gitea를 Docker에서 실행하려면 설정 전에 이 <a target="_blank" rel="noopener noreferrer" href="%s">문서</a>를 읽어보세요.
 db_title=데이터베이스 설정
 db_type=데이터베이스 유형
 host=호스트
@@ -436,8 +436,8 @@ manage_gpg_keys=GPG 키 관리
 add_key=키 추가
 ssh_desc=이러한 SSH 공용 키는 귀하의 계정과 연결되어 있습니다. 해당 개인 키는 당신의 저장소에 대한 전체 액세스를 가능하게 합니다.
 gpg_desc=이러한 GPG 공개키는 당신의 계정과 연결되어있습니다. 커밋이 검증될 수 있도록 당신의 개인 키를 안전하게 유지하십시오.
-ssh_helper="<strong>도움이 필요하세요?</strong> GitHub의 설명서를 참조하시기 바랍니다: <a href=\"%s\">SSH 키 생성하기</a> 또는 SSH를 사용할 때 <a href=\"%s\">일반적인 문제</a>"
-gpg_helper="<strong>도움이 필요하세요?</strong> GitHub의 설명서를 참조하시기 바랍니다: <a href=\"%s\">GPG키에 대하여</a>."
+ssh_helper=<strong>도움이 필요하세요?</strong> GitHub의 설명서를 참조하시기 바랍니다: <a href="%s">SSH 키 생성하기</a> 또는 SSH를 사용할 때 <a href="%s">일반적인 문제</a>
+gpg_helper=<strong>도움이 필요하세요?</strong> GitHub의 설명서를 참조하시기 바랍니다: <a href="%s">GPG키에 대하여</a>.
 add_new_key=SSH 키 추가
 add_new_gpg_key=GPG 키 추가
 gpg_key_id_used=같은 ID의 GPG 공개키가 이미 존재합니다.
@@ -538,7 +538,7 @@ template_helper=템플릿으로 저장소 만들기
 visibility=가시성
 visibility_helper_forced=사이트 관리자가 새 레포지토리에 대해 비공개로만 생성되도록 하였습니다.
 visibility_fork_helper=(변경사항을 적용하는 경우 모든 포크가 영향을 받게 됩니다.)
-clone_helper="클론하는데에 도움이 필요하면 <a target=\"_blank\" href=\"%s\">Help</a>에 방문하세요."
+clone_helper=클론하는데에 도움이 필요하면 <a target="_blank" href="%s">Help</a>에 방문하세요.
 fork_repo=저장소 포크
 fork_from=원본 프로젝트 :
 fork_visibility_helper=포크된 저장소의 가시성은 변경하실 수 없습니다.
@@ -640,7 +640,7 @@ editor.or=혹은
 editor.cancel_lower=취소
 editor.commit_changes=변경 내용을 커밋
 editor.commit_message_desc=선택적 확장 설명을 추가...
-editor.commit_directly_to_this_branch="<strong class=\"branch-name\">%s</strong> 브랜치에서 직접 커밋해주세요."
+editor.commit_directly_to_this_branch=<strong class="branch-name">%s</strong> 브랜치에서 직접 커밋해주세요.
 editor.create_new_branch=이 커밋에 대한 <strong>새로운 브랜치</strong>를 만들고 끌어오기 요청을 시작합니다.
 editor.new_branch_name_desc=새로운 브랜치 명...
 editor.cancel=취소
@@ -667,7 +667,7 @@ ext_issues.desc=외부 이슈 트래커 연결.
 projects.description_placeholder=설명
 projects.title=제목
 projects.new=새 프로젝트
-projects.template.desc="템플릿"
+projects.template.desc=템플릿
 projects.column.edit_title=이름
 projects.column.new_title=이름
 
@@ -731,7 +731,7 @@ issues.action_milestone=마일스톤
 issues.action_milestone_no_select=마일스톤 없음
 issues.action_assignee=담당자
 issues.action_assignee_no_select=담당자 없음
-issues.opened_by="<a href=\"%[2]s\"> %[3]s</a>가 %[1]s을 오픈"
+issues.opened_by=<a href="%[2]s"> %[3]s</a>가 %[1]s을 오픈
 issues.previous=이전
 issues.next=다음
 issues.open_title=오픈
@@ -747,7 +747,7 @@ issues.create_comment=코멘트
 issues.commit_ref_at=` 커밋 <a id="%[1]s" href="#%[1]s">%[2]s</a>에서 이 이슈 언급`
 issues.role.owner=소유자
 issues.role.member=멤버
-issues.sign_in_require_desc="<a href=\"%s\">로그인</a>하여 이 대화에 참여"
+issues.sign_in_require_desc=<a href="%s">로그인</a>하여 이 대화에 참여
 issues.edit=수정
 issues.cancel=취소
 issues.save=저장
@@ -780,9 +780,9 @@ issues.time_spent_total=총 경과된 시간
 issues.time_spent_from_all_authors=`총 경과된 시간: %s`
 
 issues.due_date=마감일
-issues.invalid_due_date_format="마감일은 반드시 'yyyy-mm-dd' 형식이어야 합니다."
-issues.error_modifying_due_date="마감일 수정을 실패하였습니다."
-issues.error_removing_due_date="마감일 삭제를 실패하였습니다."
+issues.invalid_due_date_format=마감일은 반드시 'yyyy-mm-dd' 형식이어야 합니다.
+issues.error_modifying_due_date=마감일 수정을 실패하였습니다.
+issues.error_removing_due_date=마감일 삭제를 실패하였습니다.
 issues.due_date_form=yyyy-mm-dd
 issues.due_date_form_add=마감일 추가
 issues.due_date_form_edit=편집
@@ -790,8 +790,8 @@ issues.due_date_form_remove=삭제
 issues.due_date_not_set=마감일이 설정되지 않았습니다.
 issues.due_date_added=마감일 %s 를 추가 %s
 issues.due_date_remove=%s %s 마감일이 삭제되었습니다.
-issues.due_date_overdue="기한 초과"
-issues.due_date_invalid="기한이 올바르지 않거나 범위를 벗어났습니다. 'yyyy-mm-dd'형식을 사용해주십시오."
+issues.due_date_overdue=기한 초과
+issues.due_date_invalid=기한이 올바르지 않거나 범위를 벗어났습니다. 'yyyy-mm-dd'형식을 사용해주십시오.
 issues.dependency.title=의존성
 issues.dependency.add=의존성 추가...
 issues.dependency.cancel=취소
@@ -809,7 +809,7 @@ issues.dependency.add_error_dep_exists=의존성이 이미 존재합니다.
 issues.dependency.add_error_dep_not_same_repo=두 이슈는 같은 레포지토리 안에 있어야 합니다.
 issues.review.self.approval=자신의 풀 리퀘스트를 승인할 수 없습니다.
 issues.review.self.rejection=자신의 풀 리퀘스트에 대한 변경을 요청할 수 없습니다.
-issues.review.approve="이 변경사항을 승인하였습니다. %s"
+issues.review.approve=이 변경사항을 승인하였습니다. %s
 issues.review.pending=보류
 issues.review.review=검토
 issues.review.reviewers=리뷰어
@@ -824,7 +824,7 @@ pulls.compare_base=병합하기
 pulls.compare_compare=다음으로부터 풀
 pulls.filter_branch=Filter Branch
 pulls.create=풀 리퀘스트 생성
-pulls.title_desc="<code>%[2]s</code> 에서 <code id=\"branch_target\">%[3]s</code> 로 %[1]d commits 를 머지하려 합니다"
+pulls.title_desc=<code>%[2]s</code> 에서 <code id="branch_target">%[3]s</code> 로 %[1]d commits 를 머지하려 합니다
 pulls.merged_title_desc=<code>%[2]s</code> 에서 <code>%[3]s</code> 로 %[1]d commits 를 머지했습니다 %[4]s
 pulls.tab_conversation=대화
 pulls.tab_commits=커밋
@@ -855,7 +855,7 @@ milestones.title=타이틀
 milestones.desc=설명
 milestones.due_date=기한 (선택 사항)
 milestones.clear=지우기
-milestones.invalid_due_date_format="마감일은 반드시 'yyyy-mm-dd' 형식이어야 합니다."
+milestones.invalid_due_date_format=마감일은 반드시 'yyyy-mm-dd' 형식이어야 합니다.
 milestones.edit=마일스톤 편집
 milestones.cancel=취소
 milestones.modify=마일스톤 갱신

From a8e7caedfa062cd8ea34f722806b3f162d24e939 Mon Sep 17 00:00:00 2001
From: Rowan Bohde <rowan.bohde@gmail.com>
Date: Tue, 7 Jan 2025 19:38:30 -0600
Subject: [PATCH 43/55] add submodule diff links (#33097)

This adds links to submodules in diffs, similar to the existing link
when viewing a repo at a specific commit. It does this by expanding diff
parsing to recognize changes to submodules, and find the specific refs
that are added, deleted or changed.

Related #25888

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 assets/go-licenses.json                    |  12 +-
 go.mod                                     |  25 +--
 go.sum                                     |  70 +++---
 models/repo/repo.go                        |  54 +----
 models/repo/repo_test.go                   |  77 -------
 modules/git/commit_info.go                 |   2 +-
 modules/git/commit_info_gogit.go           |   4 +-
 modules/git/commit_info_nogogit.go         |   4 +-
 modules/git/commit_submodule.go            |   4 +
 modules/git/commit_submodule_file.go       | 131 ++++--------
 modules/git/commit_submodule_file_test.go  |  50 ++---
 modules/git/url/url.go                     |  89 ++++++++
 modules/git/url/url_test.go                | 101 +++++++++
 modules/repository/branch.go               |   4 +
 options/locale/locale_en-US.ini            |   3 +
 routers/web/repo/view.go                   |   1 -
 services/gitdiff/gitdiff.go                |  32 ++-
 services/gitdiff/submodule.go              |  65 ++++++
 services/gitdiff/submodule_test.go         | 236 +++++++++++++++++++++
 templates/repo/diff/box.tmpl               |  45 ++--
 templates/repo/view_list.tmpl              |  10 +-
 web_src/js/components/DiffFileTreeItem.vue |  10 +-
 web_src/js/svg.ts                          |   2 +
 23 files changed, 690 insertions(+), 341 deletions(-)
 create mode 100644 services/gitdiff/submodule.go
 create mode 100644 services/gitdiff/submodule_test.go

diff --git a/assets/go-licenses.json b/assets/go-licenses.json
index 8c155ceadb1a0..60e39b6694d02 100644
--- a/assets/go-licenses.json
+++ b/assets/go-licenses.json
@@ -874,6 +874,11 @@
     "path": "github.com/mitchellh/mapstructure/LICENSE",
     "licenseText": "The MIT License (MIT)\n\nCopyright (c) 2013 Mitchell Hashimoto\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in\nall copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE.\n"
   },
+  {
+    "name": "github.com/mmcloughlin/avo",
+    "path": "github.com/mmcloughlin/avo/LICENSE",
+    "licenseText": "BSD 3-Clause License\n\nCopyright (c) 2018, Michael McLoughlin\nAll rights reserved.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are met:\n\n* Redistributions of source code must retain the above copyright notice, this\n  list of conditions and the following disclaimer.\n\n* Redistributions in binary form must reproduce the above copyright notice,\n  this list of conditions and the following disclaimer in the documentation\n  and/or other materials provided with the distribution.\n\n* Neither the name of the copyright holder nor the names of its\n  contributors may be used to endorse or promote products derived from\n  this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\nAND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\nIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE\nFOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\nDAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\nSERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\nCAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\nOR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
+  },
   {
     "name": "github.com/modern-go/concurrent",
     "path": "github.com/modern-go/concurrent/LICENSE",
@@ -937,7 +942,7 @@
   {
     "name": "github.com/pjbgf/sha1cd",
     "path": "github.com/pjbgf/sha1cd/LICENSE",
-    "licenseText": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright [yyyy] [name of copyright owner]\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
+    "licenseText": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"[]\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright 2023 pjbgf\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
   },
   {
     "name": "github.com/pkg/errors",
@@ -1194,6 +1199,11 @@
     "path": "golang.org/x/time/rate/LICENSE",
     "licenseText": "Copyright 2009 The Go Authors.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\nnotice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\ncopyright notice, this list of conditions and the following disclaimer\nin the documentation and/or other materials provided with the\ndistribution.\n   * Neither the name of Google LLC nor the names of its\ncontributors may be used to endorse or promote products derived from\nthis software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
   },
+  {
+    "name": "golang.org/x/tools",
+    "path": "golang.org/x/tools/LICENSE",
+    "licenseText": "Copyright 2009 The Go Authors.\n\nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions are\nmet:\n\n   * Redistributions of source code must retain the above copyright\nnotice, this list of conditions and the following disclaimer.\n   * Redistributions in binary form must reproduce the above\ncopyright notice, this list of conditions and the following disclaimer\nin the documentation and/or other materials provided with the\ndistribution.\n   * Neither the name of Google LLC nor the names of its\ncontributors may be used to endorse or promote products derived from\nthis software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\nLIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\nA PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\nOWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\nSPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\nLIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\nDATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\nTHEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\nOF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
+  },
   {
     "name": "google.golang.org/genproto/googleapis/rpc/status",
     "path": "google.golang.org/genproto/googleapis/rpc/status/LICENSE",
diff --git a/go.mod b/go.mod
index 084b2946091f1..0ed4961280f96 100644
--- a/go.mod
+++ b/go.mod
@@ -24,7 +24,7 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0
 	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.4.1
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358
-	github.com/ProtonMail/go-crypto v1.0.0
+	github.com/ProtonMail/go-crypto v1.1.4
 	github.com/PuerkitoBio/goquery v1.10.0
 	github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3
 	github.com/alecthomas/chroma/v2 v2.14.0
@@ -54,8 +54,8 @@ require (
 	github.com/go-chi/cors v1.2.1
 	github.com/go-co-op/gocron v1.37.0
 	github.com/go-enry/go-enry/v2 v2.9.1
-	github.com/go-git/go-billy/v5 v5.6.0
-	github.com/go-git/go-git/v5 v5.12.0
+	github.com/go-git/go-billy/v5 v5.6.1
+	github.com/go-git/go-git/v5 v5.13.1
 	github.com/go-ldap/ldap/v3 v3.4.8
 	github.com/go-redsync/redsync/v4 v4.13.0
 	github.com/go-sql-driver/mysql v1.8.1
@@ -106,7 +106,7 @@ require (
 	github.com/sassoftware/go-rpmutils v0.4.0
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3
 	github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92
-	github.com/stretchr/testify v1.9.0
+	github.com/stretchr/testify v1.10.0
 	github.com/syndtr/goleveldb v1.0.0
 	github.com/tstranex/u2f v1.0.0
 	github.com/ulikunitz/xz v0.5.12
@@ -118,14 +118,14 @@ require (
 	github.com/yuin/goldmark v1.7.8
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
 	github.com/yuin/goldmark-meta v1.1.0
-	golang.org/x/crypto v0.31.0
+	golang.org/x/crypto v0.32.0
 	golang.org/x/image v0.21.0
-	golang.org/x/net v0.33.0
+	golang.org/x/net v0.34.0
 	golang.org/x/oauth2 v0.23.0
 	golang.org/x/sync v0.10.0
-	golang.org/x/sys v0.28.0
+	golang.org/x/sys v0.29.0
 	golang.org/x/text v0.21.0
-	golang.org/x/tools v0.26.0
+	golang.org/x/tools v0.29.0
 	google.golang.org/grpc v1.67.1
 	google.golang.org/protobuf v1.35.1
 	gopkg.in/ini.v1 v1.67.0
@@ -186,7 +186,7 @@ require (
 	github.com/couchbase/gomemcached v0.3.2 // indirect
 	github.com/couchbase/goutils v0.1.2 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
-	github.com/cyphar/filepath-securejoin v0.3.4 // indirect
+	github.com/cyphar/filepath-securejoin v0.3.6 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/davidmz/go-pageant v1.0.2 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
@@ -219,7 +219,7 @@ require (
 	github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
 	github.com/golang-sql/sqlexp v0.1.0 // indirect
 	github.com/golang/geo v0.0.0-20230421003525-6adc56603217 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/btree v1.1.3 // indirect
@@ -253,6 +253,7 @@ require (
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
+	github.com/mmcloughlin/avo v0.6.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mrjones/oauth v0.0.0-20190623134757-126b35219450 // indirect
@@ -264,7 +265,7 @@ require (
 	github.com/onsi/ginkgo v1.16.5 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
 	github.com/pierrec/lz4/v4 v4.1.21 // indirect
-	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pjbgf/sha1cd v0.3.1 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
 	github.com/prometheus/common v0.60.1 // indirect
@@ -304,7 +305,7 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect
-	golang.org/x/mod v0.21.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
 	golang.org/x/time v0.7.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
diff --git a/go.sum b/go.sum
index 40add64289dce..7c7dd0ea244c6 100644
--- a/go.sum
+++ b/go.sum
@@ -71,8 +71,8 @@ github.com/Masterminds/sprig/v3 v3.3.0/go.mod h1:Zy1iXRYNqNLUolqCpL4uhk6SHUMAOSC
 github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
 github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
 github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
-github.com/ProtonMail/go-crypto v1.0.0 h1:LRuvITjQWX+WIfr930YHG2HNfjR1uOfyf5vE0kC2U78=
-github.com/ProtonMail/go-crypto v1.0.0/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0=
+github.com/ProtonMail/go-crypto v1.1.4 h1:G5U5asvD5N/6/36oIw3k2bOfBn5XVcZrb7PBjzzKKoE=
+github.com/ProtonMail/go-crypto v1.1.4/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
 github.com/PuerkitoBio/goquery v1.10.0 h1:6fiXdLuUvYs2OJSvNRqlNPoBm6YABE226xrbavY5Wv4=
 github.com/PuerkitoBio/goquery v1.10.0/go.mod h1:TjZZl68Q3eGHNBA8CWaxAN7rOU1EbDz3CWuolcO5Yu4=
 github.com/RoaringBitmap/roaring v0.4.23/go.mod h1:D0gp8kJQgE1A4LQ5wFLggQEyvDi06Mq5mKs52e1TwOo=
@@ -188,7 +188,6 @@ github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
 github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
 github.com/buildkite/terminal-to-html/v3 v3.16.3 h1:IGuJjboHjuMLWOGsKZKNxbbn41emOLiHzXPmQZk31fk=
 github.com/buildkite/terminal-to-html/v3 v3.16.3/go.mod h1:r/J7cC9c3EzBzP3/wDz0RJLPwv5PUAMp+KF2w+ntMc0=
-github.com/bwesterb/go-ristretto v1.2.3/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
 github.com/caddyserver/certmagic v0.21.4 h1:e7VobB8rffHv8ZZpSiZtEwnLDHUwLVYLWzWSa1FfKI0=
 github.com/caddyserver/certmagic v0.21.4/go.mod h1:swUXjQ1T9ZtMv95qj7/InJvWLXURU85r+CfG0T+ZbDE=
 github.com/caddyserver/zerossl v0.1.3 h1:onS+pxp3M8HnHpN5MMbOMyNjmTheJyWRaZYwn+YTAyA=
@@ -205,7 +204,6 @@ github.com/chromedp/sysutil v1.0.0/go.mod h1:kgWmDdq8fTzXYcKIBqIYvRRTnYb9aNS9moA
 github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ=
 github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk=
 github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8=
-github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
 github.com/cloudflare/circl v1.5.0 h1:hxIWksrX6XN5a1L2TI/h53AGPhNHoUBo+TD1ms9+pys=
 github.com/cloudflare/circl v1.5.0/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
@@ -223,8 +221,8 @@ github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwc
 github.com/cpuguy83/go-md2man/v2 v2.0.5 h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
 github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
-github.com/cyphar/filepath-securejoin v0.3.4 h1:VBWugsJh2ZxJmLFSM06/0qzQyiQX2Qs0ViKrUAcqdZ8=
-github.com/cyphar/filepath-securejoin v0.3.4/go.mod h1:8s/MCNJREmFK0H02MF6Ihv1nakJe4L/w3WZLHNkvlYM=
+github.com/cyphar/filepath-securejoin v0.3.6 h1:4d9N5ykBnSp5Xn2JkhocYDkOpURL/18CYMpo6xB9uWM=
+github.com/cyphar/filepath-securejoin v0.3.6/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -254,8 +252,8 @@ github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72/go.mod h1:11Gm+ccJ
 github.com/editorconfig/editorconfig-core-go/v2 v2.6.2 h1:dKG8sc7n321deIVRcQtwlMNoBEra7j0qQ8RwxO8RN0w=
 github.com/editorconfig/editorconfig-core-go/v2 v2.6.2/go.mod h1:7dvD3GCm7eBw53xZ/lsiq72LqobdMg3ITbMBxnmJmqY=
 github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
-github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a h1:mATvB/9r/3gvcejNsXKSkQ6lcIaNec2nyfOdlTBR2lU=
-github.com/elazarl/goproxy v0.0.0-20230808193330-2592e75ae04a/go.mod h1:Ro8st/ElPeALwNFlcTpWmkr6IoMFfkjXAvTHpevnDsM=
+github.com/elazarl/goproxy v1.2.3 h1:xwIyKHbaP5yfT6O9KIeYJR5549MXRQkoQMRXGztz8YQ=
+github.com/elazarl/goproxy v1.2.3/go.mod h1:YfEbZtqP4AetfO6d40vWchF3znWX7C7Vd6ZMfdL8z64=
 github.com/emersion/go-imap v1.2.1 h1:+s9ZjMEjOB8NzZMVTM3cCenz2JrQIGGo5j1df19WjTA=
 github.com/emersion/go-imap v1.2.1/go.mod h1:Qlx1FSx2FTxjnjWpIlVNEuX+ylerZQNFE5NsmKFSejY=
 github.com/emersion/go-message v0.15.0/go.mod h1:wQUEfE+38+7EW8p8aZ96ptg6bAb1iwdgej19uXASlE4=
@@ -313,12 +311,12 @@ github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e h1:oRq/fiirun5Hql
 github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e/go.mod h1:RCMrTZvN1bJYtofsG4rd5NaO5obxQ5xBkdiS7xsT7bM=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
 github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
-github.com/go-git/go-billy/v5 v5.6.0 h1:w2hPNtoehvJIxR00Vb4xX94qHQi/ApZfX+nBE2Cjio8=
-github.com/go-git/go-billy/v5 v5.6.0/go.mod h1:sFDq7xD3fn3E0GOwUSZqHo9lrkmx8xJhA0ZrfvjBRGM=
+github.com/go-git/go-billy/v5 v5.6.1 h1:u+dcrgaguSSkbjzHwelEjc0Yj300NUevrrPphk/SoRA=
+github.com/go-git/go-billy/v5 v5.6.1/go.mod h1:0AsLr1z2+Uksi4NlElmMblP5rPcDZNRCD8ujZCRR2BE=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
 github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
-github.com/go-git/go-git/v5 v5.12.0 h1:7Md+ndsjrzZxbddRDZjF14qK+NN56sy6wkqaVrjZtys=
-github.com/go-git/go-git/v5 v5.12.0/go.mod h1:FTM9VKtnI2m65hNI/TenDDDnUf2Q9FHnXYjuz9i5OEY=
+github.com/go-git/go-git/v5 v5.13.1 h1:DAQ9APonnlvSWpvolXWIuV6Q6zXy2wHbN4cVlNR5Q+M=
+github.com/go-git/go-git/v5 v5.13.1/go.mod h1:qryJB4cSBoq3FRoBRf5A77joojuBcmPJ0qu3XXXVixc=
 github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A=
 github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8=
 github.com/go-ldap/ldap/v3 v3.4.8 h1:loKJyspcRezt2Q3ZRMq2p/0v8iOurlmeXDPw6fikSvQ=
@@ -385,8 +383,8 @@ github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei
 github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI=
 github.com/golang/geo v0.0.0-20230421003525-6adc56603217 h1:HKlyj6in2JV6wVkmQ4XmG/EIm+SCYlPZ+V4GWit7Z+I=
 github.com/golang/geo v0.0.0-20230421003525-6adc56603217/go.mod h1:8wI0hitZ3a1IxZfeH3/5I97CI8i5cLGsYe7xNhQGs9U=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
+github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
@@ -581,6 +579,8 @@ github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyua
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
 github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
+github.com/mmcloughlin/avo v0.6.0 h1:QH6FU8SKoTLaVs80GA8TJuLNkUYl4VokHKlPhVDg4YY=
+github.com/mmcloughlin/avo v0.6.0/go.mod h1:8CoAGaCSYXtCPR+8y18Y9aB/kxb8JSS6FRI7mSkvD+8=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -631,8 +631,8 @@ github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG
 github.com/pierrec/lz4/v4 v4.1.2/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
 github.com/pierrec/lz4/v4 v4.1.21 h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=
 github.com/pierrec/lz4/v4 v4.1.21/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
-github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
-github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI=
+github.com/pjbgf/sha1cd v0.3.1 h1:Dh2GYdpJnO84lIw0LJwTFXjcNbasP/bklicSznyAaPI=
+github.com/pjbgf/sha1cd v0.3.1/go.mod h1:Y8t7jSB/dEI/lQE04A1HVKteqjj9bX5O4+Cex0TCu8s=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
 github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
@@ -737,8 +737,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/stvp/tempredis v0.0.0-20181119212430-b82af8480203 h1:QVqDTf3h2WHt08YuiTGPZLls0Wq99X9bWd0Q5ZSBesM=
 github.com/stvp/tempredis v0.0.0-20181119212430-b82af8480203/go.mod h1:oqN97ltKNihBbwlX8dLpwxCl3+HnXKV/R0e+sRLd9C8=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
@@ -823,16 +823,14 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
-golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
 golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
-golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
 golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
+golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY=
 golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8=
 golang.org/x/image v0.21.0 h1:c5qV36ajHpdj4Qi0GnE0jUc/yuo33OLFaa0d+crTD5s=
@@ -846,8 +844,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
-golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
+golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4=
+golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -859,18 +857,16 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
-golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
 golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -910,8 +906,6 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -921,14 +915,12 @@ golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
-golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
 golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
 golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
@@ -936,15 +928,13 @@ golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
 golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M=
-golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
-golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
+golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
+golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
@@ -964,8 +954,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
 golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
 golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
-golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
+golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE=
+golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/models/repo/repo.go b/models/repo/repo.go
index 4432fef810211..fb8a6642f500b 100644
--- a/models/repo/repo.go
+++ b/models/repo/repo.go
@@ -784,60 +784,10 @@ func GetRepositoryByName(ctx context.Context, ownerID int64, name string) (*Repo
 	return &repo, err
 }
 
-func parseRepositoryURL(ctx context.Context, repoURL string) (ret struct {
-	OwnerName, RepoName, RemainingPath string
-},
-) {
-	// possible urls for git:
-	//  https://my.domain/sub-path/<owner>/<repo>[.git]
-	//  git+ssh://user@my.domain/<owner>/<repo>[.git]
-	//  ssh://user@my.domain/<owner>/<repo>[.git]
-	//  user@my.domain:<owner>/<repo>[.git]
-
-	fillPathParts := func(s string) {
-		s = strings.TrimPrefix(s, "/")
-		fields := strings.SplitN(s, "/", 3)
-		if len(fields) >= 2 {
-			ret.OwnerName = fields[0]
-			ret.RepoName = strings.TrimSuffix(fields[1], ".git")
-			if len(fields) == 3 {
-				ret.RemainingPath = "/" + fields[2]
-			}
-		}
-	}
-
-	parsed, err := giturl.ParseGitURL(repoURL)
-	if err != nil {
-		return ret
-	}
-	if parsed.URL.Scheme == "http" || parsed.URL.Scheme == "https" {
-		if !httplib.IsCurrentGiteaSiteURL(ctx, repoURL) {
-			return ret
-		}
-		fillPathParts(strings.TrimPrefix(parsed.URL.Path, setting.AppSubURL))
-	} else if parsed.URL.Scheme == "ssh" || parsed.URL.Scheme == "git+ssh" {
-		domainSSH := setting.SSH.Domain
-		domainCur := httplib.GuessCurrentHostDomain(ctx)
-		urlDomain, _, _ := net.SplitHostPort(parsed.URL.Host)
-		urlDomain = util.IfZero(urlDomain, parsed.URL.Host)
-		if urlDomain == "" {
-			return ret
-		}
-		// check whether URL domain is the App domain
-		domainMatches := domainSSH == urlDomain
-		// check whether URL domain is current domain from context
-		domainMatches = domainMatches || (domainCur != "" && domainCur == urlDomain)
-		if domainMatches {
-			fillPathParts(parsed.URL.Path)
-		}
-	}
-	return ret
-}
-
 // GetRepositoryByURL returns the repository by given url
 func GetRepositoryByURL(ctx context.Context, repoURL string) (*Repository, error) {
-	ret := parseRepositoryURL(ctx, repoURL)
-	if ret.OwnerName == "" {
+	ret, err := giturl.ParseRepositoryURL(ctx, repoURL)
+	if err != nil || ret.OwnerName == "" {
 		return nil, fmt.Errorf("unknown or malformed repository URL")
 	}
 	return GetRepositoryByOwnerAndName(ctx, ret.OwnerName, ret.RepoName)
diff --git a/models/repo/repo_test.go b/models/repo/repo_test.go
index ffae642285d30..a9e2cdfb757e9 100644
--- a/models/repo/repo_test.go
+++ b/models/repo/repo_test.go
@@ -4,16 +4,12 @@
 package repo
 
 import (
-	"context"
-	"net/http"
-	"net/url"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/models/unittest"
 	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/optional"
 	"code.gitea.io/gitea/modules/setting"
@@ -132,79 +128,6 @@ func TestMetas(t *testing.T) {
 	assert.Equal(t, ",owners,team1,", metas["teams"])
 }
 
-func TestParseRepositoryURLPathSegments(t *testing.T) {
-	defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000")()
-
-	ctxURL, _ := url.Parse("https://gitea")
-	ctxReq := &http.Request{URL: ctxURL, Header: http.Header{}}
-	ctxReq.Host = ctxURL.Host
-	ctxReq.Header.Add("X-Forwarded-Proto", ctxURL.Scheme)
-	ctx := context.WithValue(context.Background(), httplib.RequestContextKey, ctxReq)
-	cases := []struct {
-		input                          string
-		ownerName, repoName, remaining string
-	}{
-		{input: "/user/repo"},
-
-		{input: "https://localhost:3000/user/repo", ownerName: "user", repoName: "repo"},
-		{input: "https://external:3000/user/repo"},
-
-		{input: "https://localhost:3000/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
-
-		{input: "https://gitea/user/repo", ownerName: "user", repoName: "repo"},
-		{input: "https://gitea:3333/user/repo"},
-
-		{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
-		{input: "ssh://external:2222/user/repo"},
-
-		{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
-		{input: "git+ssh://user@external/user/repo.git"},
-
-		{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
-		{input: "root@gitea:user/repo.git", ownerName: "user", repoName: "repo"},
-		{input: "root@external:user/repo.git"},
-	}
-
-	for _, c := range cases {
-		t.Run(c.input, func(t *testing.T) {
-			ret := parseRepositoryURL(ctx, c.input)
-			assert.Equal(t, c.ownerName, ret.OwnerName)
-			assert.Equal(t, c.repoName, ret.RepoName)
-			assert.Equal(t, c.remaining, ret.RemainingPath)
-		})
-	}
-
-	t.Run("WithSubpath", func(t *testing.T) {
-		defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000/subpath")()
-		defer test.MockVariableValue(&setting.AppSubURL, "/subpath")()
-		cases = []struct {
-			input                          string
-			ownerName, repoName, remaining string
-		}{
-			{input: "https://localhost:3000/user/repo"},
-			{input: "https://localhost:3000/subpath/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
-
-			{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
-			{input: "ssh://external:2222/user/repo"},
-
-			{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
-			{input: "git+ssh://user@external/user/repo.git"},
-
-			{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
-			{input: "root@external:user/repo.git"},
-		}
-
-		for _, c := range cases {
-			t.Run(c.input, func(t *testing.T) {
-				ret := parseRepositoryURL(ctx, c.input)
-				assert.Equal(t, c.ownerName, ret.OwnerName)
-				assert.Equal(t, c.repoName, ret.RepoName)
-				assert.Equal(t, c.remaining, ret.RemainingPath)
-			})
-		}
-	})
-}
-
 func TestGetRepositoryByURL(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 
diff --git a/modules/git/commit_info.go b/modules/git/commit_info.go
index 545081275b7a7..c046acbb508c9 100644
--- a/modules/git/commit_info.go
+++ b/modules/git/commit_info.go
@@ -7,5 +7,5 @@ package git
 type CommitInfo struct {
 	Entry         *TreeEntry
 	Commit        *Commit
-	SubModuleFile *CommitSubModuleFile
+	SubmoduleFile *CommitSubmoduleFile
 }
diff --git a/modules/git/commit_info_gogit.go b/modules/git/commit_info_gogit.go
index 11b44f7c356a4..314c2df72848b 100644
--- a/modules/git/commit_info_gogit.go
+++ b/modules/git/commit_info_gogit.go
@@ -85,8 +85,8 @@ func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath
 			} else if subModule != nil {
 				subModuleURL = subModule.URL
 			}
-			subModuleFile := NewCommitSubModuleFile(subModuleURL, entry.ID.String())
-			commitsInfo[i].SubModuleFile = subModuleFile
+			subModuleFile := NewCommitSubmoduleFile(subModuleURL, entry.ID.String())
+			commitsInfo[i].SubmoduleFile = subModuleFile
 		}
 	}
 
diff --git a/modules/git/commit_info_nogogit.go b/modules/git/commit_info_nogogit.go
index 20d586f0ff58c..ef2df0b133ade 100644
--- a/modules/git/commit_info_nogogit.go
+++ b/modules/git/commit_info_nogogit.go
@@ -79,8 +79,8 @@ func (tes Entries) GetCommitsInfo(ctx context.Context, commit *Commit, treePath
 			} else if subModule != nil {
 				subModuleURL = subModule.URL
 			}
-			subModuleFile := NewCommitSubModuleFile(subModuleURL, entry.ID.String())
-			commitsInfo[i].SubModuleFile = subModuleFile
+			subModuleFile := NewCommitSubmoduleFile(subModuleURL, entry.ID.String())
+			commitsInfo[i].SubmoduleFile = subModuleFile
 		}
 	}
 
diff --git a/modules/git/commit_submodule.go b/modules/git/commit_submodule.go
index 6603061da29aa..031fd4e5d02ef 100644
--- a/modules/git/commit_submodule.go
+++ b/modules/git/commit_submodule.go
@@ -3,6 +3,10 @@
 
 package git
 
+type SubmoduleWebLink struct {
+	RepoWebLink, CommitWebLink string
+}
+
 // GetSubModules get all the submodules of current revision git tree
 func (c *Commit) GetSubModules() (*ObjectCache[*SubModule], error) {
 	if c.submoduleCache != nil {
diff --git a/modules/git/commit_submodule_file.go b/modules/git/commit_submodule_file.go
index bdec35f682987..2ac744fbf61fd 100644
--- a/modules/git/commit_submodule_file.go
+++ b/modules/git/commit_submodule_file.go
@@ -5,107 +5,50 @@
 package git
 
 import (
-	"fmt"
-	"net"
-	"net/url"
-	"path"
-	"regexp"
-	"strings"
-)
+	"context"
 
-var scpSyntax = regexp.MustCompile(`^([a-zA-Z0-9_]+@)?([a-zA-Z0-9._-]+):(.*)$`)
+	giturl "code.gitea.io/gitea/modules/git/url"
+)
 
-// CommitSubModuleFile represents a file with submodule type.
-type CommitSubModuleFile struct {
-	refURL string
-	refID  string
+// CommitSubmoduleFile represents a file with submodule type.
+type CommitSubmoduleFile struct {
+	refURL    string
+	parsedURL *giturl.RepositoryURL
+	parsed    bool
+	refID     string
+	repoLink  string
 }
 
-// NewCommitSubModuleFile create a new submodule file
-func NewCommitSubModuleFile(refURL, refID string) *CommitSubModuleFile {
-	return &CommitSubModuleFile{
-		refURL: refURL,
-		refID:  refID,
-	}
+// NewCommitSubmoduleFile create a new submodule file
+func NewCommitSubmoduleFile(refURL, refID string) *CommitSubmoduleFile {
+	return &CommitSubmoduleFile{refURL: refURL, refID: refID}
 }
 
-func getRefURL(refURL, urlPrefix, repoFullName, sshDomain string) string {
-	if refURL == "" {
-		return ""
-	}
-
-	refURI := strings.TrimSuffix(refURL, ".git")
-
-	prefixURL, _ := url.Parse(urlPrefix)
-	urlPrefixHostname, _, err := net.SplitHostPort(prefixURL.Host)
-	if err != nil {
-		urlPrefixHostname = prefixURL.Host
-	}
-
-	urlPrefix = strings.TrimSuffix(urlPrefix, "/")
-
-	// FIXME: Need to consider branch - which will require changes in modules/git/commit.go:GetSubModules
-	// Relative url prefix check (according to git submodule documentation)
-	if strings.HasPrefix(refURI, "./") || strings.HasPrefix(refURI, "../") {
-		return urlPrefix + path.Clean(path.Join("/", repoFullName, refURI))
-	}
-
-	if !strings.Contains(refURI, "://") {
-		// scp style syntax which contains *no* port number after the : (and is not parsed by net/url)
-		// ex: git@try.gitea.io:go-gitea/gitea
-		match := scpSyntax.FindAllStringSubmatch(refURI, -1)
-		if len(match) > 0 {
-			m := match[0]
-			refHostname := m[2]
-			pth := m[3]
-
-			if !strings.HasPrefix(pth, "/") {
-				pth = "/" + pth
-			}
-
-			if urlPrefixHostname == refHostname || refHostname == sshDomain {
-				return urlPrefix + path.Clean(path.Join("/", pth))
-			}
-			return "http://" + refHostname + pth
-		}
-	}
-
-	ref, err := url.Parse(refURI)
-	if err != nil {
-		return ""
-	}
+func (sf *CommitSubmoduleFile) RefID() string {
+	return sf.refID // this function is only used in templates
+}
 
-	refHostname, _, err := net.SplitHostPort(ref.Host)
-	if err != nil {
-		refHostname = ref.Host
+// SubmoduleWebLink tries to make some web links for a submodule, it also works on "nil" receiver
+func (sf *CommitSubmoduleFile) SubmoduleWebLink(ctx context.Context, optCommitID ...string) *SubmoduleWebLink {
+	if sf == nil {
+		return nil
 	}
-
-	supportedSchemes := []string{"http", "https", "git", "ssh", "git+ssh"}
-
-	for _, scheme := range supportedSchemes {
-		if ref.Scheme == scheme {
-			if ref.Scheme == "http" || ref.Scheme == "https" {
-				if len(ref.User.Username()) > 0 {
-					return ref.Scheme + "://" + fmt.Sprintf("%v", ref.User) + "@" + ref.Host + ref.Path
-				}
-				return ref.Scheme + "://" + ref.Host + ref.Path
-			} else if urlPrefixHostname == refHostname || refHostname == sshDomain {
-				return urlPrefix + path.Clean(path.Join("/", ref.Path))
-			}
-			return "http://" + refHostname + ref.Path
+	if !sf.parsed {
+		sf.parsed = true
+		parsedURL, err := giturl.ParseRepositoryURL(ctx, sf.refURL)
+		if err != nil {
+			return nil
 		}
-	}
-
-	return ""
-}
-
-// RefURL guesses and returns reference URL.
-// FIXME: template passes AppURL as urlPrefix, it needs to figure out the correct approach (no hard-coded AppURL anymore)
-func (sf *CommitSubModuleFile) RefURL(urlPrefix, repoFullName, sshDomain string) string {
-	return getRefURL(sf.refURL, urlPrefix, repoFullName, sshDomain)
-}
-
-// RefID returns reference ID.
-func (sf *CommitSubModuleFile) RefID() string {
-	return sf.refID
+		sf.parsedURL = parsedURL
+		sf.repoLink = giturl.MakeRepositoryWebLink(sf.parsedURL)
+	}
+	var commitLink string
+	if len(optCommitID) == 2 {
+		commitLink = sf.repoLink + "/compare/" + optCommitID[0] + "..." + optCommitID[1]
+	} else if len(optCommitID) == 1 {
+		commitLink = sf.repoLink + "/commit/" + optCommitID[0]
+	} else {
+		commitLink = sf.repoLink + "/commit/" + sf.refID
+	}
+	return &SubmoduleWebLink{RepoWebLink: sf.repoLink, CommitWebLink: commitLink}
 }
diff --git a/modules/git/commit_submodule_file_test.go b/modules/git/commit_submodule_file_test.go
index 473b996b820ab..4b5b7676126b8 100644
--- a/modules/git/commit_submodule_file_test.go
+++ b/modules/git/commit_submodule_file_test.go
@@ -1,42 +1,30 @@
-// Copyright 2018 The Gitea Authors. All rights reserved.
+// Copyright 2024 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package git
 
 import (
+	"context"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 )
 
-func TestCommitSubModuleFileGetRefURL(t *testing.T) {
-	kases := []struct {
-		refURL     string
-		prefixURL  string
-		parentPath string
-		SSHDomain  string
-		expect     string
-	}{
-		{"git://github.com/user1/repo1", "/", "user1/repo2", "", "http://github.com/user1/repo1"},
-		{"https://localhost/user1/repo1.git", "/", "user1/repo2", "", "https://localhost/user1/repo1"},
-		{"http://localhost/user1/repo1.git", "/", "owner/reponame", "", "http://localhost/user1/repo1"},
-		{"git@github.com:user1/repo1.git", "/", "owner/reponame", "", "http://github.com/user1/repo1"},
-		{"ssh://git@git.zefie.net:2222/zefie/lge_g6_kernel_scripts.git", "/", "zefie/lge_g6_kernel", "", "http://git.zefie.net/zefie/lge_g6_kernel_scripts"},
-		{"git@git.zefie.net:2222/zefie/lge_g6_kernel_scripts.git", "/", "zefie/lge_g6_kernel", "", "http://git.zefie.net/2222/zefie/lge_g6_kernel_scripts"},
-		{"git@try.gitea.io:go-gitea/gitea", "https://try.gitea.io/", "go-gitea/sdk", "", "https://try.gitea.io/go-gitea/gitea"},
-		{"ssh://git@try.gitea.io:9999/go-gitea/gitea", "https://try.gitea.io/", "go-gitea/sdk", "", "https://try.gitea.io/go-gitea/gitea"},
-		{"git://git@try.gitea.io:9999/go-gitea/gitea", "https://try.gitea.io/", "go-gitea/sdk", "", "https://try.gitea.io/go-gitea/gitea"},
-		{"ssh://git@127.0.0.1:9999/go-gitea/gitea", "https://127.0.0.1:3000/", "go-gitea/sdk", "", "https://127.0.0.1:3000/go-gitea/gitea"},
-		{"https://gitea.com:3000/user1/repo1.git", "https://127.0.0.1:3000/", "user/repo2", "", "https://gitea.com:3000/user1/repo1"},
-		{"https://example.gitea.com/gitea/user1/repo1.git", "https://example.gitea.com/gitea/", "", "user/repo2", "https://example.gitea.com/gitea/user1/repo1"},
-		{"https://username:password@github.com/username/repository.git", "/", "username/repository2", "", "https://username:password@github.com/username/repository"},
-		{"somethingbad", "https://127.0.0.1:3000/go-gitea/gitea", "/", "", ""},
-		{"git@localhost:user/repo", "https://localhost/", "user2/repo1", "", "https://localhost/user/repo"},
-		{"../path/to/repo.git/", "https://localhost/", "user/repo2", "", "https://localhost/user/path/to/repo.git"},
-		{"ssh://git@ssh.gitea.io:2222/go-gitea/gitea", "https://try.gitea.io/", "go-gitea/sdk", "ssh.gitea.io", "https://try.gitea.io/go-gitea/gitea"},
-	}
-
-	for _, kase := range kases {
-		assert.EqualValues(t, kase.expect, getRefURL(kase.refURL, kase.prefixURL, kase.parentPath, kase.SSHDomain))
-	}
+func TestCommitSubmoduleLink(t *testing.T) {
+	sf := NewCommitSubmoduleFile("git@github.com:user/repo.git", "aaaa")
+
+	wl := sf.SubmoduleWebLink(context.Background())
+	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
+	assert.Equal(t, "https://github.com/user/repo/commit/aaaa", wl.CommitWebLink)
+
+	wl = sf.SubmoduleWebLink(context.Background(), "1111")
+	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
+	assert.Equal(t, "https://github.com/user/repo/commit/1111", wl.CommitWebLink)
+
+	wl = sf.SubmoduleWebLink(context.Background(), "1111", "2222")
+	assert.Equal(t, "https://github.com/user/repo", wl.RepoWebLink)
+	assert.Equal(t, "https://github.com/user/repo/compare/1111...2222", wl.CommitWebLink)
+
+	wl = (*CommitSubmoduleFile)(nil).SubmoduleWebLink(context.Background())
+	assert.Nil(t, wl)
 }
diff --git a/modules/git/url/url.go b/modules/git/url/url.go
index 667e542199c8f..1c5e8377a6c77 100644
--- a/modules/git/url/url.go
+++ b/modules/git/url/url.go
@@ -4,9 +4,15 @@
 package url
 
 import (
+	"context"
 	"fmt"
+	"net"
 	stdurl "net/url"
 	"strings"
+
+	"code.gitea.io/gitea/modules/httplib"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // ErrWrongURLFormat represents an error with wrong url format
@@ -90,3 +96,86 @@ func ParseGitURL(remote string) (*GitURL, error) {
 		extraMark: 2,
 	}, nil
 }
+
+type RepositoryURL struct {
+	GitURL *GitURL
+
+	// if the URL belongs to current Gitea instance, then the below fields have values
+	OwnerName     string
+	RepoName      string
+	RemainingPath string
+}
+
+// ParseRepositoryURL tries to parse a Git URL and extract the owner/repository name if it belongs to current Gitea instance.
+func ParseRepositoryURL(ctx context.Context, repoURL string) (*RepositoryURL, error) {
+	// possible urls for git:
+	//  https://my.domain/sub-path/<owner>/<repo>[.git]
+	//  git+ssh://user@my.domain/<owner>/<repo>[.git]
+	//  ssh://user@my.domain/<owner>/<repo>[.git]
+	//  user@my.domain:<owner>/<repo>[.git]
+	parsed, err := ParseGitURL(repoURL)
+	if err != nil {
+		return nil, err
+	}
+
+	ret := &RepositoryURL{}
+	ret.GitURL = parsed
+
+	fillPathParts := func(s string) {
+		s = strings.TrimPrefix(s, "/")
+		fields := strings.SplitN(s, "/", 3)
+		if len(fields) >= 2 {
+			ret.OwnerName = fields[0]
+			ret.RepoName = strings.TrimSuffix(fields[1], ".git")
+			if len(fields) == 3 {
+				ret.RemainingPath = "/" + fields[2]
+			}
+		}
+	}
+
+	if parsed.URL.Scheme == "http" || parsed.URL.Scheme == "https" {
+		if !httplib.IsCurrentGiteaSiteURL(ctx, repoURL) {
+			return ret, nil
+		}
+		fillPathParts(strings.TrimPrefix(parsed.URL.Path, setting.AppSubURL))
+	} else if parsed.URL.Scheme == "ssh" || parsed.URL.Scheme == "git+ssh" {
+		domainSSH := setting.SSH.Domain
+		domainCur := httplib.GuessCurrentHostDomain(ctx)
+		urlDomain, _, _ := net.SplitHostPort(parsed.URL.Host)
+		urlDomain = util.IfZero(urlDomain, parsed.URL.Host)
+		if urlDomain == "" {
+			return ret, nil
+		}
+		// check whether URL domain is the App domain
+		domainMatches := domainSSH == urlDomain
+		// check whether URL domain is current domain from context
+		domainMatches = domainMatches || (domainCur != "" && domainCur == urlDomain)
+		if domainMatches {
+			fillPathParts(parsed.URL.Path)
+		}
+	}
+	return ret, nil
+}
+
+// MakeRepositoryWebLink generates a web link (http/https) for a git repository (by guessing sometimes)
+func MakeRepositoryWebLink(repoURL *RepositoryURL) string {
+	if repoURL.OwnerName != "" {
+		return setting.AppSubURL + "/" + repoURL.OwnerName + "/" + repoURL.RepoName
+	}
+
+	// now, let's guess, for example:
+	// * git@github.com:owner/submodule.git
+	// * https://github.com/example/submodule1.git
+	if repoURL.GitURL.Scheme == "http" || repoURL.GitURL.Scheme == "https" {
+		return strings.TrimSuffix(repoURL.GitURL.String(), ".git")
+	} else if repoURL.GitURL.Scheme == "ssh" || repoURL.GitURL.Scheme == "git+ssh" {
+		hostname, _, _ := net.SplitHostPort(repoURL.GitURL.Host)
+		hostname = util.IfZero(hostname, repoURL.GitURL.Host)
+		urlPath := strings.TrimSuffix(repoURL.GitURL.Path, ".git")
+		urlPath = strings.TrimPrefix(urlPath, "/")
+		urlFull := fmt.Sprintf("https://%s/%s", hostname, urlPath)
+		urlFull = strings.TrimSuffix(urlFull, "/")
+		return urlFull
+	}
+	return ""
+}
diff --git a/modules/git/url/url_test.go b/modules/git/url/url_test.go
index a23121a907ad9..9c020adb4d96f 100644
--- a/modules/git/url/url_test.go
+++ b/modules/git/url/url_test.go
@@ -4,9 +4,15 @@
 package url
 
 import (
+	"context"
+	"net/http"
 	"net/url"
 	"testing"
 
+	"code.gitea.io/gitea/modules/httplib"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -164,3 +170,98 @@ func TestParseGitURLs(t *testing.T) {
 		})
 	}
 }
+
+func TestParseRepositoryURL(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000")()
+	defer test.MockVariableValue(&setting.SSH.Domain, "try.gitea.io")()
+
+	ctxURL, _ := url.Parse("https://gitea")
+	ctxReq := &http.Request{URL: ctxURL, Header: http.Header{}}
+	ctxReq.Host = ctxURL.Host
+	ctxReq.Header.Add("X-Forwarded-Proto", ctxURL.Scheme)
+	ctx := context.WithValue(context.Background(), httplib.RequestContextKey, ctxReq)
+	cases := []struct {
+		input                          string
+		ownerName, repoName, remaining string
+	}{
+		{input: "/user/repo"},
+
+		{input: "https://localhost:3000/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "https://external:3000/user/repo"},
+
+		{input: "https://localhost:3000/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
+
+		{input: "https://gitea/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "https://gitea:3333/user/repo"},
+
+		{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
+		{input: "ssh://external:2222/user/repo"},
+
+		{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "git+ssh://user@external/user/repo.git"},
+
+		{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "root@gitea:user/repo.git", ownerName: "user", repoName: "repo"},
+		{input: "root@external:user/repo.git"},
+	}
+
+	for _, c := range cases {
+		t.Run(c.input, func(t *testing.T) {
+			ret, _ := ParseRepositoryURL(ctx, c.input)
+			assert.Equal(t, c.ownerName, ret.OwnerName)
+			assert.Equal(t, c.repoName, ret.RepoName)
+			assert.Equal(t, c.remaining, ret.RemainingPath)
+		})
+	}
+
+	t.Run("WithSubpath", func(t *testing.T) {
+		defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000/subpath")()
+		defer test.MockVariableValue(&setting.AppSubURL, "/subpath")()
+		cases = []struct {
+			input                          string
+			ownerName, repoName, remaining string
+		}{
+			{input: "https://localhost:3000/user/repo"},
+			{input: "https://localhost:3000/subpath/user/repo.git/other", ownerName: "user", repoName: "repo", remaining: "/other"},
+
+			{input: "ssh://try.gitea.io:2222/user/repo", ownerName: "user", repoName: "repo"},
+			{input: "ssh://external:2222/user/repo"},
+
+			{input: "git+ssh://user@try.gitea.io/user/repo.git", ownerName: "user", repoName: "repo"},
+			{input: "git+ssh://user@external/user/repo.git"},
+
+			{input: "root@try.gitea.io:user/repo.git", ownerName: "user", repoName: "repo"},
+			{input: "root@external:user/repo.git"},
+		}
+
+		for _, c := range cases {
+			t.Run(c.input, func(t *testing.T) {
+				ret, _ := ParseRepositoryURL(ctx, c.input)
+				assert.Equal(t, c.ownerName, ret.OwnerName)
+				assert.Equal(t, c.repoName, ret.RepoName)
+				assert.Equal(t, c.remaining, ret.RemainingPath)
+			})
+		}
+	})
+}
+
+func TestMakeRepositoryBaseLink(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "https://localhost:3000/subpath")()
+	defer test.MockVariableValue(&setting.AppSubURL, "/subpath")()
+
+	u, err := ParseRepositoryURL(context.Background(), "https://localhost:3000/subpath/user/repo.git")
+	assert.NoError(t, err)
+	assert.Equal(t, "/subpath/user/repo", MakeRepositoryWebLink(u))
+
+	u, err = ParseRepositoryURL(context.Background(), "https://github.com/owner/repo.git")
+	assert.NoError(t, err)
+	assert.Equal(t, "https://github.com/owner/repo", MakeRepositoryWebLink(u))
+
+	u, err = ParseRepositoryURL(context.Background(), "git@github.com:owner/repo.git")
+	assert.NoError(t, err)
+	assert.Equal(t, "https://github.com/owner/repo", MakeRepositoryWebLink(u))
+
+	u, err = ParseRepositoryURL(context.Background(), "git+ssh://other:123/owner/repo.git")
+	assert.NoError(t, err)
+	assert.Equal(t, "https://other/owner/repo", MakeRepositoryWebLink(u))
+}
diff --git a/modules/repository/branch.go b/modules/repository/branch.go
index 2bf9930f19fd3..4630e70aa8f39 100644
--- a/modules/repository/branch.go
+++ b/modules/repository/branch.go
@@ -6,6 +6,7 @@ package repository
 import (
 	"context"
 	"fmt"
+	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
@@ -51,6 +52,9 @@ func SyncRepoBranchesWithRepo(ctx context.Context, repo *repo_model.Repository,
 	{
 		branches, _, err := gitRepo.GetBranchNames(0, 0)
 		if err != nil {
+			if strings.Contains(err.Error(), "ref file is empty") {
+				return 0, nil
+			}
 			return 0, err
 		}
 		log.Trace("SyncRepoBranches[%s]: branches[%d]: %v", repo.FullName(), len(branches), branches)
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 96404a6143189..140e2efe57111 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -2628,6 +2628,9 @@ diff.image.overlay = Overlay
 diff.has_escaped = This line has hidden Unicode characters
 diff.show_file_tree = Show file tree
 diff.hide_file_tree = Hide file tree
+diff.submodule_added = Submodule %[1]s added at %[2]s
+diff.submodule_deleted = Submodule %[1]s deleted from %[2]s
+diff.submodule_updated = Submodule %[1]s updated: %[2]s
 
 releases.desc = Track project versions and downloads.
 release.releases = Releases
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 14fc9038f3e6b..9fe2b58ebc66d 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -309,7 +309,6 @@ func renderDirectoryFiles(ctx *context.Context, timeout time.Duration) git.Entri
 	}
 
 	ctx.Data["TreeLink"] = treeLink
-	ctx.Data["SSHDomain"] = setting.SSH.Domain
 
 	return allEntries
 }
diff --git a/services/gitdiff/gitdiff.go b/services/gitdiff/gitdiff.go
index 0b5a855d42fea..f42686bb7187d 100644
--- a/services/gitdiff/gitdiff.go
+++ b/services/gitdiff/gitdiff.go
@@ -360,7 +360,6 @@ type DiffFile struct {
 	IsLFSFile                 bool
 	IsRenamed                 bool
 	IsAmbiguous               bool
-	IsSubmodule               bool
 	Sections                  []*DiffSection
 	IsIncomplete              bool
 	IsIncompleteLineTooLong   bool
@@ -372,6 +371,9 @@ type DiffFile struct {
 	Language                  string
 	Mode                      string
 	OldMode                   string
+
+	IsSubmodule       bool // if IsSubmodule==true, then there must be a SubmoduleDiffInfo
+	SubmoduleDiffInfo *SubmoduleDiffInfo
 }
 
 // GetType returns type of diff file.
@@ -609,9 +611,8 @@ parsingLoop:
 				if strings.HasPrefix(line, "new mode ") {
 					curFile.Mode = prepareValue(line, "new mode ")
 				}
-
 				if strings.HasSuffix(line, " 160000\n") {
-					curFile.IsSubmodule = true
+					curFile.IsSubmodule, curFile.SubmoduleDiffInfo = true, &SubmoduleDiffInfo{}
 				}
 			case strings.HasPrefix(line, "rename from "):
 				curFile.IsRenamed = true
@@ -646,17 +647,17 @@ parsingLoop:
 					curFile.Mode = prepareValue(line, "new file mode ")
 				}
 				if strings.HasSuffix(line, " 160000\n") {
-					curFile.IsSubmodule = true
+					curFile.IsSubmodule, curFile.SubmoduleDiffInfo = true, &SubmoduleDiffInfo{}
 				}
 			case strings.HasPrefix(line, "deleted"):
 				curFile.Type = DiffFileDel
 				curFile.IsDeleted = true
 				if strings.HasSuffix(line, " 160000\n") {
-					curFile.IsSubmodule = true
+					curFile.IsSubmodule, curFile.SubmoduleDiffInfo = true, &SubmoduleDiffInfo{}
 				}
 			case strings.HasPrefix(line, "index"):
 				if strings.HasSuffix(line, " 160000\n") {
-					curFile.IsSubmodule = true
+					curFile.IsSubmodule, curFile.SubmoduleDiffInfo = true, &SubmoduleDiffInfo{}
 				}
 			case strings.HasPrefix(line, "similarity index 100%"):
 				curFile.Type = DiffFileRename
@@ -915,6 +916,13 @@ func parseHunks(ctx context.Context, curFile *DiffFile, maxLines, maxLineCharact
 				}
 			}
 			curSection.Lines = append(curSection.Lines, diffLine)
+
+			// Parse submodule additions
+			if curFile.SubmoduleDiffInfo != nil {
+				if ref, found := bytes.CutPrefix(lineBytes, []byte("+Subproject commit ")); found {
+					curFile.SubmoduleDiffInfo.NewRefID = string(bytes.TrimSpace(ref))
+				}
+			}
 		case '-':
 			curFileLinesCount++
 			curFile.Deletion++
@@ -936,6 +944,13 @@ func parseHunks(ctx context.Context, curFile *DiffFile, maxLines, maxLineCharact
 				lastLeftIdx = len(curSection.Lines)
 			}
 			curSection.Lines = append(curSection.Lines, diffLine)
+
+			// Parse submodule deletion
+			if curFile.SubmoduleDiffInfo != nil {
+				if ref, found := bytes.CutPrefix(lineBytes, []byte("-Subproject commit ")); found {
+					curFile.SubmoduleDiffInfo.PreviousRefID = string(bytes.TrimSpace(ref))
+				}
+			}
 		case ' ':
 			curFileLinesCount++
 			if maxLines > -1 && curFileLinesCount >= maxLines {
@@ -1195,6 +1210,11 @@ func GetDiff(ctx context.Context, gitRepo *git.Repository, opts *DiffOptions, fi
 			}
 		}
 
+		// Populate Submodule URLs
+		if diffFile.SubmoduleDiffInfo != nil {
+			diffFile.SubmoduleDiffInfo.PopulateURL(diffFile, beforeCommit, commit)
+		}
+
 		if !isVendored.Has() {
 			isVendored = optional.Some(analyze.IsVendor(diffFile.Name))
 		}
diff --git a/services/gitdiff/submodule.go b/services/gitdiff/submodule.go
new file mode 100644
index 0000000000000..02ca666544c10
--- /dev/null
+++ b/services/gitdiff/submodule.go
@@ -0,0 +1,65 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package gitdiff
+
+import (
+	"context"
+	"html/template"
+
+	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/htmlutil"
+	"code.gitea.io/gitea/modules/log"
+)
+
+type SubmoduleDiffInfo struct {
+	SubmoduleName string
+	SubmoduleFile *git.CommitSubmoduleFile // it might be nil if the submodule is not found or unable to parse
+	NewRefID      string
+	PreviousRefID string
+}
+
+func (si *SubmoduleDiffInfo) PopulateURL(diffFile *DiffFile, leftCommit, rightCommit *git.Commit) {
+	si.SubmoduleName = diffFile.Name
+	submoduleCommit := rightCommit // If the submodule is added or updated, check at the right commit
+	if diffFile.IsDeleted {
+		submoduleCommit = leftCommit // If the submodule is deleted, check at the left commit
+	}
+	if submoduleCommit == nil {
+		return
+	}
+
+	submodule, err := submoduleCommit.GetSubModule(diffFile.GetDiffFileName())
+	if err != nil {
+		log.Error("Unable to PopulateURL for submodule %q: GetSubModule: %v", diffFile.GetDiffFileName(), err)
+		return // ignore the error, do not cause 500 errors for end users
+	}
+	if submodule != nil {
+		si.SubmoduleFile = git.NewCommitSubmoduleFile(submodule.URL, submoduleCommit.ID.String())
+	}
+}
+
+func (si *SubmoduleDiffInfo) CommitRefIDLinkHTML(ctx context.Context, commitID string) template.HTML {
+	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx, commitID)
+	if webLink == nil {
+		return htmlutil.HTMLFormat("%s", base.ShortSha(commitID))
+	}
+	return htmlutil.HTMLFormat(`<a href="%s">%s</a>`, webLink.CommitWebLink, base.ShortSha(commitID))
+}
+
+func (si *SubmoduleDiffInfo) CompareRefIDLinkHTML(ctx context.Context) template.HTML {
+	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx, si.PreviousRefID, si.NewRefID)
+	if webLink == nil {
+		return htmlutil.HTMLFormat("%s...%s", base.ShortSha(si.PreviousRefID), base.ShortSha(si.NewRefID))
+	}
+	return htmlutil.HTMLFormat(`<a href="%s">%s...%s</a>`, webLink.CommitWebLink, base.ShortSha(si.PreviousRefID), base.ShortSha(si.NewRefID))
+}
+
+func (si *SubmoduleDiffInfo) SubmoduleRepoLinkHTML(ctx context.Context) template.HTML {
+	webLink := si.SubmoduleFile.SubmoduleWebLink(ctx)
+	if webLink == nil {
+		return htmlutil.HTMLFormat("%s", si.SubmoduleName)
+	}
+	return htmlutil.HTMLFormat(`<a href="%s">%s</a>`, webLink.RepoWebLink, si.SubmoduleName)
+}
diff --git a/services/gitdiff/submodule_test.go b/services/gitdiff/submodule_test.go
new file mode 100644
index 0000000000000..89f32c0e0c849
--- /dev/null
+++ b/services/gitdiff/submodule_test.go
@@ -0,0 +1,236 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package gitdiff
+
+import (
+	"context"
+	"strings"
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestParseSubmoduleInfo(t *testing.T) {
+	type testcase struct {
+		name    string
+		gitdiff string
+		infos   map[int]SubmoduleDiffInfo
+	}
+
+	tests := []testcase{
+		{
+			name: "added",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+new file mode 100644
+index 0000000..4ac13c1
+--- /dev/null
++++ b/.gitmodules
+@@ -0,0 +1,3 @@
++[submodule "gitea-mirror"]
++	path = gitea-mirror
++	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea-mirror b/gitea-mirror
+new file mode 160000
+index 0000000..68972a9
+--- /dev/null
++++ b/gitea-mirror
+@@ -0,0 +1 @@
++Subproject commit 68972a994719ae5c74e28d8fa82fa27c23399bc8
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				1: {NewRefID: "68972a994719ae5c74e28d8fa82fa27c23399bc8"},
+			},
+		},
+		{
+			name: "updated",
+			gitdiff: `diff --git a/gitea-mirror b/gitea-mirror
+index 68972a9..c8ffe77 160000
+--- a/gitea-mirror
++++ b/gitea-mirror
+@@ -1 +1 @@
+-Subproject commit 68972a994719ae5c74e28d8fa82fa27c23399bc8
++Subproject commit c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				0: {
+					PreviousRefID: "68972a994719ae5c74e28d8fa82fa27c23399bc8",
+					NewRefID:      "c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d",
+				},
+			},
+		},
+		{
+			name: "rename",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+index 4ac13c1..0510edd 100644
+--- a/.gitmodules
++++ b/.gitmodules
+@@ -1,3 +1,3 @@
+ [submodule "gitea-mirror"]
+-	path = gitea-mirror
++	path = gitea
+ 	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea-mirror b/gitea
+similarity index 100%
+rename from gitea-mirror
+rename to gitea
+`,
+		},
+		{
+			name: "deleted",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+index 0510edd..e69de29 100644
+--- a/.gitmodules
++++ b/.gitmodules
+@@ -1,3 +0,0 @@
+-[submodule "gitea-mirror"]
+-	path = gitea
+-	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea b/gitea
+deleted file mode 160000
+index c8ffe77..0000000
+--- a/gitea
++++ /dev/null
+@@ -1 +0,0 @@
+-Subproject commit c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				1: {
+					PreviousRefID: "c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d",
+				},
+			},
+		},
+		{
+			name: "moved and updated",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+index 0510edd..bced3d8 100644
+--- a/.gitmodules
++++ b/.gitmodules
+@@ -1,3 +1,3 @@
+ [submodule "gitea-mirror"]
+-	path = gitea
++	path = gitea-1.22
+ 	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea b/gitea
+deleted file mode 160000
+index c8ffe77..0000000
+--- a/gitea
++++ /dev/null
+@@ -1 +0,0 @@
+-Subproject commit c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d
+diff --git a/gitea-1.22 b/gitea-1.22
+new file mode 160000
+index 0000000..8eefa1f
+--- /dev/null
++++ b/gitea-1.22
+@@ -0,0 +1 @@
++Subproject commit 8eefa1f6dedf2488db2c9e12c916e8e51f673160
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				1: {
+					PreviousRefID: "c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d",
+				},
+				2: {
+					NewRefID: "8eefa1f6dedf2488db2c9e12c916e8e51f673160",
+				},
+			},
+		},
+		{
+			name: "converted to file",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+index 0510edd..e69de29 100644
+--- a/.gitmodules
++++ b/.gitmodules
+@@ -1,3 +0,0 @@
+-[submodule "gitea-mirror"]
+-	path = gitea
+-	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea b/gitea
+deleted file mode 160000
+index c8ffe77..0000000
+--- a/gitea
++++ /dev/null
+@@ -1 +0,0 @@
+-Subproject commit c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d
+diff --git a/gitea b/gitea
+new file mode 100644
+index 0000000..33a9488
+--- /dev/null
++++ b/gitea
+@@ -0,0 +1 @@
++example
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				1: {
+					PreviousRefID: "c8ffe777cf9c5bb47a38e3e0b3a3b5de6cd8813d",
+				},
+			},
+		},
+		{
+			name: "converted to submodule",
+			gitdiff: `diff --git a/.gitmodules b/.gitmodules
+index e69de29..14ee267 100644
+--- a/.gitmodules
++++ b/.gitmodules
+@@ -0,0 +1,3 @@
++[submodule "gitea"]
++	path = gitea
++	url = https://gitea.com/gitea/gitea-mirror
+diff --git a/gitea b/gitea
+deleted file mode 100644
+index 33a9488..0000000
+--- a/gitea
++++ /dev/null
+@@ -1 +0,0 @@
+-example
+diff --git a/gitea b/gitea
+new file mode 160000
+index 0000000..68972a9
+--- /dev/null
++++ b/gitea
+@@ -0,0 +1 @@
++Subproject commit 68972a994719ae5c74e28d8fa82fa27c23399bc8
+`,
+			infos: map[int]SubmoduleDiffInfo{
+				2: {
+					NewRefID: "68972a994719ae5c74e28d8fa82fa27c23399bc8",
+				},
+			},
+		},
+	}
+
+	for _, testcase := range tests {
+		testcase := testcase
+		t.Run(testcase.name, func(t *testing.T) {
+			diff, err := ParsePatch(db.DefaultContext, setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, strings.NewReader(testcase.gitdiff), "")
+			assert.NoError(t, err)
+
+			for i, expected := range testcase.infos {
+				actual := diff.Files[i]
+				assert.NotNil(t, actual)
+				assert.Equal(t, expected, *actual.SubmoduleDiffInfo)
+			}
+		})
+	}
+}
+
+func TestSubmoduleInfo(t *testing.T) {
+	sdi := &SubmoduleDiffInfo{
+		SubmoduleName: "name",
+		PreviousRefID: "aaaa",
+		NewRefID:      "bbbb",
+	}
+	ctx := context.Background()
+	assert.EqualValues(t, "1111", sdi.CommitRefIDLinkHTML(ctx, "1111"))
+	assert.EqualValues(t, "aaaa...bbbb", sdi.CompareRefIDLinkHTML(ctx))
+	assert.EqualValues(t, "name", sdi.SubmoduleRepoLinkHTML(ctx))
+
+	sdi.SubmoduleFile = git.NewCommitSubmoduleFile("https://github.com/owner/repo", "1234")
+	assert.EqualValues(t, `<a href="https://github.com/owner/repo/commit/1111">1111</a>`, sdi.CommitRefIDLinkHTML(ctx, "1111"))
+	assert.EqualValues(t, `<a href="https://github.com/owner/repo/compare/aaaa...bbbb">aaaa...bbbb</a>`, sdi.CompareRefIDLinkHTML(ctx))
+	assert.EqualValues(t, `<a href="https://github.com/owner/repo">name</a>`, sdi.SubmoduleRepoLinkHTML(ctx))
+}
diff --git a/templates/repo/diff/box.tmpl b/templates/repo/diff/box.tmpl
index 9733e5f980680..ea01d96928c9e 100644
--- a/templates/repo/diff/box.tmpl
+++ b/templates/repo/diff/box.tmpl
@@ -58,7 +58,7 @@
 			</div>
 		{{end}}
 		<script id="diff-data-script" type="module">
-			const diffDataFiles = [{{range $i, $file := .Diff.Files}}{Name:"{{$file.Name}}",NameHash:"{{$file.NameHash}}",Type:{{$file.Type}},IsBin:{{$file.IsBin}},Addition:{{$file.Addition}},Deletion:{{$file.Deletion}},IsViewed:{{$file.IsViewed}}},{{end}}];
+			const diffDataFiles = [{{range $i, $file := .Diff.Files}}{Name:"{{$file.Name}}",NameHash:"{{$file.NameHash}}",Type:{{$file.Type}},IsBin:{{$file.IsBin}},IsSubmodule:{{$file.IsSubmodule}},Addition:{{$file.Addition}},Deletion:{{$file.Deletion}},IsViewed:{{$file.IsViewed}}},{{end}}];
 			const diffData = {
 				isIncomplete: {{.Diff.IsIncomplete}},
 				tooManyFilesMessage: "{{ctx.Locale.Tr "repo.diff.too_many_files"}}",
@@ -161,23 +161,25 @@
 										<input type="checkbox" name="{{$file.GetDiffFileName}}" autocomplete="off"{{if $file.IsViewed}} checked{{end}}> {{ctx.Locale.Tr "repo.pulls.has_viewed_file"}}
 									</label>
 								{{end}}
-								<button class="btn diff-header-popup-btn tw-p-1">{{svg "octicon-kebab-horizontal" 18}}</button>
-								<div class="tippy-target">
-									{{if not (or $file.IsIncomplete $file.IsBin $file.IsSubmodule)}}
-										<button class="unescape-button item" data-unicode-content-selector="#diff-{{$file.NameHash}}">{{ctx.Locale.Tr "repo.unescape_control_characters"}}</button>
-										<button class="escape-button tw-hidden item" data-unicode-content-selector="#diff-{{$file.NameHash}}">{{ctx.Locale.Tr "repo.escape_control_characters"}}</button>
-									{{end}}
-									{{if and (not $file.IsSubmodule) (not $.PageIsWiki)}}
-										{{if $file.IsDeleted}}
-											<a class="item" rel="nofollow" href="{{$.BeforeSourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
-										{{else}}
-											<a class="item" rel="nofollow" href="{{$.SourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
-											{{if and $.Repository.CanEnableEditor $.CanEditFile (not $file.IsLFSFile) (not $file.IsBin)}}
-												<a class="item" rel="nofollow" href="{{$.HeadRepoLink}}/_edit/{{PathEscapeSegments $.HeadBranchName}}/{{PathEscapeSegments $file.Name}}?return_uri={{print $.BackToLink "#diff-" $file.NameHash | QueryEscape}}">{{ctx.Locale.Tr "repo.editor.edit_this_file"}}</a>
+								{{if not $file.IsSubmodule}}
+									<button class="btn diff-header-popup-btn tw-p-1">{{svg "octicon-kebab-horizontal" 18}}</button>
+									<div class="tippy-target">
+										{{if not (or $file.IsIncomplete $file.IsBin)}}
+											<button class="unescape-button item" data-unicode-content-selector="#diff-{{$file.NameHash}}">{{ctx.Locale.Tr "repo.unescape_control_characters"}}</button>
+											<button class="escape-button tw-hidden item" data-unicode-content-selector="#diff-{{$file.NameHash}}">{{ctx.Locale.Tr "repo.escape_control_characters"}}</button>
+										{{end}}
+										{{if not $.PageIsWiki}}
+											{{if $file.IsDeleted}}
+												<a class="item" rel="nofollow" href="{{$.BeforeSourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
+											{{else}}
+												<a class="item" rel="nofollow" href="{{$.SourcePath}}/{{PathEscapeSegments .Name}}">{{ctx.Locale.Tr "repo.diff.view_file"}}</a>
+												{{if and $.Repository.CanEnableEditor $.CanEditFile (not $file.IsLFSFile) (not $file.IsBin)}}
+													<a class="item" rel="nofollow" href="{{$.HeadRepoLink}}/_edit/{{PathEscapeSegments $.HeadBranchName}}/{{PathEscapeSegments $file.Name}}?return_uri={{print $.BackToLink "#diff-" $file.NameHash | QueryEscape}}">{{ctx.Locale.Tr "repo.editor.edit_this_file"}}</a>
+												{{end}}
 											{{end}}
 										{{end}}
-									{{end}}
-								</div>
+									</div>
+								{{end}}
 							</div>
 						</h4>
 						<div class="diff-file-body ui attached unstackable table segment" {{if and $file.IsViewed $.IsShowingAllCommits}}data-folded="true"{{end}}>
@@ -195,6 +197,17 @@
 											{{ctx.Locale.Tr "repo.diff.bin_not_shown"}}
 										{{end}}
 									</div>
+								{{else if $file.SubmoduleDiffInfo}}
+									<div class="tw-p-3">{{svg "octicon-file-submodule"}} {{$submoduleDiffInfo := $file.SubmoduleDiffInfo -}}
+										{{- $submoduleName := $submoduleDiffInfo.SubmoduleRepoLinkHTML ctx -}}
+										{{- if $file.IsDeleted -}}
+											{{- ctx.Locale.Tr "repo.diff.submodule_deleted" $submoduleName ($submoduleDiffInfo.CommitRefIDLinkHTML ctx $submoduleDiffInfo.PreviousRefID) -}}
+										{{- else if $file.IsCreated -}}
+											{{- ctx.Locale.Tr "repo.diff.submodule_added" $submoduleName ($submoduleDiffInfo.CommitRefIDLinkHTML ctx $submoduleDiffInfo.NewRefID) -}}
+										{{- else -}}
+											{{- ctx.Locale.Tr "repo.diff.submodule_updated" $submoduleName ($submoduleDiffInfo.CompareRefIDLinkHTML ctx) -}}
+										{{end}}
+									</div>
 								{{else}}
 									<table class="chroma" data-new-comment-url="{{$.Issue.Link}}/files/reviews/new_comment" data-path="{{$file.Name}}">
 										{{if $.IsSplitStyle}}
diff --git a/templates/repo/view_list.tmpl b/templates/repo/view_list.tmpl
index c8e97d2617fd1..7540931010d1c 100644
--- a/templates/repo/view_list.tmpl
+++ b/templates/repo/view_list.tmpl
@@ -13,15 +13,15 @@
 		<div class="repo-file-item">
 			{{$entry := $item.Entry}}
 			{{$commit := $item.Commit}}
-			{{$subModuleFile := $item.SubModuleFile}}
+			{{$submoduleFile := $item.SubmoduleFile}}
 			<div class="repo-file-cell name {{if not $commit}}notready{{end}}">
 				{{if $entry.IsSubModule}}
 					{{svg "octicon-file-submodule"}}
-					{{$refURL := $subModuleFile.RefURL AppUrl $.Repository.FullName $.SSHDomain}} {{/* FIXME: the usage of AppUrl seems incorrect, it would be fixed in the future, use AppSubUrl instead */}}
-					{{if $refURL}}
-						<a class="muted" href="{{$refURL}}">{{$entry.Name}}</a> <span class="at">@</span> <a href="{{$refURL}}/commit/{{PathEscape $subModuleFile.RefID}}">{{ShortSha $subModuleFile.RefID}}</a>
+					{{$submoduleLink := $submoduleFile.SubmoduleWebLink ctx}}
+					{{if $submoduleLink}}
+						<a class="muted" href="{{$submoduleLink.RepoWebLink}}">{{$entry.Name}}</a> <span class="at">@</span> <a href="{{$submoduleLink.CommitWebLink}}">{{ShortSha $submoduleFile.RefID}}</a>
 					{{else}}
-						{{$entry.Name}} <span class="at">@</span> {{ShortSha $subModuleFile.RefID}}
+						{{$entry.Name}} <span class="at">@</span> {{ShortSha $submoduleFile.RefID}}
 					{{end}}
 				{{else}}
 					{{if $entry.IsDir}}
diff --git a/web_src/js/components/DiffFileTreeItem.vue b/web_src/js/components/DiffFileTreeItem.vue
index 12cafd8f1b5d5..31ce94aacda58 100644
--- a/web_src/js/components/DiffFileTreeItem.vue
+++ b/web_src/js/components/DiffFileTreeItem.vue
@@ -8,6 +8,7 @@ type File = {
   NameHash: string;
   Type: number;
   IsViewed: boolean;
+  IsSubmodule: boolean;
 }
 
 type Item = {
@@ -34,6 +35,13 @@ function getIconForDiffType(pType) {
   };
   return diffTypes[pType];
 }
+
+function fileIcon(file) {
+  if (file.IsSubmodule) {
+    return 'octicon-file-submodule';
+  }
+  return 'octicon-file';
+}
 </script>
 
 <template>
@@ -44,7 +52,7 @@ function getIconForDiffType(pType) {
     :title="item.name" :href="'#diff-' + item.file.NameHash"
   >
     <!-- file -->
-    <SvgIcon name="octicon-file"/>
+    <SvgIcon :name="fileIcon(item.file)"/>
     <span class="gt-ellipsis tw-flex-1">{{ item.name }}</span>
     <SvgIcon :name="getIconForDiffType(item.file.Type).name" :class="getIconForDiffType(item.file.Type).classes"/>
   </a>
diff --git a/web_src/js/svg.ts b/web_src/js/svg.ts
index 90b12fa87d753..6a8246fa1bcaf 100644
--- a/web_src/js/svg.ts
+++ b/web_src/js/svg.ts
@@ -28,6 +28,7 @@ import octiconEye from '../../public/assets/img/svg/octicon-eye.svg';
 import octiconFile from '../../public/assets/img/svg/octicon-file.svg';
 import octiconFileDirectoryFill from '../../public/assets/img/svg/octicon-file-directory-fill.svg';
 import octiconFileDirectoryOpenFill from '../../public/assets/img/svg/octicon-file-directory-open-fill.svg';
+import octiconFileSubmodule from '../../public/assets/img/svg/octicon-file-submodule.svg';
 import octiconFilter from '../../public/assets/img/svg/octicon-filter.svg';
 import octiconGear from '../../public/assets/img/svg/octicon-gear.svg';
 import octiconGitBranch from '../../public/assets/img/svg/octicon-git-branch.svg';
@@ -104,6 +105,7 @@ const svgs = {
   'octicon-file': octiconFile,
   'octicon-file-directory-fill': octiconFileDirectoryFill,
   'octicon-file-directory-open-fill': octiconFileDirectoryOpenFill,
+  'octicon-file-submodule': octiconFileSubmodule,
   'octicon-filter': octiconFilter,
   'octicon-gear': octiconGear,
   'octicon-git-branch': octiconGitBranch,

From 67aeb1f8961194a6f84ce1cca0cbb55d100a8cd2 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Tue, 7 Jan 2025 19:16:56 -0800
Subject: [PATCH 44/55] Add missed transaction on setmerged (#33079)

Follow #33045. There are two updates on `Set Merged`, which should be in
one transaction.
This also introduced some refactors for changeissuestatus to make it
more clear.
---
 models/issues/issue.go               |  33 --------
 models/issues/issue_update.go        | 121 ++++++++++++++++++---------
 models/issues/pull.go                |  16 ----
 routers/private/hook_post_receive.go |  22 +----
 services/pull/check.go               |   7 +-
 services/pull/merge.go               |  63 +++++++-------
 services/pull/pull.go                |   5 +-
 7 files changed, 121 insertions(+), 146 deletions(-)

diff --git a/models/issues/issue.go b/models/issues/issue.go
index fe347c271560e..1777fbb6a686f 100644
--- a/models/issues/issue.go
+++ b/models/issues/issue.go
@@ -46,23 +46,6 @@ func (err ErrIssueNotExist) Unwrap() error {
 	return util.ErrNotExist
 }
 
-// ErrIssueIsClosed represents a "IssueIsClosed" kind of error.
-type ErrIssueIsClosed struct {
-	ID     int64
-	RepoID int64
-	Index  int64
-}
-
-// IsErrIssueIsClosed checks if an error is a ErrIssueNotExist.
-func IsErrIssueIsClosed(err error) bool {
-	_, ok := err.(ErrIssueIsClosed)
-	return ok
-}
-
-func (err ErrIssueIsClosed) Error() string {
-	return fmt.Sprintf("issue is closed [id: %d, repo_id: %d, index: %d]", err.ID, err.RepoID, err.Index)
-}
-
 // ErrNewIssueInsert is used when the INSERT statement in newIssue fails
 type ErrNewIssueInsert struct {
 	OriginalError error
@@ -78,22 +61,6 @@ func (err ErrNewIssueInsert) Error() string {
 	return err.OriginalError.Error()
 }
 
-// ErrIssueWasClosed is used when close a closed issue
-type ErrIssueWasClosed struct {
-	ID    int64
-	Index int64
-}
-
-// IsErrIssueWasClosed checks if an error is a ErrIssueWasClosed.
-func IsErrIssueWasClosed(err error) bool {
-	_, ok := err.(ErrIssueWasClosed)
-	return ok
-}
-
-func (err ErrIssueWasClosed) Error() string {
-	return fmt.Sprintf("Issue [%d] %d was already closed", err.ID, err.Index)
-}
-
 var ErrIssueAlreadyChanged = util.NewInvalidArgumentErrorf("the issue is already changed")
 
 // Issue represents an issue or pull request of repository.
diff --git a/models/issues/issue_update.go b/models/issues/issue_update.go
index 479834045c6f9..7b3fe04aa5b10 100644
--- a/models/issues/issue_update.go
+++ b/models/issues/issue_update.go
@@ -28,38 +28,40 @@ import (
 
 // UpdateIssueCols updates cols of issue
 func UpdateIssueCols(ctx context.Context, issue *Issue, cols ...string) error {
-	if _, err := db.GetEngine(ctx).ID(issue.ID).Cols(cols...).Update(issue); err != nil {
-		return err
-	}
-	return nil
+	_, err := db.GetEngine(ctx).ID(issue.ID).Cols(cols...).Update(issue)
+	return err
 }
 
-func ChangeIssueStatus(ctx context.Context, issue *Issue, doer *user_model.User, isClosed, isMergePull bool) (*Comment, error) {
-	// Reload the issue
-	currentIssue, err := GetIssueByID(ctx, issue.ID)
-	if err != nil {
-		return nil, err
-	}
+// ErrIssueIsClosed is used when close a closed issue
+type ErrIssueIsClosed struct {
+	ID     int64
+	RepoID int64
+	Index  int64
+	IsPull bool
+}
 
-	// Nothing should be performed if current status is same as target status
-	if currentIssue.IsClosed == isClosed {
-		if !issue.IsPull {
-			return nil, ErrIssueWasClosed{
-				ID: issue.ID,
-			}
-		}
-		return nil, ErrPullWasClosed{
-			ID: issue.ID,
-		}
-	}
+// IsErrIssueIsClosed checks if an error is a ErrIssueIsClosed.
+func IsErrIssueIsClosed(err error) bool {
+	_, ok := err.(ErrIssueIsClosed)
+	return ok
+}
 
-	issue.IsClosed = isClosed
-	return doChangeIssueStatus(ctx, issue, doer, isMergePull)
+func (err ErrIssueIsClosed) Error() string {
+	return fmt.Sprintf("%s [id: %d, repo_id: %d, index: %d] is already closed", util.Iif(err.IsPull, "Pull Request", "Issue"), err.ID, err.RepoID, err.Index)
 }
 
-func doChangeIssueStatus(ctx context.Context, issue *Issue, doer *user_model.User, isMergePull bool) (*Comment, error) {
+func SetIssueAsClosed(ctx context.Context, issue *Issue, doer *user_model.User, isMergePull bool) (*Comment, error) {
+	if issue.IsClosed {
+		return nil, ErrIssueIsClosed{
+			ID:     issue.ID,
+			RepoID: issue.RepoID,
+			Index:  issue.Index,
+			IsPull: issue.IsPull,
+		}
+	}
+
 	// Check for open dependencies
-	if issue.IsClosed && issue.Repo.IsDependenciesEnabled(ctx) {
+	if issue.Repo.IsDependenciesEnabled(ctx) {
 		// only check if dependencies are enabled and we're about to close an issue, otherwise reopening an issue would fail when there are unsatisfied dependencies
 		noDeps, err := IssueNoDependenciesLeft(ctx, issue)
 		if err != nil {
@@ -71,16 +73,63 @@ func doChangeIssueStatus(ctx context.Context, issue *Issue, doer *user_model.Use
 		}
 	}
 
-	if issue.IsClosed {
-		issue.ClosedUnix = timeutil.TimeStampNow()
-	} else {
-		issue.ClosedUnix = 0
+	issue.IsClosed = true
+	issue.ClosedUnix = timeutil.TimeStampNow()
+
+	if cnt, err := db.GetEngine(ctx).ID(issue.ID).Cols("is_closed", "closed_unix").
+		Where("is_closed = ?", false).
+		Update(issue); err != nil {
+		return nil, err
+	} else if cnt != 1 {
+		return nil, ErrIssueAlreadyChanged
 	}
 
-	if err := UpdateIssueCols(ctx, issue, "is_closed", "closed_unix"); err != nil {
+	return updateIssueNumbers(ctx, issue, doer, util.Iif(isMergePull, CommentTypeMergePull, CommentTypeClose))
+}
+
+// ErrIssueIsOpen is used when reopen an opened issue
+type ErrIssueIsOpen struct {
+	ID     int64
+	RepoID int64
+	IsPull bool
+	Index  int64
+}
+
+// IsErrIssueIsOpen checks if an error is a ErrIssueIsOpen.
+func IsErrIssueIsOpen(err error) bool {
+	_, ok := err.(ErrIssueIsOpen)
+	return ok
+}
+
+func (err ErrIssueIsOpen) Error() string {
+	return fmt.Sprintf("%s [id: %d, repo_id: %d, index: %d] is already open", util.Iif(err.IsPull, "Pull Request", "Issue"), err.ID, err.RepoID, err.Index)
+}
+
+func setIssueAsReopen(ctx context.Context, issue *Issue, doer *user_model.User) (*Comment, error) {
+	if !issue.IsClosed {
+		return nil, ErrIssueIsOpen{
+			ID:     issue.ID,
+			RepoID: issue.RepoID,
+			Index:  issue.Index,
+			IsPull: issue.IsPull,
+		}
+	}
+
+	issue.IsClosed = false
+	issue.ClosedUnix = 0
+
+	if cnt, err := db.GetEngine(ctx).ID(issue.ID).Cols("is_closed", "closed_unix").
+		Where("is_closed = ?", true).
+		Update(issue); err != nil {
 		return nil, err
+	} else if cnt != 1 {
+		return nil, ErrIssueAlreadyChanged
 	}
 
+	return updateIssueNumbers(ctx, issue, doer, CommentTypeReopen)
+}
+
+func updateIssueNumbers(ctx context.Context, issue *Issue, doer *user_model.User, cmtType CommentType) (*Comment, error) {
 	// Update issue count of labels
 	if err := issue.LoadLabels(ctx); err != nil {
 		return nil, err
@@ -103,14 +152,6 @@ func doChangeIssueStatus(ctx context.Context, issue *Issue, doer *user_model.Use
 		return nil, err
 	}
 
-	// New action comment
-	cmtType := CommentTypeClose
-	if !issue.IsClosed {
-		cmtType = CommentTypeReopen
-	} else if isMergePull {
-		cmtType = CommentTypeMergePull
-	}
-
 	return CreateComment(ctx, &CreateCommentOptions{
 		Type:  cmtType,
 		Doer:  doer,
@@ -134,7 +175,7 @@ func CloseIssue(ctx context.Context, issue *Issue, doer *user_model.User) (*Comm
 	}
 	defer committer.Close()
 
-	comment, err := ChangeIssueStatus(ctx, issue, doer, true, false)
+	comment, err := SetIssueAsClosed(ctx, issue, doer, false)
 	if err != nil {
 		return nil, err
 	}
@@ -159,7 +200,7 @@ func ReopenIssue(ctx context.Context, issue *Issue, doer *user_model.User) (*Com
 	}
 	defer committer.Close()
 
-	comment, err := ChangeIssueStatus(ctx, issue, doer, false, false)
+	comment, err := setIssueAsReopen(ctx, issue, doer)
 	if err != nil {
 		return nil, err
 	}
diff --git a/models/issues/pull.go b/models/issues/pull.go
index 786b2aa130d01..e3af00224dedb 100644
--- a/models/issues/pull.go
+++ b/models/issues/pull.go
@@ -80,22 +80,6 @@ func (err ErrPullRequestAlreadyExists) Unwrap() error {
 	return util.ErrAlreadyExist
 }
 
-// ErrPullWasClosed is used close a closed pull request
-type ErrPullWasClosed struct {
-	ID    int64
-	Index int64
-}
-
-// IsErrPullWasClosed checks if an error is a ErrErrPullWasClosed.
-func IsErrPullWasClosed(err error) bool {
-	_, ok := err.(ErrPullWasClosed)
-	return ok
-}
-
-func (err ErrPullWasClosed) Error() string {
-	return fmt.Sprintf("Pull request [%d] %d was already closed", err.ID, err.Index)
-}
-
 // PullRequestType defines pull request type
 type PullRequestType int
 
diff --git a/routers/private/hook_post_receive.go b/routers/private/hook_post_receive.go
index af40cb3988c25..dba6aef9a3289 100644
--- a/routers/private/hook_post_receive.go
+++ b/routers/private/hook_post_receive.go
@@ -8,11 +8,9 @@ import (
 	"fmt"
 	"net/http"
 
-	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	access_model "code.gitea.io/gitea/models/perm/access"
-	pull_model "code.gitea.io/gitea/models/pull"
 	repo_model "code.gitea.io/gitea/models/repo"
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
@@ -22,7 +20,7 @@ import (
 	"code.gitea.io/gitea/modules/private"
 	repo_module "code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
-	timeutil "code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/timeutil"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/modules/web"
 	gitea_context "code.gitea.io/gitea/services/context"
@@ -359,21 +357,9 @@ func handlePullRequestMerging(ctx *gitea_context.PrivateContext, opts *private.H
 		return
 	}
 
-	pr.MergedCommitID = updates[len(updates)-1].NewCommitID
-	pr.MergedUnix = timeutil.TimeStampNow()
-	pr.Merger = pusher
-	pr.MergerID = pusher.ID
-	err = db.WithTx(ctx, func(ctx context.Context) error {
-		// Removing an auto merge pull and ignore if not exist
-		if err := pull_model.DeleteScheduledAutoMerge(ctx, pr.ID); err != nil && !db.IsErrNotExist(err) {
-			return fmt.Errorf("DeleteScheduledAutoMerge[%d]: %v", opts.PullRequestID, err)
-		}
-		if _, err := pull_service.SetMerged(ctx, pr); err != nil {
-			return fmt.Errorf("SetMerged failed: %s/%s Error: %v", ownerName, repoName, err)
-		}
-		return nil
-	})
-	if err != nil {
+	// FIXME: Maybe we need a `PullRequestStatusMerged` status for PRs that are merged, currently we use the previous status
+	// here to keep it as before, that maybe PullRequestStatusMergeable
+	if _, err := pull_service.SetMerged(ctx, pr, updates[len(updates)-1].NewCommitID, timeutil.TimeStampNow(), pusher, pr.Status); err != nil {
 		log.Error("Failed to update PR to merged: %v", err)
 		ctx.JSON(http.StatusInternalServerError, private.HookPostReceiveResult{Err: "Failed to update PR to merged"})
 	}
diff --git a/services/pull/check.go b/services/pull/check.go
index f7aa8eb3695d2..e1adc3ca3bfa2 100644
--- a/services/pull/check.go
+++ b/services/pull/check.go
@@ -282,9 +282,6 @@ func manuallyMerged(ctx context.Context, pr *issues_model.PullRequest) bool {
 		return false
 	}
 
-	pr.MergedCommitID = commit.ID.String()
-	pr.MergedUnix = timeutil.TimeStamp(commit.Author.When.Unix())
-	pr.Status = issues_model.PullRequestStatusManuallyMerged
 	merger, _ := user_model.GetUserByEmail(ctx, commit.Author.Email)
 
 	// When the commit author is unknown set the BaseRepo owner as merger
@@ -297,10 +294,8 @@ func manuallyMerged(ctx context.Context, pr *issues_model.PullRequest) bool {
 		}
 		merger = pr.BaseRepo.Owner
 	}
-	pr.Merger = merger
-	pr.MergerID = merger.ID
 
-	if merged, err := SetMerged(ctx, pr); err != nil {
+	if merged, err := SetMerged(ctx, pr, commit.ID.String(), timeutil.TimeStamp(commit.Author.When.Unix()), merger, issues_model.PullRequestStatusManuallyMerged); err != nil {
 		log.Error("%-v setMerged : %v", pr, err)
 		return false
 	} else if !merged {
diff --git a/services/pull/merge.go b/services/pull/merge.go
index 879fe5a54085f..9c909ef7958b1 100644
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@@ -17,6 +17,7 @@ import (
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	access_model "code.gitea.io/gitea/models/perm/access"
+	pull_model "code.gitea.io/gitea/models/pull"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
 	user_model "code.gitea.io/gitea/models/user"
@@ -632,14 +633,8 @@ func MergedManually(ctx context.Context, pr *issues_model.PullRequest, doer *use
 			return fmt.Errorf("Wrong commit ID")
 		}
 
-		pr.MergedCommitID = commitID
-		pr.MergedUnix = timeutil.TimeStamp(commit.Author.When.Unix())
-		pr.Status = issues_model.PullRequestStatusManuallyMerged
-		pr.Merger = doer
-		pr.MergerID = doer.ID
-
 		var merged bool
-		if merged, err = SetMerged(ctx, pr); err != nil {
+		if merged, err = SetMerged(ctx, pr, commitID, timeutil.TimeStamp(commit.Author.When.Unix()), doer, issues_model.PullRequestStatusManuallyMerged); err != nil {
 			return err
 		} else if !merged {
 			return fmt.Errorf("SetMerged failed")
@@ -658,41 +653,35 @@ func MergedManually(ctx context.Context, pr *issues_model.PullRequest, doer *use
 }
 
 // SetMerged sets a pull request to merged and closes the corresponding issue
-func SetMerged(ctx context.Context, pr *issues_model.PullRequest) (bool, error) {
+func SetMerged(ctx context.Context, pr *issues_model.PullRequest, mergedCommitID string, mergedTimeStamp timeutil.TimeStamp, merger *user_model.User, mergeStatus issues_model.PullRequestStatus) (bool, error) {
 	if pr.HasMerged {
 		return false, fmt.Errorf("PullRequest[%d] already merged", pr.Index)
 	}
-	if pr.MergedCommitID == "" || pr.MergedUnix == 0 || pr.Merger == nil {
-		return false, fmt.Errorf("unable to merge PullRequest[%d], some required fields are empty", pr.Index)
-	}
 
 	pr.HasMerged = true
-	sess := db.GetEngine(ctx)
+	pr.MergedCommitID = mergedCommitID
+	pr.MergedUnix = mergedTimeStamp
+	pr.Merger = merger
+	pr.MergerID = merger.ID
+	pr.Status = mergeStatus
+	// reset the conflicted files as there cannot be any if we're merged
+	pr.ConflictedFiles = []string{}
 
-	if _, err := sess.Exec("UPDATE `issue` SET `repo_id` = `repo_id` WHERE `id` = ?", pr.IssueID); err != nil {
-		return false, err
+	if pr.MergedCommitID == "" || pr.MergedUnix == 0 || pr.Merger == nil {
+		return false, fmt.Errorf("unable to merge PullRequest[%d], some required fields are empty", pr.Index)
 	}
 
-	if _, err := sess.Exec("UPDATE `pull_request` SET `issue_id` = `issue_id` WHERE `id` = ?", pr.ID); err != nil {
+	ctx, committer, err := db.TxContext(ctx)
+	if err != nil {
 		return false, err
 	}
+	defer committer.Close()
 
 	pr.Issue = nil
 	if err := pr.LoadIssue(ctx); err != nil {
 		return false, err
 	}
 
-	if tmpPr, err := issues_model.GetPullRequestByID(ctx, pr.ID); err != nil {
-		return false, err
-	} else if tmpPr.HasMerged {
-		if pr.Issue.IsClosed {
-			return false, nil
-		}
-		return false, fmt.Errorf("PullRequest[%d] already merged but it's associated issue [%d] is not closed", pr.Index, pr.IssueID)
-	} else if pr.Issue.IsClosed {
-		return false, fmt.Errorf("PullRequest[%d] already closed", pr.Index)
-	}
-
 	if err := pr.Issue.LoadRepo(ctx); err != nil {
 		return false, err
 	}
@@ -701,16 +690,28 @@ func SetMerged(ctx context.Context, pr *issues_model.PullRequest) (bool, error)
 		return false, err
 	}
 
-	if _, err := issues_model.ChangeIssueStatus(ctx, pr.Issue, pr.Merger, true, true); err != nil {
-		return false, fmt.Errorf("ChangeIssueStatus: %w", err)
+	// Removing an auto merge pull and ignore if not exist
+	if err := pull_model.DeleteScheduledAutoMerge(ctx, pr.ID); err != nil && !db.IsErrNotExist(err) {
+		return false, fmt.Errorf("DeleteScheduledAutoMerge[%d]: %v", pr.ID, err)
 	}
 
-	// reset the conflicted files as there cannot be any if we're merged
-	pr.ConflictedFiles = []string{}
+	// Set issue as closed
+	if _, err := issues_model.SetIssueAsClosed(ctx, pr.Issue, pr.Merger, true); err != nil {
+		return false, fmt.Errorf("ChangeIssueStatus: %w", err)
+	}
 
 	// We need to save all of the data used to compute this merge as it may have already been changed by TestPatch. FIXME: need to set some state to prevent TestPatch from running whilst we are merging.
-	if _, err := sess.Where("id = ?", pr.ID).Cols("has_merged, status, merge_base, merged_commit_id, merger_id, merged_unix, conflicted_files").Update(pr); err != nil {
+	if cnt, err := db.GetEngine(ctx).Where("id = ?", pr.ID).
+		And("has_merged = ?", false).
+		Cols("has_merged, status, merge_base, merged_commit_id, merger_id, merged_unix, conflicted_files").
+		Update(pr); err != nil {
 		return false, fmt.Errorf("failed to update pr[%d]: %w", pr.ID, err)
+	} else if cnt != 1 {
+		return false, issues_model.ErrIssueAlreadyChanged
+	}
+
+	if err := committer.Commit(); err != nil {
+		return false, err
 	}
 
 	return true, nil
diff --git a/services/pull/pull.go b/services/pull/pull.go
index 85c36bb16aff8..52abf35cec410 100644
--- a/services/pull/pull.go
+++ b/services/pull/pull.go
@@ -265,6 +265,7 @@ func ChangeTargetBranch(ctx context.Context, pr *issues_model.PullRequest, doer
 			ID:     pr.Issue.ID,
 			RepoID: pr.Issue.RepoID,
 			Index:  pr.Issue.Index,
+			IsPull: true,
 		}
 	}
 
@@ -707,7 +708,7 @@ func CloseBranchPulls(ctx context.Context, doer *user_model.User, repoID int64,
 
 	var errs errlist
 	for _, pr := range prs {
-		if err = issue_service.CloseIssue(ctx, pr.Issue, doer, ""); err != nil && !issues_model.IsErrPullWasClosed(err) && !issues_model.IsErrDependenciesLeft(err) {
+		if err = issue_service.CloseIssue(ctx, pr.Issue, doer, ""); err != nil && !issues_model.IsErrIssueIsClosed(err) && !issues_model.IsErrDependenciesLeft(err) {
 			errs = append(errs, err)
 		}
 	}
@@ -741,7 +742,7 @@ func CloseRepoBranchesPulls(ctx context.Context, doer *user_model.User, repo *re
 			if pr.BaseRepoID == repo.ID {
 				continue
 			}
-			if err = issue_service.CloseIssue(ctx, pr.Issue, doer, ""); err != nil && !issues_model.IsErrPullWasClosed(err) {
+			if err = issue_service.CloseIssue(ctx, pr.Issue, doer, ""); err != nil && !issues_model.IsErrIssueIsClosed(err) {
 				errs = append(errs, err)
 			}
 		}

From 386c1ed908dd7291a19fa0185d325f7810ca0b57 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Wed, 8 Jan 2025 11:44:32 +0800
Subject: [PATCH 45/55] Refactor HTMLFormat, update chroma render, fix js error
 (#33136)

A small refactor to improve HTMLFormat, to help to prevent low-level
mistakes.

And fix #33141, fix #33139
---
 go.mod                                         |  2 +-
 go.sum                                         |  8 ++++----
 modules/htmlutil/html.go                       |  4 ++--
 modules/markup/internal/renderinternal.go      |  2 +-
 modules/markup/markdown/math/block_renderer.go |  4 +++-
 modules/markup/orgmode/orgmode.go              |  2 +-
 modules/markup/orgmode/orgmode_test.go         |  4 ++--
 modules/templates/helper.go                    | 16 +++++++++++++++-
 modules/templates/helper_test.go               |  3 +--
 web_src/js/features/common-button.ts           |  3 ++-
 web_src/js/utils.test.ts                       |  1 +
 web_src/js/utils.ts                            |  2 +-
 12 files changed, 34 insertions(+), 17 deletions(-)

diff --git a/go.mod b/go.mod
index 0ed4961280f96..99069ec131fae 100644
--- a/go.mod
+++ b/go.mod
@@ -27,7 +27,7 @@ require (
 	github.com/ProtonMail/go-crypto v1.1.4
 	github.com/PuerkitoBio/goquery v1.10.0
 	github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3
-	github.com/alecthomas/chroma/v2 v2.14.0
+	github.com/alecthomas/chroma/v2 v2.15.0
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.42
 	github.com/aws/aws-sdk-go-v2/service/codecommit v1.27.3
 	github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb
diff --git a/go.sum b/go.sum
index 7c7dd0ea244c6..d2383601c23b9 100644
--- a/go.sum
+++ b/go.sum
@@ -81,11 +81,11 @@ github.com/RoaringBitmap/roaring v1.9.4 h1:yhEIoH4YezLYT04s1nHehNO64EKFTop/wBhxv
 github.com/RoaringBitmap/roaring v1.9.4/go.mod h1:6AXUsoIEzDTFFQCe1RbGA6uFONMhvejWj5rqITANK90=
 github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3 h1:BP0HiyNT3AQEYi+if3wkRcIdQFHtsw6xX3Kx0glckgA=
 github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3/go.mod h1:hMNtySovKkn2gdDuLqnqveP+mfhUSaBdoBcr2I7Zt0E=
-github.com/alecthomas/assert/v2 v2.7.0 h1:QtqSACNS3tF7oasA8CU6A6sXZSBDqnm7RfpLl9bZqbE=
-github.com/alecthomas/assert/v2 v2.7.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
+github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
+github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
 github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
-github.com/alecthomas/chroma/v2 v2.14.0 h1:R3+wzpnUArGcQz7fCETQBzO5n9IMNi13iIs46aU4V9E=
-github.com/alecthomas/chroma/v2 v2.14.0/go.mod h1:QolEbTfmUHIMVpBqxeDnNBj2uoeI4EbYP4i6n68SG4I=
+github.com/alecthomas/chroma/v2 v2.15.0 h1:LxXTQHFoYrstG2nnV9y2X5O94sOBzf0CIUpSTbpxvMc=
+github.com/alecthomas/chroma/v2 v2.15.0/go.mod h1:gUhVLrPDXPtp/f+L1jo9xepo9gL4eLwRuGAunSZMkio=
 github.com/alecthomas/repr v0.0.0-20220113201626-b1b626ac65ae/go.mod h1:2kn6fqh/zIyPLmm3ugklbEi5hg5wS435eygvNfaDQL8=
 github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc=
 github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4=
diff --git a/modules/htmlutil/html.go b/modules/htmlutil/html.go
index 9b5f5a92d89a8..0ab0e71689d3d 100644
--- a/modules/htmlutil/html.go
+++ b/modules/htmlutil/html.go
@@ -30,7 +30,7 @@ func ParseSizeAndClass(defaultSize int, defaultClass string, others ...any) (int
 	return size, class
 }
 
-func HTMLFormat(s string, rawArgs ...any) template.HTML {
+func HTMLFormat(s template.HTML, rawArgs ...any) template.HTML {
 	args := slices.Clone(rawArgs)
 	for i, v := range args {
 		switch v := v.(type) {
@@ -44,5 +44,5 @@ func HTMLFormat(s string, rawArgs ...any) template.HTML {
 			args[i] = template.HTMLEscapeString(fmt.Sprint(v))
 		}
 	}
-	return template.HTML(fmt.Sprintf(s, args...))
+	return template.HTML(fmt.Sprintf(string(s), args...))
 }
diff --git a/modules/markup/internal/renderinternal.go b/modules/markup/internal/renderinternal.go
index 4d58f160a9288..7a3e37b120f82 100644
--- a/modules/markup/internal/renderinternal.go
+++ b/modules/markup/internal/renderinternal.go
@@ -76,7 +76,7 @@ func (r *RenderInternal) ProtectSafeAttrs(content template.HTML) template.HTML {
 	return template.HTML(reAttrClass().ReplaceAllString(string(content), `$1 data-attr-class="`+r.secureIDPrefix+`$2"$3`))
 }
 
-func (r *RenderInternal) FormatWithSafeAttrs(w io.Writer, fmt string, a ...any) error {
+func (r *RenderInternal) FormatWithSafeAttrs(w io.Writer, fmt template.HTML, a ...any) error {
 	_, err := w.Write([]byte(r.ProtectSafeAttrs(htmlutil.HTMLFormat(fmt, a...))))
 	return err
 }
diff --git a/modules/markup/markdown/math/block_renderer.go b/modules/markup/markdown/math/block_renderer.go
index c29f061882180..412e4d0dee6c2 100644
--- a/modules/markup/markdown/math/block_renderer.go
+++ b/modules/markup/markdown/math/block_renderer.go
@@ -4,6 +4,8 @@
 package math
 
 import (
+	"html/template"
+
 	"code.gitea.io/gitea/modules/markup/internal"
 	giteaUtil "code.gitea.io/gitea/modules/util"
 
@@ -50,7 +52,7 @@ func (r *BlockRenderer) renderBlock(w util.BufWriter, source []byte, node gast.N
 	n := node.(*Block)
 	if entering {
 		code := giteaUtil.Iif(n.Inline, "", `<pre class="code-block is-loading">`) + `<code class="language-math display">`
-		_ = r.renderInternal.FormatWithSafeAttrs(w, code)
+		_ = r.renderInternal.FormatWithSafeAttrs(w, template.HTML(code))
 		r.writeLines(w, source, n)
 	} else {
 		_, _ = w.WriteString(`</code>` + giteaUtil.Iif(n.Inline, "", `</pre>`) + "\n")
diff --git a/modules/markup/orgmode/orgmode.go b/modules/markup/orgmode/orgmode.go
index c6cc3340000f6..70d02c132161f 100644
--- a/modules/markup/orgmode/orgmode.go
+++ b/modules/markup/orgmode/orgmode.go
@@ -147,7 +147,7 @@ func (r *orgWriter) resolveLink(kind, link string) string {
 func (r *orgWriter) WriteRegularLink(l org.RegularLink) {
 	link := r.resolveLink(l.Kind(), l.URL)
 
-	printHTML := func(html string, a ...any) {
+	printHTML := func(html template.HTML, a ...any) {
 		_, _ = fmt.Fprint(r, htmlutil.HTMLFormat(html, a...))
 	}
 	// Inspired by https://github.com/niklasfasching/go-org/blob/6eb20dbda93cb88c3503f7508dc78cbbc639378f/org/html_writer.go#L406-L427
diff --git a/modules/markup/orgmode/orgmode_test.go b/modules/markup/orgmode/orgmode_test.go
index e3cc05b4f022c..de39bafebeabe 100644
--- a/modules/markup/orgmode/orgmode_test.go
+++ b/modules/markup/orgmode/orgmode_test.go
@@ -103,8 +103,8 @@ func HelloWorld() {
 }
 #+end_src
 `, `<div class="src src-go">
-<pre><code class="chroma language-go"><span class="c1">// HelloWorld prints &#34;Hello World&#34;
-</span><span class="c1"></span><span class="kd">func</span> <span class="nf">HelloWorld</span><span class="p">()</span> <span class="p">{</span>
+<pre><code class="chroma language-go"><span class="c1">// HelloWorld prints &#34;Hello World&#34;</span>
+<span class="kd">func</span> <span class="nf">HelloWorld</span><span class="p">()</span> <span class="p">{</span>
 	<span class="nx">fmt</span><span class="p">.</span><span class="nf">Println</span><span class="p">(</span><span class="s">&#34;Hello World&#34;</span><span class="p">)</span>
 <span class="p">}</span></code></pre>
 </div>`)
diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index 48d3a8ff89aed..609407d36b539 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -38,7 +38,7 @@ func NewFuncMap() template.FuncMap {
 		"Iif":          iif,
 		"Eval":         evalTokens,
 		"SafeHTML":     safeHTML,
-		"HTMLFormat":   htmlutil.HTMLFormat,
+		"HTMLFormat":   htmlFormat,
 		"HTMLEscape":   htmlEscape,
 		"QueryEscape":  queryEscape,
 		"QueryBuild":   QueryBuild,
@@ -207,6 +207,20 @@ func htmlEscape(s any) template.HTML {
 	panic(fmt.Sprintf("unexpected type %T", s))
 }
 
+func htmlFormat(s any, args ...any) template.HTML {
+	if len(args) == 0 {
+		// to prevent developers from calling "HTMLFormat $userInput" by mistake which will lead to XSS
+		panic("missing arguments for HTMLFormat")
+	}
+	switch v := s.(type) {
+	case string:
+		return htmlutil.HTMLFormat(template.HTML(v), args...)
+	case template.HTML:
+		return htmlutil.HTMLFormat(v, args...)
+	}
+	panic(fmt.Sprintf("unexpected type %T", s))
+}
+
 func jsEscapeSafe(s string) template.HTML {
 	return template.HTML(template.JSEscapeString(s))
 }
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go
index e35e8a28f86ed..5d7bc93622be2 100644
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -8,7 +8,6 @@ import (
 	"strings"
 	"testing"
 
-	"code.gitea.io/gitea/modules/htmlutil"
 	"code.gitea.io/gitea/modules/util"
 
 	"github.com/stretchr/testify/assert"
@@ -88,7 +87,7 @@ func TestTemplateIif(t *testing.T) {
 func TestTemplateEscape(t *testing.T) {
 	execTmpl := func(code string) string {
 		tmpl := template.New("test")
-		tmpl.Funcs(template.FuncMap{"QueryBuild": QueryBuild, "HTMLFormat": htmlutil.HTMLFormat})
+		tmpl.Funcs(template.FuncMap{"QueryBuild": QueryBuild, "HTMLFormat": htmlFormat})
 		template.Must(tmpl.Parse(code))
 		w := &strings.Builder{}
 		assert.NoError(t, tmpl.Execute(w, nil))
diff --git a/web_src/js/features/common-button.ts b/web_src/js/features/common-button.ts
index acce992b902d3..3162557b9b21f 100644
--- a/web_src/js/features/common-button.ts
+++ b/web_src/js/features/common-button.ts
@@ -17,7 +17,8 @@ export function initGlobalDeleteButton(): void {
   // Some model/form elements will be filled by `data-id` / `data-name` / `data-data-xxx` attributes.
   // If there is a form defined by `data-form`, then the form will be submitted as-is (without any modification).
   // If there is no form, then the data will be posted to `data-url`.
-  // TODO: it's not encouraged to use this method. `show-modal` does far better than this.
+  // TODO: do not use this method in new code. `show-modal` / `link-action(data-modal-confirm)` does far better than this.
+  // FIXME: all legacy `delete-button` should be refactored to use `show-modal` or `link-action`
   for (const btn of document.querySelectorAll<HTMLElement>('.delete-button')) {
     btn.addEventListener('click', (e) => {
       e.preventDefault();
diff --git a/web_src/js/utils.test.ts b/web_src/js/utils.test.ts
index bbe328f658df0..b527111533ff4 100644
--- a/web_src/js/utils.test.ts
+++ b/web_src/js/utils.test.ts
@@ -50,6 +50,7 @@ test('parseIssueNewHref', () => {
   expect(parseIssueNewHref('/owner/repo/issues/new?query')).toEqual({ownerName: 'owner', repoName: 'repo', pathType: 'issues'});
   expect(parseIssueNewHref('/sub/owner/repo/issues/new#hash')).toEqual({ownerName: 'owner', repoName: 'repo', pathType: 'issues'});
   expect(parseIssueNewHref('/sub/owner/repo/compare/feature/branch-1...fix/branch-2')).toEqual({ownerName: 'owner', repoName: 'repo', pathType: 'pulls'});
+  expect(parseIssueNewHref('/other')).toEqual({});
 });
 
 test('parseUrl', () => {
diff --git a/web_src/js/utils.ts b/web_src/js/utils.ts
index efa144c3c762f..2a2bdc60f9577 100644
--- a/web_src/js/utils.ts
+++ b/web_src/js/utils.ts
@@ -40,7 +40,7 @@ export function parseIssueHref(href: string): IssuePathInfo {
 export function parseIssueNewHref(href: string): IssuePathInfo {
   const path = (href || '').replace(/[#?].*$/, '');
   const [_, ownerName, repoName, pathTypeField] = /([^/]+)\/([^/]+)\/(issues\/new|compare\/.+\.\.\.)/.exec(path) || [];
-  const pathType = pathTypeField.startsWith('issues/new') ? 'issues' : 'pulls';
+  const pathType = pathTypeField ? (pathTypeField.startsWith('issues/new') ? 'issues' : 'pulls') : undefined;
   return {ownerName, repoName, pathType};
 }
 

From 124079871b4350eb1d2e6f9c12267b97be1ae5f8 Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Wed, 8 Jan 2025 14:10:43 +0900
Subject: [PATCH 46/55] Convert github.com/xanzy/go-gitlab into
 gitlab.com/gitlab-org/api/client-go (#33126)

Fix #32985
---
 assets/go-licenses.json            | 10 +++++-----
 go.mod                             |  8 ++++----
 go.sum                             | 16 ++++++++--------
 services/migrations/gitlab.go      |  2 +-
 services/migrations/gitlab_test.go |  2 +-
 5 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/assets/go-licenses.json b/assets/go-licenses.json
index 60e39b6694d02..a20494184bd40 100644
--- a/assets/go-licenses.json
+++ b/assets/go-licenses.json
@@ -1094,11 +1094,6 @@
     "path": "github.com/x448/float16/LICENSE",
     "licenseText": "MIT License\n\nCopyright (c) 2019 Montgomery Edwards⁴⁴⁸ and Faye Amacker\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n\n"
   },
-  {
-    "name": "github.com/xanzy/go-gitlab",
-    "path": "github.com/xanzy/go-gitlab/LICENSE",
-    "licenseText": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"{}\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright {yyyy} {name of copyright owner}\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
-  },
   {
     "name": "github.com/xanzy/ssh-agent",
     "path": "github.com/xanzy/ssh-agent/LICENSE",
@@ -1134,6 +1129,11 @@
     "path": "github.com/zeebo/blake3/LICENSE",
     "licenseText": "This work is released into the public domain with CC0 1.0.\n\n-------------------------------------------------------------------------------\n\nCreative Commons Legal Code\n\nCC0 1.0 Universal\n\n    CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE\n    LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN\n    ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS\n    INFORMATION ON AN \"AS-IS\" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES\n    REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS\n    PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM\n    THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED\n    HEREUNDER.\n\nStatement of Purpose\n\nThe laws of most jurisdictions throughout the world automatically confer\nexclusive Copyright and Related Rights (defined below) upon the creator\nand subsequent owner(s) (each and all, an \"owner\") of an original work of\nauthorship and/or a database (each, a \"Work\").\n\nCertain owners wish to permanently relinquish those rights to a Work for\nthe purpose of contributing to a commons of creative, cultural and\nscientific works (\"Commons\") that the public can reliably and without fear\nof later claims of infringement build upon, modify, incorporate in other\nworks, reuse and redistribute as freely as possible in any form whatsoever\nand for any purposes, including without limitation commercial purposes.\nThese owners may contribute to the Commons to promote the ideal of a free\nculture and the further production of creative, cultural and scientific\nworks, or to gain reputation or greater distribution for their Work in\npart through the use and efforts of others.\n\nFor these and/or other purposes and motivations, and without any\nexpectation of additional consideration or compensation, the person\nassociating CC0 with a Work (the \"Affirmer\"), to the extent that he or she\nis an owner of Copyright and Related Rights in the Work, voluntarily\nelects to apply CC0 to the Work and publicly distribute the Work under its\nterms, with knowledge of his or her Copyright and Related Rights in the\nWork and the meaning and intended legal effect of CC0 on those rights.\n\n1. Copyright and Related Rights. A Work made available under CC0 may be\nprotected by copyright and related or neighboring rights (\"Copyright and\nRelated Rights\"). Copyright and Related Rights include, but are not\nlimited to, the following:\n\n  i. the right to reproduce, adapt, distribute, perform, display,\n     communicate, and translate a Work;\n ii. moral rights retained by the original author(s) and/or performer(s);\niii. publicity and privacy rights pertaining to a person's image or\n     likeness depicted in a Work;\n iv. rights protecting against unfair competition in regards to a Work,\n     subject to the limitations in paragraph 4(a), below;\n  v. rights protecting the extraction, dissemination, use and reuse of data\n     in a Work;\n vi. database rights (such as those arising under Directive 96/9/EC of the\n     European Parliament and of the Council of 11 March 1996 on the legal\n     protection of databases, and under any national implementation\n     thereof, including any amended or successor version of such\n     directive); and\nvii. other similar, equivalent or corresponding rights throughout the\n     world based on applicable law or treaty, and any national\n     implementations thereof.\n\n2. Waiver. To the greatest extent permitted by, but not in contravention\nof, applicable law, Affirmer hereby overtly, fully, permanently,\nirrevocably and unconditionally waives, abandons, and surrenders all of\nAffirmer's Copyright and Related Rights and associated claims and causes\nof action, whether now known or unknown (including existing as well as\nfuture claims and causes of action), in the Work (i) in all territories\nworldwide, (ii) for the maximum duration provided by applicable law or\ntreaty (including future time extensions), (iii) in any current or future\nmedium and for any number of copies, and (iv) for any purpose whatsoever,\nincluding without limitation commercial, advertising or promotional\npurposes (the \"Waiver\"). Affirmer makes the Waiver for the benefit of each\nmember of the public at large and to the detriment of Affirmer's heirs and\nsuccessors, fully intending that such Waiver shall not be subject to\nrevocation, rescission, cancellation, termination, or any other legal or\nequitable action to disrupt the quiet enjoyment of the Work by the public\nas contemplated by Affirmer's express Statement of Purpose.\n\n3. Public License Fallback. Should any part of the Waiver for any reason\nbe judged legally invalid or ineffective under applicable law, then the\nWaiver shall be preserved to the maximum extent permitted taking into\naccount Affirmer's express Statement of Purpose. In addition, to the\nextent the Waiver is so judged Affirmer hereby grants to each affected\nperson a royalty-free, non transferable, non sublicensable, non exclusive,\nirrevocable and unconditional license to exercise Affirmer's Copyright and\nRelated Rights in the Work (i) in all territories worldwide, (ii) for the\nmaximum duration provided by applicable law or treaty (including future\ntime extensions), (iii) in any current or future medium and for any number\nof copies, and (iv) for any purpose whatsoever, including without\nlimitation commercial, advertising or promotional purposes (the\n\"License\"). The License shall be deemed effective as of the date CC0 was\napplied by Affirmer to the Work. Should any part of the License for any\nreason be judged legally invalid or ineffective under applicable law, such\npartial invalidity or ineffectiveness shall not invalidate the remainder\nof the License, and in such case Affirmer hereby affirms that he or she\nwill not (i) exercise any of his or her remaining Copyright and Related\nRights in the Work or (ii) assert any associated claims and causes of\naction with respect to the Work, in either case contrary to Affirmer's\nexpress Statement of Purpose.\n\n4. Limitations and Disclaimers.\n\n a. No trademark or patent rights held by Affirmer are waived, abandoned,\n    surrendered, licensed or otherwise affected by this document.\n b. Affirmer offers the Work as-is and makes no representations or\n    warranties of any kind concerning the Work, express, implied,\n    statutory or otherwise, including without limitation warranties of\n    title, merchantability, fitness for a particular purpose, non\n    infringement, or the absence of latent or other defects, accuracy, or\n    the present or absence of errors, whether or not discoverable, all to\n    the greatest extent permissible under applicable law.\n c. Affirmer disclaims responsibility for clearing rights of other persons\n    that may apply to the Work or any use thereof, including without\n    limitation any person's Copyright and Related Rights in the Work.\n    Further, Affirmer disclaims responsibility for obtaining any necessary\n    consents, permissions or other rights required for any use of the\n    Work.\n d. Affirmer understands and acknowledges that Creative Commons is not a\n    party to this document and has no duty or obligation with respect to\n    this CC0 or use of the Work.\n"
   },
+  {
+    "name": "gitlab.com/gitlab-org/api/client-go",
+    "path": "gitlab.com/gitlab-org/api/client-go/LICENSE",
+    "licenseText": "                                 Apache License\n                           Version 2.0, January 2004\n                        http://www.apache.org/licenses/\n\n   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION\n\n   1. Definitions.\n\n      \"License\" shall mean the terms and conditions for use, reproduction,\n      and distribution as defined by Sections 1 through 9 of this document.\n\n      \"Licensor\" shall mean the copyright owner or entity authorized by\n      the copyright owner that is granting the License.\n\n      \"Legal Entity\" shall mean the union of the acting entity and all\n      other entities that control, are controlled by, or are under common\n      control with that entity. For the purposes of this definition,\n      \"control\" means (i) the power, direct or indirect, to cause the\n      direction or management of such entity, whether by contract or\n      otherwise, or (ii) ownership of fifty percent (50%) or more of the\n      outstanding shares, or (iii) beneficial ownership of such entity.\n\n      \"You\" (or \"Your\") shall mean an individual or Legal Entity\n      exercising permissions granted by this License.\n\n      \"Source\" form shall mean the preferred form for making modifications,\n      including but not limited to software source code, documentation\n      source, and configuration files.\n\n      \"Object\" form shall mean any form resulting from mechanical\n      transformation or translation of a Source form, including but\n      not limited to compiled object code, generated documentation,\n      and conversions to other media types.\n\n      \"Work\" shall mean the work of authorship, whether in Source or\n      Object form, made available under the License, as indicated by a\n      copyright notice that is included in or attached to the work\n      (an example is provided in the Appendix below).\n\n      \"Derivative Works\" shall mean any work, whether in Source or Object\n      form, that is based on (or derived from) the Work and for which the\n      editorial revisions, annotations, elaborations, or other modifications\n      represent, as a whole, an original work of authorship. For the purposes\n      of this License, Derivative Works shall not include works that remain\n      separable from, or merely link (or bind by name) to the interfaces of,\n      the Work and Derivative Works thereof.\n\n      \"Contribution\" shall mean any work of authorship, including\n      the original version of the Work and any modifications or additions\n      to that Work or Derivative Works thereof, that is intentionally\n      submitted to Licensor for inclusion in the Work by the copyright owner\n      or by an individual or Legal Entity authorized to submit on behalf of\n      the copyright owner. For the purposes of this definition, \"submitted\"\n      means any form of electronic, verbal, or written communication sent\n      to the Licensor or its representatives, including but not limited to\n      communication on electronic mailing lists, source code control systems,\n      and issue tracking systems that are managed by, or on behalf of, the\n      Licensor for the purpose of discussing and improving the Work, but\n      excluding communication that is conspicuously marked or otherwise\n      designated in writing by the copyright owner as \"Not a Contribution.\"\n\n      \"Contributor\" shall mean Licensor and any individual or Legal Entity\n      on behalf of whom a Contribution has been received by Licensor and\n      subsequently incorporated within the Work.\n\n   2. Grant of Copyright License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      copyright license to reproduce, prepare Derivative Works of,\n      publicly display, publicly perform, sublicense, and distribute the\n      Work and such Derivative Works in Source or Object form.\n\n   3. Grant of Patent License. Subject to the terms and conditions of\n      this License, each Contributor hereby grants to You a perpetual,\n      worldwide, non-exclusive, no-charge, royalty-free, irrevocable\n      (except as stated in this section) patent license to make, have made,\n      use, offer to sell, sell, import, and otherwise transfer the Work,\n      where such license applies only to those patent claims licensable\n      by such Contributor that are necessarily infringed by their\n      Contribution(s) alone or by combination of their Contribution(s)\n      with the Work to which such Contribution(s) was submitted. If You\n      institute patent litigation against any entity (including a\n      cross-claim or counterclaim in a lawsuit) alleging that the Work\n      or a Contribution incorporated within the Work constitutes direct\n      or contributory patent infringement, then any patent licenses\n      granted to You under this License for that Work shall terminate\n      as of the date such litigation is filed.\n\n   4. Redistribution. You may reproduce and distribute copies of the\n      Work or Derivative Works thereof in any medium, with or without\n      modifications, and in Source or Object form, provided that You\n      meet the following conditions:\n\n      (a) You must give any other recipients of the Work or\n          Derivative Works a copy of this License; and\n\n      (b) You must cause any modified files to carry prominent notices\n          stating that You changed the files; and\n\n      (c) You must retain, in the Source form of any Derivative Works\n          that You distribute, all copyright, patent, trademark, and\n          attribution notices from the Source form of the Work,\n          excluding those notices that do not pertain to any part of\n          the Derivative Works; and\n\n      (d) If the Work includes a \"NOTICE\" text file as part of its\n          distribution, then any Derivative Works that You distribute must\n          include a readable copy of the attribution notices contained\n          within such NOTICE file, excluding those notices that do not\n          pertain to any part of the Derivative Works, in at least one\n          of the following places: within a NOTICE text file distributed\n          as part of the Derivative Works; within the Source form or\n          documentation, if provided along with the Derivative Works; or,\n          within a display generated by the Derivative Works, if and\n          wherever such third-party notices normally appear. The contents\n          of the NOTICE file are for informational purposes only and\n          do not modify the License. You may add Your own attribution\n          notices within Derivative Works that You distribute, alongside\n          or as an addendum to the NOTICE text from the Work, provided\n          that such additional attribution notices cannot be construed\n          as modifying the License.\n\n      You may add Your own copyright statement to Your modifications and\n      may provide additional or different license terms and conditions\n      for use, reproduction, or distribution of Your modifications, or\n      for any such Derivative Works as a whole, provided Your use,\n      reproduction, and distribution of the Work otherwise complies with\n      the conditions stated in this License.\n\n   5. Submission of Contributions. Unless You explicitly state otherwise,\n      any Contribution intentionally submitted for inclusion in the Work\n      by You to the Licensor shall be under the terms and conditions of\n      this License, without any additional terms or conditions.\n      Notwithstanding the above, nothing herein shall supersede or modify\n      the terms of any separate license agreement you may have executed\n      with Licensor regarding such Contributions.\n\n   6. Trademarks. This License does not grant permission to use the trade\n      names, trademarks, service marks, or product names of the Licensor,\n      except as required for reasonable and customary use in describing the\n      origin of the Work and reproducing the content of the NOTICE file.\n\n   7. Disclaimer of Warranty. Unless required by applicable law or\n      agreed to in writing, Licensor provides the Work (and each\n      Contributor provides its Contributions) on an \"AS IS\" BASIS,\n      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or\n      implied, including, without limitation, any warranties or conditions\n      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A\n      PARTICULAR PURPOSE. You are solely responsible for determining the\n      appropriateness of using or redistributing the Work and assume any\n      risks associated with Your exercise of permissions under this License.\n\n   8. Limitation of Liability. In no event and under no legal theory,\n      whether in tort (including negligence), contract, or otherwise,\n      unless required by applicable law (such as deliberate and grossly\n      negligent acts) or agreed to in writing, shall any Contributor be\n      liable to You for damages, including any direct, indirect, special,\n      incidental, or consequential damages of any character arising as a\n      result of this License or out of the use or inability to use the\n      Work (including but not limited to damages for loss of goodwill,\n      work stoppage, computer failure or malfunction, or any and all\n      other commercial damages or losses), even if such Contributor\n      has been advised of the possibility of such damages.\n\n   9. Accepting Warranty or Additional Liability. While redistributing\n      the Work or Derivative Works thereof, You may choose to offer,\n      and charge a fee for, acceptance of support, warranty, indemnity,\n      or other liability obligations and/or rights consistent with this\n      License. However, in accepting such obligations, You may act only\n      on Your own behalf and on Your sole responsibility, not on behalf\n      of any other Contributor, and only if You agree to indemnify,\n      defend, and hold each Contributor harmless for any liability\n      incurred by, or claims asserted against, such Contributor by reason\n      of your accepting any such warranty or additional liability.\n\n   END OF TERMS AND CONDITIONS\n\n   APPENDIX: How to apply the Apache License to your work.\n\n      To apply the Apache License to your work, attach the following\n      boilerplate notice, with the fields enclosed by brackets \"{}\"\n      replaced with your own identifying information. (Don't include\n      the brackets!)  The text should be enclosed in the appropriate\n      comment syntax for the file format. We also recommend that a\n      file or class name and description of purpose be included on the\n      same \"printed page\" as the copyright notice for easier\n      identification within third-party archives.\n\n   Copyright {yyyy} {name of copyright owner}\n\n   Licensed under the Apache License, Version 2.0 (the \"License\");\n   you may not use this file except in compliance with the License.\n   You may obtain a copy of the License at\n\n       http://www.apache.org/licenses/LICENSE-2.0\n\n   Unless required by applicable law or agreed to in writing, software\n   distributed under the License is distributed on an \"AS IS\" BASIS,\n   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n   See the License for the specific language governing permissions and\n   limitations under the License.\n"
+  },
   {
     "name": "go.etcd.io/bbolt",
     "path": "go.etcd.io/bbolt/LICENSE",
diff --git a/go.mod b/go.mod
index 99069ec131fae..0ee4257f13061 100644
--- a/go.mod
+++ b/go.mod
@@ -112,22 +112,22 @@ require (
 	github.com/ulikunitz/xz v0.5.12
 	github.com/urfave/cli/v2 v2.27.5
 	github.com/wneessen/go-mail v0.5.2
-	github.com/xanzy/go-gitlab v0.112.0
 	github.com/xeipuuv/gojsonschema v1.2.0
 	github.com/yohcop/openid-go v1.0.1
 	github.com/yuin/goldmark v1.7.8
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
 	github.com/yuin/goldmark-meta v1.1.0
+	gitlab.com/gitlab-org/api/client-go v0.119.0
 	golang.org/x/crypto v0.32.0
 	golang.org/x/image v0.21.0
 	golang.org/x/net v0.34.0
-	golang.org/x/oauth2 v0.23.0
+	golang.org/x/oauth2 v0.24.0
 	golang.org/x/sync v0.10.0
 	golang.org/x/sys v0.29.0
 	golang.org/x/text v0.21.0
 	golang.org/x/tools v0.29.0
 	google.golang.org/grpc v1.67.1
-	google.golang.org/protobuf v1.35.1
+	google.golang.org/protobuf v1.36.0
 	gopkg.in/ini.v1 v1.67.0
 	gopkg.in/yaml.v3 v3.0.1
 	mvdan.cc/xurls/v2 v2.5.0
@@ -306,7 +306,7 @@ require (
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect
 	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/time v0.7.0 // indirect
+	golang.org/x/time v0.8.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20241021214115-324edc3d5d38 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
diff --git a/go.sum b/go.sum
index d2383601c23b9..c145fa6beb989 100644
--- a/go.sum
+++ b/go.sum
@@ -766,8 +766,6 @@ github.com/wneessen/go-mail v0.5.2 h1:MZKwgHJoRboLJ+EHMLuHpZc95wo+u1xViL/4XSswDT
 github.com/wneessen/go-mail v0.5.2/go.mod h1:kRroJvEq2hOSEPFRiKjN7Csrz0G1w+RpiGR3b6yo+Ck=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
-github.com/xanzy/go-gitlab v0.112.0 h1:6Z0cqEooCvBMfBIHw+CgO4AKGRV8na/9781xOb0+DKw=
-github.com/xanzy/go-gitlab v0.112.0/go.mod h1:wKNKh3GkYDMOsGmnfuX+ITCmDuSDWFO0G+C4AygL9RY=
 github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
 github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
@@ -802,6 +800,8 @@ github.com/zeebo/blake3 v0.2.4 h1:KYQPkhpRtcqh0ssGYcKLG1JYvddkEA8QwCM/yBqhaZI=
 github.com/zeebo/blake3 v0.2.4/go.mod h1:7eeQ6d2iXWRGF6npfaxl2CU+xy2Fjo2gxeyZGCRUjcE=
 github.com/zeebo/pcg v1.0.1 h1:lyqfGeWiv4ahac6ttHs+I5hwtH/+1mrhlCtVNQM2kHo=
 github.com/zeebo/pcg v1.0.1/go.mod h1:09F0S9iiKrwn9rlI5yjLkmrug154/YRW6KnnXVDM/l4=
+gitlab.com/gitlab-org/api/client-go v0.119.0 h1:YBZyx9XUTtEDBBYtY36cZWz6JmT7om/8HPSk37IS95g=
+gitlab.com/gitlab-org/api/client-go v0.119.0/go.mod h1:ygHmS3AU3TpvK+AC6DYO1QuAxLlv6yxYK+/Votr/WFQ=
 go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
 go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
@@ -867,8 +867,8 @@ golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
 golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
-golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
-golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
+golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
+golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -942,8 +942,8 @@ golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
 golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
-golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
+golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
@@ -970,8 +970,8 @@ google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQ
 google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
 google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
 google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
-google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.0 h1:mjIs9gYtt56AzC4ZaffQuh88TZurBGhIJMBZGSxNerQ=
+google.golang.org/protobuf v1.36.0/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/services/migrations/gitlab.go b/services/migrations/gitlab.go
index 295bc7c29f517..07d5040b5b364 100644
--- a/services/migrations/gitlab.go
+++ b/services/migrations/gitlab.go
@@ -21,7 +21,7 @@ import (
 	base "code.gitea.io/gitea/modules/migration"
 	"code.gitea.io/gitea/modules/structs"
 
-	"github.com/xanzy/go-gitlab"
+	gitlab "gitlab.com/gitlab-org/api/client-go"
 )
 
 var (
diff --git a/services/migrations/gitlab_test.go b/services/migrations/gitlab_test.go
index eccfc4def1fc2..556fe771c5d84 100644
--- a/services/migrations/gitlab_test.go
+++ b/services/migrations/gitlab_test.go
@@ -17,7 +17,7 @@ import (
 	base "code.gitea.io/gitea/modules/migration"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/xanzy/go-gitlab"
+	gitlab "gitlab.com/gitlab-org/api/client-go"
 )
 
 func TestGitlabDownloadRepo(t *testing.T) {

From 9c00e065a117921196f0e0695ceba59546a467b2 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Wed, 8 Jan 2025 23:57:18 +0800
Subject: [PATCH 47/55] Fix form width (#33151)

Fix #33150
---
 templates/org/create.tmpl                     |  84 ++--
 templates/repo/create.tmpl                    | 366 +++++++++---------
 templates/repo/migrate/codebase.tmpl          | 190 +++++----
 templates/repo/migrate/codecommit.tmpl        | 190 +++++----
 templates/repo/migrate/git.tmpl               | 148 ++++---
 templates/repo/migrate/gitbucket.tmpl         | 212 +++++-----
 templates/repo/migrate/gitea.tmpl             | 204 +++++-----
 templates/repo/migrate/github.tmpl            | 208 +++++-----
 templates/repo/migrate/gitlab.tmpl            | 202 +++++-----
 templates/repo/migrate/gogs.tmpl              | 208 +++++-----
 templates/repo/migrate/onedev.tmpl            | 190 +++++----
 templates/repo/pulls/fork.tmpl                | 144 ++++---
 .../user/auth/signup_openid_connect.tmpl      |  58 +--
 web_src/css/form.css                          |   1 +
 web_src/css/modules/container.css             |   3 +
 15 files changed, 1194 insertions(+), 1214 deletions(-)

diff --git a/templates/org/create.tmpl b/templates/org/create.tmpl
index 2f19fd817f449..7934d5b722d8f 100644
--- a/templates/org/create.tmpl
+++ b/templates/org/create.tmpl
@@ -1,54 +1,52 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content organization new org">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			{{template "base/alert" .}}
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "new_org"}}
-			</h3>
-			<div class="ui attached segment">
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_OrgName}}error{{end}}">
-						<label for="org_name">{{ctx.Locale.Tr "org.org_name_holder"}}</label>
-						<input id="org_name" name="org_name" value="{{.org_name}}" autofocus required maxlength="40">
-						<span class="help">{{ctx.Locale.Tr "org.org_name_helper"}}</span>
-					</div>
+	<div class="ui container medium-width">
+		{{template "base/alert" .}}
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "new_org"}}
+		</h3>
+		<div class="ui attached segment">
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_OrgName}}error{{end}}">
+					<label for="org_name">{{ctx.Locale.Tr "org.org_name_holder"}}</label>
+					<input id="org_name" name="org_name" value="{{.org_name}}" autofocus required maxlength="40">
+					<span class="help">{{ctx.Locale.Tr "org.org_name_helper"}}</span>
+				</div>
 
-					<div class="inline field required {{if .Err_OrgVisibility}}error{{end}}">
-						<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
-						<div class="inline-right">
-							<div class="ui radio checkbox">
-								<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if .DefaultOrgVisibilityMode.IsPublic}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
-							</div>
-							<div class="ui radio checkbox">
-								<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if .DefaultOrgVisibilityMode.IsLimited}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "org.settings.visibility.limited"}}</label>
-							</div>
-							<div class="ui radio checkbox">
-								<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if .DefaultOrgVisibilityMode.IsPrivate}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "org.settings.visibility.private"}}</label>
-							</div>
+				<div class="inline field required {{if .Err_OrgVisibility}}error{{end}}">
+					<label for="visibility">{{ctx.Locale.Tr "org.settings.visibility"}}</label>
+					<div class="inline-right">
+						<div class="ui radio checkbox">
+							<input class="enable-system-radio" name="visibility" type="radio" value="0" {{if .DefaultOrgVisibilityMode.IsPublic}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "org.settings.visibility.public"}}</label>
 						</div>
-					</div>
-
-					<div class="inline field" id="permission_box">
-						<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
-						<div class="ui checkbox">
-							<input type="checkbox" name="repo_admin_change_team_access" checked>
-							<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
+						<div class="ui radio checkbox">
+							<input class="enable-system-radio" name="visibility" type="radio" value="1" {{if .DefaultOrgVisibilityMode.IsLimited}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "org.settings.visibility.limited"}}</label>
+						</div>
+						<div class="ui radio checkbox">
+							<input class="enable-system-radio" name="visibility" type="radio" value="2" {{if .DefaultOrgVisibilityMode.IsPrivate}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "org.settings.visibility.private"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "org.create_org"}}
-						</button>
+				<div class="inline field" id="permission_box">
+					<label>{{ctx.Locale.Tr "org.settings.permission"}}</label>
+					<div class="ui checkbox">
+						<input type="checkbox" name="repo_admin_change_team_access" checked>
+						<label>{{ctx.Locale.Tr "org.settings.repoadminchangeteam"}}</label>
 					</div>
-				</form>
-			</div>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "org.create_org"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/create.tmpl b/templates/repo/create.tmpl
index 36283b35e07b4..ad308c857cb12 100644
--- a/templates/repo/create.tmpl
+++ b/templates/repo/create.tmpl
@@ -1,224 +1,222 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new-repo">
-	<div class="ui middle very relaxed page one column grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "new_repo"}}
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				{{template "repo/create_helper" .}}
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "new_repo"}}
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			{{template "repo/create_helper" .}}
 
-				{{if not .CanCreateRepo}}
-				<div class="ui negative message">
-					<p>{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimit}}</p>
-				</div>
-				{{end}}
-				<form class="ui form left-right-form new-repo-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+			{{if not .CanCreateRepo}}
+			<div class="ui negative message">
+				<p>{{ctx.Locale.TrN .MaxCreationLimit "repo.form.reach_limit_of_creation_1" "repo.form.reach_limit_of_creation_n" .MaxCreationLimit}}</p>
+			</div>
+			{{end}}
+			<form class="ui form left-right-form new-repo-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+							</div>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
 								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
-							</div>
+							{{end}}
 						</div>
-						<span class="help">{{ctx.Locale.Tr "repo.owner_helper"}}</span>
 					</div>
+					<span class="help">{{ctx.Locale.Tr "repo.owner_helper"}}</span>
+				</div>
 
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" autofocus required maxlength="100">
-						<span class="help" data-help-for-repo-name>{{ctx.Locale.Tr "repo.repo_name_helper"}}</span>
-						<span class="help tw-hidden" data-help-for-repo-name=".profile">{{ctx.Locale.Tr "repo.repo_name_profile_public_hint"}}</span>
-						<span class="help tw-hidden" data-help-for-repo-name=".profile-private">{{ctx.Locale.Tr "repo.repo_name_profile_private_hint"}}</span>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" autofocus required maxlength="100">
+					<span class="help" data-help-for-repo-name>{{ctx.Locale.Tr "repo.repo_name_helper"}}</span>
+					<span class="help tw-hidden" data-help-for-repo-name=".profile">{{ctx.Locale.Tr "repo.repo_name_profile_public_hint"}}</span>
+					<span class="help tw-hidden" data-help-for-repo-name=".profile-private">{{ctx.Locale.Tr "repo.repo_name_profile_private_hint"}}</span>
+				</div>
+
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
+					<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" rows="2" name="description" placeholder="{{ctx.Locale.Tr "repo.repo_desc_helper"}}" maxlength="2048">{{.description}}</textarea>
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.template"}}</label>
+					<div id="repo_template_search" class="ui search selection dropdown">
+						<input type="hidden" id="repo_template" name="repo_template" value="{{or .repo_template ""}}">
+						<div class="default text">{{.repo_template_name}}</div>
+						<div class="menu">
+						</div>
+					</div>
+				</div>
 
+				<div id="template_units" class="tw-hidden">
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+						<label>{{ctx.Locale.Tr "repo.template.items"}}</label>
 						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
-							{{end}}
+							<input name="git_content" type="checkbox" {{if .git_content}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.git_content"}}</label>
+						</div>
+						<div class="ui checkbox" {{if not .SignedUser.CanEditGitHook}}data-tooltip-content="{{ctx.Locale.Tr "repo.template.git_hooks_tooltip"}}"{{end}}>
+							<input name="git_hooks" type="checkbox" {{if .git_hooks}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.git_hooks"}}</label>
 						</div>
-						<span class="help">{{ctx.Locale.Tr "repo.visibility_description"}}</span>
-					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" rows="2" name="description" placeholder="{{ctx.Locale.Tr "repo.repo_desc_helper"}}" maxlength="2048">{{.description}}</textarea>
 					</div>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.template"}}</label>
-						<div id="repo_template_search" class="ui search selection dropdown">
-							<input type="hidden" id="repo_template" name="repo_template" value="{{or .repo_template ""}}">
-							<div class="default text">{{.repo_template_name}}</div>
-							<div class="menu">
-							</div>
+						<label></label>
+						<div class="ui checkbox">
+							<input name="webhooks" type="checkbox" {{if .webhooks}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.webhooks"}}</label>
 						</div>
-					</div>
-
-					<div id="template_units" class="tw-hidden">
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.template.items"}}</label>
-							<div class="ui checkbox">
-								<input name="git_content" type="checkbox" {{if .git_content}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.git_content"}}</label>
-							</div>
-							<div class="ui checkbox" {{if not .SignedUser.CanEditGitHook}}data-tooltip-content="{{ctx.Locale.Tr "repo.template.git_hooks_tooltip"}}"{{end}}>
-								<input name="git_hooks" type="checkbox" {{if .git_hooks}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.git_hooks"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="topics" type="checkbox" {{if .topics}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.topics"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="webhooks" type="checkbox" {{if .webhooks}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.webhooks"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="topics" type="checkbox" {{if .topics}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.topics"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="avatar" type="checkbox" {{if .avatar}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.avatar"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="avatar" type="checkbox" {{if .avatar}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.avatar"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.template.issue_labels"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.template.issue_labels"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="protected_branch" type="checkbox" {{if .protected_branch}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.settings.protected_branch"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="protected_branch" type="checkbox" {{if .protected_branch}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.settings.protected_branch"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div id="non_template">
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.issue_labels"}}</label>
-							<div class="ui search selection dropdown">
-								<input type="hidden" name="issue_labels" value="{{.issueLabels}}">
-								<div class="default text">{{ctx.Locale.Tr "repo.issue_labels_helper"}}</div>
-								<div class="menu">
-									<div class="item" data-value="">{{ctx.Locale.Tr "repo.issue_labels_helper"}}</div>
-									{{range .LabelTemplateFiles}}
-										<div class="item" data-value="{{.DisplayName}}">{{.DisplayName}}<br><i>({{.Description}})</i></div>
-									{{end}}
-								</div>
+				<div id="non_template">
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.issue_labels"}}</label>
+						<div class="ui search selection dropdown">
+							<input type="hidden" name="issue_labels" value="{{.issueLabels}}">
+							<div class="default text">{{ctx.Locale.Tr "repo.issue_labels_helper"}}</div>
+							<div class="menu">
+								<div class="item" data-value="">{{ctx.Locale.Tr "repo.issue_labels_helper"}}</div>
+								{{range .LabelTemplateFiles}}
+									<div class="item" data-value="{{.DisplayName}}">{{.DisplayName}}<br><i>({{.Description}})</i></div>
+								{{end}}
 							</div>
 						</div>
+					</div>
 
-						<div class="divider"></div>
+					<div class="divider"></div>
 
-						<div class="inline field">
-							<label>.gitignore</label>
-							<div class="ui multiple search selection dropdown">
-								<input type="hidden" name="gitignores" value="{{.gitignores}}">
-								<div class="default text">{{ctx.Locale.Tr "repo.repo_gitignore_helper"}}</div>
-								<div class="menu">
-									{{range .Gitignores}}
-										<div class="item" data-value="{{.}}">{{.}}</div>
-									{{end}}
-								</div>
-							</div>
-							<span class="help">{{ctx.Locale.Tr "repo.repo_gitignore_helper_desc"}}</span>
-						</div>
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.license"}}</label>
-							<div class="ui search selection dropdown">
-								<input type="hidden" name="license" value="{{.license}}">
-								<div class="default text">{{ctx.Locale.Tr "repo.license_helper"}}</div>
-								<div class="menu">
-									<div class="item" data-value="">{{ctx.Locale.Tr "repo.license_helper"}}</div>
-									{{range .Licenses}}
-										<div class="item" data-value="{{.}}">{{.}}</div>
-									{{end}}
-								</div>
+					<div class="inline field">
+						<label>.gitignore</label>
+						<div class="ui multiple search selection dropdown">
+							<input type="hidden" name="gitignores" value="{{.gitignores}}">
+							<div class="default text">{{ctx.Locale.Tr "repo.repo_gitignore_helper"}}</div>
+							<div class="menu">
+								{{range .Gitignores}}
+									<div class="item" data-value="{{.}}">{{.}}</div>
+								{{end}}
 							</div>
-							<span class="help">{{ctx.Locale.Tr "repo.license_helper_desc" "https://choosealicense.com/"}}</span>
 						</div>
-
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.readme"}}</label>
-							<div class="ui selection dropdown">
-								<input type="hidden" name="readme" value="{{.readme}}">
-								<div class="default text">{{ctx.Locale.Tr "repo.readme_helper"}}</div>
-								<div class="menu">
-									{{range .Readmes}}
-										<div class="item" data-value="{{.}}">{{.}}</div>
-									{{end}}
-								</div>
+						<span class="help">{{ctx.Locale.Tr "repo.repo_gitignore_helper_desc"}}</span>
+					</div>
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.license"}}</label>
+						<div class="ui search selection dropdown">
+							<input type="hidden" name="license" value="{{.license}}">
+							<div class="default text">{{ctx.Locale.Tr "repo.license_helper"}}</div>
+							<div class="menu">
+								<div class="item" data-value="">{{ctx.Locale.Tr "repo.license_helper"}}</div>
+								{{range .Licenses}}
+									<div class="item" data-value="{{.}}">{{.}}</div>
+								{{end}}
 							</div>
-							<span class="help">{{ctx.Locale.Tr "repo.readme_helper_desc"}}</span>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox" id="auto-init">
-								<input name="auto_init" type="checkbox" {{if .auto_init}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.auto_init"}}</label>
+						<span class="help">{{ctx.Locale.Tr "repo.license_helper_desc" "https://choosealicense.com/"}}</span>
+					</div>
+
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.readme"}}</label>
+						<div class="ui selection dropdown">
+							<input type="hidden" name="readme" value="{{.readme}}">
+							<div class="default text">{{ctx.Locale.Tr "repo.readme_helper"}}</div>
+							<div class="menu">
+								{{range .Readmes}}
+									<div class="item" data-value="{{.}}">{{.}}</div>
+								{{end}}
 							</div>
 						</div>
-						<div class="inline field">
-							<label for="default_branch">{{ctx.Locale.Tr "repo.default_branch"}}</label>
-							<input id="default_branch" name="default_branch" value="{{.default_branch}}" placeholder="{{.default_branch}}">
-							<span class="help">{{ctx.Locale.Tr "repo.default_branch_helper"}}</span>
-						</div>
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.object_format"}}</label>
-							<div class="ui selection owner dropdown">
-								<input type="hidden" id="object_format_name" name="object_format_name" value="{{or .object_format_name .DefaultObjectFormat.Name}}" required>
-								<div class="default text">{{.DefaultObjectFormat.Name}}</div>
-								<div class="menu">
-									{{range .SupportedObjectFormats}}
-										<div class="item" data-value="{{.Name}}">{{.Name}}</div>
-									{{end}}
-								</div>
-							</div>
-							<span class="help">{{ctx.Locale.Tr "repo.object_format_helper"}}</span>
+						<span class="help">{{ctx.Locale.Tr "repo.readme_helper_desc"}}</span>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox" id="auto-init">
+							<input name="auto_init" type="checkbox" {{if .auto_init}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.auto_init"}}</label>
 						</div>
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.template"}}</label>
-							<div class="ui checkbox">
-								<input name="template" type="checkbox">
-								<label>{{ctx.Locale.Tr "repo.template_helper"}}</label>
+					</div>
+					<div class="inline field">
+						<label for="default_branch">{{ctx.Locale.Tr "repo.default_branch"}}</label>
+						<input id="default_branch" name="default_branch" value="{{.default_branch}}" placeholder="{{.default_branch}}">
+						<span class="help">{{ctx.Locale.Tr "repo.default_branch_helper"}}</span>
+					</div>
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.object_format"}}</label>
+						<div class="ui selection owner dropdown">
+							<input type="hidden" id="object_format_name" name="object_format_name" value="{{or .object_format_name .DefaultObjectFormat.Name}}" required>
+							<div class="default text">{{.DefaultObjectFormat.Name}}</div>
+							<div class="menu">
+								{{range .SupportedObjectFormats}}
+									<div class="item" data-value="{{.Name}}">{{.Name}}</div>
+								{{end}}
 							</div>
 						</div>
+						<span class="help">{{ctx.Locale.Tr "repo.object_format_helper"}}</span>
 					</div>
-					<br>
 					<div class="inline field">
-						<label></label>
-						<button class="ui primary button{{if not .CanCreateRepo}} disabled{{end}}">
-							{{ctx.Locale.Tr "repo.create_repo"}}
-						</button>
+						<label>{{ctx.Locale.Tr "repo.template"}}</label>
+						<div class="ui checkbox">
+							<input name="template" type="checkbox">
+							<label>{{ctx.Locale.Tr "repo.template_helper"}}</label>
+						</div>
 					</div>
-				</form>
-			</div>
+				</div>
+				<br>
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button{{if not .CanCreateRepo}} disabled{{end}}">
+						{{ctx.Locale.Tr "repo.create_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/codebase.tmpl b/templates/repo/migrate/codebase.tmpl
index 6f82d835c6105..35f3614ec5632 100644
--- a/templates/repo/migrate/codebase.tmpl
+++ b/templates/repo/migrate/codebase.tmpl
@@ -1,115 +1,113 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{template "base/disable_form_autofill"}}
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{template "base/disable_form_autofill"}}
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
-						<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
-					</div>
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
+					<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
+				</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
+					<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
-					<div id="migrate_items">
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
+				<div id="migrate_items">
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
 						</div>
 					</div>
-
-					<div class="divider"></div>
-
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
+						</div>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+				<div class="divider"></div>
+
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+							</div>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/codecommit.tmpl b/templates/repo/migrate/codecommit.tmpl
index 8681f47e6cf33..f75112f896bbc 100644
--- a/templates/repo/migrate/codecommit.tmpl
+++ b/templates/repo/migrate/codecommit.tmpl
@@ -1,116 +1,114 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{template "base/disable_form_autofill"}}
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{template "base/disable_form_autofill"}}
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline required field {{if .Err_Auth}}error{{end}}">
-						<label for="aws_access_key_id">{{ctx.Locale.Tr "repo.migrate.codecommit.aws_access_key_id"}}</label>
-						<input id="aws_access_key_id" name="aws_access_key_id" value="{{.aws_access_key_id}}" required>
-					</div>
-					<div class="inline required field {{if .Err_Auth}}error{{end}}">
-						<label for="aws_secret_access_key">{{ctx.Locale.Tr "repo.migrate.codecommit.aws_secret_access_key"}}</label>
-						<input id="aws_secret_access_key" name="aws_secret_access_key" type="password" value="{{.aws_secret_access_key}}" required>
-					</div>
-					<div class="inline required field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_username">{{ctx.Locale.Tr "repo.migrate.codecommit.https_git_credentials_username"}}</label>
-						<input id="auth_username" name="auth_username" value="{{.auth_username}}" required>
-					</div>
-					<div class="inline required field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_password">{{ctx.Locale.Tr "repo.migrate.codecommit.https_git_credentials_password"}}</label>
-						<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}" required>
+				<div class="inline required field {{if .Err_Auth}}error{{end}}">
+					<label for="aws_access_key_id">{{ctx.Locale.Tr "repo.migrate.codecommit.aws_access_key_id"}}</label>
+					<input id="aws_access_key_id" name="aws_access_key_id" value="{{.aws_access_key_id}}" required>
+				</div>
+				<div class="inline required field {{if .Err_Auth}}error{{end}}">
+					<label for="aws_secret_access_key">{{ctx.Locale.Tr "repo.migrate.codecommit.aws_secret_access_key"}}</label>
+					<input id="aws_secret_access_key" name="aws_secret_access_key" type="password" value="{{.aws_secret_access_key}}" required>
+				</div>
+				<div class="inline required field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_username">{{ctx.Locale.Tr "repo.migrate.codecommit.https_git_credentials_username"}}</label>
+					<input id="auth_username" name="auth_username" value="{{.auth_username}}" required>
+				</div>
+				<div class="inline required field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_password">{{ctx.Locale.Tr "repo.migrate.codecommit.https_git_credentials_password"}}</label>
+					<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}" required>
+				</div>
+
+				{{if not .DisableNewPullMirrors}}
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_options"}}</label>
+					<div class="ui checkbox">
+						<input id="mirror" name="mirror" type="checkbox" {{if .mirror}} checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_options_mirror_helper"}}</label>
 					</div>
+				</div>
+				{{end}}
 
-					{{if not .DisableNewPullMirrors}}
+				<div id="migrate_items">
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_options"}}</label>
+						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
 						<div class="ui checkbox">
-							<input id="mirror" name="mirror" type="checkbox" {{if .mirror}} checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_options_mirror_helper"}}</label>
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
 						</div>
 					</div>
-					{{end}}
+				</div>
 
-					<div id="migrate_items">
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
-							</div>
-						</div>
-					</div>
+				<div class="divider"></div>
 
-					<div class="divider"></div>
-
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/git.tmpl b/templates/repo/migrate/git.tmpl
index 5162998036d9e..b10c49c10eec1 100644
--- a/templates/repo/migrate/git.tmpl
+++ b/templates/repo/migrate/git.tmpl
@@ -1,89 +1,87 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{template "base/disable_form_autofill"}}
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
-						<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
-					</div>
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{template "base/disable_form_autofill"}}
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
+					<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
+				</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
+					<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar .}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar .}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitbucket.tmpl b/templates/repo/migrate/gitbucket.tmpl
index 07e27423bc2d3..80d2491e915e1 100644
--- a/templates/repo/migrate/gitbucket.tmpl
+++ b/templates/repo/migrate/gitbucket.tmpl
@@ -1,131 +1,129 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{template "base/disable_form_autofill"}}
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{template "base/disable_form_autofill"}}
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
-						<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
-					</div>
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
+					<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
+				</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
+					<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+					<div class="ui checkbox">
+						<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+					</div>
+				</div>
+
+				<div id="migrate_items" class="inline field">
+					<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<label></label>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
 						<div class="ui checkbox">
-							<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+							<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
 					</div>
-
-					<div id="migrate_items" class="inline field">
-						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitea.tmpl b/templates/repo/migrate/gitea.tmpl
index cde05df017190..220295662e85a 100644
--- a/templates/repo/migrate/gitea.tmpl
+++ b/templates/repo/migrate/gitea.tmpl
@@ -1,127 +1,125 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-							{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
-						<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}} data-need-clear="true" {{end}}>
-						<a target="_blank" href="https://docs.gitea.com/development/api-usage">{{svg "octicon-question"}}</a>
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
+					<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}} data-need-clear="true" {{end}}>
+					<a target="_blank" href="https://docs.gitea.com/development/api-usage">{{svg "octicon-question"}}</a>
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
+
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+					<div class="ui checkbox">
+						<input name="wiki" type="checkbox" {{if .wiki}} checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+					</div>
+				</div>
 
+				<div id="migrate_items" class="inline field">
+					<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<label></label>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
 						<div class="ui checkbox">
-							<input name="wiki" type="checkbox" {{if .wiki}} checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+							<input name="issues" type="checkbox" {{if .issues}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
 					</div>
-
-					<div id="migrate_items" class="inline field">
-						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="releases" type="checkbox" {{if .releases}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="releases" type="checkbox" {{if .releases}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-									{{ctx.AvatarUtils.Avatar .}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
-								</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+							</div>
+							{{range .Orgs}}
+							<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								{{ctx.AvatarUtils.Avatar .}}
+								<span class="truncated-item-name">{{.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/github.tmpl b/templates/repo/migrate/github.tmpl
index c455d228c3503..d1aa4c1f29858 100644
--- a/templates/repo/migrate/github.tmpl
+++ b/templates/repo/migrate/github.tmpl
@@ -1,129 +1,127 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
-						<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}}data-need-clear="true"{{end}}>
-						<a target="_blank" href="https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token">{{svg "octicon-question"}}</a>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.github_token_desc"}}
-						</span>
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
+					<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}}data-need-clear="true"{{end}}>
+					<a target="_blank" href="https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token">{{svg "octicon-question"}}</a>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.github_token_desc"}}
+					</span>
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+					<div class="ui checkbox">
+						<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+					</div>
+				</div>
+				<div id="migrate_items" class="inline field">
+					<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<label></label>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
 						<div class="ui checkbox">
-							<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+							<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
 					</div>
-					<div id="migrate_items" class="inline field">
-						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gitlab.tmpl b/templates/repo/migrate/gitlab.tmpl
index 0066e90aa8095..87a04d7849364 100644
--- a/templates/repo/migrate/gitlab.tmpl
+++ b/templates/repo/migrate/gitlab.tmpl
@@ -1,126 +1,124 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
-						<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}}data-need-clear="true"{{end}}>
-						<a target="_blank" href="https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html">{{svg "octicon-question"}}</a>
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
+					<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}}data-need-clear="true"{{end}}>
+					<a target="_blank" href="https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html">{{svg "octicon-question"}}</a>
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+					<div class="ui checkbox">
+						<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+					</div>
+				</div>
+				<div id="migrate_items" class="inline field">
+					<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<label></label>
 						<div class="ui checkbox">
-							<input name="wiki" type="checkbox" {{if .wiki}}checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
+						<div class="ui checkbox">
+							<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
 					</div>
-					<div id="migrate_items" class="inline field">
-						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="releases" type="checkbox" {{if .releases}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
+					</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/gogs.tmpl b/templates/repo/migrate/gogs.tmpl
index b52cbe6b0dd8d..a4d05e8acdcf2 100644
--- a/templates/repo/migrate/gogs.tmpl
+++ b/templates/repo/migrate/gogs.tmpl
@@ -1,129 +1,127 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-							{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
-						<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}} data-need-clear="true" {{end}}>
-						<!-- <a target="_blank" href="https://docs.gitea.com/development/api-usage">{{svg "octicon-question"}}</a> -->
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_token">{{ctx.Locale.Tr "access_token"}}</label>
+					<input id="auth_token" name="auth_token" type="password" autocomplete="new-password" value="{{.auth_token}}" {{if not .auth_token}} data-need-clear="true" {{end}}>
+					<!-- <a target="_blank" href="https://docs.gitea.com/development/api-usage">{{svg "octicon-question"}}</a> -->
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
+
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+					<div class="ui checkbox">
+						<input name="wiki" type="checkbox" {{if .wiki}} checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+					</div>
+				</div>
 
+				<div id="migrate_items" class="inline field">
+					<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
 					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<label></label>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
 						<div class="ui checkbox">
-							<input name="wiki" type="checkbox" {{if .wiki}} checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.migrate_items_wiki"}}</label>
+							<input name="issues" type="checkbox" {{if .issues}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
 					</div>
-
-					<div id="migrate_items" class="inline field">
-						<span class="help">{{ctx.Locale.Tr "repo.migrate.migrate_items_options"}}</span>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
+					</div>
+					<!-- Gogs do not support it
+					<div class="inline field">
+						<label></label>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
 						</div>
-						<!-- Gogs do not support it
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_merge_requests"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="releases" type="checkbox" {{if .releases}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="releases" type="checkbox" {{if .releases}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_releases"}}</label>
 						</div>
-						-->
 					</div>
+					-->
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-									{{ctx.AvatarUtils.Avatar .}}
-									<span class="truncated-item-name">{{.ShortName 40}}</span>
-								</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+							</div>
+							{{range .Orgs}}
+							<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+								{{ctx.AvatarUtils.Avatar .}}
+								<span class="truncated-item-name">{{.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}} checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}} checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/migrate/onedev.tmpl b/templates/repo/migrate/onedev.tmpl
index 6bc4d3f9eed9b..a27188ed24296 100644
--- a/templates/repo/migrate/onedev.tmpl
+++ b/templates/repo/migrate/onedev.tmpl
@@ -1,116 +1,114 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new migrate">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
-				<input id="service_type" type="hidden" name="service" value="{{.service}}">
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{template "base/disable_form_autofill"}}
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
-						<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
-						<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
-						<span class="help">
-						{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
-						</span>
-					</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "repo.migrate.migrate" .service.Title}}
+			<input id="service_type" type="hidden" name="service" value="{{.service}}">
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{template "base/disable_form_autofill"}}
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_CloneAddr}}error{{end}}">
+					<label for="clone_addr">{{ctx.Locale.Tr "repo.migrate.clone_address"}}</label>
+					<input id="clone_addr" name="clone_addr" value="{{.clone_addr}}" autofocus required>
+					<span class="help">
+					{{ctx.Locale.Tr "repo.migrate.clone_address_desc"}}{{if .ContextUser.CanImportLocal}} {{ctx.Locale.Tr "repo.migrate.clone_local_path"}}{{end}}
+					</span>
+				</div>
 
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
-						<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
-					</div>
-					<div class="inline field {{if .Err_Auth}}error{{end}}">
-						<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
-						<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
-					</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_username">{{ctx.Locale.Tr "username"}}</label>
+					<input id="auth_username" name="auth_username" value="{{.auth_username}}" {{if not .auth_username}}data-need-clear="true"{{end}}>
+				</div>
+				<div class="inline field {{if .Err_Auth}}error{{end}}">
+					<label for="auth_password">{{ctx.Locale.Tr "password"}}</label>
+					<input id="auth_password" name="auth_password" type="password" value="{{.auth_password}}">
+				</div>
 
-					{{template "repo/migrate/options" .}}
+				{{template "repo/migrate/options" .}}
 
-					<div id="migrate_items" class="inline field">
+				<div id="migrate_items" class="inline field">
+					<label></label>
+					<div class="inline field">
+						<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
+						<div class="ui checkbox">
+							<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
+						</div>
+						<div class="ui checkbox">
+							<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
+						</div>
+					</div>
+					<div class="inline field">
 						<label></label>
-						<div class="inline field">
-							<label>{{ctx.Locale.Tr "repo.migrate_items"}}</label>
-							<div class="ui checkbox">
-								<input name="milestones" type="checkbox" {{if .milestones}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_milestones"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="labels" type="checkbox" {{if .labels}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_labels"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
 						</div>
-						<div class="inline field">
-							<label></label>
-							<div class="ui checkbox">
-								<input name="issues" type="checkbox" {{if .issues}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_issues"}}</label>
-							</div>
-							<div class="ui checkbox">
-								<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
-							</div>
+						<div class="ui checkbox">
+							<input name="pull_requests" type="checkbox" {{if .pull_requests}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.migrate_items_pullrequests"}}</label>
 						</div>
 					</div>
+				</div>
 
-					<div class="divider"></div>
+				<div class="divider"></div>
 
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu" title="{{.SignedUser.Name}}">
-								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
-									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-								</div>
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu" title="{{.SignedUser.Name}}">
+							<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}">
+								{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+								<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
 							</div>
-						</div>
-					</div>
-
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui checkbox">
-							{{if .IsForcedPrivate}}
-								<input name="private" type="checkbox" checked disabled>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
-							{{else}}
-								<input name="private" type="checkbox" {{if .private}}checked{{end}}>
-								<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
 							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
-					</div>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button">
-							{{ctx.Locale.Tr "repo.migrate_repo"}}
-						</button>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required maxlength="100">
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui checkbox">
+						{{if .IsForcedPrivate}}
+							<input name="private" type="checkbox" checked disabled>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper_forced"}}</label>
+						{{else}}
+							<input name="private" type="checkbox" {{if .private}}checked{{end}}>
+							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+						{{end}}
 					</div>
-				</form>
-			</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description" maxlength="2048">{{.description}}</textarea>
+				</div>
+
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">
+						{{ctx.Locale.Tr "repo.migrate_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/repo/pulls/fork.tmpl b/templates/repo/pulls/fork.tmpl
index c34da57d17570..879e5328f2af5 100644
--- a/templates/repo/pulls/fork.tmpl
+++ b/templates/repo/pulls/fork.tmpl
@@ -1,87 +1,85 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content repository new fork">
-	<div class="ui middle very relaxed page grid">
-		<div class="column">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "new_fork"}}
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<form class="ui form left-right-form" action="{{.Link}}" method="post">
-					{{.CsrfTokenHtml}}
-					<div class="inline required field {{if .Err_Owner}}error{{end}}">
-						<label>{{ctx.Locale.Tr "repo.owner"}}</label>
-						<div class="ui selection owner dropdown">
-							<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
-							<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
-								{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
-								<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
-							</span>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu">
-								{{if .CanForkToUser}}
-									<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
-										{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
-										<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
-									</div>
-								{{end}}
-								{{range .Orgs}}
-									<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
-										{{ctx.AvatarUtils.Avatar . 28 "mini"}}
-										<span class="truncated-item-name">{{.ShortName 40}}</span>
-									</div>
-								{{end}}
-							</div>
+	<div class="ui container medium-width">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "new_fork"}}
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline required field {{if .Err_Owner}}error{{end}}">
+					<label>{{ctx.Locale.Tr "repo.owner"}}</label>
+					<div class="ui selection owner dropdown">
+						<input type="hidden" id="uid" name="uid" value="{{.ContextUser.ID}}" required>
+						<span class="text truncated-item-container" title="{{.ContextUser.Name}}">
+							{{ctx.AvatarUtils.Avatar .ContextUser 28 "mini"}}
+							<span class="truncated-item-name">{{.ContextUser.ShortName 40}}</span>
+						</span>
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							{{if .CanForkToUser}}
+								<div class="item truncated-item-container" data-value="{{.SignedUser.ID}}" title="{{.SignedUser.Name}}">
+									{{ctx.AvatarUtils.Avatar .SignedUser 28 "mini"}}
+									<span class="truncated-item-name">{{.SignedUser.ShortName 40}}</span>
+								</div>
+							{{end}}
+							{{range .Orgs}}
+								<div class="item truncated-item-container" data-value="{{.ID}}" title="{{.Name}}">
+									{{ctx.AvatarUtils.Avatar . 28 "mini"}}
+									<span class="truncated-item-name">{{.ShortName 40}}</span>
+								</div>
+							{{end}}
 						</div>
 					</div>
+				</div>
 
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.fork_from"}}</label>
-						<a href="{{.ForkRepo.Link}}" class="tw-inline-block">{{.ForkRepo.FullName}}</a>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.fork_from"}}</label>
+					<a href="{{.ForkRepo.Link}}" class="tw-inline-block">{{.ForkRepo.FullName}}</a>
+				</div>
+				<div class="inline required field {{if .Err_RepoName}}error{{end}}">
+					<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
+					<input id="repo_name" name="repo_name" value="{{.repo_name}}" required>
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
+					<div class="ui disabled checkbox">
+						<input type="checkbox" disabled {{if .IsPrivate}}checked{{end}}>
+						<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
 					</div>
-					<div class="inline required field {{if .Err_RepoName}}error{{end}}">
-						<label for="repo_name">{{ctx.Locale.Tr "repo.repo_name"}}</label>
-						<input id="repo_name" name="repo_name" value="{{.repo_name}}" required>
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.visibility"}}</label>
-						<div class="ui disabled checkbox">
-							<input type="checkbox" disabled {{if .IsPrivate}}checked{{end}}>
-							<label>{{ctx.Locale.Tr "repo.visibility_helper"}}</label>
+					<span class="help">{{ctx.Locale.Tr "repo.fork_visibility_helper"}}</span>
+				</div>
+				<div class="inline field">
+					<label>{{ctx.Locale.Tr "repo.fork_branch"}}</label>
+					<div class="ui selection dropdown ellipsis-items-nowrap">
+						<input type="hidden" id="fork_single_branch" name="fork_single_branch" value="" required>
+						<div class="text" title="{{ctx.Locale.Tr "repo.all_branches"}}">
+							<span class="truncated-item-name">{{ctx.Locale.Tr "repo.all_branches"}}</span>
 						</div>
-						<span class="help">{{ctx.Locale.Tr "repo.fork_visibility_helper"}}</span>
-					</div>
-					<div class="inline field">
-						<label>{{ctx.Locale.Tr "repo.fork_branch"}}</label>
-						<div class="ui selection dropdown ellipsis-items-nowrap">
-							<input type="hidden" id="fork_single_branch" name="fork_single_branch" value="" required>
-							<div class="text" title="{{ctx.Locale.Tr "repo.all_branches"}}">
-								<span class="truncated-item-name">{{ctx.Locale.Tr "repo.all_branches"}}</span>
-							</div>
-							{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-							<div class="menu">
-								<div class="item" data-value="" title="{{ctx.Locale.Tr "repo.all_branches"}}">
-									{{ctx.Locale.Tr "repo.all_branches"}}
-								</div>
-								{{range .Branches}}
-									<div class="item" data-value="{{.}}" title="{{.}}">{{.}}</div>
-								{{end}}
+						{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+						<div class="menu">
+							<div class="item" data-value="" title="{{ctx.Locale.Tr "repo.all_branches"}}">
+								{{ctx.Locale.Tr "repo.all_branches"}}
 							</div>
+							{{range .Branches}}
+								<div class="item" data-value="{{.}}" title="{{.}}">{{.}}</div>
+							{{end}}
 						</div>
 					</div>
-					<div class="inline field {{if .Err_Description}}error{{end}}">
-						<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
-						<textarea id="description" name="description">{{.description}}</textarea>
-					</div>
+				</div>
+				<div class="inline field {{if .Err_Description}}error{{end}}">
+					<label for="description">{{ctx.Locale.Tr "repo.repo_desc"}}</label>
+					<textarea id="description" name="description">{{.description}}</textarea>
+				</div>
 
-					<div class="inline field">
-						<label></label>
-						<button class="ui primary button{{if not .CanForkRepo}} disabled{{end}}">
-							{{ctx.Locale.Tr "repo.fork_repo"}}
-						</button>
-					</div>
-				</form>
-			</div>
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button{{if not .CanForkRepo}} disabled{{end}}">
+						{{ctx.Locale.Tr "repo.fork_repo"}}
+					</button>
+				</div>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/user/auth/signup_openid_connect.tmpl b/templates/user/auth/signup_openid_connect.tmpl
index b27093d853dab..67e99b2f89249 100644
--- a/templates/user/auth/signup_openid_connect.tmpl
+++ b/templates/user/auth/signup_openid_connect.tmpl
@@ -1,36 +1,36 @@
 {{template "base/head" .}}
 <div role="main" aria-label="{{.Title}}" class="page-content user signup">
 	{{template "user/auth/signup_openid_navbar" .}}
-	<div class="ui container">
-				{{template "base/alert" .}}
-				<h4 class="ui top attached header">
-					{{ctx.Locale.Tr "auth.openid_connect_title"}}
-				</h4>
-				<div class="ui attached segment">
-					<form class="ui form left-right-form" action="{{.Link}}" method="post">
-						{{.CsrfTokenHtml}}
-						<div class="inline field">
-							<span class="help">{{ctx.Locale.Tr "auth.openid_connect_desc"}}</span>
-						</div>
-						<div class="required inline field {{if .Err_UserName}}error{{end}}">
-							<label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
-							<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
-						</div>
-						<div class="required inline field {{if .Err_Password}}error{{end}}">
-							<label for="password">{{ctx.Locale.Tr "password"}}</label>
-							<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
-						</div>
-						<div class="inline field">
-							<label for="openid">OpenID URI</label>
-							<input id="openid" value="{{.OpenID}}" readonly>
-						</div>
-						<div class="inline field">
-							<label></label>
-							<button class="ui primary button">{{ctx.Locale.Tr "auth.openid_connect_submit"}}</button>
-							<a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
-						</div>
-					</form>
+	<div class="ui container medium-width">
+		{{template "base/alert" .}}
+		<h4 class="ui top attached header">
+			{{ctx.Locale.Tr "auth.openid_connect_title"}}
+		</h4>
+		<div class="ui attached segment">
+			<form class="ui form left-right-form" action="{{.Link}}" method="post">
+				{{.CsrfTokenHtml}}
+				<div class="inline field">
+					<span class="help">{{ctx.Locale.Tr "auth.openid_connect_desc"}}</span>
 				</div>
+				<div class="required inline field {{if .Err_UserName}}error{{end}}">
+					<label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
+					<input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
+				</div>
+				<div class="required inline field {{if .Err_Password}}error{{end}}">
+					<label for="password">{{ctx.Locale.Tr "password"}}</label>
+					<input id="password" name="password" type="password" value="{{.password}}" autocomplete="off" required>
+				</div>
+				<div class="inline field">
+					<label for="openid">OpenID URI</label>
+					<input id="openid" value="{{.OpenID}}" readonly>
+				</div>
+				<div class="inline field">
+					<label></label>
+					<button class="ui primary button">{{ctx.Locale.Tr "auth.openid_connect_submit"}}</button>
+					<a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
+				</div>
+			</form>
+		</div>
 	</div>
 </div>
 {{template "base/footer" .}}
diff --git a/web_src/css/form.css b/web_src/css/form.css
index 266b8c73f27e8..42b97413fabf4 100644
--- a/web_src/css/form.css
+++ b/web_src/css/form.css
@@ -155,6 +155,7 @@ textarea:focus,
 }
 
 .ui.form.left-right-form .inline.field > .help {
+  display: block;
   margin-left: calc(250px + 15px);
 }
 
diff --git a/web_src/css/modules/container.css b/web_src/css/modules/container.css
index 4a442c35b1ec0..69eab17cfd8d8 100644
--- a/web_src/css/modules/container.css
+++ b/web_src/css/modules/container.css
@@ -11,6 +11,9 @@
 .ui.fluid.container {
   width: 100%;
 }
+.ui.container.medium-width {
+  width: 800px;
+}
 
 .ui[class*="center aligned"].container {
   text-align: center;

From e177239529026fce54bc424f2861a70ab8cc329f Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Thu, 9 Jan 2025 03:34:53 +0900
Subject: [PATCH 48/55] Fix typo in gitea downloader test and add missing
 codebase in `ToGitServiceType` (#33146)

---
 services/convert/utils.go                    |  2 ++
 services/convert/utils_test.go               | 10 +++++++++-
 services/migrations/gitea_downloader_test.go |  4 ++--
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/services/convert/utils.go b/services/convert/utils.go
index 5e9d32cc8edce..b59884ec50815 100644
--- a/services/convert/utils.go
+++ b/services/convert/utils.go
@@ -36,6 +36,8 @@ func ToGitServiceType(value string) structs.GitServiceType {
 		return structs.OneDevService
 	case "gitbucket":
 		return structs.GitBucketService
+	case "codebase":
+		return structs.CodebaseService
 	case "codecommit":
 		return structs.CodeCommitService
 	default:
diff --git a/services/convert/utils_test.go b/services/convert/utils_test.go
index 1ac03a3097506..a8363ec6bde2a 100644
--- a/services/convert/utils_test.go
+++ b/services/convert/utils_test.go
@@ -21,6 +21,8 @@ func TestToGitServiceType(t *testing.T) {
 		typ  string
 		enum int
 	}{{
+		typ: "trash", enum: 1,
+	}, {
 		typ: "github", enum: 2,
 	}, {
 		typ: "gitea", enum: 3,
@@ -29,7 +31,13 @@ func TestToGitServiceType(t *testing.T) {
 	}, {
 		typ: "gogs", enum: 5,
 	}, {
-		typ: "trash", enum: 1,
+		typ: "onedev", enum: 6,
+	}, {
+		typ: "gitbucket", enum: 7,
+	}, {
+		typ: "codebase", enum: 8,
+	}, {
+		typ: "codecommit", enum: 9,
 	}}
 	for _, test := range tc {
 		assert.EqualValues(t, test.enum, ToGitServiceType(test.typ))
diff --git a/services/migrations/gitea_downloader_test.go b/services/migrations/gitea_downloader_test.go
index c37c70947e36f..d04e12abdbcb5 100644
--- a/services/migrations/gitea_downloader_test.go
+++ b/services/migrations/gitea_downloader_test.go
@@ -30,10 +30,10 @@ func TestGiteaDownloadRepo(t *testing.T) {
 
 	downloader, err := NewGiteaDownloader(context.Background(), "https://gitea.com", "gitea/test_repo", "", "", giteaToken)
 	if downloader == nil {
-		t.Fatal("NewGitlabDownloader is nil")
+		t.Fatal("NewGiteaDownloader is nil")
 	}
 	if !assert.NoError(t, err) {
-		t.Fatal("NewGitlabDownloader error occur")
+		t.Fatal("NewGiteaDownloader error occur")
 	}
 
 	repo, err := downloader.GetRepoInfo()

From fa9191b7b9373666f30a55bbc63b932833bceefe Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Thu, 9 Jan 2025 00:32:21 +0000
Subject: [PATCH 49/55] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_fr-FR.ini | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini
index 743b7662565bd..becd8829fc76a 100644
--- a/options/locale/locale_fr-FR.ini
+++ b/options/locale/locale_fr-FR.ini
@@ -244,6 +244,7 @@ license_desc=Venez récupérer <a target="_blank" rel="noopener noreferrer" href
 
 [install]
 install=Installation
+installing_desc=Installation en cours, veuillez patienter…
 title=Configuration initiale
 docker_helper=Si vous exécutez Gitea dans Docker, veuillez lire la <a target="_blank" rel="noopener noreferrer" href="%s">documentation</a> avant de modifier les paramètres.
 require_db_desc=Gitea nécessite MySQL, PostgreSQL, MSSQL, SQLite3 ou TiDB (avec le protocole MySQL).
@@ -1015,6 +1016,9 @@ new_repo_helper=Un dépôt contient tous les fichiers d’un projet, ainsi que l
 owner=Propriétaire
 owner_helper=Certaines organisations peuvent ne pas apparaître dans la liste déroulante en raison d'une limite maximale du nombre de dépôts.
 repo_name=Nom du dépôt
+repo_name_profile_public_hint=.profile est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil public d’organisation, visible à tout le monde. Assurez-vous qu’il soit public et initialisez-le avec un README dans le répertoire de profil pour commencer.
+repo_name_profile_private_hint=.profile-private est un dépôt spécial que vous pouvez utiliser pour ajouter un README.md à votre profil d’organisation, visible uniquement aux membres de l’organisation. Assurez-vous qu’il soit privé et initialisez-le avec un README dans le répertoire de profil pour commencer.
+repo_name_helper=Idéalement, le nom d’un dépôt devrait être court, mémorisable et unique. Vous pouvez personnaliser votre profil ou celui de votre organisation en créant un dépôt nommé « .profile » ou « .profile-private » et contenant un README.md.
 repo_size=Taille du dépôt
 template=Modèle
 template_select=Répliquer un modèle
@@ -1231,6 +1235,7 @@ create_new_repo_command=Création d'un nouveau dépôt en ligne de commande
 push_exist_repo=Soumission d'un dépôt existant par ligne de commande
 empty_message=Ce dépôt n'a pas de contenu.
 broken_message=Les données git de ce dépôt ne peuvent pas être lues. Contactez l'administrateur de cette instance ou supprimez ce dépôt.
+no_branch=Ce dépôt n’a aucune branche.
 
 code=Code
 code.desc=Accéder au code source, fichiers, révisions et branches.
@@ -2860,6 +2865,9 @@ teams.invite.title=Vous avez été invité à rejoindre l'équipe <strong>%s</st
 teams.invite.by=Invité par %s
 teams.invite.description=Veuillez cliquer sur le bouton ci-dessous pour rejoindre l’équipe.
 
+view_as_role=Voir en tant que %s
+view_as_public_hint=Vous visualisez le README en tant qu’utilisateur public.
+view_as_member_hint=Vous visualisez le README en tant que membre de cette organisation.
 
 [admin]
 maintenance=Maintenance
@@ -3530,6 +3538,7 @@ versions=Versions
 versions.view_all=Voir tout
 dependency.id=ID
 dependency.version=Version
+search_in_external_registry=Rechercher dans %s
 alpine.registry=Configurez ce registre en ajoutant l’URL dans votre fichier <code>/etc/apk/repositories</code> :
 alpine.registry.key=Téléchargez la clé RSA publique du registre dans le dossier <code>/etc/apk/keys/</code> pour vérifier la signature de l'index :
 alpine.registry.info=Choisissez $branch et $repository dans la liste ci-dessous.
@@ -3722,6 +3731,7 @@ runners.status.active=Actif
 runners.status.offline=Hors-ligne
 runners.version=Version
 runners.reset_registration_token=Réinitialiser le jeton d'enregistrement
+runners.reset_registration_token_confirm=Voulez-vous révoquer le jeton actuel et en générer un nouveau ?
 runners.reset_registration_token_success=Le jeton d’inscription de l’exécuteur a été réinitialisé avec succès
 
 runs.all_workflows=Tous les flux de travail
@@ -3754,6 +3764,7 @@ workflow.not_found=Flux de travail « %s » introuvable.
 workflow.run_success=Le flux de travail « %s » s’est correctement exécuté.
 workflow.from_ref=Utiliser le flux de travail depuis
 workflow.has_workflow_dispatch=Ce flux de travail a un déclencheur d’événement workflow_dispatch.
+workflow.has_no_workflow_dispatch=Le flux de travail %s n’a pas de déclencheur d’événement workflow_dispatch.
 
 need_approval_desc=Besoin d’approbation pour exécuter des flux de travail pour une demande d’ajout de bifurcation.
 
@@ -3773,6 +3784,8 @@ variables.creation.success=La variable « %s » a été ajoutée.
 variables.update.failed=Impossible d’éditer la variable.
 variables.update.success=La variable a bien été modifiée.
 
+logs.always_auto_scroll=Toujours faire défiler les journaux automatiquement
+logs.always_expand_running=Toujours développer les journaux en cours
 
 [projects]
 deleted.display_name=Projet supprimé

From 2a02734f93c0091275c77e370b7eed03b2c5f18e Mon Sep 17 00:00:00 2001
From: TheFox0x7 <thefox0x7@gmail.com>
Date: Thu, 9 Jan 2025 02:21:47 +0100
Subject: [PATCH 50/55] Refactor older tests to use testify (#33140)

Refactor checks to use assert/require
Use require.Eventually for waiting in elastic and meilisearch tests
Use require to exit early instead of assert
---
 models/asymkey/gpg_key_test.go                |  6 +-
 models/db/engine_test.go                      |  9 +--
 models/organization/org_test.go               |  6 +-
 models/user/openid_test.go                    | 24 +++----
 modules/analyze/vendor_test.go                | 11 +--
 modules/auth/openid/discovery_cache_test.go   | 21 +++---
 modules/emoji/emoji_test.go                   | 33 +++------
 modules/eventsource/event_test.go             | 17 ++---
 modules/git/blob_test.go                      |  4 +-
 modules/git/commit_sha256_test.go             |  5 +-
 modules/git/commit_test.go                    |  9 +--
 modules/git/repo_language_stats_test.go       | 10 ++-
 modules/git/repo_tag_test.go                  |  1 -
 modules/gitgraph/graph_test.go                | 10 ++-
 modules/httplib/serve_test.go                 |  5 +-
 .../elasticsearch/elasticsearch_test.go       | 18 ++---
 modules/indexer/issues/indexer_test.go        | 55 ++++-----------
 .../issues/meilisearch/meilisearch_test.go    | 17 ++---
 modules/issue/template/template_test.go       |  5 +-
 modules/markup/markdown/renderconfig_test.go  | 24 +++----
 modules/nosql/redis_test.go                   |  9 ++-
 modules/queue/base_levelqueue_test.go         |  5 +-
 modules/queue/base_redis_test.go              |  5 +-
 modules/structs/commit_status_test.go         |  6 +-
 modules/user/user_test.go                     | 22 +++---
 modules/util/shellquote_test.go               | 10 +--
 modules/web/routing/funcinfo_test.go          | 12 ++--
 routers/utils/utils_test.go                   |  7 +-
 routers/web/repo/pull_review_test.go          | 16 ++---
 routers/web/repo/wiki_test.go                 | 10 ++-
 services/auth/auth_test.go                    | 22 +++---
 services/doctor/dbconsistency_test.go         |  5 +-
 services/gitdiff/csv_test.go                  | 13 ++--
 services/gitdiff/gitdiff_test.go              |  6 +-
 services/mailer/mail_test.go                  |  4 +-
 services/migrations/gitea_downloader_test.go  |  9 +--
 services/wiki/wiki_test.go                    | 21 +++---
 tests/integration/api_pull_commits_test.go    |  5 +-
 tests/integration/api_pull_review_test.go     |  6 +-
 tests/integration/git_general_test.go         | 68 +++++++------------
 tests/integration/gpg_git_test.go             |  5 +-
 tests/integration/nonascii_branches_test.go   | 10 +--
 42 files changed, 218 insertions(+), 348 deletions(-)

diff --git a/models/asymkey/gpg_key_test.go b/models/asymkey/gpg_key_test.go
index d3fbb01d82b1d..0bccbb51b51a0 100644
--- a/models/asymkey/gpg_key_test.go
+++ b/models/asymkey/gpg_key_test.go
@@ -15,6 +15,7 @@ import (
 
 	"github.com/keybase/go-crypto/openpgp/packet"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestCheckArmoredGPGKeyString(t *testing.T) {
@@ -107,9 +108,8 @@ MkM/fdpyc2hY7Dl/+qFmN5MG5yGmMpQcX+RNNR222ibNC1D3wg==
 =i9b7
 -----END PGP PUBLIC KEY BLOCK-----`
 	keys, err := checkArmoredGPGKeyString(testGPGArmor)
-	if !assert.NotEmpty(t, keys) {
-		return
-	}
+	require.NotEmpty(t, keys)
+
 	ekey := keys[0]
 	assert.NoError(t, err, "Could not parse a valid GPG armored key", ekey)
 
diff --git a/models/db/engine_test.go b/models/db/engine_test.go
index e3dbfbdc24205..10a1a33ff04b6 100644
--- a/models/db/engine_test.go
+++ b/models/db/engine_test.go
@@ -15,6 +15,7 @@ import (
 	_ "code.gitea.io/gitea/cmd" // for TestPrimaryKeys
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestDumpDatabase(t *testing.T) {
@@ -62,9 +63,7 @@ func TestPrimaryKeys(t *testing.T) {
 	// Import "code.gitea.io/gitea/cmd" to make sure each db.RegisterModel in init functions has been called.
 
 	beans, err := db.NamesToBean()
-	if err != nil {
-		t.Fatal(err)
-	}
+	require.NoError(t, err)
 
 	whitelist := map[string]string{
 		"the_table_name_to_skip_checking": "Write a note here to explain why",
@@ -79,8 +78,6 @@ func TestPrimaryKeys(t *testing.T) {
 			t.Logf("ignore %q because %q", table.Name, why)
 			continue
 		}
-		if len(table.PrimaryKeys) == 0 {
-			t.Errorf("table %q has no primary key", table.Name)
-		}
+		assert.NotEmpty(t, table.PrimaryKeys, "table %q has no primary key", table.Name)
 	}
 }
diff --git a/models/organization/org_test.go b/models/organization/org_test.go
index 2c5b4090df301..b882a25be328a 100644
--- a/models/organization/org_test.go
+++ b/models/organization/org_test.go
@@ -16,6 +16,7 @@ import (
 	"code.gitea.io/gitea/modules/structs"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestUser_IsOwnedBy(t *testing.T) {
@@ -180,9 +181,8 @@ func TestRestrictedUserOrgMembers(t *testing.T) {
 		ID:           29,
 		IsRestricted: true,
 	})
-	if !assert.True(t, restrictedUser.IsRestricted) {
-		return // ensure fixtures return restricted user
-	}
+	// ensure fixtures return restricted user
+	require.True(t, restrictedUser.IsRestricted)
 
 	testCases := []struct {
 		name         string
diff --git a/models/user/openid_test.go b/models/user/openid_test.go
index 27e6edd1e0053..708af9e6530d3 100644
--- a/models/user/openid_test.go
+++ b/models/user/openid_test.go
@@ -11,6 +11,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestGetUserOpenIDs(t *testing.T) {
@@ -34,30 +35,23 @@ func TestGetUserOpenIDs(t *testing.T) {
 func TestToggleUserOpenIDVisibility(t *testing.T) {
 	assert.NoError(t, unittest.PrepareTestDatabase())
 	oids, err := user_model.GetUserOpenIDs(db.DefaultContext, int64(2))
-	if !assert.NoError(t, err) || !assert.Len(t, oids, 1) {
-		return
-	}
+	require.NoError(t, err)
+	require.Len(t, oids, 1)
 	assert.True(t, oids[0].Show)
 
 	err = user_model.ToggleUserOpenIDVisibility(db.DefaultContext, oids[0].ID)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
 
 	oids, err = user_model.GetUserOpenIDs(db.DefaultContext, int64(2))
-	if !assert.NoError(t, err) || !assert.Len(t, oids, 1) {
-		return
-	}
+	require.NoError(t, err)
+	require.Len(t, oids, 1)
+
 	assert.False(t, oids[0].Show)
 	err = user_model.ToggleUserOpenIDVisibility(db.DefaultContext, oids[0].ID)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
 
 	oids, err = user_model.GetUserOpenIDs(db.DefaultContext, int64(2))
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
 	if assert.Len(t, oids, 1) {
 		assert.True(t, oids[0].Show)
 	}
diff --git a/modules/analyze/vendor_test.go b/modules/analyze/vendor_test.go
index aafd3c431b720..02a51d4c8fdb0 100644
--- a/modules/analyze/vendor_test.go
+++ b/modules/analyze/vendor_test.go
@@ -3,7 +3,11 @@
 
 package analyze
 
-import "testing"
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
 
 func TestIsVendor(t *testing.T) {
 	tests := []struct {
@@ -33,9 +37,8 @@ func TestIsVendor(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.path, func(t *testing.T) {
-			if got := IsVendor(tt.path); got != tt.want {
-				t.Errorf("IsVendor() = %v, want %v", got, tt.want)
-			}
+			got := IsVendor(tt.path)
+			assert.Equal(t, tt.want, got)
 		})
 	}
 }
diff --git a/modules/auth/openid/discovery_cache_test.go b/modules/auth/openid/discovery_cache_test.go
index 5a7f450937ad2..7d4b27c5dfeab 100644
--- a/modules/auth/openid/discovery_cache_test.go
+++ b/modules/auth/openid/discovery_cache_test.go
@@ -6,6 +6,9 @@ package openid
 import (
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 type testDiscoveredInfo struct{}
@@ -29,21 +32,17 @@ func TestTimedDiscoveryCache(t *testing.T) {
 	dc.Put("foo", &testDiscoveredInfo{}) // openid.opEndpoint: "a", openid.opLocalID: "b", openid.claimedID: "c"})
 
 	// Make sure we can retrieve them
-	if di := dc.Get("foo"); di == nil {
-		t.Errorf("Expected a result, got nil")
-	} else if di.OpEndpoint() != "opEndpoint" || di.OpLocalID() != "opLocalID" || di.ClaimedID() != "claimedID" {
-		t.Errorf("Expected opEndpoint opLocalID claimedID, got %v %v %v", di.OpEndpoint(), di.OpLocalID(), di.ClaimedID())
-	}
+	di := dc.Get("foo")
+	require.NotNil(t, di)
+	assert.Equal(t, "opEndpoint", di.OpEndpoint())
+	assert.Equal(t, "opLocalID", di.OpLocalID())
+	assert.Equal(t, "claimedID", di.ClaimedID())
 
 	// Attempt to get a non-existent value
-	if di := dc.Get("bar"); di != nil {
-		t.Errorf("Expected nil, got %v", di)
-	}
+	assert.Nil(t, dc.Get("bar"))
 
 	// Sleep one second and try retrieve again
 	time.Sleep(1 * time.Second)
 
-	if di := dc.Get("foo"); di != nil {
-		t.Errorf("Expected a nil, got a result")
-	}
+	assert.Nil(t, dc.Get("foo"))
 }
diff --git a/modules/emoji/emoji_test.go b/modules/emoji/emoji_test.go
index 2526cd121e410..fbf80fe41aacb 100644
--- a/modules/emoji/emoji_test.go
+++ b/modules/emoji/emoji_test.go
@@ -5,7 +5,6 @@
 package emoji
 
 import (
-	"reflect"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -22,32 +21,18 @@ func TestLookup(t *testing.T) {
 	c := FromAlias(":beer:")
 	d := FromAlias("beer")
 
-	if !reflect.DeepEqual(a, b) {
-		t.Errorf("a and b should equal")
-	}
-	if !reflect.DeepEqual(b, c) {
-		t.Errorf("b and c should equal")
-	}
-	if !reflect.DeepEqual(c, d) {
-		t.Errorf("c and d should equal")
-	}
-	if !reflect.DeepEqual(a, d) {
-		t.Errorf("a and d should equal")
-	}
+	assert.Equal(t, a, b)
+	assert.Equal(t, b, c)
+	assert.Equal(t, c, d)
+	assert.Equal(t, a, d)
 
 	m := FromCode("\U0001f44d")
 	n := FromAlias(":thumbsup:")
 	o := FromAlias("+1")
 
-	if !reflect.DeepEqual(m, n) {
-		t.Errorf("m and n should equal")
-	}
-	if !reflect.DeepEqual(n, o) {
-		t.Errorf("n and o should equal")
-	}
-	if !reflect.DeepEqual(m, o) {
-		t.Errorf("m and o should equal")
-	}
+	assert.Equal(t, m, n)
+	assert.Equal(t, m, o)
+	assert.Equal(t, n, o)
 }
 
 func TestReplacers(t *testing.T) {
@@ -61,9 +46,7 @@ func TestReplacers(t *testing.T) {
 
 	for i, x := range tests {
 		s := x.f(x.v)
-		if s != x.exp {
-			t.Errorf("test %d `%s` expected `%s`, got: `%s`", i, x.v, x.exp, s)
-		}
+		assert.Equalf(t, x.exp, s, "test %d `%s` expected `%s`, got: `%s`", i, x.v, x.exp, s)
 	}
 }
 
diff --git a/modules/eventsource/event_test.go b/modules/eventsource/event_test.go
index 4c4272880d6f8..a1c3e5c7a8ae1 100644
--- a/modules/eventsource/event_test.go
+++ b/modules/eventsource/event_test.go
@@ -6,6 +6,9 @@ package eventsource
 import (
 	"bytes"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func Test_wrapNewlines(t *testing.T) {
@@ -38,16 +41,10 @@ func Test_wrapNewlines(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			w := &bytes.Buffer{}
 			gotSum, err := wrapNewlines(w, []byte(tt.prefix), []byte(tt.value))
-			if err != nil {
-				t.Errorf("wrapNewlines() error = %v", err)
-				return
-			}
-			if gotSum != int64(len(tt.output)) {
-				t.Errorf("wrapNewlines() = %v, want %v", gotSum, int64(len(tt.output)))
-			}
-			if gotW := w.String(); gotW != tt.output {
-				t.Errorf("wrapNewlines() = %v, want %v", gotW, tt.output)
-			}
+			require.NoError(t, err)
+
+			assert.EqualValues(t, len(tt.output), gotSum)
+			assert.Equal(t, tt.output, w.String())
 		})
 	}
 }
diff --git a/modules/git/blob_test.go b/modules/git/blob_test.go
index 63374384f6bc4..d0804350edd76 100644
--- a/modules/git/blob_test.go
+++ b/modules/git/blob_test.go
@@ -17,9 +17,7 @@ func TestBlob_Data(t *testing.T) {
 	output := "file2\n"
 	bareRepo1Path := filepath.Join(testReposDir, "repo1_bare")
 	repo, err := openRepositoryWithDefaultContext(bareRepo1Path)
-	if !assert.NoError(t, err) {
-		t.Fatal()
-	}
+	require.NoError(t, err)
 	defer repo.Close()
 
 	testBlob, err := repo.GetBlob("6c493ff740f9380390d5c9ddef4af18697ac9375")
diff --git a/modules/git/commit_sha256_test.go b/modules/git/commit_sha256_test.go
index 2184a9c47cfc4..f6ca83c9edbac 100644
--- a/modules/git/commit_sha256_test.go
+++ b/modules/git/commit_sha256_test.go
@@ -11,6 +11,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestCommitsCountSha256(t *testing.T) {
@@ -94,9 +95,7 @@ signed commit`
 
 	commitFromReader, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString))
 	assert.NoError(t, err)
-	if !assert.NotNil(t, commitFromReader) {
-		return
-	}
+	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
 	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
 
diff --git a/modules/git/commit_test.go b/modules/git/commit_test.go
index 6ac65564dc179..9560c2cd94617 100644
--- a/modules/git/commit_test.go
+++ b/modules/git/commit_test.go
@@ -11,6 +11,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestCommitsCount(t *testing.T) {
@@ -91,9 +92,7 @@ empty commit`
 
 	commitFromReader, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString))
 	assert.NoError(t, err)
-	if !assert.NotNil(t, commitFromReader) {
-		return
-	}
+	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
 	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
 
@@ -159,9 +158,7 @@ ISO-8859-1`
 
 	commitFromReader, err := CommitFromReader(gitRepo, sha, strings.NewReader(commitString))
 	assert.NoError(t, err)
-	if !assert.NotNil(t, commitFromReader) {
-		return
-	}
+	require.NotNil(t, commitFromReader)
 	assert.EqualValues(t, sha, commitFromReader.ID)
 	assert.EqualValues(t, `-----BEGIN PGP SIGNATURE-----
 
diff --git a/modules/git/repo_language_stats_test.go b/modules/git/repo_language_stats_test.go
index da3871e909a70..1ee5f4c3af27b 100644
--- a/modules/git/repo_language_stats_test.go
+++ b/modules/git/repo_language_stats_test.go
@@ -10,20 +10,18 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestRepository_GetLanguageStats(t *testing.T) {
 	repoPath := filepath.Join(testReposDir, "language_stats_repo")
 	gitRepo, err := openRepositoryWithDefaultContext(repoPath)
-	if !assert.NoError(t, err) {
-		t.Fatal()
-	}
+	require.NoError(t, err)
+
 	defer gitRepo.Close()
 
 	stats, err := gitRepo.GetLanguageStats("8fee858da5796dfb37704761701bb8e800ad9ef3")
-	if !assert.NoError(t, err) {
-		t.Fatal()
-	}
+	require.NoError(t, err)
 
 	assert.EqualValues(t, map[string]int64{
 		"Python": 134,
diff --git a/modules/git/repo_tag_test.go b/modules/git/repo_tag_test.go
index 0117cb902d4a6..f1f081680a360 100644
--- a/modules/git/repo_tag_test.go
+++ b/modules/git/repo_tag_test.go
@@ -182,7 +182,6 @@ func TestRepository_GetAnnotatedTag(t *testing.T) {
 
 	// Annotated tag's name should fail
 	tag3, err := bareRepo1.GetAnnotatedTag(aTagName)
-	assert.Error(t, err)
 	assert.Errorf(t, err, "Length must be 40: %d", len(aTagName))
 	assert.Nil(t, tag3)
 
diff --git a/modules/gitgraph/graph_test.go b/modules/gitgraph/graph_test.go
index 18d427acd9519..2f647aaf83c93 100644
--- a/modules/gitgraph/graph_test.go
+++ b/modules/gitgraph/graph_test.go
@@ -10,6 +10,8 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/git"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func BenchmarkGetCommitGraph(b *testing.B) {
@@ -235,9 +237,7 @@ func TestParseGlyphs(t *testing.T) {
 		}
 		row++
 	}
-	if len(parser.availableColors) != 9 {
-		t.Errorf("Expected 9 colors but have %d", len(parser.availableColors))
-	}
+	assert.Len(t, parser.availableColors, 9)
 }
 
 func TestCommitStringParsing(t *testing.T) {
@@ -262,9 +262,7 @@ func TestCommitStringParsing(t *testing.T) {
 				return
 			}
 
-			if test.commitMessage != commit.Subject {
-				t.Errorf("%s does not match %s", test.commitMessage, commit.Subject)
-			}
+			assert.Equal(t, test.commitMessage, commit.Subject)
 		})
 	}
 }
diff --git a/modules/httplib/serve_test.go b/modules/httplib/serve_test.go
index c2229dffe96e8..e53f38b697414 100644
--- a/modules/httplib/serve_test.go
+++ b/modules/httplib/serve_test.go
@@ -13,6 +13,7 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestServeContentByReader(t *testing.T) {
@@ -71,9 +72,7 @@ func TestServeContentByReadSeeker(t *testing.T) {
 		}
 
 		seekReader, err := os.OpenFile(tmpFile, os.O_RDONLY, 0o644)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		defer seekReader.Close()
 
 		w := httptest.NewRecorder()
diff --git a/modules/indexer/issues/elasticsearch/elasticsearch_test.go b/modules/indexer/issues/elasticsearch/elasticsearch_test.go
index ffd85b1aa1dbb..dc329c07dd9ff 100644
--- a/modules/indexer/issues/elasticsearch/elasticsearch_test.go
+++ b/modules/indexer/issues/elasticsearch/elasticsearch_test.go
@@ -11,6 +11,8 @@ import (
 	"time"
 
 	"code.gitea.io/gitea/modules/indexer/issues/internal/tests"
+
+	"github.com/stretchr/testify/require"
 )
 
 func TestElasticsearchIndexer(t *testing.T) {
@@ -26,20 +28,10 @@ func TestElasticsearchIndexer(t *testing.T) {
 		}
 	}
 
-	ok := false
-	for i := 0; i < 60; i++ {
+	require.Eventually(t, func() bool {
 		resp, err := http.Get(url)
-		if err == nil && resp.StatusCode == http.StatusOK {
-			ok = true
-			break
-		}
-		t.Logf("Waiting for elasticsearch to be up: %v", err)
-		time.Sleep(time.Second)
-	}
-	if !ok {
-		t.Fatalf("Failed to wait for elasticsearch to be up")
-		return
-	}
+		return err == nil && resp.StatusCode == http.StatusOK
+	}, time.Minute, time.Second, "Expected elasticsearch to be up")
 
 	indexer := NewIndexer(url, fmt.Sprintf("test_elasticsearch_indexer_%d", time.Now().Unix()))
 	defer indexer.Close()
diff --git a/modules/indexer/issues/indexer_test.go b/modules/indexer/issues/indexer_test.go
index 06a6a46c234fc..8043d33eebb88 100644
--- a/modules/indexer/issues/indexer_test.go
+++ b/modules/indexer/issues/indexer_test.go
@@ -19,6 +19,7 @@ import (
 	_ "code.gitea.io/gitea/models/activities"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestMain(m *testing.M) {
@@ -26,7 +27,7 @@ func TestMain(m *testing.M) {
 }
 
 func TestDBSearchIssues(t *testing.T) {
-	assert.NoError(t, unittest.PrepareTestDatabase())
+	require.NoError(t, unittest.PrepareTestDatabase())
 
 	setting.Indexer.IssueType = "db"
 	InitIssueIndexer(true)
@@ -83,9 +84,7 @@ func searchIssueWithKeyword(t *testing.T) {
 
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -120,9 +119,7 @@ func searchIssueByIndex(t *testing.T) {
 
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -166,9 +163,7 @@ func searchIssueInRepo(t *testing.T) {
 
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -238,9 +233,7 @@ func searchIssueByID(t *testing.T) {
 
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -265,9 +258,7 @@ func searchIssueIsPull(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -292,9 +283,7 @@ func searchIssueIsClosed(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -319,9 +308,7 @@ func searchIssueIsArchived(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -346,9 +333,7 @@ func searchIssueByMilestoneID(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -379,9 +364,7 @@ func searchIssueByLabelID(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -400,9 +383,7 @@ func searchIssueByTime(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -421,9 +402,7 @@ func searchIssueWithOrder(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -454,9 +433,7 @@ func searchIssueInProject(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, _, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 	}
 }
@@ -479,9 +456,7 @@ func searchIssueWithPaginator(t *testing.T) {
 	}
 	for _, test := range tests {
 		issueIDs, total, err := SearchIssues(context.TODO(), &test.opts)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 		assert.Equal(t, test.expectedIDs, issueIDs)
 		assert.Equal(t, test.expectedTotal, total)
 	}
diff --git a/modules/indexer/issues/meilisearch/meilisearch_test.go b/modules/indexer/issues/meilisearch/meilisearch_test.go
index 4666df136a057..a3a332554ac53 100644
--- a/modules/indexer/issues/meilisearch/meilisearch_test.go
+++ b/modules/indexer/issues/meilisearch/meilisearch_test.go
@@ -15,6 +15,7 @@ import (
 
 	"github.com/meilisearch/meilisearch-go"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestMeilisearchIndexer(t *testing.T) {
@@ -32,20 +33,10 @@ func TestMeilisearchIndexer(t *testing.T) {
 		key = os.Getenv("TEST_MEILISEARCH_KEY")
 	}
 
-	ok := false
-	for i := 0; i < 60; i++ {
+	require.Eventually(t, func() bool {
 		resp, err := http.Get(url)
-		if err == nil && resp.StatusCode == http.StatusOK {
-			ok = true
-			break
-		}
-		t.Logf("Waiting for meilisearch to be up: %v", err)
-		time.Sleep(time.Second)
-	}
-	if !ok {
-		t.Fatalf("Failed to wait for meilisearch to be up")
-		return
-	}
+		return err == nil && resp.StatusCode == http.StatusOK
+	}, time.Minute, time.Second, "Expected meilisearch to be up")
 
 	indexer := NewIndexer(url, key, fmt.Sprintf("test_meilisearch_indexer_%d", time.Now().Unix()))
 	defer indexer.Close()
diff --git a/modules/issue/template/template_test.go b/modules/issue/template/template_test.go
index 689a285b4795e..575e23def9399 100644
--- a/modules/issue/template/template_test.go
+++ b/modules/issue/template/template_test.go
@@ -957,9 +957,8 @@ func Test_minQuotes(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := minQuotes(tt.args.value); got != tt.want {
-				t.Errorf("minQuotes() = %v, want %v", got, tt.want)
-			}
+			got := minQuotes(tt.args.value)
+			assert.Equal(t, tt.want, got)
 		})
 	}
 }
diff --git a/modules/markup/markdown/renderconfig_test.go b/modules/markup/markdown/renderconfig_test.go
index c53acdc77a788..13346570fa68a 100644
--- a/modules/markup/markdown/renderconfig_test.go
+++ b/modules/markup/markdown/renderconfig_test.go
@@ -7,6 +7,8 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"gopkg.in/yaml.v3"
 )
 
@@ -140,23 +142,13 @@ func TestRenderConfig_UnmarshalYAML(t *testing.T) {
 				Icon: "table",
 				Lang: "",
 			}
-			if err := yaml.Unmarshal([]byte(strings.ReplaceAll(tt.args, "\t", "    ")), got); err != nil {
-				t.Errorf("RenderConfig.UnmarshalYAML() error = %v\n%q", err, tt.args)
-				return
-			}
+			err := yaml.Unmarshal([]byte(strings.ReplaceAll(tt.args, "\t", "    ")), got)
+			require.NoError(t, err)
 
-			if got.Meta != tt.expected.Meta {
-				t.Errorf("Meta Expected %s Got %s", tt.expected.Meta, got.Meta)
-			}
-			if got.Icon != tt.expected.Icon {
-				t.Errorf("Icon Expected %s Got %s", tt.expected.Icon, got.Icon)
-			}
-			if got.Lang != tt.expected.Lang {
-				t.Errorf("Lang Expected %s Got %s", tt.expected.Lang, got.Lang)
-			}
-			if got.TOC != tt.expected.TOC {
-				t.Errorf("TOC Expected %q Got %q", tt.expected.TOC, got.TOC)
-			}
+			assert.Equal(t, tt.expected.Meta, got.Meta)
+			assert.Equal(t, tt.expected.Icon, got.Icon)
+			assert.Equal(t, tt.expected.Lang, got.Lang)
+			assert.Equal(t, tt.expected.TOC, got.TOC)
 		})
 	}
 }
diff --git a/modules/nosql/redis_test.go b/modules/nosql/redis_test.go
index 43652e314c0ea..93276ca7931dc 100644
--- a/modules/nosql/redis_test.go
+++ b/modules/nosql/redis_test.go
@@ -5,6 +5,9 @@ package nosql
 
 import (
 	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestToRedisURI(t *testing.T) {
@@ -26,9 +29,9 @@ func TestToRedisURI(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := ToRedisURI(tt.connection); got == nil || got.String() != tt.want {
-				t.Errorf(`ToRedisURI(%q) = %s, want %s`, tt.connection, got.String(), tt.want)
-			}
+			got := ToRedisURI(tt.connection)
+			require.NotNil(t, got)
+			assert.Equal(t, tt.want, got.String())
 		})
 	}
 }
diff --git a/modules/queue/base_levelqueue_test.go b/modules/queue/base_levelqueue_test.go
index b881802ca2b23..05d820856067b 100644
--- a/modules/queue/base_levelqueue_test.go
+++ b/modules/queue/base_levelqueue_test.go
@@ -11,6 +11,7 @@ import (
 
 	"gitea.com/lunny/levelqueue"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/syndtr/goleveldb/leveldb"
 )
 
@@ -29,9 +30,7 @@ func TestCorruptedLevelQueue(t *testing.T) {
 	// sometimes the levelqueue could be in a corrupted state, this test is to make sure it can recover from it
 	dbDir := t.TempDir() + "/levelqueue-test"
 	db, err := leveldb.OpenFile(dbDir, nil)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
 	defer db.Close()
 
 	assert.NoError(t, db.Put([]byte("other-key"), []byte("other-value"), nil))
diff --git a/modules/queue/base_redis_test.go b/modules/queue/base_redis_test.go
index 19fbccbc8fe75..6478988d7fd01 100644
--- a/modules/queue/base_redis_test.go
+++ b/modules/queue/base_redis_test.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func waitRedisReady(conn string, dur time.Duration) (ready bool) {
@@ -61,9 +62,7 @@ func TestBaseRedis(t *testing.T) {
 			return
 		}
 		assert.NoError(t, redisServer.Start())
-		if !assert.True(t, waitRedisReady("redis://127.0.0.1:6379/0", 5*time.Second), "start redis-server") {
-			return
-		}
+		require.True(t, waitRedisReady("redis://127.0.0.1:6379/0", 5*time.Second), "start redis-server")
 	}
 
 	testQueueBasic(t, newBaseRedisSimple, toBaseConfig("baseRedis", setting.QueueSettings{Length: 10}), false)
diff --git a/modules/structs/commit_status_test.go b/modules/structs/commit_status_test.go
index f06808534c408..88e09aadc1596 100644
--- a/modules/structs/commit_status_test.go
+++ b/modules/structs/commit_status_test.go
@@ -5,6 +5,8 @@ package structs
 
 import (
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestNoBetterThan(t *testing.T) {
@@ -166,9 +168,7 @@ func TestNoBetterThan(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			result := tt.args.css.NoBetterThan(tt.args.css2)
-			if result != tt.want {
-				t.Errorf("NoBetterThan() = %v, want %v", result, tt.want)
-			}
+			assert.Equal(t, tt.want, result)
 		})
 	}
 }
diff --git a/modules/user/user_test.go b/modules/user/user_test.go
index 372a675d34279..d6b3911ca6e2f 100644
--- a/modules/user/user_test.go
+++ b/modules/user/user_test.go
@@ -8,6 +8,9 @@ import (
 	"runtime"
 	"strings"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func getWhoamiOutput() (string, error) {
@@ -20,24 +23,19 @@ func getWhoamiOutput() (string, error) {
 
 func TestCurrentUsername(t *testing.T) {
 	user := CurrentUsername()
-	if len(user) == 0 {
-		t.Errorf("expected non-empty user, got: %s", user)
-	}
+	require.NotEmpty(t, user)
+
 	// Windows whoami is weird, so just skip remaining tests
 	if runtime.GOOS == "windows" {
 		t.Skip("skipped test because of weird whoami on Windows")
 	}
 	whoami, err := getWhoamiOutput()
-	if err != nil {
-		t.Errorf("failed to run whoami to test current user: %f", err)
-	}
+	require.NoError(t, err)
+
 	user = CurrentUsername()
-	if user != whoami {
-		t.Errorf("expected %s as user, got: %s", whoami, user)
-	}
+	assert.Equal(t, whoami, user)
+
 	t.Setenv("USER", "spoofed")
 	user = CurrentUsername()
-	if user != whoami {
-		t.Errorf("expected %s as user, got: %s", whoami, user)
-	}
+	assert.Equal(t, whoami, user)
 }
diff --git a/modules/util/shellquote_test.go b/modules/util/shellquote_test.go
index 969998c59260e..4ef5ce698098a 100644
--- a/modules/util/shellquote_test.go
+++ b/modules/util/shellquote_test.go
@@ -3,7 +3,11 @@
 
 package util
 
-import "testing"
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
 
 func TestShellEscape(t *testing.T) {
 	tests := []struct {
@@ -83,9 +87,7 @@ func TestShellEscape(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := ShellEscape(tt.toEscape); got != tt.want {
-				t.Errorf("ShellEscape(%q):\nGot:    %s\nWanted: %s", tt.toEscape, got, tt.want)
-			}
+			assert.Equal(t, tt.want, ShellEscape(tt.toEscape))
 		})
 	}
 }
diff --git a/modules/web/routing/funcinfo_test.go b/modules/web/routing/funcinfo_test.go
index 2ab5960373cb4..974af58931c13 100644
--- a/modules/web/routing/funcinfo_test.go
+++ b/modules/web/routing/funcinfo_test.go
@@ -6,6 +6,8 @@ package routing
 import (
 	"fmt"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func Test_shortenFilename(t *testing.T) {
@@ -37,9 +39,8 @@ func Test_shortenFilename(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(fmt.Sprintf("shortenFilename('%s')", tt.filename), func(t *testing.T) {
-			if gotShort := shortenFilename(tt.filename, tt.fallback); gotShort != tt.expected {
-				t.Errorf("shortenFilename('%s'), expect '%s', but get '%s'", tt.filename, tt.expected, gotShort)
-			}
+			gotShort := shortenFilename(tt.filename, tt.fallback)
+			assert.Equal(t, tt.expected, gotShort)
 		})
 	}
 }
@@ -72,9 +73,8 @@ func Test_trimAnonymousFunctionSuffix(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := trimAnonymousFunctionSuffix(tt.name); got != tt.want {
-				t.Errorf("trimAnonymousFunctionSuffix() = %v, want %v", got, tt.want)
-			}
+			got := trimAnonymousFunctionSuffix(tt.name)
+			assert.Equal(t, tt.want, got)
 		})
 	}
 }
diff --git a/routers/utils/utils_test.go b/routers/utils/utils_test.go
index 6e7f3c33cdacb..cc7c888a758c7 100644
--- a/routers/utils/utils_test.go
+++ b/routers/utils/utils_test.go
@@ -5,6 +5,8 @@ package utils
 
 import (
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestSanitizeFlashErrorString(t *testing.T) {
@@ -32,9 +34,8 @@ func TestSanitizeFlashErrorString(t *testing.T) {
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			if got := SanitizeFlashErrorString(tt.arg); got != tt.want {
-				t.Errorf("SanitizeFlashErrorString() = '%v', want '%v'", got, tt.want)
-			}
+			got := SanitizeFlashErrorString(tt.arg)
+			assert.Equal(t, tt.want, got)
 		})
 	}
 }
diff --git a/routers/web/repo/pull_review_test.go b/routers/web/repo/pull_review_test.go
index 8344ff409113f..3d0997ab4d844 100644
--- a/routers/web/repo/pull_review_test.go
+++ b/routers/web/repo/pull_review_test.go
@@ -17,6 +17,7 @@ import (
 	"code.gitea.io/gitea/services/pull"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestRenderConversation(t *testing.T) {
@@ -41,19 +42,16 @@ func TestRenderConversation(t *testing.T) {
 	var preparedComment *issues_model.Comment
 	run("prepare", func(t *testing.T, ctx *context.Context, resp *httptest.ResponseRecorder) {
 		comment, err := pull.CreateCodeComment(ctx, pr.Issue.Poster, ctx.Repo.GitRepo, pr.Issue, 1, "content", "", false, 0, pr.HeadCommitID, nil)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
+
 		comment.Invalidated = true
 		err = issues_model.UpdateCommentInvalidate(ctx, comment)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
+
 		preparedComment = comment
 	})
-	if !assert.NotNil(t, preparedComment) {
-		return
-	}
+	require.NotNil(t, preparedComment)
+
 	run("diff with outdated", func(t *testing.T, ctx *context.Context, resp *httptest.ResponseRecorder) {
 		ctx.Data["ShowOutdatedComments"] = true
 		renderConversation(ctx, preparedComment, "diff")
diff --git a/routers/web/repo/wiki_test.go b/routers/web/repo/wiki_test.go
index 958ff802d4082..c31f29164b722 100644
--- a/routers/web/repo/wiki_test.go
+++ b/routers/web/repo/wiki_test.go
@@ -20,6 +20,7 @@ import (
 	wiki_service "code.gitea.io/gitea/services/wiki"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 const (
@@ -66,12 +67,9 @@ func assertWikiNotExists(t *testing.T, repo *repo_model.Repository, wikiName wik
 
 func assertPagesMetas(t *testing.T, expectedNames []string, metas any) {
 	pageMetas, ok := metas.([]PageMeta)
-	if !assert.True(t, ok) {
-		return
-	}
-	if !assert.Len(t, pageMetas, len(expectedNames)) {
-		return
-	}
+	require.True(t, ok)
+	require.Len(t, pageMetas, len(expectedNames))
+
 	for i, pageMeta := range pageMetas {
 		assert.EqualValues(t, expectedNames[i], pageMeta.Name)
 	}
diff --git a/services/auth/auth_test.go b/services/auth/auth_test.go
index 3adaa2866444e..f1e9e6753fc91 100644
--- a/services/auth/auth_test.go
+++ b/services/auth/auth_test.go
@@ -9,6 +9,8 @@ import (
 	"testing"
 
 	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func Test_isGitRawOrLFSPath(t *testing.T) {
@@ -108,26 +110,22 @@ func Test_isGitRawOrLFSPath(t *testing.T) {
 		t.Run(tt.path, func(t *testing.T) {
 			req, _ := http.NewRequest("POST", "http://localhost"+tt.path, nil)
 			setting.LFS.StartServer = false
-			if got := isGitRawOrAttachOrLFSPath(req); got != tt.want {
-				t.Errorf("isGitOrLFSPath() = %v, want %v", got, tt.want)
-			}
+			assert.Equal(t, tt.want, isGitRawOrAttachOrLFSPath(req))
+
 			setting.LFS.StartServer = true
-			if got := isGitRawOrAttachOrLFSPath(req); got != tt.want {
-				t.Errorf("isGitOrLFSPath() = %v, want %v", got, tt.want)
-			}
+			assert.Equal(t, tt.want, isGitRawOrAttachOrLFSPath(req))
 		})
 	}
 	for _, tt := range lfsTests {
 		t.Run(tt, func(t *testing.T) {
 			req, _ := http.NewRequest("POST", tt, nil)
 			setting.LFS.StartServer = false
-			if got := isGitRawOrAttachOrLFSPath(req); got != setting.LFS.StartServer {
-				t.Errorf("isGitOrLFSPath(%q) = %v, want %v, %v", tt, got, setting.LFS.StartServer, gitRawOrAttachPathRe.MatchString(tt))
-			}
+			got := isGitRawOrAttachOrLFSPath(req)
+			assert.Equalf(t, setting.LFS.StartServer, got, "isGitOrLFSPath(%q) = %v, want %v, %v", tt, got, setting.LFS.StartServer, gitRawOrAttachPathRe.MatchString(tt))
+
 			setting.LFS.StartServer = true
-			if got := isGitRawOrAttachOrLFSPath(req); got != setting.LFS.StartServer {
-				t.Errorf("isGitOrLFSPath(%q) = %v, want %v", tt, got, setting.LFS.StartServer)
-			}
+			got = isGitRawOrAttachOrLFSPath(req)
+			assert.Equalf(t, setting.LFS.StartServer, got, "isGitOrLFSPath(%q) = %v, want %v", tt, got, setting.LFS.StartServer)
 		})
 	}
 	setting.LFS.StartServer = origLFSStartServer
diff --git a/services/doctor/dbconsistency_test.go b/services/doctor/dbconsistency_test.go
index 4e4ac535b7b45..eb427dee737a8 100644
--- a/services/doctor/dbconsistency_test.go
+++ b/services/doctor/dbconsistency_test.go
@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestConsistencyCheck(t *testing.T) {
@@ -21,9 +22,7 @@ func TestConsistencyCheck(t *testing.T) {
 	idx := slices.IndexFunc(checks, func(check consistencyCheck) bool {
 		return check.Name == "Orphaned OAuth2Application without existing User"
 	})
-	if !assert.NotEqual(t, -1, idx) {
-		return
-	}
+	require.NotEqual(t, -1, idx)
 
 	_ = db.TruncateBeans(db.DefaultContext, &auth.OAuth2Application{}, &user.User{})
 	_ = db.TruncateBeans(db.DefaultContext, &auth.OAuth2Application{}, &auth.OAuth2Application{})
diff --git a/services/gitdiff/csv_test.go b/services/gitdiff/csv_test.go
index c006a7c2bd8d0..f91e0e9aa7252 100644
--- a/services/gitdiff/csv_test.go
+++ b/services/gitdiff/csv_test.go
@@ -192,23 +192,18 @@ c,d,e`,
 
 	for n, c := range cases {
 		diff, err := ParsePatch(db.DefaultContext, setting.Git.MaxGitDiffLines, setting.Git.MaxGitDiffLineCharacters, setting.Git.MaxGitDiffFiles, strings.NewReader(c.diff), "")
-		if err != nil {
-			t.Errorf("ParsePatch failed: %s", err)
-		}
+		assert.NoError(t, err)
 
 		var baseReader *csv.Reader
 		if len(c.base) > 0 {
 			baseReader, err = csv_module.CreateReaderAndDetermineDelimiter(nil, strings.NewReader(c.base))
-			if err != nil {
-				t.Errorf("CreateReaderAndDetermineDelimiter failed: %s", err)
-			}
+			assert.NoError(t, err)
 		}
+
 		var headReader *csv.Reader
 		if len(c.head) > 0 {
 			headReader, err = csv_module.CreateReaderAndDetermineDelimiter(nil, strings.NewReader(c.head))
-			if err != nil {
-				t.Errorf("CreateReaderAndDetermineDelimiter failed: %s", err)
-			}
+			assert.NoError(t, err)
 		}
 
 		result, err := CreateCsvDiff(diff.Files[0], baseReader, headReader)
diff --git a/services/gitdiff/gitdiff_test.go b/services/gitdiff/gitdiff_test.go
index 2351c5da8794a..1017d188dd53a 100644
--- a/services/gitdiff/gitdiff_test.go
+++ b/services/gitdiff/gitdiff_test.go
@@ -19,6 +19,7 @@ import (
 
 	dmp "github.com/sergi/go-diff/diffmatchpatch"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestDiffToHTML(t *testing.T) {
@@ -628,9 +629,8 @@ func TestDiffLine_GetCommentSide(t *testing.T) {
 
 func TestGetDiffRangeWithWhitespaceBehavior(t *testing.T) {
 	gitRepo, err := git.OpenRepository(git.DefaultContext, "./testdata/academic-module")
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
+
 	defer gitRepo.Close()
 	for _, behavior := range []git.TrustedCmdArgs{{"-w"}, {"--ignore-space-at-eol"}, {"-b"}, nil} {
 		diffs, err := GetDiff(db.DefaultContext, gitRepo,
diff --git a/services/mailer/mail_test.go b/services/mailer/mail_test.go
index 185b72f069982..36cef486c94fa 100644
--- a/services/mailer/mail_test.go
+++ b/services/mailer/mail_test.go
@@ -390,9 +390,7 @@ func TestGenerateMessageIDForIssue(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			got := generateMessageIDForIssue(tt.args.issue, tt.args.comment, tt.args.actionType)
-			if !strings.HasPrefix(got, tt.prefix) {
-				t.Errorf("generateMessageIDForIssue() = %v, want %v", got, tt.prefix)
-			}
+			assert.True(t, strings.HasPrefix(got, tt.prefix), "%v, want %v", got, tt.prefix)
 		})
 	}
 }
diff --git a/services/migrations/gitea_downloader_test.go b/services/migrations/gitea_downloader_test.go
index d04e12abdbcb5..6f6ef99d9625f 100644
--- a/services/migrations/gitea_downloader_test.go
+++ b/services/migrations/gitea_downloader_test.go
@@ -14,6 +14,7 @@ import (
 	base "code.gitea.io/gitea/modules/migration"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestGiteaDownloadRepo(t *testing.T) {
@@ -29,12 +30,8 @@ func TestGiteaDownloadRepo(t *testing.T) {
 	}
 
 	downloader, err := NewGiteaDownloader(context.Background(), "https://gitea.com", "gitea/test_repo", "", "", giteaToken)
-	if downloader == nil {
-		t.Fatal("NewGiteaDownloader is nil")
-	}
-	if !assert.NoError(t, err) {
-		t.Fatal("NewGiteaDownloader error occur")
-	}
+	require.NoError(t, err, "NewGiteaDownloader error occur")
+	require.NotNil(t, downloader, "NewGiteaDownloader is nil")
 
 	repo, err := downloader.GetRepoInfo()
 	assert.NoError(t, err)
diff --git a/services/wiki/wiki_test.go b/services/wiki/wiki_test.go
index 0a18cffa25310..e8b89f5e97b3f 100644
--- a/services/wiki/wiki_test.go
+++ b/services/wiki/wiki_test.go
@@ -17,6 +17,7 @@ import (
 	_ "code.gitea.io/gitea/models/actions"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestMain(m *testing.M) {
@@ -166,9 +167,8 @@ func TestRepository_AddWikiPage(t *testing.T) {
 			assert.NoError(t, AddWikiPage(git.DefaultContext, doer, repo, webPath, wikiContent, commitMsg))
 			// Now need to show that the page has been added:
 			gitRepo, err := gitrepo.OpenWikiRepository(git.DefaultContext, repo)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			defer gitRepo.Close()
 			masterTree, err := gitRepo.GetTree(repo.DefaultWikiBranch)
 			assert.NoError(t, err)
@@ -238,9 +238,8 @@ func TestRepository_DeleteWikiPage(t *testing.T) {
 
 	// Now need to show that the page has been added:
 	gitRepo, err := gitrepo.OpenWikiRepository(git.DefaultContext, repo)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
+
 	defer gitRepo.Close()
 	masterTree, err := gitRepo.GetTree(repo.DefaultWikiBranch)
 	assert.NoError(t, err)
@@ -253,9 +252,8 @@ func TestPrepareWikiFileName(t *testing.T) {
 	unittest.PrepareTestEnv(t)
 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
 	gitRepo, err := gitrepo.OpenWikiRepository(git.DefaultContext, repo)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
+
 	defer gitRepo.Close()
 
 	tests := []struct {
@@ -307,9 +305,8 @@ func TestPrepareWikiFileName_FirstPage(t *testing.T) {
 	assert.NoError(t, err)
 
 	gitRepo, err := git.OpenRepository(git.DefaultContext, tmpDir)
-	if !assert.NoError(t, err) {
-		return
-	}
+	require.NoError(t, err)
+
 	defer gitRepo.Close()
 
 	existence, newWikiPath, err := prepareGitPath(gitRepo, "master", "Home")
diff --git a/tests/integration/api_pull_commits_test.go b/tests/integration/api_pull_commits_test.go
index 5ffc8158f356b..f43ad7d3be74f 100644
--- a/tests/integration/api_pull_commits_test.go
+++ b/tests/integration/api_pull_commits_test.go
@@ -15,6 +15,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestAPIPullCommits(t *testing.T) {
@@ -29,9 +30,7 @@ func TestAPIPullCommits(t *testing.T) {
 	var commits []*api.Commit
 	DecodeJSON(t, resp, &commits)
 
-	if !assert.Len(t, commits, 2) {
-		return
-	}
+	require.Len(t, commits, 2)
 
 	assert.Equal(t, "985f0301dba5e7b34be866819cd15ad3d8f508ee", commits[0].SHA)
 	assert.Equal(t, "5c050d3b6d2db231ab1f64e324f1b6b9a0b181c2", commits[1].SHA)
diff --git a/tests/integration/api_pull_review_test.go b/tests/integration/api_pull_review_test.go
index ba6b62d0d7013..b85882a510bc0 100644
--- a/tests/integration/api_pull_review_test.go
+++ b/tests/integration/api_pull_review_test.go
@@ -21,6 +21,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"xorm.io/builder"
 )
 
@@ -39,9 +40,8 @@ func TestAPIPullReview(t *testing.T) {
 
 	var reviews []*api.PullReview
 	DecodeJSON(t, resp, &reviews)
-	if !assert.Len(t, reviews, 8) {
-		return
-	}
+	require.Len(t, reviews, 8)
+
 	for _, r := range reviews {
 		assert.EqualValues(t, pullIssue.HTMLURL(), r.HTMLPullURL)
 	}
diff --git a/tests/integration/git_general_test.go b/tests/integration/git_general_test.go
index a47cb75196d03..5d915d8a513ff 100644
--- a/tests/integration/git_general_test.go
+++ b/tests/integration/git_general_test.go
@@ -32,6 +32,7 @@ import (
 	"code.gitea.io/gitea/tests"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 const (
@@ -726,9 +727,8 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 		}
 
 		gitRepo, err := git.OpenRepository(git.DefaultContext, dstPath)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
+
 		defer gitRepo.Close()
 
 		var (
@@ -736,9 +736,7 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 			commit   string
 		)
 		repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, ctx.Username, ctx.Reponame)
-		if !assert.NoError(t, err) {
-			return
-		}
+		require.NoError(t, err)
 
 		pullNum := unittest.GetCount(t, &issues_model.PullRequest{})
 
@@ -746,9 +744,7 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 
 		t.Run("AddCommit", func(t *testing.T) {
 			err := os.WriteFile(path.Join(dstPath, "test_file"), []byte("## test content"), 0o666)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
 
 			err = git.AddChanges(dstPath, true)
 			assert.NoError(t, err)
@@ -773,43 +769,37 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 
 		t.Run("Push", func(t *testing.T) {
 			err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master", "-o").AddDynamicArguments("topic=" + headBranch).Run(&git.RunOpts{Dir: dstPath})
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			unittest.AssertCount(t, &issues_model.PullRequest{}, pullNum+1)
 			pr1 = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{
 				HeadRepoID: repo.ID,
 				Flow:       issues_model.PullRequestFlowAGit,
 			})
-			if !assert.NotEmpty(t, pr1) {
-				return
-			}
+			require.NotEmpty(t, pr1)
+
 			prMsg, err := doAPIGetPullRequest(*ctx, ctx.Username, ctx.Reponame, pr1.Index)(t)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			assert.Equal(t, "user2/"+headBranch, pr1.HeadBranch)
 			assert.False(t, prMsg.HasMerged)
 			assert.Contains(t, "Testing commit 1", prMsg.Body)
 			assert.Equal(t, commit, prMsg.Head.Sha)
 
 			_, _, err = git.NewCommand(git.DefaultContext, "push", "origin").AddDynamicArguments("HEAD:refs/for/master/test/" + headBranch).RunStdString(&git.RunOpts{Dir: dstPath})
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			unittest.AssertCount(t, &issues_model.PullRequest{}, pullNum+2)
 			pr2 = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{
 				HeadRepoID: repo.ID,
 				Index:      pr1.Index + 1,
 				Flow:       issues_model.PullRequestFlowAGit,
 			})
-			if !assert.NotEmpty(t, pr2) {
-				return
-			}
+			require.NotEmpty(t, pr2)
+
 			prMsg, err = doAPIGetPullRequest(*ctx, ctx.Username, ctx.Reponame, pr2.Index)(t)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			assert.Equal(t, "user2/test/"+headBranch, pr2.HeadBranch)
 			assert.False(t, prMsg.HasMerged)
 		})
@@ -820,9 +810,7 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 
 		t.Run("AddCommit2", func(t *testing.T) {
 			err := os.WriteFile(path.Join(dstPath, "test_file"), []byte("## test content \n ## test content 2"), 0o666)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
 
 			err = git.AddChanges(dstPath, true)
 			assert.NoError(t, err)
@@ -847,26 +835,22 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string
 
 		t.Run("Push2", func(t *testing.T) {
 			err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master", "-o").AddDynamicArguments("topic=" + headBranch).Run(&git.RunOpts{Dir: dstPath})
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			unittest.AssertCount(t, &issues_model.PullRequest{}, pullNum+2)
 			prMsg, err := doAPIGetPullRequest(*ctx, ctx.Username, ctx.Reponame, pr1.Index)(t)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			assert.False(t, prMsg.HasMerged)
 			assert.Equal(t, commit, prMsg.Head.Sha)
 
 			_, _, err = git.NewCommand(git.DefaultContext, "push", "origin").AddDynamicArguments("HEAD:refs/for/master/test/" + headBranch).RunStdString(&git.RunOpts{Dir: dstPath})
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			unittest.AssertCount(t, &issues_model.PullRequest{}, pullNum+2)
 			prMsg, err = doAPIGetPullRequest(*ctx, ctx.Username, ctx.Reponame, pr2.Index)(t)
-			if !assert.NoError(t, err) {
-				return
-			}
+			require.NoError(t, err)
+
 			assert.False(t, prMsg.HasMerged)
 			assert.Equal(t, commit, prMsg.Head.Sha)
 		})
diff --git a/tests/integration/gpg_git_test.go b/tests/integration/gpg_git_test.go
index acfe70026e15c..31695fb2e18cd 100644
--- a/tests/integration/gpg_git_test.go
+++ b/tests/integration/gpg_git_test.go
@@ -22,6 +22,7 @@ import (
 	"github.com/ProtonMail/go-crypto/openpgp"
 	"github.com/ProtonMail/go-crypto/openpgp/armor"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func TestGPGGit(t *testing.T) {
@@ -33,9 +34,7 @@ func TestGPGGit(t *testing.T) {
 
 	// Need to create a root key
 	rootKeyPair, err := importTestingKey()
-	if !assert.NoError(t, err, "importTestingKey") {
-		return
-	}
+	require.NoError(t, err, "importTestingKey")
 
 	defer test.MockVariableValue(&setting.Repository.Signing.SigningKey, rootKeyPair.PrimaryKey.KeyIdShortString())()
 	defer test.MockVariableValue(&setting.Repository.Signing.SigningName, "gitea")()
diff --git a/tests/integration/nonascii_branches_test.go b/tests/integration/nonascii_branches_test.go
index e5934a148d892..ae348d81732a6 100644
--- a/tests/integration/nonascii_branches_test.go
+++ b/tests/integration/nonascii_branches_test.go
@@ -12,7 +12,7 @@ import (
 
 	"code.gitea.io/gitea/tests"
 
-	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )
 
 func setDefaultBranch(t *testing.T, session *TestSession, user, repo, branch string) {
@@ -199,14 +199,10 @@ func TestNonAsciiBranches(t *testing.T) {
 		t.Run(test.from, func(t *testing.T) {
 			req := NewRequest(t, "GET", fmt.Sprintf("/%s/%s/src/%s", user, repo, test.from))
 			resp := session.MakeRequest(t, req, http.StatusSeeOther)
-			if resp.Code != http.StatusSeeOther {
-				return
-			}
+			require.Equal(t, http.StatusSeeOther, resp.Code)
 
 			redirectLocation := resp.Header().Get("Location")
-			if !assert.Equal(t, fmt.Sprintf("/%s/%s/src/%s", user, repo, test.to), redirectLocation) {
-				return
-			}
+			require.Equal(t, fmt.Sprintf("/%s/%s/src/%s", user, repo, test.to), redirectLocation)
 
 			req = NewRequest(t, "GET", redirectLocation)
 			session.MakeRequest(t, req, test.status)

From ba5e3a5161a497aa8c73827774870fb94676e68b Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Wed, 8 Jan 2025 23:15:47 -0800
Subject: [PATCH 51/55] Fix fuzz test (#33156)

---
 tests/fuzz/fuzz_test.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/fuzz/fuzz_test.go b/tests/fuzz/fuzz_test.go
index 01d562d995c90..e7b832412abb1 100644
--- a/tests/fuzz/fuzz_test.go
+++ b/tests/fuzz/fuzz_test.go
@@ -19,6 +19,7 @@ func newFuzzRenderContext() *markup.RenderContext {
 
 func FuzzMarkdownRenderRaw(f *testing.F) {
 	f.Fuzz(func(t *testing.T, data []byte) {
+		setting.IsInTesting = true
 		setting.AppURL = "http://localhost:3000/"
 		markdown.RenderRaw(newFuzzRenderContext(), bytes.NewReader(data), io.Discard)
 	})
@@ -26,6 +27,7 @@ func FuzzMarkdownRenderRaw(f *testing.F) {
 
 func FuzzMarkupPostProcess(f *testing.F) {
 	f.Fuzz(func(t *testing.T, data []byte) {
+		setting.IsInTesting = true
 		setting.AppURL = "http://localhost:3000/"
 		markup.PostProcessDefault(newFuzzRenderContext(), bytes.NewReader(data), io.Discard)
 	})

From 88366f280ec82e357e384263139b66cdc6b0b24a Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Thu, 9 Jan 2025 16:45:51 +0900
Subject: [PATCH 52/55] Move repo size to sidebar (#33155)

![image](https://github.com/user-attachments/assets/8b14dbb7-ec36-4596-a6aa-72c14d93309d)
---
 templates/repo/home_sidebar_top.tmpl | 5 +++++
 templates/repo/sub_menu.tmpl         | 5 -----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/templates/repo/home_sidebar_top.tmpl b/templates/repo/home_sidebar_top.tmpl
index 607dc62e2e717..d7c2b8336f37a 100644
--- a/templates/repo/home_sidebar_top.tmpl
+++ b/templates/repo/home_sidebar_top.tmpl
@@ -62,6 +62,11 @@
 								{{svg "octicon-cross-reference"}} {{ctx.Locale.Tr "repo.cite_this_repo"}}
 							</a>
 						{{end}}
+						<span class="flex-text-block muted" {{if not (eq .Repository.Size 0)}}data-tooltip-placement="top" data-tooltip-content="{{.Repository.SizeDetailsString}}"{{end}}>
+							{{$fileSizeFormatted := FileSize .Repository.Size}}{{/* the formatted string is always "{val} {unit}" */}}
+							{{$fileSizeFields := StringUtils.Split $fileSizeFormatted " "}}
+							{{svg "octicon-database"}} <b>{{ctx.Locale.PrettyNumber (index $fileSizeFields 0)}}</b> {{index $fileSizeFields 1}}
+						</span>
 					</div>
 				</div>
 			</div>
diff --git a/templates/repo/sub_menu.tmpl b/templates/repo/sub_menu.tmpl
index ccb98b94ad2f8..1e83b53ef048f 100644
--- a/templates/repo/sub_menu.tmpl
+++ b/templates/repo/sub_menu.tmpl
@@ -13,11 +13,6 @@
 					{{svg "octicon-tag"}} <b>{{ctx.Locale.PrettyNumber .NumTags}}</b> {{ctx.Locale.TrN .NumTags "repo.tag" "repo.tags"}}
 				</a>
 			{{end}}
-			<span class="item not-mobile" {{if not (eq .Repository.Size 0)}}data-tooltip-placement="top" data-tooltip-content="{{.Repository.SizeDetailsString}}"{{end}}>
-				{{$fileSizeFormatted := FileSize .Repository.Size}}{{/* the formatted string is always "{val} {unit}" */}}
-				{{$fileSizeFields := StringUtils.Split $fileSizeFormatted " "}}
-				{{svg "octicon-database"}} <b>{{ctx.Locale.PrettyNumber (index $fileSizeFields 0)}}</b> {{index $fileSizeFields 1}}
-			</span>
 		{{end}}
 	</div>
 </div>

From 68ca73b7169ef4d70ffc9dc6660581da3033e5f7 Mon Sep 17 00:00:00 2001
From: TheFox0x7 <thefox0x7@gmail.com>
Date: Thu, 9 Jan 2025 14:09:11 +0100
Subject: [PATCH 53/55] Fix pam auth test regression (#33169)

fixes: https://github.com/go-gitea/gitea/issues/33168
---
 modules/auth/pam/pam_test.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/auth/pam/pam_test.go b/modules/auth/pam/pam_test.go
index 7265b5d0c1507..d4ab058ec7878 100644
--- a/modules/auth/pam/pam_test.go
+++ b/modules/auth/pam/pam_test.go
@@ -15,5 +15,5 @@ func TestPamAuth(t *testing.T) {
 	result, err := Auth("gitea", "user1", "false-pwd")
 	assert.Error(t, err)
 	assert.EqualError(t, err, "Authentication failure")
-	assert.Len(t, result)
+	assert.Empty(t, result)
 }

From a5043af8ea084505453300ce77eab808e10f3c6b Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 10 Jan 2025 01:58:37 +0800
Subject: [PATCH 54/55] Fix assignee list overlapping in Issue sidebar (#33176)

Fix  #33170

![image](https://github.com/user-attachments/assets/714cebdc-ee76-43e3-9ece-a189f8ecb17a)

![image](https://github.com/user-attachments/assets/cbb58425-42b4-41ee-ba3c-7efbd24607dc)
---
 templates/repo/issue/sidebar/assignee_list.tmpl | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/templates/repo/issue/sidebar/assignee_list.tmpl b/templates/repo/issue/sidebar/assignee_list.tmpl
index d8ccd73387de7..4fe8043f3473d 100644
--- a/templates/repo/issue/sidebar/assignee_list.tmpl
+++ b/templates/repo/issue/sidebar/assignee_list.tmpl
@@ -16,9 +16,9 @@
 				<input type="text" placeholder="{{ctx.Locale.Tr "repo.issues.filter_assignees"}}">
 			</div>
 			<div class="item clear-selection">{{ctx.Locale.Tr "repo.issues.new.clear_assignees"}}</div>
-			<div class="scrolling menu">
+			<div class="scrolling menu flex-items-block">
 				{{range $data.CandidateAssignees}}
-					<a class="item muted" href="#" data-value="{{.ID}}">
+					<a class="item" href="#" data-value="{{.ID}}">
 						<span class="item-check-mark">{{svg "octicon-check"}}</span>
 						{{ctx.AvatarUtils.Avatar . 20}} {{template "repo/search_name" .}}
 					</a>
@@ -26,10 +26,10 @@
 			</div>
 		</div>
 	</div>
-	<div class="ui list tw-flex tw-flex-row tw-gap-2">
+	<div class="ui list muted-links flex-items-block tw-flex tw-flex-col tw-gap-2">
 		<span class="item empty-list {{if $issueAssignees}}tw-hidden{{end}}">{{ctx.Locale.Tr "repo.issues.new.no_assignees"}}</span>
 		{{range $issueAssignees}}
-			<a class="item muted" href="{{$pageMeta.RepoLink}}/{{if $pageMeta.IsPullRequest}}pulls{{else}}issues{{end}}?assignee={{.ID}}">
+			<a class="item" href="{{$pageMeta.RepoLink}}/{{if $pageMeta.IsPullRequest}}pulls{{else}}issues{{end}}?assignee={{.ID}}">
 					{{ctx.AvatarUtils.Avatar . 20}} {{.GetDisplayName}}
 			</a>
 		{{end}}

From 5f679c1c592cb4e03f12cc721edc3ca8ca81cdb7 Mon Sep 17 00:00:00 2001
From: hiifong <i@hiif.ong>
Date: Fri, 10 Jan 2025 02:11:35 +0800
Subject: [PATCH 55/55] Add .run to gitignore (#33175)

![image](https://github.com/user-attachments/assets/340a6c2a-8575-4ef9-be75-84af8af82b93)
---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 619cb1cabbe23..d215468377880 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,6 +9,7 @@ _test
 
 # IntelliJ
 .idea
+.run
 
 # IntelliJ Gateway
 .uuid