Issues overview should not show issues from archived repos (#13220 )

* Add lots of comments to user.Issues() * Answered some questions from comments * fix typo in comment * Refac user.Issues(): add func repoIDs * Refac user.Issues(): add func userRepoIDs * Refac user.Issues(): add func issueIDsFromSearch * Refac user.Issues(): improve error handling * Refac user.Issues(): add inline documentation and move variable declarations closer to their usages * Refac user.Issues(): add func repoIDMap * Refac user.Issues(): cleanup * Refac: Separate Issues from Pulls during routing * fix typo in comment * Adapt Unittests to Refactoring * Issue13171: Issue and PR Overviews now ignore archived Repositories * changed some verbatim SQL conditions to builder.Eq * models/issue.go: use OptionalBool properly Co-authored-by: 6543 <6543@obermui.de> * Use IsArchived rather than ExcludeArchivedRepos * fixed broken test after merge * added nil check * Added Unit Test securing Issue 13171 fix * Improved IsArchived filtering in issue.GetUserIssueStats * Removed unused func * Added grouping to avoid returning duplicate repo IDs Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Gitea <gitea@fake.local> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Display SVG files as images instead of text (#14101 )
2021-01-12 23:19:17 -05:00 · 2021-01-12 22:45:19 -05:00 · 2021-01-13 00:51:06 +00:00 · 2021-01-13 08:49:52 +08:00 · 2021-01-10 18:06:29 +00:00 · 2021-01-10 20:05:18 +02:00
2204 changed files with 221238 additions and 86730 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -18,7 +18,6 @@ steps:
      - make node_modules

  - name: lint-frontend
-    pull: always
    image: node:14
    commands:
      - make lint-frontend
@@ -34,8 +33,29 @@ steps:
      GOSUMDB: sum.golang.org
      TAGS: bindata sqlite sqlite_unlock_notify

-  - name: checks-frontend
+  - name: lint-backend-windows
    pull: always
+    image: golang:1.15
+    commands:
+      - make golangci-lint vet
+    environment:
+      GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not
+      GOSUMDB: sum.golang.org
+      TAGS: bindata sqlite sqlite_unlock_notify
+      GOOS: windows
+      GOARCH: amd64
+
+  - name: lint-backend-gogit
+    pull: always
+    image: golang:1.15
+    commands:
+      - make lint-backend
+    environment:
+      GOPROXY: https://goproxy.cn # proxy.golang.org is blocked in China, this proxy is not
+      GOSUMDB: sum.golang.org
+      TAGS: bindata gogit sqlite sqlite_unlock_notify
+
+  - name: checks-frontend
    image: node:14
    commands:
      - make checks-frontend
@@ -49,7 +69,6 @@ steps:
    depends_on: [lint-backend]

  - name: build-frontend
-    pull: always
    image: node:14
    commands:
      - make frontend
@@ -66,21 +85,31 @@ steps:
    depends_on: [checks-backend]

  - name: build-backend-arm64
-    pull: always
    image: golang:1.15
    environment:
      GO111MODULE: on
      GOPROXY: off
      GOOS: linux
      GOARCH: arm64
-      TAGS: bindata
+      TAGS: bindata gogit
    commands:
      - make backend # test cross compile
      - rm ./gitea # clean
    depends_on: [checks-backend]

+  - name: build-backend-windows
+    image: golang:1.15
+    environment:
+      GO111MODULE: on
+      GOPROXY: off
+      GOOS: windows
+      GOARCH: amd64
+      TAGS: bindata gogit
+    commands:
+      - go build -mod=vendor -o gitea_windows
+    depends_on: [checks-backend]
+
  - name: build-backend-386
-    pull: always
    image: golang:1.15
    environment:
      GO111MODULE: on
@@ -108,33 +137,18 @@ workspace:

 services:
  - name: mysql
-    pull: default
    image: mysql:5.7
    environment:
      MYSQL_ALLOW_EMPTY_PASSWORD: yes
      MYSQL_DATABASE: test
-      GOPROXY: off
-      TAGS: bindata sqlite sqlite_unlock_notify
-      GITLAB_READ_TOKEN:
-        from_secret: gitlab_read_token
-    depends_on:
-      - build
-    when:
-      branch:
-        - master
-      event:
-        - push
-        - pull_request

  - name: mysql8
-    pull: default
    image: mysql:8.0
    environment:
      MYSQL_ALLOW_EMPTY_PASSWORD: yes
      MYSQL_DATABASE: testgitea

  - name: mssql
-    pull: default
    image: mcr.microsoft.com/mssql/server:latest
    environment:
      ACCEPT_EULA: Y
@@ -142,11 +156,9 @@ services:
      SA_PASSWORD: MwantsaSecurePassword1

  - name: ldap
-    pull: default
    image: gitea/test-openldap:latest

  - name: elasticsearch
-    pull: default
    environment:
      discovery.type: single-node
    image: elasticsearch:7.5.0
@@ -161,7 +173,6 @@ services:

 steps:
  - name: fetch-tags
-    pull: default
    image: docker:git
    commands:
      - git fetch --tags --force
@@ -187,7 +198,6 @@ steps:
      - git update-ref refs/heads/tag_test ${DRONE_COMMIT_SHA}

  - name: unit-test
-    pull: always
    image: golang:1.15
    commands:
      - make unit-test-coverage test-check
@@ -197,8 +207,18 @@ steps:
      GITHUB_READ_TOKEN:
        from_secret: github_read_token

-  - name: test-mysql
+  - name: unit-test-gogit
    pull: always
+    image: golang:1.15
+    commands:
+      - make unit-test-coverage test-check
+    environment:
+      GOPROXY: off
+      TAGS: bindata gogit sqlite sqlite_unlock_notify
+      GITHUB_READ_TOKEN:
+        from_secret: github_read_token
+
+  - name: test-mysql
    image: golang:1.15
    commands:
      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
@@ -214,7 +234,6 @@ steps:
      - build

  - name: test-mysql8
-    pull: always
    image: golang:1.15
    commands:
      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
@@ -229,7 +248,6 @@ steps:
      - build

  - name: test-mssql
-    pull: always
    image: golang:1.15
    commands:
      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
@@ -244,7 +262,6 @@ steps:
      - build

  - name: generate-coverage
-    pull: always
    image: golang:1.15
    commands:
      - make coverage
@@ -307,7 +324,6 @@ services:

 steps:
  - name: fetch-tags
-    pull: default
    image: docker:git
    commands:
      - git fetch --tags --force
@@ -327,7 +343,6 @@ steps:
      TAGS: bindata sqlite sqlite_unlock_notify

  - name: test-sqlite
-    pull: always
    image: golang:1.15
    commands:
      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
@@ -335,13 +350,13 @@ steps:
      - timeout -s ABRT 40m make test-sqlite-migration test-sqlite
    environment:
      GOPROXY: off
-      TAGS: bindata
+      TAGS: bindata gogit sqlite sqlite_unlock_notify
+      TEST_TAGS: gogit sqlite sqlite_unlock_notify
      USE_REPO_TEST_DIR: 1
    depends_on:
      - build

  - name: test-pgsql
-    pull: always
    image: golang:1.15
    commands:
      - "curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash"
@@ -349,7 +364,8 @@ steps:
      - timeout -s ABRT 40m make test-pgsql-migration test-pgsql
    environment:
      GOPROXY: off
-      TAGS: bindata
+      TAGS: bindata gogit
+      TEST_TAGS: gogit
      TEST_LDAP: 1
      USE_REPO_TEST_DIR: 1
    depends_on:
@@ -443,7 +459,6 @@ depends_on:

 steps:
  - name: fetch-tags
-    pull: default
    image: docker:git
    commands:
      - git fetch --tags --force
@@ -497,7 +512,6 @@ steps:
        - push

  - name: release-master
-    pull: always
    image: plugins/s3:1
    settings:
      acl: public-read
@@ -656,7 +670,6 @@ trigger:

 steps:
  - name: fetch-tags
-    pull: default
    image: docker:git
    commands:
      - git fetch --tags --force
@@ -679,6 +692,27 @@ steps:
        exclude:
        - pull_request

+  - name: publish-rootless
+    image: plugins/docker:linux-amd64
+    settings:
+      dockerfile: Dockerfile.rootless
+      auto_tag: true
+      auto_tag_suffix: linux-amd64-rootless
+      repo: gitea/gitea
+      build_args:
+        - GOPROXY=off
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+    environment:
+      PLUGIN_MIRROR:
+        from_secret: plugin_mirror
+    when:
+      event:
+        exclude:
+        - pull_request
+
 ---
 kind: pipeline
 name: docker-linux-arm64-dry-run
@@ -708,6 +742,9 @@ steps:
      tags: linux-arm64
      build_args:
        - GOPROXY=off
+    environment:
+      PLUGIN_MIRROR:
+        from_secret: plugin_mirror
    when:
      event:
        - pull_request
@@ -734,7 +771,6 @@ trigger:
  - "refs/tags/**"
 steps:
  - name: fetch-tags
-    pull: default
    image: docker:git
    commands:
      - git fetch --tags --force
@@ -752,6 +788,30 @@ steps:
        from_secret: docker_password
      username:
        from_secret: docker_username
+    environment:
+      PLUGIN_MIRROR:
+        from_secret: plugin_mirror
+    when:
+      event:
+        exclude:
+        - pull_request
+
+  - name: publish-rootless
+    image: plugins/docker:linux-arm64
+    settings:
+      dockerfile: Dockerfile.rootless
+      auto_tag: true
+      auto_tag_suffix: linux-arm64-rootless
+      repo: gitea/gitea
+      build_args:
+        - GOPROXY=off
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+    environment:
+      PLUGIN_MIRROR:
+        from_secret: plugin_mirror
    when:
      event:
        exclude:
@@ -766,8 +826,19 @@ platform:
  arch: amd64

 steps:
-  - name: manifest
+  - name: manifest-rootless
    pull: always
+    image: plugins/manifest
+    settings:
+      auto_tag: true
+      ignore_missing: true
+      spec: docker/manifest.rootless.tmpl
+      password:
+        from_secret: docker_password
+      username:
+        from_secret: docker_username
+
+  - name: manifest
    image: plugins/manifest
    settings:
      auto_tag: true
--- a/.eslintrc
+++ b/.eslintrc
@@ -3,14 +3,22 @@ reportUnusedDisableDirectives: true

 ignorePatterns:
  - /web_src/js/vendor
+  - /templates/base/head.tmpl
+  - /templates/repo/activity.tmpl
+  - /templates/repo/view_file.tmpl

 parserOptions:
  sourceType: module
-  ecmaVersion: 2020
+  ecmaVersion: 2021

 plugins:
  - eslint-plugin-unicorn
  - eslint-plugin-import
+  - eslint-plugin-vue
+  - eslint-plugin-html
+
+extends:
+  - plugin:vue/recommended

 env:
  es2021: true
@@ -23,12 +31,19 @@ globals:
  SimpleMDE: false
  u2fApi: false

+settings:
+  html/html-extensions: [".tmpl"]
+
 overrides:
-  - files: ["web_src/**/*.js"]
+  - files: ["web_src/**/*.js", "web_src/**/*.vue", "templates/**/*.tmpl"]
    env:
      browser: true
      jquery: true
      node: false
+  - files: ["templates/**/*.tmpl"]
+    rules:
+      no-tabs: [0]
+      indent: [2, tab, {SwitchCase: 1}]
  - files: ["web_src/**/*worker.js"]
    env:
      worker: true
@@ -99,7 +114,7 @@ rules:
  import/no-amd: [0]
  import/no-anonymous-default-export: [0]
  import/no-commonjs: [0]
-  import/no-cycle: [0]
+  import/no-cycle: [2, {ignoreExternal: true}]
  import/no-default-export: [0]
  import/no-deprecated: [0]
  import/no-dynamic-require: [0]
@@ -117,7 +132,7 @@ rules:
  import/no-self-import: [2]
  import/no-unassigned-import: [0]
  import/no-unresolved: [2, {commonjs: true}]
-  import/no-unused-modules: [0]
+  import/no-unused-modules: [2, {unusedExports: true}]
  import/no-useless-path-segments: [2, {commonjs: true}]
  import/no-webpack-loader-syntax: [2]
  import/order: [0]
@@ -211,7 +226,7 @@ rules:
  no-mixed-operators: [0]
  no-mixed-spaces-and-tabs: [2]
  no-multi-assign: [0]
-  no-multi-spaces: [2, {ignoreEOLComments: true, exceptions: {Property: true, VariableDeclarator: true}}]
+  no-multi-spaces: [2, {ignoreEOLComments: true, exceptions: {Property: true}}]
  no-multi-str: [2]
  no-negated-condition: [0]
  no-nested-ternary: [0]
@@ -220,6 +235,7 @@ rules:
  no-new-symbol: [2]
  no-new-wrappers: [2]
  no-new: [0]
+  no-nonoctal-decimal-escape: [2]
  no-obj-calls: [2]
  no-octal-escape: [2]
  no-octal: [2]
@@ -330,12 +346,14 @@ rules:
  unicorn/catch-error-name: [0]
  unicorn/consistent-function-scoping: [2]
  unicorn/custom-error-definition: [0]
+  unicorn/empty-brace-spaces: [2]
  unicorn/error-message: [0]
  unicorn/escape-case: [0]
  unicorn/expiring-todo-comments: [0]
  unicorn/explicit-length-check: [0]
  unicorn/filename-case: [0]
  unicorn/import-index: [0]
+  unicorn/import-style: [0]
  unicorn/new-for-builtins: [2]
  unicorn/no-abusive-eslint-disable: [0]
  unicorn/no-array-instanceof: [0]
@@ -344,6 +362,7 @@ rules:
  unicorn/no-for-loop: [0]
  unicorn/no-hex-escape: [0]
  unicorn/no-keyword-prefix: [0]
+  unicorn/no-lonely-if: [2]
  unicorn/no-nested-ternary: [0]
  unicorn/no-new-buffer: [0]
  unicorn/no-null: [0]
@@ -356,11 +375,14 @@ rules:
  unicorn/no-useless-undefined: [0]
  unicorn/no-zero-fractions: [2]
  unicorn/number-literal-case: [0]
+  unicorn/numeric-separators-style: [0]
  unicorn/prefer-add-event-listener: [2]
  unicorn/prefer-array-find: [2]
  unicorn/prefer-dataset: [2]
+  unicorn/prefer-date-now: [2]
  unicorn/prefer-event-key: [2]
  unicorn/prefer-includes: [2]
+  unicorn/prefer-math-trunc: [2]
  unicorn/prefer-modern-dom-apis: [0]
  unicorn/prefer-negative-index: [2]
  unicorn/prefer-node-append: [0]
@@ -374,6 +396,7 @@ rules:
  unicorn/prefer-spread: [0]
  unicorn/prefer-starts-ends-with: [2]
  unicorn/prefer-string-slice: [0]
+  unicorn/prefer-ternary: [0]
  unicorn/prefer-text-content: [2]
  unicorn/prefer-trim-start-end: [2]
  unicorn/prefer-type-error: [0]
@@ -383,6 +406,11 @@ rules:
  use-isnan: [2]
  valid-typeof: [2, {requireStringLiterals: true}]
  vars-on-top: [0]
+  vue/attributes-order: [0]
+  vue/component-definition-name-casing: [0]
+  vue/html-closing-bracket-spacing: [0]
+  vue/max-attributes-per-line: [0]
+  vue/one-component-per-file: [0]
  wrap-iife: [2, inside]
  wrap-regex: [0]
  yield-star-spacing: [2, after]
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,3 +1,6 @@
 * text=auto eol=lf
 /vendor/** -text -eol linguist-vendored
 /public/vendor/** -text -eol linguist-vendored
+/templates/**/*.tmpl linguist-language=Handlebars
+/.eslintrc linguist-language=YAML
+/.stylelintrc linguist-language=YAML
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@@ -2,16 +2,20 @@

 <!--
    1. Please speak English, this is the language all maintainers can speak and write.
-    2. Please ask questions or configuration/deploy problems on our Discord 
+    2. Please ask questions or configuration/deploy problems on our Discord
       server (https://discord.gg/gitea) or forum (https://discourse.gitea.io).
    3. Please take a moment to check that your issue doesn't already exist.
-    4. Please give all relevant information below for bug reports, because 
+    4. Make sure it's not mentioned in the FAQ (https://docs.gitea.io/en-us/faq)
+    5. Please give all relevant information below for bug reports, because
       incomplete details will be handled as an invalid report.
 -->

 - Gitea version (or commit ref):
 - Git version:
 - Operating system:
+  <!-- Please include information on whether you built gitea yourself, used one of our downloads or are using some other package -->
+  <!-- Please also tell us how you are running gitea, e.g. if it is being run from docker, a command-line, systemd etc. --->
+  <!-- If you are using a package or systemd tell us what distribution you are using -->
 - Database (use `[x]`):
  - [ ] PostgreSQL
  - [ ] MySQL
@@ -20,8 +24,10 @@
 - Can you reproduce the bug at https://try.gitea.io:
  - [ ] Yes (provide example URL)
  - [ ] No
-  - [ ] Not relevant
 - Log gist:
+<!-- It really is important to provide pertinent logs -->
+<!-- Please read https://docs.gitea.io/en-us/logging-configuration/#debugging-problems -->
+<!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini -->

 ## Description

--- a/.github/lock.yml
+++ b/.github/lock.yml
@@ -0,0 +1,23 @@
+# Configuration for Lock Threads - https://github.com/dessant/lock-threads-app
+
+# Number of days of inactivity before a closed issue or pull request is locked
+daysUntilLock: 60
+
+# Skip issues and pull requests created before a given timestamp. Timestamp must
+# follow ISO 8601 (`YYYY-MM-DD`). `false` is disabled
+skipCreatedBefore: false
+
+# Issues and pull requests with these labels will be ignored.
+exemptLabels: []
+
+# Label to add before locking, such as `outdated`. `false` is disabled
+lockLabel: false
+
+# Comment to post before locking.
+lockComment: >
+  This thread has been automatically locked since there has not been
+  any recent activity after it was closed. Please open a new issue for
+  related bugs and link to relevant comments in this thread.
+
+# Assign `resolved` as the reason for locking. Set to `false` to disable
+setLockReason: true
--- a/.gitignore
+++ b/.gitignore
@@ -80,7 +80,17 @@ coverage.all
 /public/css
 /public/fonts
 /public/img/webpack
-/web_src/fomantic/build
+/web_src/fomantic/build/*
+!/web_src/fomantic/build/semantic.js
+!/web_src/fomantic/build/semantic.css
+!/web_src/fomantic/build/themes
+/web_src/fomantic/build/themes/*
+!/web_src/fomantic/build/themes/default
+/web_src/fomantic/build/themes/default/assets/*
+!/web_src/fomantic/build/themes/default/assets/fonts
+/web_src/fomantic/build/themes/default/assets/fonts/*
+!/web_src/fomantic/build/themes/default/assets/fonts/icons.woff2
+!/web_src/fomantic/build/themes/default/assets/fonts/outline-icons.woff2
 /VERSION
 /.air

--- a/.golangci.yml
+++ b/.golangci.yml
@@ -70,7 +70,7 @@ issues:
    - path: modules/log/
      linters:
        - errcheck
-    - path: routers/routes/routes.go
+    - path: routers/routes/macaron.go
      linters:
        - dupl
    - path: routers/api/v1/repo/issue_subscription.go
@@ -101,6 +101,9 @@ issues:
    - path: cmd/dump.go
      linters:
        - dupl
+    - path: services/webhook/webhook.go
+      linters:
+        - structcheck
    - text: "commentFormatting: put a space between `//` and comment text"
      linters:
        - gocritic
--- a/.npmrc
+++ b/.npmrc
@@ -1,2 +1,4 @@
+audit=false
+fund=false
 package-lock=true
 save-exact=true
--- a/.stylelintrc
+++ b/.stylelintrc
@@ -11,5 +11,5 @@ rules:
  no-descending-specificity: null
  number-leading-zero: never
  rule-empty-line-before: null
-  selector-pseudo-element-colon-notation: null
+  selector-pseudo-element-colon-notation: double
  shorthand-property-no-redundant-values: true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,14 +4,53 @@ This changelog goes through all the changes that have been made in each release
 without substantial changes to our git log; to see the highlights of what has
 been added to each release, please refer to the [blog](https://blog.gitea.io).

-## [1.13.0-RC1](https://github.com/go-gitea/gitea/releases/tag/v1.13.0-RC1) - 2020-10-14
+## [1.13.1](https://github.com/go-gitea/gitea/releases/tag/v1.13.1) - 2020-12-29

 * SECURITY
+  * Hide private participation in Orgs (#13994) (#14031)
+  * Fix escaping issue in diff (#14153) (#14154)
+* BUGFIXES
+  * Fix bug of link query order on markdown render (#14156) (#14171)
+  * Drop long repo topics during migration (#14152) (#14155)
+  * Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143)
+  * Fix storage config implementation (#14091) (#14095)
+  * Fix panic in BasicAuthDecode (#14046) (#14048)
+  * Always wait for the cmd to finish (#14006) (#14039)
+  * Don't use simpleMDE editor on mobile devices for 1.13 (#14029)
+  * Fix incorrect review comment diffs (#14002) (#14011)
+  * Trim the branch prefix from action.GetBranch (#13981) (#13986)
+  * Ensure template renderer is available before storage handler (#13164) (#13982)
+  * Whenever the password is updated ensure that the hash algorithm is too (#13966) (#13967)
+  * Enforce setting HEAD in wiki to master (#13950) (#13961)
+  * Fix feishu webhook caused by API changed (#13938)
+  * Fix Quote Reply button on review diff (#13830) (#13898)
+  * Fix Pull Merge when tag with same name as base branch exist (#13882) (#13896)
+  * Fix mermaid chart size (#13865)
+  * Fix branch/tag notifications in mirror sync (#13855) (#13862)
+  * Fix crash in short link processor (#13839) (#13841)
+  * Update font stack to bootstrap's latest (#13834) (#13837)
+  * Make sure email recipients can see issue (#13820) (#13827)
+  * Reply button is not removed when deleting a code review comment (#13824)
+  * When reinitialising DBConfig reset the database use flags (#13796) (#13811)
+* ENHANCEMENTS
+  * Add emoji in label to project boards (#13978) (#14021)
+  * Send webhook when tag is removed via Web UI (#14015) (#14019)
+  * Use Process Manager to create own Context (#13792) (#13793)
+* API
+  * GetCombinedCommitStatusByRef always return json & swagger doc fixes (#14047)
+  * Return original URL of Repositories (#13885) (#13886)
+
+## [1.13.0](https://github.com/go-gitea/gitea/releases/tag/v1.13.0) - 2020-12-01
+* SECURITY
+  * Add Allow-/Block-List for Migrate & Mirrors (#13610) (#13776)
+  * Prevent git operations for inactive users (#13527) (#13536)
+  * Disallow urlencoded new lines in git protocol paths if there is a port (#13521) (#13524)
  * Mitigate Security vulnerability in the git hook feature (#13058)
  * Disable DSA ssh keys by default (#13056)
  * Set TLS minimum version to 1.2 (#12689)
  * Use argon as default password hash algorithm (#12688)
 * BREAKING
+  * Set RUN_MODE prod by default (#13765) (#13767)
  * Don't replace underscores in auto-generated IDs in goldmark (#12805)
  * Add Primary Key to Topic and RepoTopic tables (#12639)
  * Disable password complexity check default (#12557)
@@ -71,6 +110,40 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
  * Add endpoint for Branch Creation (#11607)
  * Add pagination headers on endpoints that support total count from database (#11145)
 * BUGFIXES
+  * Fix bogus http requests on diffs (#13760) (#13761)
+  * Show 'owner' tag for real owner (#13689) (#13743)
+  * Validate email before inserting/updating (#13475) (#13666)
+  * Fix issue/pull request list assignee filter (#13647) (#13651)
+  * Gitlab migration support for subdirectories (#13563) (#13591)
+  * Fix logic for preferred license setting (#13550) (#13557)
+  * Add missed sync branch/tag webhook (#13538) (#13556)
+  * Migration won't fail on non-migrated reactions (#13507)
+  * Fix Italian language file parsing error (#13156)
+  * Show outdated comments in pull request (#13148) (#13162)
+  * Fix parsing of pre-release git version (#13169) (#13172)
+  * Fix diff skipping lines (#13154) (#13155)
+  * When handling errors in storageHandler check underlying error (#13178) (#13193)
+  * Fix size and clickable area on file table back link (#13205) (#13207)
+  * Add better error checking for inline html diff code (#13251)
+  * Fix initial commit page & binary munching problem (#13249) (#13258)
+  * Fix migrations from remote Gitea instances when configuration not set (#13229) (#13273)
+  * Store task errors following migrations and display them (#13246) (#13287)
+  * Fix bug isEnd detection on getIssues/getPullRequests (#13299) (#13301)
+  * When the git ref is unable to be found return broken pr (#13218) (#13303)
+  * Ensure topics added using the API are added to the repository (#13285) (#13302)
+  * Fix avatar autogeneration (#13233) (#13282)
+  * Add migrated pulls to pull request task queue (#13331) (#13334)
+  * Issue comment reactions should also check pull type on API (#13349) (#13350)
+  * Fix links to repositories in /user/setting/repos (#13360) (#13362)
+  * Remove obsolete change of email on profile page (#13341) (#13347)
+  * Fix scrolling to resolved comment anchors (#13343) (#13371)
+  * Storage configuration support `[storage]` (#13314) (#13379)
+  * When creating line diffs do not split within an html entity (#13357) (#13375) (#13425) (#13427)
+  * Fix reactions on code comments (#13390) (#13401) 
+  * Add missing full names when DEFAULT_SHOW_FULL_NAME is enabled (#13424)
+  * Replies to outdated code comments should also be outdated (#13217) (#13433)
+  * Fix panic bug in handling multiple references in commit (#13486) (#13487)
+  * Prevent panic on git blame by limiting lines to 4096 bytes at most (#13470) (#13491)
  * Show original author's reviews on pull summary box (#13127)
  * Update golangci-lint to version 1.31.0 (#13102)
  * Fix line break for MS teams webhook (#13081)
@@ -140,6 +213,10 @@ been added to each release, please refer to the [blog](https://blog.gitea.io).
  * Fix Enter not working in SimpleMDE (#11564)
  * Fix bug about can't skip commits base on base branch (#11555)
 * ENHANCEMENTS
+  * Only Return JSON for responses (#13511) (#13565)
+  * Use existing analyzer module for language detection for highlighting (#13522) (#13551)
+  * Return the full rejection message and errors in flash errors (#13221) (#13237)
+  * Remove PAM from auth dropdown when unavailable (#13276) (#13281)
  * Add HostCertificate to sshd_config in Docker image (#13143)
  * Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
  * Improve error feedback for duplicate deploy keys (#13112)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -158,7 +158,7 @@ import (
 To maintain understandable code and avoid circular dependencies it is important to have a good structure of the code. The gitea code is divided into the following parts:

 - **integration:** Integrations tests
- **models:** Contains the data structures used by xorm to construct database tables. It also contains supporting functions to query and update the database. Dependecies to other code in Gitea should be avoided although some modules might be needed (for example for logging).
+- **models:** Contains the data structures used by xorm to construct database tables. It also contains supporting functions to query and update the database. Dependencies to other code in Gitea should be avoided although some modules might be needed (for example for logging).
 - **models/fixtures:** Sample model data used in integration tests.
 - **models/migrations:** Handling of database migrations between versions. PRs that changes a database structure shall also have a migration step.
 - **modules:** Different modules to handle specific functionality in Gitea.
@@ -181,16 +181,16 @@ The same applies to status responses. If you notice a problem, feel free to leav
 All expected results (errors, success, fail messages) should be documented
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L319-L327)).

-All JSON input types must be defined as a struct in `models/structs/`
+All JSON input types must be defined as a struct in [modules/structs/](modules/structs/)
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L76-L91))
 and referenced in
 [routers/api/v1/swagger/options.go](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/options.go).  
 They can then be used like the following:
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L318)).

-All JSON responses must be defined as a struct in `models/structs/`
+All JSON responses must be defined as a struct in [modules/structs/](modules/structs/)
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/modules/structs/issue.go#L36-L68))
-and referenced in its category in `routers/api/v1/swagger/`
+and referenced in its category in [routers/api/v1/swagger/](routers/api/v1/swagger/)
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/swagger/issue.go#L11-L16))  
 They can be used like the following:
 ([example](https://github.com/go-gitea/gitea/blob/c620eb5b2d0d874da68ebd734d3864c5224f71f7/routers/api/v1/repo/issue.go#L277-L279))
@@ -199,7 +199,7 @@ In general, HTTP methods are chosen as follows:
 * **GET** endpoints return requested object and status **OK (200)**
 * **DELETE** endpoints return status **No Content (204)**
 * **POST** endpoints return status **Created (201)**, used to **create** new objects (e.g. a User)
- * **PUT** endpoints return status **No Content (204)**, used to **add/assign** existing Obejcts (e.g. User) to something (e.g. Org-Team)
+ * **PUT** endpoints return status **No Content (204)**, used to **add/assign** existing Objects (e.g. User) to something (e.g. Org-Team)
 * **PATCH** endpoints return changed object and status **OK (200)**, used to **edit/change** an existing object


@@ -293,6 +293,11 @@ and lead the development of Gitea.
 To honor the past owners, here's the history of the owners and the time
 they served:

+* 2021-01-01 ~ 2021-12-31 - https://github.com/go-gitea/gitea/issues/13801
+  * [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
+  * [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) <lauris@nix.lv>
+  * [Matti Ranta](https://gitea.com/techknowlogick) <techknowlogick@gitea.io>
+
 * 2020-01-01 ~ 2020-12-31 - https://github.com/go-gitea/gitea/issues/9230
  * [Lunny Xiao](https://gitea.com/lunny) <xiaolunwen@gmail.com>
  * [Lauris Bukšis-Haberkorns](https://gitea.com/lafriks) <lauris@nix.lv>
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -0,0 +1,67 @@
+
+###################################
+#Build stage
+FROM golang:1.15-alpine3.12 AS build-env
+
+ARG GOPROXY
+ENV GOPROXY ${GOPROXY:-direct}
+
+ARG GITEA_VERSION
+ARG TAGS="sqlite sqlite_unlock_notify"
+ENV TAGS "bindata timetzdata $TAGS"
+ARG CGO_EXTRA_CFLAGS 
+
+#Build deps
+RUN apk --no-cache add build-base git nodejs npm
+
+#Setup repo
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
+
+#Checkout version if set
+RUN if [ -n "${GITEA_VERSION}" ]; then git checkout "${GITEA_VERSION}"; fi \
+ && make clean-all build
+
+FROM alpine:3.12
+LABEL maintainer="maintainers@gitea.io"
+
+EXPOSE 2222 3000
+
+RUN apk --no-cache add \
+    bash \
+    ca-certificates \
+    gettext \
+    git \
+    gnupg
+
+RUN addgroup \
+    -S -g 1000 \
+    git && \
+  adduser \
+    -S -H -D \
+    -h /var/lib/gitea/git \
+    -s /bin/bash \
+    -u 1000 \
+    -G git \
+    git && \
+  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
+
+RUN mkdir -p /var/lib/gitea /etc/gitea
+RUN chown git:git /var/lib/gitea /etc/gitea
+
+COPY docker/rootless /
+COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
+
+USER git:git
+ENV GITEA_WORK_DIR /var/lib/gitea
+ENV GITEA_CUSTOM /var/lib/gitea/custom
+ENV GITEA_TEMP /tmp/gitea
+#TODO add to docs the ability to define the ini to load (usefull to test and revert a config)
+ENV GITEA_APP_INI /etc/gitea/app.ini
+ENV HOME "/var/lib/gitea/git"
+VOLUME ["/var/lib/gitea", "/etc/gitea"]
+WORKDIR /var/lib/gitea
+
+ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
+CMD []
+
--- a/4
+++ b/4
@@ -36,4 +36,6 @@ Mura Li <typeless@ctli.io> (@typeless)
 6543 <6543@obermui.de> (@6543)
 jaqra <jaqra@hotmail.com> (@jaqra)
 David Svantesson <davidsvantesson@gmail.com> (@davidsvantesson)
-CirnoT <gitea.m@i32.pl> (@CirnoT)
+a1012112796 <1012112796@qq.com> (@a1012112796)
+Karl Heinz Marbaise <kama@soebes.de> (@khmarbaise)
+Norwin Roosen <git@nroo.de> (@noerw)
--- a/135
+++ b/135
@@ -1,4 +1,3 @@
-
 ifeq ($(USE_REPO_TEST_DIR),1)

 # This rule replaces the whole Makefile when we're trying to use /tmp repository temporary files
@@ -94,7 +93,7 @@ FOMANTIC_CONFIGS := semantic.json web_src/fomantic/theme.config.less web_src/fom
 FOMANTIC_DEST := web_src/fomantic/build/semantic.js web_src/fomantic/build/semantic.css
 FOMANTIC_DEST_DIR := web_src/fomantic/build

-WEBPACK_SOURCES := $(shell find web_src/js web_src/less -type f) $(FOMANTIC_DEST)
+WEBPACK_SOURCES := $(shell find web_src/js web_src/less -type f)
 WEBPACK_CONFIGS := webpack.config.js
 WEBPACK_DEST := public/js/index.js public/css/index.css
 WEBPACK_DEST_ENTRIES := public/js public/css public/fonts public/img/webpack public/serviceworker.js
@@ -110,7 +109,10 @@ TAGS ?=
 TAGS_SPLIT := $(subst $(COMMA), ,$(TAGS))
 TAGS_EVIDENCE := $(MAKE_EVIDENCE_DIR)/tags

-GO_DIRS := cmd integrations models modules routers build services vendor
+TEST_TAGS ?= sqlite sqlite_unlock_notify
+
+GO_DIRS := cmd integrations models modules routers build services vendor tools
+
 GO_SOURCES := $(wildcard *.go)
 GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go" -not -path modules/options/bindata.go -not -path modules/public/bindata.go -not -path modules/templates/bindata.go)

@@ -152,7 +154,7 @@ all: build
 .PHONY: help
 help:
 	@echo "Make Routines:"
-	@echo " - \"\"                             equivalent to \"build\""
+	@echo " - \"\"                               equivalent to \"build\""
 	@echo " - build                            build everything"
 	@echo " - frontend                         build frontend files"
 	@echo " - backend                          build backend files"
@@ -180,13 +182,13 @@ help:
 	@echo " - revive                           run revive linter"
 	@echo " - misspell                         check for misspellings"
 	@echo " - vet                              examines Go source code and reports suspicious constructs"
-	@echo " - test[\#TestSpecificName]    	   run unit test"
+	@echo " - test[\#TestSpecificName]    	    run unit test"
 	@echo " - test-sqlite[\#TestSpecificName]  run integration test for sqlite"
 	@echo " - pr#<index>                       build and start gitea from a PR with integration test data loaded"

 .PHONY: go-check
 go-check:
-	$(eval GO_VERSION := $(shell printf "%03d%03d%03d" $(shell go version | grep -Eo '[0-9]+\.[0-9.]+' | tr '.' ' ');))
+	$(eval GO_VERSION := $(shell printf "%03d%03d%03d" $(shell $(GO) version | grep -Eo '[0-9]+\.[0-9.]+' | tr '.' ' ');))
 	@if [ "$(GO_VERSION)" -lt "$(MIN_GO_VERSION)" ]; then \
 		echo "Gitea requires Go 1.13 or greater to build. You can get it at https://golang.org/dl/"; \
 		exit 1; \
@@ -210,7 +212,7 @@ node-check:

 .PHONY: clean-all
 clean-all: clean
-	rm -rf $(WEBPACK_DEST_ENTRIES) $(FOMANTIC_DEST_DIR)
+	rm -rf $(WEBPACK_DEST_ENTRIES)

 .PHONY: clean
 clean:
@@ -223,15 +225,15 @@ clean:

 .PHONY: fmt
 fmt:
-	$(GOFMT) -w $(GO_SOURCES_OWN)
+	@echo "Running go fmt..."
+	@$(GOFMT) -w $(GO_SOURCES_OWN)

 .PHONY: vet
 vet:
-	# Default vet
-	$(GO) vet $(GO_PACKAGES)
-	# Custom vet
-	$(GO) build -mod=vendor code.gitea.io/gitea-vet
-	$(GO) vet -vettool=gitea-vet $(GO_PACKAGES)
+	@echo "Running go vet..."
+	@$(GO) vet $(GO_PACKAGES)
+	@$(GO) build -mod=vendor code.gitea.io/gitea-vet
+	@$(GO) vet -vettool=gitea-vet $(GO_PACKAGES)

 .PHONY: $(TAGS_EVIDENCE)
 $(TAGS_EVIDENCE):
@@ -255,7 +257,7 @@ swagger-check: generate-swagger
 		echo "Please run 'make generate-swagger' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
-	fi;
+	fi

 .PHONY: swagger-validate
 swagger-validate:
@@ -268,7 +270,8 @@ errcheck:
 	@hash errcheck > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		GO111MODULE=off $(GO) get -u github.com/kisielk/errcheck; \
 	fi
-	errcheck $(GO_PACKAGES)
+	@echo "Running errcheck..."
+	@errcheck $(GO_PACKAGES)

 .PHONY: revive
 revive:
@@ -279,14 +282,16 @@ misspell-check:
 	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		GO111MODULE=off $(GO) get -u github.com/client9/misspell/cmd/misspell; \
 	fi
-	misspell -error -i unknwon,destory $(GO_SOURCES_OWN)
+	@echo "Running misspell-check..."
+	@misspell -error -i unknwon,destory $(GO_SOURCES_OWN)

 .PHONY: misspell
 misspell:
 	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		GO111MODULE=off $(GO) get -u github.com/client9/misspell/cmd/misspell; \
 	fi
-	misspell -w -i unknwon $(GO_SOURCES_OWN)
+	@echo "Running go misspell..."
+	@misspell -w -i unknwon $(GO_SOURCES_OWN)

 .PHONY: fmt-check
 fmt-check:
@@ -296,7 +301,7 @@ fmt-check:
 		echo "Please run 'make fmt' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
-	fi;
+	fi

 .PHONY: checks
 checks: checks-frontend checks-backend
@@ -312,8 +317,8 @@ lint: lint-frontend lint-backend

 .PHONY: lint-frontend
 lint-frontend: node_modules
-	npx eslint web_src/js build webpack.config.js
-	npx stylelint web_src/less
+	npx eslint --color --max-warnings=0 web_src/js build templates webpack.config.js
+	npx stylelint --color --max-warnings=0 web_src/less

 .PHONY: lint-backend
 lint-backend: golangci-lint revive vet
@@ -323,9 +328,9 @@ watch:
 	bash tools/watch.sh

 .PHONY: watch-frontend
-watch-frontend: node-check $(FOMANTIC_DEST) node_modules
+watch-frontend: node-check node_modules
 	rm -rf $(WEBPACK_DEST_ENTRIES)
-	NODE_ENV=development npx webpack --hide-modules --display-entrypoints=false --watch --progress
+	NODE_ENV=development npx webpack --watch --progress

 .PHONY: watch-backend
 watch-backend: go-check
@@ -336,11 +341,12 @@ watch-backend: go-check

 .PHONY: test
 test:
-	$(GO) test $(GOTESTFLAGS) -mod=vendor -tags='sqlite sqlite_unlock_notify' $(GO_PACKAGES)
+	@echo "Running go test with -tags '$(TEST_TAGS)'..."
+	@$(GO) test $(GOTESTFLAGS) -mod=vendor -tags='$(TEST_TAGS)' $(GO_PACKAGES)

 .PHONY: test-check
 test-check:
-	@echo "Checking if tests have changed the source tree...";
+	@echo "Running test-check...";
 	@diff=$$(git status -s); \
 	if [ -n "$$diff" ]; then \
 		echo "make test has changed files in the source tree:"; \
@@ -348,11 +354,12 @@ test-check:
 		echo "You should change the tests to create these files in a temporary directory."; \
 		echo "Do not simply add these files to .gitignore"; \
 		exit 1; \
-	fi;
+	fi

 .PHONY: test\#%
 test\#%:
-	$(GO) test -mod=vendor -tags='sqlite sqlite_unlock_notify' -run $(subst .,/,$*) $(GO_PACKAGES)
+	@echo "Running go test with -tags '$(TEST_TAGS)'..."
+	@$(GO) test -mod=vendor -tags='$(TEST_TAGS)' -run $(subst .,/,$*) $(GO_PACKAGES)

 .PHONY: coverage
 coverage:
@@ -360,7 +367,8 @@ coverage:

 .PHONY: unit-test-coverage
 unit-test-coverage:
-	$(GO) test $(GOTESTFLAGS) -mod=vendor -tags='sqlite sqlite_unlock_notify' -cover -coverprofile coverage.out $(GO_PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1
+	@echo "Running unit-test-coverage -tags '$(TEST_TAGS)'..."
+	@$(GO) test $(GOTESTFLAGS) -mod=vendor -tags='$(TEST_TAGS)' -cover -coverprofile coverage.out $(GO_PACKAGES) && echo "\n==>\033[32m Ok\033[m\n" || exit 1

 .PHONY: vendor
 vendor:
@@ -373,7 +381,7 @@ test-vendor: vendor
 		echo "Please run 'make vendor' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
-	fi;
+	fi

 generate-ini-sqlite:
 	sed -e 's|{{REPO_TEST_DIR}}|${REPO_TEST_DIR}|g' \
@@ -381,15 +389,15 @@ generate-ini-sqlite:

 .PHONY: test-sqlite
 test-sqlite: integrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test

 .PHONY: test-sqlite\#%
 test-sqlite\#%: integrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.run $(subst .,/,$*)

 .PHONY: test-sqlite-migration
 test-sqlite-migration:  migrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./migrations.sqlite.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./migrations.sqlite.test

 generate-ini-mysql:
 	sed -e 's|{{TEST_MYSQL_HOST}}|${TEST_MYSQL_HOST}|g' \
@@ -401,15 +409,15 @@ generate-ini-mysql:

 .PHONY: test-mysql
 test-mysql: integrations.mysql.test generate-ini-mysql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test

 .PHONY: test-mysql\#%
 test-mysql\#%: integrations.mysql.test generate-ini-mysql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.run $(subst .,/,$*)

 .PHONY: test-mysql-migration
 test-mysql-migration: migrations.mysql.test generate-ini-mysql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./migrations.mysql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql.ini ./migrations.mysql.test

 generate-ini-mysql8:
 	sed -e 's|{{TEST_MYSQL8_HOST}}|${TEST_MYSQL8_HOST}|g' \
@@ -421,15 +429,15 @@ generate-ini-mysql8:

 .PHONY: test-mysql8
 test-mysql8: integrations.mysql8.test generate-ini-mysql8
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test

 .PHONY: test-mysql8\#%
 test-mysql8\#%: integrations.mysql8.test generate-ini-mysql8
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql8.ini ./integrations.mysql8.test -test.run $(subst .,/,$*)

 .PHONY: test-mysql8-migration
 test-mysql8-migration: migrations.mysql8.test generate-ini-mysql8
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql8.ini ./migrations.mysql8.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql8.ini ./migrations.mysql8.test

 generate-ini-pgsql:
 	sed -e 's|{{TEST_PGSQL_HOST}}|${TEST_PGSQL_HOST}|g' \
@@ -442,15 +450,15 @@ generate-ini-pgsql:

 .PHONY: test-pgsql
 test-pgsql: integrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test

 .PHONY: test-pgsql\#%
 test-pgsql\#%: integrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.run $(subst .,/,$*)

 .PHONY: test-pgsql-migration
 test-pgsql-migration: migrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./migrations.pgsql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/pgsql.ini ./migrations.pgsql.test

 generate-ini-mssql:
 	sed -e 's|{{TEST_MSSQL_HOST}}|${TEST_MSSQL_HOST}|g' \
@@ -462,35 +470,35 @@ generate-ini-mssql:

 .PHONY: test-mssql
 test-mssql: integrations.mssql.test generate-ini-mssql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test

 .PHONY: test-mssql\#%
 test-mssql\#%: integrations.mssql.test generate-ini-mssql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.run $(subst .,/,$*)
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.run $(subst .,/,$*)

 .PHONY: test-mssql-migration
 test-mssql-migration: migrations.mssql.test generate-ini-mssql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./migrations.mssql.test -test.failfast
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mssql.ini ./migrations.mssql.test -test.failfast

 .PHONY: bench-sqlite
 bench-sqlite: integrations.sqlite.test generate-ini-sqlite
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: bench-mysql
 bench-mysql: integrations.mysql.test generate-ini-mysql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: bench-mssql
 bench-mssql: integrations.mssql.test generate-ini-mssql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mssql.ini ./integrations.mssql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: bench-pgsql
 bench-pgsql: integrations.pgsql.test generate-ini-pgsql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.cpuprofile=cpu.out -test.run DontRunTests -test.bench .

 .PHONY: integration-test-coverage
 integration-test-coverage: integrations.cover.test generate-ini-mysql
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out

 integrations.mysql.test: git-check $(GO_SOURCES)
 	$(GO) test $(GOTESTFLAGS) -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.mysql.test
@@ -505,7 +513,7 @@ integrations.mssql.test: git-check $(GO_SOURCES)
 	$(GO) test $(GOTESTFLAGS) -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.mssql.test

 integrations.sqlite.test: git-check $(GO_SOURCES)
-	$(GO) test $(GOTESTFLAGS) -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
+	$(GO) test $(GOTESTFLAGS) -mod=vendor -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags '$(TEST_TAGS)'

 integrations.cover.test: git-check $(GO_SOURCES)
 	$(GO) test $(GOTESTFLAGS) -mod=vendor -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(GO_PACKAGES) | tr ' ' ',') -o integrations.cover.test
@@ -528,7 +536,7 @@ migrations.mssql.test: $(GO_SOURCES)

 .PHONY: migrations.sqlite.test
 migrations.sqlite.test: $(GO_SOURCES)
-	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/integrations/migration-test -o migrations.sqlite.test -tags 'sqlite sqlite_unlock_notify'
+	$(GO) test $(GOTESTFLAGS) -c code.gitea.io/gitea/integrations/migration-test -o migrations.sqlite.test -tags '$(TEST_TAGS)'

 .PHONY: check
 check: test
@@ -541,14 +549,15 @@ install: $(wildcard *.go)
 build: frontend backend

 .PHONY: frontend
-frontend: node-check $(FOMANTIC_DEST) $(WEBPACK_DEST)
+frontend: node-check $(WEBPACK_DEST)

 .PHONY: backend
 backend: go-check generate $(EXECUTABLE)

 .PHONY: generate
 generate: $(TAGS_PREREQ)
-	CC= GOOS= GOARCH= $(GO) generate -mod=vendor -tags '$(TAGS)' $(GO_PACKAGES)
+	@echo "Running go generate..."
+	@CC= GOOS= GOARCH= $(GO) generate -mod=vendor -tags '$(TAGS)' $(GO_PACKAGES)

 $(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build -mod=vendor $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
@@ -575,7 +584,7 @@ release-linux: | $(DIST_DIRS)
 	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
 		GO111MODULE=off $(GO) get -u src.techknowlogick.com/xgo; \
 	fi
-	CGO_CFLAGS="$(CGO_CFLAGS)" GO111MODULE=off xgo -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64,linux/mips64le,linux/mips,linux/mipsle' -out gitea-$(VERSION) .
+	CGO_CFLAGS="$(CGO_CFLAGS)" GO111MODULE=off xgo -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64' -out gitea-$(VERSION) .
 ifeq ($(CI),drone)
 	cp /build/* $(DIST)/binaries
 endif
@@ -637,9 +646,12 @@ npm-update: node-check | node_modules
 fomantic: $(FOMANTIC_DEST)

 $(FOMANTIC_DEST): $(FOMANTIC_CONFIGS) | node_modules
+	@if [ ! -d node_modules/fomantic-ui ]; then \
+		npm install --no-save --no-package-lock fomantic-ui@2.8.7; \
+	fi
 	rm -rf $(FOMANTIC_DEST_DIR)
-	cp web_src/fomantic/theme.config.less node_modules/fomantic-ui/src/theme.config
-	cp -r web_src/fomantic/_site/* node_modules/fomantic-ui/src/_site/
+	cp -f web_src/fomantic/theme.config.less node_modules/fomantic-ui/src/theme.config
+	cp -rf web_src/fomantic/_site/* node_modules/fomantic-ui/src/_site/
 	npx gulp -f node_modules/fomantic-ui/gulpfile.js build
 	@touch $(FOMANTIC_DEST)

@@ -648,7 +660,7 @@ webpack: $(WEBPACK_DEST)

 $(WEBPACK_DEST): $(WEBPACK_SOURCES) $(WEBPACK_CONFIGS) package-lock.json | node_modules
 	rm -rf $(WEBPACK_DEST_ENTRIES)
-	npx webpack --hide-modules --display-entrypoints=false
+	npx webpack
 	@touch $(WEBPACK_DEST)

 .PHONY: svg
@@ -664,7 +676,7 @@ svg-check: svg
 		echo "Please run 'make svg' and 'git add $(SVG_DEST_DIR)' and commit the result:"; \
 		echo "$${diff}"; \
 		exit 1; \
-	fi;
+	fi

 .PHONY: update-translations
 update-translations:
@@ -684,11 +696,10 @@ generate-license:
 generate-gitignore:
 	GO111MODULE=on $(GO) run build/generate-gitignores.go

-
 .PHONY: generate-images
 generate-images:
-	npm install --no-save --no-package-lock xmldom fabric imagemin-zopfli
-	node build/generate-images.js
+	npm install --no-save --no-package-lock fabric imagemin-zopfli
+	node build/generate-images.js $(TAGS)

 .PHONY: pr\#%
 pr\#%: clean-all
@@ -700,7 +711,7 @@ golangci-lint:
 		export BINARY="golangci-lint"; \
 		curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.31.0; \
 	fi
-	golangci-lint run --timeout 5m
+	golangci-lint run --timeout 10m

 .PHONY: docker
 docker:
@@ -709,7 +720,7 @@ docker:

 .PHONY: docker-build
 docker-build:
-	docker run -ti --rm -v $(CURDIR):/srv/app/src/code.gitea.io/gitea -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" LDFLAGS="$(LDFLAGS)" CGO_EXTRA_CFLAGS="$(CGO_EXTRA_CFLAGS)" webhippie/golang:edge make clean build
+	docker run -ti --rm -v "$(CURDIR):/srv/app/src/code.gitea.io/gitea" -w /srv/app/src/code.gitea.io/gitea -e TAGS="bindata $(TAGS)" LDFLAGS="$(LDFLAGS)" CGO_EXTRA_CFLAGS="$(CGO_EXTRA_CFLAGS)" webhippie/golang:edge make clean build

 # This endif closes the if at the top of the file
 endif
--- a/README.md
+++ b/README.md
@@ -1,19 +1,52 @@
-[简体中文](README_ZH.md)
+<p align="center">
+  <a href="https://gitea.io/">
+    <img alt="Gitea" src="https://raw.githubusercontent.com/go-gitea/gitea/master/public/img/gitea.svg" width="220"/>
+  </a>
+</p>
+<h1 align="center">Gitea - Git with a cup of tea</h1>

-<h1> <img src="https://raw.githubusercontent.com/go-gitea/gitea/master/public/img/gitea-192.png" alt="logo" width="30" height="30"> Gitea - Git with a cup of tea</h1>
+<p align="center">
+  <a href="https://drone.gitea.io/go-gitea/gitea" title="Build Status">
+    <img src="https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg?ref=refs/heads/master">
+  </a>
+  <a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea">
+    <img src="https://img.shields.io/discord/322538954119184384.svg">
+  </a>
+  <a href="https://microbadger.com/images/gitea/gitea" title="Get your own image badge on microbadger.com">
+    <img src="https://images.microbadger.com/badges/image/gitea/gitea.svg">
+  </a>
+  <a href="https://codecov.io/gh/go-gitea/gitea" title="Codecov">
+    <img src="https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg">
+  </a>
+  <a href="https://godoc.org/code.gitea.io/gitea" title="Go Report Card">
+    <img src="https://goreportcard.com/badge/code.gitea.io/gitea">
+  </a>
+  <a href="https://godoc.org/code.gitea.io/gitea" title="GoDoc">
+    <img src="https://godoc.org/code.gitea.io/gitea?status.svg">
+  </a>
+  <a href="https://github.com/go-gitea/gitea/releases/latest" title="GitHub release">
+    <img src="https://img.shields.io/github/release/go-gitea/gitea.svg">
+  </a>
+  <a href="https://www.codetriage.com/go-gitea/gitea" title="Help Contribute to Open Source">
+    <img src="https://www.codetriage.com/go-gitea/gitea/badges/users.svg">
+  </a>
+  <a href="https://opencollective.com/gitea" title="Become a backer/sponsor of gitea">
+    <img src="https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen">
+  </a>
+  <a href="https://opensource.org/licenses/MIT" title="License: MIT">
+    <img src="https://img.shields.io/badge/License-MIT-blue.svg">
+  </a>
+  <a href="https://crowdin.com/project/gitea" title="Crowdin">
+    <img src="https://badges.crowdin.net/gitea/localized.svg">
+  </a>
+  <a href="https://www.tickgit.com/browse?repo=github.com/go-gitea/gitea" title="TODOs">
+    <img src="https://badgen.net/https/api.tickgit.com/badgen/github.com/go-gitea/gitea">
+  </a>
+</p>

-[![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg?ref=refs/heads/master)](https://drone.gitea.io/go-gitea/gitea)
-[![Join the Discord chat at https://discord.gg/Gitea](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea)
-[![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
-[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
-[![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
-[![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
-[![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
-[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
-[![TODOs](https://badgen.net/https/api.tickgit.com/badgen/github.com/go-gitea/gitea)](https://www.tickgit.com/browse?repo=github.com/go-gitea/gitea)
+<p align="center">
+  <a href="README_ZH.md">View the chinese version of this document</a>
+</p>

 ## Purpose

@@ -69,11 +102,12 @@ NOTES:

 ## Further information

-For more information and instructions about how to install Gitea, please look
-at our [documentation](https://docs.gitea.io/en-us/). If you have questions
-that are not covered by the documentation, you can get in contact with us on
-our [Discord server](https://discord.gg/Gitea),
-or [forum](https://discourse.gitea.io/)!
+For more information and instructions about how to install Gitea, please look at our [documentation](https://docs.gitea.io/en-us/).
+If you have questions that are not covered by the documentation, you can get in contact with us on our [Discord server](https://discord.gg/Gitea) or create  a post in the [discourse forum](https://discourse.gitea.io/).
+
+We maintain a list of Gitea-related projects at [gitea/awesome-gitea](https://gitea.com/gitea/awesome-gitea).  
+The hugo-based documentation theme is hosted at [gitea/theme](https://gitea.com/gitea/theme).  
+The official Gitea CLI is developed at [gitea/tea](https://gitea.com/gitea/tea).

 ## Authors

--- a/README_ZH.md
+++ b/README_ZH.md
@@ -1,18 +1,52 @@
-[English](README.md)
+<p align="center">
+  <a href="https://gitea.io/">
+    <img alt="Gitea" src="https://raw.githubusercontent.com/go-gitea/gitea/master/public/img/gitea.svg" width="220"/>
+  </a>
+</p>
+<h1 align="center">Gitea - Git with a cup of tea</h1>

-<h1> <img src="https://raw.githubusercontent.com/go-gitea/gitea/master/public/img/gitea-192.png" alt="logo" width="30" height="30"> Gitea - Git with a cup of tea</h1>
+<p align="center">
+  <a href="https://drone.gitea.io/go-gitea/gitea" title="Build Status">
+    <img src="https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg?ref=refs/heads/master">
+  </a>
+  <a href="https://discord.gg/Gitea" title="Join the Discord chat at https://discord.gg/Gitea">
+    <img src="https://img.shields.io/discord/322538954119184384.svg">
+  </a>
+  <a href="https://microbadger.com/images/gitea/gitea" title="Get your own image badge on microbadger.com">
+    <img src="https://images.microbadger.com/badges/image/gitea/gitea.svg">
+  </a>
+  <a href="https://codecov.io/gh/go-gitea/gitea" title="Codecov">
+    <img src="https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg">
+  </a>
+  <a href="https://godoc.org/code.gitea.io/gitea" title="Go Report Card">
+    <img src="https://goreportcard.com/badge/code.gitea.io/gitea">
+  </a>
+  <a href="https://godoc.org/code.gitea.io/gitea" title="GoDoc">
+    <img src="https://godoc.org/code.gitea.io/gitea?status.svg">
+  </a>
+  <a href="https://github.com/go-gitea/gitea/releases/latest" title="GitHub release">
+    <img src="https://img.shields.io/github/release/go-gitea/gitea.svg">
+  </a>
+  <a href="https://www.codetriage.com/go-gitea/gitea" title="Help Contribute to Open Source">
+    <img src="https://www.codetriage.com/go-gitea/gitea/badges/users.svg">
+  </a>
+  <a href="https://opencollective.com/gitea" title="Become a backer/sponsor of gitea">
+    <img src="https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen">
+  </a>
+  <a href="https://opensource.org/licenses/MIT" title="License: MIT">
+    <img src="https://img.shields.io/badge/License-MIT-blue.svg">
+  </a>
+  <a href="https://crowdin.com/project/gitea" title="Crowdin">
+    <img src="https://badges.crowdin.net/gitea/localized.svg">
+  </a>
+  <a href="https://www.tickgit.com/browse?repo=github.com/go-gitea/gitea" title="TODOs">
+    <img src="https://badgen.net/https/api.tickgit.com/badgen/github.com/go-gitea/gitea">
+  </a>
+</p>

-[![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
-[![Join the Discord chat at https://discord.gg/Gitea](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/Gitea)
-[![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
-[![codecov](https://codecov.io/gh/go-gitea/gitea/branch/master/graph/badge.svg)](https://codecov.io/gh/go-gitea/gitea)
-[![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
-[![GoDoc](https://godoc.org/code.gitea.io/gitea?status.svg)](https://godoc.org/code.gitea.io/gitea)
-[![GitHub release](https://img.shields.io/github/release/go-gitea/gitea.svg)](https://github.com/go-gitea/gitea/releases/latest)
-[![Help Contribute to Open Source](https://www.codetriage.com/go-gitea/gitea/badges/users.svg)](https://www.codetriage.com/go-gitea/gitea)
-[![Become a backer/sponsor of gitea](https://opencollective.com/gitea/tiers/backers/badge.svg?label=backers&color=brightgreen)](https://opencollective.com/gitea)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
-[![Crowdin](https://badges.crowdin.net/gitea/localized.svg)](https://crowdin.com/project/gitea)
+<p align="center">
+  <a href="README.md">View the english version of this document</a>
+</p>

 ## 目标

--- a/assets/logo.svg
+++ b/assets/logo.svg
@@ -1,161 +1,31 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-
-<svg
-   xmlns:dc="http://purl.org/dc/elements/1.1/"
-   xmlns:cc="http://creativecommons.org/ns#"
-   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
-   xmlns:svg="http://www.w3.org/2000/svg"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   width="512"
-   height="512"
-   viewBox="0 0 135.46667 135.46667"
-   version="1.1"
-   id="svg8"
-   sodipodi:docname="logo.svg"
-   inkscape:version="0.92.1 r15371"
-   inkscape:export-filename=""
-   inkscape:export-xdpi="48.000004"
-   inkscape:export-ydpi="48.000004">
-  <defs
-     id="defs2" />
-  <sodipodi:namedview
-     id="base"
-     pagecolor="#ffffff"
-     bordercolor="#666666"
-     borderopacity="1.0"
-     inkscape:pageopacity="0"
-     inkscape:pageshadow="2"
-     inkscape:zoom="0.70710678"
-     inkscape:cx="418.13805"
-     inkscape:cy="177.57445"
-     inkscape:document-units="mm"
-     inkscape:current-layer="layer2"
-     showgrid="false"
-     units="px"
-     width="256px"
-     showguides="false"
-     inkscape:window-width="1920"
-     inkscape:window-height="1137"
-     inkscape:window-x="1912"
-     inkscape:window-y="-8"
-     inkscape:window-maximized="1"
-     inkscape:pagecheckerboard="false"
-     inkscape:measure-start="283.373,243.952"
-     inkscape:measure-end="290.267,236.527">
-    <sodipodi:guide
-       position="0,0"
-       orientation="0,512"
-       id="guide3699"
-       inkscape:locked="false" />
-    <sodipodi:guide
-       position="135.46667,0"
-       orientation="-512,0"
-       id="guide3701"
-       inkscape:locked="false" />
-    <sodipodi:guide
-       position="135.46667,135.46667"
-       orientation="0,-512"
-       id="guide3703"
-       inkscape:locked="false" />
-    <sodipodi:guide
-       position="0,135.46667"
-       orientation="512,0"
-       id="guide3705"
-       inkscape:locked="false" />
-  </sodipodi:namedview>
-  <metadata
-     id="metadata5">
-    <rdf:RDF>
-      <cc:Work
-         rdf:about="">
-        <dc:format>image/svg+xml</dc:format>
-        <dc:type
-           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
-        <dc:title></dc:title>
-      </cc:Work>
-    </rdf:RDF>
-  </metadata>
-  <g
-     inkscape:label="Layer 1"
-     inkscape:groupmode="layer"
-     id="layer1"
-     transform="translate(0,-161.53334)"
-     style="display:inline">
-    <path
-       style="fill:#609926;fill-opacity:1;stroke:#428f29;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;stroke-miterlimit:4;stroke-dasharray:none"
-       d="m 27.709937,195.15095 c -9.546573,-0.0272 -22.3392732,6.79805 -21.6317552,23.90397 1.105534,26.72889 25.4565952,29.20839 35.1916502,29.42301 1.068023,5.01357 12.521798,22.30563 21.001818,23.21667 h 37.15277 c 22.27763,-1.66785 38.9607,-75.75671 26.59321,-76.03825 -46.781583,2.47691 -49.995146,2.13838 -88.599758,0 -2.495053,-0.0266 -5.972321,-0.49474 -9.707935,-0.5054 z m 2.491319,9.45886 c 1.351378,13.69267 3.555849,21.70359 8.018216,33.94345 -11.382872,-1.50473 -21.069822,-5.22443 -22.851515,-19.10984 -0.950962,-7.4112 2.390428,-15.16769 14.833299,-14.83361 z"
-       id="path3722"
-       inkscape:connector-curvature="0"
-       sodipodi:nodetypes="sscccccsccsc" />
-  </g>
-  <g
-     inkscape:groupmode="layer"
-     id="layer2"
-     inkscape:label="Layer 2"
-     style="display:inline">
-    <rect
-       style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.24757317;stroke-opacity:1"
-       id="rect4599"
-       width="34.762054"
-       height="34.762054"
-       x="87.508659"
-       y="18.291576"
-       transform="rotate(25.914715)"
-       ry="5.4825778" />
-    <path
-       style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.26644793px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       d="m 79.804947,57.359056 3.241146,1.609954 V 35.255731 h -3.262698 z"
-       id="path4525"
-       inkscape:connector-curvature="0"
-       sodipodi:nodetypes="ccccc" />
-  </g>
-  <g
-     inkscape:groupmode="layer"
-     id="layer3"
-     class="detail-remove"
-     inkscape:label="Layer 3"
-     style="display:inline">
-    <g
-       style="display:inline"
-       id="g4539">
-      <circle
-         transform="rotate(-19.796137)"
-         r="3.4745038"
-         cy="90.077766"
-         cx="49.064713"
-         id="path4606"
-         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
-      <circle
-         transform="rotate(-19.796137)"
-         r="3.4745038"
-         cy="102.1049"
-         cx="36.810425"
-         id="path4606-3"
-         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
-      <circle
-         transform="rotate(-19.796137)"
-         r="3.4745038"
-         cy="111.43928"
-         cx="46.484283"
-         id="path4606-1"
-         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
-      <rect
-         transform="rotate(26.024158)"
-         y="18.061695"
-         x="97.333458"
-         height="27.261492"
-         width="2.6726954"
-         id="rect4629-8"
-         style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.27444693;stroke-opacity:1" />
-      <path
-         sodipodi:nodetypes="cc"
-         inkscape:connector-curvature="0"
-         id="path4514"
-         d="m 76.558096,68.116343 c 12.97589,6.395378 13.012989,4.101862 4.890858,20.907244"
-         style="fill:none;stroke:#609926;stroke-width:2.68000007;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
-    </g>
-  </g>
-</svg>
+<?xml version="1.0" encoding="utf-8"?>
+<svg version="1.1" id="main_outline" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px"
+	 y="0px" viewBox="0 0 640 640" style="enable-background:new 0 0 640 640;" xml:space="preserve">
+<g>
+	<path id="teabag" style="fill:#FFFFFF" d="M395.9,484.2l-126.9-61c-12.5-6-17.9-21.2-11.8-33.8l61-126.9c6-12.5,21.2-17.9,33.8-11.8
+		c17.2,8.3,27.1,13,27.1,13l-0.1-109.2l16.7-0.1l0.1,117.1c0,0,57.4,24.2,83.1,40.1c3.7,2.3,10.2,6.8,12.9,14.4
+		c2.1,6.1,2,13.1-1,19.3l-61,126.9C423.6,484.9,408.4,490.3,395.9,484.2z"/>
+	<g>
+		<g>
+			<path style="fill:#609926" d="M622.7,149.8c-4.1-4.1-9.6-4-9.6-4s-117.2,6.6-177.9,8c-13.3,0.3-26.5,0.6-39.6,0.7c0,39.1,0,78.2,0,117.2
+				c-5.5-2.6-11.1-5.3-16.6-7.9c0-36.4-0.1-109.2-0.1-109.2c-29,0.4-89.2-2.2-89.2-2.2s-141.4-7.1-156.8-8.5
+				c-9.8-0.6-22.5-2.1-39,1.5c-8.7,1.8-33.5,7.4-53.8,26.9C-4.9,212.4,6.6,276.2,8,285.8c1.7,11.7,6.9,44.2,31.7,72.5
+				c45.8,56.1,144.4,54.8,144.4,54.8s12.1,28.9,30.6,55.5c25,33.1,50.7,58.9,75.7,62c63,0,188.9-0.1,188.9-0.1s12,0.1,28.3-10.3
+				c14-8.5,26.5-23.4,26.5-23.4s12.9-13.8,30.9-45.3c5.5-9.7,10.1-19.1,14.1-28c0,0,55.2-117.1,55.2-231.1
+				C633.2,157.9,624.7,151.8,622.7,149.8z M125.6,353.9c-25.9-8.5-36.9-18.7-36.9-18.7S69.6,321.8,60,295.4
+				c-16.5-44.2-1.4-71.2-1.4-71.2s8.4-22.5,38.5-30c13.8-3.7,31-3.1,31-3.1s7.1,59.4,15.7,94.2c7.2,29.2,24.8,77.7,24.8,77.7
+				S142.5,359.9,125.6,353.9z M425.9,461.5c0,0-6.1,14.5-19.6,15.4c-5.8,0.4-10.3-1.2-10.3-1.2s-0.3-0.1-5.3-2.1l-112.9-55
+				c0,0-10.9-5.7-12.8-15.6c-2.2-8.1,2.7-18.1,2.7-18.1L322,273c0,0,4.8-9.7,12.2-13c0.6-0.3,2.3-1,4.5-1.5c8.1-2.1,18,2.8,18,2.8
+				l110.7,53.7c0,0,12.6,5.7,15.3,16.2c1.9,7.4-0.5,14-1.8,17.2C474.6,363.8,425.9,461.5,425.9,461.5z"/>
+			<path style="fill:#609926" d="M326.8,380.1c-8.2,0.1-15.4,5.8-17.3,13.8c-1.9,8,2,16.3,9.1,20c7.7,4,17.5,1.8,22.7-5.4
+				c5.1-7.1,4.3-16.9-1.8-23.1l24-49.1c1.5,0.1,3.7,0.2,6.2-0.5c4.1-0.9,7.1-3.6,7.1-3.6c4.2,1.8,8.6,3.8,13.2,6.1
+				c4.8,2.4,9.3,4.9,13.4,7.3c0.9,0.5,1.8,1.1,2.8,1.9c1.6,1.3,3.4,3.1,4.7,5.5c1.9,5.5-1.9,14.9-1.9,14.9
+				c-2.3,7.6-18.4,40.6-18.4,40.6c-8.1-0.2-15.3,5-17.7,12.5c-2.6,8.1,1.1,17.3,8.9,21.3c7.8,4,17.4,1.7,22.5-5.3
+				c5-6.8,4.6-16.3-1.1-22.6c1.9-3.7,3.7-7.4,5.6-11.3c5-10.4,13.5-30.4,13.5-30.4c0.9-1.7,5.7-10.3,2.7-21.3
+				c-2.5-11.4-12.6-16.7-12.6-16.7c-12.2-7.9-29.2-15.2-29.2-15.2s0-4.1-1.1-7.1c-1.1-3.1-2.8-5.1-3.9-6.3c4.7-9.7,9.4-19.3,14.1-29
+				c-4.1-2-8.1-4-12.2-6.1c-4.8,9.8-9.7,19.7-14.5,29.5c-6.7-0.1-12.9,3.5-16.1,9.4c-3.4,6.3-2.7,14.1,1.9,19.8
+				C343.2,346.5,335,363.3,326.8,380.1z"/>
+		</g>
+	</g>
+</g>
+</svg>
--- a/build/generate-images.js
+++ b/build/generate-images.js
@@ -2,11 +2,12 @@
 'use strict';

 const imageminZopfli = require('imagemin-zopfli');
+const Svgo = require('svgo');
 const {fabric} = require('fabric');
-const {DOMParser, XMLSerializer} = require('xmldom');
 const {readFile, writeFile} = require('fs').promises;
 const {resolve} = require('path');
-const Svgo = require('svgo');
+
+const logoFile = resolve(__dirname, '../assets/logo.svg');

 function exit(err) {
  if (err) console.error(err);
@@ -21,42 +22,20 @@ function loadSvg(svg) {
  });
 }

-async function generateSvgFavicon(svg, outputFile) {
-  const svgo = new Svgo({
-    plugins: [
-      {removeDimensions: true},
-      {
-        addAttributesToSVGElement: {
-          attributes: [
-            {'width': '32'},
-            {'height': '32'},
-          ],
-        },
-      },
-    ],
-  });
+async function generate(svg, outputFile, {size, bg}) {
+  if (outputFile.endsWith('.svg')) {
+    const svgo = new Svgo({
+      plugins: [
+        {removeDimensions: true},
+        {addAttributesToSVGElement: {attributes: [{width: size}, {height: size}]}},
+      ],
+    });

-  const {data} = await svgo.optimize(svg);
-  await writeFile(outputFile, data);
-}
-
-async function generate(svg, outputFile, {size, bg, removeDetail} = {}) {
-  const parser = new DOMParser();
-  const serializer = new XMLSerializer();
-  const document = parser.parseFromString(svg);
-
-  if (removeDetail) {
-    for (const el of Array.from(document.getElementsByTagName('g') || [])) {
-      for (const attribute of Array.from(el.attributes || [])) {
-        if (attribute.name === 'class' && attribute.value === 'detail-remove') {
-          el.parentNode.removeChild(el);
-        }
-      }
-    }
+    const {data} = await svgo.optimize(svg);
+    await writeFile(outputFile, data);
+    return;
  }

-  svg = serializer.serializeToString(document);
-
  const {objects, options} = await loadSvg(svg);
  const canvas = new fabric.Canvas();
  canvas.setDimensions({width: size, height: size});
@@ -86,15 +65,17 @@ async function generate(svg, outputFile, {size, bg, removeDetail} = {}) {
 }

 async function main() {
-  const svg = await readFile(resolve(__dirname, '../assets/logo.svg'), 'utf8');
-  await generateSvgFavicon(svg, resolve(__dirname, '../public/img/favicon.svg'));
-  await generate(svg, resolve(__dirname, '../public/img/gitea-lg.png'), {size: 880});
-  await generate(svg, resolve(__dirname, '../public/img/gitea-512.png'), {size: 512});
-  await generate(svg, resolve(__dirname, '../public/img/gitea-192.png'), {size: 192});
-  await generate(svg, resolve(__dirname, '../public/img/gitea-sm.png'), {size: 120});
-  await generate(svg, resolve(__dirname, '../public/img/avatar_default.png'), {size: 200});
-  await generate(svg, resolve(__dirname, '../public/img/favicon.png'), {size: 180, removeDetail: true});
-  await generate(svg, resolve(__dirname, '../public/img/apple-touch-icon.png'), {size: 180, bg: true});
+  const gitea = process.argv.slice(2).includes('gitea');
+  const svg = await readFile(logoFile, 'utf8');
+
+  await Promise.all([
+    generate(svg, resolve(__dirname, '../public/img/logo.svg'), {size: 32}),
+    generate(svg, resolve(__dirname, '../public/img/logo.png'), {size: 512}),
+    generate(svg, resolve(__dirname, '../public/img/favicon.png'), {size: 180}),
+    generate(svg, resolve(__dirname, '../public/img/avatar_default.png'), {size: 200}),
+    generate(svg, resolve(__dirname, '../public/img/apple-touch-icon.png'), {size: 180, bg: true}),
+    gitea && generate(svg, resolve(__dirname, '../public/img/gitea.svg'), {size: 32}),
+  ]);
 }

 main().then(exit).catch(exit);
--- a/build/generate-svg.js
+++ b/build/generate-svg.js
@@ -14,10 +14,16 @@ function exit(err) {
  process.exit(err ? 1 : 0);
 }

-async function processFile(file, {prefix = ''} = {}) {
-  let name = parse(file).name;
-  if (prefix) name = `${prefix}-${name}`;
-  if (prefix === 'octicon') name = name.replace(/-[0-9]+$/, ''); // chop of '-16' on octicons
+async function processFile(file, {prefix, fullName} = {}) {
+  let name;
+
+  if (fullName) {
+    name = fullName;
+  } else {
+    name = parse(file).name;
+    if (prefix) name = `${prefix}-${name}`;
+    if (prefix === 'octicon') name = name.replace(/-[0-9]+$/, ''); // chop of '-16' on octicons
+  }

  const svgo = new Svgo({
    plugins: [
@@ -47,18 +53,20 @@ async function processFile(file, {prefix = ''} = {}) {
  await writeFile(resolve(outputDir, `${name}.svg`), data);
 }

+function processFiles(pattern, opts) {
+  return glob(pattern).map((file) => processFile(file, opts));
+}
+
 async function main() {
  try {
    await mkdir(outputDir);
  } catch {}

-  for (const file of glob('../node_modules/@primer/octicons/build/svg/*-16.svg')) {
-    await processFile(file, {prefix: 'octicon'});
-  }
-
-  for (const file of glob('../web_src/svg/*.svg')) {
-    await processFile(file);
-  }
+  await Promise.all([
+    ...processFiles('../node_modules/@primer/octicons/build/svg/*-16.svg', {prefix: 'octicon'}),
+    ...processFiles('../web_src/svg/*.svg'),
+    ...processFiles('../assets/logo.svg', {fullName: 'gitea-gitea'}),
+  ]);
 }

 main().then(exit).catch(exit);
--- a/build/update-locales.sh
+++ b/build/update-locales.sh
@@ -10,10 +10,10 @@ sed -i -r -e '/^[a-zA-Z0-9_.-]+[ ]*=[ ]*".*"$/ {
 	}' ./options/locale/*.ini

 # Remove translation under 25% of en_us
-baselines=`wc -l "./options/locale_en-US.ini" | cut -d" " -f1`
+baselines=$(wc -l "./options/locale_en-US.ini" | cut -d" " -f1)
 baselines=$((baselines / 4))
 for filename in ./options/locale/*.ini; do
-  lines=`wc -l "$filename" | cut -d" " -f1`
+  lines=$(wc -l "$filename" | cut -d" " -f1)
  if [ $lines -lt $baselines ]; then
    echo "Removing $filename: $lines/$baselines"
    rm "$filename"
--- a/cmd/admin.go
+++ b/cmd/admin.go
@@ -10,6 +10,7 @@ import (
 	"errors"
 	"fmt"
 	"os"
+	"strings"
 	"text/tabwriter"

 	"code.gitea.io/gitea/models"
@@ -30,16 +31,39 @@ var (
 		Name:  "admin",
 		Usage: "Command line interface to perform common administrative operations",
 		Subcommands: []cli.Command{
-			subcmdCreateUser,
-			subcmdChangePassword,
+			subcmdUser,
 			subcmdRepoSyncReleases,
 			subcmdRegenerate,
 			subcmdAuth,
+			subcmdSendMail,
 		},
 	}

-	subcmdCreateUser = cli.Command{
-		Name:   "create-user",
+	subcmdUser = cli.Command{
+		Name:  "user",
+		Usage: "Modify users",
+		Subcommands: []cli.Command{
+			microcmdUserCreate,
+			microcmdUserList,
+			microcmdUserChangePassword,
+			microcmdUserDelete,
+		},
+	}
+
+	microcmdUserList = cli.Command{
+		Name:   "list",
+		Usage:  "List users",
+		Action: runListUsers,
+		Flags: []cli.Flag{
+			cli.BoolFlag{
+				Name:  "admin",
+				Usage: "List only admin users",
+			},
+		},
+	}
+
+	microcmdUserCreate = cli.Command{
+		Name:   "create",
 		Usage:  "Create a new user in database",
 		Action: runCreateUser,
 		Flags: []cli.Flag{
@@ -83,7 +107,7 @@ var (
 		},
 	}

-	subcmdChangePassword = cli.Command{
+	microcmdUserChangePassword = cli.Command{
 		Name:   "change-password",
 		Usage:  "Change a user's password",
 		Action: runChangePassword,
@@ -101,6 +125,26 @@ var (
 		},
 	}

+	microcmdUserDelete = cli.Command{
+		Name:  "delete",
+		Usage: "Delete specific user by id, name or email",
+		Flags: []cli.Flag{
+			cli.Int64Flag{
+				Name:  "id",
+				Usage: "ID of user of the user to delete",
+			},
+			cli.StringFlag{
+				Name:  "username,u",
+				Usage: "Username of the user to delete",
+			},
+			cli.StringFlag{
+				Name:  "email,e",
+				Usage: "Email of the user to delete",
+			},
+		},
+		Action: runDeleteUser,
+	}
+
 	subcmdRepoSyncReleases = cli.Command{
 		Name:   "repo-sync-releases",
 		Usage:  "Synchronize repository releases with tags",
@@ -238,6 +282,11 @@ var (
 			Value: "",
 			Usage: "Use a custom Email URL (option for GitHub)",
 		},
+		cli.StringFlag{
+			Name:  "icon-url",
+			Value: "",
+			Usage: "Custom icon URL for OAuth2 login source",
+		},
 	}

 	microcmdAuthUpdateOauth = cli.Command{
@@ -253,6 +302,28 @@ var (
 		Action: runAddOauth,
 		Flags:  oauthCLIFlags,
 	}
+
+	subcmdSendMail = cli.Command{
+		Name:   "sendmail",
+		Usage:  "Send a message to all users",
+		Action: runSendMail,
+		Flags: []cli.Flag{
+			cli.StringFlag{
+				Name:  "title",
+				Usage: `a title of a message`,
+				Value: "",
+			},
+			cli.StringFlag{
+				Name:  "content",
+				Usage: "a content of a message",
+				Value: "",
+			},
+			cli.BoolFlag{
+				Name:  "force,f",
+				Usage: "A flag to bypass a confirmation step",
+			},
+		},
+	}
 )

 func runChangePassword(c *cli.Context) error {
@@ -278,12 +349,11 @@ func runChangePassword(c *cli.Context) error {
 	if err != nil {
 		return err
 	}
-	if user.Salt, err = models.GetUserSalt(); err != nil {
+	if err = user.SetPassword(c.String("password")); err != nil {
 		return err
 	}
-	user.HashPassword(c.String("password"))

-	if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
+	if err = models.UpdateUserCols(user, "passwd", "passwd_hash_algo", "salt"); err != nil {
 		return err
 	}

@@ -377,6 +447,71 @@ func runCreateUser(c *cli.Context) error {
 	return nil
 }

+func runListUsers(c *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	users, err := models.GetAllUsers()
+
+	if err != nil {
+		return err
+	}
+
+	w := tabwriter.NewWriter(os.Stdout, 5, 0, 1, ' ', 0)
+
+	if c.IsSet("admin") {
+		fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\n")
+		for _, u := range users {
+			if u.IsAdmin {
+				fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", u.ID, u.Name, u.Email, u.IsActive)
+			}
+		}
+	} else {
+		fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\n")
+		for _, u := range users {
+			fmt.Fprintf(w, "%d\t%s\t%s\t%t\t%t\n", u.ID, u.Name, u.Email, u.IsActive, u.IsAdmin)
+		}
+
+	}
+
+	w.Flush()
+	return nil
+
+}
+
+func runDeleteUser(c *cli.Context) error {
+	if !c.IsSet("id") && !c.IsSet("username") && !c.IsSet("email") {
+		return fmt.Errorf("You must provide the id, username or email of a user to delete")
+	}
+
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	var err error
+	var user *models.User
+	if c.IsSet("email") {
+		user, err = models.GetUserByEmail(c.String("email"))
+	} else if c.IsSet("username") {
+		user, err = models.GetUserByName(c.String("username"))
+	} else {
+		user, err = models.GetUserByID(c.Int64("id"))
+	}
+	if err != nil {
+		return err
+	}
+	if c.IsSet("username") && user.LowerName != strings.ToLower(strings.TrimSpace(c.String("username"))) {
+		return fmt.Errorf("The user %s who has email %s does not match the provided username %s", user.Name, c.String("email"), c.String("username"))
+	}
+
+	if c.IsSet("id") && user.ID != c.Int64("id") {
+		return fmt.Errorf("The user %s does not match the provided id %d", user.Name, c.Int64("id"))
+	}
+
+	return models.DeleteUser(user)
+}
+
 func runRepoSyncReleases(c *cli.Context) error {
 	if err := initDB(); err != nil {
 		return err
@@ -475,6 +610,7 @@ func parseOAuth2Config(c *cli.Context) *models.OAuth2Config {
 		ClientSecret:                  c.String("secret"),
 		OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
 		CustomURLMapping:              customURLMapping,
+		IconURL:                       c.String("icon-url"),
 	}
 }

@@ -527,6 +663,10 @@ func runUpdateOauth(c *cli.Context) error {
 		oAuth2Config.OpenIDConnectAutoDiscoveryURL = c.String("auto-discover-url")
 	}

+	if c.IsSet("icon-url") {
+		oAuth2Config.IconURL = c.String("icon-url")
+	}
+
 	// update custom URL mapping
 	var customURLMapping = &oauth2.CustomURLMapping{}

--- a/cmd/cmd.go
+++ b/cmd/cmd.go
@@ -9,6 +9,7 @@ package cmd
 import (
 	"errors"
 	"fmt"
+	"strings"

 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/setting"
@@ -32,6 +33,25 @@ func argsSet(c *cli.Context, args ...string) error {
 	return nil
 }

+// confirm waits for user input which confirms an action
+func confirm() (bool, error) {
+	var response string
+
+	_, err := fmt.Scanln(&response)
+	if err != nil {
+		return false, err
+	}
+
+	switch strings.ToLower(response) {
+	case "y", "yes":
+		return true, nil
+	case "n", "no":
+		return false, nil
+	default:
+		return false, errors.New(response + " isn't a correct confirmation string")
+	}
+}
+
 func initDB() error {
 	return initDBDisableConsole(false)
 }
--- a/cmd/docs.go
+++ b/cmd/docs.go
@@ -0,0 +1,61 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/urfave/cli"
+)
+
+// CmdDocs represents the available docs sub-command.
+var CmdDocs = cli.Command{
+	Name:        "docs",
+	Usage:       "Output CLI documentation",
+	Description: "A command to output Gitea's CLI documentation, optionally to a file.",
+	Action:      runDocs,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:  "man",
+			Usage: "Output man pages instead",
+		},
+		&cli.StringFlag{
+			Name:  "output, o",
+			Usage: "Path to output to instead of stdout (will overwrite if exists)",
+		},
+	},
+}
+
+func runDocs(ctx *cli.Context) error {
+	docs, err := ctx.App.ToMarkdown()
+	if ctx.Bool("man") {
+		docs, err = ctx.App.ToMan()
+	}
+	if err != nil {
+		return err
+	}
+
+	if !ctx.Bool("man") {
+		// Clean up markdown. The following bug was fixed in v2, but is present in v1.
+		// It affects markdown output (even though the issue is referring to man pages)
+		// https://github.com/urfave/cli/issues/1040
+		docs = docs[strings.Index(docs, "#"):]
+	}
+
+	out := os.Stdout
+	if ctx.String("output") != "" {
+		fi, err := os.Create(ctx.String("output"))
+		if err != nil {
+			return err
+		}
+		defer fi.Close()
+		out = fi
+	}
+
+	_, err = fmt.Fprintln(out, docs)
+	return err
+}
--- a/cmd/doctor.go
+++ b/cmd/doctor.go
@@ -5,27 +5,19 @@
 package cmd

 import (
-	"bufio"
-	"bytes"
 	"context"
 	"fmt"
-	"io/ioutil"
 	golog "log"
 	"os"
-	"os/exec"
-	"path/filepath"
 	"strings"
 	"text/tabwriter"

 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/models/migrations"
-	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/doctor"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/options"
-	"code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
-	"xorm.io/builder"
+
 	"xorm.io/xorm"

 	"github.com/urfave/cli"
@@ -62,6 +54,10 @@ var CmdDoctor = cli.Command{
 			Name:  "log-file",
 			Usage: `Name of the log file (default: "doctor.log"). Set to "-" to output to stdout, set to "" to disable`,
 		},
+		cli.BoolFlag{
+			Name:  "color, H",
+			Usage: "Use color for outputted information",
+		},
 	},
 	Subcommands: []cli.Command{
 		cmdRecreateTable,
@@ -86,78 +82,6 @@ You should back-up your database before doing this and ensure that your database
 	Action: runRecreateTable,
 }

-type check struct {
-	title            string
-	name             string
-	isDefault        bool
-	f                func(ctx *cli.Context) ([]string, error)
-	abortIfFailed    bool
-	skipDatabaseInit bool
-}
-
-// checklist represents list for all checks
-var checklist = []check{
-	{
-		// NOTE: this check should be the first in the list
-		title:            "Check paths and basic configuration",
-		name:             "paths",
-		isDefault:        true,
-		f:                runDoctorPathInfo,
-		abortIfFailed:    true,
-		skipDatabaseInit: true,
-	},
-	{
-		title:         "Check Database Version",
-		name:          "check-db-version",
-		isDefault:     true,
-		f:             runDoctorCheckDBVersion,
-		abortIfFailed: false,
-	},
-	{
-		title:     "Check consistency of database",
-		name:      "check-db-consistency",
-		isDefault: false,
-		f:         runDoctorCheckDBConsistency,
-	},
-	{
-		title:     "Check if OpenSSH authorized_keys file is up-to-date",
-		name:      "authorized_keys",
-		isDefault: true,
-		f:         runDoctorAuthorizedKeys,
-	},
-	{
-		title:     "Check if SCRIPT_TYPE is available",
-		name:      "script-type",
-		isDefault: false,
-		f:         runDoctorScriptType,
-	},
-	{
-		title:     "Check if hook files are up-to-date and executable",
-		name:      "hooks",
-		isDefault: false,
-		f:         runDoctorHooks,
-	},
-	{
-		title:     "Recalculate merge bases",
-		name:      "recalculate_merge_bases",
-		isDefault: false,
-		f:         runDoctorPRMergeBase,
-	},
-	{
-		title:     "Recalculate Stars number for all user",
-		name:      "recalculate_stars_number",
-		isDefault: false,
-		f:         runDoctorUserStarNum,
-	},
-	{
-		title:     "Enable push options",
-		name:      "enable-push-options",
-		isDefault: false,
-		f:         runDoctorEnablePushOptions,
-	},
-	// more checks please append here
-}
-
 func runRecreateTable(ctx *cli.Context) error {
 	// Redirect the default golog to here
 	golog.SetFlags(0)
@@ -211,10 +135,15 @@ func runDoctor(ctx *cli.Context) error {
 		logFile = "doctor.log"
 	}

+	colorize := log.CanColorStdout
+	if ctx.IsSet("color") {
+		colorize = ctx.Bool("color")
+	}
+
 	if len(logFile) == 0 {
-		log.NewLogger(1000, "doctor", "console", `{"level":"NONE","stacktracelevel":"NONE","colorize":"%t"}`)
+		log.NewLogger(1000, "doctor", "console", fmt.Sprintf(`{"level":"NONE","stacktracelevel":"NONE","colorize":%t}`, colorize))
 	} else if logFile == "-" {
-		log.NewLogger(1000, "doctor", "console", `{"level":"trace","stacktracelevel":"NONE"}`)
+		log.NewLogger(1000, "doctor", "console", fmt.Sprintf(`{"level":"trace","stacktracelevel":"NONE","colorize":%t}`, colorize))
 	} else {
 		log.NewLogger(1000, "doctor", "file", fmt.Sprintf(`{"filename":%q,"level":"trace","stacktracelevel":"NONE"}`, logFile))
 	}
@@ -225,24 +154,24 @@ func runDoctor(ctx *cli.Context) error {
 	golog.SetOutput(log.NewLoggerAsWriter("INFO", log.GetLogger(log.DEFAULT)))

 	if ctx.IsSet("list") {
-		w := tabwriter.NewWriter(os.Stdout, 0, 8, 0, '\t', 0)
+		w := tabwriter.NewWriter(os.Stdout, 0, 8, 1, '\t', 0)
 		_, _ = w.Write([]byte("Default\tName\tTitle\n"))
-		for _, check := range checklist {
-			if check.isDefault {
+		for _, check := range doctor.Checks {
+			if check.IsDefault {
 				_, _ = w.Write([]byte{'*'})
 			}
 			_, _ = w.Write([]byte{'\t'})
-			_, _ = w.Write([]byte(check.name))
+			_, _ = w.Write([]byte(check.Name))
 			_, _ = w.Write([]byte{'\t'})
-			_, _ = w.Write([]byte(check.title))
+			_, _ = w.Write([]byte(check.Title))
 			_, _ = w.Write([]byte{'\n'})
 		}
 		return w.Flush()
 	}

-	var checks []check
+	var checks []*doctor.Check
 	if ctx.Bool("all") {
-		checks = checklist
+		checks = doctor.Checks
 	} else if ctx.IsSet("run") {
 		addDefault := ctx.Bool("default")
 		names := ctx.StringSlice("run")
@@ -250,452 +179,37 @@ func runDoctor(ctx *cli.Context) error {
 			names[i] = strings.ToLower(strings.TrimSpace(name))
 		}

-		for _, check := range checklist {
-			if addDefault && check.isDefault {
+		for _, check := range doctor.Checks {
+			if addDefault && check.IsDefault {
 				checks = append(checks, check)
 				continue
 			}
 			for _, name := range names {
-				if name == check.name {
+				if name == check.Name {
 					checks = append(checks, check)
 					break
 				}
 			}
 		}
 	} else {
-		for _, check := range checklist {
-			if check.isDefault {
+		for _, check := range doctor.Checks {
+			if check.IsDefault {
 				checks = append(checks, check)
 			}
 		}
 	}

-	dbIsInit := false
-
-	for i, check := range checks {
-		if !dbIsInit && !check.skipDatabaseInit {
-			// Only open database after the most basic configuration check
-			setting.EnableXORMLog = false
-			if err := initDBDisableConsole(true); err != nil {
-				fmt.Println(err)
-				fmt.Println("Check if you are using the right config file. You can use a --config directive to specify one.")
-				return nil
-			}
-			dbIsInit = true
-		}
-		fmt.Println("[", i+1, "]", check.title)
-		messages, err := check.f(ctx)
-		for _, message := range messages {
-			fmt.Println("-", message)
-		}
-		if err != nil {
-			fmt.Println("Error:", err)
-			if check.abortIfFailed {
-				return nil
-			}
-		} else {
-			fmt.Println("OK.")
-		}
-		fmt.Println()
-	}
-	return nil
-}
-
-func runDoctorPathInfo(ctx *cli.Context) ([]string, error) {
-
-	res := make([]string, 0, 10)
-
-	if fi, err := os.Stat(setting.CustomConf); err != nil || !fi.Mode().IsRegular() {
-		res = append(res, fmt.Sprintf("Failed to find configuration file at '%s'.", setting.CustomConf))
-		res = append(res, fmt.Sprintf("If you've never ran Gitea yet, this is normal and '%s' will be created for you on first run.", setting.CustomConf))
-		res = append(res, "Otherwise check that you are running this command from the correct path and/or provide a `--config` parameter.")
-		return res, fmt.Errorf("can't proceed without a configuration file")
-	}
-
-	setting.NewContext()
-
-	fail := false
-
-	check := func(name, path string, is_dir, required, is_write bool) {
-		res = append(res, fmt.Sprintf("%-25s  '%s'", name+":", path))
-		fi, err := os.Stat(path)
-		if err != nil {
-			if os.IsNotExist(err) && ctx.Bool("fix") && is_dir {
-				if err := os.MkdirAll(path, 0777); err != nil {
-					res = append(res, fmt.Sprintf("    ERROR: %v", err))
-					fail = true
-					return
-				}
-				fi, err = os.Stat(path)
-			}
-		}
-		if err != nil {
-			if required {
-				res = append(res, fmt.Sprintf("    ERROR: %v", err))
-				fail = true
-				return
-			}
-			res = append(res, fmt.Sprintf("    NOTICE: not accessible (%v)", err))
-			return
-		}
-
-		if is_dir && !fi.IsDir() {
-			res = append(res, "    ERROR: not a directory")
-			fail = true
-			return
-		} else if !is_dir && !fi.Mode().IsRegular() {
-			res = append(res, "    ERROR: not a regular file")
-			fail = true
-		} else if is_write {
-			if err := runDoctorWritableDir(path); err != nil {
-				res = append(res, fmt.Sprintf("    ERROR: not writable: %v", err))
-				fail = true
-			}
-		}
-	}
-
-	// Note print paths inside quotes to make any leading/trailing spaces evident
-	check("Configuration File Path", setting.CustomConf, false, true, false)
-	check("Repository Root Path", setting.RepoRootPath, true, true, true)
-	check("Data Root Path", setting.AppDataPath, true, true, true)
-	check("Custom File Root Path", setting.CustomPath, true, false, false)
-	check("Work directory", setting.AppWorkPath, true, true, false)
-	check("Log Root Path", setting.LogRootPath, true, true, true)
-
-	if options.IsDynamic() {
-		// Do not check/report on StaticRootPath if data is embedded in Gitea (-tags bindata)
-		check("Static File Root Path", setting.StaticRootPath, true, true, false)
-	}
-
-	if fail {
-		return res, fmt.Errorf("please check your configuration file and try again")
-	}
-
-	return res, nil
-}
-
-func runDoctorWritableDir(path string) error {
-	// There's no platform-independent way of checking if a directory is writable
-	// https://stackoverflow.com/questions/20026320/how-to-tell-if-folder-exists-and-is-writable
-
-	tmpFile, err := ioutil.TempFile(path, "doctors-order")
-	if err != nil {
+	// Now we can set up our own logger to return information about what the doctor is doing
+	if err := log.NewNamedLogger("doctorouter",
+		1000,
+		"console",
+		"console",
+		fmt.Sprintf(`{"level":"INFO","stacktracelevel":"NONE","colorize":%t,"flags":-1}`, colorize)); err != nil {
+		fmt.Println(err)
 		return err
 	}
-	if err := util.Remove(tmpFile.Name()); err != nil {
-		fmt.Printf("Warning: can't remove temporary file: '%s'\n", tmpFile.Name())
-	}
-	tmpFile.Close()
-	return nil
-}
-
-const tplCommentPrefix = `# gitea public key`
-
-func runDoctorAuthorizedKeys(ctx *cli.Context) ([]string, error) {
-	if setting.SSH.StartBuiltinServer || !setting.SSH.CreateAuthorizedKeysFile {
-		return nil, nil
-	}
-
-	fPath := filepath.Join(setting.SSH.RootPath, "authorized_keys")
-	f, err := os.Open(fPath)
-	if err != nil {
-		if ctx.Bool("fix") {
-			return []string{fmt.Sprintf("Error whilst opening authorized_keys: %v. Attempting regeneration", err)}, models.RewriteAllPublicKeys()
-		}
-		return nil, err
-	}
-	defer f.Close()
-
-	linesInAuthorizedKeys := map[string]bool{}
-
-	scanner := bufio.NewScanner(f)
-	for scanner.Scan() {
-		line := scanner.Text()
-		if strings.HasPrefix(line, tplCommentPrefix) {
-			continue
-		}
-		linesInAuthorizedKeys[line] = true
-	}
-	f.Close()
-
-	// now we regenerate and check if there are any lines missing
-	regenerated := &bytes.Buffer{}
-	if err := models.RegeneratePublicKeys(regenerated); err != nil {
-		return nil, err
-	}
-	scanner = bufio.NewScanner(regenerated)
-	for scanner.Scan() {
-		line := scanner.Text()
-		if strings.HasPrefix(line, tplCommentPrefix) {
-			continue
-		}
-		if ok := linesInAuthorizedKeys[line]; ok {
-			continue
-		}
-		if ctx.Bool("fix") {
-			return []string{"authorized_keys is out of date, attempting regeneration"}, models.RewriteAllPublicKeys()
-		}
-		return nil, fmt.Errorf(`authorized_keys is out of date and should be regenerated with "gitea admin regenerate keys" or "gitea doctor --run authorized_keys --fix"`)
-	}
-	return nil, nil
-}
-
-func runDoctorCheckDBVersion(ctx *cli.Context) ([]string, error) {
-	if err := models.NewEngine(context.Background(), migrations.EnsureUpToDate); err != nil {
-		if ctx.Bool("fix") {
-			return []string{fmt.Sprintf("WARN: Got Error %v during ensure up to date", err), "Attempting to migrate to the latest DB version to fix this."}, models.NewEngine(context.Background(), migrations.Migrate)
-		}
-		return nil, err
-	}
-	return nil, nil
-}
-
-func iterateRepositories(each func(*models.Repository) ([]string, error)) ([]string, error) {
-	results := []string{}
-	err := models.Iterate(
-		models.DefaultDBContext(),
-		new(models.Repository),
-		builder.Gt{"id": 0},
-		func(idx int, bean interface{}) error {
-			res, err := each(bean.(*models.Repository))
-			results = append(results, res...)
-			return err
-		},
-	)
-	return results, err
-}
-
-func iteratePRs(repo *models.Repository, each func(*models.Repository, *models.PullRequest) ([]string, error)) ([]string, error) {
-	results := []string{}
-	err := models.Iterate(
-		models.DefaultDBContext(),
-		new(models.PullRequest),
-		builder.Eq{"base_repo_id": repo.ID},
-		func(idx int, bean interface{}) error {
-			res, err := each(repo, bean.(*models.PullRequest))
-			results = append(results, res...)
-			return err
-		},
-	)
-	return results, err
-}
-
-func runDoctorHooks(ctx *cli.Context) ([]string, error) {
-	// Need to iterate across all of the repositories
-	return iterateRepositories(func(repo *models.Repository) ([]string, error) {
-		results, err := repository.CheckDelegateHooks(repo.RepoPath())
-		if err != nil {
-			return nil, err
-		}
-		if len(results) > 0 && ctx.Bool("fix") {
-			return []string{fmt.Sprintf("regenerated hooks for %s", repo.FullName())}, repository.CreateDelegateHooks(repo.RepoPath())
-		}
-
-		return results, nil
-	})
-}
-
-func runDoctorPRMergeBase(ctx *cli.Context) ([]string, error) {
-	numRepos := 0
-	numPRs := 0
-	numPRsUpdated := 0
-	results, err := iterateRepositories(func(repo *models.Repository) ([]string, error) {
-		numRepos++
-		return iteratePRs(repo, func(repo *models.Repository, pr *models.PullRequest) ([]string, error) {
-			numPRs++
-			results := []string{}
-			pr.BaseRepo = repo
-			repoPath := repo.RepoPath()
-
-			oldMergeBase := pr.MergeBase
-
-			if !pr.HasMerged {
-				var err error
-				pr.MergeBase, err = git.NewCommand("merge-base", "--", pr.BaseBranch, pr.GetGitRefName()).RunInDir(repoPath)
-				if err != nil {
-					var err2 error
-					pr.MergeBase, err2 = git.NewCommand("rev-parse", git.BranchPrefix+pr.BaseBranch).RunInDir(repoPath)
-					if err2 != nil {
-						results = append(results, fmt.Sprintf("WARN: Unable to get merge base for PR ID %d, #%d onto %s in %s/%s", pr.ID, pr.Index, pr.BaseBranch, pr.BaseRepo.OwnerName, pr.BaseRepo.Name))
-						log.Error("Unable to get merge base for PR ID %d, Index %d in %s/%s. Error: %v & %v", pr.ID, pr.Index, pr.BaseRepo.OwnerName, pr.BaseRepo.Name, err, err2)
-						return results, nil
-					}
-				}
-			} else {
-				parentsString, err := git.NewCommand("rev-list", "--parents", "-n", "1", pr.MergedCommitID).RunInDir(repoPath)
-				if err != nil {
-					results = append(results, fmt.Sprintf("WARN: Unable to get parents for merged PR ID %d, #%d onto %s in %s/%s", pr.ID, pr.Index, pr.BaseBranch, pr.BaseRepo.OwnerName, pr.BaseRepo.Name))
-					log.Error("Unable to get parents for merged PR ID %d, Index %d in %s/%s. Error: %v", pr.ID, pr.Index, pr.BaseRepo.OwnerName, pr.BaseRepo.Name, err)
-					return results, nil
-				}
-				parents := strings.Split(strings.TrimSpace(parentsString), " ")
-				if len(parents) < 2 {
-					return results, nil
-				}
-
-				args := append([]string{"merge-base", "--"}, parents[1:]...)
-				args = append(args, pr.GetGitRefName())
-
-				pr.MergeBase, err = git.NewCommand(args...).RunInDir(repoPath)
-				if err != nil {
-					results = append(results, fmt.Sprintf("WARN: Unable to get merge base for merged PR ID %d, #%d onto %s in %s/%s", pr.ID, pr.Index, pr.BaseBranch, pr.BaseRepo.OwnerName, pr.BaseRepo.Name))
-					log.Error("Unable to get merge base for merged PR ID %d, Index %d in %s/%s. Error: %v", pr.ID, pr.Index, pr.BaseRepo.OwnerName, pr.BaseRepo.Name, err)
-					return results, nil
-				}
-			}
-			pr.MergeBase = strings.TrimSpace(pr.MergeBase)
-			if pr.MergeBase != oldMergeBase {
-				if ctx.Bool("fix") {
-					if err := pr.UpdateCols("merge_base"); err != nil {
-						return results, err
-					}
-				} else {
-					results = append(results, fmt.Sprintf("#%d onto %s in %s/%s: MergeBase should be %s but is %s", pr.Index, pr.BaseBranch, pr.BaseRepo.OwnerName, pr.BaseRepo.Name, oldMergeBase, pr.MergeBase))
-				}
-				numPRsUpdated++
-			}
-			return results, nil
-		})
-	})
-
-	if ctx.Bool("fix") {
-		results = append(results, fmt.Sprintf("%d PR mergebases updated of %d PRs total in %d repos", numPRsUpdated, numPRs, numRepos))
-	} else {
-		if numPRsUpdated > 0 && err == nil {
-			return results, fmt.Errorf("%d PRs with incorrect mergebases of %d PRs total in %d repos", numPRsUpdated, numPRs, numRepos)
-		}
-		results = append(results, fmt.Sprintf("%d PRs with incorrect mergebases of %d PRs total in %d repos", numPRsUpdated, numPRs, numRepos))
-	}
-
-	return results, err
-}
-
-func runDoctorUserStarNum(ctx *cli.Context) ([]string, error) {
-	return nil, models.DoctorUserStarNum()
-}
-
-func runDoctorScriptType(ctx *cli.Context) ([]string, error) {
-	path, err := exec.LookPath(setting.ScriptType)
-	if err != nil {
-		return []string{fmt.Sprintf("ScriptType %s is not on the current PATH", setting.ScriptType)}, err
-	}
-	return []string{fmt.Sprintf("ScriptType %s is on the current PATH at %s", setting.ScriptType, path)}, nil
-}
-
-func runDoctorCheckDBConsistency(ctx *cli.Context) ([]string, error) {
-	var results []string
-
-	// make sure DB version is uptodate
-	if err := models.NewEngine(context.Background(), migrations.EnsureUpToDate); err != nil {
-		return nil, fmt.Errorf("model version on the database does not match the current Gitea version. Model consistency will not be checked until the database is upgraded")
-	}
-
-	//find labels without existing repo or org
-	count, err := models.CountOrphanedLabels()
-	if err != nil {
-		return nil, err
-	}
-	if count > 0 {
-		if ctx.Bool("fix") {
-			if err = models.DeleteOrphanedLabels(); err != nil {
-				return nil, err
-			}
-			results = append(results, fmt.Sprintf("%d labels without existing repository/organisation deleted", count))
-		} else {
-			results = append(results, fmt.Sprintf("%d labels without existing repository/organisation", count))
-		}
-	}
-
-	//find issues without existing repository
-	count, err = models.CountOrphanedIssues()
-	if err != nil {
-		return nil, err
-	}
-	if count > 0 {
-		if ctx.Bool("fix") {
-			if err = models.DeleteOrphanedIssues(); err != nil {
-				return nil, err
-			}
-			results = append(results, fmt.Sprintf("%d issues without existing repository deleted", count))
-		} else {
-			results = append(results, fmt.Sprintf("%d issues without existing repository", count))
-		}
-	}
-
-	//find pulls without existing issues
-	count, err = models.CountOrphanedObjects("pull_request", "issue", "pull_request.issue_id=issue.id")
-	if err != nil {
-		return nil, err
-	}
-	if count > 0 {
-		if ctx.Bool("fix") {
-			if err = models.DeleteOrphanedObjects("pull_request", "issue", "pull_request.issue_id=issue.id"); err != nil {
-				return nil, err
-			}
-			results = append(results, fmt.Sprintf("%d pull requests without existing issue deleted", count))
-		} else {
-			results = append(results, fmt.Sprintf("%d pull requests without existing issue", count))
-		}
-	}
-
-	//find tracked times without existing issues/pulls
-	count, err = models.CountOrphanedObjects("tracked_time", "issue", "tracked_time.issue_id=issue.id")
-	if err != nil {
-		return nil, err
-	}
-	if count > 0 {
-		if ctx.Bool("fix") {
-			if err = models.DeleteOrphanedObjects("tracked_time", "issue", "tracked_time.issue_id=issue.id"); err != nil {
-				return nil, err
-			}
-			results = append(results, fmt.Sprintf("%d tracked times without existing issue deleted", count))
-		} else {
-			results = append(results, fmt.Sprintf("%d tracked times without existing issue", count))
-		}
-	}
-
-	count, err = models.CountNullArchivedRepository()
-	if err != nil {
-		return nil, err
-	}
-	if count > 0 {
-		if ctx.Bool("fix") {
-			updatedCount, err := models.FixNullArchivedRepository()
-			if err != nil {
-				return nil, err
-			}
-			results = append(results, fmt.Sprintf("%d repositories with null is_archived updated", updatedCount))
-		} else {
-			results = append(results, fmt.Sprintf("%d repositories with null is_archived", count))
-		}
-	}
-
-	//ToDo: function to recalc all counters
-
-	return results, nil
-}
-
-func runDoctorEnablePushOptions(ctx *cli.Context) ([]string, error) {
-	numRepos := 0
-	_, err := iterateRepositories(func(repo *models.Repository) ([]string, error) {
-		numRepos++
-		r, err := git.OpenRepository(repo.RepoPath())
-		if err != nil {
-			return nil, err
-		}
-		defer r.Close()
-
-		if ctx.Bool("fix") {
-			_, err := git.NewCommand("config", "receive.advertisePushOptions", "true").RunInDir(r.Path)
-			return nil, err
-		}
-
-		return nil, nil
-	})
-
-	var prefix string
-	if !ctx.Bool("fix") {
-		prefix = "DRY RUN: "
-	}
-	return []string{fmt.Sprintf("%sEnabled push options for %d repositories.", prefix, numRepos)}, err
+
+	logger := log.GetLogger("doctorouter")
+	defer logger.Close()
+	return doctor.RunChecks(logger, ctx.Bool("fix"), checks)
 }
--- a/cmd/dump.go
+++ b/cmd/dump.go
@@ -23,7 +23,6 @@ import (

 	"gitea.com/macaron/session"
 	archiver "github.com/mholt/archiver/v3"
-	"github.com/unknwon/com"
 	"github.com/urfave/cli"
 )

@@ -306,7 +305,11 @@ func runDump(ctx *cli.Context) error {
 		log.Info("Custom dir %s doesn't exist, skipped", setting.CustomPath)
 	}

-	if com.IsExist(setting.AppDataPath) {
+	isExist, err := util.IsExist(setting.AppDataPath)
+	if err != nil {
+		log.Error("Unable to check if %s exists. Error: %v", setting.AppDataPath, err)
+	}
+	if isExist {
 		log.Info("Packing data directory...%s", setting.AppDataPath)

 		var excludes []string
@@ -349,9 +352,15 @@ func runDump(ctx *cli.Context) error {
 	// yet or not.
 	if ctx.IsSet("skip-log") && ctx.Bool("skip-log") {
 		log.Info("Skip dumping log files")
-	} else if com.IsExist(setting.LogRootPath) {
-		if err := addRecursive(w, "log", setting.LogRootPath, verbose); err != nil {
-			fatal("Failed to include log: %v", err)
+	} else {
+		isExist, err := util.IsExist(setting.LogRootPath)
+		if err != nil {
+			log.Error("Unable to check if %s exists. Error: %v", setting.LogRootPath, err)
+		}
+		if isExist {
+			if err := addRecursive(w, "log", setting.LogRootPath, verbose); err != nil {
+				fatal("Failed to include log: %v", err)
+			}
 		}
 	}

--- a/cmd/dump_repo.go
+++ b/cmd/dump_repo.go
@@ -0,0 +1,162 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"context"
+	"errors"
+	"strings"
+
+	"code.gitea.io/gitea/modules/convert"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/migrations"
+	"code.gitea.io/gitea/modules/migrations/base"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
+
+	"github.com/urfave/cli"
+)
+
+// CmdDumpRepository represents the available dump repository sub-command.
+var CmdDumpRepository = cli.Command{
+	Name:        "dump-repo",
+	Usage:       "Dump the repository from git/github/gitea/gitlab",
+	Description: "This is a command for dumping the repository data.",
+	Action:      runDumpRepository,
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "git_service",
+			Value: "",
+			Usage: "Git service, git, github, gitea, gitlab. If clone_addr could be recognized, this could be ignored.",
+		},
+		cli.StringFlag{
+			Name:  "repo_dir, r",
+			Value: "./data",
+			Usage: "Repository dir path to store the data",
+		},
+		cli.StringFlag{
+			Name:  "clone_addr",
+			Value: "",
+			Usage: "The URL will be clone, currently could be a git/github/gitea/gitlab http/https URL",
+		},
+		cli.StringFlag{
+			Name:  "auth_username",
+			Value: "",
+			Usage: "The username to visit the clone_addr",
+		},
+		cli.StringFlag{
+			Name:  "auth_password",
+			Value: "",
+			Usage: "The password to visit the clone_addr",
+		},
+		cli.StringFlag{
+			Name:  "auth_token",
+			Value: "",
+			Usage: "The personal token to visit the clone_addr",
+		},
+		cli.StringFlag{
+			Name:  "owner_name",
+			Value: "",
+			Usage: "The data will be stored on a directory with owner name if not empty",
+		},
+		cli.StringFlag{
+			Name:  "repo_name",
+			Value: "",
+			Usage: "The data will be stored on a directory with repository name if not empty",
+		},
+		cli.StringFlag{
+			Name:  "units",
+			Value: "",
+			Usage: `Which items will be migrated, one or more units should be separated as comma. 
+wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
+		},
+	},
+}
+
+func runDumpRepository(ctx *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("AppPath: %s", setting.AppPath)
+	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
+	log.Trace("Custom path: %s", setting.CustomPath)
+	log.Trace("Log path: %s", setting.LogRootPath)
+	setting.InitDBConfig()
+
+	var (
+		serviceType structs.GitServiceType
+		cloneAddr   = ctx.String("clone_addr")
+		serviceStr  = ctx.String("git_service")
+	)
+
+	if strings.HasPrefix(strings.ToLower(cloneAddr), "https://github.com/") {
+		serviceStr = "github"
+	} else if strings.HasPrefix(strings.ToLower(cloneAddr), "https://gitlab.com/") {
+		serviceStr = "gitlab"
+	} else if strings.HasPrefix(strings.ToLower(cloneAddr), "https://gitea.com/") {
+		serviceStr = "gitea"
+	}
+	if serviceStr == "" {
+		return errors.New("git_service missed or clone_addr cannot be recognized")
+	}
+	serviceType = convert.ToGitServiceType(serviceStr)
+
+	var opts = base.MigrateOptions{
+		GitServiceType: serviceType,
+		CloneAddr:      cloneAddr,
+		AuthUsername:   ctx.String("auth_username"),
+		AuthPassword:   ctx.String("auth_password"),
+		AuthToken:      ctx.String("auth_token"),
+		RepoName:       ctx.String("repo_name"),
+	}
+
+	if len(ctx.String("units")) == 0 {
+		opts.Wiki = true
+		opts.Issues = true
+		opts.Milestones = true
+		opts.Labels = true
+		opts.Releases = true
+		opts.Comments = true
+		opts.PullRequests = true
+		opts.ReleaseAssets = true
+	} else {
+		units := strings.Split(ctx.String("units"), ",")
+		for _, unit := range units {
+			switch strings.ToLower(unit) {
+			case "wiki":
+				opts.Wiki = true
+			case "issues":
+				opts.Issues = true
+			case "milestones":
+				opts.Milestones = true
+			case "labels":
+				opts.Labels = true
+			case "releases":
+				opts.Releases = true
+			case "release_assets":
+				opts.ReleaseAssets = true
+			case "comments":
+				opts.Comments = true
+			case "pull_requests":
+				opts.PullRequests = true
+			}
+		}
+	}
+
+	if err := migrations.DumpRepository(
+		context.Background(),
+		ctx.String("repo_dir"),
+		ctx.String("owner_name"),
+		opts,
+	); err != nil {
+		log.Fatal("Failed to dump repository: %v", err)
+		return err
+	}
+
+	log.Trace("Dump finished!!!")
+
+	return nil
+}
--- a/cmd/mailer.go
+++ b/cmd/mailer.go
@@ -0,0 +1,51 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"fmt"
+	"net/http"
+
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
+	"github.com/urfave/cli"
+)
+
+func runSendMail(c *cli.Context) error {
+	setting.NewContext()
+
+	if err := argsSet(c, "title"); err != nil {
+		return err
+	}
+
+	subject := c.String("title")
+	confirmSkiped := c.Bool("force")
+	body := c.String("content")
+
+	if !confirmSkiped {
+		if len(body) == 0 {
+			fmt.Print("warning: Content is empty")
+		}
+
+		fmt.Print("Proceed with sending email? [Y/n] ")
+		isConfirmed, err := confirm()
+		if err != nil {
+			return err
+		} else if !isConfirmed {
+			fmt.Println("The mail was not sent")
+			return nil
+		}
+	}
+
+	status, message := private.SendEmail(subject, body, nil)
+	if status != http.StatusOK {
+		fmt.Printf("error: %s\n", message)
+		return nil
+	}
+
+	fmt.Printf("Success: %s\n", message)
+
+	return nil
+}
--- a/cmd/restore_repo.go
+++ b/cmd/restore_repo.go
@@ -0,0 +1,119 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package cmd
+
+import (
+	"context"
+	"strings"
+
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/migrations"
+	"code.gitea.io/gitea/modules/migrations/base"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/storage"
+	pull_service "code.gitea.io/gitea/services/pull"
+
+	"github.com/urfave/cli"
+)
+
+// CmdRestoreRepository represents the available restore a repository sub-command.
+var CmdRestoreRepository = cli.Command{
+	Name:        "restore-repo",
+	Usage:       "Restore the repository from disk",
+	Description: "This is a command for restoring the repository data.",
+	Action:      runRestoreRepository,
+	Flags: []cli.Flag{
+		cli.StringFlag{
+			Name:  "repo_dir, r",
+			Value: "./data",
+			Usage: "Repository dir path to restore from",
+		},
+		cli.StringFlag{
+			Name:  "owner_name",
+			Value: "",
+			Usage: "Restore destination owner name",
+		},
+		cli.StringFlag{
+			Name:  "repo_name",
+			Value: "",
+			Usage: "Restore destination repository name",
+		},
+		cli.StringFlag{
+			Name:  "units",
+			Value: "",
+			Usage: `Which items will be restored, one or more units should be separated as comma. 
+wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
+		},
+	},
+}
+
+func runRestoreRepository(ctx *cli.Context) error {
+	if err := initDB(); err != nil {
+		return err
+	}
+
+	log.Trace("AppPath: %s", setting.AppPath)
+	log.Trace("AppWorkPath: %s", setting.AppWorkPath)
+	log.Trace("Custom path: %s", setting.CustomPath)
+	log.Trace("Log path: %s", setting.LogRootPath)
+	setting.InitDBConfig()
+
+	if err := storage.Init(); err != nil {
+		return err
+	}
+
+	if err := pull_service.Init(); err != nil {
+		return err
+	}
+
+	var opts = base.MigrateOptions{
+		RepoName: ctx.String("repo_name"),
+	}
+
+	if len(ctx.String("units")) == 0 {
+		opts.Wiki = true
+		opts.Issues = true
+		opts.Milestones = true
+		opts.Labels = true
+		opts.Releases = true
+		opts.Comments = true
+		opts.PullRequests = true
+		opts.ReleaseAssets = true
+	} else {
+		units := strings.Split(ctx.String("units"), ",")
+		for _, unit := range units {
+			switch strings.ToLower(unit) {
+			case "wiki":
+				opts.Wiki = true
+			case "issues":
+				opts.Issues = true
+			case "milestones":
+				opts.Milestones = true
+			case "labels":
+				opts.Labels = true
+			case "releases":
+				opts.Releases = true
+			case "release_assets":
+				opts.ReleaseAssets = true
+			case "comments":
+				opts.Comments = true
+			case "pull_requests":
+				opts.PullRequests = true
+			}
+		}
+	}
+
+	if err := migrations.RestoreRepository(
+		context.Background(),
+		ctx.String("repo_dir"),
+		ctx.String("owner_name"),
+		ctx.String("repo_name"),
+	); err != nil {
+		log.Fatal("Failed to restore repository: %v", err)
+		return err
+	}
+
+	return nil
+}
--- a/cmd/serv.go
+++ b/cmd/serv.go
@@ -26,7 +26,6 @@ import (

 	"github.com/dgrijalva/jwt-go"
 	"github.com/kballard/go-shellquote"
-	"github.com/unknwon/com"
 	"github.com/urfave/cli"
 )

@@ -105,7 +104,10 @@ func runServ(c *cli.Context) error {
 	if len(keys) != 2 || keys[0] != "key" {
 		fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
 	}
-	keyID := com.StrTo(keys[1]).MustInt64()
+	keyID, err := strconv.ParseInt(keys[1], 10, 64)
+	if err != nil {
+		fail("Key ID format error", "Invalid key argument: %s", c.Args()[1])
+	}

 	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
 	if len(cmd) == 0 {
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -16,11 +16,11 @@ import (
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/routers"
 	"code.gitea.io/gitea/routers/routes"

 	context2 "github.com/gorilla/context"
-	"github.com/unknwon/com"
 	"github.com/urfave/cli"
 	"golang.org/x/crypto/acme/autocert"
 	ini "gopkg.in/ini.v1"
@@ -39,6 +39,11 @@ and it takes care of all the other things for you`,
 			Value: "3000",
 			Usage: "Temporary port number to prevent conflict",
 		},
+		cli.StringFlag{
+			Name:  "install-port",
+			Value: "3000",
+			Usage: "Temporary port number to run the install page on to prevent conflict",
+		},
 		cli.StringFlag{
 			Name:  "pid, P",
 			Value: setting.PIDFile,
@@ -114,48 +119,103 @@ func runWeb(ctx *cli.Context) error {
 		setting.WritePIDFile = true
 	}

+	// Perform pre-initialization
+	needsInstall := routers.PreInstallInit(graceful.GetManager().HammerContext())
+	if needsInstall {
+		// Flag for port number in case first time run conflict
+		if ctx.IsSet("port") {
+			if err := setPort(ctx.String("port")); err != nil {
+				return err
+			}
+		}
+		if ctx.IsSet("install-port") {
+			if err := setPort(ctx.String("install-port")); err != nil {
+				return err
+			}
+		}
+		c := routes.NewChi()
+		routes.RegisterInstallRoute(c)
+		err := listen(c, false)
+		select {
+		case <-graceful.GetManager().IsShutdown():
+			<-graceful.GetManager().Done()
+			log.Info("PID: %d Gitea Web Finished", os.Getpid())
+			log.Close()
+			return err
+		default:
+		}
+	} else {
+		NoInstallListener()
+	}
+
+	if setting.EnablePprof {
+		go func() {
+			log.Info("Starting pprof server on localhost:6060")
+			log.Info("%v", http.ListenAndServe("localhost:6060", nil))
+		}()
+	}
+
+	log.Info("Global init")
 	// Perform global initialization
 	routers.GlobalInit(graceful.GetManager().HammerContext())

-	// Set up Macaron
-	m := routes.NewMacaron()
-	routes.RegisterRoutes(m)
-
-	// Flag for port number in case first time run conflict.
+	// Override the provided port number within the configuration
 	if ctx.IsSet("port") {
-		setting.AppURL = strings.Replace(setting.AppURL, setting.HTTPPort, ctx.String("port"), 1)
-		setting.HTTPPort = ctx.String("port")
-
-		switch setting.Protocol {
-		case setting.UnixSocket:
-		case setting.FCGI:
-		case setting.FCGIUnix:
-		default:
-			// Save LOCAL_ROOT_URL if port changed
-			cfg := ini.Empty()
-			if com.IsFile(setting.CustomConf) {
-				// Keeps custom settings if there is already something.
-				if err := cfg.Append(setting.CustomConf); err != nil {
-					return fmt.Errorf("Failed to load custom conf '%s': %v", setting.CustomConf, err)
-				}
-			}
-
-			defaultLocalURL := string(setting.Protocol) + "://"
-			if setting.HTTPAddr == "0.0.0.0" {
-				defaultLocalURL += "localhost"
-			} else {
-				defaultLocalURL += setting.HTTPAddr
-			}
-			defaultLocalURL += ":" + setting.HTTPPort + "/"
-
-			cfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL)
-
-			if err := cfg.SaveTo(setting.CustomConf); err != nil {
-				return fmt.Errorf("Error saving generated JWT Secret to custom config: %v", err)
-			}
+		if err := setPort(ctx.String("port")); err != nil {
+			return err
 		}
 	}
+	// Set up Chi routes
+	c := routes.NewChi()
+	c.Mount("/", routes.NormalRoutes())
+	routes.DelegateToMacaron(c)

+	err := listen(c, true)
+	<-graceful.GetManager().Done()
+	log.Info("PID: %d Gitea Web Finished", os.Getpid())
+	log.Close()
+	return err
+}
+
+func setPort(port string) error {
+	setting.AppURL = strings.Replace(setting.AppURL, setting.HTTPPort, port, 1)
+	setting.HTTPPort = port
+
+	switch setting.Protocol {
+	case setting.UnixSocket:
+	case setting.FCGI:
+	case setting.FCGIUnix:
+	default:
+		// Save LOCAL_ROOT_URL if port changed
+		cfg := ini.Empty()
+		isFile, err := util.IsFile(setting.CustomConf)
+		if err != nil {
+			log.Fatal("Unable to check if %s is a file", err)
+		}
+		if isFile {
+			// Keeps custom settings if there is already something.
+			if err := cfg.Append(setting.CustomConf); err != nil {
+				return fmt.Errorf("Failed to load custom conf '%s': %v", setting.CustomConf, err)
+			}
+		}
+
+		defaultLocalURL := string(setting.Protocol) + "://"
+		if setting.HTTPAddr == "0.0.0.0" {
+			defaultLocalURL += "localhost"
+		} else {
+			defaultLocalURL += setting.HTTPAddr
+		}
+		defaultLocalURL += ":" + setting.HTTPPort + "/"
+
+		cfg.Section("server").Key("LOCAL_ROOT_URL").SetValue(defaultLocalURL)
+		if err := cfg.SaveTo(setting.CustomConf); err != nil {
+			return fmt.Errorf("Error saving generated JWT Secret to custom config: %v", err)
+		}
+	}
+	return nil
+}
+
+func listen(m http.Handler, handleRedirector bool) error {
 	listenAddr := setting.HTTPAddr
 	if setting.Protocol != setting.UnixSocket && setting.Protocol != setting.FCGIUnix {
 		listenAddr = net.JoinHostPort(listenAddr, setting.HTTPPort)
@@ -166,37 +226,40 @@ func runWeb(ctx *cli.Context) error {
 		log.Info("LFS server enabled")
 	}

-	if setting.EnablePprof {
-		go func() {
-			log.Info("Starting pprof server on localhost:6060")
-			log.Info("%v", http.ListenAndServe("localhost:6060", nil))
-		}()
-	}
-
 	var err error
 	switch setting.Protocol {
 	case setting.HTTP:
-		NoHTTPRedirector()
+		if handleRedirector {
+			NoHTTPRedirector()
+		}
 		err = runHTTP("tcp", listenAddr, context2.ClearHandler(m))
 	case setting.HTTPS:
 		if setting.EnableLetsEncrypt {
 			err = runLetsEncrypt(listenAddr, setting.Domain, setting.LetsEncryptDirectory, setting.LetsEncryptEmail, context2.ClearHandler(m))
 			break
 		}
-		if setting.RedirectOtherPort {
-			go runHTTPRedirector()
-		} else {
-			NoHTTPRedirector()
+		if handleRedirector {
+			if setting.RedirectOtherPort {
+				go runHTTPRedirector()
+			} else {
+				NoHTTPRedirector()
+			}
 		}
 		err = runHTTPS("tcp", listenAddr, setting.CertFile, setting.KeyFile, context2.ClearHandler(m))
 	case setting.FCGI:
-		NoHTTPRedirector()
+		if handleRedirector {
+			NoHTTPRedirector()
+		}
 		err = runFCGI("tcp", listenAddr, context2.ClearHandler(m))
 	case setting.UnixSocket:
-		NoHTTPRedirector()
+		if handleRedirector {
+			NoHTTPRedirector()
+		}
 		err = runHTTP("unix", listenAddr, context2.ClearHandler(m))
 	case setting.FCGIUnix:
-		NoHTTPRedirector()
+		if handleRedirector {
+			NoHTTPRedirector()
+		}
 		err = runFCGI("unix", listenAddr, context2.ClearHandler(m))
 	default:
 		log.Fatal("Invalid protocol: %s", setting.Protocol)
@@ -206,8 +269,5 @@ func runWeb(ctx *cli.Context) error {
 		log.Critical("Failed to start server: %v", err)
 	}
 	log.Info("HTTP Listener: %s Closed", listenAddr)
-	<-graceful.GetManager().Done()
-	log.Info("PID: %d Gitea Web Finished", os.Getpid())
-	log.Close()
-	return nil
+	return err
 }
--- a/cmd/web_graceful.go
+++ b/cmd/web_graceful.go
@@ -37,6 +37,12 @@ func NoMainListener() {
 	graceful.GetManager().InformCleanup()
 }

+// NoInstallListener tells our cleanup routine that we will not be using a possibly provided listener
+// for our install HTTP/HTTPS service
+func NoInstallListener() {
+	graceful.GetManager().InformCleanup()
+}
+
 func runFCGI(network, listenAddr string, m http.Handler) error {
 	// This needs to handle stdin as fcgi point
 	fcgiServer := graceful.NewServer(network, listenAddr)
--- a/contrib/environment-to-ini/environment-to-ini.go
+++ b/contrib/environment-to-ini/environment-to-ini.go
@@ -12,8 +12,8 @@ import (

 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"

-	"github.com/unknwon/com"
 	"github.com/urfave/cli"
 	ini "gopkg.in/ini.v1"
 )
@@ -97,7 +97,11 @@ func runEnvironmentToIni(c *cli.Context) error {
 	setting.SetCustomPathAndConf(providedCustom, providedConf, providedWorkPath)

 	cfg := ini.Empty()
-	if com.IsFile(setting.CustomConf) {
+	isFile, err := util.IsFile(setting.CustomConf)
+	if err != nil {
+		log.Fatal("Unable to check if %s is a file. Error: %v", setting.CustomConf, err)
+	}
+	if isFile {
 		if err := cfg.Append(setting.CustomConf); err != nil {
 			log.Fatal("Failed to load custom conf '%s': %v", setting.CustomConf, err)
 		}
@@ -145,7 +149,7 @@ func runEnvironmentToIni(c *cli.Context) error {
 	if len(destination) == 0 {
 		destination = setting.CustomConf
 	}
-	err := cfg.SaveTo(destination)
+	err = cfg.SaveTo(destination)
 	if err != nil {
 		return err
 	}
--- a/contrib/ide/vscode/launch.json
+++ b/contrib/ide/vscode/launch.json
@@ -19,7 +19,7 @@
      "type": "go",
      "request": "launch",
      "mode": "debug",
-      "buildFlags": "-tags=\"sqlite sqlite_unlock_notify\"",
+      "buildFlags": "-tags='sqlite sqlite_unlock_notify'",
      "port": 2345,
      "host": "127.0.0.1",
      "program": "${workspaceRoot}/main.go",
--- a/contrib/ide/vscode/settings.json
+++ b/contrib/ide/vscode/settings.json
@@ -0,0 +1,4 @@
+{
+    "go.buildTags": "'sqlite sqlite_unlock_notify'",
+    "go.testFlags": ["-v"]
+}
--- a/contrib/pr/checkout.go
+++ b/contrib/pr/checkout.go
@@ -37,7 +37,6 @@ import (
 	"github.com/go-git/go-git/v5/config"
 	"github.com/go-git/go-git/v5/plumbing"
 	context2 "github.com/gorilla/context"
-	"github.com/unknwon/com"
 	"xorm.io/xorm"
 )

@@ -111,14 +110,15 @@ func runPR() {
 	models.LoadFixtures()
 	util.RemoveAll(setting.RepoRootPath)
 	util.RemoveAll(models.LocalCopyPath())
-	com.CopyDir(path.Join(curDir, "integrations/gitea-repositories-meta"), setting.RepoRootPath)
+	util.CopyDir(path.Join(curDir, "integrations/gitea-repositories-meta"), setting.RepoRootPath)

 	log.Printf("[PR] Setting up router\n")
 	//routers.GlobalInit()
 	external.RegisterParsers()
 	markup.Init()
-	m := routes.NewMacaron()
-	routes.RegisterRoutes(m)
+	c := routes.NewChi()
+	c.Mount("/", routes.NormalRoutes())
+	routes.DelegateToMacaron(c)

 	log.Printf("[PR] Ready for testing !\n")
 	log.Printf("[PR] Login with user1, user2, user3, ... with pass: password\n")
@@ -138,7 +138,7 @@ func runPR() {
 	*/

 	//Start the server
-	http.ListenAndServe(":8080", context2.ClearHandler(m))
+	http.ListenAndServe(":8080", context2.ClearHandler(c))

 	log.Printf("[PR] Cleaning up ...\n")
 	/*
--- a/contrib/systemd/gitea.service
+++ b/contrib/systemd/gitea.service
@@ -57,6 +57,12 @@ WorkingDirectory=/var/lib/gitea/
 ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
 Restart=always
 Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+# If you install Git to directory prefix other than default PATH (which happens
+# for example if you install other versions of Git side-to-side with
+# distribution version), uncomment below line and add that prefix to PATH
+# Don't forget to place git-lfs binary on the PATH below if you want to enable
+# Git LFS support
+#Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
 # If you want to bind Gitea to a port below 1024, uncomment
 # the two values below, or use socket activation to pass Gitea its ports as above
 ###
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -1,6 +1,8 @@
 ; This file lists the default values used by Gitea
 ; Copy required sections to your own app.ini (default is custom/conf/app.ini)
 ; and modify as needed.
+; Do not copy the whole file as-is, as it contains some invalid sections for illustrative purposes.
+; If you don't know what a setting is you should not set it.

 ; see https://docs.gitea.io/en-us/config-cheat-sheet/ for additional documentation.

@@ -8,8 +10,8 @@
 APP_NAME = Gitea: Git with a cup of tea
 ; Change it if you run locally
 RUN_USER = git
-; Either "dev", "prod" or "test", default is "dev"
-RUN_MODE = dev
+; Application run mode, affects performance and debugging. Either "dev", "prod" or "test", default is "prod"
+RUN_MODE = prod

 [project]
 ; Default templates for project boards
@@ -17,13 +19,15 @@ PROJECT_BOARD_BASIC_KANBAN_TYPE = To Do, In Progress, Done
 PROJECT_BOARD_BUG_TRIAGE_TYPE = Needs Triage, High Priority, Low Priority, Closed

 [repository]
+; Root path for storing all repository data. It must be an absolute path. By default it is stored in a sub-directory of `APP_DATA_PATH`.
 ROOT =
+; The script type this server supports. Usually this is `bash`, but some users report that only `sh` is available.
 SCRIPT_TYPE = bash
 ; DETECTED_CHARSETS_ORDER tie-break order for detected charsets.
 ; If the charsets have equal confidence, tie-breaking will be done by order in this list
 ; with charsets earlier in the list chosen in preference to those later.
 ; Adding "defaults" will place the unused charsets at that position.
-DETECTED_CHARSETS_ORDER=UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, UTF-32LE, ISO-8859, windows-1252, ISO-8859, windows-1250, ISO-8859, ISO-8859, ISO-8859, windows-1253, ISO-8859, windows-1255, ISO-8859, windows-1251, windows-1256, KOI8-R, ISO-8859, windows-1254, Shift_JIS, GB18030, EUC-JP, EUC-KR, Big5, ISO-2022, ISO-2022, ISO-2022, IBM424_rtl, IBM424_ltr, IBM420_rtl, IBM420_ltr
+DETECTED_CHARSETS_ORDER = UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, UTF-32LE, ISO-8859, windows-1252, ISO-8859, windows-1250, ISO-8859, ISO-8859, ISO-8859, windows-1253, ISO-8859, windows-1255, ISO-8859, windows-1251, windows-1256, KOI8-R, ISO-8859, windows-1254, Shift_JIS, GB18030, EUC-JP, EUC-KR, Big5, ISO-2022, ISO-2022, ISO-2022, IBM424_rtl, IBM424_ltr, IBM420_rtl, IBM420_ltr
 ; Default ANSI charset to override non-UTF-8 charsets to
 ANSI_CHARSET =
 ; Force every new repository to be private
@@ -64,12 +68,14 @@ DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,re
 PREFIX_ARCHIVE_FILES = true
 ; Disable the creation of new mirrors. Pre-existing mirrors remain valid.
 DISABLE_MIRRORS = false
+; Disable migrating feature.
+DISABLE_MIGRATIONS = false
 ; The default branch name of new repositories
-DEFAULT_BRANCH=master
+DEFAULT_BRANCH = master
 ; Allow adoption of unadopted repositories
-ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES=false
+ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES = false
 ; Allow deletion of unadopted repositories
-ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES=false
+ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES = false

 [repository.editor]
 ; List of file extensions for which lines should be wrapped in the Monaco editor
@@ -97,25 +103,25 @@ MAX_FILES = 5

 [repository.pull-request]
 ; List of prefixes used in Pull Request title to mark them as Work In Progress
-WORK_IN_PROGRESS_PREFIXES=WIP:,[WIP]
+WORK_IN_PROGRESS_PREFIXES = WIP:,[WIP]
 ; List of keywords used in Pull Request comments to automatically close a related issue
-CLOSE_KEYWORDS=close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved
+CLOSE_KEYWORDS = close,closes,closed,fix,fixes,fixed,resolve,resolves,resolved
 ; List of keywords used in Pull Request comments to automatically reopen a related issue
-REOPEN_KEYWORDS=reopen,reopens,reopened
+REOPEN_KEYWORDS = reopen,reopens,reopened
 ; In the default merge message for squash commits include at most this many commits
-DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT=50
+DEFAULT_MERGE_MESSAGE_COMMITS_LIMIT = 50
 ; In the default merge message for squash commits limit the size of the commit messages to this
-DEFAULT_MERGE_MESSAGE_SIZE=5120
+DEFAULT_MERGE_MESSAGE_SIZE = 5120
 ; In the default merge message for squash commits walk all commits to include all authors in the Co-authored-by otherwise just use those in the limited list
-DEFAULT_MERGE_MESSAGE_ALL_AUTHORS=false
+DEFAULT_MERGE_MESSAGE_ALL_AUTHORS = false
 ; In default merge messages limit the number of approvers listed as Reviewed-by: to this many
-DEFAULT_MERGE_MESSAGE_MAX_APPROVERS=10
+DEFAULT_MERGE_MESSAGE_MAX_APPROVERS = 10
 ; In default merge messages only include approvers who are official
-DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY=true
+DEFAULT_MERGE_MESSAGE_OFFICIAL_APPROVERS_ONLY = true

 [repository.issue]
 ; List of reasons why a Pull Request or Issue can be locked
-LOCK_REASONS=Too heated,Off-topic,Resolved,Spam
+LOCK_REASONS = Too heated,Off-topic,Resolved,Spam

 [repository.release]
 ; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
@@ -133,7 +139,7 @@ SIGNING_KEY = default
 SIGNING_NAME =
 SIGNING_EMAIL =
 ; Sets the default trust model for repositories. Options are: collaborator, committer, collaboratorcommitter
-DEFAULT_TRUST_MODEL=collaborator
+DEFAULT_TRUST_MODEL = collaborator
 ; Determines when gitea should sign the initial commit when creating a repository
 ; Either:
 ; - never
@@ -158,19 +164,19 @@ MERGES = pubkey, twofa, basesigned, commitssigned
 [cors]
 ; More information about CORS can be found here: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#The_HTTP_response_headers
 ; enable cors headers (disabled by default)
-ENABLED=false
+ENABLED = false
 ; scheme of allowed requests
-SCHEME=http
+SCHEME = http
 ; list of requesting domains that are allowed
-ALLOW_DOMAIN=*
+ALLOW_DOMAIN = *
 ; allow subdomains of headers listed above to request
-ALLOW_SUBDOMAIN=false
+ALLOW_SUBDOMAIN = false
 ; list of methods allowed to request
-METHODS=GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
+METHODS = GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS
 ; max time to cache response
-MAX_AGE=10m
+MAX_AGE = 10m
 ; allow request with credentials
-ALLOW_CREDENTIALS=false
+ALLOW_CREDENTIALS = false

 [ui]
 ; Number of repositories that are displayed on one explore page
@@ -238,6 +244,10 @@ TIMEOUT_STEP = 10s
 ; If the browser client supports EventSource and SharedWorker, a SharedWorker will be used in preference to polling notification. Set to -1 to disable the EventSource
 EVENT_SOURCE_UPDATE_TIME = 10s

+[ui.svg]
+; Whether to render SVG files as images.  If SVG rendering is disabled, SVG files are displayed as text and cannot be embedded in markdown files as images.
+ENABLE_RENDER = true
+
 [markdown]
 ; Render soft line breaks as hard line breaks, which means a single newline character between
 ; paragraphs will cause a line break and adding trailing whitespace to paragraphs is not
@@ -357,7 +367,7 @@ KEY_FILE = https/key.pem
 STATIC_ROOT_PATH =
 ; Default path for App data
 APP_DATA_PATH = data
-; Application level GZIP support
+; Enable gzip compression for runtime-generated content, static resources excluded
 ENABLE_GZIP = false
 ; Application profiling (memory and cpu)
 ; For "web" command it listens on localhost:6060
@@ -389,7 +399,7 @@ GRACEFUL_HAMMER_TIME = 60s
 ; Allows the setting of a startup timeout and waithint for Windows as SVC service
 ; 0 disables this.
 STARTUP_TIMEOUT = 0
-; Static resources, includes resources on custom/, public/ and all uploaded avatars web browser cache time, default is 6h
+; Static resources, includes resources on custom/, public/ and all uploaded avatars web browser cache time. Note that this cache is disabled when RUN_MODE is "dev". Default is 6h
 STATIC_CACHE_TIME = 6h

 ; Define allowed algorithms and their minimum key length (use -1 to disable a type)
@@ -447,16 +457,19 @@ ISSUE_INDEXER_NAME = gitea_issues
 ISSUE_INDEXER_PATH = indexers/issues.bleve
 ; Issue indexer queue, currently support: channel, levelqueue or redis, default is levelqueue
 ISSUE_INDEXER_QUEUE_TYPE = levelqueue
-; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the queue will be saved path,
+; When ISSUE_INDEXER_QUEUE_TYPE is levelqueue, this will be the path where the queue will be saved.
+; This can be overriden by `ISSUE_INDEXER_QUEUE_CONN_STR`.
 ; default is indexers/issues.queue
 ISSUE_INDEXER_QUEUE_DIR = indexers/issues.queue
 ; When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
+; When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of
+; the form `leveldb://path/to/db?option=value&....`, and overrides `ISSUE_INDEXER_QUEUE_DIR`.
 ISSUE_INDEXER_QUEUE_CONN_STR = "addrs=127.0.0.1:6379 db=0"
 ; Batch queue number, default is 20
 ISSUE_INDEXER_QUEUE_BATCH_NUMBER = 20
 ; Timeout the indexer if it takes longer than this to start.
 ; Set to zero to disable timeout.
-STARTUP_TIMEOUT=30s
+STARTUP_TIMEOUT = 30s

 ; repo indexer by default disabled, since it uses a lot of disk space
 REPO_INDEXER_ENABLED = false
@@ -490,6 +503,8 @@ LENGTH = 20
 ; Batch size to send for batched queues
 BATCH_LENGTH = 20
 ; Connection string for redis queues this will store the redis connection string.
+; When `TYPE` is `persistable-channel`, this provides a directory for the underlying leveldb
+; or additional options of the form `leveldb://path/to/db?option=value&....`, and will override `DATADIR`.
 CONN_STR = "addrs=127.0.0.1:6379 db=0"
 ; Provides the suffix of the default redis/disk queue name - specific queues can be overriden within in their [queue.name] sections.
 QUEUE_NAME = "_queue"
@@ -595,9 +610,11 @@ ACTIVE_CODE_LIVE_MINUTES = 180
 RESET_PASSWD_CODE_LIVE_MINUTES = 180
 ; Whether a new user needs to confirm their email when registering.
 REGISTER_EMAIL_CONFIRM = false
+; Whether a new user needs to be confirmed manually after registration. (Requires `REGISTER_EMAIL_CONFIRM` to be disabled.)
+REGISTER_MANUAL_CONFIRM = false
 ; List of domain names that are allowed to be used to register on a Gitea instance
 ; gitea.io,example.com
-EMAIL_DOMAIN_WHITELIST=
+EMAIL_DOMAIN_WHITELIST =
 ; Disallow registration, only allow admins to create accounts.
 DISABLE_REGISTRATION = false
 ; Allow registration only using third-party services, it works only when DISABLE_REGISTRATION is false
@@ -620,7 +637,7 @@ ENABLE_CAPTCHA = false
 CAPTCHA_TYPE = image
 ; Enable recaptcha to use Google's recaptcha service
 ; Go to https://www.google.com/recaptcha/admin to sign up for a key
-RECAPTCHA_SECRET  =
+RECAPTCHA_SECRET =
 RECAPTCHA_SITEKEY =
 ; For hCaptcha, create an account at https://accounts.hcaptcha.com/login to get your keys
 HCAPTCHA_SECRET =
@@ -915,12 +932,25 @@ PASSWD =
 RECEIVERS =

 [cron]
-; Enable running cron tasks periodically.
-ENABLED = true
+; Enable running all cron tasks periodically with default settings.
+ENABLED = false
 ; Run cron tasks when Gitea starts.
 RUN_AT_START = false

-; Basic cron tasks
+; Basic cron tasks - enabled by default
+
+; Clean up old repository archives
+[cron.archive_cleanup]
+; Whether to enable the job
+ENABLED = true
+; Whether to always run at least once at start up time (if ENABLED)
+RUN_AT_START = true
+; Notice if not success
+NO_SUCCESS_NOTICE = false
+; Time interval for job to run
+SCHEDULE = @every 24h
+; Archives created more than OLDER_THAN ago are subject to deletion
+OLDER_THAN = 24h

 ; Update mirrors
 [cron.update_mirrors]
@@ -956,18 +986,15 @@ RUN_AT_START = true
 NO_SUCCESS_NOTICE = false
 SCHEDULE = @every 24h

-; Clean up old repository archives
-[cron.archive_cleanup]
-; Whether to enable the job
+[cron.update_migration_poster_id]
+; Update migrated repositories' issues and comments' posterid, it will always attempt synchronization when the instance starts.
 ENABLED = true
-; Whether to always run at least once at start up time (if ENABLED)
+; Update migrated repositories' issues and comments' posterid when starting server (default true)
 RUN_AT_START = true
 ; Notice if not success
 NO_SUCCESS_NOTICE = false
-; Time interval for job to run
+; Interval as a duration between each synchronization. (default every 24h)
 SCHEDULE = @every 24h
-; Archives created more than OLDER_THAN ago are subject to deletion
-OLDER_THAN = 24h

 ; Synchronize external user data (only LDAP user synchronization is supported)
 [cron.sync_external_users]
@@ -994,18 +1021,7 @@ SCHEDULE = @every 24h
 ; deleted branches than OLDER_THAN ago are subject to deletion
 OLDER_THAN = 24h

-[cron.update_migration_poster_id]
-; Update migrated repositories' issues and comments' posterid, it will always attempt synchronization when the instance starts.
-ENABLED = true
-; Update migrated repositories' issues and comments' posterid when starting server (default true)
-RUN_AT_START = true
-; Notice if not success
-NO_SUCCESS_NOTICE = false
-; Interval as a duration between each synchronization. (default every 24h)
-SCHEDULE = @every 24h
-
-; Extened cron task
-; they was not enabled as default
+; Extended cron task - not enabled by default

 ; Delete all unactivated accounts
 [cron.delete_inactive_accounts]
@@ -1118,15 +1134,15 @@ DEFAULT_MAX_BLOB_SIZE = 10485760
 ; Enables OAuth2 provider
 ENABLE = true
 ; Lifetime of an OAuth2 access token in seconds
-ACCESS_TOKEN_EXPIRATION_TIME=3600
+ACCESS_TOKEN_EXPIRATION_TIME = 3600
 ; Lifetime of an OAuth2 refresh token in hours
-REFRESH_TOKEN_EXPIRATION_TIME=730
+REFRESH_TOKEN_EXPIRATION_TIME = 730
 ; Check if refresh token got already used
-INVALIDATE_REFRESH_TOKENS=false
+INVALIDATE_REFRESH_TOKENS = false
 ; OAuth2 authentication secret for access and refresh tokens, change this yourself to a unique string. CLI generate option is helpful in this case. https://docs.gitea.io/en-us/command-line/#generate
-JWT_SECRET=
+JWT_SECRET =
 ; Maximum length of oauth2 token/cookie stored on server
-MAX_TOKEN_LENGTH=32767
+MAX_TOKEN_LENGTH = 32767

 [i18n]
 LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pt-PT,pl-PL,bg-BG,it-IT,fi-FI,tr-TR,cs-CZ,sr-SP,sv-SE,ko-KR
@@ -1188,6 +1204,14 @@ QUEUE_CONN_STR = "addrs=127.0.0.1:6379 db=0"
 MAX_ATTEMPTS = 3
 ; Backoff time per http/https request retry (seconds)
 RETRY_BACKOFF = 3
+; Allowed domains for migrating, default is blank. Blank means everything will be allowed.
+; Multiple domains could be separated by commas.
+ALLOWED_DOMAINS =
+; Blocklist for migrating, default is blank. Multiple domains could be separated by commas.
+; When ALLOWED_DOMAINS is not blank, this option will be ignored.
+BLOCKED_DOMAINS =
+; Allow private addresses defined by RFC 1918, RFC 1122, RFC 4632 and RFC 4291 (false by default)
+ALLOW_LOCALNETWORKS = false

 ; default storage for attachments, lfs and avatars
 [storage]
--- a/docker/manifest.rootless.tmpl
+++ b/docker/manifest.rootless.tmpl
@@ -0,0 +1,19 @@
+image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-rootless
+{{#if build.tags}}
+tags:
+{{#each build.tags}}
+  - {{this}}-rootless
+{{/each}}
+{{/if}}
+manifests:
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64-rootless
+    platform:
+      architecture: amd64
+      os: linux
+  -
+    image: gitea/gitea:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64-rootless
+    platform:
+      architecture: arm64
+      os: linux
+      variant: v8
--- a/docker/root/etc/s6/gitea/run
+++ b/docker/root/etc/s6/gitea/run
@@ -1,6 +1,6 @@
 #!/bin/bash
 [[ -f ./setup ]] && source ./setup

-pushd /app/gitea > /dev/null
-    exec su-exec $USER /app/gitea/gitea web
+pushd /app/gitea >/dev/null
+exec su-exec $USER /app/gitea/gitea web
 popd
--- a/docker/root/etc/s6/gitea/setup
+++ b/docker/root/etc/s6/gitea/setup
@@ -25,7 +25,7 @@ if [ ! -f ${GITEA_CUSTOM}/conf/app.ini ]; then

    # Substitude the environment variables in the template
    APP_NAME=${APP_NAME:-"Gitea: Git with a cup of tea"} \
-    RUN_MODE=${RUN_MODE:-"dev"} \
+    RUN_MODE=${RUN_MODE:-"prod"} \
    DOMAIN=${DOMAIN:-"localhost"} \
    SSH_DOMAIN=${SSH_DOMAIN:-"localhost"} \
    HTTP_PORT=${HTTP_PORT:-"3000"} \
--- a/docker/root/etc/s6/openssh/run
+++ b/docker/root/etc/s6/openssh/run
@@ -1,6 +1,6 @@
 #!/bin/bash
 [[ -f ./setup ]] && source ./setup

-pushd /root > /dev/null
-    exec su-exec root /usr/sbin/sshd -D -e 2>&1
+pushd /root >/dev/null
+exec su-exec root /usr/sbin/sshd -D -e 2>&1
 popd
--- a/docker/rootless/etc/templates/app.ini
+++ b/docker/rootless/etc/templates/app.ini
@@ -0,0 +1,55 @@
+APP_NAME = $APP_NAME
+RUN_USER = $RUN_USER
+RUN_MODE = $RUN_MODE
+
+[repository]
+ROOT = $GITEA_WORK_DIR/git/repositories
+
+[repository.local]
+LOCAL_COPY_PATH = $GITEA_TEMP/local-repo
+
+[repository.upload]
+TEMP_PATH = $GITEA_TEMP/uploads
+
+[server]
+APP_DATA_PATH = $GITEA_WORK_DIR
+SSH_DOMAIN       = $SSH_DOMAIN
+HTTP_PORT        = $HTTP_PORT
+ROOT_URL         = $ROOT_URL
+DISABLE_SSH      = $DISABLE_SSH
+; In rootless gitea container only internal ssh server is supported
+START_SSH_SERVER = true
+SSH_PORT         = $SSH_PORT
+SSH_LISTEN_PORT  = $SSH_LISTEN_PORT
+BUILTIN_SSH_SERVER_USER = $RUN_USER
+LFS_START_SERVER = $LFS_START_SERVER
+LFS_CONTENT_PATH = $GITEA_WORK_DIR/git/lfs
+
+[database]
+PATH = $GITEA_WORK_DIR/data/gitea.db
+DB_TYPE = $DB_TYPE
+HOST    = $DB_HOST
+NAME    = $DB_NAME
+USER    = $DB_USER
+PASSWD  = $DB_PASSWD
+
+[session]
+PROVIDER_CONFIG = $GITEA_WORK_DIR/data/sessions
+
+[picture]
+AVATAR_UPLOAD_PATH = $GITEA_WORK_DIR/data/avatars
+REPOSITORY_AVATAR_UPLOAD_PATH = $GITEA_WORK_DIR/data/gitea/repo-avatars
+
+[attachment]
+PATH = $GITEA_WORK_DIR/data/attachments
+
+[log]
+ROOT_PATH = $GITEA_WORK_DIR/data/log
+
+[security]
+INSTALL_LOCK = $INSTALL_LOCK
+SECRET_KEY   = $SECRET_KEY
+
+[service]
+DISABLE_REGISTRATION = $DISABLE_REGISTRATION
+REQUIRE_SIGNIN_VIEW  = $REQUIRE_SIGNIN_VIEW
--- a/docker/rootless/usr/local/bin/docker-entrypoint.sh
+++ b/docker/rootless/usr/local/bin/docker-entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+if [ -x /usr/local/bin/docker-setup.sh ]; then
+    /usr/local/bin/docker-setup.sh || { echo 'docker setup failed' ; exit 1; }
+fi
+
+if [ $# -gt 0 ]; then
+    exec "$@"
+else
+    exec /usr/local/bin/gitea -c ${GITEA_APP_INI} web
+fi
--- a/docker/rootless/usr/local/bin/docker-setup.sh
+++ b/docker/rootless/usr/local/bin/docker-setup.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# Prepare git folder
+mkdir -p ${HOME} && chmod 0700 ${HOME}
+if [ ! -w ${HOME} ]; then echo "${HOME} is not writable"; exit 1; fi
+
+# Prepare custom folder
+mkdir -p ${GITEA_CUSTOM} && chmod 0500 ${GITEA_CUSTOM}
+
+# Prepare temp folder
+mkdir -p ${GITEA_TEMP} && chmod 0700 ${GITEA_TEMP}
+if [ ! -w ${GITEA_TEMP} ]; then echo "${GITEA_TEMP} is not writable"; exit 1; fi
+
+#Prepare config file
+if [ ! -f ${GITEA_APP_INI} ]; then
+
+    #Prepare config file folder
+    GITEA_APP_INI_DIR=$(dirname ${GITEA_APP_INI})
+    mkdir -p ${GITEA_APP_INI_DIR} && chmod 0700 ${GITEA_APP_INI_DIR}
+    if [ ! -w ${GITEA_APP_INI_DIR} ]; then echo "${GITEA_APP_INI_DIR} is not writable"; exit 1; fi
+
+    # Set INSTALL_LOCK to true only if SECRET_KEY is not empty and
+    # INSTALL_LOCK is empty
+    if [ -n "$SECRET_KEY" ] && [ -z "$INSTALL_LOCK" ]; then
+        INSTALL_LOCK=true
+    fi
+
+    # Substitude the environment variables in the template
+    APP_NAME=${APP_NAME:-"Gitea: Git with a cup of tea"} \
+    RUN_MODE=${RUN_MODE:-"prod"} \
+    RUN_USER=${USER:-"git"} \
+    SSH_DOMAIN=${SSH_DOMAIN:-"localhost"} \
+    HTTP_PORT=${HTTP_PORT:-"3000"} \
+    ROOT_URL=${ROOT_URL:-""} \
+    DISABLE_SSH=${DISABLE_SSH:-"false"} \
+    SSH_PORT=${SSH_PORT:-"2222"} \
+    SSH_LISTEN_PORT=${SSH_LISTEN_PORT:-$SSH_PORT} \
+    DB_TYPE=${DB_TYPE:-"sqlite3"} \
+    DB_HOST=${DB_HOST:-"localhost:3306"} \
+    DB_NAME=${DB_NAME:-"gitea"} \
+    DB_USER=${DB_USER:-"root"} \
+    DB_PASSWD=${DB_PASSWD:-""} \
+    INSTALL_LOCK=${INSTALL_LOCK:-"false"} \
+    DISABLE_REGISTRATION=${DISABLE_REGISTRATION:-"false"} \
+    REQUIRE_SIGNIN_VIEW=${REQUIRE_SIGNIN_VIEW:-"false"} \
+    SECRET_KEY=${SECRET_KEY:-""} \
+    envsubst < /etc/templates/app.ini > ${GITEA_APP_INI}
+fi
--- a/docs/.editorconfig
+++ b/docs/.editorconfig
@@ -1,34 +0,0 @@
-# http://editorconfig.org
-
-root = true
-
-[*]
-charset = utf-8
-insert_final_newline = true
-trim_trailing_whitespace = true
-
-[*.go]
-indent_style = tab
-indent_size = 8
-
-[*.{tmpl,html}]
-indent_style = tab
-indent_size = 4
-
-[*.{less}]
-indent_style = space
-indent_size = 4
-
-[*.{yml}]
-indent_style = space
-indent_size = 2
-
-[*.js]
-indent_style = space
-indent_size = 4
-
-[Makefile]
-indent_style = tab
-
-[*.md]
-trim_trailing_whitespace = false
--- a/docs/config.yaml
+++ b/docs/config.yaml
@@ -18,7 +18,7 @@ params:
  description: Git with a cup of tea
  author: The Gitea Authors
  website: https://docs.gitea.io
-  version: 1.12.5
+  version: 1.13.1
  minGoVersion: 1.13
  goVersion: 1.15
  minNodeVersion: 10.13
@@ -48,10 +48,10 @@ menu:
      url: https://blog.gitea.io/
      weight: 30
      pre: rss
-    - name: Code
-      url: https://code.gitea.io/
+    - name: Shop
+      url: https://shop.gitea.io/
      weight: 40
-      pre: code
+      pre: shopping-cart
    - name: Translation
      url: https://crowdin.com/project/gitea
      weight: 41
--- a/docs/content/doc/advanced/ci-cd.en-us.md
+++ b/docs/content/doc/advanced/ci-cd.en-us.md
@@ -1,37 +0,0 @@
---
-date: "2019-08-27:00:00+02:00"
-title: "CI/CD Usage"
-slug: "ci-cd"
-weight: 40
-toc: true
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "CI/CD Usage"
-    weight: 40
-    identifier: "ci-cd"
---
-
-# Gitea and CI/CD
-**NOTE:** These tools are not endorsed by Gitea. They are listed here for convenience only.
-
-## Hey! This page may be out of date or even removed in the future! :scream:
-Instead, check out [awesome-gitea](https://gitea.com/gitea/awesome-gitea/src/branch/master/README.md#user-content-devops)!
-
-## Listing
-
-CI/CD solutions that have integration with Gitea. Following list is not complete,
-the purpose is to give a starting point to integrate a CI/CD process with your Gitea instance.
-
- - [Drone](https://drone.io) with [Gitea documentation](https://docs.drone.io/installation/providers/gitea/)
- - [Jenkins](https://jenkins.io/) with [Gitea plugin](https://plugins.jenkins.io/gitea)
- - [Agola](https://agola.io)
- - [Buildkite](https://buildkite.com) with [Gitea connector](https://github.com/techknowlogick/gitea-buildkite-connector)
- - [AppVeyor](https://www.appveyor.com) with [built-in Gitea support](https://www.appveyor.com/blog/2019/09/05/gitea-receives-first-class-support-in-appveyor/)
- - [Buildbot](https://www.buildbot.net/) with [Gitea plugin](https://github.com/lab132/buildbot-gitea)
- 
-
-Others CI/CD solutions that can partially be integrated with Gitea:
-
- - [Concourse](https://www.concourse-ci.org), see more information at [Concourse community forum](https://discuss.concourse-ci.org/t/concourse-ci-and-gitea-oauth/1475)
--- a/docs/content/doc/advanced/cmd-embedded.en-us.md
+++ b/docs/content/doc/advanced/cmd-embedded.en-us.md
@@ -3,7 +3,7 @@ date: "2020-01-25T21:00:00-03:00"
 title: "Embedded data extraction tool"
 slug: "cmd-embedded"
 weight: 40
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,6 +15,10 @@ menu:

 # Embedded data extraction tool

+**Table of Contents**
+
+{{< toc >}}
+
 Gitea's executable contains all the resources required to run: templates, images, style-sheets
 and translations. Any of them can be overridden by placing a replacement in a matching path
 inside the `custom` directory (see [Customizing Gitea]({{< relref "doc/advanced/customizing-gitea.en-us.md" >}})).
@@ -28,7 +32,7 @@ can be used from the OS shell interface.

 To list resources embedded in Gitea's executable, use the following syntax:

-```
+```sh
 gitea embedded list [--include-vendored] [patterns...]
 ```

@@ -48,11 +52,11 @@ a special meaning for your command shell.

 If no pattern is provided, all files are listed.

-#### Example
+### Example

 Listing all embedded files with `openid` in their path:

-```
+```sh
 $ gitea embedded list '**openid**'
 public/img/auth/openid_connect.svg
 public/img/openid-16x16.png
@@ -68,7 +72,7 @@ templates/user/settings/security_openid.tmpl

 To extract resources embedded in Gitea's executable, use the following syntax:

-```
+```sh
 gitea [--config {file}] embedded extract [--destination {dir}|--custom] [--overwrite|--rename] [--include-vendored] {patterns...}
 ```

@@ -91,7 +95,7 @@ as `filename.bak`. Previous `.bak` files are overwritten.
 At least one file search pattern must be provided; see `list` subcomand above for pattern
 syntax and examples.

-#### Important notice
+### Important notice

 Make sure to **only extract those files that require customization**. Files that
 are present in the `custom` directory are not upgraded by Gitea's upgrade process.
@@ -99,11 +103,11 @@ When Gitea is upgraded to a new version (by replacing the executable), many of t
 embedded files will suffer changes. Gitea will honor and use any files found
 in the `custom` directory, even if they are old and incompatible.

-#### Example
+### Example

 Extracting mail templates to a temporary directory:

-```
+```sh
 $ mkdir tempdir
 $ gitea embedded extract --destination tempdir 'templates/mail/**.tmpl'
 Extracting to tempdir:
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -31,19 +31,19 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.

 **Note:** A full restart is required for Gitea configuration changes to take effect.

+{{< toc >}}
+
 ## Overall (`DEFAULT`)

 - `APP_NAME`: **Gitea: Git with a cup of tea**: Application name, used in the page title.
 - `RUN_USER`: **git**: The user Gitea will run as. This should be a dedicated system
   (non-user) account. Setting this incorrectly will cause Gitea to not start.
- `RUN_MODE`: **dev**: For performance and other purposes, change this to `prod` when
-   deployed to a production environment. The installation process will set this to `prod`
-   automatically. \[prod, dev, test\]
+- `RUN_MODE`: **prod**: Application run mode, affects performance and debugging. Either "dev", "prod" or "test".

 ## Repository (`repository`)

- `ROOT`: **~/gitea-repositories/**: Root path for storing all repository data. It must be
-   an absolute path.
+- `ROOT`: **data/gitea-repositories/**: Root path for storing all repository data. It must be
+   an absolute path. By default it is stored in a sub-directory of `APP_DATA_PATH`.
 - `SCRIPT_TYPE`: **bash**: The script type this server supports. Usually this is `bash`,
   but some users report that only `sh` is available.
 - `DETECTED_CHARSETS_ORDER`: **UTF-8, UTF-16BE, UTF-16LE, UTF-32BE, UTF-32LE, ISO-8859, windows-1252, ISO-8859, windows-1250, ISO-8859, ISO-8859, ISO-8859, windows-1253, ISO-8859, windows-1255, ISO-8859, windows-1251, windows-1256, KOI8-R, ISO-8859, windows-1254, Shift_JIS, GB18030, EUC-JP, EUC-KR, Big5, ISO-2022, ISO-2022, ISO-2022, IBM424_rtl, IBM424_ltr, IBM420_rtl, IBM420_ltr**: Tie-break order of detected charsets - if the detected charsets have equal confidence, charsets earlier in the list will be chosen in preference to those later. Adding `defaults` will place the unnamed charsets at that point.
@@ -74,6 +74,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects**: Comma separated list of default repo units. Allowed values: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects\]. Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. External wiki and issue tracker can't be enabled by default as it requires additional settings. Disabled repo units will not be added to new repositories regardless if it is in the default list.
 - `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository.
 - `DISABLE_MIRRORS`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
+- `DISABLE_MIGRATIONS`: **false**: Disable migrating feature.
 - `DEFAULT_BRANCH`: **master**: Default branch name of all repositories.
 - `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories
 - `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories
@@ -141,15 +142,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.

 - `LOCAL_COPY_PATH`: **tmp/local-repo**: Path for temporary local repository copies. Defaults to `tmp/local-repo`

-## Repository - Upload (`repository.upload`)
-
- `ENABLED`: **true**: Whether repository file uploads are enabled. Defaults to `true`
- `TEMP_PATH`: **data/tmp/uploads**: Path for uploads. Defaults to `data/tmp/uploads` (tmp gets deleted on gitea restart)
- `ALLOWED_TYPES`: **_empty_**:; One or more allowed types, e.g. image/jpeg|image/png. Nothing means any file type
- `FILE_MAX_SIZE`: **3**: Max size of each file in megabytes. Defaults to 3MB
- `MAX_FILES`: **5**: Max number of files per upload. Defaults to 5
-
-
 ## CORS (`cors`)

 - `ENABLED`: **false**: enable cors headers (disabled by default)
@@ -202,6 +194,10 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `TIMEOUT_STEP`: **10s**.
 - `EVENT_SOURCE_UPDATE_TIME`: **10s**: This setting determines how often the database is queried to update notification counts. If the browser client supports `EventSource` and `SharedWorker`, a `SharedWorker` will be used in preference to polling notification endpoint. Set to **-1** to disable the `EventSource`.

+### UI - SVG Images (`ui.svg`)
+
+- `ENABLE_RENDER`: **true**: Whether to render SVG files as images.  If SVG rendering is disabled, SVG files are displayed as text and cannot be embedded in markdown files as images.
+
 ## Markdown (`markdown`)

 - `ENABLE_HARD_LINE_BREAK_IN_COMMENTS`: **true**: Render soft line breaks as hard line breaks in comments, which
@@ -249,8 +245,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `SSH_PORT`: **22**: SSH port displayed in clone URL.
 - `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server.
 - `SSH_LISTEN_PORT`: **%(SSH\_PORT)s**: Port for the built-in SSH server.
- `SSH_ROOT_PATH`: **~/.ssh**: Root path of SSH directory. 
+- `SSH_ROOT_PATH`: **~/.ssh**: Root path of SSH directory.
 - `SSH_CREATE_AUTHORIZED_KEYS_FILE`: **true**: Gitea will create a authorized_keys file by default when it is not using the internal ssh server. If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
+- `SSH_AUTHORIZED_KEYS_BACKUP`: **true**: Enable SSH Authorized Key Backup when rewriting all keys, default is true.
 - `SSH_TRUSTED_USER_CA_KEYS`: **\<empty\>**: Specifies the public keys of certificate authorities that are trusted to sign user certificates for authentication. Multiple keys should be comma separated. E.g.`ssh-<algorithm> <key>` or `ssh-<algorithm> <key1>, ssh-<algorithm> <key2>`. For more information see `TrustedUserCAKeys` in the sshd config man pages. When empty no file will be created and `SSH_AUTHORIZED_PRINCIPALS_ALLOW` will default to `off`.
 - `SSH_TRUSTED_USER_CA_KEYS_FILENAME`: **`RUN_USER`/.ssh/gitea-trusted-user-ca-keys.pem**: Absolute path of the `TrustedUserCaKeys` file gitea will manage. If you're running your own ssh server and you want to use the gitea managed file you'll also need to modify your sshd_config to point to this file. The official docker image will automatically work without further configuration.
 - `SSH_AUTHORIZED_PRINCIPALS_ALLOW`: **off** or **username, email**: \[off, username, email, anything\]: Specify the principals values that users are allowed to use as principal. When set to `anything` no checks are done on the principal string. When set to `off` authorized principal are not allowed to be set.
@@ -261,7 +258,6 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `SSH_SERVER_MACS`: **hmac-sha2-256-etm@openssh.com, hmac-sha2-256, hmac-sha1, hmac-sha1-96**: For the built-in SSH server, choose the MACs to support for SSH connections, for system SSH this setting has no effect
 - `SSH_KEY_TEST_PATH`: **/tmp**: Directory to create temporary files in when testing public keys using ssh-keygen, default is the system temporary directory.
 - `SSH_KEYGEN_PATH`: **ssh-keygen**: Path to ssh-keygen, default is 'ssh-keygen' which means the shell is responsible for finding out which one to call.
- `SSH_BACKUP_AUTHORIZED_KEYS`: **true**: Enable SSH Authorized Key Backup when rewriting all keys, default is true.
 - `SSH_EXPOSE_ANONYMOUS`: **false**: Enable exposure of SSH clone URL to anonymous visitors, default is false.
 - `MINIMUM_KEY_SIZE_CHECK`: **true**: Indicate whether to check minimum key size with corresponding type.

@@ -271,8 +267,8 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `KEY_FILE`: **https/key.pem**: Key file path used for HTTPS. From 1.11 paths are relative to `CUSTOM_PATH`.
 - `STATIC_ROOT_PATH`: **./**: Upper level of template and static files path.
 - `APP_DATA_PATH`: **data** (**/data/gitea** on docker): Default path for application data.
- `STATIC_CACHE_TIME`: **6h**: Web browser cache time for static resources on `custom/`, `public/` and all uploaded avatars.
- `ENABLE_GZIP`: **false**: Enables application-level GZIP support.
+- `STATIC_CACHE_TIME`: **6h**: Web browser cache time for static resources on `custom/`, `public/` and all uploaded avatars. Note that this cache is disabled when `RUN_MODE` is "dev".
+- `ENABLE_GZIP`: **false**: Enable gzip compression for runtime-generated content, static resources excluded.
 - `ENABLE_PPROF`: **false**: Application profiling (memory and cpu). For "web" command it listens on localhost:6060. For "serv" command it dumps to disk at `PPROF_DATA_PATH` as `(cpuprofile|memprofile)_<username>_<temporary id>`
 - `PPROF_DATA_PATH`: **data/tmp/pprof**: `PPROF_DATA_PATH`, use an absolute path when you start gitea as service
 - `LANDING_PAGE`: **home**: Landing page for unauthenticated users \[home, explore, organizations, login\].
@@ -301,9 +297,9 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `HOST`: **127.0.0.1:3306**: Database host address and port or absolute path for unix socket \[mysql, postgres\] (ex: /var/run/mysqld/mysqld.sock).
 - `NAME`: **gitea**: Database name.
 - `USER`: **root**: Database username.
- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` for quoting if you use special characters in the password.
+- `PASSWD`: **\<empty\>**: Database user password. Use \`your password\` or """your password""" for quoting if you use special characters in the password.
 - `SCHEMA`: **\<empty\>**: For PostgreSQL only, schema to use if different from "public". The schema must exist beforehand,
-  the user must have creation privileges on it, and the user search path must be set to the look into the schema first 
+  the user must have creation privileges on it, and the user search path must be set to the look into the schema first
  (e.g. `ALTER USER user SET SEARCH_PATH = schema_name,"$user",public;`).
 - `SSL_MODE`: **disable**: SSL/TLS encryption mode for connecting to the database. This option is only applied for PostgreSQL and MySQL.
  - Valid values for MySQL:
@@ -327,7 +323,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `MAX_OPEN_CONNS` **0**: Database maximum open connections - default is 0, meaning there is no limit.
 - `MAX_IDLE_CONNS` **2**: Max idle database connections on connnection pool, default is 2 - this will be capped to `MAX_OPEN_CONNS`.
 - `CONN_MAX_LIFETIME` **0 or 3s**: Sets the maximum amount of time a DB connection may be reused - default is 0, meaning there is no limit (except on MySQL where it is 3s - see #6804 & #7071).
-  
+
 Please see #8540 & #8273 for further discussion of the appropriate values for `MAX_OPEN_CONNS`, `MAX_IDLE_CONNS` & `CONN_MAX_LIFETIME` and their
 relation to port exhaustion.

@@ -339,8 +335,8 @@ relation to port exhaustion.
 - `ISSUE_INDEXER_PATH`: **indexers/issues.bleve**: Index file used for issue search; available when ISSUE_INDEXER_TYPE is bleve and elasticsearch.
 - The next 4 configuration values are deprecated and should be set in `queue.issue_indexer` however are kept for backwards compatibility:
 - `ISSUE_INDEXER_QUEUE_TYPE`: **levelqueue**: Issue indexer queue, currently supports:`channel`, `levelqueue`, `redis`.
- `ISSUE_INDEXER_QUEUE_DIR`: **indexers/issues.queue**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the queue will be saved path.
- `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string.
+- `ISSUE_INDEXER_QUEUE_DIR`: **indexers/issues.queue**: When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this will be the path where the queue will be saved.
+- `ISSUE_INDEXER_QUEUE_CONN_STR`: **addrs=127.0.0.1:6379 db=0**: When `ISSUE_INDEXER_QUEUE_TYPE` is `redis`, this will store the redis connection string. When `ISSUE_INDEXER_QUEUE_TYPE` is `levelqueue`, this is a directory or additional options of the form `leveldb://path/to/db?option=value&....`, and overrides `ISSUE_INDEXER_QUEUE_DIR`.
 - `ISSUE_INDEXER_QUEUE_BATCH_NUMBER`: **20**: Batch queue number.

 - `REPO_INDEXER_ENABLED`: **false**: Enables code search (uses a lot of disk space, about 6 times more than the repository size).
@@ -358,11 +354,11 @@ relation to port exhaustion.

 ## Queue (`queue` and `queue.*`)

- `TYPE`: **persistable-channel**: General queue type, currently support: `persistable-channel`, `channel`, `level`, `redis`, `dummy`
+- `TYPE`: **persistable-channel**: General queue type, currently support: `persistable-channel` (uses a LevelDB internally), `channel`, `level`, `redis`, `dummy`
 - `DATADIR`: **queues/**: Base DataDir for storing persistent and level queues. `DATADIR` for individual queues can be set in `queue.name` sections but will default to `DATADIR/`**`name`**.
 - `LENGTH`: **20**: Maximal queue size before channel queues block
 - `BATCH_LENGTH`: **20**: Batch data before passing to the handler
- `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. Options can be set using query params. Similarly LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**
+- `CONN_STR`: **redis://127.0.0.1:6379/0**: Connection string for the redis queue type. Options can be set using query params. Similarly LevelDB options can also be set using: **leveldb://relative/path?option=value** or **leveldb:///absolute/path?option=value**, and will override `DATADIR`
 - `QUEUE_NAME`: **_queue**: The suffix for default redis and disk queue name. Individual queues will default to **`name`**`QUEUE_NAME` but can be overriden in the specific `queue.name` section.
 - `SET_NAME`: **_unique**: The suffix that will be added to the default redis and disk queue `set` name for unique queues. Individual queues will default to
 **`name`**`QUEUE_NAME`_`SET_NAME`_ but can be overridden in the specific `queue.name` section.
@@ -431,6 +427,8 @@ relation to port exhaustion.
   process.
 - `REGISTER_EMAIL_CONFIRM`: **false**: Enable this to ask for mail confirmation of registration.
   Requires `Mailer` to be enabled.
+- `REGISTER_MANUAL_CONFIRM`: **false**: Enable this to manually confirm new registrations.
+   Requires `REGISTER_EMAIL_CONFIRM` to be disabled.
 - `DISABLE_REGISTRATION`: **false**: Disable registration, after which only admin can create
   accounts for users.
 - `REQUIRE_EXTERNAL_REGISTRATION_PASSWORD`: **false**: Enable this to force externally created
@@ -474,7 +472,7 @@ relation to port exhaustion.
 - `DEFAULT_ORG_VISIBILITY`: **public**: Set default visibility mode for organisations, either "public", "limited" or "private".
 - `DEFAULT_ORG_MEMBER_VISIBLE`: **false** True will make the membership of the users visible when added to the organisation.
 - `ALLOW_ONLY_EXTERNAL_REGISTRATION`: **false** Set to true to force registration only using third-party services.
- `NO_REPLY_ADDRESS`: **DOMAIN** Default value for the domain part of the user's email address in the git log if he has set KeepEmailPrivate to true. 
+- `NO_REPLY_ADDRESS`: **DOMAIN** Default value for the domain part of the user's email address in the git log if he has set KeepEmailPrivate to true.
  The user's email will be replaced with a concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.

 ## SSH Minimum Key Sizes (`ssh.minimum_key_sizes`)
@@ -502,7 +500,7 @@ Define allowed algorithms and their minimum key length (use -1 to disable a type
 - `HELO_HOSTNAME`: **\<empty\>**: Custom hostname for HELO operation.
 - `HOST`: **\<empty\>**: SMTP mail host address and port (example: smtp.gitea.io:587).
  - Using opportunistic TLS via STARTTLS on port 587 is recommended per RFC 6409.
- `IS_TLS_ENABLED` :  **false** : Forcibly use TLS to connect even if not on a default SMTPS port. 
+- `IS_TLS_ENABLED` :  **false** : Forcibly use TLS to connect even if not on a default SMTPS port.
  - Note, if the port ends with `465` SMTPS/SMTP over TLS will be used despite this setting.
  - Otherwise if `IS_TLS_ENABLED=false` and the server supports `STARTTLS` this will be used. Thus if `STARTTLS` is preferred you should set `IS_TLS_ENABLED=false`.
 - `FROM`: **\<empty\>**: Mail from address, RFC 5322. This can be just an email address, or
@@ -668,42 +666,84 @@ NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false`

 ## Cron (`cron`)

- `ENABLED`: **true**: Run cron tasks periodically.
+- `ENABLED`: **false**: Enable to run all cron tasks periodically with default settings.
 - `RUN_AT_START`: **false**: Run cron tasks at application start-up.
 - `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.

-### Cron - Cleanup old repository archives (`cron.archive_cleanup`)
+### Basic cron tasks - enabled by default
+
+#### Cron - Cleanup old repository archives (`cron.archive_cleanup`)

 - `ENABLED`: **true**: Enable service.
 - `RUN_AT_START`: **true**: Run tasks at start up time (if ENABLED).
 - `SCHEDULE`: **@every 24h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
 - `OLDER_THAN`: **24h**: Archives created more than `OLDER_THAN` ago are subject to deletion, e.g. `12h`.

-### Cron - Update Mirrors (`cron.update_mirrors`)
+#### Cron - Update Mirrors (`cron.update_mirrors`)

 - `SCHEDULE`: **@every 10m**: Cron syntax for scheduling update mirrors, e.g. `@every 3h`.
 - `NO_SUCCESS_NOTICE`: **true**: The cron task for update mirrors success report is not very useful - as it just means that the mirrors have been queued. Therefore this is turned off by default.

-### Cron - Repository Health Check (`cron.repo_health_check`)
+#### Cron - Repository Health Check (`cron.repo_health_check`)

 - `SCHEDULE`: **@every 24h**: Cron syntax for scheduling repository health check.
 - `TIMEOUT`: **60s**: Time duration syntax for health check execution timeout.
 - `ARGS`: **\<empty\>**: Arguments for command `git fsck`, e.g. `--unreachable --tags`. See more on http://git-scm.com/docs/git-fsck

-### Cron - Repository Statistics Check (`cron.check_repo_stats`)
+#### Cron - Repository Statistics Check (`cron.check_repo_stats`)

 - `RUN_AT_START`: **true**: Run repository statistics check at start time.
 - `SCHEDULE`: **@every 24h**: Cron syntax for scheduling repository statistics check.

-### Cron - Update Migration Poster ID (`cron.update_migration_poster_id`)
+#### Cron - Update Migration Poster ID (`cron.update_migration_poster_id`)

 - `SCHEDULE`: **@every 24h** : Interval as a duration between each synchronization, it will always attempt synchronization when the instance starts.

-### Cron - Sync External Users (`cron.sync_external_users`)
+#### Cron - Sync External Users (`cron.sync_external_users`)

 - `SCHEDULE`: **@every 24h** : Interval as a duration between each synchronization, it will always attempt synchronization when the instance starts.
 - `UPDATE_EXISTING`: **true**: Create new users, update existing user data and disable users that are not in external source anymore (default) or only create new users if UPDATE_EXISTING is set to false.

+### Extended cron tasks (not enabled by default)
+
+#### Cron - Garbage collect all repositories ('cron.git_gc_repos')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+- `TIMEOUT`: **60s**: Time duration syntax for garbage collection execution timeout.
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `ARGS`: **\<empty\>**: Arguments for command `git gc`, e.g. `--aggressive --auto`. The default value is same with [git] -> GC_ARGS
+
+#### Cron - Update the '.ssh/authorized_keys' file with Gitea SSH keys ('cron.resync_all_sshkeys')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+
+#### Cron - Resynchronize pre-receive, update and post-receive hooks of all repositories ('cron.resync_all_hooks')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+
+#### Cron - Reinitialize all missing Git repositories for which records exist ('cron.reinit_missing_repos')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+
+#### Cron - Delete all repositories missing their Git files ('cron.delete_missing_repos')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+
+#### Cron -  Delete generated repository avatars ('cron.delete_generated_repository_avatars')
+- `ENABLED`: **false**: Enable service.
+- `RUN_AT_START`: **false**: Run tasks at start up time (if ENABLED).
+- `NO_SUCCESS_NOTICE`: **false**: Set to true to switch off success notices.
+- `SCHEDULE`: **@every 72h**: Cron syntax for scheduling repository archive cleanup, e.g. `@every 1h`.
+
 ## Git (`git`)

 - `PATH`: **""**: The path of git executable. If empty, Gitea searches through the PATH environment.
@@ -813,6 +853,9 @@ Task queue configuration has been moved to `queue.task`. However, the below conf

 - `MAX_ATTEMPTS`: **3**: Max attempts per http/https request on migrations.
 - `RETRY_BACKOFF`: **3**: Backoff time per http/https request retry (seconds)
+- `ALLOWED_DOMAINS`: **\<empty\>**: Domains allowlist for migrating repositories, default is blank. It means everything will be allowed. Multiple domains could be separated by commas.
+- `BLOCKED_DOMAINS`: **\<empty\>**: Domains blocklist for migrating repositories, default is blank. Multiple domains could be separated by commas. When `ALLOWED_DOMAINS` is not blank, this option will be ignored.
+- `ALLOW_LOCALNETWORKS`: **false**: Allow private addresses defined by RFC 1918, RFC 1122, RFC 4632 and RFC 4291

 ## Mirror (`mirror`)

@@ -822,7 +865,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
 ## LFS (`lfs`)

 Storage configuration for lfs data. It will be derived from default `[storage]` or
-`[storage.xxx]` when set `STORAGE_TYPE` to `xxx`. When derived, the default of `PATH` 
+`[storage.xxx]` when set `STORAGE_TYPE` to `xxx`. When derived, the default of `PATH`
 is `data/lfs` and the default of `MINIO_BASE_PATH` is `lfs/`.

 - `STORAGE_TYPE`: **local**: Storage type for lfs, `local` for local disk or `minio` for s3 compatible object storage service or other name defined with `[storage.xxx]`
--- a/docs/content/doc/advanced/config-cheat-sheet.zh-cn.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.zh-cn.md
@@ -17,6 +17,8 @@ menu:

 这是针对Gitea配置文件的说明，你可以了解Gitea的强大配置。需要说明的是，你的所有改变请修改 `custom/conf/app.ini` 文件而不是源文件。所有默认值可以通过 [app.example.ini](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini) 查看到。如果你发现 `%(X)s` 这样的内容，请查看 [ini](https://github.com/go-ini/ini/#recursive-values) 这里的说明。标注了 :exclamation: 的配置项表明除非你真的理解这个配置项的意义，否则最好使用默认值。

+{{< toc >}}
+
 ## Overall (`DEFAULT`)

 - `APP_NAME`: 应用名称，改成你希望的名字。
@@ -68,7 +70,7 @@ menu:
 - `KEY_FILE`: 启用HTTPS的密钥文件。
 - `STATIC_ROOT_PATH`: 存放模板和静态文件的根目录，默认是 Gitea 的根目录。
 - `STATIC_CACHE_TIME`: **6h**: 静态资源文件，包括 `custom/`, `public/` 和所有上传的头像的浏览器缓存时间。
- `ENABLE_GZIP`: 启用应用级别的 GZIP 压缩。
+- `ENABLE_GZIP`: 启用实时生成的数据启用 GZIP 压缩，不包括静态资源。
 - `LANDING_PAGE`: 未登录用户的默认页面，可选 `home` 或 `explore`。

 - `LFS_START_SERVER`: 是否启用 git-lfs 支持. 可以为 `true` 或 `false`， 默认是 `false`。
@@ -122,6 +124,7 @@ menu:
 - `ACTIVE_CODE_LIVE_MINUTES`: 登录验证码失效时间，单位分钟。
 - `RESET_PASSWD_CODE_LIVE_MINUTES`: 重置密码失效时间，单位分钟。
 - `REGISTER_EMAIL_CONFIRM`: 启用注册邮件激活，前提是 `Mailer` 已经启用。
+- `REGISTER_MANUAL_CONFIRM`: **false**: 新注册用户必须由管理员手动激活,启用此选项需取消`REGISTER_EMAIL_CONFIRM`.
 - `DISABLE_REGISTRATION`: 禁用注册，启用后只能用管理员添加用户。
 - `SHOW_REGISTRATION_BUTTON`: 是否显示注册按钮。
 - `REQUIRE_SIGNIN_VIEW`: 是否所有页面都必须登录后才可访问。
@@ -313,6 +316,9 @@ IS_INPUT_FILE = false

 - `MAX_ATTEMPTS`: **3**: 在迁移过程中的 http/https 请求重试次数。
 - `RETRY_BACKOFF`: **3**: 等待下一次重试的时间，单位秒。
+- `ALLOWED_DOMAINS`: **\<empty\>**: 迁移仓库的域名白名单，默认为空，表示允许从任意域名迁移仓库，多个域名用逗号分隔。
+- `BLOCKED_DOMAINS`: **\<empty\>**: 迁移仓库的域名黑名单，默认为空，多个域名用逗号分隔。如果 `ALLOWED_DOMAINS` 不为空，此选项将会被忽略。
+- `ALLOW_LOCALNETWORKS`: **false**: Allow private addresses defined by RFC 1918

 ## LFS (`lfs`)

--- a/docs/content/doc/advanced/customizing-gitea.en-us.md
+++ b/docs/content/doc/advanced/customizing-gitea.en-us.md
@@ -45,6 +45,10 @@ environment variable; this can be used to override the default path to something

 **Note:** Gitea must perform a full restart to see configuration changes.

+**Table of Contents**
+
+{{< toc >}}
+
 ## Serving custom public files

 To make Gitea serve custom public files (like pages and images), use the folder
@@ -53,9 +57,22 @@ To make Gitea serve custom public files (like pages and images), use the folder
 For example, a file `image.png` stored in `custom/public/`, can be accessed with
 the url `http://gitea.domain.tld/image.png`.

+## Changing the default logo
+
+To build a custom logo replace `assets/logo.svg` and run `make generate-images`. This will update
+these customizable logo files which you can then place in `custom/public/img` on your server:
+
+- `public/img/logo.svg`
+- `public/img/logo.png`
+- `public/img/favicon.png`
+- `public/img/avatar_default.png`
+- `public/img/apple-touch-icon.png`
+
 ## Changing the default avatar

-Place the png image at the following path: `custom/public/img/avatar_default.png`
+Either generate it via above method or place the png image at the following path:
+
+- `custom/public/img/avatar_default.png`

 ## Customizing Gitea pages and resources

@@ -123,8 +140,8 @@ copy javascript files from https://gitea.com/davidsvantesson/plantuml-code-highl
 <script src="https://your-server.com/encode.js"></script>
 <script src="https://your-server.com/plantuml_codeblock_parse.js"></script>
 <script>
-<!-- Replace call with address to your plantuml server-->
-parsePlantumlCodeBlocks("http://www.plantuml..com/plantuml")
+  <!-- Replace call with address to your plantuml server-->
+  parsePlantumlCodeBlocks("http://www.plantuml..com/plantuml");
 </script>
 {{end}}
 ```
@@ -144,38 +161,50 @@ The script will detect tags with `class="language-plantuml"`, but you can change
 #### Example: STL Preview

 You can display STL file directly in Gitea by adding:
+
 ```html
 <script>
-function lS(src){
-  return new Promise(function(resolve, reject) {
-    let s = document.createElement('script')
-    s.src = src
-    s.addEventListener('load', () => {
-      resolve()
-    })
-    document.body.appendChild(s)
-  });
-}
-
-if($('.view-raw>a[href$=".stl" i]').length){
-  $('body').append('<link href="/Madeleine.js/src/css/Madeleine.css" rel="stylesheet">');
-  Promise.all([lS("/Madeleine.js/src/lib/stats.js"),lS("/Madeleine.js/src/lib/detector.js"), lS("/Madeleine.js/src/lib/three.min.js"), lS("/Madeleine.js/src/Madeleine.js")]).then(function() {
-    $('.view-raw').attr('id', 'view-raw').attr('style', 'padding: 0;margin-bottom: -10px;');
-    new Madeleine({
-      target: 'view-raw',
-      data: $('.view-raw>a[href$=".stl" i]').attr('href'),
-      path: '/Madeleine.js/src'
+  function lS(src) {
+    return new Promise(function (resolve, reject) {
+      let s = document.createElement("script");
+      s.src = src;
+      s.addEventListener("load", () => {
+        resolve();
+      });
+      document.body.appendChild(s);
    });
-    $('.view-raw>a[href$=".stl"]').remove()
-  });
-}
+  }
+
+  if ($('.view-raw>a[href$=".stl" i]').length) {
+    $("body").append(
+      '<link href="/Madeleine.js/src/css/Madeleine.css" rel="stylesheet">'
+    );
+    Promise.all([
+      lS("/Madeleine.js/src/lib/stats.js"),
+      lS("/Madeleine.js/src/lib/detector.js"),
+      lS("/Madeleine.js/src/lib/three.min.js"),
+      lS("/Madeleine.js/src/Madeleine.js"),
+    ]).then(function () {
+      $(".view-raw")
+        .attr("id", "view-raw")
+        .attr("style", "padding: 0;margin-bottom: -10px;");
+      new Madeleine({
+        target: "view-raw",
+        data: $('.view-raw>a[href$=".stl" i]').attr("href"),
+        path: "/Madeleine.js/src",
+      });
+      $('.view-raw>a[href$=".stl"]').remove();
+    });
+  }
 </script>
 ```
+
 to the file `templates/custom/footer.tmpl`

 You also need to download the content of the library [Madeleine.js](https://jinjunho.github.io/Madeleine.js/) and place it under `custom/public/` folder.

 You should end-up with a folder structucture similar to:
+
 ```
 custom/templates
 -- custom
@@ -263,7 +292,7 @@ To add a custom license, add a file with the license text to `custom/options/lic

 Locales are managed via our [crowdin](https://crowdin.com/project/gitea).  
 You can override a locale by placing an altered locale file in `custom/options/locale`.  
-Gitea's default locale files can be found in  the [`options/locale`](https://github.com/go-gitea/gitea/tree/master/options/locale) source folder and these should be used as examples for your changes.  
+Gitea's default locale files can be found in the [`options/locale`](https://github.com/go-gitea/gitea/tree/master/options/locale) source folder and these should be used as examples for your changes.

 To add a completely new locale, as well as placing the file in the above location, you will need to add the new lang and name to the `[i18n]` section in your `app.ini`. Keep in mind that Gitea will use those settings as **overrides**, so if you want to keep the other languages as well you will need to copy/paste the default values and add your own to them.

@@ -285,13 +314,27 @@ currently there are `{Name}` (name of repository), `{Description}`, `{CloneURL.S
 ### Reactions

 To change reaction emoji's you can set allowed reactions at app.ini
+
 ```
 [ui]
 REACTIONS = +1, -1, laugh, confused, heart, hooray, eyes
 ```
+
 A full list of supported emoji's is at [emoji list](https://gitea.com/gitea/gitea.com/issues/8)

 ## Customizing the look of Gitea

 As of version 1.6.0 Gitea has built-in themes. The two built-in themes are, the default theme `gitea`, and a dark theme `arc-green`. To change the look of your Gitea install change the value of `DEFAULT_THEME` in the [ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui) section of `app.ini` to another one of the available options.  
 As of version 1.8.0 Gitea also has per-user themes. The list of themes a user can choose from can be configured with the `THEMES` value in the [ui](https://docs.gitea.io/en-us/config-cheat-sheet/#ui-ui) section of `app.ini` (defaults to `gitea` and `arc-green`, light and dark respectively)
+
+## Customizing fonts
+
+Fonts can be customized using CSS variables:
+
+```css
+:root {
+  --fonts-proportional: /* custom proportional fonts */ !important;
+  --fonts-monospace: /* custom monospace fonts */ !important;
+  --fonts-emoji: /* custom emoji fonts */ !important;
+}
+```
--- a/docs/content/doc/advanced/environment-variables.en-us.md
+++ b/docs/content/doc/advanced/environment-variables.en-us.md
@@ -0,0 +1,72 @@
+---
+date: "2017-04-08T11:34:00+02:00"
+title: "Environment variables"
+slug: "environment-variables"
+weight: 20
+toc: false
+draft: false
+menu:
+  sidebar:
+    parent: "advanced"
+    name: "Environment variables"
+    weight: 20
+    identifier: "environment-variables"
+---
+
+# Environment variables
+
+**Table of Contents**
+
+{{< toc >}}
+
+This is an inventory of Gitea environment variables. They change Gitea behaviour.
+
+Initialize them before Gitea command to be effective, for example:
+
+```sh
+GITEA_CUSTOM=/home/gitea/custom ./gitea web
+```
+
+## From Go language
+
+As Gitea is written in Go, it uses some Go variables, such as:
+
+- `GOOS`
+- `GOARCH`
+- [`GOPATH`](https://golang.org/cmd/go/#hdr-GOPATH_environment_variable)
+
+For documentation about each of the variables available, refer to the
+[official Go documentation](https://golang.org/cmd/go/#hdr-Environment_variables).
+
+## Gitea files
+
+- `GITEA_WORK_DIR`: Absolute path of working directory.
+- `GITEA_CUSTOM`: Gitea uses `GITEA_WORK_DIR`/custom folder by default. Use this variable
+  to change _custom_ directory.
+- `GOGS_WORK_DIR`: Deprecated, use `GITEA_WORK_DIR`
+- `GOGS_CUSTOM`: Deprecated, use `GITEA_CUSTOM`
+
+## Operating system specifics
+
+- `USER`: System user that Gitea will run as. Used for some repository access strings.
+- `USERNAME`: if no `USER` found, Gitea will use `USERNAME`
+- `HOME`: User home directory path. The `USERPROFILE` environment variable is used in Windows.
+
+### Only on Windows
+
+- `USERPROFILE`: User home directory path. If empty, uses `HOMEDRIVE` + `HOMEPATH`
+- `HOMEDRIVE`: Main drive path used to access the home directory (C:)
+- `HOMEPATH`: Home relative path in the given home drive path
+
+## Macaron (framework used by Gitea)
+
+- `HOST`: Host Macaron will listen on
+- `PORT`: Port Macaron will listen on
+- `MACARON_ENV`: global variable to provide special functionality for development environments
+  vs. production environments. If MACARON_ENV is set to "" or "development", then templates will
+  be recompiled on every request. For more performance, set the MACARON_ENV environment variable
+  to "production".
+
+## Miscellaneous
+
+- `SKIP_MINWINSVC`: If set to 1, do not run as a service on Windows.
--- a/docs/content/doc/advanced/environment-variables.zh-cn.md
+++ b/docs/content/doc/advanced/environment-variables.zh-cn.md
@@ -1,7 +1,7 @@
 ---
 date: "2017-04-08T11:34:00+02:00"
 title: "环境变量清单"
-slug: "specific-variables"
+slug: "environment-variables"
 weight: 20
 toc: false
 draft: false
@@ -10,7 +10,7 @@ menu:
    parent: "advanced"
    name: "环境变量清单"
    weight: 20
-    identifier: "specific-variables"
+    identifier: "environment-variables"
 ---

 # 环境变量清单
--- a/docs/content/doc/advanced/external-renderers.en-us.md
+++ b/docs/content/doc/advanced/external-renderers.en-us.md
@@ -3,7 +3,7 @@ date: "2018-11-23:00:00+02:00"
 title: "External renderers"
 slug: "external-renderers"
 weight: 40
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,33 +15,37 @@ menu:

 # Custom files rendering configuration

-Gitea supports custom file renderings (i.e., Jupyter notebooks, asciidoc, etc.) through external binaries, 
+**Table of Contents**
+
+{{< toc >}}
+
+Gitea supports custom file renderings (i.e., Jupyter notebooks, asciidoc, etc.) through external binaries,
 it is just a matter of:

-* installing external binaries
-* add some configuration to your `app.ini` file
-* restart your Gitea instance
+- installing external binaries
+- add some configuration to your `app.ini` file
+- restart your Gitea instance

 This supports rendering of whole files. If you want to render code blocks in markdown you would need to do something with javascript. See some examples on the [Customizing Gitea](../customizing-gitea) page.

 ## Installing external binaries

-In order to get file rendering through external binaries, their associated packages must be installed. 
+In order to get file rendering through external binaries, their associated packages must be installed.
 If you're using a Docker image, your `Dockerfile` should contain something along this lines:

-```
+```docker
 FROM gitea/gitea:{{< version >}}
 [...]

 COPY custom/app.ini /data/gitea/conf/app.ini
 [...]

-RUN apk --no-cache add asciidoctor freetype freetype-dev gcc g++ libpng libffi-dev python-dev py-pip python3-dev py3-pip py3-pyzmq
+RUN apk --no-cache add asciidoctor freetype freetype-dev gcc g++ libpng libffi-dev py-pip python3-dev py3-pip py3-pyzmq
 # install any other package you need for your external renderers

 RUN pip3 install --upgrade pip
 RUN pip3 install -U setuptools
-RUN pip3 install jupyter docutils 
+RUN pip3 install jupyter docutils
 # add above any other python package you may need to install
 ```

@@ -49,7 +53,7 @@ RUN pip3 install jupyter docutils

 add one `[markup.XXXXX]` section per external renderer on your custom `app.ini`:

-```
+```ini
 [markup.asciidoc]
 ENABLED = true
 FILE_EXTENSIONS = .adoc,.asciidoc
--- a/docs/content/doc/advanced/logging-documentation.en-us.md
+++ b/docs/content/doc/advanced/logging-documentation.en-us.md
@@ -3,7 +3,7 @@ date: "2019-04-02T17:06:00+01:00"
 title: "Advanced: Logging Configuration"
 slug: "logging-configuration"
 weight: 55
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -17,16 +17,20 @@ menu:

 The logging framework has been revamped in Gitea 1.9.0.

+**Table of Contents**
+
+{{< toc >}}
+
 ## Log Groups

 The fundamental thing to be aware of in Gitea is that there are several
 log groups:

-* The "Default" logger
-* The Macaron logger
-* The Router logger
-* The Access logger
-* The XORM logger
+- The "Default" logger
+- The Macaron logger
+- The Router logger
+- The Access logger
+- The XORM logger

 There is also the go log logger.

@@ -49,15 +53,15 @@ You can configure the outputs of this logger by setting the `MODE`
 value in the `[log]` section of the configuration.

 Each output sublogger is configured in a separate `[log.sublogger.default]`
-which inherits from the sublogger `[log.sublogger]` section and from the 
+which inherits from the sublogger `[log.sublogger]` section and from the
 generic `[log]` section, but there are certain default values. These will
 not be inherited from the `[log]` section:

-* `FLAGS` is `stdflags` (Equal to
-`date,time,medfile,shortfuncname,levelinitial`)
-* `FILE_NAME` will default to `%(ROOT_PATH)/gitea.log`
-* `EXPRESSION` will default to `""`
-* `PREFIX` will default to `""`
+- `FLAGS` is `stdflags` (Equal to
+  `date,time,medfile,shortfuncname,levelinitial`)
+- `FILE_NAME` will default to `%(ROOT_PATH)/gitea.log`
+- `EXPRESSION` will default to `""`
+- `PREFIX` will default to `""`

 The provider type of the sublogger can be set using the `MODE` value in
 its subsection, but will default to the name. This allows you to have
@@ -80,11 +84,11 @@ Each output sublogger for this logger is configured in
 which will not be inherited from the `[log]` or relevant
 `[log.sublogger]` sections:

-* `FLAGS` is `stdflags` (Equal to
-`date,time,medfile,shortfuncname,levelinitial`)
-* `FILE_NAME` will default to `%(ROOT_PATH)/macaron.log`
-* `EXPRESSION` will default to `""`
-* `PREFIX` will default to `""`
+- `FLAGS` is `stdflags` (Equal to
+  `date,time,medfile,shortfuncname,levelinitial`)
+- `FILE_NAME` will default to `%(ROOT_PATH)/macaron.log`
+- `EXPRESSION` will default to `""`
+- `PREFIX` will default to `""`

 NB: You can redirect the macaron logger to send its events to the gitea
 log using the value: `MACARON = ,`
@@ -111,10 +115,10 @@ Each output sublogger for this logger is configured in
 which will not be inherited from the `[log]` or relevant
 `[log.sublogger]` sections:

-* `FILE_NAME` will default to `%(ROOT_PATH)/router.log`
-* `FLAGS` defaults to `date,time`
-* `EXPRESSION` will default to `""`
-* `PREFIX` will default to `""`
+- `FILE_NAME` will default to `%(ROOT_PATH)/router.log`
+- `FLAGS` defaults to `date,time`
+- `EXPRESSION` will default to `""`
+- `PREFIX` will default to `""`

 NB: You can redirect the router logger to send its events to the Gitea
 log using the value: `ROUTER = ,`
@@ -136,10 +140,10 @@ Each output sublogger for this logger is configured in
 which will not be inherited from the `[log]` or relevant
 `[log.sublogger]` sections:

-* `FILE_NAME` will default to `%(ROOT_PATH)/access.log`
-* `FLAGS` defaults to `` or None
-* `EXPRESSION` will default to `""`
-* `PREFIX` will default to `""`
+- `FILE_NAME` will default to `%(ROOT_PATH)/access.log`
+- `FLAGS` defaults to `` or None
+- `EXPRESSION` will default to `""`
+- `PREFIX` will default to `""`

 If desired the format of the Access logger can be changed by changing
 the value of the `ACCESS_LOG_TEMPLATE`.
@@ -158,11 +162,11 @@ This value represent a go template. It's default value is:

 The template is passed following options:

-* `Ctx` is the `macaron.Context`
-* `Identity` is the `SignedUserName` or `"-"` if the user is not logged
-in
-* `Start` is the start time of the request
-* `ResponseWriter` is the `macaron.ResponseWriter`
+- `Ctx` is the `macaron.Context`
+- `Identity` is the `SignedUserName` or `"-"` if the user is not logged
+  in
+- `Start` is the start time of the request
+- `ResponseWriter` is the `macaron.ResponseWriter`

 Caution must be taken when changing this template as it runs outside of
 the standard panic recovery trap. The template should also be as simple
@@ -185,31 +189,31 @@ Each output sublogger for this logger is configured in
 which will not be inherited from the `[log]` or relevant
 `[log.sublogger]` sections:

-* `FILE_NAME` will default to `%(ROOT_PATH)/xorm.log`
-* `FLAGS` defaults to `date,time`
-* `EXPRESSION` will default to `""`
-* `PREFIX` will default to `""`
+- `FILE_NAME` will default to `%(ROOT_PATH)/xorm.log`
+- `FLAGS` defaults to `date,time`
+- `EXPRESSION` will default to `""`
+- `PREFIX` will default to `""`

 ## Log outputs

 Gitea provides 4 possible log outputs:

-* `console` - Log to `os.Stdout` or `os.Stderr`
-* `file` - Log to a file
-* `conn` - Log to a keep-alive TCP connection
-* `smtp` - Log via email
+- `console` - Log to `os.Stdout` or `os.Stderr`
+- `file` - Log to a file
+- `conn` - Log to a keep-alive TCP connection
+- `smtp` - Log via email

 Certain configuration is common to all modes of log output:

-* `LEVEL` is the lowest level that this output will log. This value
-is inherited from `[log]` and in the case of the non-default loggers
-from `[log.sublogger]`.
-* `STACKTRACE_LEVEL` is the lowest level that this output will print
-a stacktrace. This value is inherited.
-* `MODE` is the mode of the log output. It will default to the sublogger
-name. Thus `[log.console.macaron]` will default to `MODE = console`.
-* `COLORIZE` will default to `true` for `console` as
-described, otherwise it will default to `false`.
+- `LEVEL` is the lowest level that this output will log. This value
+  is inherited from `[log]` and in the case of the non-default loggers
+  from `[log.sublogger]`.
+- `STACKTRACE_LEVEL` is the lowest level that this output will print
+  a stacktrace. This value is inherited.
+- `MODE` is the mode of the log output. It will default to the sublogger
+  name. Thus `[log.console.macaron]` will default to `MODE = console`.
+- `COLORIZE` will default to `true` for `console` as
+  described, otherwise it will default to `false`.

 ### Non-inherited default values

@@ -231,23 +235,23 @@ printed before each message. It is a comma-separated string set. The order of va

 Possible values are:

-* `none` or `,` - No flags.
-* `date` - the date in the local time zone: `2009/01/23`.
-* `time` - the time in the local time zone: `01:23:23`.
-* `microseconds` - microsecond resolution: `01:23:23.123123`. Assumes
-time.
-* `longfile` - full file name and line number: `/a/b/c/d.go:23`.
-* `shortfile` - final file name element and line number: `d.go:23`.
-* `funcname` - function name of the caller: `runtime.Caller()`.
-* `shortfuncname` - last part of the function name. Overrides
-`funcname`.
-* `utc` - if date or time is set, use UTC rather than the local time
-zone.
-* `levelinitial` - Initial character of the provided level in brackets eg. `[I]` for info.
-* `level` - Provided level in brackets `[INFO]`
-* `medfile` - Last 20 characters of the filename - equivalent to
-`shortfile,longfile`.
-* `stdflags` - Equivalent to `date,time,medfile,shortfuncname,levelinitial`
+- `none` or `,` - No flags.
+- `date` - the date in the local time zone: `2009/01/23`.
+- `time` - the time in the local time zone: `01:23:23`.
+- `microseconds` - microsecond resolution: `01:23:23.123123`. Assumes
+  time.
+- `longfile` - full file name and line number: `/a/b/c/d.go:23`.
+- `shortfile` - final file name element and line number: `d.go:23`.
+- `funcname` - function name of the caller: `runtime.Caller()`.
+- `shortfuncname` - last part of the function name. Overrides
+  `funcname`.
+- `utc` - if date or time is set, use UTC rather than the local time
+  zone.
+- `levelinitial` - Initial character of the provided level in brackets eg. `[I]` for info.
+- `level` - Provided level in brackets `[INFO]`
+- `medfile` - Last 20 characters of the filename - equivalent to
+  `shortfile,longfile`.
+- `stdflags` - Equivalent to `date,time,medfile,shortfuncname,levelinitial`

 ### Console mode

@@ -265,30 +269,30 @@ to the provided `ROOT_PATH` in the master `[log]` section.

 Other values:

-* `LOG_ROTATE`: **true**: Rotate the log files.
-* `MAX_SIZE_SHIFT`: **28**: Maximum size shift of a single file, 28 represents 256Mb.
-* `DAILY_ROTATE`: **true**: Rotate logs daily.
-* `MAX_DAYS`: **7**: Delete the log file after n days
-* `COMPRESS`: **true**: Compress old log files by default with gzip
-* `COMPRESSION_LEVEL`: **-1**: Compression level
+- `LOG_ROTATE`: **true**: Rotate the log files.
+- `MAX_SIZE_SHIFT`: **28**: Maximum size shift of a single file, 28 represents 256Mb.
+- `DAILY_ROTATE`: **true**: Rotate logs daily.
+- `MAX_DAYS`: **7**: Delete the log file after n days
+- `COMPRESS`: **true**: Compress old log files by default with gzip
+- `COMPRESSION_LEVEL`: **-1**: Compression level

 ### Conn mode

-* `RECONNECT_ON_MSG`: **false**: Reconnect host for every single message.
-* `RECONNECT`: **false**: Try to reconnect when connection is lost.
-* `PROTOCOL`: **tcp**: Set the protocol, either "tcp", "unix" or "udp".
-* `ADDR`: **:7020**: Sets the address to connect to.
+- `RECONNECT_ON_MSG`: **false**: Reconnect host for every single message.
+- `RECONNECT`: **false**: Try to reconnect when connection is lost.
+- `PROTOCOL`: **tcp**: Set the protocol, either "tcp", "unix" or "udp".
+- `ADDR`: **:7020**: Sets the address to connect to.

 ### SMTP mode

 It is not recommended to use this logger to send general logging
 messages. However, you could perhaps set this logger to work on `FATAL`.

-* `USER`: User email address to send from.
-* `PASSWD`: Password for the smtp server.
-* `HOST`: **127.0.0.1:25**: The SMTP host to connect to.
-* `RECEIVERS`: Email addresses to send to.
-* `SUBJECT`: **Diagnostic message from Gitea**
+- `USER`: User email address to send from.
+- `PASSWD`: Password for the smtp server.
+- `HOST`: **127.0.0.1:25**: The SMTP host to connect to.
+- `RECEIVERS`: Email addresses to send to.
+- `SUBJECT`: **Diagnostic message from Gitea**

 ## Debugging problems

@@ -361,7 +365,7 @@ If you are running on Unix you may wish to release-and-reopen logs in order to u
 It is possible force gitea to release and reopen it's logging files and connections by sending `SIGUSR1` to the
 running process, or running `gitea manager logging release-and-reopen`.

-Alternatively, you may wish to pause and resume logging - this can be accomplished through the use of the 
+Alternatively, you may wish to pause and resume logging - this can be accomplished through the use of the
 `gitea manager logging pause` and `gitea manager logging resume` commands. Please note that whilst logging
 is paused log events below INFO level will not be stored and only a limited number of events will be stored.
 Logging may block, albeit temporarily, slowing gitea considerably whilst paused - therefore it is
@@ -384,7 +388,7 @@ Windows. Terminal sniffing will occur on Windows and if it is
 determined that we are running on a terminal capable of color we will
 colorize.

-Further, on *nix it is becoming common to have file logs that are
+Further, on \*nix it is becoming common to have file logs that are
 colored by default. Therefore file logs will be colorised by default
 when not running on Windows.

@@ -402,14 +406,14 @@ string of bytes which should represent a color and second set of reset
 bytes. Pointers were chosen to prevent copying of large numbers of
 values. There are several helper methods:

-* `log.NewColoredValue` takes a value and 0 or more color attributes
-that represent the color. If 0 are provided it will default to a cached
-bold. Note, it is recommended that color bytes constructed from
-attributes should be cached if this is a commonly used log message.
-* `log.NewColoredValuePointer` takes a pointer to a value, and
-0 or more color attributes that represent the color.
-* `log.NewColoredValueBytes` takes a value and a pointer to an array
-of bytes representing the color.
+- `log.NewColoredValue` takes a value and 0 or more color attributes
+  that represent the color. If 0 are provided it will default to a cached
+  bold. Note, it is recommended that color bytes constructed from
+  attributes should be cached if this is a commonly used log message.
+- `log.NewColoredValuePointer` takes a pointer to a value, and
+  0 or more color attributes that represent the color.
+- `log.NewColoredValueBytes` takes a value and a pointer to an array
+  of bytes representing the color.

 These functions will not double wrap a `log.ColoredValue`. They will
 also set the `resetBytes` to the cached `resetBytes`.
@@ -465,9 +469,9 @@ You should then add `newOneLogService` to `NewServices()` in

 Gitea includes built-in log rotation, which should be enough for most deployments. However, if you instead want to use the `logrotate` utility:

-  Disable built-in log rotation by setting `LOG_ROTATE` to `false` in your `app.ini`.
-  Install `logrotate`.
-  Configure `logrotate` to match your deployment requirements, see `man 8 logrotate` for configuration syntax details. In the `postrotate/endscript` block send Gitea a `USR1` signal via `kill -USR1` or `kill -10`,  or run `gitea manager logging release-and-reopen` (with the appropriate environment).  Ensure that your configurations apply to all files emitted by Gitea loggers as described in the above sections.
-  Always do `logrotate /etc/logrotate.conf --debug` to test your configurations.
+- Disable built-in log rotation by setting `LOG_ROTATE` to `false` in your `app.ini`.
+- Install `logrotate`.
+- Configure `logrotate` to match your deployment requirements, see `man 8 logrotate` for configuration syntax details. In the `postrotate/endscript` block send Gitea a `USR1` signal via `kill -USR1` or `kill -10`, or run `gitea manager logging release-and-reopen` (with the appropriate environment). Ensure that your configurations apply to all files emitted by Gitea loggers as described in the above sections.
+- Always do `logrotate /etc/logrotate.conf --debug` to test your configurations.

 The next `logrotate` jobs will include your configurations, so no restart is needed. You can also immediately reload `logrotate` with `logrotate /etc/logrotate.conf --force`.
--- a/docs/content/doc/advanced/mail-templates-us.md
+++ b/docs/content/doc/advanced/mail-templates-us.md
@@ -3,7 +3,7 @@ date: "2019-10-23T17:00:00-03:00"
 title: "Mail templates"
 slug: "mail-templates"
 weight: 45
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,6 +15,10 @@ menu:

 # Mail templates

+**Table of Contents**
+
+{{< toc >}}
+
 To craft the e-mail subject and contents for certain operations, Gitea can be customized by using templates. The templates
 for these functions are located under the [`custom` directory](https://docs.gitea.io/en-us/customizing-gitea/).
 Gitea has an internal template that serves as default in case there's no custom alternative.
@@ -25,29 +29,30 @@ Custom templates are loaded when Gitea starts. Changes made to them are not reco

 Currently, the following notification events make use of templates:

-| Action name   | Usage                                                                                                        |
-|---------------|--------------------------------------------------------------------------------------------------------------|
-| `new`         | A new issue or pull request was created.                                                                     |
-| `comment`     | A new comment was created in an existing issue or pull request.                                              |
-| `close`       | An issue or pull request was closed.                                                                         |
-| `reopen`      | An issue or pull request was reopened.                                                                       |
-| `review`      | The head comment of a review in a pull request.                                                              |
-| `approve`     | The head comment of a approving review for a pull request.                                                   |
-| `reject`      | The head comment of a review requesting changes for a pull request.                                          |
-| `code`        | A single comment on the code of a pull request.                                                              |
-| `assigned`    | Used was assigned to an issue or pull request.                                                               |
-| `default`     | Any action not included in the above categories, or when the corresponding category template is not present. |
+| Action name | Usage                                                                                                        |
+| ----------- | ------------------------------------------------------------------------------------------------------------ |
+| `new`       | A new issue or pull request was created.                                                                     |
+| `comment`   | A new comment was created in an existing issue or pull request.                                              |
+| `close`     | An issue or pull request was closed.                                                                         |
+| `reopen`    | An issue or pull request was reopened.                                                                       |
+| `review`    | The head comment of a review in a pull request.                                                              |
+| `approve`   | The head comment of a approving review for a pull request.                                                   |
+| `reject`    | The head comment of a review requesting changes for a pull request.                                          |
+| `code`      | A single comment on the code of a pull request.                                                              |
+| `assigned`  | Used was assigned to an issue or pull request.                                                               |
+| `default`   | Any action not included in the above categories, or when the corresponding category template is not present. |

 The path for the template of a particular message type is:

-```
+```sh
 custom/templates/mail/{action type}/{action name}.tmpl
 ```

 Where `{action type}` is one of `issue` or `pull` (for pull requests), and `{action name}` is one of the names listed above.

 For example, the specific template for a mail regarding a comment in a pull request is:
-```
+
+```sh
 custom/templates/mail/pull/comment.tmpl
 ```

@@ -55,10 +60,10 @@ However, creating templates for each and every action type/name combination is n
 A fallback system is used to choose the appropriate template for an event. The _first existing_
 template on this list is used:

-* The specific template for the desired **action type** and **action name**.
-* The template for action type `issue` and the desired **action name**.
-* The template for the desired **action type**, action name `default`.
-* The template for action type `issue`, action name `default`.
+- The specific template for the desired **action type** and **action name**.
+- The template for action type `issue` and the desired **action name**.
+- The template for the desired **action type**, action name `default`.
+- The template for action type `issue`, action name `default`.

 The only mandatory template is action type `issue`, action name `default`, which is already embedded in Gitea
 unless it's overridden by the user in the `custom` directory.
@@ -82,27 +87,26 @@ Text and macros for the mail body
 Specifying a _subject_ section is optional (and therefore also the dash line separator). When used, the separator between
 _subject_ and _mail body_ templates requires at least three dashes; no other characters are allowed in the separator line.

-
 _Subject_ and _mail body_ are parsed by [Golang's template engine](https://golang.org/pkg/text/template/) and
 are provided with a _metadata context_ assembled for each notification. The context contains the following elements:

-| Name               | Type             | Available     | Usage                                                                                                                                                |
-|--------------------|------------------|---------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
-| `.FallbackSubject` | string           | Always        | A default subject line. See Below.                                                                                                                   |
-| `.Subject`         | string           | Only in body  | The _subject_, once resolved.                                                                                                                        |
-| `.Body`            | string           | Always        | The message of the issue, pull request or comment, parsed from Markdown into HTML and sanitized. Do not confuse with the _mail body_.                |
-| `.Link`            | string           | Always        | The address of the originating issue, pull request or comment.                                                                                       |
-| `.Issue`           | models.Issue     | Always        | The issue (or pull request) originating the notification. To get data specific to a pull request (e.g. `HasMerged`), `.Issue.PullRequest` can be used, but care should be taken as this field will be `nil` if the issue is *not* a pull request. |
-| `.Comment`         | models.Comment   | If applicable | If the notification is from a comment added to an issue or pull request, this will contain the information about the comment.                        |
-| `.IsPull`          | bool             | Always        | `true` if the mail notification is associated with a pull request (i.e. `.Issue.PullRequest` is not `nil`).                                          |
-| `.Repo`            | string           | Always        | Name of the repository, including owner name (e.g. `mike/stuff`)                                                                                     |
-| `.User`            | models.User      | Always        | Owner of the repository from which the event originated. To get the user name (e.g. `mike`),`.User.Name` can be used.                                |
-| `.Doer`            | models.User      | Always        | User that executed the action triggering the notification event. To get the user name (e.g. `rhonda`), `.Doer.Name` can be used.                     |
-| `.IsMention`       | bool             | Always        | `true` if this notification was only generated because the user was mentioned in the comment, while not being subscribed to the source. It will be `false` if the recipient was subscribed to the issue or repository. |
-| `.SubjectPrefix`   | string           | Always        | `Re: ` if the notification is about other than issue or pull request creation; otherwise an empty string.                                            |
-| `.ActionType`      | string           | Always        | `"issue"` or `"pull"`. Will correspond to the actual _action type_ independently of which template was selected.                                     |
-| `.ActionName`      | string           | Always        | It will be one of the action types described above (`new`, `comment`, etc.), and will correspond to the actual _action name_ independently of which template was selected. |
-| `.ReviewComments`  | []models.Comment | Always        | List of code comments in a review. The comment text will be in `.RenderedContent` and the referenced code will be in `.Patch`.                       |
+| Name               | Type             | Available     | Usage                                                                                                                                                                                                                                             |
+| ------------------ | ---------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `.FallbackSubject` | string           | Always        | A default subject line. See Below.                                                                                                                                                                                                                |
+| `.Subject`         | string           | Only in body  | The _subject_, once resolved.                                                                                                                                                                                                                     |
+| `.Body`            | string           | Always        | The message of the issue, pull request or comment, parsed from Markdown into HTML and sanitized. Do not confuse with the _mail body_.                                                                                                             |
+| `.Link`            | string           | Always        | The address of the originating issue, pull request or comment.                                                                                                                                                                                    |
+| `.Issue`           | models.Issue     | Always        | The issue (or pull request) originating the notification. To get data specific to a pull request (e.g. `HasMerged`), `.Issue.PullRequest` can be used, but care should be taken as this field will be `nil` if the issue is _not_ a pull request. |
+| `.Comment`         | models.Comment   | If applicable | If the notification is from a comment added to an issue or pull request, this will contain the information about the comment.                                                                                                                     |
+| `.IsPull`          | bool             | Always        | `true` if the mail notification is associated with a pull request (i.e. `.Issue.PullRequest` is not `nil`).                                                                                                                                       |
+| `.Repo`            | string           | Always        | Name of the repository, including owner name (e.g. `mike/stuff`)                                                                                                                                                                                  |
+| `.User`            | models.User      | Always        | Owner of the repository from which the event originated. To get the user name (e.g. `mike`),`.User.Name` can be used.                                                                                                                             |
+| `.Doer`            | models.User      | Always        | User that executed the action triggering the notification event. To get the user name (e.g. `rhonda`), `.Doer.Name` can be used.                                                                                                                  |
+| `.IsMention`       | bool             | Always        | `true` if this notification was only generated because the user was mentioned in the comment, while not being subscribed to the source. It will be `false` if the recipient was subscribed to the issue or repository.                            |
+| `.SubjectPrefix`   | string           | Always        | `Re: ` if the notification is about other than issue or pull request creation; otherwise an empty string.                                                                                                                                         |
+| `.ActionType`      | string           | Always        | `"issue"` or `"pull"`. Will correspond to the actual _action type_ independently of which template was selected.                                                                                                                                  |
+| `.ActionName`      | string           | Always        | It will be one of the action types described above (`new`, `comment`, etc.), and will correspond to the actual _action name_ independently of which template was selected.                                                                        |
+| `.ReviewComments`  | []models.Comment | Always        | List of code comments in a review. The comment text will be in `.RenderedContent` and the referenced code will be in `.Patch`.                                                                                                                    |

 All names are case sensitive.

@@ -113,19 +117,19 @@ Please refer to the linked documentation for details about its syntax.

 The _subject_ is built using the following steps:

-* A template is selected according to the type of notification and to what templates are present.
-* The template is parsed and resolved (e.g. `{{.Issue.Index}}` is converted to the number of the issue
+- A template is selected according to the type of notification and to what templates are present.
+- The template is parsed and resolved (e.g. `{{.Issue.Index}}` is converted to the number of the issue
  or pull request).
-* All space-like characters (e.g. `TAB`, `LF`, etc.) are converted to normal spaces.
-* All leading, trailing and redundant spaces are removed.
-* The string is truncated to its first 256 runes (characters).
+- All space-like characters (e.g. `TAB`, `LF`, etc.) are converted to normal spaces.
+- All leading, trailing and redundant spaces are removed.
+- The string is truncated to its first 256 runes (characters).

 If the end result is an empty string, **or** no subject template was available (i.e. the selected template
 did not include a subject part), Gitea's **internal default** will be used.

 The internal default (fallback) subject is the equivalent of:

-```
+```sh
 {{.SubjectPrefix}}[{{.Repo}}] {{.Issue.Title}} (#.Issue.Index)
 ```

@@ -169,7 +173,7 @@ Please check [Gitea's logs](https://docs.gitea.io/en-us/logging-configuration/)

 `custom/templates/mail/issue/default.tmpl`:

-```
+```html
 [{{.Repo}}] @{{.Doer.Name}}
 {{if eq .ActionName "new"}}
    created
@@ -235,21 +239,21 @@ Please check [Gitea's logs](https://docs.gitea.io/en-us/logging-configuration/)

 This template produces something along these lines:

-#### Subject
+### Subject

 > [mike/stuff] @rhonda commented on pull request #38: New color palette

-#### Mail body
+### Mail body

 > [@rhonda](#) (Rhonda Myers) updated [mike/stuff#38](#).
 >
 > #### Message content:
 >
-> \__________________________________________________________________
+> \_********************************\_********************************
 >
 > Mike, I think we should tone down the blues a little.  
-> \__________________________________________________________________
-> 
+> \_********************************\_********************************
+>
 > [View it on Gitea](#).

 ## Advanced
@@ -257,18 +261,18 @@ This template produces something along these lines:
 The template system contains several functions that can be used to further process and format
 the messages. Here's a list of some of them:

-| Name                 | Parameters  | Available | Usage                                                                        |
-|----------------------|-------------|-----------|------------------------------------------------------------------------------|
-| `AppUrl`             | -           | Any       | Gitea's URL                                                                  |
-| `AppName`            | -           | Any       | Set from `app.ini`, usually "Gitea"                                          |
-| `AppDomain`          | -           | Any       | Gitea's host name                                                            |
-| `EllipsisString`     | string, int | Any       | Truncates a string to the specified length; adds ellipsis as needed          |
-| `Str2html`           | string      | Body only | Sanitizes text by removing any HTML tags from it.                            |
-| `Safe`               | string      | Body only | Takes the input as HTML; can be used for `.ReviewComments.RenderedContent`.  |
+| Name             | Parameters  | Available | Usage                                                                       |
+| ---------------- | ----------- | --------- | --------------------------------------------------------------------------- |
+| `AppUrl`         | -           | Any       | Gitea's URL                                                                 |
+| `AppName`        | -           | Any       | Set from `app.ini`, usually "Gitea"                                         |
+| `AppDomain`      | -           | Any       | Gitea's host name                                                           |
+| `EllipsisString` | string, int | Any       | Truncates a string to the specified length; adds ellipsis as needed         |
+| `Str2html`       | string      | Body only | Sanitizes text by removing any HTML tags from it.                           |
+| `Safe`           | string      | Body only | Takes the input as HTML; can be used for `.ReviewComments.RenderedContent`. |

 These are _functions_, not metadata, so they have to be used:

-```
+```html
 Like this:         {{Str2html "Escape<my>text"}}
 Or this:           {{"Escape<my>text" | Str2html}}
 Or this:           {{AppUrl}}
--- a/docs/content/doc/advanced/make.en-us.md
+++ b/docs/content/doc/advanced/make.en-us.md
@@ -1,46 +0,0 @@
---
-date: "2017-01-14T11:00:00-02:00"
-title: "Make"
-slug: "make"
-weight: 10
-toc: true
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "Make"
-    weight: 30
-    identifier: "make"
---
-
-# Make
-
-Gitea makes heavy use of Make to automate tasks and improve development. This
-guide covers how to install Make.
-
-### On Linux
-
-Install with the package manager.
-
-On Ubuntu/Debian:
-
-```bash
-sudo apt-get install make
-```
-
-On Fedora/RHEL/CentOS:
-
-```bash
-sudo yum install make
-```
-
-### On Windows
-
-One of these three distributions of Make will run on Windows:
-
- [Single binary build](http://www.equation.com/servlet/equation.cmd?fa=make). Copy somewhere and add to `PATH`.
-  - [32-bits version](ftp://ftp.equation.com/make/32/make.exe)
-  - [64-bits version](ftp://ftp.equation.com/make/64/make.exe)
- [MinGW](http://www.mingw.org/) includes a build.
-  - The binary is called `mingw32-make.exe` instead of `make.exe`. Add the `bin` folder to `PATH`.
- [Chocolatey package](https://chocolatey.org/packages/make). Run `choco install make`
--- a/docs/content/doc/advanced/make.fr-fr.md
+++ b/docs/content/doc/advanced/make.fr-fr.md
@@ -3,7 +3,7 @@ date: "2017-08-23T09:00:00+02:00"
 title: "Make"
 slug: "make"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -19,7 +19,7 @@ Gitea fait largement usage de Make pour automatiser les tâches et avoir un dév

 ### Linux

-Vous pouvez installer Make avec votre gestionnaire de paquetages 
+Vous pouvez installer Make avec votre gestionnaire de paquetages

 Depuis Ubuntu/Debian:

--- a/docs/content/doc/advanced/make.zh-cn.md
+++ b/docs/content/doc/advanced/make.zh-cn.md
@@ -3,7 +3,7 @@ date: "2017-01-14T11:00:00-02:00"
 title: "Make 安装"
 slug: "make"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/advanced/migrations.en-us.md
+++ b/docs/content/doc/advanced/migrations.en-us.md
@@ -1,81 +0,0 @@
---
-date: "2019-04-15T17:29:00+08:00"
-title: "Advanced: Migrations Interfaces"
-slug: "migrations-interfaces"
-weight: 30
-toc: true
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "Migrations Interfaces"
-    weight: 55
-    identifier: "migrations-interfaces"
---
-
-# Migration Features
-
-The new migration features were introduced in Gitea 1.9.0. It defines two interfaces to support migrating
-repositories data from other git host platforms to gitea or, in the future migrating gitea data to other
-git host platforms. Currently, migrations from Github, Gitlab and Gitea to Gitea is implemented.
-
-First of all, Gitea defines some standard objects in packages `modules/migrations/base`. They are
- `Repository`, `Milestone`, `Release`, `ReleaseAsset`, `Label`, `Issue`, `Comment`, `PullRequest`, `Reaction`, `Review`, `ReviewComment`.
-
-## Downloader Interfaces
-
-To migrate from a new git host platform, there are two steps to be updated.
-
- You should implement a `Downloader` which will get all kinds of repository informations.
- You should implement a `DownloaderFactory` which is used to detect if the URL matches and
-create a Downloader.
- You'll need to register the `DownloaderFactory` via `RegisterDownloaderFactory` on init.
-
-```Go
-type Downloader interface {
-	GetAsset(relTag string, relID, id int64) (io.ReadCloser, error)
-	SetContext(context.Context)
-	GetRepoInfo() (*Repository, error)
-	GetTopics() ([]string, error)
-	GetMilestones() ([]*Milestone, error)
-	GetReleases() ([]*Release, error)
-	GetLabels() ([]*Label, error)
-	GetIssues(page, perPage int) ([]*Issue, bool, error)
-	GetComments(issueNumber int64) ([]*Comment, error)
-	GetPullRequests(page, perPage int) ([]*PullRequest, bool, error)
-	GetReviews(pullRequestNumber int64) ([]*Review, error)
-}
-```
-
-```Go
-type DownloaderFactory interface {
-	New(ctx context.Context, opts MigrateOptions) (Downloader, error)
-	GitServiceType() structs.GitServiceType
-}
-```
-
-## Uploader Interface
-
-Currently, only a `GiteaLocalUploader` is implemented, so we only save downloaded
-data via this `Uploader` on the local Gitea instance. Other uploaders are not supported
-and will be implemented in future.
-
-```Go
-// Uploader uploads all the informations
-type Uploader interface {
-	MaxBatchInsertSize(tp string) int
-	CreateRepo(repo *Repository, opts MigrateOptions) error
-	CreateTopics(topic ...string) error
-	CreateMilestones(milestones ...*Milestone) error
-	CreateReleases(downloader Downloader, releases ...*Release) error
-	SyncTags() error
-	CreateLabels(labels ...*Label) error
-	CreateIssues(issues ...*Issue) error
-	CreateComments(comments ...*Comment) error
-	CreatePullRequests(prs ...*PullRequest) error
-	CreateReviews(reviews ...*Review) error
-	Rollback() error
-	Close()
-}
-
-```
--- a/docs/content/doc/advanced/oauth2-provider.md
+++ b/docs/content/doc/advanced/oauth2-provider.md
@@ -1,92 +0,0 @@
---
-date: "2019-04-19:44:00+01:00"
-title: "OAuth2 provider"
-slug: "oauth2-provider"
-weight: 41
-toc: true
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "OAuth2 Provider"
-    weight: 41
-    identifier: "oauth2-provider"
---
-
-
-# OAuth2 provider
-
-Gitea supports acting as an OAuth2 provider to allow third party applications to access its resources with the user's consent. This feature is available since release 1.8.0.
-
-## Endpoints
-
-
-Endpoint               | URL
-----------------------|----------------------------
-Authorization Endpoint | `/login/oauth/authorize`
-Access Token Endpoint  | `/login/oauth/access_token`
-
-
-## Supported OAuth2 Grants
-
-At the moment Gitea only supports the [**Authorization Code Grant**](https://tools.ietf.org/html/rfc6749#section-1.3.1) standard with additional support of the [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636) extension.
- 
-
-To use the Authorization Code Grant as a third party application it is required to register a new application via the "Settings" (`/user/settings/applications`) section of the settings.
-
-## Scopes
-
-Currently Gitea does not support scopes (see [#4300](https://github.com/go-gitea/gitea/issues/4300)) and all third party applications will be granted access to all resources of the user and his/her organizations.
-
-## Example
-
-**Note:** This example does not use PKCE.
-
-1. Redirect to user to the authorization endpoint in order to get his/her consent for accessing the resources:
-
-```curl
-https://[YOUR-GITEA-URL]/login/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI& response_type=code&state=STATE
-``` 
-
-The `CLIENT_ID` can be obtained by registering an application in the settings. The `STATE` is a random string that will be send back to your application after the user authorizes. The `state` parameter is optional but should be used to prevent CSRF attacks.
-
-
-![Authorization Page](/authorize.png)
-
-The user will now be asked to authorize your application. If they authorize it, the user will be redirected to the `REDIRECT_URL`, for example:
-
-```curl
-https://[REDIRECT_URI]?code=RETURNED_CODE&state=STATE
-```
-
-2. Using the provided `code` from the redirect, you can request a new application and refresh token. The access token endpoints accepts POST requests with  `application/json` and `application/x-www-form-urlencoded` body, for example:
-
-```curl
-POST https://[YOUR-GITEA-URL]/login/oauth/access_token
-```
-
-```json
-{
-	"client_id": "YOUR_CLIENT_ID",
-	"client_secret": "YOUR_CLIENT_SECRET",
-	"code": "RETURNED_CODE",
-	"grant_type": "authorization_code",
-	"redirect_uri": "REDIRECT_URI"
-}
-```
-
-Response:
-```json
-{  
-"access_token":"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjowLCJleHAiOjE1NTUxNzk5MTIsImlhdCI6MTU1NTE3NjMxMn0.0-iFsAwBtxuckA0sNZ6QpBQmywVPz129u75vOM7wPJecw5wqGyBkmstfJHAjEOqrAf_V5Z-1QYeCh_Cz4RiKug",  
-"token_type":"bearer",  
-"expires_in":3600,  
-"refresh_token":"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjoxLCJjbnQiOjEsImV4cCI6MTU1NzgwNDMxMiwiaWF0IjoxNTU1MTc2MzEyfQ.S_HZQBy4q9r5SEzNGNIoFClT43HPNDbUdHH-GYNYYdkRfft6XptJBkUQscZsGxOW975Yk6RbgtGvq1nkEcklOw"  
-}
-```
-
-The `CLIENT_SECRET` is the unique secret code generated for this application. Please note that the secret will only be visible after you created/registered the application with Gitea and cannot be recovered. If you lose the secret you must regenerate the secret via the application's settings.
-
-The `REDIRECT_URI` in the `access_token` request must match the `REDIRECT_URI` in the `authorize` request.
-
-3. Use the  `access_token` to make [API requests](https://docs.gitea.io/en-us/api-usage#oauth2) to access the user's resources.
--- a/docs/content/doc/advanced/repo-indexer.en-us.md
+++ b/docs/content/doc/advanced/repo-indexer.en-us.md
@@ -3,7 +3,7 @@ date: "2019-09-06T01:35:00-03:00"
 title: "Repository indexer"
 slug: "repo-indexer"
 weight: 45
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,11 +15,15 @@ menu:

 # Repository indexer

+**Table of Contents**
+
+{{< toc >}}
+
 ## Setting up the repository indexer

 Gitea can search through the files of the repositories by enabling this function in your [`app.ini`](https://docs.gitea.io/en-us/config-cheat-sheet/):

-```
+```ini
 [indexer]
 ; ...
 REPO_INDEXER_ENABLED = true
@@ -49,12 +53,10 @@ Limiting the list of files prevents the indexes from becoming polluted with deri

 Pattern matching works as follows:

-* To match all files with a `.txt` extension no matter what directory, use `**.txt`.
-* To match all files with a `.txt` extension _only at the root level of the repository_, use `*.txt`.
-* To match all files inside `resources/bin` and below, use `resources/bin/**`.
-* To match all files _immediately inside_ `resources/bin`, use `resources/bin/*`.
-* To match all files named `Makefile`, use `**Makefile`.
-* Matching a directory has no effect; the pattern `resources/bin` will not include/exclude files inside that directory; `resources/bin/**` will.
-* All files and patterns are normalized to lower case, so `**Makefile`, `**makefile` and `**MAKEFILE` are equivalent.
-
-
+- To match all files with a `.txt` extension no matter what directory, use `**.txt`.
+- To match all files with a `.txt` extension _only at the root level of the repository_, use `*.txt`.
+- To match all files inside `resources/bin` and below, use `resources/bin/**`.
+- To match all files _immediately inside_ `resources/bin`, use `resources/bin/*`.
+- To match all files named `Makefile`, use `**Makefile`.
+- Matching a directory has no effect; the pattern `resources/bin` will not include/exclude files inside that directory; `resources/bin/**` will.
+- All files and patterns are normalized to lower case, so `**Makefile`, `**makefile` and `**MAKEFILE` are equivalent.
--- a/docs/content/doc/advanced/search-engines-indexation.en-us.md
+++ b/docs/content/doc/advanced/search-engines-indexation.en-us.md
@@ -3,7 +3,7 @@ date: "2019-12-31T13:55:00+05:00"
 title: "Advanced: Search Engines Indexation"
 slug: "search-engines-indexation"
 weight: 30
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/advanced/signing.en-us.md
+++ b/docs/content/doc/advanced/signing.en-us.md
@@ -15,6 +15,10 @@ menu:

 # GPG Commit Signatures

+**Table of Contents**
+
+{{< toc >}}
+
 Gitea will verify GPG commit signatures in the provided tree by
 checking if the commits are signed by a key within the gitea database,
 or if the commit matches the default key for git.
@@ -36,10 +40,10 @@ this requires git >= 2.0.0.

 There are a number of places where Gitea will generate commits itself:

-* Repository Initialisation
-* Wiki Changes
-* CRUD actions using the editor or the API
-* Merges from Pull Requests
+- Repository Initialisation
+- Wiki Changes
+- CRUD actions using the editor or the API
+- Merges from Pull Requests

 Depending on configuration and server trust you may want Gitea to
 sign these commits.
@@ -78,12 +82,12 @@ MERGES = pubkey, twofa, basesigned, commitssigned
 The first option to discuss is the `SIGNING_KEY`. There are three main
 options:

-* `none` - this prevents Gitea from signing any commits
-* `default` - Gitea will default to the key configured within
-`git config`
-* `KEYID` - Gitea will sign commits with the gpg key with the ID
-`KEYID`. In this case you should provide a `SIGNING_NAME` and
-`SIGNING_EMAIL` to be displayed for this key.
+- `none` - this prevents Gitea from signing any commits
+- `default` - Gitea will default to the key configured within
+  `git config`
+- `KEYID` - Gitea will sign commits with the gpg key with the ID
+  `KEYID`. In this case you should provide a `SIGNING_NAME` and
+  `SIGNING_EMAIL` to be displayed for this key.

 The `default` option will interrogate `git config` for
 `commit.gpgsign` option - if this is set, then it will use the results
@@ -99,10 +103,10 @@ ideal UI and therefore subject to change.
 This option determines whether Gitea should sign the initial commit
 when creating a repository. The possible values are:

-* `never`: Never sign
-* `pubkey`: Only sign if the user has a public key
-* `twofa`: Only sign if the user logs in with two factor authentication
-* `always`: Always sign
+- `never`: Never sign
+- `pubkey`: Only sign if the user has a public key
+- `twofa`: Only sign if the user logs in with two factor authentication
+- `always`: Always sign

 Options other than `never` and `always` can be combined as a comma
 separated list.
@@ -112,11 +116,11 @@ separated list.
 This options determines if Gitea should sign commits to the Wiki.
 The possible values are:

-* `never`: Never sign
-* `pubkey`: Only sign if the user has a public key
-* `twofa`: Only sign if the user logs in with two factor authentication
-* `parentsigned`: Only sign if the parent commit is signed.
-* `always`: Always sign
+- `never`: Never sign
+- `pubkey`: Only sign if the user has a public key
+- `twofa`: Only sign if the user logs in with two factor authentication
+- `parentsigned`: Only sign if the parent commit is signed.
+- `always`: Always sign

 Options other than `never` and `always` can be combined as a comma
 separated list.
@@ -126,11 +130,11 @@ separated list.
 This option determines if Gitea should sign commits from the web
 editor or API CRUD actions. The possible values are:

-* `never`: Never sign
-* `pubkey`: Only sign if the user has a public key
-* `twofa`: Only sign if the user logs in with two factor authentication
-* `parentsigned`: Only sign if the parent commit is signed.
-* `always`: Always sign
+- `never`: Never sign
+- `pubkey`: Only sign if the user has a public key
+- `twofa`: Only sign if the user logs in with two factor authentication
+- `parentsigned`: Only sign if the parent commit is signed.
+- `always`: Always sign

 Options other than `never` and `always` can be combined as a comma
 separated list.
@@ -140,14 +144,14 @@ separated list.
 This option determines if Gitea should sign merge commits from PRs.
 The possible options are:

-* `never`: Never sign
-* `pubkey`: Only sign if the user has a public key
-* `twofa`: Only sign if the user logs in with two factor authentication
-* `basesigned`: Only sign if the parent commit in the base repo is signed.
-* `headsigned`: Only sign if the head commit in the head branch is signed.
-* `commitssigned`: Only sign if all the commits in the head branch to the merge point are signed.
-* `approved`: Only sign approved merges to a protected branch.
-* `always`: Always sign
+- `never`: Never sign
+- `pubkey`: Only sign if the user has a public key
+- `twofa`: Only sign if the user logs in with two factor authentication
+- `basesigned`: Only sign if the parent commit in the base repo is signed.
+- `headsigned`: Only sign if the head commit in the head branch is signed.
+- `commitssigned`: Only sign if all the commits in the head branch to the merge point are signed.
+- `approved`: Only sign approved merges to a protected branch.
+- `always`: Always sign

 Options other than `never` and `always` can be combined as a comma
 separated list.
@@ -156,12 +160,12 @@ separated list.

 The public key used to sign Gitea's commits can be obtained from the API at:

-```
+```sh
 /api/v1/signing-key.gpg
 ```

 In cases where there is a repository specific key this can be obtained from:

-```
+```sh
 /api/v1/repos/:username/:reponame/signing-key.gpg
 ```
--- a/docs/content/doc/advanced/specific-variables.en-us.md
+++ b/docs/content/doc/advanced/specific-variables.en-us.md
@@ -1,68 +0,0 @@
---
-date: "2017-04-08T11:34:00+02:00"
-title: "Specific variables"
-slug: "specific-variables"
-weight: 20
-toc: false
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "Specific variables"
-    weight: 20
-    identifier: "specific-variables"
---
-
-# Specific variables
-
-This is an inventory of Gitea environment variables. They change Gitea behaviour.
-
-Initialize them before Gitea command to be effective, for example:
-
-```
-GITEA_CUSTOM=/home/gitea/custom ./gitea web
-```
-
-## From Go language
-
-As Gitea is written in Go, it uses some Go variables, such as:
-
-  * `GOOS`
-  * `GOARCH`
-  * [`GOPATH`](https://golang.org/cmd/go/#hdr-GOPATH_environment_variable)
-
-For documentation about each of the variables available, refer to the
-[official Go documentation](https://golang.org/cmd/go/#hdr-Environment_variables).
-
-## Gitea files
-
-  * `GITEA_WORK_DIR`: Absolute path of working directory.
-  * `GITEA_CUSTOM`: Gitea uses `GITEA_WORK_DIR`/custom folder by default. Use this variable
-     to change *custom* directory.
-  * `GOGS_WORK_DIR`: Deprecated, use `GITEA_WORK_DIR`
-  * `GOGS_CUSTOM`: Deprecated, use `GITEA_CUSTOM`
-
-## Operating system specifics
-
-  * `USER`: System user that Gitea will run as. Used for some repository access strings.
-  * `USERNAME`: if no `USER` found, Gitea will use `USERNAME`
-  * `HOME`: User home directory path. The `USERPROFILE` environment variable is used in Windows.
-
-### Only on Windows
-
-  * `USERPROFILE`: User home directory path. If empty, uses `HOMEDRIVE` + `HOMEPATH`
-  * `HOMEDRIVE`: Main drive path used to access the home directory (C:)
-  * `HOMEPATH`: Home relative path in the given home drive path
-
-## Macaron (framework used by Gitea)
-
-  * `HOST`: Host Macaron will listen on
-  * `PORT`: Port Macaron will listen on
-  * `MACARON_ENV`: global variable to provide special functionality for development environments
-     vs. production environments. If MACARON_ENV is set to "" or "development", then templates will
-     be recompiled on every request. For more performance, set the MACARON_ENV environment variable
-     to "production".
-
-## Miscellaneous
-
-  * `SKIP_MINWINSVC`: If set to 1, do not run as a service on Windows.
--- a/docs/content/doc/advanced/third-party-tools.en-us.md
+++ b/docs/content/doc/advanced/third-party-tools.en-us.md
@@ -1,43 +0,0 @@
---
-date: "2018-05-22T11:00:00+00:00"
-title: "Advanced: Third Party Tools"
-slug: "third-party-tools"
-weight: 50
-toc: true
-draft: false
-menu:
-  sidebar:
-    parent: "advanced"
-    name: "Third Party Tools"
-    weight: 50
-    identifier: "third-party-tools"
---
-
-# List of third-party tools
-**NOTE:** These tools are not endorsed by Gitea. They are listed here for convenience only.
-
-## Hey! This page may be out of date or even removed in the future! :scream:
-Instead, check out [awesome-gitea](https://gitea.com/gitea/awesome-gitea/src/branch/master/README.md)!
-
-### Continuous Integration
-
-Check our [CI/CD page]({{< relref "doc/advanced/ci-cd.en-us.md" >}})
-
-### Internationalization
- [Weblate](https://docs.weblate.org/en/latest/admin/continuous.html#gitea-setup)
-
-### Migrating
- [Installation script for Gitea](https://git.coolaj86.com/coolaj86/gitea-installer.sh)  
- [GitHub Migrator](https://gitea.com/gitea/migrator)
-
-
-### Mobile
- [GitNex for Android](https://codeberg.org/gitnex/GitNex)
- [GitTouch for Android and iOS](https://github.com/git-touch/git-touch)
-
-###  Editor Extensions
- [Gitea Extension for Visual Studio](https://github.com/maikebing/Gitea.VisualStudio)
-   - Download from [Visual Studio Marketplace](https://marketplace.visualstudio.com/items?itemName=MysticBoy.GiteaExtensionforVisualStudio)
-
-### Project Management
- [YouTrack by JetBrains](https://blog.jetbrains.com/youtrack/2019/12/whats-new-in-youtrack-2019-3/)
--- a/docs/content/doc/advanced/third-party-tools.zh-cn.md
+++ b/docs/content/doc/advanced/third-party-tools.zh-cn.md
@@ -3,7 +3,7 @@ date: "2019-03-11T21:45:00+00:00"
 title: "高级: 第三方工具"
 slug: "third-party-tools"
 weight: 50
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/developers.en-us.md
+++ b/docs/content/doc/developers.en-us.md
@@ -0,0 +1,13 @@
+---
+date: "2016-12-01T16:00:00+02:00"
+title: "Developers"
+slug: "developers"
+weight: 40
+toc: false
+draft: false
+menu:
+  sidebar:
+    name: "Developers"
+    weight: 50
+    identifier: "developers"
+---
--- a/docs/content/doc/developers/api-usage.en-us.md
+++ b/docs/content/doc/developers/api-usage.en-us.md
@@ -3,26 +3,30 @@ date: "2018-06-24:00:00+02:00"
 title: "API Usage"
 slug: "api-usage"
 weight: 40
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
-    parent: "advanced"
+    parent: "developers"
    name: "API Usage"
    weight: 40
    identifier: "api-usage"
 ---

-# Gitea API Usage
+# API Usage
+
+**Table of Contents**
+
+{{< toc >}}

 ## Enabling/configuring API access

 By default, `ENABLE_SWAGGER` is true, and
-`MAX_RESPONSE_ITEMS` is set to 50.  See [Config Cheat
+`MAX_RESPONSE_ITEMS` is set to 50. See [Config Cheat
 Sheet](https://docs.gitea.io/en-us/config-cheat-sheet/) for more
 information.

-## Authentication via the API
+## Authentication

 Gitea supports these methods of API authentication:

@@ -31,7 +35,7 @@ Gitea supports these methods of API authentication:
 - `access_token=...` parameter in URL query string
 - `Authorization: token ...` header in HTTP headers

-All of these methods accept the same API key token type.  You can
+All of these methods accept the same API key token type. You can
 better understand this by looking at the code -- as of this writing,
 Gitea parses queries and headers to find the token in
 [modules/auth/auth.go](https://github.com/go-gitea/gitea/blob/6efdcaed86565c91a3dc77631372a9cc45a58e89/modules/auth/auth.go#L47).
@@ -39,7 +43,7 @@ Gitea parses queries and headers to find the token in
 You can create an API key token via your Gitea installation's web interface:
 `Settings | Applications | Generate New Token`.

-### OAuth2
+## OAuth2 Provider

 Access tokens obtained from Gitea's [OAuth2 provider](https://docs.gitea.io/en-us/oauth2-provider) are accepted by these methods:

@@ -52,13 +56,13 @@ Access tokens obtained from Gitea's [OAuth2 provider](https://docs.gitea.io/en-u
 For historical reasons, Gitea needs the word `token` included before
 the API key token in an authorization header, like this:

-```
+```sh
 Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675
 ```

 In a `curl` command, for instance, this would look like:

-```
+```sh
 curl -X POST "http://localhost:4000/api/v1/repos/test1/test1/issues" \
    -H "accept: application/json" \
    -H "Authorization: token 65eaa9c8ef52460d22a93307fe0aee76289dc675" \
@@ -70,11 +74,10 @@ the `token=` string in a GET request.

 ## API Guide:

-API Reference guide is auto-generated by swagger and available on: 
-    `https://gitea.your.host/api/swagger`
-    or on 
-    [gitea demo instance](https://try.gitea.io/api/swagger)
-
+API Reference guide is auto-generated by swagger and available on:
+`https://gitea.your.host/api/swagger`
+or on
+[gitea demo instance](https://try.gitea.io/api/swagger)

 ## Listing your issued tokens via the API

@@ -85,17 +88,22 @@ using BasicAuth, as follows:

 ### Using basic authentication:

-```
+```sh
 $ curl --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
 [{"name":"test","sha1":"..."},{"name":"dev","sha1":"..."}]
 ```

 As of v1.8.0 of Gitea, if using basic authentication with the API and your user has two factor authentication enabled, you'll need to send an additional header that contains the one time password (6 digit rotating token). An example of the header is `X-Gitea-OTP: 123456` where `123456` is where you'd place the code from your authenticator. Here is how the request would look like in curl:

-```
+```sh
 $ curl -H "X-Gitea-OTP: 123456" --request GET --url https://yourusername:yourpassword@gitea.your.host/api/v1/users/yourusername/tokens
 ```

 ## Sudo

 The API allows admin users to sudo API requests as another user. Simply add either a `sudo=` parameter or `Sudo:` request header with the username of the user to sudo.
+
+## SDKs
+
+- [Official go-sdk](https://gitea.com/gitea/go-sdk)
+- [more](https://gitea.com/gitea/awesome-gitea#user-content-sdk)
--- a/docs/content/doc/developers/api-usage.zh-cn.md
+++ b/docs/content/doc/developers/api-usage.zh-cn.md
@@ -3,11 +3,11 @@ date: "2018-06-24:00:00+02:00"
 title: "API 使用指南"
 slug: "api-usage"
 weight: 40
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
-    parent: "advanced"
+    parent: "developers"
    name: "API 使用指南"
    weight: 40
    identifier: "api-usage"
--- a/docs/content/doc/developers/hacking-on-gitea.en-us.md
+++ b/docs/content/doc/developers/hacking-on-gitea.en-us.md
@@ -7,7 +7,7 @@ toc: false
 draft: false
 menu:
  sidebar:
-    parent: "advanced"
+    parent: "developers"
    name: "Hacking on Gitea"
    weight: 10
    identifier: "hacking-on-gitea"
@@ -15,6 +15,10 @@ menu:

 # Hacking on Gitea

+**Table of Contents**
+
+{{< toc >}}
+
 ## Installing go

 You should [install go](https://golang.org/doc/install) and set up your go
@@ -24,9 +28,6 @@ Next, [install Node.js with npm](https://nodejs.org/en/download/) which is
 required to build the JavaScript and CSS files. The minimum supported Node.js
 version is {{< min-node-version >}} and the latest LTS version is recommended.

-You will also need make.
-<a href='{{< relref "doc/advanced/make.en-us.md" >}}'>(See here how to get Make)</a>
-
 **Note**: When executing make tasks that require external tools, like
 `make misspell-check`, Gitea will automatically download and build these as
 necessary. To be able to use these you must have the `"$GOPATH"/bin` directory
@@ -40,6 +41,38 @@ the results of `gofmt` can differ by the version of `go`. It is therefore
 recommended to install the version of Go that our continuous integration is
 running. As of last update, it should be Go version {{< go-version >}}.

+## Installing Make
+
+Gitea makes heavy use of Make to automate tasks and improve development. This
+guide covers how to install Make.
+
+### On Linux
+
+Install with the package manager.
+
+On Ubuntu/Debian:
+
+```bash
+sudo apt-get install make
+```
+
+On Fedora/RHEL/CentOS:
+
+```bash
+sudo yum install make
+```
+
+### On Windows
+
+One of these three distributions of Make will run on Windows:
+
+- [Single binary build](http://www.equation.com/servlet/equation.cmd?fa=make). Copy somewhere and add to `PATH`.
+  - [32-bits version](ftp://ftp.equation.com/make/32/make.exe)
+  - [64-bits version](ftp://ftp.equation.com/make/64/make.exe)
+- [MinGW](http://www.mingw.org/) includes a build.
+  - The binary is called `mingw32-make.exe` instead of `make.exe`. Add the `bin` folder to `PATH`.
+- [Chocolatey package](https://chocolatey.org/packages/make). Run `choco install make`
+
 ## Downloading and cloning the Gitea source code

 The recommended method of obtaining the source code is by using `git clone`.
@@ -53,7 +86,7 @@ from within the `$GOPATH`, hence the `go get` approach is no longer recommended.

 ## Forking Gitea

-Download the master Gitea source code as above. Then, fork the 
+Download the master Gitea source code as above. Then, fork the
 [Gitea repository](https://github.com/go-gitea/gitea) on GitHub,
 and either switch the git remote origin for your fork or add your fork as another remote:

@@ -96,9 +129,9 @@ See `make help` for all available `make` targets. Also see [`.drone.yml`](https:

 To run and continously rebuild when source files change:

-````bash
+```bash
 make watch
-````
+```

 On macOS, watching all backend source files may hit the default open files limit which can be increased via `ulimit -n 12288` for the current shell or in your shell startup file for all future shells.

@@ -152,7 +185,9 @@ SVG icons are built using the `make svg` target which compiles the icon sources

 ### Building the Logo

-The PNG versions of the logo are built from a single SVG source file `assets/logo.svg` using the `make generate-images` target. To run it, Node.js and npm must be available. The same process can also be used to generate a custom logo PNGs from a SVG source file. It's possible to remove parts of the SVG logo for the favicon build by adding a `detail-remove` class to the SVG nodes to be removed.
+The PNG and SVG versions of the gitea logo are built from a single SVG source file `assets/logo.svg` using the `TAGS="gitea" make generate-images` target. To run it, Node.js and npm must be available. 
+
+The same process can also be used to generate custom logo PNGs from a SVG source file by updating `assets/logo.svg` and running `make generate-images`. Omitting the `gitea` tag will update only the user-designated logo files.

 ### Updating the API

@@ -237,7 +272,7 @@ TAGS="bindata sqlite sqlite_unlock_notify" make build test-sqlite
 ```

 will run the integration tests in an sqlite environment. Integration tests
-require  `git lfs` to be installed. Other database tests are available but
+require `git lfs` to be installed. Other database tests are available but
 may need adjustment to the local environment.

 Look at
--- a/docs/content/doc/developers/integrations.en-us.md
+++ b/docs/content/doc/developers/integrations.en-us.md
@@ -0,0 +1,26 @@
+---
+date: "2019-04-15T17:29:00+08:00"
+title: "Integrations"
+slug: "integrations"
+weight: 40
+toc: false
+draft: false
+menu:
+  sidebar:
+    parent: "developers"
+    name: "Integrations"
+    weight: 65
+    identifier: "integrations"
+---
+
+# Integrations
+
+Gitea has a wonderful community of third-party integrations, as well as first-class support in various other
+projects.
+
+We are curating a list over at [awesome-gitea](https://gitea.com/gitea/awesome-gitea) to track these!
+
+If you are looking for [CI/CD](https://gitea.com/gitea/awesome-gitea#devops),
+an [SDK](https://gitea.com/gitea/awesome-gitea#sdk),
+or even some extra [themes](https://gitea.com/gitea/awesome-gitea#themes),
+you can find them listed in the [awesome-gitea](https://gitea.com/gitea/awesome-gitea) repository!
--- a/docs/content/doc/developers/migrations.en-us.md
+++ b/docs/content/doc/developers/migrations.en-us.md
@@ -0,0 +1,41 @@
+---
+date: "2019-04-15T17:29:00+08:00"
+title: "Migrations Interfaces"
+slug: "migrations-interfaces"
+weight: 30
+toc: false
+draft: false
+menu:
+  sidebar:
+    parent: "developers"
+    name: "Migrations Interfaces"
+    weight: 55
+    identifier: "migrations-interfaces"
+---
+
+# Migration Features
+
+Complete migrations were introduced in Gitea 1.9.0. It defines two interfaces to support migrating
+repository data from other git host platforms to Gitea or, in the future, migrating Gitea data to other
+git host platforms.  
+Currently, migrations from Github, Gitlab, and other Gitea instances are implemented.
+
+First of all, Gitea defines some standard objects in packages [modules/migrations/base](https://github.com/go-gitea/gitea/tree/master/modules/migrations/base).  
+They are `Repository`, `Milestone`, `Release`, `ReleaseAsset`, `Label`, `Issue`, `Comment`, `PullRequest`, `Reaction`, `Review`, `ReviewComment`.
+
+## Downloader Interfaces
+
+To migrate from a new git host platform, there are two steps to be updated.
+
+- You should implement a `Downloader` which will be used to get repository information.
+- You should implement a `DownloaderFactory` which will be used to detect if the URL matches and create the above `Downloader`.
+   - You'll need to register the `DownloaderFactory` via `RegisterDownloaderFactory` on `init()`.
+
+You can find these interfaces in [downloader.go](https://github.com/go-gitea/gitea/blob/master/modules/migrations/base/downloader.go).
+
+## Uploader Interface
+
+Currently, only a `GiteaLocalUploader` is implemented, so we only save downloaded
+data via this `Uploader` to the local Gitea instance. Other uploaders are not supported at this time.
+
+You can find these interfaces in [uploader.go](https://github.com/go-gitea/gitea/blob/master/modules/migrations/base/uploader.go).
--- a/docs/content/doc/developers/oauth2-provider.md
+++ b/docs/content/doc/developers/oauth2-provider.md
@@ -0,0 +1,94 @@
+---
+date: "2019-04-19:44:00+01:00"
+title: "OAuth2 provider"
+slug: "oauth2-provider"
+weight: 41
+toc: false
+draft: false
+menu:
+  sidebar:
+    parent: "developers"
+    name: "OAuth2 Provider"
+    weight: 41
+    identifier: "oauth2-provider"
+---
+
+# OAuth2 provider
+
+**Table of Contents**
+
+{{< toc >}}
+
+Gitea supports acting as an OAuth2 provider to allow third party applications to access its resources with the user's consent. This feature is available since release 1.8.0.
+
+## Endpoints
+
+| Endpoint               | URL                         |
+| ---------------------- | --------------------------- |
+| Authorization Endpoint | `/login/oauth/authorize`    |
+| Access Token Endpoint  | `/login/oauth/access_token` |
+
+## Supported OAuth2 Grants
+
+At the moment Gitea only supports the [**Authorization Code Grant**](https://tools.ietf.org/html/rfc6749#section-1.3.1) standard with additional support of the following extensions:
+- [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636)
+- [OpenID Connect (OIDC)](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth)
+
+To use the Authorization Code Grant as a third party application it is required to register a new application via the "Settings" (`/user/settings/applications`) section of the settings.
+
+## Scopes
+
+Currently Gitea does not support scopes (see [#4300](https://github.com/go-gitea/gitea/issues/4300)) and all third party applications will be granted access to all resources of the user and his/her organizations.
+
+## Example
+
+**Note:** This example does not use PKCE.
+
+1. Redirect to user to the authorization endpoint in order to get his/her consent for accessing the resources:
+
+   ```curl
+   https://[YOUR-GITEA-URL]/login/oauth/authorize?client_id=CLIENT_ID&redirect_uri=REDIRECT_URI& response_type=code&state=STATE
+   ```
+
+   The `CLIENT_ID` can be obtained by registering an application in the settings. The `STATE` is a random string that will be send back to your application after the user authorizes. The `state` parameter is optional but should be used to prevent CSRF attacks.
+
+   ![Authorization Page](/authorize.png)
+
+   The user will now be asked to authorize your application. If they authorize it, the user will be redirected to the `REDIRECT_URL`, for example:
+
+   ```curl
+   https://[REDIRECT_URI]?code=RETURNED_CODE&state=STATE
+   ```
+
+2. Using the provided `code` from the redirect, you can request a new application and refresh token. The access token endpoints accepts POST requests with `application/json` and `application/x-www-form-urlencoded` body, for example:
+
+   ```curl
+   POST https://[YOUR-GITEA-URL]/login/oauth/access_token
+   ```
+
+   ```json
+   {
+     "client_id": "YOUR_CLIENT_ID",
+     "client_secret": "YOUR_CLIENT_SECRET",
+     "code": "RETURNED_CODE",
+     "grant_type": "authorization_code",
+     "redirect_uri": "REDIRECT_URI"
+   }
+   ```
+
+   Response:
+
+   ```json
+   {
+     "access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjowLCJleHAiOjE1NTUxNzk5MTIsImlhdCI6MTU1NTE3NjMxMn0.0-iFsAwBtxuckA0sNZ6QpBQmywVPz129u75vOM7wPJecw5wqGyBkmstfJHAjEOqrAf_V5Z-1QYeCh_Cz4RiKug",
+     "token_type": "bearer",
+     "expires_in": 3600,
+     "refresh_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJnbnQiOjIsInR0IjoxLCJjbnQiOjEsImV4cCI6MTU1NzgwNDMxMiwiaWF0IjoxNTU1MTc2MzEyfQ.S_HZQBy4q9r5SEzNGNIoFClT43HPNDbUdHH-GYNYYdkRfft6XptJBkUQscZsGxOW975Yk6RbgtGvq1nkEcklOw"
+   }
+   ```
+
+   The `CLIENT_SECRET` is the unique secret code generated for this application. Please note that the secret will only be visible after you created/registered the application with Gitea and cannot be recovered. If you lose the secret you must regenerate the secret via the application's settings.
+
+   The `REDIRECT_URI` in the `access_token` request must match the `REDIRECT_URI` in the `authorize` request.
+
+3. Use the `access_token` to make [API requests](https://docs.gitea.io/en-us/api-usage#oauth2) to access the user's resources.
--- a/docs/content/doc/features/authentication.en-us.md
+++ b/docs/content/doc/features/authentication.en-us.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Authentication"
 slug: "authentication"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,25 +15,32 @@ menu:

 # Authentication

+{{< toc >}}
+
 ## LDAP (Lightweight Directory Access Protocol)

 Both the LDAP via BindDN and the simple auth LDAP share the following fields:

 - Authorization Name **(required)**
+
  - A name to assign to the new method of authorization.

 - Host **(required)**
+
  - The address where the LDAP server can be reached.
  - Example: `mydomain.com`

 - Port **(required)**
+
  - The port to use when connecting to the server.
  - Example: `389` for LDAP or `636` for LDAP SSL

 - Enable TLS Encryption (optional)
+
  - Whether to use TLS when connecting to the LDAP server.

 - Admin Filter (optional)
+
  - An LDAP filter specifying if a user should be given administrator
    privileges. If a user account passes the filter, the user will be
    privileged as an administrator.
@@ -41,6 +48,7 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
  - Example for Microsoft Active Directory (AD): `(memberOf=CN=admin-group,OU=example,DC=example,DC=org)`

 - Username attribute (optional)
+
  - The attribute of the user's LDAP record containing the user name. Given
    attribute value will be used for new Gitea account user name after first
    successful sign-in. Leave empty to use login name given on sign-in form.
@@ -51,11 +59,13 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
  - Example for Microsoft Active Directory (AD): `sAMAccountName`

 - First name attribute (optional)
+
  - The attribute of the user's LDAP record containing the user's first name.
    This will be used to populate their account information.
  - Example: `givenName`

 - Surname attribute (optional)
+
  - The attribute of the user's LDAP record containing the user's surname.
    This will be used to populate their account information.
  - Example: `sn`
@@ -65,19 +75,24 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
    address. This will be used to populate their account information.
  - Example: `mail`

-**LDAP via BindDN** adds the following fields:
+### LDAP via BindDN
+
+Adds the following fields:

 - Bind DN (optional)
+
  - The DN to bind to the LDAP server with when searching for the user. This
    may be left blank to perform an anonymous search.
  - Example: `cn=Search,dc=mydomain,dc=com`

 - Bind Password (optional)
+
  - The password for the Bind DN specified above, if any. _Note: The password
    is stored in plaintext at the server. As such, ensure that the Bind DN
    has as few privileges as possible._

 - User Search Base **(required)**
+
  - The LDAP base at which user accounts will be searched for.
  - Example: `ou=Users,dc=mydomain,dc=com`

@@ -94,24 +109,28 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
 - Enable user synchronization
  - This option enables a periodic task that synchronizes the Gitea users with
    the LDAP server. The default period is every 24 hours but that can be
-    changed in the app.ini file.  See the *cron.sync_external_users* section in
+    changed in the app.ini file. See the _cron.sync_external_users_ section in
    the [sample
    app.ini](https://github.com/go-gitea/gitea/blob/master/custom/conf/app.example.ini)
-    for detailed comments about that section.  The *User Search Base* and *User
-    Filter* settings described above will limit which users can use Gitea and
-    which users will be synchronized.  When initially run the task will create
+    for detailed comments about that section. The _User Search Base_ and _User
+    Filter_ settings described above will limit which users can use Gitea and
+    which users will be synchronized. When initially run the task will create
    all LDAP users that match the given settings so take care if working with
    large Enterprise LDAP directories.

-**LDAP using simple auth** adds the following fields:
+### LDAP using simple auth
+
+Adds the following fields:

 - User DN **(required)**
+
  - A template to use as the user's DN. The `%s` matching parameter will be
    substituted with login name given on sign-in form.
  - Example: `cn=%s,ou=Users,dc=mydomain,dc=com`
  - Example: `uid=%s,ou=Users,dc=mydomain,dc=com`

- User Search Base  (optional)
+- User Search Base (optional)
+
  - The LDAP base at which user accounts will be searched for.
  - Example: `ou=Users,dc=mydomain,dc=com`

@@ -122,23 +141,28 @@ Both the LDAP via BindDN and the simple auth LDAP share the following fields:
  - Example: `(&(objectClass=posixAccount)(cn=%s))`
  - Example: `(&(objectClass=posixAccount)(uid=%s))`

-**Verify group membership in LDAP** uses the following fields:
+### Verify group membership in LDAP

-* Group Search Base (optional)
-    * The LDAP DN used for groups.
-    * Example: `ou=group,dc=mydomain,dc=com`
+Uses the following fields:

-* Group Name Filter (optional)
-    * An LDAP filter declaring how to find valid groups in the above DN.
-    * Example: `(|(cn=gitea_users)(cn=admins))`
+- Group Search Base (optional)

-* User Attribute in Group (optional)
-    * Which user LDAP attribute is listed in the group.
-    * Example: `uid`
+  - The LDAP DN used for groups.
+  - Example: `ou=group,dc=mydomain,dc=com`

-* Group Attribute for User (optional)
-    * Which group LDAP attribute contains an array above user attribute names.
-    * Example: `memberUid`
+- Group Name Filter (optional)
+
+  - An LDAP filter declaring how to find valid groups in the above DN.
+  - Example: `(|(cn=gitea_users)(cn=admins))`
+
+- User Attribute in Group (optional)
+
+  - Which user LDAP attribute is listed in the group.
+  - Example: `uid`
+
+- Group Attribute for User (optional)
+  - Which group LDAP attribute contains an array above user attribute names.
+  - Example: `memberUid`

 ## PAM (Pluggable Authentication Module)

@@ -152,28 +176,35 @@ This option allows Gitea to log in to an SMTP host as a Gitea user. To
 configure this, set the fields below:

 - Authentication Name **(required)**
+
  - A name to assign to the new method of authorization.

 - SMTP Authentication Type **(required)**
+
  - Type of authentication to use to connect to SMTP host, PLAIN or LOGIN.

 - Host **(required)**
+
  - The address where the SMTP host can be reached.
  - Example: `smtp.mydomain.com`

 - Port **(required)**
+
  - The port to use when connecting to the server.
  - Example: `587`

 - Allowed Domains
+
  - Restrict what domains can log in if using a public SMTP host or SMTP host
    with multiple domains.
  - Example: `gitea.io,mydomain.com,mydomain2.com`

 - Enable TLS Encryption
+
  - Enable TLS encryption on authentication.

 - Skip TLS Verify
+
  - Disable TLS verify on authentication.

 - This authentication is activate
@@ -186,7 +217,8 @@ configure this, set the fields below:

 - On the FreeIPA server, create a `gitea.ldif` file, replacing `dc=example,dc=com`
  with your DN, and provide an appropriately secure password:
-```
+
+  ```sh
  dn: uid=gitea,cn=sysaccounts,cn=etc,dc=example,dc=com
  changetype: add
  objectclass: account
@@ -195,18 +227,22 @@ configure this, set the fields below:
  userPassword: secure password
  passwordExpirationTime: 20380119031407Z
  nsIdleTimeout: 0
-```
+  ```

 - Import the LDIF (change localhost to an IPA server if needed). A prompt for
- Directory Manager password will be presented:
-```
+  Directory Manager password will be presented:
+
+  ```sh
  ldapmodify -h localhost -p 389 -x -D \
  "cn=Directory Manager" -W -f gitea.ldif
-```
- Add an IPA group for gitea\_users :
-```
+  ```
+
+- Add an IPA group for gitea_users :
+
+  ```sh
  ipa group-add --desc="Gitea Users" gitea_users
-```
+  ```
+
 - Note: For errors about IPA credentials, run `kinit admin` and provide the
  domain admin account password.

@@ -222,13 +258,15 @@ Before activating SSPI single sign-on authentication (SSO) you have to prepare y
 - Create a separate user account in active directory, under which the `gitea.exe` process will be running (eg. `user` under domain `domain.local`):

 - Create a service principal name for the host where `gitea.exe` is running with class `HTTP`:
+
  - Start `Command Prompt` or `PowerShell` as a priviledged domain user (eg. Domain Administrator)
  - Run the command below, replacing `host.domain.local` with the fully qualified domain name (FQDN) of the server where the web application will be running, and `domain\user` with the name of the account created in the previous step:
-  ```
-    setspn -A HTTP/host.domain.local domain\user
+
+  ```sh
+  setspn -A HTTP/host.domain.local domain\user
  ```

- Sign in (*sign out if you were already signed in*) with the user created
+- Sign in (_sign out if you were already signed in_) with the user created

 - Make sure that `ROOT_URL` in the `[server]` section of `custom/conf/app.ini` is the fully qualified domain name of the server where the web application will be running - the same you used when creating the service principal name (eg. `host.domain.local`)

--- a/docs/content/doc/features/authentication.zh-cn.md
+++ b/docs/content/doc/features/authentication.zh-cn.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "认证"
 slug: "authentication"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/authentication.zh-tw.md
+++ b/docs/content/doc/features/authentication.zh-tw.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "認證"
 slug: "authentication"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/comparison.en-us.md
+++ b/docs/content/doc/features/comparison.en-us.md
@@ -3,7 +3,7 @@ date: "2018-05-07T13:00:00+02:00"
 title: "Gitea compared to other Git hosting options"
 slug: "comparison"
 weight: 5
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,114 +15,117 @@ menu:

 # Gitea compared to other Git hosting options

+**Table of Contents**
+
+{{< toc >}}
+
 To help decide if Gitea is suited for your needs, here is how it compares to other Git self hosted options.

 Be warned that we don't regularly check for feature changes in other products, so this list may be outdated. If you find anything that needs to be updated in the table below, please report it in an [issue on GitHub](https://github.com/go-gitea/gitea/issues).

 _Symbols used in table:_

-* _✓ - supported_
+- _✓ - supported_

-* _⁄ - supported with limited functionality_
+- _⁄ - supported with limited functionality_

-* _✘ - unsupported_
+- _✘ - unsupported_

-#### General Features
+## General Features

-| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
-|---------|-------|------|-----------|-----------|-----------|-----------|--------------|
-| Open source and free | ✓ | ✓ | ✘| ✓ | ✘ | ✘ | ✓ |
-| Low resource usage (RAM/CPU) | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ |
-| Multiple database support | ✓ | ✓ | ✘ | ⁄ | ⁄ | ✓ | ✓ |
-| Multiple OS support | ✓ | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ |
-| Easy upgrade process | ✓ | ✓ | ✘ | ✓ | ✓ | ✘ | ✓ |
-| Markdown support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Orgmode support | ✓ | ✘ | ✓ | ✘ | ✘ | ✘ | ? |
-| CSV support | ✓ | ✘ | ✓ | ✘ | ✘ | ✓ | ? |
-| Third-party render tool support | ✓ | ✘ | ✘ | ✘ | ✘ | ✓ | ? |
-| Static Git-powered pages | [✘](https://github.com/go-gitea/gitea/issues/302) | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Integrated Git-powered wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Deploy Tokens | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Repository Tokens with write rights | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
-| Built-in Container Registry | [✘](https://github.com/go-gitea/gitea/issues/2316) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| External git mirroring | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
-| FIDO U2F (2FA) | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Built-in CI/CD | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Subgroups: groups within groups | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✓ |
+| Feature                             | Gitea                                              | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
+| ----------------------------------- | -------------------------------------------------- | ---- | --------- | --------- | --------- | --------- | ------------ |
+| Open source and free                | ✓                                                  | ✓    | ✘         | ✓         | ✘         | ✘         | ✓            |
+| Low resource usage (RAM/CPU)        | ✓                                                  | ✓    | ✘         | ✘         | ✘         | ✘         | ✘            |
+| Multiple database support           | ✓                                                  | ✓    | ✘         | ⁄         | ⁄         | ✓         | ✓            |
+| Multiple OS support                 | ✓                                                  | ✓    | ✘         | ✘         | ✘         | ✘         | ✓            |
+| Easy upgrade process                | ✓                                                  | ✓    | ✘         | ✓         | ✓         | ✘         | ✓            |
+| Markdown support                    | ✓                                                  | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Orgmode support                     | ✓                                                  | ✘    | ✓         | ✘         | ✘         | ✘         | ?            |
+| CSV support                         | ✓                                                  | ✘    | ✓         | ✘         | ✘         | ✓         | ?            |
+| Third-party render tool support     | ✓                                                  | ✘    | ✘         | ✘         | ✘         | ✓         | ?            |
+| Static Git-powered pages            | [✘](https://github.com/go-gitea/gitea/issues/302)  | ✘    | ✓         | ✓         | ✓         | ✘         | ✘            |
+| Integrated Git-powered wiki         | ✓                                                  | ✓    | ✓         | ✓         | ✓         | ✓         | ✘            |
+| Deploy Tokens                       | ✓                                                  | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Repository Tokens with write rights | ✓                                                  | ✘    | ✓         | ✓         | ✓         | ✘         | ✓            |
+| Built-in Container Registry         | [✘](https://github.com/go-gitea/gitea/issues/2316) | ✘    | ✘         | ✓         | ✓         | ✘         | ✘            |
+| External git mirroring              | ✓                                                  | ✓    | ✘         | ✘         | ✓         | ✓         | ✓            |
+| FIDO U2F (2FA)                      | ✓                                                  | ✘    | ✓         | ✓         | ✓         | ✓         | ✘            |
+| Built-in CI/CD                      | ✘                                                  | ✘    | ✓         | ✓         | ✓         | ✘         | ✘            |
+| Subgroups: groups within groups     | ✘                                                  | ✘    | ✘         | ✓         | ✓         | ✘         | ✓            |

-#### Code management
+## Code management

-| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
-|---------|-------|------|-----------|-----------|-----------|-----------|--------------|
-| Repository topics | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Repository code search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Global code search | ✓ | ✘ | ✓ | ✘ | ✓ | ✓ | ✓ |
-| Git LFS 2.0 | ✓ | ✘ | ✓ | ✓ | ✓ | ⁄ | ✓ |
-| Group Milestones | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Granular user roles (Code, Issues, Wiki etc) | ✓ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Verified Committer | ⁄ | ✘ | ? | ✓ | ✓ | ✓ | ✘ |
-| GPG Signed Commits | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Reject unsigned commits | [✓](https://github.com/go-gitea/gitea/pull/9708) | ✘ | ✓ | ✓ | ✓ | ✘ | ✓ |
-| Repository Activity page | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Branch manager | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Create new branches | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Web code editor | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Commit graph | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Template Repositories | [✓](https://github.com/go-gitea/gitea/pull/8768) | ✘ | ✓ | ✘ | ✓ | ✓ | ✘ |
+| Feature                                      | Gitea                                            | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
+| -------------------------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ |
+| Repository topics                            | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✘         | ✘            |
+| Repository code search                       | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Global code search                           | ✓                                                | ✘    | ✓         | ✘         | ✓         | ✓         | ✓            |
+| Git LFS 2.0                                  | ✓                                                | ✘    | ✓         | ✓         | ✓         | ⁄         | ✓            |
+| Group Milestones                             | ✘                                                | ✘    | ✘         | ✓         | ✓         | ✘         | ✘            |
+| Granular user roles (Code, Issues, Wiki etc) | ✓                                                | ✘    | ✘         | ✓         | ✓         | ✘         | ✘            |
+| Verified Committer                           | ⁄                                                | ✘    | ?         | ✓         | ✓         | ✓         | ✘            |
+| GPG Signed Commits                           | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Reject unsigned commits                      | [✓](https://github.com/go-gitea/gitea/pull/9708) | ✘    | ✓         | ✓         | ✓         | ✘         | ✓            |
+| Repository Activity page                     | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Branch manager                               | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Create new branches                          | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✘         | ✘            |
+| Web code editor                              | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Commit graph                                 | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Template Repositories                        | [✓](https://github.com/go-gitea/gitea/pull/8768) | ✘    | ✓         | ✘         | ✓         | ✓         | ✘            |

-#### Issue Tracker
+## Issue Tracker

-| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
-|---------|-------|------|-----------|-----------|-----------|-----------|--------------|
-| Issue tracker | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Issue templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Labels | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Time tracking | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Multiple assignees for issues | ✓ | ✘ | ✓ | ✘ | ✓ | ✘ | ✘ |
-| Related issues | ✘ | ✘ | ⁄ | [✓](https://docs.gitlab.com/ce/user/project/issues/related_issues.html) | ✓ | ✘ | ✘ |
-| Confidential issues | [✘](https://github.com/go-gitea/gitea/issues/3217) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Comment reactions | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Lock Discussion | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Batch issue handling | ✓ | ✘ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Issue Boards (Kanban) | [✓](https://github.com/go-gitea/gitea/pull/8346) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Create new branches from issues | ✘ | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Issue search | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Global issue search | [✘](https://github.com/go-gitea/gitea/issues/2434) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Issue dependency | ✓ | ✘ | ✘ | ✘ | ✘ | ✘ | ✘ |
-| Create issue via email | [✘](https://github.com/go-gitea/gitea/issues/6226) | [✘](https://github.com/gogs/gogs/issues/2602) | ✘ | ✘ | ✓ | ✓ | ✘ |
-| Service Desk | [✘](https://github.com/go-gitea/gitea/issues/6219) | ✘ | ✘ | [✓](https://gitlab.com/groups/gitlab-org/-/epics/3103) | ✓ | ✘ | ✘ |
+| Feature                         | Gitea                                              | Gogs                                          | GitHub EE | GitLab CE                                                               | GitLab EE | BitBucket | RhodeCode CE |
+| ------------------------------- | -------------------------------------------------- | --------------------------------------------- | --------- | ----------------------------------------------------------------------- | --------- | --------- | ------------ |
+| Issue tracker                   | ✓                                                  | ✓                                             | ✓         | ✓                                                                       | ✓         | ✓         | ✘            |
+| Issue templates                 | ✓                                                  | ✓                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Labels                          | ✓                                                  | ✓                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Time tracking                   | ✓                                                  | ✘                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Multiple assignees for issues   | ✓                                                  | ✘                                             | ✓         | ✘                                                                       | ✓         | ✘         | ✘            |
+| Related issues                  | ✘                                                  | ✘                                             | ⁄         | [✓](https://docs.gitlab.com/ce/user/project/issues/related_issues.html) | ✓         | ✘         | ✘            |
+| Confidential issues             | [✘](https://github.com/go-gitea/gitea/issues/3217) | ✘                                             | ✘         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Comment reactions               | ✓                                                  | ✘                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Lock Discussion                 | ✓                                                  | ✘                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Batch issue handling            | ✓                                                  | ✘                                             | ✓         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Issue Boards (Kanban)           | [✓](https://github.com/go-gitea/gitea/pull/8346)   | ✘                                             | ✘         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Create new branches from issues | ✘                                                  | ✘                                             | ✘         | ✓                                                                       | ✓         | ✘         | ✘            |
+| Issue search                    | ✓                                                  | ✘                                             | ✓         | ✓                                                                       | ✓         | ✓         | ✘            |
+| Global issue search             | [✘](https://github.com/go-gitea/gitea/issues/2434) | ✘                                             | ✓         | ✓                                                                       | ✓         | ✓         | ✘            |
+| Issue dependency                | ✓                                                  | ✘                                             | ✘         | ✘                                                                       | ✘         | ✘         | ✘            |
+| Create issue via email          | [✘](https://github.com/go-gitea/gitea/issues/6226) | [✘](https://github.com/gogs/gogs/issues/2602) | ✘         | ✘                                                                       | ✓         | ✓         | ✘            |
+| Service Desk                    | [✘](https://github.com/go-gitea/gitea/issues/6219) | ✘                                             | ✘         | [✓](https://gitlab.com/groups/gitlab-org/-/epics/3103)                  | ✓         | ✘         | ✘            |

-#### Pull/Merge requests
+## Pull/Merge requests

-| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
-|---------|-------|------|-----------|-----------|-----------|-----------|--------------|
-| Pull/Merge requests | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Squash merging | ✓ | ✘ | ✓ | [✓](https://docs.gitlab.com/ce/user/project/merge_requests/squash_and_merge.html) | ✓ | ✓ | ✓ |
-| Rebase merging | ✓ | ✓ | ✓ | ✘ | ⁄ | ✘ | ✓ |
-| Pull/Merge request inline comments | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Pull/Merge request approval | ✓ | ✘ | ⁄ | ✓ | ✓ | ✓ | ✓ |
-| Merge conflict resolution | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Restrict push and merge access to certain users | ✓ | ✘ | ✓ | ⁄ | ✓ | ✓ | ✓ |
-| Revert specific commits or a merge request | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Pull/Merge requests templates | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Cherry-picking changes | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘ | ✘ | ✓ | ✓ | ✘ | ✘ |
-| Download Patch | ✓ | ✘ | ✓ | ✓ | ✓ | [/](https://jira.atlassian.com/plugins/servlet/mobile#issue/BCLOUD-8323) | ✘ |
+| Feature                                         | Gitea                                              | Gogs | GitHub EE | GitLab CE                                                                         | GitLab EE | BitBucket                                                                | RhodeCode CE |
+| ----------------------------------------------- | -------------------------------------------------- | ---- | --------- | --------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------ | ------------ |
+| Pull/Merge requests                             | ✓                                                  | ✓    | ✓         | ✓                                                                                 | ✓         | ✓                                                                        | ✓            |
+| Squash merging                                  | ✓                                                  | ✘    | ✓         | [✓](https://docs.gitlab.com/ce/user/project/merge_requests/squash_and_merge.html) | ✓         | ✓                                                                        | ✓            |
+| Rebase merging                                  | ✓                                                  | ✓    | ✓         | ✘                                                                                 | ⁄         | ✘                                                                        | ✓            |
+| Pull/Merge request inline comments              | ✓                                                  | ✘    | ✓         | ✓                                                                                 | ✓         | ✓                                                                        | ✓            |
+| Pull/Merge request approval                     | ✓                                                  | ✘    | ⁄         | ✓                                                                                 | ✓         | ✓                                                                        | ✓            |
+| Merge conflict resolution                       | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘    | ✓         | ✓                                                                                 | ✓         | ✓                                                                        | ✘            |
+| Restrict push and merge access to certain users | ✓                                                  | ✘    | ✓         | ⁄                                                                                 | ✓         | ✓                                                                        | ✓            |
+| Revert specific commits or a merge request      | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘    | ✓         | ✓                                                                                 | ✓         | ✓                                                                        | ✘            |
+| Pull/Merge requests templates                   | ✓                                                  | ✓    | ✓         | ✓                                                                                 | ✓         | ✘                                                                        | ✘            |
+| Cherry-picking changes                          | [✘](https://github.com/go-gitea/gitea/issues/5158) | ✘    | ✘         | ✓                                                                                 | ✓         | ✘                                                                        | ✘            |
+| Download Patch                                  | ✓                                                  | ✘    | ✓         | ✓                                                                                 | ✓         | [/](https://jira.atlassian.com/plugins/servlet/mobile#issue/BCLOUD-8323) | ✘            |

+## 3rd-party integrations

-#### 3rd-party integrations
-
-| Feature | Gitea | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
-|---------|-------|------|-----------|-----------|-----------|-----------|--------------|
-| Webhook support | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Custom Git Hooks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| AD / LDAP integration | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Multiple LDAP / AD server support | ✓ | ✓ | ✘ | ✘ | ✓ | ✓ | ✓ |
-| LDAP user synchronization | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
-| OpenId Connect support | ✓ | ✘ | ✓ | ✓ | ✓ | ? | ✘ |
-| OAuth 2.0 integration (external authorization) | ✓ | ✘ | ⁄ | ✓ | ✓ | ? | ✓ |
-| Act as OAuth 2.0 provider | [✓](https://github.com/go-gitea/gitea/pull/5378) | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Two factor authentication (2FA) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| Mattermost/Slack integration | ✓ | ✓ | ⁄ | ✓ | ✓ | ⁄ | ✓ |
-| Discord integration | ✓ | ✓ | ✓ | ✓ | ✓ | ✘ | ✘ |
-| Microsoft Teams integration | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✘ |
-| External CI/CD status display | ✓ | ✘ | ✓ | ✓ | ✓ | ✓ | ✓ |
+| Feature                                        | Gitea                                            | Gogs | GitHub EE | GitLab CE | GitLab EE | BitBucket | RhodeCode CE |
+| ---------------------------------------------- | ------------------------------------------------ | ---- | --------- | --------- | --------- | --------- | ------------ |
+| Webhook support                                | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Custom Git Hooks                               | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| AD / LDAP integration                          | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| Multiple LDAP / AD server support              | ✓                                                | ✓    | ✘         | ✘         | ✓         | ✓         | ✓            |
+| LDAP user synchronization                      | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
+| OpenId Connect support                         | ✓                                                | ✘    | ✓         | ✓         | ✓         | ?         | ✘            |
+| OAuth 2.0 integration (external authorization) | ✓                                                | ✘    | ⁄         | ✓         | ✓         | ?         | ✓            |
+| Act as OAuth 2.0 provider                      | [✓](https://github.com/go-gitea/gitea/pull/5378) | ✘    | ✓         | ✓         | ✓         | ✓         | ✘            |
+| Two factor authentication (2FA)                | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✓         | ✘            |
+| Mattermost/Slack integration                   | ✓                                                | ✓    | ⁄         | ✓         | ✓         | ⁄         | ✓            |
+| Discord integration                            | ✓                                                | ✓    | ✓         | ✓         | ✓         | ✘         | ✘            |
+| Microsoft Teams integration                    | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✘            |
+| External CI/CD status display                  | ✓                                                | ✘    | ✓         | ✓         | ✓         | ✓         | ✓            |
--- a/docs/content/doc/features/comparison.zh-cn.md
+++ b/docs/content/doc/features/comparison.zh-cn.md
@@ -3,7 +3,7 @@ date: "2019-02-14T11:51:04+08:00"
 title: "横向对比 Gitea 与其它 Git 托管工具"
 slug: "comparison"
 weight: 5
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/localization.en-us.md
+++ b/docs/content/doc/features/localization.en-us.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Localization"
 slug: "localization"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -17,7 +17,7 @@ menu:

 Gitea's localization happens through our [Crowdin project](https://crowdin.com/project/gitea).

-For changes to an **English** translation, a pull request can be made that changes the appropriate key in 
+For changes to an **English** translation, a pull request can be made that changes the appropriate key in
 the [english locale](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini).

 For changes to a **non-English** translation, refer to the Crowdin project above.
--- a/docs/content/doc/features/localization.zh-cn.md
+++ b/docs/content/doc/features/localization.zh-cn.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "本地化"
 slug: "localization"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/localization.zh-tw.md
+++ b/docs/content/doc/features/localization.zh-tw.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "在地化"
 slug: "localization"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/webhooks.en-us.md
+++ b/docs/content/doc/features/webhooks.en-us.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Webhooks"
 slug: "webhooks"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -30,6 +30,8 @@ All event pushes are POST requests. The methods currently supported are:

 ### Event information

+**WARNING**: The `secret` field in the payload is deprecated as of Gitea 1.13.0 and will be removed in 1.14.0: https://github.com/go-gitea/gitea/issues/11755
+
 The following is an example of event information that will be sent by Gitea to
 a Payload URL:

@@ -166,7 +168,7 @@ if (empty($header_signature)) {
 $payload_signature = hash_hmac('sha256', $payload, $secret_key, false);

 // check payload signature against header signature
-if ($header_signature != $payload_signature) {
+if ($header_signature !== $payload_signature) {
    error_log('FAILED - payload signature');
    exit();
 }
--- a/docs/content/doc/features/webhooks.zh-cn.md
+++ b/docs/content/doc/features/webhooks.zh-cn.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Webhooks"
 slug: "webhooks"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/features/webhooks.zh-tw.md
+++ b/docs/content/doc/features/webhooks.zh-tw.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Webhooks"
 slug: "webhooks"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/help/faq.en-us.md
+++ b/docs/content/doc/help/faq.en-us.md
@@ -3,7 +3,7 @@ date: "2019-04-05T16:00:00+02:00"
 title: "FAQ"
 slug: "faq"
 weight: 5
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -13,59 +13,33 @@ menu:
    identifier: "faq"
 ---

-# Frequently Asked Questions
+# Frequently Asked Questions <!-- omit in toc -->

 This page contains some common questions and answers.  
-Also see [Support Options]({{< relref "doc/help/seek-help.en-us.md" >}})
+For more help resources, check all [Support Options]({{< relref "doc/help/seek-help.en-us.md" >}}).

-* [Difference between 1.x and 1.x.x downloads](#difference-between-1-x-and-1-x-x-downloads)
-* [How to migrate from Gogs/GitHub/etc. to Gitea](#how-to-migrate-from-gogs-github-etc-to-gitea)
-* [Where does Gitea store "x" file](#where-does-gitea-store-x-file)
-* [Not seeing a clone URL or the clone URL being incorrect](#not-seeing-a-clone-url-or-the-clone-url-being-incorrect)
-* [Custom Templates not loading or working incorrectly](#custom-templates-not-loading-or-working-incorrectly)
-* [Active user vs login prohibited user](#active-user-vs-login-prohibited-user)
-* [Setting up logging](#setting-up-logging)
-* [What is Swagger?](#what-is-swagger)
-* [Adjusting your server for public/private use](#adjusting-your-server-for-public-private-use)
-  * [Preventing spammers](#preventing-spammers)
-  * [Only allow certain email domains](#only-allow-certain-email-domains)
-  * [Only allow/block certain OpenID providers](#only-allow-block-certain-openid-providers)
-  * [Issue only users](#issue-only-users)
-  * [Restricted users](#restricted-users)
-  * [Enable Fail2ban](#enable-fail2ban)
-* [Adding custom themes](#how-to-add-use-custom-themes)
-* [SSHD vs built-in SSH](#sshd-vs-built-in-ssh)
-* [Gitea is running slow](#gitea-is-running-slow)
-* [Can't create repositories/files](#cant-create-repositories-files)
-* [Translation is incorrect/how to add more translations](#translation-is-incorrect-how-to-add-more-translations)
-* [Hooks aren't running](#hooks-aren-t-running)
-* [SSH Issues](#ssh-issues)
-  * [SSH Common Errors](#ssh-common-errors)
-* [Missing releases after migration repository with tags](#missing-releases-after-migrating-repository-with-tags)
-* [LFS Issues](#lfs-issues)
-* [How can I create users before starting Gitea](#how-can-i-create-users-before-starting-gitea)
-* [How can I enable password reset](#how-can-i-enable-password-reset)
-* [How can a user's password be changed](#how-can-a-user-s-password-be-changed)
-* [Why is my markdown broken](#why-is-my-markdown-broken)
-* [Errors during upgrade on MySQL: Error 1118: Row size too large.](#upgrade-errors-with-mysql)
-* [Why are emoji broken on MySQL](#why-are-emoji-broken-on-mysql)
+**Table of Contents**
+
+{{< toc >}}

 ## Difference between 1.x and 1.x.x downloads
+
 Version 1.7.x will be used for this example.  
-**NOTE:** this example applies to Docker images as well!  
+**NOTE:** this example applies to Docker images as well!

 On our [downloads page](https://dl.gitea.io/gitea/) you will see a 1.7 directory, as well as directories for 1.7.0, 1.7.1, 1.7.2, 1.7.3, 1.7.4, 1.7.5, and 1.7.6.  
 The 1.7 and 1.7.0 directories are **not** the same. The 1.7 directory is built on each merged commit to the [`release/v1.7`](https://github.com/go-gitea/gitea/tree/release/v1.7) branch.  
-The 1.7.0 directory, however, is a build that was created when the [`v1.7.0`](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) tag was created.  
+The 1.7.0 directory, however, is a build that was created when the [`v1.7.0`](https://github.com/go-gitea/gitea/releases/tag/v1.7.0) tag was created.

 This means that 1.x downloads will change as commits are merged to their respective branch (think of it as a separate "master" branch for each release).  
 On the other hand, 1.x.x downloads should never change.

 ## How to migrate from Gogs/GitHub/etc. to Gitea
+
 To migrate from Gogs to Gitea:

-* [Gogs version 0.9.146 or less]({{< relref "doc/upgrade/from-gogs.en-us.md" >}})
-* [Gogs version 0.11.46.0418](https://github.com/go-gitea/gitea/issues/4286)
+- [Gogs version 0.9.146 or less]({{< relref "doc/upgrade/from-gogs.en-us.md" >}})
+- [Gogs version 0.11.46.0418](https://github.com/go-gitea/gitea/issues/4286)

 To migrate from GitHub to Gitea, you can use Gitea's built-in migration form.  
 In order to migrate items such as issues, pull requests, etc. you will need to input at least your username.  
@@ -74,30 +48,32 @@ In order to migrate items such as issues, pull requests, etc. you will need to i
 To migrate from Gitlab to Gitea, you can use this non-affiliated tool:  
 https://github.com/loganinak/MigrateGitlabToGogs

-## Where does Gitea store "x" file
-* WorkPath
-  * Environment variable `GITEA_WORK_DIR`
-  * Else binary location
-* AppDataPath (default for database, indexers, etc.)
-  * `APP_DATA_PATH` from `app.ini`
-  * Else `%(WorkPath)/data`
-* CustomPath (custom templates)
-  * Environment variable `GITEA_CUSTOM`
-  * Else `%(WorkPath)/custom`
-* HomeDir
-  * Unix: Environment variable `HOME`
-  * Windows: Environment variable `USERPROFILE`, else environment variables `HOMEDRIVE`+`HOMEPATH`
-* RepoRootPath
-  * `ROOT` in `app.ini`
-  * Else `%(HomeDir)/gitea-repositories`
-* INI (config file)
-  * `-c` flag
-  * Else `%(CustomPath)/conf/app.ini`
-* SQLite Database 
-  * `PATH` in `database` section of `app.ini`
-  * Else `%(AppDataPath)/gitea.db`
+## Where does Gitea store what file
+
+- WorkPath
+  - Environment variable `GITEA_WORK_DIR`
+  - Else binary location
+- AppDataPath (default for database, indexers, etc.)
+  - `APP_DATA_PATH` from `app.ini`
+  - Else `%(WorkPath)/data`
+- CustomPath (custom templates)
+  - Environment variable `GITEA_CUSTOM`
+  - Else `%(WorkPath)/custom`
+- HomeDir
+  - Unix: Environment variable `HOME`
+  - Windows: Environment variable `USERPROFILE`, else environment variables `HOMEDRIVE`+`HOMEPATH`
+- RepoRootPath
+  - `ROOT` in `app.ini`
+  - Else `%(AppDataPath)/gitea-repositories`
+- INI (config file)
+  - `-c` flag
+  - Else `%(CustomPath)/conf/app.ini`
+- SQLite Database
+  - `PATH` in `database` section of `app.ini`
+  - Else `%(AppDataPath)/gitea.db`

 ## Not seeing a clone URL or the clone URL being incorrect
+
 There are a few places that could make this show incorrectly.

 1. If using a reverse proxy, make sure you have followed the correction directions in the [reverse proxy guide]({{< relref "doc/usage/reverse-proxies.en-us.md" >}})
@@ -107,81 +83,94 @@ If certain clone options aren't showing up (HTTP/S or SSH), the following option

 `DISABLE_HTTP_GIT`: if set to true, there will be no HTTP/HTTPS link  
 `DISABLE_SSH`: if set to true, there will be no SSH link  
-`SSH_EXPOSE_ANONYMOUS`: if set to false, SSH links will be hidden for anonymous users  
-
+`SSH_EXPOSE_ANONYMOUS`: if set to false, SSH links will be hidden for anonymous users

 ## Custom Templates not loading or working incorrectly
+
 Gitea's custom templates must be added to the correct location or Gitea will not find and use them.  
 The correct path for the template(s) will be relative to the `CustomPath`

-1. To find `CustomPath`, look for Custom File Root Path in Site Administration -> Configuration 
-  * If that doesn't exist, you can try `echo $GITEA_CUSTOM`
+1. To find `CustomPath`, look for Custom File Root Path in Site Administration -> Configuration
+
+- If that doesn't exist, you can try `echo $GITEA_CUSTOM`
+
 2. If you are still unable to find a path, the default can be [calculated above](#where-does-gitea-store-x-file)
 3. Once you have figured out the correct custom path, you can refer to the [customizing Gitea]({{< relref "doc/advanced/customizing-gitea.en-us.md" >}}) page to add your template to the correct location.

 ## Active user vs login prohibited user
+
 In Gitea, an "active" user refers to a user that has activated their account via email.  
 A "login prohibited" user is a user that is not allowed to log in to Gitea anymore

-## Setting up logging 
-* [Official Docs]({{< relref "doc/advanced/logging-documentation.en-us.md" >}})
+## Setting up logging
+
+- [Official Docs]({{< relref "doc/advanced/logging-documentation.en-us.md" >}})

 ## What is Swagger?
+
 [Swagger](https://swagger.io/) is what Gitea uses for its API.  
 All Gitea instances have the built-in API, though it can be disabled by setting `ENABLE_SWAGGER` to `false` in the `api` section of your `app.ini`  
-For more information, refer to Gitea's [API docs]({{< relref "doc/advanced/api-usage.en-us.md" >}})
+For more information, refer to Gitea's [API docs]({{< relref "doc/developers/api-usage.en-us.md" >}})

 [Swagger Example](https://try.gitea.io/api/swagger)

 ## Adjusting your server for public/private use

 ### Preventing spammers
-There are multiple things you can combine to prevent spammers.  
+
+There are multiple things you can combine to prevent spammers.

 1. By only whitelisting certain domains with OpenID (see below)
 2. Setting `ENABLE_CAPTCHA` to `true` in your `app.ini` and properly configuring `RECAPTCHA_SECRET` and `RECAPTCHA_SITEKEY`
-3. Settings `DISABLE_REGISTRATION` to `true` and creating new users via the [CLI]({{< relref "doc/usage/command-line.en-us.md" >}}), [API]({{< relref "doc/advanced/api-usage.en-us.md" >}}), or Gitea's Admin UI  
+3. Settings `DISABLE_REGISTRATION` to `true` and creating new users via the [CLI]({{< relref "doc/usage/command-line.en-us.md" >}}), [API]({{< relref "doc/developers/api-usage.en-us.md" >}}), or Gitea's Admin UI

 ### Only allow certain email domains
+
 You can configure `EMAIL_DOMAIN_WHITELIST` in your app.ini under `[service]`

 ### Only allow/block certain OpenID providers
+
 You can configure `WHITELISTED_URIS` or `BLACKLISTED_URIS` under `[openid]` in your `app.ini`  
 **NOTE:** whitelisted takes precedence, so if it is non-blank then blacklisted is ignored

 ### Issue only users
+
 The current way to achieve this is to create/modify a user with a max repo creation limit of 0.

 ### Restricted users
-Restricted users are limited to a subset of the content based on their organization/team memberships and collaborations, ignoring the public flag on organizations/repos etc.__
+
+Restricted users are limited to a subset of the content based on their organization/team memberships and collaborations, ignoring the public flag on organizations/repos etc.\_\_

 Example use case: A company runs a Gitea instance that requires login. Most repos are public (accessible/browseable by all co-workers).

 At some point, a customer or third party needs access to a specific repo and only that repo. Making such a customer account restricted and granting any needed access using team membership(s) and/or collaboration(s) is a simple way to achieve that without the need to make everything private.

-
 ### Enable Fail2ban

 Use [Fail2Ban]({{< relref "doc/usage/fail2ban-setup.en-us.md" >}}) to monitor and stop automated login attempts or other malicious behavior based on log patterns

 ## How to add/use custom themes
+
 Gitea supports two official themes right now, `gitea` and `arc-green` (`light` and `dark` respectively)  
-To add your own theme, currently the only way is to provide a complete theme (not just color overrides)  
-  
+To add your own theme, currently the only way is to provide a complete theme (not just color overrides)
+
 As an example, let's say our theme is `arc-blue` (this is a real theme, and can be found [in this issue](https://github.com/go-gitea/gitea/issues/6011))  
 Name the `.css` file `theme-arc-blue.css` and add it to your custom folder in `custom/pulic/css`  
 Allow users to use it by adding `arc-blue` to the list of `THEMES` in your `app.ini`

 ## SSHD vs built-in SSH
+
 SSHD is the built-in SSH server on most Unix systems.  
 Gitea also provides its own SSH server, for usage when SSHD is not available.

 ## Gitea is running slow
+
 The most common culprit for this is loading federated avatars.  
 This can be turned off by setting `ENABLE_FEDERATED_AVATAR` to `false` in your `app.ini`  
 Another option that may need to be changed is setting `DISABLE_GRAVATAR` to `true` in your `app.ini`

 ## Can't create repositories/files
+
 Make sure that Gitea has sufficient permissions to write to its home directory and data directory.  
 See [AppDataPath and RepoRootPath](#where-does-gitea-store-x-file)

@@ -190,22 +179,26 @@ See [AppDataPath and RepoRootPath](#where-does-gitea-store-x-file)
 Which makes all other paths non-writeable to Gitea.

 ## Translation is incorrect/how to add more translations
+
 Our translations are currently crowd-sourced on our [Crowdin project](https://crowdin.com/project/gitea)  
 Whether you want to change a translation or add a new one, it will need to be there as all translations are overwritten in our CI via the Crowdin integration.

 ## Hooks aren't running
+
 If Gitea is not running hooks, a common cause is incorrect setup of SSH keys.  
-See [SSH Issues](#ssh-issues) for more information.  
-  
+See [SSH Issues](#ssh-issues) for more information.
+
 You can also try logging into the administration panel and running the `Resynchronize pre-receive, update and post-receive hooks of all repositories.` option.

 ## SSH issues
+
 If you cannot reach repositories over `ssh`, but `https` works fine, consider looking into the following.

 First, make sure you can access Gitea via SSH.  
-`ssh git@myremote.example`  
+`ssh git@myremote.example`

 If the connection is successful, you should receive an error message like the following:
+
 ```
 Hi there, You've successfully authenticated, but Gitea does not provide shell access.
 If this is unexpected, please log in with password and setup Gitea under another user.
@@ -213,8 +206,8 @@ If this is unexpected, please log in with password and setup Gitea under another

 If you do not get the above message but still connect, it means your SSH key is **not** being managed by Gitea. This means hooks won't run, among other potential problems.

-If you cannot connect at all, your SSH key may not be configured correctly locally. 
-This is specific to SSH and not Gitea, so will not be covered here. 
+If you cannot connect at all, your SSH key may not be configured correctly locally.
+This is specific to SSH and not Gitea, so will not be covered here.

 ### SSH Common Errors

@@ -226,20 +219,20 @@ fatal: Could not read from remote repository.
 This error signifies that the server rejected a log in attempt, check the
 following things:

-* On the client:
-  * Ensure the public and private ssh keys are added to the correct Gitea user.
-  * Make sure there are no issues in the remote url. In particular, ensure the name of the
+- On the client:
+  - Ensure the public and private ssh keys are added to the correct Gitea user.
+  - Make sure there are no issues in the remote url. In particular, ensure the name of the
    git user (before the `@`) is spelled correctly.
-  * Ensure public and private ssh keys are correct on client machine.
-* On the server:
-  * Make sure the repository exists and is correctly named.
-  * Check the permissions of the `.ssh` directory in the system user's home directory.
-  * Verify that the correct public keys are added to `.ssh/authorized_keys`.  
+  - Ensure public and private ssh keys are correct on client machine.
+- On the server:
+  - Make sure the repository exists and is correctly named.
+  - Check the permissions of the `.ssh` directory in the system user's home directory.
+  - Verify that the correct public keys are added to `.ssh/authorized_keys`.  
    Try to run `Rewrite '.ssh/authorized_keys' file (for Gitea SSH keys)` on the
    Gitea admin panel.
-  * Read Gitea logs.
-  * Read /var/log/auth (or similar).
-  * Check permissions of repositories.
+  - Read Gitea logs.
+  - Read /var/log/auth (or similar).
+  - Check permissions of repositories.

 The following is an example of a missing public SSH key where authentication
 succeeded, but some other setting is preventing SSH from reaching the correct
@@ -254,58 +247,65 @@ and the repository exists.

 In this case, look into the following settings:

-* On the server:
-  * Make sure that the `git` system user has a usable shell set
-    * Verify this with `getent passwd git | cut -d: -f7`
-    * `usermod` or `chsh` can be used to modify this.
-  * Ensure that the `gitea serv` command in `.ssh/authorized_keys` uses the
+- On the server:
+  - Make sure that the `git` system user has a usable shell set
+    - Verify this with `getent passwd git | cut -d: -f7`
+    - `usermod` or `chsh` can be used to modify this.
+  - Ensure that the `gitea serv` command in `.ssh/authorized_keys` uses the
    correct configuration file.

 ## Missing releases after migrating repository with tags

-To migrate an repository *with* all tags, you need to do two things:
+To migrate an repository _with_ all tags, you need to do two things:
+
+- Push tags to the repository:

-* Push tags to the repository:
 ```
 git push --tags
- ```
- 
- * (Re-)sync tags of all repositories within Gitea:
- ```
- gitea admin repo-sync-releases
- ```
+```
+
+- (Re-)sync tags of all repositories within Gitea:
+
+```
+gitea admin repo-sync-releases
+```

 ## LFS Issues

 For issues concerning LFS data upload

 ```
-batch response: Authentication required: Authorization error: <GITEA_LFS_URL>/info/lfs/objects/batch                                                                                                              
+batch response: Authentication required: Authorization error: <GITEA_LFS_URL>/info/lfs/objects/batch
 Check that you have proper access to the repository
 error: failed to push some refs to '<GIT_REPO_URL>'
 ```
+
 Check the value of `LFS_HTTP_AUTH_EXPIRY` in your `app.ini` file.  
-By default, your LFS token will expire after 20 minutes. If you have a slow connection or a large file (or both), it may not finish uploading within the time limit. 
+By default, your LFS token will expire after 20 minutes. If you have a slow connection or a large file (or both), it may not finish uploading within the time limit.

 You may want to set this value to `60m` or `120m`.

 ## How can I create users before starting Gitea
+
 Gitea provides a sub-command `gitea migrate` to initialize the database, after which you can use the [admin CLI commands]({{< relref "doc/usage/command-line.en-us.md#admin" >}}) to add users like normal.

 ## How can I enable password reset
+
 There is no setting for password resets. It is enabled when a [mail service]({{< relref "doc/usage/email-setup.en-us.md" >}}) is configured, and disabled otherwise.

 ## How can a user's password be changed
+
 - As an **admin**, you can change any user's password (and optionally force them to change it on next login)...
-  - By navigating to your `Site Administration -> User Accounts` page and editing a user.  
+  - By navigating to your `Site Administration -> User Accounts` page and editing a user.
  - By using the [admin CLI commands]({{< relref "doc/usage/command-line.en-us.md#admin" >}}).  
-  Keep in mind most commands will also need a [global flag]({{< relref "doc/usage/command-line.en-us.md#global-options" >}}) to point the CLI at the correct configuration.
- As a **user** you can change it... 
+    Keep in mind most commands will also need a [global flag]({{< relref "doc/usage/command-line.en-us.md#global-options" >}}) to point the CLI at the correct configuration.
+- As a **user** you can change it...
  - In your account `Settings -> Account` page (this method **requires** you to know your current password).
  - By using the `Forgot Password` link.  
-   If the `Forgot Password/Account Recovery` page is disabled, please contact your administrator to configure a [mail service]({{< relref "doc/usage/email-setup.en-us.md" >}}).
-   
+    If the `Forgot Password/Account Recovery` page is disabled, please contact your administrator to configure a [mail service]({{< relref "doc/usage/email-setup.en-us.md" >}}).
+
 ## Why is my markdown broken
+
 In Gitea version `1.11` we moved to [goldmark](https://github.com/yuin/goldmark) for markdown rendering, which is [CommonMark](https://commonmark.org/) compliant.  
 If you have markdown that worked as you expected prior to version `1.11` and after upgrading it's not working anymore, please look through the CommonMark spec to see whether the problem is due to a bug or non-compliant syntax.  
 If it is the latter, _usually_ there is a compliant alternative listed in the spec.
@@ -336,3 +336,7 @@ for the database_name and run `ALTER TABLE table_name CONVERT TO CHARACTER SET u
 for each table in the database.

 You will also need to change the app.ini database charset to `CHARSET=utf8mb4`.
+
+## Why are Emoji displaying only as placeholders or in monochrome
+
+Gitea requires the system or browser to have one of the supported Emoji fonts installed, which are Apple Color Emoji, Segoe UI Emoji, Segoe UI Symbol, Noto Color Emoji and Twemoji Mozilla. Generally, the operating system should already provide one of these fonts, but especially on Linux, it may be necessary to install them manually.
--- a/docs/content/doc/help/search.en-us.md
+++ b/docs/content/doc/help/search.en-us.md
@@ -3,7 +3,7 @@ date: "2019-11-12T16:00:00+02:00"
 title: "Search"
 slug: "search"
 weight: 4
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -22,4 +22,3 @@ This file exists solely to respond to /search URL with the related `search` layo
 No content shown here is rendered, all content is based in the template layouts/doc/search.html

 Setting a very low sitemap priority will tell search engines this is not important content.
-
--- a/docs/content/doc/help/search.fr-fr.md
+++ b/docs/content/doc/help/search.fr-fr.md
@@ -3,7 +3,7 @@ date: "2019-11-12T16:00:00+02:00"
 title: "Chercher"
 slug: "search"
 weight: 4
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -22,4 +22,3 @@ This file exists solely to respond to /search URL with the related `search` layo
 No content shown here is rendered, all content is based in the template layouts/doc/search.html

 Setting a very low sitemap priority will tell search engines this is not important content.
-
--- a/docs/content/doc/help/search.zh-cn.md
+++ b/docs/content/doc/help/search.zh-cn.md
@@ -3,7 +3,7 @@ date: "2019-11-12T16:00:00+02:00"
 title: "搜索"
 slug: "search"
 weight: 4
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -22,4 +22,3 @@ This file exists solely to respond to /search URL with the related `search` layo
 No content shown here is rendered, all content is based in the template layouts/doc/search.html

 Setting a very low sitemap priority will tell search engines this is not important content.
-
--- a/docs/content/doc/help/search.zh-tw.md
+++ b/docs/content/doc/help/search.zh-tw.md
@@ -3,7 +3,7 @@ date: "2019-11-12T16:00:00+02:00"
 title: "搜索"
 slug: "search"
 weight: 4
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -22,4 +22,3 @@ This file exists solely to respond to /search URL with the related `search` layo
 No content shown here is rendered, all content is based in the template layouts/doc/search.html

 Setting a very low sitemap priority will tell search engines this is not important content.
-
--- a/docs/content/doc/help/seek-help.en-us.md
+++ b/docs/content/doc/help/seek-help.en-us.md
@@ -3,7 +3,7 @@ date: "2018-05-21T15:00:00+00:00"
 title: "Support Options"
 slug: "seek-help"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/help/seek-help.zh-cn.md
+++ b/docs/content/doc/help/seek-help.zh-cn.md
@@ -3,7 +3,7 @@ date: "2017-01-20T15:00:00+08:00"
 title: "需要帮助"
 slug: "seek-help"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/installation/database-preparation.en-us.md
+++ b/docs/content/doc/installation/database-preparation.en-us.md
@@ -3,7 +3,7 @@ date: "2020-01-16"
 title: "Database Preparation"
 slug: "database-prep"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -13,11 +13,17 @@ menu:
    identifier: "database-prep"
 ---

+# Database Preparation
+
 You need a database to use Gitea. Gitea supports PostgreSQL, MySQL, SQLite, and MSSQL. This page will guide into preparing database. Only PostgreSQL and MySQL will be covered here since those database engines are widely-used in production.

 Database instance can be on same machine as Gitea (local database setup), or on different machine (remote database).

-Note: All steps below requires that the database engine of your choice is installed on your system. For remote database setup, install the server part on database instance and client part on your Gitea server. In addition, make sure you use same engine version for both server and client for some engine features to work. For security reason, protect `root` (MySQL) or `postgres` (PostgreSQL) database superuser with secure password.  The steps assumes that you run Linux for both database and Gitea servers.
+Note: All steps below requires that the database engine of your choice is installed on your system. For remote database setup, install the server application on database instance and client program on your Gitea server. The client program is used to test connection to the database from Gitea server, while Gitea itself use database driver provided by Go to accomplish the same thing. In addition, make sure you use same engine version for both server and client for some engine features to work. For security reason, protect `root` (MySQL) or `postgres` (PostgreSQL) database superuser with secure password. The steps assumes that you run Linux for both database and Gitea servers.
+
+**Table of Contents**
+
+{{< toc >}}

 ## MySQL

@@ -26,6 +32,7 @@ Note: All steps below requires that the database engine of your choice is instal
    ```ini
    bind-address = 203.0.113.3
    ```
+
 2.  On database instance, login to database console as root:

    ```
@@ -34,7 +41,7 @@ Note: All steps below requires that the database engine of your choice is instal

    Enter the password as prompted.

-3.  Create database user which will be used by Gitea, authenticated by password. This example uses `'gitea'` as password. Please use a secure password for your instance. 
+3.  Create database user which will be used by Gitea, authenticated by password. This example uses `'gitea'` as password. Please use a secure password for your instance.

    For local database:

@@ -54,7 +61,7 @@ Note: All steps below requires that the database engine of your choice is instal

    Replace username and password above as appropriate.

-4.  Create database with UTF-8 charset and collation. Make sure to use `utf8mb4` charset instead of `utf8` as the former supports all Unicode characters (including emojis) beyond *Basic Multilingual Plane*. Also, collation chosen depending on your expected content. When in doubt, use either `unicode_ci` or `general_ci`.
+4.  Create database with UTF-8 charset and collation. Make sure to use `utf8mb4` charset instead of `utf8` as the former supports all Unicode characters (including emojis) beyond _Basic Multilingual Plane_. Also, collation chosen depending on your expected content. When in doubt, use either `unicode_ci` or `general_ci`.

    ```sql
    CREATE DATABASE giteadb CHARACTER SET 'utf8mb4' COLLATE 'utf8mb4_unicode_ci';
@@ -147,7 +154,7 @@ Note: All steps below requires that the database engine of your choice is instal
    Note: rules on `pg_hba.conf` are evaluated sequentially, that is the first matching rule will be used for authentication. Your PostgreSQL installation may come with generic authentication rules that match all users and databases. You may need to place the rules presented here above such generic rules if it is the case.

    Restart PostgreSQL to apply new authentication rules.
-    
+
 7.  On your Gitea server, test connection to the database.

    For local database:
@@ -183,9 +190,9 @@ The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both d

 1.  On the server with the database instance, place the following credentials:

-    -  `/path/to/postgresql.crt`: Database instance certificate
-    -  `/path/to/postgresql.key`: Database instance private key
-    -  `/path/to/root.crt`: CA certificate chain to validate client certificates
+    - `/path/to/postgresql.crt`: Database instance certificate
+    - `/path/to/postgresql.key`: Database instance private key
+    - `/path/to/root.crt`: CA certificate chain to validate client certificates

 2.  Add following options to `postgresql.conf`:

@@ -224,9 +231,9 @@ The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both d

 6.  On the server running the Gitea instance, place the following credentials under the home directory of the user who runs Gitea (e.g. `git`):

-    -  `~/.postgresql/postgresql.crt`: Database client certificate
-    -  `~/.postgresql/postgresql.key`: Database client private key
-    -  `~/.postgresql/root.crt`: CA certificate chain to validate server certificate
+    - `~/.postgresql/postgresql.crt`: Database client certificate
+    - `~/.postgresql/postgresql.key`: Database client private key
+    - `~/.postgresql/root.crt`: CA certificate chain to validate server certificate

    Note: Those file names above are hardcoded in PostgreSQL and it is not possible to change them.

@@ -245,19 +252,17 @@ The PostgreSQL driver used by Gitea supports two-way TLS. In two-way TLS, both d

    You should be prompted to enter password for the database user, and then be connected to the database.

-
 ### MySQL

 While the MySQL driver used by Gitea also supports two-way TLS, Gitea currently supports only one-way TLS. See issue #10828 for details.

 In one-way TLS, the database client verifies the certificate sent from server during the connection handshake, and the server assumes that the connected client is legitimate, since client certificate verification doesn't take place.

-
 1.  On the database instance, place the following credentials:

-    -  `/path/to/mysql.crt`: Database instance certificate
-    -  `/path/to/mysql.key`: Database instance key
-    -  `/path/to/ca.crt`: CA certificate chain. This file isn't used on one-way TLS, but is used to validate client certificates on two-way TLS.
+    - `/path/to/mysql.crt`: Database instance certificate
+    - `/path/to/mysql.key`: Database instance key
+    - `/path/to/ca.crt`: CA certificate chain. This file isn't used on one-way TLS, but is used to validate client certificates on two-way TLS.

 2.  Add following options to `my.cnf`:

--- a/docs/content/doc/installation/from-binary.en-us.md
+++ b/docs/content/doc/installation/from-binary.en-us.md
@@ -3,7 +3,7 @@ date: "2017-06-19T12:00:00+02:00"
 title: "Installation from binary"
 slug: "install-from-binary"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -16,9 +16,15 @@ menu:
 # Installation from binary

 All downloads come with SQLite, MySQL and PostgreSQL support, and are built with
-embedded assets. This can be different for older releases. Choose the file matching
-the destination platform from the [downloads page](https://dl.gitea.io/gitea/), copy
-the URL and replace the URL within the commands below:
+embedded assets. This can be different for older releases.
+
+**Table of Contents**
+
+{{< toc >}}
+
+## Download
+
+Choose the file matching the destination platform from the [downloads page](https://dl.gitea.io/gitea/), copy the URL and replace the URL within the commands below:

 ```sh
 wget -O gitea https://dl.gitea.io/gitea/{{< version >}}/gitea-{{< version >}}-linux-amd64
@@ -35,7 +41,7 @@ gpg --verify gitea-{{< version >}}-linux-amd64.asc gitea-{{< version >}}-linux-a

 ## Recommended server configuration

-**NOTE:** Many of the following directories can be configured using [Environment Variables]({{< relref "doc/advanced/specific-variables.en-us.md" >}}) as well!
+**NOTE:** Many of the following directories can be configured using [Environment Variables]({{< relref "doc/advanced/environment-variables.en-us.md" >}}) as well!
 Of note, configuring `GITEA_WORK_DIR` will tell Gitea where to base its working directory, as well as ease installation.

 ### Prepare environment
--- a/docs/content/doc/installation/from-binary.fr-fr.md
+++ b/docs/content/doc/installation/from-binary.fr-fr.md
@@ -3,7 +3,7 @@ date: "2017-08-23T09:00:00+02:00"
 title: "Installation avec le binaire pré-compilé"
 slug: "install-from-binary"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/installation/from-binary.zh-cn.md
+++ b/docs/content/doc/installation/from-binary.zh-cn.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "从二进制安装"
 slug: "install-from-binary"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/installation/from-binary.zh-tw.md
+++ b/docs/content/doc/installation/from-binary.zh-tw.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "執行檔安裝"
 slug: "install-from-binary"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/installation/from-package.en-us.md
+++ b/docs/content/doc/installation/from-package.en-us.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Installation from package"
 slug: "install-from-package"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
@@ -15,26 +15,33 @@ menu:

 # Installation from package

-## Debian
+**Table of Contents**

-Although there is a package of Gitea in Debian's [contrib](https://wiki.debian.org/SourcesList),
-it is not supported directly by us.
-
-Unfortunately, the package is not maintained anymore and broken because of missing sources.
-Please follow the [deployment from binary]({{< relref "from-binary.en-us.md" >}}) guide instead.
-
-Should the packages get updated and fixed, we will provide up-to-date installation instructions here.
+{{< toc >}}

 ## Alpine Linux

-Alpine Linux has gitea in its community repository. It follows the latest stable version.
-for more information look at https://pkgs.alpinelinux.org/packages?name=gitea&branch=edge.
+Alpine Linux has [Gitea](https://pkgs.alpinelinux.org/packages?name=gitea&branch=edge) in its community repository which follows the latest stable version.

-install as usual:
 ```sh
 apk add gitea
 ```
-config is found in **/etc/gitea/app.ini**
+
+## Arch Linux
+
+The rolling release distribution has [Gitea](https://www.archlinux.org/packages/community/x86_64/gitea/) in their official community repository and package updates are provided with new Gitea releases.
+
+```sh
+pacman -S gitea
+```
+
+## Arch Linux ARM
+
+Arch Linux ARM provides packages for [aarch64](https://archlinuxarm.org/packages/aarch64/gitea), [armv7h](https://archlinuxarm.org/packages/armv7h/gitea) and [armv6h](https://archlinuxarm.org/packages/armv6h/gitea).
+
+```sh
+pacman -S gitea
+```

 ## Windows

@@ -45,6 +52,7 @@ choco install gitea
 ```

 Or follow the [deployment from binary]({{< relref "from-binary.en-us.md" >}}) guide.
+
 ## macOS

 Currently, the only supported method of installation on MacOS is [Homebrew](http://brew.sh/).
@@ -81,10 +89,10 @@ To enable Gitea to run as a service, run `sysrc gitea_enable=YES` and start it w

 ## Cloudron

-Gitea is available as a 1-click install on [Cloudron](https://cloudron.io). 
+Gitea is available as a 1-click install on [Cloudron](https://cloudron.io).
 Cloudron makes it easy to run apps like Gitea on your server and keep them up-to-date and secure.

-[![Install](https://cloudron.io/img/button.svg)](https://cloudron.io/button.html?app=io.gitea.cloudronapp)
+[![Install](/cloudron.svg)](https://cloudron.io/button.html?app=io.gitea.cloudronapp)

 The Gitea package is maintained [here](https://git.cloudron.io/cloudron/gitea-app).

@@ -93,7 +101,7 @@ you can experiment with running Gitea.

 ## Third-party

-Various other third-party packages of Gitea exist. 
+Various other third-party packages of Gitea exist.
 To see a curated list, head over to [awesome-gitea](https://gitea.com/gitea/awesome-gitea/src/branch/master/README.md#user-content-packages).

 Do you know of an existing package that isn't on the list? Send in a PR to get it added!
--- a/docs/content/doc/installation/from-package.fr-fr.md
+++ b/docs/content/doc/installation/from-package.fr-fr.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "Installation depuis le gestionnaire de paquets"
 slug: "install-from-package"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/docs/content/doc/installation/from-package.zh-cn.md
+++ b/docs/content/doc/installation/from-package.zh-cn.md
@@ -3,7 +3,7 @@ date: "2016-12-01T16:00:00+02:00"
 title: "选择包安装"
 slug: "install-from-package"
 weight: 10
-toc: true
+toc: false
 draft: false
 menu:
  sidebar:
--- a/Show More
+++ b/Show More