Resolved Conflicts

Signed-off-by: Konrad <konrad@kola-entertainments.de>

.changelog.yml

@@ -0,0 +1,44 @@
+repo: go-gitea/gitea
+groups:
+  - 
+    name: BREAKING
+    labels:
+      - kind/breaking
+  - 
+    name: FEATURE
+    labels:
+      - kind/feature
+  -
+    name: BUGFIXES
+    labels:
+      - kind/bug
+  - 
+    name: ENHANCEMENT
+    labels:
+      - kind/enhancement
+      - kind/refactor
+      - kind/ui
+  -
+    name: SECURITY
+    labels:
+      - kind/security
+  - 
+    name: TESTING
+    labels:
+      - kind/testing
+  - 
+    name: TRANSLATION
+    labels:
+      - kind/translation
+  - 
+    name: BUILD
+    labels:
+      - kind/build
+      - kind/lint
+  - 
+    name: DOCS
+    labels:
+      - kind/docs
+  - 
+    name: MISC
+    default: true

.drone.yml

@@ -2,12 +2,13 @@ workspace:
   base: /srv/app
   path: src/code.gitea.io/gitea
 
-pipeline:
-  clone:
-    image: plugins/git
+clone:
+  git:
+    image: plugins/git:1
     depth: 50
     tags: true
 
+pipeline:
   build:
     image: webhippie/golang:edge
     pull: true
@@ -15,7 +16,6 @@ pipeline:
       TAGS: bindata sqlite
       GOPATH: /srv/app
     commands:
-      - apk -U add openssh-client
       - make clean
       - make generate
       - make vet
@@ -30,43 +30,32 @@ pipeline:
   test:
     image: webhippie/golang:edge
     pull: true
+    group: test
     environment:
       TAGS: bindata sqlite
       GOPATH: /srv/app
     commands:
-      - apk -U add openssh-client
       - make test
-    when:
-      event: [ tag, pull_request ]
-
-  test-coverage:
-    image: webhippie/golang:edge
-    pull: true
-    environment:
-      TAGS: bindata sqlite
-      GOPATH: /srv/app
-    commands:
-      - apk -U add openssh-client
-      - go get github.com/wadey/gocovmerge
-      - make test-coverage
-    when:
-      event: [ push ]
-      branch: master
-
-  test-sqlite:
-    image: webhippie/golang:edge
-    pull: true
-    environment:
-      TAGS: bindata
-      GOPATH: /srv/app
-    commands:
-      - echo "Needs to be fixed" # make test-sqlite
     when:
       event: [ push, tag, pull_request ]
 
+  # Commented until db locking have been resolved!
+  # test-sqlite:
+  #   image: webhippie/golang:edge
+  #   pull: true
+  #   group: test
+  #   environment:
+  #     TAGS: bindata
+  #     GOPATH: /srv/app
+  #   commands:
+  #     - make test-sqlite
+  #   when:
+  #     event: [ push, tag, pull_request ]
+
   test-mysql:
     image: webhippie/golang:edge
     pull: true
+    group: test
     environment:
       TAGS: bindata
       GOPATH: /srv/app
@@ -78,6 +67,7 @@ pipeline:
   test-pgsql:
     image: webhippie/golang:edge
     pull: true
+    group: test
     environment:
       TAGS: bindata
       GOPATH: /srv/app
@@ -86,6 +76,12 @@ pipeline:
     when:
       event: [ push, tag, pull_request ]
 
+  # coverage:
+  #   image: plugins/coverage:latest
+  #   pull: true
+  #   secrets: [ github_token ]
+  #   server: https://coverage.gitea.io
+
   static:
     image: karalabe/xgo-latest:latest
     pull: true
@@ -97,16 +93,10 @@ pipeline:
     when:
       event: [ push, tag ]
 
-  # coverage:
-  #   image: plugins/coverage
-  #   server: https://coverage.gitea.io
-  #   when:
-  #     event: [ push ]
-  #     branch: master
-
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ '${DRONE_TAG##v}' ]
     when:
@@ -114,8 +104,9 @@ pipeline:
       branch: [ refs/tags/* ]
 
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ '${DRONE_BRANCH##release/v}' ]
     when:
@@ -123,8 +114,9 @@ pipeline:
       branch: [ release/* ]
 
   docker:
-    image: plugins/docker
+    image: plugins/docker:17.05
     pull: true
+    secrets: [ docker_username, docker_password ]
     repo: gitea/gitea
     tags: [ 'latest' ]
     when:
@@ -132,7 +124,10 @@ pipeline:
       branch: [ master ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ s3_access_key, s3_secret_key ]
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
@@ -142,7 +137,10 @@ pipeline:
       branch: [ refs/tags/* ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ s3_access_key, s3_secret_key ]
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
@@ -152,7 +150,10 @@ pipeline:
       branch: [ release/* ]
 
   release:
-    image: plugins/s3
+    image: plugins/s3:1
+    pull: true
+    secrets: [ s3_access_key, s3_secret_key ]
+    endpoint: https://storage.gitea.io
     path_style: true
     strip_prefix: dist/release/
     source: dist/release/*
@@ -162,7 +163,8 @@ pipeline:
       branch: [ master ]
 
   github:
-    image: plugins/github-release
+    image: plugins/github-release:1
+    pull: true
     files:
       - dist/release/*
     when:
@@ -170,9 +172,9 @@ pipeline:
       branch: [ refs/tags/* ]
 
   discord:
-    image: appleboy/drone-discord:0.0.4
-    webhook_id: ${WEBHOOK_ID}
-    webhook_token: ${WEBHOOK_TOKEN}
+    image: appleboy/drone-discord:1.0.0
+    pull: true
+    secrets: [ discord_webhook_id, discord_webhook_token ]
     when:
       event: [ push, tag, pull_request ]
       status: [ changed, failure ]

.gitignore

@@ -45,4 +45,6 @@ _testmain.go
 /indexers
 /log
 /public/img/avatar
-/integrations/gitea-integration
+/integrations/gitea-integration-mysql
+/integrations/gitea-integration-pgsql
+/integrations/gitea-integration-sqlite

CHANGELOG.md

@@ -6,6 +6,15 @@
   * Password reset URL changed from `/user/forget_password` to `/user/forgot_password`
   * SSH keys management URL changed from `/user/settings/ssh` to `/user/settings/keys`
 
+## [1.1.4](https://github.com/go-gitea/gitea/releases/tag/v1.1.4) - 2017-09-04
+
+* BUGFIXES
+  * Fix rendering of external links (#2292) (#2315)
+  * Fix deleted milestone bug (#1942) (#2300)
+  * fix 500 error when view an issue which's milestone deleted (#2297) (#2299)
+  * Fix SHA1 hash linking (#2143) (#2293)
+  * back port from #1709 (#2291)
+
 ## [1.1.3](https://github.com/go-gitea/gitea/releases/tag/v1.1.3) - 2017-08-03
 
 * BUGFIXES

CONTRIBUTING.md

@@ -8,6 +8,7 @@
   - [Discuss your design](#discuss-your-design)
   - [Testing redux](#testing-redux)
   - [Vendoring](#vendoring)
+  - [Translation](#translation)
   - [Code review](#code-review)
   - [Styleguide](#styleguide)
   - [Sign your work](#sign-your-work)
@@ -19,47 +20,100 @@
 
 ## Introduction
 
-This document explains how to contribute changes to the Gitea project. It assumes you have followed the [installation instructions](https://docs.gitea.io/en-us/). Sensitive security-related issues should be reported to [security@gitea.io](mailto:security@gitea.io).
+This document explains how to contribute changes to the Gitea project.
+It assumes you have followed the
+[installation instructions](https://docs.gitea.io/en-us/).
+Sensitive security-related issues should be reported to
+[security@gitea.io](mailto:security@gitea.io).
 
 ## Bug reports
 
-Please search the issues on the issue tracker with a variety of keywords to ensure your bug is not already reported.
+Please search the issues on the issue tracker with a variety of keywords
+to ensure your bug is not already reported.
 
-If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new) and answer the questions so we can understand and reproduce the problematic behavior.
+If unique, [open an issue](https://github.com/go-gitea/gitea/issues/new)
+and answer the questions so we can understand and reproduce the
+problematic behavior.
 
-To show us that the issue you are having is in Gitea itself, please write clear, concise instructions so we can reproduce the behavior (even if it seems obvious). The more detailed and specific you are, the faster we can fix the issue. Check out [How to Report Bugs Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html).
+To show us that the issue you are having is in Gitea itself, please
+write clear, concise instructions so we can reproduce the behavior
+(even if it seems obvious). The more detailed and specific you are,
+the faster we can fix the issue. Check out [How to Report Bugs
+Effectively](http://www.chiark.greenend.org.uk/~sgtatham/bugs.html).
 
-Please be kind, remember that Gitea comes at no cost to you, and you're getting free help.
+Please be kind, remember that Gitea comes at no cost to you, and you're
+getting free help.
 
 ## Discuss your design
 
-The project welcomes submissions but please let everyone know what you're working on if you want to change or add something to the Gitea repositories.
+The project welcomes submissions but please let everyone know what
+you're working on if you want to change or add something to the Gitea
+repositories.
 
-Before starting to write something new for the Gitea project, please [file an issue](https://github.com/go-gitea/gitea/issues/new). Significant changes must go through the [change proposal process](https://github.com/go-gitea/proposals) before they can be accepted.
+Before starting to write something new for the Gitea project, please [file
+an issue](https://github.com/go-gitea/gitea/issues/new). Significant
+changes must go through the [change proposal
+process](https://github.com/go-gitea/proposals) before they can be
+accepted.
 
-This process gives everyone a chance to validate the design, helps prevent duplication of effort, and ensures that the idea fits inside the goals for the project and tools. It also checks that the design is sound before code is written; the code review tool is not the place for high-level discussions.
+This process gives everyone a chance to validate the design, helps
+prevent duplication of effort, and ensures that the idea fits inside
+the goals for the project and tools. It also checks that the design is
+sound before code is written; the code review tool is not the place for
+high-level discussions.
 
 ## Testing redux
 
-Before sending code out for review, run all the tests for the whole tree to make sure the changes don't break other usage and keep the compatibility on upgrade. To make sure you are running the test suite exactly like we do, you should install the CLI for [Drone CI](https://github.com/drone/drone), as we are using the server for continous testing, following [these instructions](http://readme.drone.io/usage/getting-started-cli). After that you can simply call `drone exec` within your working directory and it will try to run the test suite locally.
+Before sending code out for review, run all the tests for the
+whole tree to make sure the changes don't break other usage
+and keep the compatibility on upgrade. To make sure you are
+running the test suite exactly like we do, you should install
+the CLI for [Drone CI](https://github.com/drone/drone), as
+we are using the server for continous testing, following [these
+instructions](http://readme.drone.io/usage/getting-started-cli). After
+that you can simply call `drone exec` within your working directory and
+it will try to run the test suite locally.
 
 ## Vendoring
 
-We keep a cached copy of dependencies within the `vendor/` directory, managing updates via [govendor](http://github.com/kardianos/govendor).
+We keep a cached copy of dependencies within the `vendor/` directory,
+managing updates via [govendor](http://github.com/kardianos/govendor).
 
-Pull requests should only include `vendor/` updates if they are part of the same change, be it a bugfix or a feature addition.
+Pull requests should only include `vendor/` updates if they are part of
+the same change, be it a bugfix or a feature addition.
 
-The `vendor/` update needs to be justified as part of the PR description, and must be verified by the reviewers and/or merger to always reference an existing upstream commit.
+The `vendor/` update needs to be justified as part of the PR description,
+and must be verified by the reviewers and/or merger to always reference
+an existing upstream commit.
+
+## Translation
+
+We do all translation work inside [Crowdin](https://crowdin.com/project/gitea).
+The only translation that is maintained in this git repository is
+[`en_US.ini`](https://github.com/go-gitea/gitea/blob/master/options/locale/locale_en-US.ini)
+and is synced regularily to Crowdin. Once a translation has reached
+A SATISFACTORY PERCENTAGE it will be synced back into this repo and
+included in the next released version.
 
 ## Code review
 
-Changes to Gitea must be reviewed before they are accepted, no matter who makes the change even if it is an owner or a maintainer. We use GitHub's pull request workflow to do that and we also use [LGTM](http://lgtm.co) to ensure every PR is reviewed by at least 2 maintainers.
+Changes to Gitea must be reviewed before they are accepted, no matter who
+makes the change even if it is an owner or a maintainer. We use GitHub's
+pull request workflow to do that and we also use [LGTM](http://lgtm.co)
+to ensure every PR is reviewed by at least 2 maintainers.
 
-Please try to make your pull request easy to review for us. Please read the "[How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md)" guide, it has lots of useful tips for any project you may want to contribute. Some of the key points:
+Please try to make your pull request easy to review for us.
+Please read the [How to get faster PR reviews](https://github.com/kubernetes/community/blob/master/contributors/devel/faster_reviews.md) guide,
+it has lots of useful tips for any project you may want to contribute.
+Some of the key points:
 
-* Make small pull requests. The smaller, the faster to review and the more likely it will be merged soon.
-* Don't make changes unrelated to your PR. Maybe there are typos on some comments, maybe refactoring would be welcome on a function... but if that is not related to your PR, please make *another* PR for that.
-* Split big pull requests into multiple small ones. An incremental change will be faster to review than a huge PR.
+* Make small pull requests. The smaller, the faster to review and the
+  more likely it will be merged soon.
+* Don't make changes unrelated to your PR. Maybe there are typos on
+  some comments, maybe refactoring would be welcome on a function... but
+  if that is not related to your PR, please make *another* PR for that.
+* Split big pull requests into multiple small ones. An incremental change
+  will be faster to review than a huge PR.
 
 ## Styleguide
 
@@ -82,35 +136,82 @@ import (
 
 ## Sign your work
 
-The sign-off is a simple line at the end of the explanation for the patch. Your signature certifies that you wrote the patch or otherwise have the right to pass it on as an open-source patch. The rules are pretty simple: If you can certify [DCO](DCO), then you just add a line to every git commit message:
+The sign-off is a simple line at the end of the explanation for the
+patch. Your signature certifies that you wrote the patch or otherwise
+have the right to pass it on as an open-source patch. The rules are
+pretty simple: If you can certify [DCO](DCO), then you just add a line
+to every git commit message:
 
 ```
 Signed-off-by: Joe Smith <joe.smith@email.com>
 ```
 
-Please use your real name, we really dislike pseudonyms or anonymous contributions. We are in the open-source world without secrets. If you set your `user.name` and `user.email` git configs, you can sign your commit automatically with `git commit -s`.
+Please use your real name, we really dislike pseudonyms or anonymous
+contributions. We are in the open-source world without secrets. If you
+set your `user.name` and `user.email` git configs, you can sign your
+commit automatically with `git commit -s`.
 
 ## Release Cycle
 
-We adopted a release schedule to streamline the process of working on, finishing, and issuing releases. The overall goal is to make a major release every two months, which breaks down into one month of general development followed by one month of testing and polishing known as the release freeze. A release is maintained by issuing minor releases to only correct critical problems such as crashes or security issues. All the feature pull requests should be merged in the first month of one release period. 
+We adopted a release schedule to streamline the process of working
+on, finishing, and issuing releases. The overall goal is to make a
+minor release every two months, which breaks down into one month of
+general development followed by one month of testing and polishing
+known as the release freeze. All the feature pull requests should be
+merged in the first month of one release period and during the frozen
+period a corresponding release branch is open for fix backported from
+master. Release candidate are made along this period for user testing to
+obtain a final version that is maintained in this branch. A release is
+maintained by issuing patch releases to only correct critical problems
+such as crashes or security issues.
 
-The current release cycle is aligned to start on December 25 to February 24, next is February 25 to April 24, and etc. On this cycle, we also maybe publish the previous release minor version. For example, the current release version is v1.1, but we maybe also publish v1.0.2. When we publish v1.2, then we will stop publish v1.0.3.
+The current release cycle is aligned to start on December 25 to February
+24, next is February 25 to April 24, and etc. On this cycle, we also
+maybe publish the previous release minor version. For example, the
+current release version is v1.1, but we maybe also publish v1.0.2. When
+we publish v1.2, then we will stop publish v1.0.3.
 
 ## Maintainers
 
-To make sure every PR is checked, we have [team maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least two maintainers (or owners) before it can get merged. A maintainer should be a contributor of Gitea (or Gogs) and contributed at least 4 accepted PRs. A contributor should apply as a maintainer in the [Discord](https://discord.gg/NsatcWJ) #develop channel. The owners or the team maintainers may invite the contributor. A maintainer should spend some time on code reviews. If a maintainer has no time to do that, they should apply to leave the maintainers team and we will give them the honor of being a member of the [advisors team](https://github.com/orgs/go-gitea/teams/advisors). Of course, if an advisor has time to code review, we will gladly welcome them back to the maintainers team. If a maintainer is inactive for more than 3 months and forgets to leave the maintainers team, the owners may move him or her from the maintainers team to the advisors team.
+To make sure every PR is checked, we have [team
+maintainers](MAINTAINERS). Every PR **MUST** be reviewed by at least
+two maintainers (or owners) before it can get merged. A maintainer
+should be a contributor of Gitea (or Gogs) and contributed at least
+4 accepted PRs. A contributor should apply as a maintainer in the
+[Discord](https://discord.gg/NsatcWJ) #develop channel. The owners
+or the team maintainers may invite the contributor. A maintainer
+should spend some time on code reviews. If a maintainer has no
+time to do that, they should apply to leave the maintainers team
+and we will give them the honor of being a member of the [advisors
+team](https://github.com/orgs/go-gitea/teams/advisors). Of course, if
+an advisor has time to code review, we will gladly welcome them back
+to the maintainers team. If a maintainer is inactive for more than 3
+months and forgets to leave the maintainers team, the owners may move
+him or her from the maintainers team to the advisors team.
 
 ## Owners
 
-Since Gitea is a pure community organization without any company support, to keep the development healthy we will elect three owners every year. All contributors may vote to elect up to three candidates, one of which will be the main owner, and the other two the assistant owners. When the new owners have been elected, the old owners will give up ownership to the newly elected owners. If an owner is unable to do so, the other owners will assist in ceding ownership to the newly elected owners.
+Since Gitea is a pure community organization without any company support,
+to keep the development healthy we will elect three owners every year. All
+contributors may vote to elect up to three candidates, one of which will
+be the main owner, and the other two the assistant owners. When the new
+owners have been elected, the old owners will give up ownership to the
+newly elected owners. If an owner is unable to do so, the other owners
+will assist in ceding ownership to the newly elected owners.
 
-After the election, the new owners should proactively agree with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the [Discord](https://discord.gg/NsatcWJ) #general channel. Below are the words to speak:
+After the election, the new owners should proactively agree
+with our [CONTRIBUTING](CONTRIBUTING.md) requirements in the
+[Discord](https://discord.gg/NsatcWJ) #general channel. Below are the
+words to speak:
 
 ```
-I'm honored to having been elected an owner of Gitea, I agree with [CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea and lead the development of Gitea.
+I'm honored to having been elected an owner of Gitea, I agree with
+[CONTRIBUTING](CONTRIBUTING.md). I will spend part of my time on Gitea
+and lead the development of Gitea.
 ```
 
-To honor the past owners, here's the history of the owners and the time they served:
+To honor the past owners, here's the history of the owners and the time
+they served:
 
 * 2016-11-04 ~ 2017-12-31
   * [Lunny Xiao](https://github.com/lunny) <xiaolunwen@gmail.com>
@@ -119,9 +220,16 @@ To honor the past owners, here's the history of the owners and the time they ser
 
 ## Versions
 
-Gitea has the `master` branch as a tip branch and has version branches such as `v0.9`. `v0.9` is a release branch and we will tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept pull requests on the `v0.9` branch and publish a `v0.9.1` tag, after bringing the bug fix also to the master branch.
+Gitea has the `master` branch as a tip branch and has version branches
+such as `release/v0.9`. `release/v0.9` is a release branch and we will
+tag `v0.9.0` for binary download. If `v0.9.0` has bugs, we will accept
+pull requests on the `release/v0.9` branch and publish a `v0.9.1` tag,
+after bringing the bug fix also to the master branch.
 
-Since the `master` branch is a tip version, if you wish to use Gitea in production, please download the latest release tag version. All the branches will be protected via GitHub, all the PRs to every branch must be reviewed by two maintainers and must pass the automatic tests.
+Since the `master` branch is a tip version, if you wish to use Gitea
+in production, please download the latest release tag version. All the
+branches will be protected via GitHub, all the PRs to every branch must
+be reviewed by two maintainers and must pass the automatic tests.
 
 ## Copyright
 
@@ -133,4 +241,6 @@ Code that you contribute should use the standard copyright header:
 // license that can be found in the LICENSE file.
 ```
 
-Files in the repository contain copyright from the year they are added to the year they are last changed. If the copyright author is changed, just paste the header below the old one.
+Files in the repository contain copyright from the year they are added
+to the year they are last changed. If the copyright author is changed,
+just paste the header below the old one.

Dockerfile

@@ -24,7 +24,7 @@ RUN addgroup \
     -u 1000 \
     -G git \
     git && \
-  echo "git:$(date +%s | sha256sum | base64 | head -c 32)" | chpasswd
+  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
 
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea

Dockerfile.aarch64

@@ -23,7 +23,7 @@ RUN addgroup \
     -u 1000 \
     -G git \
     git && \
-  echo "git:$(date +%s | sha256sum | base64 | head -c 32)" | chpasswd
+  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
 
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea

Dockerfile.rpi

@@ -24,7 +24,7 @@ RUN addgroup \
     -u 1000 \
     -G git \
     git && \
-  echo "git:$(date +%s | sha256sum | base64 | head -c 32)" | chpasswd
+  echo "git:$(dd if=/dev/urandom bs=24 count=1 status=none | base64)" | chpasswd
 
 ENV USER git
 ENV GITEA_CUSTOM /data/gitea

Makefile

@@ -1,6 +1,7 @@
 DIST := dist
 IMPORT := code.gitea.io/gitea
 
+GO ?= go
 SED_INPLACE := sed -i
 
 ifeq ($(OS), Windows_NT)
@@ -24,7 +25,7 @@ EXTRA_GOFLAGS ?=
 
 LDFLAGS := -X "main.Version=$(shell git describe --tags --always | sed 's/-/+/' | sed 's/^v//')" -X "main.Tags=$(TAGS)"
 
-PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations,$(shell go list ./... | grep -v /vendor/))
+PACKAGES ?= $(filter-out code.gitea.io/gitea/integrations,$(shell $(GO) list ./... | grep -v /vendor/))
 SOURCES ?= $(shell find . -name "*.go" -type f)
 
 TAGS ?=
@@ -52,11 +53,11 @@ all: build
 
 .PHONY: clean
 clean:
-	go clean -i ./...
-	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA)
+	$(GO) clean -i ./...
+	rm -rf $(EXECUTABLE) $(DIST) $(BINDATA) integrations*.test integrations/gitea-integration-pgsql/ integrations/gitea-integration-mysql/ integrations/gitea-integration-sqlite/
 
 required-gofmt-version:
-	@go version  | grep -q '\(1.7\|1.8\)' || { echo "We require go version 1.7 or 1.8 to format code" >&2 && exit 1; }
+	@$(GO) version  | grep -q '\(1.7\|1.8\)' || { echo "We require go version 1.7 or 1.8 to format code" >&2 && exit 1; }
 
 .PHONY: fmt
 fmt: required-gofmt-version
@@ -64,19 +65,19 @@ fmt: required-gofmt-version
 
 .PHONY: vet
 vet:
-	go vet $(PACKAGES)
+	$(GO) vet $(PACKAGES)
 
 .PHONY: generate
 generate:
 	@hash go-bindata > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/jteeuwen/go-bindata/...; \
+		$(GO) get -u github.com/jteeuwen/go-bindata/...; \
 	fi
-	go generate $(PACKAGES)
+	$(GO) generate $(PACKAGES)
 
 .PHONY: generate-swagger
 generate-swagger:
 	@hash swagger > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/go-swagger/go-swagger/cmd/swagger; \
+		$(GO) get -u github.com/go-swagger/go-swagger/cmd/swagger; \
 	fi
 	swagger generate spec -o ./public/swagger.v1.json
 	$(SED_INPLACE) "s;\".ref\": \"#/definitions/GPGKey\";\"type\": \"object\";g" ./public/swagger.v1.json
@@ -85,28 +86,28 @@ generate-swagger:
 .PHONY: errcheck
 errcheck:
 	@hash errcheck > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/kisielk/errcheck; \
+		$(GO) get -u github.com/kisielk/errcheck; \
 	fi
 	errcheck $(PACKAGES)
 
 .PHONY: lint
 lint:
 	@hash golint > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/golang/lint/golint; \
+		$(GO) get -u github.com/golang/lint/golint; \
 	fi
 	for PKG in $(PACKAGES); do golint -set_exit_status $$PKG || exit 1; done;
 
 .PHONY: misspell-check
 misspell-check:
 	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/client9/misspell/cmd/misspell; \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
 	fi
 	misspell -error -i unknwon $(GOFILES)
 
 .PHONY: misspell
 misspell:
 	@hash misspell > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/client9/misspell/cmd/misspell; \
+		$(GO) get -u github.com/client9/misspell/cmd/misspell; \
 	fi
 	misspell -w -i unknwon $(GOFILES)
 
@@ -122,12 +123,12 @@ fmt-check: required-gofmt-version
 
 .PHONY: test
 test: fmt-check
-	go test $(PACKAGES)
+	$(GO) test $(PACKAGES)
 
-.PHONY: test-coverage
-test-coverage: unit-test-coverage integration-test-coverage
+.PHONY: coverage
+coverage: unit-test-coverage integration-test-coverage
 	@hash gocovmerge > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/wadey/gocovmerge; \
+		$(GO) get -u github.com/wadey/gocovmerge; \
 	fi
 	for PKG in $(PACKAGES); do\
 	  touch $$GOPATH/src/$$PKG/coverage.out;\
@@ -139,12 +140,12 @@ test-coverage: unit-test-coverage integration-test-coverage
 
 .PHONY: unit-test-coverage
 unit-test-coverage:
-	for PKG in $(PACKAGES); do go test -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
+	for PKG in $(PACKAGES); do $(GO) test -cover -coverprofile $$GOPATH/src/$$PKG/coverage.out $$PKG || exit 1; done;
 
 .PHONY: test-vendor
 test-vendor:
 	@hash govendor > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/kardianos/govendor; \
+		$(GO) get -u github.com/kardianos/govendor; \
 	fi
 	govendor list +unused | tee "$(TMPDIR)/wc-gitea-unused"
 	[ $$(cat "$(TMPDIR)/wc-gitea-unused" | wc -l) -eq 0 ] || echo "Warning: /!\\ Some vendor are not used /!\\"
@@ -159,12 +160,12 @@ test-sqlite: integrations.sqlite.test
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test
 
 .PHONY: test-mysql
-test-mysql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test
+test-mysql: integrations.mysql.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test
 
 .PHONY: test-pgsql
-test-pgsql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test
+test-pgsql: integrations.pgsql.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test
 
 
 .PHONY: bench-sqlite
@@ -172,39 +173,42 @@ bench-sqlite: integrations.sqlite.test
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/sqlite.ini ./integrations.sqlite.test -test.bench .
 
 .PHONY: bench-mysql
-bench-mysql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.test -test.bench .
+bench-mysql: integrations.mysql.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.mysql.test -test.bench .
 
 .PHONY: bench-pgsql
-bench-pgsql: integrations.test
-	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.test -test.bench .
+bench-pgsql: integrations.pgsql.test
+	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/pgsql.ini ./integrations.pgsql.test -test.bench .
 
 
 .PHONY: integration-test-coverage
 integration-test-coverage: integrations.cover.test
 	GITEA_ROOT=${CURDIR} GITEA_CONF=integrations/mysql.ini ./integrations.cover.test -test.coverprofile=integration.coverage.out
 
-integrations.test: $(SOURCES)
-	go test -c code.gitea.io/gitea/integrations
+integrations.mysql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.mysql.test
+
+integrations.pgsql.test: $(SOURCES)
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.pgsql.test
 
 integrations.sqlite.test: $(SOURCES)
-	go test -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite'
+	$(GO) test -c code.gitea.io/gitea/integrations -o integrations.sqlite.test -tags 'sqlite'
 
 integrations.cover.test: $(SOURCES)
-	go test -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(PACKAGES) | tr ' ' ',') -o integrations.cover.test
+	$(GO) test -c code.gitea.io/gitea/integrations -coverpkg $(shell echo $(PACKAGES) | tr ' ' ',') -o integrations.cover.test
 
 .PHONY: check
 check: test
 
 .PHONY: install
 install: $(wildcard *.go)
-	go install -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
+	$(GO) install -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
 
 .PHONY: build
 build: $(EXECUTABLE)
 
 $(EXECUTABLE): $(SOURCES)
-	go build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
+	$(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
 
 .PHONY: docker
 docker:
@@ -221,7 +225,7 @@ release-dirs:
 .PHONY: release-windows
 release-windows:
 	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/karalabe/xgo; \
+		$(GO) get -u github.com/karalabe/xgo; \
 	fi
 	xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
 ifeq ($(CI),drone)
@@ -231,7 +235,7 @@ endif
 .PHONY: release-linux
 release-linux:
 	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/karalabe/xgo; \
+		$(GO) get -u github.com/karalabe/xgo; \
 	fi
 	xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'linux/*' -out gitea-$(VERSION) .
 ifeq ($(CI),drone)
@@ -241,7 +245,7 @@ endif
 .PHONY: release-darwin
 release-darwin:
 	@hash xgo > /dev/null 2>&1; if [ $$? -ne 0 ]; then \
-		go get -u github.com/karalabe/xgo; \
+		$(GO) get -u github.com/karalabe/xgo; \
 	fi
 	xgo -dest $(DIST)/binaries -tags 'netgo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin/*' -out gitea-$(VERSION) .
 ifeq ($(CI),drone)
@@ -278,15 +282,15 @@ stylesheets: public/css/index.css
 .IGNORE: public/css/index.css
 public/css/index.css: $(STYLESHEETS)
 	@which lessc > /dev/null; if [ $$? -ne 0 ]; then \
-		go get -u github.com/kib357/less-go/lessc; \
+		$(GO) get -u github.com/kib357/less-go/lessc; \
 	fi
 	lessc -i $< -o $@
 
 .PHONY: swagger-ui
 swagger-ui:
-	rm -Rf public/assets/swagger-ui
+	rm -Rf public/vendor/assets/swagger-ui
 	git clone --depth=10 -b v3.0.7 --single-branch https://github.com/swagger-api/swagger-ui.git $(TMPDIR)/swagger-ui
-	mv $(TMPDIR)/swagger-ui/dist public/assets/swagger-ui
+	mv $(TMPDIR)/swagger-ui/dist public/vendor/assets/swagger-ui
 	rm -Rf $(TMPDIR)/swagger-ui
 	$(SED_INPLACE) "s;http://petstore.swagger.io/v2/swagger.json;../../swagger.v1.json;g" public/assets/swagger-ui/index.html
 

README.md

@@ -3,7 +3,8 @@
 # Gitea - Git with a cup of tea
 
 [![Build Status](https://drone.gitea.io/api/badges/go-gitea/gitea/status.svg)](https://drone.gitea.io/go-gitea/gitea)
-[![Join the chat at https://img.shields.io/discord/322538954119184384.svg](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
+[![Join the Discord chat at https://discord.gg/NsatcWJ](https://img.shields.io/discord/322538954119184384.svg)](https://discord.gg/NsatcWJ)
+[![Join the Matrix chat at https://matrix.to/#/#gitea:matrix.org](https://img.shields.io/badge/matrix-%23gitea%3Amatrix.org-7bc9a4.svg)](https://matrix.to/#/#gitea:matrix.org)
 [![](https://images.microbadger.com/badges/image/gitea/gitea.svg)](https://microbadger.com/images/gitea/gitea "Get your own image badge on microbadger.com")
 [![Coverage Status](https://coverage.gitea.io/badges/go-gitea/gitea/coverage.svg)](https://coverage.gitea.io/go-gitea/gitea)
 [![Go Report Card](https://goreportcard.com/badge/code.gitea.io/gitea)](https://goreportcard.com/report/code.gitea.io/gitea)
@@ -18,7 +19,16 @@
 
 ## Purpose
 
-The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across **all platforms** which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it [with the online demo](https://try.gitea.io/)! This project has been [forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from [Gogs](https://gogs.io).
+The goal of this project is to make the easiest, fastest, and most
+painless way of setting up a self-hosted Git service.
+Using Go, this can be done with an independent binary distribution across
+**all platforms** which Go supports, including Linux, macOS, and Windows
+on x86, amd64, ARM and PowerPC architectures.
+Want to try it before doing anything else?
+Do it [with the online demo](https://try.gitea.io/)!
+This project has been
+[forked](https://blog.gitea.io/2016/12/welcome-to-gitea/) from
+[Gogs](https://gogs.io).
 
 ## Notes
 
@@ -28,7 +38,12 @@ The goal of this project is to make the easiest, fastest, and most painless way
 
 ## Docs
 
-For more information and instructions about how to install Gitea please look at our [documentation](https://docs.gitea.io/en-us/). If you cannot find some specific information, then head over to our [Discord](https://discord.gg/NsatcWJ) server to chat with us or use the [forum](https://discourse.gitea.io/).
+For more information and instructions about how to install Gitea
+please look at our [documentation](https://docs.gitea.io/en-us/).
+If you cannot find some specific information, then head over to
+our [Discord server](https://discord.gg/NsatcWJ)
+or [Matrix room](https://matrix.to/#/#gitea:matrix.org) to chat with us
+or use the [forum](https://discourse.gitea.io/).
 
 ## Contributing
 
@@ -42,4 +57,6 @@ Fork -> Patch -> Push -> Pull Request
 
 ## License
 
-This project is licensed under the MIT License. See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file for the full license text.
+This project is licensed under the MIT License.
+See the [LICENSE](https://github.com/go-gitea/gitea/blob/master/LICENSE) file
+for the full license text.

cmd/admin.go

@@ -103,7 +103,7 @@ func runChangePassword(c *cli.Context) error {
 		return fmt.Errorf("%v", err)
 	}
 	user.EncodePasswd()
-	if err := models.UpdateUser(user); err != nil {
+	if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil {
 		return fmt.Errorf("%v", err)
 	}
 

conf/app.ini

@@ -206,6 +206,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
 MIN_PASSWORD_LENGTH = 6
 ; True when users are allowed to import local server paths
 IMPORT_LOCAL_PATHS = false
+; Prevent all users (including admin) from creating custom git hooks
+DISABLE_GIT_HOOKS = false
 
 [openid]
 ;
@@ -265,6 +267,12 @@ DEFAULT_KEEP_EMAIL_PRIVATE = false
 ; Default value for AllowCreateOrganization
 ; New user will have rights set to create organizations depending on this setting
 DEFAULT_ALLOW_CREATE_ORGANIZATION = true
+; Default value for EnableTimetracking
+; Repositories will use timetracking by default depending on this setting
+DEFAULT_ENABLE_TIMETRACKING = true
+; Default value for AllowOnlyContributorsToTrackTime
+; Only users with write permissions could track time if this is true
+DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME = true
 ; Default value for the domain part of the user's email address in the git log
 ; if he has set KeepEmailPrivate true. The user's email replaced with a
 ; concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.

integrations/api_gpg_keys_test.go

@@ -0,0 +1,260 @@
+// Copyright 2017 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"strconv"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	api "code.gitea.io/sdk/gitea"
+)
+
+func TestGPGKeys(t *testing.T) {
+	prepareTestEnv(t)
+	session := loginUser(t, "user2")
+
+	tt := []struct {
+		name       string
+		reqBuilder func(testing.TB, *http.Request, int) *TestResponse
+		results    []int
+	}{
+		{name: "NoLogin", reqBuilder: MakeRequest,
+			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
+		},
+		{name: "LoggedAsUser2", reqBuilder: session.MakeRequest,
+			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}},
+	}
+
+	for _, tc := range tt {
+
+		//Basic test on result code
+		t.Run(tc.name, func(t *testing.T) {
+			t.Run("ViewOwnGPGKeys", func(t *testing.T) {
+				testViewOwnGPGKeys(t, tc.reqBuilder, tc.results[0])
+			})
+			t.Run("ViewGPGKeys", func(t *testing.T) {
+				testViewGPGKeys(t, tc.reqBuilder, tc.results[1])
+			})
+			t.Run("GetGPGKey", func(t *testing.T) {
+				testGetGPGKey(t, tc.reqBuilder, tc.results[2])
+			})
+			t.Run("DeleteGPGKey", func(t *testing.T) {
+				testDeleteGPGKey(t, tc.reqBuilder, tc.results[3])
+			})
+
+			t.Run("CreateInvalidGPGKey", func(t *testing.T) {
+				testCreateInvalidGPGKey(t, tc.reqBuilder, tc.results[4])
+			})
+			t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) {
+				testCreateNoneRegistredEmailGPGKey(t, tc.reqBuilder, tc.results[5])
+			})
+			t.Run("CreateValidGPGKey", func(t *testing.T) {
+				testCreateValidGPGKey(t, tc.reqBuilder, tc.results[6])
+			})
+			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
+				testCreateValidSecondaryEmailGPGKey(t, tc.reqBuilder, tc.results[7])
+			})
+		})
+	}
+
+	//Check state after basic add
+	t.Run("CheckState", func(t *testing.T) {
+
+		var keys []*api.GPGKey
+
+		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") //GET all keys
+		resp := session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &keys)
+
+		primaryKey1 := keys[0] //Primary key 1
+		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey1.Emails))
+		assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email)
+		assert.EqualValues(t, true, primaryKey1.Emails[0].Verified)
+
+		subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C
+		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
+		assert.EqualValues(t, 0, len(subKey.Emails))
+
+		primaryKey2 := keys[1] //Primary key 2
+		assert.EqualValues(t, "FABF39739FE1E927", primaryKey2.KeyID)
+		assert.EqualValues(t, 1, len(primaryKey2.Emails))
+		assert.EqualValues(t, "user21@example.com", primaryKey2.Emails[0].Email)
+		assert.EqualValues(t, false, primaryKey2.Emails[0].Verified)
+
+		var key api.GPGKey
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)) //Primary key 1
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "38EA3BCED732982C", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user2@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, true, key.Emails[0].Verified)
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)) //Subkey of 38EA3BCED732982C
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
+		assert.EqualValues(t, 0, len(key.Emails))
+
+		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)) //Primary key 2
+		resp = session.MakeRequest(t, req, http.StatusOK)
+		DecodeJSON(t, resp, &key)
+		assert.EqualValues(t, "FABF39739FE1E927", key.KeyID)
+		assert.EqualValues(t, 1, len(key.Emails))
+		assert.EqualValues(t, "user21@example.com", key.Emails[0].Email)
+		assert.EqualValues(t, false, key.Emails[0].Verified)
+
+	})
+
+	//Check state after basic add
+	t.Run("CheckCommits", func(t *testing.T) {
+		t.Run("NotSigned", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithNotValidatedEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, false, branch.Commit.Verification.Verified)
+		})
+
+		t.Run("SignedWithValidEmail", func(t *testing.T) {
+			var branch api.Branch
+			req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign")
+			resp := session.MakeRequest(t, req, http.StatusOK)
+			DecodeJSON(t, resp, &branch)
+			assert.EqualValues(t, true, branch.Commit.Verification.Verified)
+		})
+	})
+}
+
+func testViewOwnGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testViewGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys")
+	reqBuilder(t, req, expected)
+}
+
+func testGetGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testDeleteGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1")
+	reqBuilder(t, req, expected)
+}
+
+func testCreateGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int, publicKey string) {
+	req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys", api.CreateGPGKeyOption{
+		ArmoredKey: publicKey,
+	})
+	reqBuilder(t, req, expected)
+}
+
+func testCreateInvalidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, "invalid_key")
+}
+
+func testCreateNoneRegistredEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh
+dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O
+7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR
+3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1
+rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c
+Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w
+bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0
+batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO
+Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK
+qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg
+qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ
+INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz
+1geiY5E=
+=TkP3
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user2@example.com> //primary & activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW
+VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS
+eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod
+5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23
+BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ
+Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl
+eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW
+wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e
+B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi
+KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+
+7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv
+8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN
+HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4
+Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo
+N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ
+Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3
+kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT
+OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ
+7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB
+AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn
+AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6
+Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF
+Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN
+NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6
+lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9
+uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h
+=J59D
+-----END PGP PUBLIC KEY BLOCK-----`)
+}
+
+func testCreateValidSecondaryEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) {
+	//User2 <user21@example.com> //secondary and not activated
+	testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4
+PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD
+eY1ym59gvVMLcfbV2yQsyR2hbJlc+dJsl16tigSEe3nwxZSw2IsW92pgEzT9JNUr
+Q+mC8dw4dqY0tYmFazYUGNxufUc/twgQT/Or1aNs0az5Q6Jft4rrTRsh/S7We0VB
+COKGkdcQyYgAls7HJBuPjQRi6DM9VhgBSHLAgSLyaUcZvhZBJr8Qe/q4PP3/kYDJ
+wm4RMnjOLz2pFZPgtRqgcAwpmFtLrACbEB3JABEBAAG0GlVzZXIyIDx1c2VyMjFA
+ZXhhbXBsZS5jb20+iQFUBBMBCAA+FiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmG
+WN4CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ+r85c5/h6Sfx
+Lgf/dq64NBV8+X9an3seaLxePRviva48e4K67/wV/JxtXNO5Z/DhMGz5kHXCsG9D
+CXuWYO8ehlTjEnMZ6qqdDnY+H6bQsb2OS5oPn4RwpPXslAjEKtojPAr0dDsMS2DB
+dUuIm1AoOnewOVO0OFRf1EqX1bivxnN0FVMcO0m8AczfnKDaGb0y/qg/Y9JAsKqp
+j5pZNMWUkntRtGySeJ4CVJMmkVKJAHsa1Qj6MKdFeid4h4y94cBJ4ZdyBxNdpQOx
+ydf0doicovfeqGNO4oWzsGP4RBK2CqGPCUT+EFl20jPvMkKwOjxgqc8p0z3b2UT9
++9bnmCGHgF/fW1HJ3iKmfFPqnLkBDQRZhljeAQgA5AirU/NJGgm19ZJYFOiHftjS
+azbrPxGeD3cSqmvDPIMc1DNZGfQV5D4EVumnVbQBtL6xHFoGKz9KisUMbe4a/X2J
+S8JmIphQWG0vMJX1DaZIzr2gT71MnPD7JMGsSUCh5dIKpTNTZX4w+oGPGOu0/UlL
+x0448AryKwp30J2p6D4GeI0nb03n35S2lTOpnHDn1wj7Jl/8LS2fdFOdNaNHXSZe
+twdSwJKhyBEiScgeHBDyKqo8zWkYoSb9eA2HiYlbVaiNtp24KP1mIEpiUdrRjWno
+zauYSZGHZlOFMgF4dKWuetPiuH9m7UYZGKyMLfQ9vYFb+xcPh2bLCQHJ1OEmMQAR
+AQABiQE8BBgBCAAmFiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmGWN4CGwwFCQPC
+ZwAACgkQ+r85c5/h6Sfjfwf+O4WEjRdvPJLxNy7mfAGoAqDMHIwyH/tVzYgyVhnG
+h/+cfRxJbGc3rpjYdr8dmvghzjEAout8uibPWaIqs63RCAPGPqgWLfxNO5c8+y8V
+LZMVOTV26l2olkkdBWAuhLqKTNh6TiQva03yhOgHWj4XDvFfxICWPFXVd6t5ELpD
+iApGu1OAj8JfhmzbG03Yzx+Ku7bWDxMonx3V/IDEu5LS5zrboHYDKCA53bXXghoi
+Aceqql+PKrDwEjoY4bptwMHLmcjGjdCQ//Qx1neho7nZcS7xjTucY8gQuulwCyXF
+y6wM+wMz8dunIG9gw4+Re6c4Rz9tX1kzxLrU7Pl21tMqfg==
+=0N/9
+-----END PGP PUBLIC KEY BLOCK-----`)
+}

integrations/api_issue_label_test.go

@@ -54,8 +54,9 @@ func TestAPIReplaceIssueLabels(t *testing.T) {
 	resp := session.MakeRequest(t, req, http.StatusOK)
 	var apiLabels []*api.Label
 	DecodeJSON(t, resp, &apiLabels)
-	assert.Len(t, apiLabels, 1)
-	assert.EqualValues(t, label.ID, apiLabels[0].ID)
+	if assert.Len(t, apiLabels, 1) {
+		assert.EqualValues(t, label.ID, apiLabels[0].ID)
+	}
 
 	models.AssertCount(t, &models.IssueLabel{IssueID: issue.ID}, 1)
 	models.AssertExistsAndLoadBean(t, &models.IssueLabel{IssueID: issue.ID, LabelID: label.ID})

integrations/explore_repos_test.go

@@ -0,0 +1,17 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"net/http"
+	"testing"
+)
+
+func TestExploreRepos(t *testing.T) {
+	prepareTestEnv(t)
+
+	req := NewRequest(t, "GET", "/explore/repos")
+	MakeRequest(t, req, http.StatusOK)
+}

integrations/gitea-repositories-meta/user2/repo16.git/config

@@ -0,0 +1,4 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = true

integrations/gitea-repositories-meta/user2/repo16.git/hooks/pre-rebase.sample

@@ -0,0 +1,169 @@
+#!/bin/sh
+#
+# Copyright (c) 2006, 2008 Junio C Hamano
+#
+# The "pre-rebase" hook is run just before "git rebase" starts doing
+# its job, and can prevent the command from running by exiting with
+# non-zero status.
+#
+# The hook is called with the following parameters:
+#
+# $1 -- the upstream the series was forked from.
+# $2 -- the branch being rebased (or empty when rebasing the current branch).
+#
+# This sample shows how to prevent topic branches that are already
+# merged to 'next' branch from getting rebased, because allowing it
+# would result in rebasing already published history.
+
+publish=next
+basebranch="$1"
+if test "$#" = 2
+then
+	topic="refs/heads/$2"
+else
+	topic=`git symbolic-ref HEAD` ||
+	exit 0 ;# we do not interrupt rebasing detached HEAD
+fi
+
+case "$topic" in
+refs/heads/??/*)
+	;;
+*)
+	exit 0 ;# we do not interrupt others.
+	;;
+esac
+
+# Now we are dealing with a topic branch being rebased
+# on top of master.  Is it OK to rebase it?
+
+# Does the topic really exist?
+git show-ref -q "$topic" || {
+	echo >&2 "No such branch $topic"
+	exit 1
+}
+
+# Is topic fully merged to master?
+not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
+if test -z "$not_in_master"
+then
+	echo >&2 "$topic is fully merged to master; better remove it."
+	exit 1 ;# we could allow it, but there is no point.
+fi
+
+# Is topic ever merged to next?  If so you should not be rebasing it.
+only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
+only_next_2=`git rev-list ^master           ${publish} | sort`
+if test "$only_next_1" = "$only_next_2"
+then
+	not_in_topic=`git rev-list "^$topic" master`
+	if test -z "$not_in_topic"
+	then
+		echo >&2 "$topic is already up-to-date with master"
+		exit 1 ;# we could allow it, but there is no point.
+	else
+		exit 0
+	fi
+else
+	not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
+	/usr/bin/perl -e '
+		my $topic = $ARGV[0];
+		my $msg = "* $topic has commits already merged to public branch:\n";
+		my (%not_in_next) = map {
+			/^([0-9a-f]+) /;
+			($1 => 1);
+		} split(/\n/, $ARGV[1]);
+		for my $elem (map {
+				/^([0-9a-f]+) (.*)$/;
+				[$1 => $2];
+			} split(/\n/, $ARGV[2])) {
+			if (!exists $not_in_next{$elem->[0]}) {
+				if ($msg) {
+					print STDERR $msg;
+					undef $msg;
+				}
+				print STDERR " $elem->[1]\n";
+			}
+		}
+	' "$topic" "$not_in_next" "$not_in_master"
+	exit 1
+fi
+
+exit 0
+
+################################################################
+
+This sample hook safeguards topic branches that have been
+published from being rewound.
+
+The workflow assumed here is:
+
+ * Once a topic branch forks from "master", "master" is never
+   merged into it again (either directly or indirectly).
+
+ * Once a topic branch is fully cooked and merged into "master",
+   it is deleted.  If you need to build on top of it to correct
+   earlier mistakes, a new topic branch is created by forking at
+   the tip of the "master".  This is not strictly necessary, but
+   it makes it easier to keep your history simple.
+
+ * Whenever you need to test or publish your changes to topic
+   branches, merge them into "next" branch.
+
+The script, being an example, hardcodes the publish branch name
+to be "next", but it is trivial to make it configurable via
+$GIT_DIR/config mechanism.
+
+With this workflow, you would want to know:
+
+(1) ... if a topic branch has ever been merged to "next".  Young
+    topic branches can have stupid mistakes you would rather
+    clean up before publishing, and things that have not been
+    merged into other branches can be easily rebased without
+    affecting other people.  But once it is published, you would
+    not want to rewind it.
+
+(2) ... if a topic branch has been fully merged to "master".
+    Then you can delete it.  More importantly, you should not
+    build on top of it -- other people may already want to
+    change things related to the topic as patches against your
+    "master", so if you need further changes, it is better to
+    fork the topic (perhaps with the same name) afresh from the
+    tip of "master".
+
+Let's look at this example:
+
+		   o---o---o---o---o---o---o---o---o---o "next"
+		  /       /           /           /
+		 /   a---a---b A     /           /
+		/   /               /           /
+	       /   /   c---c---c---c B         /
+	      /   /   /             \         /
+	     /   /   /   b---b C     \       /
+	    /   /   /   /             \     /
+    ---o---o---o---o---o---o---o---o---o---o---o "master"
+
+
+A, B and C are topic branches.
+
+ * A has one fix since it was merged up to "next".
+
+ * B has finished.  It has been fully merged up to "master" and "next",
+   and is ready to be deleted.
+
+ * C has not merged to "next" at all.
+
+We would want to allow C to be rebased, refuse A, and encourage
+B to be deleted.
+
+To compute (1):
+
+	git rev-list ^master ^topic next
+	git rev-list ^master        next
+
+	if these match, topic has not merged in next at all.
+
+To compute (2):
+
+	git rev-list master..topic
+
+	if this is empty, it is fully merged to "master".

integrations/gitea-repositories-meta/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f

@@ -0,0 +1 @@
+x
+)JMU06g040031Q(JMLÉMÕËMaXbR¶”10<31>-&ªéCüÕþË’‘Ý
=À,

integrations/gitea-repositories-meta/user2/repo16.git/objects/50/99b81332712fe655e34e8dd63574f503f61811

@@ -0,0 +1,2 @@
+x
ŤŤQ
+B!Eűvó„ŽO'!˘M´€Q‡×<E280A1>Ěđů ĺgÔúş‡çŢTKY:v˝‰€N6»<36>…‘b f›˘÷š<C3B7>&—‰19ĂÄÇhoýV\Wi§íyqyŢĺ<C5A2>j9<6A>qő„FŘŇj´ăŞË?Ůź¤ćZ3¬Ëü<C38B>ßő*S6#

integrations/gitea-repositories-meta/user2/repo16.git/refs/heads/good-sign

@@ -0,0 +1 @@
+f27c2b2b03dcab38beaf89b0ab4ff61f6de63441

integrations/gitea-repositories-meta/user2/repo16.git/refs/heads/good-sign-not-yet-validated

@@ -0,0 +1 @@
+27566bd5738fc8b4e3fef3c5e72cce608537bd95

integrations/gitea-repositories-meta/user2/repo16.git/refs/heads/master

@@ -0,0 +1 @@
+69554a64c1e6030f051e5c3f94bfbd773cd6a324

integrations/gitea-repositories-meta/user2/repo16.git/refs/heads/not-signed

@@ -0,0 +1 @@
+69554a64c1e6030f051e5c3f94bfbd773cd6a324

integrations/gitea-repositories-meta/user3/repo3.git/HEAD

@@ -0,0 +1 @@
+ref: refs/heads/master

integrations/gitea-repositories-meta/user3/repo3.git/description

@@ -0,0 +1 @@
+Unnamed repository; edit this file 'description' to name the repository.

integrations/gitea-repositories-meta/user3/repo3.git/hooks/applypatch-msg.sample

@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message taken by
+# applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.  The hook is
+# allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "applypatch-msg".
+
+. git-sh-setup
+commitmsg="$(git rev-parse --git-path hooks/commit-msg)"
+test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"}
+:

integrations/gitea-repositories-meta/user3/repo3.git/hooks/commit-msg.sample

@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message.
+# Called by "git commit" with one argument, the name of the file
+# that has the commit message.  The hook should exit with non-zero
+# status after issuing an appropriate message if it wants to stop the
+# commit.  The hook is allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "commit-msg".
+
+# Uncomment the below to add a Signed-off-by line to the message.
+# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
+# hook is more suited to it.
+#
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
+
+# This example catches duplicate Signed-off-by lines.
+
+test "" = "$(grep '^Signed-off-by: ' "$1" |
+	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
+	echo >&2 Duplicate Signed-off-by lines.
+	exit 1
+}

integrations/gitea-repositories-meta/user3/repo3.git/hooks/post-update.sample

@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# An example hook script to prepare a packed repository for use over
+# dumb transports.
+#
+# To enable this hook, rename this file to "post-update".
+
+exec git update-server-info