From 15debbbe4eb94c1855a0178e379b7e3d19bd07ad Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Fri, 7 Jun 2024 15:37:33 +0200
Subject: [PATCH 01/46] Enable poetry non-package mode (#31282)

[Poetry
1.8.0](https://github.com/python-poetry/poetry/releases/tag/1.8.0) added
support for [non-package
mode](https://python-poetry.org/docs/basic-usage/#operating-modes), e.g.
projects that are not python packages themselves like we are. Make use
of that and remove the previous workaround via `--no-root`.
---
 Makefile       | 4 ++--
 pyproject.toml | 5 +----
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/Makefile b/Makefile
index d97360c9f4..b5a79091eb 100644
--- a/Makefile
+++ b/Makefile
@@ -878,7 +878,7 @@ node_modules: package-lock.json
 	@touch node_modules
 
 .venv: poetry.lock
-	poetry install --no-root
+	poetry install
 	@touch .venv
 
 .PHONY: update
@@ -895,7 +895,7 @@ update-js: node-check | node_modules
 update-py: node-check | node_modules
 	npx updates -u -f pyproject.toml
 	rm -rf .venv poetry.lock
-	poetry install --no-root
+	poetry install
 	@touch .venv
 
 .PHONY: fomantic
diff --git a/pyproject.toml b/pyproject.toml
index bb768d5cb1..0724a8e24a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,8 +1,5 @@
 [tool.poetry]
-name = "gitea"
-version = "0.0.0"
-description = ""
-authors = []
+package-mode = false
 
 [tool.poetry.dependencies]
 python = "^3.10"

From 291a00dc570a143092e5ad19cdad12939d3d70dc Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Fri, 7 Jun 2024 15:42:31 +0200
Subject: [PATCH 02/46] Fix and clean up `ConfirmModal` (#31283)

Bug: orange button color was removed in
https://github.com/go-gitea/gitea/pull/30475, replaced with red
Bug: translation text was not html-escaped
Refactor: Replaced as much jQuery as possible, added useful
`createElementFromHTML`
Refactor: Remove colors checks that don't exist on `.link-action`

<img width="381" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/5900bf6a-8a86-4a86-b368-0559cbfea66e">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
---
 web_src/js/features/common-global.js     |  4 ++--
 web_src/js/features/comp/ConfirmModal.js | 25 ++++++++++++------------
 web_src/js/features/repo-issue-list.js   |  2 +-
 web_src/js/utils/dom.js                  |  7 +++++++
 web_src/js/utils/dom.test.js             |  5 +++++
 5 files changed, 28 insertions(+), 15 deletions(-)
 create mode 100644 web_src/js/utils/dom.test.js

diff --git a/web_src/js/features/common-global.js b/web_src/js/features/common-global.js
index 3b021d4485..65eb237dde 100644
--- a/web_src/js/features/common-global.js
+++ b/web_src/js/features/common-global.js
@@ -295,8 +295,8 @@ async function linkAction(e) {
     return;
   }
 
-  const isRisky = el.classList.contains('red') || el.classList.contains('yellow') || el.classList.contains('orange') || el.classList.contains('negative');
-  if (await confirmModal({content: modalConfirmContent, buttonColor: isRisky ? 'orange' : 'primary'})) {
+  const isRisky = el.classList.contains('red') || el.classList.contains('negative');
+  if (await confirmModal(modalConfirmContent, {confirmButtonColor: isRisky ? 'red' : 'primary'})) {
     await doRequest();
   }
 }
diff --git a/web_src/js/features/comp/ConfirmModal.js b/web_src/js/features/comp/ConfirmModal.js
index e64996a352..f9ad5c39cc 100644
--- a/web_src/js/features/comp/ConfirmModal.js
+++ b/web_src/js/features/comp/ConfirmModal.js
@@ -1,22 +1,23 @@
 import $ from 'jquery';
 import {svg} from '../../svg.js';
 import {htmlEscape} from 'escape-goat';
+import {createElementFromHTML} from '../../utils/dom.js';
 
 const {i18n} = window.config;
 
-export async function confirmModal(opts = {content: '', buttonColor: 'primary'}) {
+export function confirmModal(content, {confirmButtonColor = 'primary'} = {}) {
   return new Promise((resolve) => {
-    const $modal = $(`
-<div class="ui g-modal-confirm modal">
-  <div class="content">${htmlEscape(opts.content)}</div>
-  <div class="actions">
-    <button class="ui cancel button">${svg('octicon-x')} ${i18n.modal_cancel}</button>
-    <button class="ui ${opts.buttonColor || 'primary'} ok button">${svg('octicon-check')} ${i18n.modal_confirm}</button>
-  </div>
-</div>
-`);
-
-    $modal.appendTo(document.body);
+    const modal = createElementFromHTML(`
+      <div class="ui g-modal-confirm modal">
+        <div class="content">${htmlEscape(content)}</div>
+        <div class="actions">
+          <button class="ui cancel button">${svg('octicon-x')} ${htmlEscape(i18n.modal_cancel)}</button>
+          <button class="ui ${confirmButtonColor} ok button">${svg('octicon-check')} ${htmlEscape(i18n.modal_confirm)}</button>
+        </div>
+      </div>
+    `);
+    document.body.append(modal);
+    const $modal = $(modal);
     $modal.modal({
       onApprove() {
         resolve(true);
diff --git a/web_src/js/features/repo-issue-list.js b/web_src/js/features/repo-issue-list.js
index 92f058c4d2..5d18a7ff8d 100644
--- a/web_src/js/features/repo-issue-list.js
+++ b/web_src/js/features/repo-issue-list.js
@@ -76,7 +76,7 @@ function initRepoIssueListCheckboxes() {
     // for delete
     if (action === 'delete') {
       const confirmText = e.target.getAttribute('data-action-delete-confirm');
-      if (!await confirmModal({content: confirmText, buttonColor: 'orange'})) {
+      if (!await confirmModal(confirmText, {confirmButtonColor: 'red'})) {
         return;
       }
     }
diff --git a/web_src/js/utils/dom.js b/web_src/js/utils/dom.js
index a48510b191..7289f19cbf 100644
--- a/web_src/js/utils/dom.js
+++ b/web_src/js/utils/dom.js
@@ -297,3 +297,10 @@ export function replaceTextareaSelection(textarea, text) {
     textarea.dispatchEvent(new CustomEvent('change', {bubbles: true, cancelable: true}));
   }
 }
+
+// Warning: Do not enter any unsanitized variables here
+export function createElementFromHTML(htmlString) {
+  const div = document.createElement('div');
+  div.innerHTML = htmlString.trim();
+  return div.firstChild;
+}
diff --git a/web_src/js/utils/dom.test.js b/web_src/js/utils/dom.test.js
new file mode 100644
index 0000000000..fd7d97cad5
--- /dev/null
+++ b/web_src/js/utils/dom.test.js
@@ -0,0 +1,5 @@
+import {createElementFromHTML} from './dom.js';
+
+test('createElementFromHTML', () => {
+  expect(createElementFromHTML('<a>foo<span>bar</span></a>').outerHTML).toEqual('<a>foo<span>bar</span></a>');
+});

From 0188d82e4908eb173f7203d577f801f3168ffcb8 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Fri, 7 Jun 2024 23:15:17 +0800
Subject: [PATCH 03/46] Fix some URLs whose sub-path is missing (#31289)

Fix #31285
---
 templates/admin/packages/list.tmpl        | 2 +-
 templates/devtest/fetch-action.tmpl       | 2 +-
 templates/user/settings/applications.tmpl | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/admin/packages/list.tmpl b/templates/admin/packages/list.tmpl
index 863f11da25..d1d77b6220 100644
--- a/templates/admin/packages/list.tmpl
+++ b/templates/admin/packages/list.tmpl
@@ -5,7 +5,7 @@
 			{{ctx.Locale.Tr "admin.packages.total_size" (FileSize .TotalBlobSize)}},
 			{{ctx.Locale.Tr "admin.packages.unreferenced_size" (FileSize .TotalUnreferencedBlobSize)}})
 			<div class="ui right">
-				<form method="post" action="/admin/packages/cleanup">
+				<form method="post" action="{{AppSubUrl}}/admin/packages/cleanup">
 					{{.CsrfTokenHtml}}
 					<button class="ui primary tiny button">{{ctx.Locale.Tr "admin.packages.cleanup"}}</button>
 				</form>
diff --git a/templates/devtest/fetch-action.tmpl b/templates/devtest/fetch-action.tmpl
index 2b25e6c9c4..66f41fc6de 100644
--- a/templates/devtest/fetch-action.tmpl
+++ b/templates/devtest/fetch-action.tmpl
@@ -25,7 +25,7 @@
 				<div><label><input name="check" type="checkbox"> check</label></div>
 				<div><button name="btn">submit post</button></div>
 			</form>
-			<form method="post" action="/no-such-uri" class="form-fetch-action">
+			<form method="post" action="no-such-uri" class="form-fetch-action">
 				<div class="tw-py-8">bad action url</div>
 				<div><button name="btn">submit test</button></div>
 			</form>
diff --git a/templates/user/settings/applications.tmpl b/templates/user/settings/applications.tmpl
index 8c67653e58..3c1934dd8b 100644
--- a/templates/user/settings/applications.tmpl
+++ b/templates/user/settings/applications.tmpl
@@ -75,7 +75,7 @@
 						{{ctx.Locale.Tr "settings.select_permissions"}}
 					</summary>
 					<p class="activity meta">
-						<i>{{ctx.Locale.Tr "settings.access_token_desc" (`href="/api/swagger" target="_blank"`|SafeHTML) (`href="https://docs.gitea.com/development/oauth2-provider#scopes" target="_blank"`|SafeHTML)}}</i>
+						<i>{{ctx.Locale.Tr "settings.access_token_desc" (HTMLFormat `href="%s/api/swagger" target="_blank"` AppSubUrl) (`href="https://docs.gitea.com/development/oauth2-provider#scopes" target="_blank"`|SafeHTML)}}</i>
 					</p>
 					<div class="scoped-access-token-mount">
 						<scoped-access-token-selector

From 6106a61eff305f0271dba54e7535fcccf14a42e0 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sun, 9 Jun 2024 16:29:29 +0800
Subject: [PATCH 04/46] Remove sub-path from container registry realm (#31293)

Container registry requires that the "/v2" must be in the root, so the
sub-path in AppURL should be removed
---
 modules/setting/packages.go                      |  5 -----
 modules/test/utils.go                            |  6 ++++--
 routers/api/packages/container/container.go      |  6 +++---
 routers/web/user/package.go                      |  8 +++++++-
 tests/integration/api_packages_container_test.go | 12 +++++++++---
 5 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/modules/setting/packages.go b/modules/setting/packages.go
index b225615a24..00fba67b39 100644
--- a/modules/setting/packages.go
+++ b/modules/setting/packages.go
@@ -6,7 +6,6 @@ package setting
 import (
 	"fmt"
 	"math"
-	"net/url"
 	"os"
 	"path/filepath"
 
@@ -19,7 +18,6 @@ var (
 		Storage           *Storage
 		Enabled           bool
 		ChunkedUploadPath string
-		RegistryHost      string
 
 		LimitTotalOwnerCount int64
 		LimitTotalOwnerSize  int64
@@ -66,9 +64,6 @@ func loadPackagesFrom(rootCfg ConfigProvider) (err error) {
 		return err
 	}
 
-	appURL, _ := url.Parse(AppURL)
-	Packages.RegistryHost = appURL.Host
-
 	Packages.ChunkedUploadPath = filepath.ToSlash(sec.Key("CHUNKED_UPLOAD_PATH").MustString("tmp/package-upload"))
 	if !filepath.IsAbs(Packages.ChunkedUploadPath) {
 		Packages.ChunkedUploadPath = filepath.ToSlash(filepath.Join(AppDataPath, Packages.ChunkedUploadPath))
diff --git a/modules/test/utils.go b/modules/test/utils.go
index 4a0c2f1b3b..8dee92fbce 100644
--- a/modules/test/utils.go
+++ b/modules/test/utils.go
@@ -34,8 +34,10 @@ func IsNormalPageCompleted(s string) bool {
 	return strings.Contains(s, `<footer class="page-footer"`) && strings.Contains(s, `</html>`)
 }
 
-func MockVariableValue[T any](p *T, v T) (reset func()) {
+func MockVariableValue[T any](p *T, v ...T) (reset func()) {
 	old := *p
-	*p = v
+	if len(v) > 0 {
+		*p = v[0]
+	}
 	return func() { *p = old }
 }
diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go
index 2a6d44ba08..b0c4458d51 100644
--- a/routers/api/packages/container/container.go
+++ b/routers/api/packages/container/container.go
@@ -116,9 +116,9 @@ func apiErrorDefined(ctx *context.Context, err *namedError) {
 }
 
 func apiUnauthorizedError(ctx *context.Context) {
-	// TODO: it doesn't seem quite right but it doesn't really cause problem at the moment.
-	// container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed, ideally.
-	ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+httplib.GuessCurrentAppURL(ctx)+`v2/token",service="container_registry",scope="*"`)
+	// container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed
+	realmURL := strings.TrimSuffix(httplib.GuessCurrentAppURL(ctx), setting.AppSubURL+"/") + "/v2/token"
+	ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+realmURL+`",service="container_registry",scope="*"`)
 	apiErrorDefined(ctx, errUnauthorized)
 }
 
diff --git a/routers/web/user/package.go b/routers/web/user/package.go
index 2a18796687..dad4c8f602 100644
--- a/routers/web/user/package.go
+++ b/routers/web/user/package.go
@@ -5,6 +5,7 @@ package user
 
 import (
 	"net/http"
+	"net/url"
 
 	"code.gitea.io/gitea/models/db"
 	org_model "code.gitea.io/gitea/models/organization"
@@ -15,6 +16,7 @@ import (
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/optional"
 	alpine_module "code.gitea.io/gitea/modules/packages/alpine"
@@ -178,7 +180,11 @@ func ViewPackageVersion(ctx *context.Context) {
 
 	switch pd.Package.Type {
 	case packages_model.TypeContainer:
-		ctx.Data["RegistryHost"] = setting.Packages.RegistryHost
+		registryAppURL, err := url.Parse(httplib.GuessCurrentAppURL(ctx))
+		if err != nil {
+			registryAppURL, _ = url.Parse(setting.AppURL)
+		}
+		ctx.Data["RegistryHost"] = registryAppURL.Host
 	case packages_model.TypeAlpine:
 		branches := make(container.Set[string])
 		repositories := make(container.Set[string])
diff --git a/tests/integration/api_packages_container_test.go b/tests/integration/api_packages_container_test.go
index 9ac6e5256b..fcd1cc529f 100644
--- a/tests/integration/api_packages_container_test.go
+++ b/tests/integration/api_packages_container_test.go
@@ -84,7 +84,7 @@ func TestPackageContainer(t *testing.T) {
 			Token string `json:"token"`
 		}
 
-		authenticate := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`}
+		defaultAuthenticateValues := []string{`Bearer realm="` + setting.AppURL + `v2/token",service="container_registry",scope="*"`}
 
 		t.Run("Anonymous", func(t *testing.T) {
 			defer tests.PrintCurrentTest(t)()
@@ -92,7 +92,7 @@ func TestPackageContainer(t *testing.T) {
 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
 			resp := MakeRequest(t, req, http.StatusUnauthorized)
 
-			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))
+			assert.ElementsMatch(t, defaultAuthenticateValues, resp.Header().Values("WWW-Authenticate"))
 
 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
 			resp = MakeRequest(t, req, http.StatusOK)
@@ -115,6 +115,12 @@ func TestPackageContainer(t *testing.T) {
 
 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL))
 			MakeRequest(t, req, http.StatusUnauthorized)
+
+			defer test.MockVariableValue(&setting.AppURL, "https://domain:8443/sub-path/")()
+			defer test.MockVariableValue(&setting.AppSubURL, "/sub-path")()
+			req = NewRequest(t, "GET", "/v2")
+			resp = MakeRequest(t, req, http.StatusUnauthorized)
+			assert.Equal(t, `Bearer realm="https://domain:8443/v2/token",service="container_registry",scope="*"`, resp.Header().Get("WWW-Authenticate"))
 		})
 
 		t.Run("User", func(t *testing.T) {
@@ -123,7 +129,7 @@ func TestPackageContainer(t *testing.T) {
 			req := NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
 			resp := MakeRequest(t, req, http.StatusUnauthorized)
 
-			assert.ElementsMatch(t, authenticate, resp.Header().Values("WWW-Authenticate"))
+			assert.ElementsMatch(t, defaultAuthenticateValues, resp.Header().Values("WWW-Authenticate"))
 
 			req = NewRequest(t, "GET", fmt.Sprintf("%sv2/token", setting.AppURL)).
 				AddBasicAuth(user.Name)

From 4f7d6feab7e6cb6e8c5914a5b6cd20a64fd49c29 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Mon, 10 Jun 2024 00:27:20 +0000
Subject: [PATCH 05/46] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_fr-FR.ini | 110 ++++++++++++++++++++++++++++++++
 1 file changed, 110 insertions(+)

diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini
index 9a1a756264..230107fc96 100644
--- a/options/locale/locale_fr-FR.ini
+++ b/options/locale/locale_fr-FR.ini
@@ -25,6 +25,7 @@ enable_javascript=Ce site Web nécessite JavaScript.
 toc=Sommaire
 licenses=Licences
 return_to_gitea=Revenir à Gitea
+more_items=Plus d'éléments
 
 username=Nom d'utilisateur
 email=Courriel
@@ -113,6 +114,7 @@ loading=Chargement…
 error=Erreur
 error404=La page que vous essayez d'atteindre <strong>n'existe pas</strong> ou <strong>vous n'êtes pas autorisé</strong> à la voir.
 go_back=Retour
+invalid_data=Données invalides : %v
 
 never=Jamais
 unknown=Inconnu
@@ -143,17 +145,43 @@ name=Nom
 value=Valeur
 
 filter=Filtrer
+filter.clear=Effacer le filtre
 filter.is_archived=Archivé
+filter.not_archived=Non archivé
+filter.is_fork=Bifurqué
+filter.not_fork=Non bifurqué
+filter.is_mirror=Miroité
+filter.not_mirror=Non miroité
 filter.is_template=Modèle
+filter.not_template=Pas un modèle
 filter.public=Public
 filter.private=Privé
 
+no_results_found=Aucun résultat trouvé.
 
 [search]
+search=Rechercher…
+type_tooltip=Type de recherche
+fuzzy=Approximative
+fuzzy_tooltip=Inclure également les résultats proches de la recherche
 exact=Exact
 exact_tooltip=Inclure uniquement les résultats qui correspondent exactement au terme de recherche
+repo_kind=Chercher des dépôts…
+user_kind=Chercher des utilisateurs…
+org_kind=Chercher des organisations…
+team_kind=Chercher des équipes…
+code_kind=Chercher du code…
+code_search_unavailable=La recherche dans le code n’est pas disponible actuellement. Veuillez contacter l’administrateur de votre instance Gitea.
+code_search_by_git_grep=Les résultats de recherche de code actuels sont fournis par « git grep ». L’administrateur peut activer l’indexeur de dépôt, qui pourrait fournir de meilleurs résultats.
+package_kind=Chercher des paquets…
+project_kind=Chercher des projets…
+branch_kind=Chercher des branches…
+commit_kind=Chercher des révisions…
+runner_kind=Chercher des exécuteurs…
+no_results=Aucun résultat correspondant trouvé.
 issue_kind=Recherche de tickets…
 pull_kind=Recherche de demandes d’ajouts…
+keyword_search_unavailable=La recherche par mot clé n’est pas disponible actuellement. Veuillez contacter l’administrateur de votre instance Gitea.
 
 [aria]
 navbar=Barre de navigation
@@ -260,6 +288,7 @@ email_title=Paramètres de Messagerie
 smtp_addr=Hôte SMTP
 smtp_port=Port SMTP
 smtp_from=Envoyer les courriels en tant que
+smtp_from_invalid=L’adresse « Envoyer le courriel sous » est invalide
 smtp_from_helper=Adresse courriel utilisée par Gitea. Utilisez directement votre adresse ou la forme « Nom <email@example.com> ».
 mailer_user=Utilisateur SMTP
 mailer_password=Mot de passe SMTP
@@ -319,6 +348,7 @@ env_config_keys=Configuration de l'environnement
 env_config_keys_prompt=Les variables d'environnement suivantes seront également ajoutées à votre fichier de configuration :
 
 [home]
+nav_menu=Menu de navigation
 uname_holder=Nom d’utilisateur ou adresse courriel
 password_holder=Mot de passe
 switch_dashboard_context=Basculer le contexte du tableau de bord
@@ -367,6 +397,7 @@ forgot_password_title=Mot de passe oublié
 forgot_password=Mot de passe oublié ?
 sign_up_now=Pas de compte ? Inscrivez-vous maintenant.
 sign_up_successful=Le compte a été créé avec succès. Bienvenue !
+confirmation_mail_sent_prompt_ex=Un nouveau courriel de confirmation a été envoyé à <b>%s</b>. Veuillez vérifier votre boîte de réception dans la prochaine %s pour terminer le processus d’inscription. Si votre adresse courriel est incorrecte, vous pouvez vous reconnecter et la modifier.
 must_change_password=Réinitialisez votre mot de passe
 allow_password_change=Demande à l'utilisateur de changer son mot de passe (recommandé)
 reset_password_mail_sent_prompt=Un mail de confirmation a été envoyé à <b>%s</b>. Veuillez vérifier votre boîte de réception dans les prochaines %s pour terminer la procédure de récupération du compte.
@@ -376,6 +407,7 @@ prohibit_login=Connexion interdite
 prohibit_login_desc=Votre compte n'autorise pas la connexion, veuillez contacter l'administrateur de votre site.
 resent_limit_prompt=Désolé, vous avez récemment demandé un courriel d'activation. Veuillez réessayer dans 3 minutes.
 has_unconfirmed_mail=Bonjour %s, votre adresse courriel (<b>%s</b>) n’a pas été confirmée. Si vous n’avez reçu aucun mail de confirmation ou souhaitez renouveler l’envoi, cliquez sur le bouton ci-dessous.
+change_unconfirmed_mail_address=Si votre adresse courriel d’inscription est incorrecte, vous pouvez la modifier ici et renvoyer un nouvel courriel de confirmation.
 resend_mail=Cliquez ici pour renvoyer un mail de confirmation
 email_not_associate=L’adresse courriel n’est associée à aucun compte.
 send_reset_mail=Envoyer un courriel de récupération du compte
@@ -404,6 +436,7 @@ oauth_signin_submit=Lier un compte
 oauth.signin.error=Une erreur s'est produite lors du traitement de la demande d'autorisation. Si cette erreur persiste, veuillez contacter l'administrateur du site.
 oauth.signin.error.access_denied=La demande d'autorisation a été refusée.
 oauth.signin.error.temporarily_unavailable=L'autorisation a échoué car le serveur d'authentification est temporairement indisponible. Veuillez réessayer plus tard.
+oauth_callback_unable_auto_reg=L’inscription automatique est activée, mais le fournisseur OAuth2 %[1]s a signalé des champs manquants : %[2]s, impossible de créer un compte automatiquement, veuillez créer ou lier un compte, ou bien contacter l’administrateur du site.
 openid_connect_submit=Se connecter
 openid_connect_title=Se connecter à un compte existant
 openid_connect_desc=L'URI OpenID choisie est inconnue. Associez-le à un nouveau compte ici.
@@ -556,6 +589,7 @@ team_name_been_taken=Le nom d'équipe est déjà pris.
 team_no_units_error=Autoriser l’accès à au moins une section du dépôt.
 email_been_used=Cette adresse courriel est déjà utilisée.
 email_invalid=Cette adresse courriel est invalide.
+email_domain_is_not_allowed=Le domaine <b>%s</b> du courriel utilisateur entre en conflit avec EMAIL_DOMAIN_ALLOWLIST ou EMAIL_DOMAIN_BLOCKLIST. Veuillez vous assurer que votre opération est attendue.
 openid_been_used=Adresse OpenID "%s" déjà utilisée.
 username_password_incorrect=Identifiant ou mot de passe invalide.
 password_complexity=Le mot de passe ne respecte pas les exigences de complexité:
@@ -567,6 +601,8 @@ enterred_invalid_repo_name=Le nom de dépôt saisi est incorrect.
 enterred_invalid_org_name=Le nom de l'organisation que vous avez entré est incorrect.
 enterred_invalid_owner_name=Le nom du nouveau propriétaire est invalide.
 enterred_invalid_password=Le mot de passe saisi est incorrect.
+unset_password=L’utilisateur n’a pas défini de mot de passe.
+unsupported_login_type=Le type de connexion n’est pas pris en charge pour supprimer le compte.
 user_not_exist=Cet utilisateur n'existe pas.
 team_not_exist=L'équipe n'existe pas.
 last_org_owner=Vous ne pouvez pas retirer le dernier utilisateur de l’équipe « propriétaires ». Il doit y avoir au moins un propriétaire dans chaque organisation.
@@ -616,6 +652,29 @@ form.name_reserved=Le nom d’utilisateur "%s" est réservé.
 form.name_pattern_not_allowed=Le motif « %s » n’est pas autorisé dans un nom de d'utilisateur.
 form.name_chars_not_allowed=Le nom d'utilisateur "%s" contient des caractères non valides.
 
+block.block=Bloquer
+block.block.user=Bloquer l’utilisateur
+block.block.org=Bloquer l’utilisateur pour l’organisation
+block.block.failure=Impossible de bloquer l’utilisateur : %s
+block.unblock=Débloquer
+block.unblock.failure=Impossible de débloquer l’utilisateur : %s
+block.blocked=Vous avez bloqué cet utilisateur.
+block.title=Bloquer un utilisateur
+block.info=Bloquer un utilisateur l’empêche d’interagir avec des dépôts, comme ouvrir ou commenter des demandes de fusion ou des tickets. Apprenez-en plus sur le blocage d’un utilisateur.
+block.info_1=Bloquer un utilisateur empêche les actions suivantes sur votre compte et vos dépôts :
+block.info_2=suivre votre compte
+block.info_3=vous envoyer des notifications en vous @mentionnant
+block.info_4=vous inviter en tant que collaborateur de son(ses) dépôt(s)
+block.info_5=aimer, bifurquer ou suivre vos dépôts
+block.info_6=ouvrir ou commenter vos tickets et demandes d’ajouts
+block.info_7=réagir à vos commentaires dans les tickets ou les demandes d’ajout
+block.user_to_block=Utilisateur à bloquer
+block.note=Note
+block.note.title=Note facultative :
+block.note.info=La note n’est pas visible par l’utilisateur bloqué.
+block.note.edit=Modifier la note
+block.list=Utilisateurs bloqués
+block.list.none=Vous n’avez bloqué aucun utilisateur.
 
 [settings]
 profile=Profil
@@ -658,6 +717,7 @@ cancel=Annuler
 language=Langue
 ui=Thème
 hidden_comment_types=Catégories de commentaires masqués
+hidden_comment_types_description=Cochez les catégories suivantes pour masquer les commentaires correspondants des fils d'activité. Par exemple, « Label » cache les commentaires du genre « Cerise a attribué le label Bug il y a 2 heures. »
 hidden_comment_types.ref_tooltip=Commentaires où ce ticket a été référencé sur un autre ticket, révision, etc.
 hidden_comment_types.issue_ref_tooltip=Commentaires où l’utilisateur change la branche/étiquette associée au ticket
 comment_type_group_reference=Référence
@@ -704,6 +764,8 @@ manage_themes=Sélectionner le thème par défaut
 manage_openid=Gérer les adresses OpenID
 email_desc=Votre adresse courriel principale sera utilisée pour les notifications, la récupération de mot de passe et, à condition qu'elle ne soit pas cachée, les opérations Git basées sur le Web.
 theme_desc=Ce sera votre thème par défaut sur le site.
+theme_colorblindness_help=Support du thème daltonien
+theme_colorblindness_prompt=Gitea fournit depuis peu des thèmes daltonien basé sur un spectre coloré réduit. Encore en développement, de futures améliorations devraient enrichir les fichiers de thèmes CSS.
 primary=Principale
 activated=Activé
 requires_activation=Nécessite une activation
@@ -953,7 +1015,9 @@ fork_visibility_helper=La visibilité d'un dépôt bifurqué ne peut pas être m
 fork_branch=Branche à cloner sur la bifurcation
 all_branches=Toutes les branches
 fork_no_valid_owners=Ce dépôt ne peut pas être bifurqué car il n’a pas de propriétaire valide.
+fork.blocked_user=Impossible de bifurquer le dépôt car vous êtes bloqué par son propriétaire.
 use_template=Utiliser ce modèle
+open_with_editor=Ouvrir avec %s
 download_zip=Télécharger le ZIP
 download_tar=Télécharger le TAR.GZ
 download_bundle=Télécharger le BUNDLE
@@ -1006,6 +1070,7 @@ watchers=Observateurs
 stargazers=Fans
 stars_remove_warning=Ceci supprimera toutes les étoiles de ce dépôt.
 forks=Bifurcations
+stars=Favoris
 reactions_more=et %d de plus
 unit_disabled=L'administrateur du site a désactivé cette section du dépôt.
 language_other=Autre
@@ -1127,6 +1192,7 @@ watch=Suivre
 unstar=Retirer des favoris
 star=Ajouter aux favoris
 fork=Bifurcation
+action.blocked_user=Impossible d’effectuer cette action car vous êtes bloqué par le propriétaire du dépôt.
 download_archive=Télécharger ce dépôt
 more_operations=Plus d'opérations
 
@@ -1172,6 +1238,8 @@ file_view_rendered=Voir le rendu
 file_view_raw=Voir le Raw
 file_permalink=Lien permanent
 file_too_large=Le fichier est trop gros pour être affiché.
+code_preview_line_from_to=Lignes %[1]d à %[2]d dans %[3]s
+code_preview_line_in=Ligne %[1]d dans %[2]s
 invisible_runes_header=`Ce fichier contient des caractères Unicode invisibles.`
 invisible_runes_description=`Ce fichier contient des caractères Unicode invisibles à l'œil nu, mais peuvent être traités différemment par un ordinateur. Si vous pensez que c'est intentionnel, vous pouvez ignorer cet avertissement. Utilisez le bouton Échappe pour les dévoiler.`
 ambiguous_runes_header=`Ce fichier contient des caractères Unicode ambigus.`
@@ -1226,6 +1294,7 @@ editor.or=ou
 editor.cancel_lower=Annuler
 editor.commit_signed_changes=Réviser les changements (signé)
 editor.commit_changes=Réviser les changements
+editor.add_tmpl=Ajouter {filename}
 editor.add=Ajouter %s
 editor.update=Actualiser %s
 editor.delete=Supprimer %s
@@ -1253,6 +1322,8 @@ editor.file_editing_no_longer_exists=Impossible de modifier le fichier « %s 
 editor.file_deleting_no_longer_exists=Impossible de supprimer le fichier « %s » car il n’existe plus dans ce dépôt.
 editor.file_changed_while_editing=Le contenu du fichier a changé depuis que vous avez commencé à éditer. <a target="_blank" rel="noopener noreferrer" href="%s">Cliquez ici</a> pour voir les changements ou <strong>soumettez de nouveau</strong> pour les écraser.
 editor.file_already_exists=Un fichier nommé "%s" existe déjà dans ce dépôt.
+editor.commit_id_not_matching=L’ID de la révision ne correspond pas à l’ID lorsque vous avez commencé à éditer. Faites une révision dans une branche de correctif puis fusionnez.
+editor.push_out_of_date=Cet envoi semble être obsolète.
 editor.commit_empty_file_header=Réviser un fichier vide
 editor.commit_empty_file_text=Le fichier que vous allez réviser est vide. Continuer ?
 editor.no_changes_to_show=Il n’y a aucune modification à afficher.
@@ -1277,6 +1348,7 @@ commits.commits=Révisions
 commits.no_commits=Pas de révisions en commun. "%s" et "%s" ont des historiques entièrement différents.
 commits.nothing_to_compare=Ces branches sont égales.
 commits.search.tooltip=Vous pouvez utiliser les mots-clés "author:", "committer:", "after:", ou "before:" pour filtrer votre recherche, ex.: "revert author:Alice before:2019-01-13".
+commits.search_branch=Cette branche
 commits.search_all=Toutes les branches
 commits.author=Auteur
 commits.message=Message
@@ -1306,6 +1378,7 @@ commitstatus.success=Succès
 ext_issues=Accès aux tickets externes
 ext_issues.desc=Lien vers un gestionnaire de tickets externe.
 
+projects.desc=Gérer les tickets et les demandes d’ajouts dans les projets.
 projects.description=Description (facultative)
 projects.description_placeholder=Description
 projects.create=Créer un projet
@@ -1333,6 +1406,7 @@ projects.column.new=Nouvelle colonne
 projects.column.set_default=Définir par défaut
 projects.column.set_default_desc=Les tickets et demandes d’ajout non-catégorisés seront placés dans cette colonne.
 projects.column.delete=Supprimer la colonne
+projects.column.deletion_desc=La suppression d’une colonne déplace tous ses tickets dans la colonne par défaut. Continuer ?
 projects.column.color=Couleur
 projects.open=Ouvrir
 projects.close=Fermer
@@ -1367,6 +1441,9 @@ issues.new.assignees=Assignés
 issues.new.clear_assignees=Supprimer les affectations
 issues.new.no_assignees=Sans assignation
 issues.new.no_reviewers=Sans évaluateur
+issues.new.blocked_user=Impossible de créer un ticket car vous êtes bloqué par le propriétaire du dépôt.
+issues.edit.already_changed=Impossible d’enregistrer le ticket. Il semble que le contenu ait été modifié par un autre utilisateur. Veuillez rafraîchir la page et réessayer pour éviter d’écraser ses modifications.
+issues.edit.blocked_user=Impossible de modifier ce contenu car vous êtes bloqué par son propriétaire.
 issues.choose.get_started=Démarrons
 issues.choose.open_external_link=Ouvrir
 issues.choose.blank=Par défaut
@@ -1477,8 +1554,11 @@ issues.no_content=Sans contenu.
 issues.close=Fermer le ticket
 issues.comment_pull_merged_at=a fusionné la révision %[1]s dans %[2]s %[3]s
 issues.comment_manually_pull_merged_at=a fusionné manuellement la révision %[1]s dans %[2]s %[3]s
+issues.close_comment_issue=Commenter et Fermer
 issues.reopen_issue=Rouvrir
+issues.reopen_comment_issue=Commenter et Réouvrir
 issues.create_comment=Commenter
+issues.comment.blocked_user=Impossible créer ou de modifier un commentaire car vous êtes bloqué par le propriétaire du dépôt.
 issues.closed_at=`a fermé ce ticket <a id="%[1]s" href="#%[1]s">%[2]s</a>.`
 issues.reopened_at=`a réouvert ce ticket <a id="%[1]s" href="#%[1]s">%[2]s</a>.`
 issues.commit_ref_at=`a référencé ce ticket depuis une révision <a id="%[1]s" href="#%[1]s"> %[2]s</a>.`
@@ -1677,6 +1757,8 @@ compare.compare_head=comparer
 
 pulls.desc=Active les demandes d’ajouts et l’évaluation du code.
 pulls.new=Nouvelle demande d'ajout
+pulls.new.blocked_user=Impossible de créer une demande d’ajout car vous êtes bloqué par le propriétaire du dépôt.
+pulls.edit.already_changed=Impossible d’enregistrer la demande d’ajout. Il semble que le contenu ait été modifié par un autre utilisateur. Veuillez rafraîchir la page et réessayer afin d’éviter d’écraser leurs modifications.
 pulls.view=Voir la demande d'ajout
 pulls.compare_changes=Nouvelle demande d’ajout
 pulls.allow_edits_from_maintainers=Autoriser les modifications des mainteneurs
@@ -1822,6 +1904,7 @@ pulls.recently_pushed_new_branches=Vous avez soumis sur la branche <strong>%[1]s
 
 pull.deleted_branch=(supprimé) : %s
 
+comments.edit.already_changed=Impossible d’enregistrer ce commentaire. Il semble que le contenu ait été modifié par un autre utilisateur. Veuillez rafraîchir la page et réessayer afin d’éviter d’écraser leurs modifications.
 
 milestones.new=Nouveau jalon
 milestones.closed=%s fermé
@@ -1898,7 +1981,10 @@ wiki.page_name_desc=Entrez un nom pour cette page Wiki. Certains noms spéciaux
 wiki.original_git_entry_tooltip=Voir le fichier Git original au lieu d'utiliser un lien convivial.
 
 activity=Activité
+activity.navbar.pulse=Impulsion
+activity.navbar.code_frequency=Fréquence du code
 activity.navbar.contributors=Contributeurs
+activity.navbar.recent_commits=Révisions récentes
 activity.period.filter_label=Période :
 activity.period.daily=1 jour
 activity.period.halfweekly=3 jours
@@ -2017,7 +2103,9 @@ settings.branches.add_new_rule=Ajouter une nouvelle règle
 settings.advanced_settings=Paramètres avancés
 settings.wiki_desc=Activer le wiki du dépôt
 settings.use_internal_wiki=Utiliser le wiki interne
+settings.default_wiki_branch_name=Nom de la branche du Wiki par défaut
 settings.default_wiki_everyone_access=Autorisation d’accès par défaut pour les utilisateurs connectés :
+settings.failed_to_change_default_wiki_branch=Impossible de modifier la branche du wiki par défaut.
 settings.use_external_wiki=Utiliser un wiki externe
 settings.external_wiki_url=URL Wiki externe
 settings.external_wiki_url_error=L’URL du wiki externe n’est pas une URL valide.
@@ -2048,6 +2136,9 @@ settings.pulls.default_allow_edits_from_maintainers=Autoriser les modifications
 settings.releases_desc=Activer les publications du dépôt
 settings.packages_desc=Activer le registre des paquets du dépôt
 settings.projects_desc=Activer les projets de dépôt
+settings.projects_mode_desc=Mode Projets (type de projets à afficher)
+settings.projects_mode_repo=Projets de dépôt uniquement
+settings.projects_mode_owner=Projets d’utilisateur ou d’organisation uniquement
 settings.projects_mode_all=Tous les projets
 settings.actions_desc=Activer les actions du dépôt
 settings.admin_settings=Paramètres administrateur
@@ -2074,6 +2165,7 @@ settings.convert_fork_succeed=La bifurcation a été convertie en dépôt standa
 settings.transfer=Changer de propriétaire
 settings.transfer.rejected=Le transfert du dépôt a été rejeté.
 settings.transfer.success=Le transfert du dépôt a réussi.
+settings.transfer.blocked_user=Impossible de transférer ce dépôt car vous êtes bloqué par l’acquéreur.
 settings.transfer_abort=Annuler le transfert
 settings.transfer_abort_invalid=Vous ne pouvez pas annuler un transfert de dépôt inexistant.
 settings.transfer_abort_success=Le transfert du dépôt vers %s a bien été stoppé.
@@ -2119,6 +2211,7 @@ settings.add_collaborator_success=Le collaborateur a été ajouté.
 settings.add_collaborator_inactive_user=Impossible d'ajouter un utilisateur inactif en tant que collaborateur.
 settings.add_collaborator_owner=Impossible d'ajouter un propriétaire en tant que collaborateur.
 settings.add_collaborator_duplicate=Le collaborateur est déjà ajouté à ce dépôt.
+settings.add_collaborator.blocked_user=Ce collaborateur est bloqué par le propriétaire du dépôt ou inversement.
 settings.delete_collaborator=Supprimer
 settings.collaborator_deletion=Supprimer le collaborateur
 settings.collaborator_deletion_desc=La suppression d'un collaborateur révoque son accès à ce dépôt. Continuer ?
@@ -2557,13 +2650,16 @@ find_file.no_matching=Aucun fichier correspondant trouvé
 error.csv.too_large=Impossible de visualiser le fichier car il est trop volumineux.
 error.csv.unexpected=Impossible de visualiser ce fichier car il contient un caractère inattendu ligne %d, colonne %d.
 error.csv.invalid_field_count=Impossible de visualiser ce fichier car il contient un nombre de champs incorrect à la ligne %d.
+error.broken_git_hook=Les crochets Git de ce dépôt semblent cassés. Veuillez suivre la <a target="_blank" rel="noreferrer" href="%s">documentation</a> pour les corriger, puis pousser des révisions pour actualiser le statut.
 
 [graphs]
 component_loading=Chargement de %s…
 component_loading_failed=Impossible de charger %s.
 component_loading_info=Ça prend son temps…
 component_failed_to_load=Une erreur inattendue s’est produite.
+code_frequency.what=fréquence du code
 contributors.what=contributions
+recent_commits.what=révisions récentes
 
 [org]
 org_name_holder=Nom de l'organisation
@@ -2677,6 +2773,7 @@ teams.add_nonexistent_repo=Le dépôt que vous essayez d'ajouter n'existe pas, v
 teams.add_duplicate_users=L’utilisateur est déjà un membre de l’équipe.
 teams.repos.none=Aucun dépôt n'est accessible par cette équipe.
 teams.members.none=Aucun membre dans cette équipe.
+teams.members.blocked_user=Impossible d’ajouter l’utilisateur car il est bloqué par l’organisation.
 teams.specific_repositories=Dépôts spécifiques
 teams.specific_repositories_helper=Les membres auront seulement accès aux dépôts explicitement ajoutés à l'équipe. Sélectionner ceci <strong>ne supprimera pas automatiquement</strong> les dépôts déjà ajoutés avec <i>Tous les dépôts</i>.
 teams.all_repositories=Tous les dépôts
@@ -2689,6 +2786,7 @@ teams.invite.by=Invité par %s
 teams.invite.description=Veuillez cliquer sur le bouton ci-dessous pour rejoindre l’équipe.
 
 [admin]
+maintenance=Maintenance
 dashboard=Tableau de bord
 self_check=Autodiagnostique
 identity_access=Identité et accès
@@ -2712,6 +2810,7 @@ settings=Paramètres administrateur
 
 dashboard.new_version_hint=Gitea %s est maintenant disponible, vous utilisez %s. Consultez <a target="_blank" rel="noreferrer" href="https://blog.gitea.io">le blog</a> pour plus de détails.
 dashboard.statistic=Résumé
+dashboard.maintenance_operations=Opérations de maintenance
 dashboard.system_status=État du système
 dashboard.operation_name=Nom de l'Opération
 dashboard.operation_switch=Basculer
@@ -2997,11 +3096,14 @@ auths.tips=Conseils
 auths.tips.oauth2.general=Authentification OAuth2
 auths.tips.oauth2.general.tip=Lors de l'enregistrement d'une nouvelle authentification OAuth2, l'URL de rappel/redirection doit être :
 auths.tip.oauth2_provider=Fournisseur OAuth2
+auths.tip.bitbucket=Créez un nouveau jeton OAuth sur https://bitbucket.org/account/user/{your username}/oauth-consumers/new et ajoutez la permission “Compte” - “Lecture”.
 auths.tip.nextcloud=`Enregistrez un nouveau consommateur OAuth sur votre instance en utilisant le menu "Paramètres -> Sécurité -> Client OAuth 2.0"`
 auths.tip.dropbox=Créez une nouvelle application sur https://www.dropbox.com/developers/apps
 auths.tip.facebook=`Enregistrez une nouvelle application sur https://developers.facebook.com/apps et ajoutez le produit "Facebook Login"`
 auths.tip.github=Créez une nouvelle application OAuth sur https://github.com/settings/applications/new
+auths.tip.gitlab_new=Enregistrez une nouvelle application sur https://gitlab.com/-/profile/applications
 auths.tip.google_plus=Obtenez des identifiants OAuth2 sur la console API de Google (https://console.developers.google.com/)
+auths.tip.openid_connect=Utilisez l’URL de découverte OpenID « https://{server}/.well-known/openid-configuration » pour spécifier les points d'accès.
 auths.tip.twitter=Rendez-vous sur https://dev.twitter.com/apps, créez une application et assurez-vous que l'option "Autoriser l'application à être utilisée avec Twitter Connect" est activée
 auths.tip.discord=Enregistrer une nouvelle application sur https://discordapp.com/developers/applications/me
 auths.tip.gitea=Enregistrez une nouvelle application OAuth2. Le guide peut être trouvé sur https://docs.gitea.com/development/oauth2-provider
@@ -3135,6 +3237,7 @@ config.picture_config=Configuration de l'avatar
 config.picture_service=Service d'Imagerie
 config.disable_gravatar=Désactiver Gravatar
 config.enable_federated_avatar=Activer les avatars unifiés
+config.open_with_editor_app_help=Les éditeurs disponibles via « Ouvrir avec ». Si laissé vide, la valeur par défaut sera utilisée. Développez pour voir la valeur par défaut.
 
 config.git_config=Configuration de Git
 config.git_disable_diff_highlight=Désactiver la surbrillance syntaxique de Diff
@@ -3214,11 +3317,13 @@ notices.op=Opération
 notices.delete_success=Les informations systèmes ont été supprimées.
 
 self_check.no_problem_found=Aucun problème trouvé pour l’instant.
+self_check.startup_warnings=Avertissements au démarrage :
 self_check.database_collation_mismatch=Exige que la base de données utilise la collation %s.
 self_check.database_collation_case_insensitive=La base de données utilise la collation %s, insensible à la casse. Bien que Gitea soit compatible, il peut y avoir quelques rares cas qui ne fonctionnent pas comme prévu.
 self_check.database_inconsistent_collation_columns=La base de données utilise la collation %s, mais ces colonnes utilisent des collations différentes. Cela peut causer des problèmes imprévus.
 self_check.database_fix_mysql=Pour les utilisateurs de MySQL ou MariaDB, vous pouvez utiliser la commande « gitea doctor convert » dans un terminal ou exécuter une requête du type « ALTER … COLLATE ... » pour résoudre les problèmes de collation.
 self_check.database_fix_mssql=Pour les utilisateurs de MSSQL, vous ne pouvez résoudre le problème qu’en exécutant une requête SQL du type « ALTER … COLLATE … ».
+self_check.location_origin_mismatch=L’URL actuelle (%[1]s) ne correspond pas à l’URL vue par Gitea (%[2]). Si vous utilisez un proxy inverse, assurez-vous que les en-têtes « Host » et « X-Forwarded-Proto » sont correctement définis.
 
 [action]
 create_repo=a créé le dépôt <a href="%s">%s</a>
@@ -3246,6 +3351,7 @@ mirror_sync_create=a synchronisé la nouvelle référence <a href="%[2]s">%[3]s<
 mirror_sync_delete=a synchronisé puis supprimé la nouvelle référence <code>%[2]s</code> vers <a href="%[1]s">%[3]s</a> depuis le miroir
 approve_pull_request=`a approuvé <a href="%[1]s">%[3]s#%[2]s</a>`
 reject_pull_request=`a suggérés des changements pour <a href="%[1]s">%[3]s#%[2]s</a>`
+publish_release=`a publié <a href="%[2]s"> "%[4]s" </a> dans <a href="%[1]s">%[3]s</a>`
 review_dismissed=`a révoqué l’évaluation de <b>%[4]s</b> dans <a href="%[1]s">%[3]s#%[2]s</a>`
 review_dismissed_reason=Raison :
 create_branch=a créé la branche <a href="%[2]s">%[3]s</a> dans <a href="%[1]s">%[4]s</a>
@@ -3312,6 +3418,7 @@ error.unit_not_allowed=Vous n'êtes pas autorisé à accéder à cette section d
 title=Paquets
 desc=Gérer les paquets du dépôt.
 empty=Il n'y pas de paquet pour le moment.
+no_metadata=Pas de métadonnées.
 empty.documentation=Pour plus d'informations sur le registre de paquets, voir <a target="_blank" rel="noopener noreferrer" href="%s">la documentation</a>.
 empty.repo=Avez-vous téléchargé un paquet, mais il n'est pas affiché ici? Allez dans les <a href="%[1]s">paramètres du paquet</a> et liez le à ce dépôt.
 registry.documentation=Pour plus d’informations sur le registre %s, voir <a target="_blank" rel="noopener noreferrer" href="%s">la documentation</a>.
@@ -3393,6 +3500,7 @@ npm.install=Pour installer le paquet en utilisant npm, exécutez la commande sui
 npm.install2=ou ajoutez-le au fichier package.json :
 npm.dependencies=Dépendances
 npm.dependencies.development=Dépendances de développement
+npm.dependencies.bundle=Dépendances emballées
 npm.dependencies.peer=Dépendances de pairs
 npm.dependencies.optional=Dépendances optionnelles
 npm.details.tag=Balise
@@ -3532,6 +3640,8 @@ runs.scheduled=Planifié
 runs.pushed_by=soumis par
 runs.invalid_workflow_helper=La configuration du flux de travail est invalide. Veuillez vérifier votre fichier %s.
 runs.no_matching_online_runner_helper=Aucun exécuteur en ligne correspondant au libellé %s
+runs.no_job_without_needs=Le flux de travail doit contenir au moins une tâche sans dépendance.
+runs.no_job=Le flux de travail doit contenir au moins une tâche
 runs.actor=Acteur
 runs.status=Statut
 runs.actors_no_select=Tous les acteurs

From a2304cb163ce5e097078e71f49d4d5cb4c8b20d9 Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Mon, 10 Jun 2024 12:12:31 +0200
Subject: [PATCH 06/46] Remove jQuery `.text()` (#30506)

Remove and forbid [.text()](https://api.jquery.com/text/). Tested some,
but not all functionality, but I think these are pretty safe
replacements.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 .eslintrc.yaml                             |   4 +-
 templates/repo/editor/commit_form.tmpl     |   6 +-
 templates/repo/settings/collaboration.tmpl |   8 +-
 web_src/js/features/common-global.js       |  95 ++++++++++--------
 web_src/js/features/imagediff.js           |  10 +-
 web_src/js/features/notification.js        |  14 +--
 web_src/js/features/repo-editor.js         | 111 ++++++++-------------
 web_src/js/features/repo-issue-edit.js     |   7 +-
 web_src/js/features/repo-issue.js          |  22 ++--
 web_src/js/features/repo-legacy.js         |   4 +-
 web_src/js/features/repo-settings.js       |  45 ++++-----
 web_src/js/index.js                        |   4 +-
 12 files changed, 161 insertions(+), 169 deletions(-)

diff --git a/.eslintrc.yaml b/.eslintrc.yaml
index 0eda8a1877..cbfe0220e8 100644
--- a/.eslintrc.yaml
+++ b/.eslintrc.yaml
@@ -324,7 +324,7 @@ rules:
   jquery/no-sizzle: [2]
   jquery/no-slide: [2]
   jquery/no-submit: [2]
-  jquery/no-text: [0]
+  jquery/no-text: [2]
   jquery/no-toggle: [2]
   jquery/no-trigger: [0]
   jquery/no-trim: [2]
@@ -477,7 +477,7 @@ rules:
   no-jquery/no-slide: [2]
   no-jquery/no-sub: [2]
   no-jquery/no-support: [2]
-  no-jquery/no-text: [0]
+  no-jquery/no-text: [2]
   no-jquery/no-trigger: [0]
   no-jquery/no-trim: [2]
   no-jquery/no-type: [2]
diff --git a/templates/repo/editor/commit_form.tmpl b/templates/repo/editor/commit_form.tmpl
index 21ef63288f..61122417d2 100644
--- a/templates/repo/editor/commit_form.tmpl
+++ b/templates/repo/editor/commit_form.tmpl
@@ -23,7 +23,7 @@
 		<div class="quick-pull-choice js-quick-pull-choice">
 			<div class="field">
 				<div class="ui radio checkbox {{if not .CanCommitToBranch.CanCommitToBranch}}disabled{{end}}">
-					<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" button_text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "direct"}}checked{{end}}>
+					<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="direct" data-button-text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "direct"}}checked{{end}}>
 					<label>
 						{{svg "octicon-git-commit"}}
 						{{ctx.Locale.Tr "repo.editor.commit_directly_to_this_branch" .BranchName}}
@@ -43,9 +43,9 @@
 				<div class="field">
 					<div class="ui radio checkbox">
 						{{if .CanCreatePullRequest}}
-							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" button_text="{{ctx.Locale.Tr "repo.editor.propose_file_change"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
+							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" data-button-text="{{ctx.Locale.Tr "repo.editor.propose_file_change"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
 						{{else}}
-							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" button_text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
+							<input type="radio" class="js-quick-pull-choice-option" name="commit_choice" value="commit-to-new-branch" data-button-text="{{ctx.Locale.Tr "repo.editor.commit_changes"}}" {{if eq .commit_choice "commit-to-new-branch"}}checked{{end}}>
 						{{end}}
 						<label>
 							{{svg "octicon-git-pull-request"}}
diff --git a/templates/repo/settings/collaboration.tmpl b/templates/repo/settings/collaboration.tmpl
index ed4d5e7eb3..255d0d59a1 100644
--- a/templates/repo/settings/collaboration.tmpl
+++ b/templates/repo/settings/collaboration.tmpl
@@ -19,13 +19,13 @@
 						<div class="flex-item-trailing">
 							<div class="flex-text-block">
 								{{svg "octicon-shield-lock"}}
-								<div class="ui inline dropdown access-mode" data-url="{{$.Link}}/access_mode" data-uid="{{.ID}}" data-last-value="{{printf "%d" .Collaboration.Mode}}">
+								<div class="ui dropdown custom access-mode" data-url="{{$.Link}}/access_mode" data-uid="{{.ID}}" data-last-value="{{.Collaboration.Mode}}">
 									<div class="text">{{if eq .Collaboration.Mode 1}}{{ctx.Locale.Tr "repo.settings.collaboration.read"}}{{else if eq .Collaboration.Mode 2}}{{ctx.Locale.Tr "repo.settings.collaboration.write"}}{{else if eq .Collaboration.Mode 3}}{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}{{else}}{{ctx.Locale.Tr "repo.settings.collaboration.undefined"}}{{end}}</div>
 									{{svg "octicon-triangle-down" 14 "dropdown icon"}}
 									<div class="menu">
-										<div class="item" data-text="{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}" data-value="3">{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}</div>
-										<div class="item" data-text="{{ctx.Locale.Tr "repo.settings.collaboration.write"}}" data-value="2">{{ctx.Locale.Tr "repo.settings.collaboration.write"}}</div>
-										<div class="item" data-text="{{ctx.Locale.Tr "repo.settings.collaboration.read"}}" data-value="1">{{ctx.Locale.Tr "repo.settings.collaboration.read"}}</div>
+										<div class="item" data-value="3">{{ctx.Locale.Tr "repo.settings.collaboration.admin"}}</div>
+										<div class="item" data-value="2">{{ctx.Locale.Tr "repo.settings.collaboration.write"}}</div>
+										<div class="item" data-value="1">{{ctx.Locale.Tr "repo.settings.collaboration.read"}}</div>
 									</div>
 								</div>
 							</div>
diff --git a/web_src/js/features/common-global.js b/web_src/js/features/common-global.js
index 65eb237dde..5162c71509 100644
--- a/web_src/js/features/common-global.js
+++ b/web_src/js/features/common-global.js
@@ -301,52 +301,65 @@ async function linkAction(e) {
   }
 }
 
-export function initGlobalLinkActions() {
-  function showDeletePopup(e) {
-    e.preventDefault();
-    const $this = $(this);
-    const dataArray = $this.data();
-    let filter = '';
-    if (this.getAttribute('data-modal-id')) {
-      filter += `#${this.getAttribute('data-modal-id')}`;
-    }
+export function initGlobalDeleteButton() {
+  // ".delete-button" shows a confirmation modal defined by `data-modal-id` attribute.
+  // Some model/form elements will be filled by `data-id` / `data-name` / `data-data-xxx` attributes.
+  // If there is a form defined by `data-form`, then the form will be submitted as-is (without any modification).
+  // If there is no form, then the data will be posted to `data-url`.
+  // TODO: it's not encouraged to use this method. `show-modal` does far better than this.
+  for (const btn of document.querySelectorAll('.delete-button')) {
+    btn.addEventListener('click', (e) => {
+      e.preventDefault();
 
-    const $dialog = $(`.delete.modal${filter}`);
-    $dialog.find('.name').text($this.data('name'));
-    for (const [key, value] of Object.entries(dataArray)) {
-      if (key && key.startsWith('data')) {
-        $dialog.find(`.${key}`).text(value);
+      // eslint-disable-next-line github/no-dataset -- code depends on the camel-casing
+      const dataObj = btn.dataset;
+
+      const modalId = btn.getAttribute('data-modal-id');
+      const modal = document.querySelector(`.delete.modal${modalId ? `#${modalId}` : ''}`);
+
+      // set the modal "display name" by `data-name`
+      const modalNameEl = modal.querySelector('.name');
+      if (modalNameEl) modalNameEl.textContent = btn.getAttribute('data-name');
+
+      // fill the modal elements with data-xxx attributes: `data-data-organization-name="..."` => `<span class="dataOrganizationName">...</span>`
+      for (const [key, value] of Object.entries(dataObj)) {
+        if (key.startsWith('data')) {
+          const textEl = modal.querySelector(`.${key}`);
+          if (textEl) textEl.textContent = value;
+        }
       }
-    }
 
-    $dialog.modal({
-      closable: false,
-      onApprove: async () => {
-        if ($this.data('type') === 'form') {
-          $($this.data('form')).trigger('submit');
-          return;
-        }
-        const postData = new FormData();
-        for (const [key, value] of Object.entries(dataArray)) {
-          if (key && key.startsWith('data')) {
-            postData.append(key.slice(4), value);
+      $(modal).modal({
+        closable: false,
+        onApprove: async () => {
+          // if `data-type="form"` exists, then submit the form by the selector provided by `data-form="..."`
+          if (btn.getAttribute('data-type') === 'form') {
+            const formSelector = btn.getAttribute('data-form');
+            const form = document.querySelector(formSelector);
+            if (!form) throw new Error(`no form named ${formSelector} found`);
+            form.submit();
           }
-          if (key === 'id') {
-            postData.append('id', value);
-          }
-        }
 
-        const response = await POST($this.data('url'), {data: postData});
-        if (response.ok) {
-          const data = await response.json();
-          window.location.href = data.redirect;
-        }
-      },
-    }).modal('show');
+          // prepare an AJAX form by data attributes
+          const postData = new FormData();
+          for (const [key, value] of Object.entries(dataObj)) {
+            if (key.startsWith('data')) { // for data-data-xxx (HTML) -> dataXxx (form)
+              postData.append(key.slice(4), value);
+            }
+            if (key === 'id') { // for data-id="..."
+              postData.append('id', value);
+            }
+          }
+
+          const response = await POST(btn.getAttribute('data-url'), {data: postData});
+          if (response.ok) {
+            const data = await response.json();
+            window.location.href = data.redirect;
+          }
+        },
+      }).modal('show');
+    });
   }
-
-  // Helpers.
-  $('.delete-button').on('click', showDeletePopup);
 }
 
 function initGlobalShowModal() {
@@ -382,7 +395,7 @@ function initGlobalShowModal() {
       } else if ($attrTarget[0].matches('input, textarea')) {
         $attrTarget.val(attrib.value); // FIXME: add more supports like checkbox
       } else {
-        $attrTarget.text(attrib.value); // FIXME: it should be more strict here, only handle div/span/p
+        $attrTarget[0].textContent = attrib.value; // FIXME: it should be more strict here, only handle div/span/p
       }
     }
 
diff --git a/web_src/js/features/imagediff.js b/web_src/js/features/imagediff.js
index d1b139ffde..2d28b4b526 100644
--- a/web_src/js/features/imagediff.js
+++ b/web_src/js/features/imagediff.js
@@ -79,20 +79,20 @@ export function initImageDiff() {
       path: this.getAttribute('data-path-after'),
       mime: this.getAttribute('data-mime-after'),
       $images: $container.find('img.image-after'), // matches 3 <img>
-      $boundsInfo: $container.find('.bounds-info-after'),
+      boundsInfo: this.querySelector('.bounds-info-after'),
     }, {
       path: this.getAttribute('data-path-before'),
       mime: this.getAttribute('data-mime-before'),
       $images: $container.find('img.image-before'), // matches 3 <img>
-      $boundsInfo: $container.find('.bounds-info-before'),
+      boundsInfo: this.querySelector('.bounds-info-before'),
     }];
 
     await Promise.all(imageInfos.map(async (info) => {
       const [success] = await Promise.all(Array.from(info.$images, (img) => {
         return loadElem(img, info.path);
       }));
-      // only the first images is associated with $boundsInfo
-      if (!success) info.$boundsInfo.text('(image error)');
+      // only the first images is associated with boundsInfo
+      if (!success && info.boundsInfo) info.boundsInfo.textContent = '(image error)';
       if (info.mime === 'image/svg+xml') {
         const resp = await GET(info.path);
         const text = await resp.text();
@@ -102,7 +102,7 @@ export function initImageDiff() {
             this.setAttribute('width', bounds.width);
             this.setAttribute('height', bounds.height);
           });
-          hideElem(info.$boundsInfo);
+          hideElem(info.boundsInfo);
         }
       }
     }));
diff --git a/web_src/js/features/notification.js b/web_src/js/features/notification.js
index 8e5a1f83db..f045879dec 100644
--- a/web_src/js/features/notification.js
+++ b/web_src/js/features/notification.js
@@ -47,17 +47,13 @@ async function receiveUpdateCount(event) {
 }
 
 export function initNotificationCount() {
-  const $notificationCount = $('.notification_count');
-
-  if (!$notificationCount.length) {
-    return;
-  }
+  if (!document.querySelector('.notification_count')) return;
 
   let usingPeriodicPoller = false;
   const startPeriodicPoller = (timeout, lastCount) => {
     if (timeout <= 0 || !Number.isFinite(timeout)) return;
     usingPeriodicPoller = true;
-    lastCount = lastCount ?? $notificationCount.text();
+    lastCount = lastCount ?? getCurrentCount();
     setTimeout(async () => {
       await updateNotificationCountWithCallback(startPeriodicPoller, timeout, lastCount);
     }, timeout);
@@ -121,8 +117,12 @@ export function initNotificationCount() {
   startPeriodicPoller(notificationSettings.MinTimeout);
 }
 
+function getCurrentCount() {
+  return document.querySelector('.notification_count').textContent;
+}
+
 async function updateNotificationCountWithCallback(callback, timeout, lastCount) {
-  const currentCount = $('.notification_count').text();
+  const currentCount = getCurrentCount();
   if (lastCount !== currentCount) {
     callback(notificationSettings.MinTimeout, currentCount);
     return;
diff --git a/web_src/js/features/repo-editor.js b/web_src/js/features/repo-editor.js
index a5232cb4b6..b4fae4f6aa 100644
--- a/web_src/js/features/repo-editor.js
+++ b/web_src/js/features/repo-editor.js
@@ -1,7 +1,7 @@
 import $ from 'jquery';
 import {htmlEscape} from 'escape-goat';
 import {createCodeEditor} from './codeeditor.js';
-import {hideElem, showElem} from '../utils/dom.js';
+import {hideElem, queryElems, showElem} from '../utils/dom.js';
 import {initMarkupContent} from '../markup/content.js';
 import {attachRefIssueContextPopup} from './contextpopup.js';
 import {POST} from '../modules/fetch.js';
@@ -40,98 +40,75 @@ function initEditPreviewTab($form) {
   }
 }
 
-function initEditorForm() {
-  const $form = $('.repository .edit.form');
-  if (!$form) return;
-  initEditPreviewTab($form);
-}
-
-function getCursorPosition($e) {
-  const el = $e.get(0);
-  let pos = 0;
-  if ('selectionStart' in el) {
-    pos = el.selectionStart;
-  } else if ('selection' in document) {
-    el.focus();
-    const Sel = document.selection.createRange();
-    const SelLength = document.selection.createRange().text.length;
-    Sel.moveStart('character', -el.value.length);
-    pos = Sel.text.length - SelLength;
-  }
-  return pos;
-}
-
 export function initRepoEditor() {
-  initEditorForm();
+  const $editArea = $('.repository.editor textarea#edit_area');
+  if (!$editArea.length) return;
 
-  $('.js-quick-pull-choice-option').on('change', function () {
-    if ($(this).val() === 'commit-to-new-branch') {
-      showElem('.quick-pull-branch-name');
-      document.querySelector('.quick-pull-branch-name input').required = true;
-    } else {
-      hideElem('.quick-pull-branch-name');
-      document.querySelector('.quick-pull-branch-name input').required = false;
-    }
-    $('#commit-button').text(this.getAttribute('button_text'));
-  });
-
-  const joinTreePath = ($fileNameEl) => {
-    const parts = [];
-    $('.breadcrumb span.section').each(function () {
-      const $element = $(this);
-      if ($element.find('a').length) {
-        parts.push($element.find('a').text());
+  for (const el of queryElems('.js-quick-pull-choice-option')) {
+    el.addEventListener('input', () => {
+      if (el.value === 'commit-to-new-branch') {
+        showElem('.quick-pull-branch-name');
+        document.querySelector('.quick-pull-branch-name input').required = true;
       } else {
-        parts.push($element.text());
+        hideElem('.quick-pull-branch-name');
+        document.querySelector('.quick-pull-branch-name input').required = false;
       }
+      document.querySelector('#commit-button').textContent = el.getAttribute('data-button-text');
     });
-    if ($fileNameEl.val()) parts.push($fileNameEl.val());
-    $('#tree_path').val(parts.join('/'));
-  };
-
-  const $editFilename = $('#file-name');
-  $editFilename.on('input', function () {
-    const parts = $(this).val().split('/');
+  }
 
+  const filenameInput = document.querySelector('#file-name');
+  function joinTreePath() {
+    const parts = [];
+    for (const el of document.querySelectorAll('.breadcrumb span.section')) {
+      const link = el.querySelector('a');
+      parts.push(link ? link.textContent : el.textContent);
+    }
+    if (filenameInput.value) {
+      parts.push(filenameInput.value);
+    }
+    document.querySelector('#tree_path').value = parts.join('/');
+  }
+  filenameInput.addEventListener('input', function () {
+    const parts = filenameInput.value.split('/');
     if (parts.length > 1) {
       for (let i = 0; i < parts.length; ++i) {
         const value = parts[i];
         if (i < parts.length - 1) {
           if (value.length) {
-            $(`<span class="section"><a href="#">${htmlEscape(value)}</a></span>`).insertBefore($(this));
-            $('<div class="breadcrumb-divider">/</div>').insertBefore($(this));
+            $(`<span class="section"><a href="#">${htmlEscape(value)}</a></span>`).insertBefore($(filenameInput));
+            $('<div class="breadcrumb-divider">/</div>').insertBefore($(filenameInput));
           }
         } else {
-          $(this).val(value);
+          filenameInput.value = value;
         }
         this.setSelectionRange(0, 0);
       }
     }
-
-    joinTreePath($(this));
+    joinTreePath();
   });
-
-  $editFilename.on('keydown', function (e) {
-    const $section = $('.breadcrumb span.section');
-
+  filenameInput.addEventListener('keydown', function (e) {
+    const sections = queryElems('.breadcrumb span.section');
+    const dividers = queryElems('.breadcrumb .breadcrumb-divider');
     // Jump back to last directory once the filename is empty
-    if (e.code === 'Backspace' && getCursorPosition($(this)) === 0 && $section.length > 0) {
+    if (e.code === 'Backspace' && filenameInput.selectionStart === 0 && sections.length > 0) {
       e.preventDefault();
-      const $divider = $('.breadcrumb .breadcrumb-divider');
-      const value = $section.last().find('a').text();
-      $(this).val(value + $(this).val());
+      const lastSection = sections[sections.length - 1];
+      const lastDivider = dividers.length ? dividers[dividers.length - 1] : null;
+      const value = lastSection.querySelector('a').textContent;
+      filenameInput.value = value + filenameInput.value;
       this.setSelectionRange(value.length, value.length);
-      $section.last().remove();
-      $divider.last().remove();
-      joinTreePath($(this));
+      lastDivider?.remove();
+      lastSection.remove();
+      joinTreePath();
     }
   });
 
-  const $editArea = $('.repository.editor textarea#edit_area');
-  if (!$editArea.length) return;
+  const $form = $('.repository.editor .edit.form');
+  initEditPreviewTab($form);
 
   (async () => {
-    const editor = await createCodeEditor($editArea[0], $editFilename[0]);
+    const editor = await createCodeEditor($editArea[0], filenameInput);
 
     // Using events from https://github.com/codedance/jquery.AreYouSure#advanced-usage
     // to enable or disable the commit button
diff --git a/web_src/js/features/repo-issue-edit.js b/web_src/js/features/repo-issue-edit.js
index 9a8d737e01..29b96f5127 100644
--- a/web_src/js/features/repo-issue-edit.js
+++ b/web_src/js/features/repo-issue-edit.js
@@ -189,11 +189,12 @@ export function initRepoIssueCommentEdit() {
   // Quote reply
   $(document).on('click', '.quote-reply', async function (event) {
     event.preventDefault();
-    const target = $(this).data('target');
-    const quote = $(`#${target}`).text().replace(/\n/g, '\n> ');
+    const target = this.getAttribute('data-target');
+    const quote = document.querySelector(`#${target}`).textContent.replace(/\n/g, '\n> ');
     const content = `> ${quote}\n\n`;
+
     let editor;
-    if ($(this).hasClass('quote-reply-diff')) {
+    if (this.classList.contains('quote-reply-diff')) {
       const $replyBtn = $(this).closest('.comment-code-cloud').find('button.comment-form-reply');
       editor = await handleReply($replyBtn);
     } else {
diff --git a/web_src/js/features/repo-issue.js b/web_src/js/features/repo-issue.js
index 95910e34bc..3cbbdc41fc 100644
--- a/web_src/js/features/repo-issue.js
+++ b/web_src/js/features/repo-issue.js
@@ -278,11 +278,12 @@ export function initRepoPullRequestUpdate() {
 
   $('.update-button > .dropdown').dropdown({
     onChange(_text, _value, $choice) {
-      const url = $choice[0].getAttribute('data-do');
+      const choiceEl = $choice[0];
+      const url = choiceEl.getAttribute('data-do');
       if (url) {
         const buttonText = pullUpdateButton.querySelector('.button-text');
         if (buttonText) {
-          buttonText.textContent = $choice.text();
+          buttonText.textContent = choiceEl.textContent;
         }
         pullUpdateButton.setAttribute('data-do', url);
       }
@@ -567,14 +568,15 @@ export function initRepoPullRequestReview() {
 export function initRepoIssueReferenceIssue() {
   // Reference issue
   $(document).on('click', '.reference-issue', function (event) {
-    const $this = $(this);
-    const content = $(`#${$this.data('target')}`).text();
-    const poster = $this.data('poster-username');
-    const reference = toAbsoluteUrl($this.data('reference'));
-    const $modal = $($this.data('modal'));
-    $modal.find('textarea[name="content"]').val(`${content}\n\n_Originally posted by @${poster} in ${reference}_`);
-    $modal.modal('show');
-
+    const target = this.getAttribute('data-target');
+    const content = document.querySelector(`#${target}`)?.textContent ?? '';
+    const poster = this.getAttribute('data-poster-username');
+    const reference = toAbsoluteUrl(this.getAttribute('data-reference'));
+    const modalSelector = this.getAttribute('data-modal');
+    const modal = document.querySelector(modalSelector);
+    const textarea = modal.querySelector('textarea[name="content"]');
+    textarea.value = `${content}\n\n_Originally posted by @${poster} in ${reference}_`;
+    $(modal).modal('show');
     event.preventDefault();
   });
 }
diff --git a/web_src/js/features/repo-legacy.js b/web_src/js/features/repo-legacy.js
index 2323d818c2..e53d86cca0 100644
--- a/web_src/js/features/repo-legacy.js
+++ b/web_src/js/features/repo-legacy.js
@@ -272,9 +272,9 @@ export function initRepoCommentForm() {
       }
 
       $list.find('.selected').html(`
-        <a class="item muted sidebar-item-link" href=${$(this).data('href')}>
+        <a class="item muted sidebar-item-link" href=${htmlEscape(this.getAttribute('href'))}>
           ${icon}
-          ${htmlEscape($(this).text())}
+          ${htmlEscape(this.textContent)}
         </a>
       `);
 
diff --git a/web_src/js/features/repo-settings.js b/web_src/js/features/repo-settings.js
index 52c5de2bfa..652f8ac290 100644
--- a/web_src/js/features/repo-settings.js
+++ b/web_src/js/features/repo-settings.js
@@ -1,47 +1,46 @@
 import $ from 'jquery';
 import {minimatch} from 'minimatch';
 import {createMonaco} from './codeeditor.js';
-import {onInputDebounce, toggleElem} from '../utils/dom.js';
+import {onInputDebounce, queryElems, toggleElem} from '../utils/dom.js';
 import {POST} from '../modules/fetch.js';
 
 const {appSubUrl, csrfToken} = window.config;
 
 export function initRepoSettingsCollaboration() {
   // Change collaborator access mode
-  $('.page-content.repository .ui.dropdown.access-mode').each((_, el) => {
-    const $dropdown = $(el);
-    const $text = $dropdown.find('> .text');
-    $dropdown.dropdown({
-      async action(_text, value) {
-        const lastValue = el.getAttribute('data-last-value');
+  for (const dropdownEl of queryElems('.page-content.repository .ui.dropdown.access-mode')) {
+    const textEl = dropdownEl.querySelector(':scope > .text');
+    $(dropdownEl).dropdown({
+      async action(text, value) {
+        dropdownEl.classList.add('is-loading', 'loading-icon-2px');
+        const lastValue = dropdownEl.getAttribute('data-last-value');
+        $(dropdownEl).dropdown('hide');
         try {
-          el.setAttribute('data-last-value', value);
-          $dropdown.dropdown('hide');
-          const data = new FormData();
-          data.append('uid', el.getAttribute('data-uid'));
-          data.append('mode', value);
-          await POST(el.getAttribute('data-url'), {data});
+          const uid = dropdownEl.getAttribute('data-uid');
+          await POST(dropdownEl.getAttribute('data-url'), {data: new URLSearchParams({uid, 'mode': value})});
+          textEl.textContent = text;
+          dropdownEl.setAttribute('data-last-value', value);
         } catch {
-          $text.text('(error)'); // prevent from misleading users when error occurs
-          el.setAttribute('data-last-value', lastValue);
+          textEl.textContent = '(error)'; // prevent from misleading users when error occurs
+          dropdownEl.setAttribute('data-last-value', lastValue);
+        } finally {
+          dropdownEl.classList.remove('is-loading');
         }
       },
-      onChange(_value, text, _$choice) {
-        $text.text(text); // update the text when using keyboard navigating
-      },
       onHide() {
-        // set to the really selected value, defer to next tick to make sure `action` has finished its work because the calling order might be onHide -> action
+        // set to the really selected value, defer to next tick to make sure `action` has finished
+        // its work because the calling order might be onHide -> action
         setTimeout(() => {
-          const $item = $dropdown.dropdown('get item', el.getAttribute('data-last-value'));
+          const $item = $(dropdownEl).dropdown('get item', dropdownEl.getAttribute('data-last-value'));
           if ($item) {
-            $dropdown.dropdown('set selected', el.getAttribute('data-last-value'));
+            $(dropdownEl).dropdown('set selected', dropdownEl.getAttribute('data-last-value'));
           } else {
-            $text.text('(none)'); // prevent from misleading users when the access mode is undefined
+            textEl.textContent = '(none)'; // prevent from misleading users when the access mode is undefined
           }
         }, 0);
       },
     });
-  });
+  }
 }
 
 export function initRepoSettingSearchTeamBox() {
diff --git a/web_src/js/index.js b/web_src/js/index.js
index 1867556eee..12cd0ee15a 100644
--- a/web_src/js/index.js
+++ b/web_src/js/index.js
@@ -43,7 +43,7 @@ import {
   initGlobalDropzone,
   initGlobalEnterQuickSubmit,
   initGlobalFormDirtyLeaveConfirm,
-  initGlobalLinkActions,
+  initGlobalDeleteButton,
   initHeadNavbarContentToggle,
 } from './features/common-global.js';
 import {initRepoTopicBar} from './features/repo-home.js';
@@ -103,7 +103,7 @@ onDomReady(() => {
   initGlobalDropzone();
   initGlobalEnterQuickSubmit();
   initGlobalFormDirtyLeaveConfirm();
-  initGlobalLinkActions();
+  initGlobalDeleteButton();
 
   initCommonOrganization();
   initCommonIssueListQuickGoto();

From 507fbf4c3ceffba9143edbe421a134b904210a4c Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Mon, 10 Jun 2024 22:49:33 +0200
Subject: [PATCH 07/46] Use `querySelector` over alternative DOM methods
 (#31280)

As per
https://github.com/go-gitea/gitea/pull/30115#discussion_r1626060164,
prefer `querySelector` by enabling
[`unicorn/prefer-query-selector`](https://github.com/sindresorhus/eslint-plugin-unicorn/blob/main/docs/rules/prefer-query-selector.md)
and autofixing all except 10 issues.

According to
[this](https://old.reddit.com/r/learnjavascript/comments/i0f5o8/performance_of_getelementbyid_vs_queryselector/),
querySelector may be faster as well, so it's a win-win.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
---
 .eslintrc.yaml                                |  2 +-
 web_src/js/components/DashboardRepoList.vue   |  4 +-
 web_src/js/components/DiffCommitSelector.vue  |  2 +-
 web_src/js/components/DiffFileList.vue        |  4 +-
 web_src/js/components/DiffFileTree.vue        |  2 +-
 web_src/js/components/RepoActionView.vue      |  2 +-
 .../js/components/RepoActivityTopAuthors.vue  |  2 +-
 .../js/components/RepoBranchTagSelector.vue   |  2 +-
 .../components/ScopedAccessTokenSelector.vue  | 12 ++--
 web_src/js/features/admin/common.js           | 60 +++++++++----------
 web_src/js/features/citation.js               |  8 +--
 web_src/js/features/code-frequency.js         |  2 +-
 web_src/js/features/colorpicker.js            |  2 +-
 web_src/js/features/common-global.js          |  4 +-
 web_src/js/features/common-issue-list.js      |  2 +-
 web_src/js/features/comp/SearchUserBox.js     |  2 +-
 web_src/js/features/comp/WebHookEditor.js     |  6 +-
 web_src/js/features/contributors.js           |  2 +-
 web_src/js/features/copycontent.js            |  2 +-
 web_src/js/features/heatmap.js                |  2 +-
 web_src/js/features/install.js                | 16 ++---
 web_src/js/features/notification.js           |  8 +--
 web_src/js/features/pull-view-file.js         |  4 +-
 web_src/js/features/recent-commits.js         |  2 +-
 web_src/js/features/repo-diff-commitselect.js |  2 +-
 web_src/js/features/repo-diff-filetree.js     |  4 +-
 web_src/js/features/repo-diff.js              |  2 +-
 web_src/js/features/repo-editor.js            |  2 +-
 web_src/js/features/repo-findfile.js          |  4 +-
 web_src/js/features/repo-graph.js             | 28 ++++-----
 web_src/js/features/repo-home.js              |  8 +--
 web_src/js/features/repo-issue-edit.js        |  6 +-
 web_src/js/features/repo-issue-list.js        |  4 +-
 web_src/js/features/repo-issue-pr-form.js     |  2 +-
 web_src/js/features/repo-issue.js             | 14 ++---
 web_src/js/features/repo-migrate.js           |  8 +--
 web_src/js/features/repo-migration.js         | 22 +++----
 web_src/js/features/repo-projects.js          | 14 ++---
 web_src/js/features/repo-release.js           |  6 +-
 web_src/js/features/repo-settings.js          | 16 ++---
 web_src/js/features/sshkey-helper.js          |  4 +-
 web_src/js/features/user-auth-webauthn.js     |  6 +-
 web_src/js/features/user-auth.js              |  4 +-
 web_src/js/features/user-settings.js          |  6 +-
 web_src/js/markup/anchors.js                  |  9 +--
 web_src/js/standalone/devtest.js              |  6 +-
 web_src/js/standalone/swagger.js              |  2 +-
 47 files changed, 165 insertions(+), 168 deletions(-)

diff --git a/.eslintrc.yaml b/.eslintrc.yaml
index cbfe0220e8..3b25995c09 100644
--- a/.eslintrc.yaml
+++ b/.eslintrc.yaml
@@ -798,7 +798,7 @@ rules:
   unicorn/prefer-object-has-own: [0]
   unicorn/prefer-optional-catch-binding: [2]
   unicorn/prefer-prototype-methods: [0]
-  unicorn/prefer-query-selector: [0]
+  unicorn/prefer-query-selector: [2]
   unicorn/prefer-reflect-apply: [0]
   unicorn/prefer-regexp-test: [2]
   unicorn/prefer-set-has: [0]
diff --git a/web_src/js/components/DashboardRepoList.vue b/web_src/js/components/DashboardRepoList.vue
index 3f9f427cd7..23984b3164 100644
--- a/web_src/js/components/DashboardRepoList.vue
+++ b/web_src/js/components/DashboardRepoList.vue
@@ -101,7 +101,7 @@ const sfc = {
   },
 
   mounted() {
-    const el = document.getElementById('dashboard-repo-list');
+    const el = document.querySelector('#dashboard-repo-list');
     this.changeReposFilter(this.reposFilter);
     $(el).find('.dropdown').dropdown();
     nextTick(() => {
@@ -330,7 +330,7 @@ const sfc = {
 };
 
 export function initDashboardRepoList() {
-  const el = document.getElementById('dashboard-repo-list');
+  const el = document.querySelector('#dashboard-repo-list');
   if (el) {
     createApp(sfc).mount(el);
   }
diff --git a/web_src/js/components/DiffCommitSelector.vue b/web_src/js/components/DiffCommitSelector.vue
index 352d085731..c28be67e38 100644
--- a/web_src/js/components/DiffCommitSelector.vue
+++ b/web_src/js/components/DiffCommitSelector.vue
@@ -5,7 +5,7 @@ import {GET} from '../modules/fetch.js';
 export default {
   components: {SvgIcon},
   data: () => {
-    const el = document.getElementById('diff-commit-select');
+    const el = document.querySelector('#diff-commit-select');
     return {
       menuVisible: false,
       isLoading: false,
diff --git a/web_src/js/components/DiffFileList.vue b/web_src/js/components/DiffFileList.vue
index 916780d913..806c8385bb 100644
--- a/web_src/js/components/DiffFileList.vue
+++ b/web_src/js/components/DiffFileList.vue
@@ -7,10 +7,10 @@ export default {
     return {store: diffTreeStore()};
   },
   mounted() {
-    document.getElementById('show-file-list-btn').addEventListener('click', this.toggleFileList);
+    document.querySelector('#show-file-list-btn').addEventListener('click', this.toggleFileList);
   },
   unmounted() {
-    document.getElementById('show-file-list-btn').removeEventListener('click', this.toggleFileList);
+    document.querySelector('#show-file-list-btn').removeEventListener('click', this.toggleFileList);
   },
   methods: {
     toggleFileList() {
diff --git a/web_src/js/components/DiffFileTree.vue b/web_src/js/components/DiffFileTree.vue
index cddfee1e04..fd5120f18b 100644
--- a/web_src/js/components/DiffFileTree.vue
+++ b/web_src/js/components/DiffFileTree.vue
@@ -112,7 +112,7 @@ export default {
     updateState(visible) {
       const btn = document.querySelector('.diff-toggle-file-tree-button');
       const [toShow, toHide] = btn.querySelectorAll('.icon');
-      const tree = document.getElementById('diff-file-tree');
+      const tree = document.querySelector('#diff-file-tree');
       const newTooltip = btn.getAttribute(visible ? 'data-hide-text' : 'data-show-text');
       btn.setAttribute('data-tooltip-content', newTooltip);
       toggleElem(tree, visible);
diff --git a/web_src/js/components/RepoActionView.vue b/web_src/js/components/RepoActionView.vue
index 8b39d0504b..7f6524c7e3 100644
--- a/web_src/js/components/RepoActionView.vue
+++ b/web_src/js/components/RepoActionView.vue
@@ -325,7 +325,7 @@ const sfc = {
 export default sfc;
 
 export function initRepositoryActionView() {
-  const el = document.getElementById('repo-action-view');
+  const el = document.querySelector('#repo-action-view');
   if (!el) return;
 
   // TODO: the parent element's full height doesn't work well now,
diff --git a/web_src/js/components/RepoActivityTopAuthors.vue b/web_src/js/components/RepoActivityTopAuthors.vue
index a41fb61d78..295641f7e5 100644
--- a/web_src/js/components/RepoActivityTopAuthors.vue
+++ b/web_src/js/components/RepoActivityTopAuthors.vue
@@ -51,7 +51,7 @@ const sfc = {
 };
 
 export function initRepoActivityTopAuthorsChart() {
-  const el = document.getElementById('repo-activity-top-authors-chart');
+  const el = document.querySelector('#repo-activity-top-authors-chart');
   if (el) {
     createApp(sfc).mount(el);
   }
diff --git a/web_src/js/components/RepoBranchTagSelector.vue b/web_src/js/components/RepoBranchTagSelector.vue
index 87530225e3..d18378bea1 100644
--- a/web_src/js/components/RepoBranchTagSelector.vue
+++ b/web_src/js/components/RepoBranchTagSelector.vue
@@ -85,7 +85,7 @@ const sfc = {
         this.isViewBranch = false;
         this.$refs.dropdownRefName.textContent = item.name;
         if (this.setAction) {
-          document.getElementById(this.branchForm)?.setAttribute('action', url);
+          document.querySelector(`#${this.branchForm}`)?.setAttribute('action', url);
         } else {
           $(`#${this.branchForm} input[name="refURL"]`).val(url);
         }
diff --git a/web_src/js/components/ScopedAccessTokenSelector.vue b/web_src/js/components/ScopedAccessTokenSelector.vue
index 103cc525ad..9ff3627c11 100644
--- a/web_src/js/components/ScopedAccessTokenSelector.vue
+++ b/web_src/js/components/ScopedAccessTokenSelector.vue
@@ -43,25 +43,25 @@ const sfc = {
   },
 
   mounted() {
-    document.getElementById('scoped-access-submit').addEventListener('click', this.onClickSubmit);
+    document.querySelector('#scoped-access-submit').addEventListener('click', this.onClickSubmit);
   },
 
   unmounted() {
-    document.getElementById('scoped-access-submit').removeEventListener('click', this.onClickSubmit);
+    document.querySelector('#scoped-access-submit').removeEventListener('click', this.onClickSubmit);
   },
 
   methods: {
     onClickSubmit(e) {
       e.preventDefault();
 
-      const warningEl = document.getElementById('scoped-access-warning');
+      const warningEl = document.querySelector('#scoped-access-warning');
       // check that at least one scope has been selected
-      for (const el of document.getElementsByClassName('access-token-select')) {
+      for (const el of document.querySelectorAll('.access-token-select')) {
         if (el.value) {
           // Hide the error if it was visible from previous attempt.
           hideElem(warningEl);
           // Submit the form.
-          document.getElementById('scoped-access-form').submit();
+          document.querySelector('#scoped-access-form').submit();
           // Don't show the warning.
           return;
         }
@@ -78,7 +78,7 @@ export default sfc;
  * Initialize category toggle sections
  */
 export function initScopedAccessTokenCategories() {
-  for (const el of document.getElementsByClassName('scoped-access-token-mount')) {
+  for (const el of document.querySelectorAll('.scoped-access-token-mount')) {
     createApp({})
       .component('scoped-access-token-selector', sfc)
       .mount(el);
diff --git a/web_src/js/features/admin/common.js b/web_src/js/features/admin/common.js
index 3c90b546b8..429d6a808c 100644
--- a/web_src/js/features/admin/common.js
+++ b/web_src/js/features/admin/common.js
@@ -6,7 +6,7 @@ import {POST} from '../../modules/fetch.js';
 const {appSubUrl} = window.config;
 
 function onSecurityProtocolChange() {
-  if (Number(document.getElementById('security_protocol')?.value) > 0) {
+  if (Number(document.querySelector('#security_protocol')?.value) > 0) {
     showElem('.has-tls');
   } else {
     hideElem('.has-tls');
@@ -21,34 +21,34 @@ export function initAdminCommon() {
 
   // New user
   if ($('.admin.new.user').length > 0 || $('.admin.edit.user').length > 0) {
-    document.getElementById('login_type')?.addEventListener('change', function () {
+    document.querySelector('#login_type')?.addEventListener('change', function () {
       if (this.value?.substring(0, 1) === '0') {
-        document.getElementById('user_name')?.removeAttribute('disabled');
-        document.getElementById('login_name')?.removeAttribute('required');
+        document.querySelector('#user_name')?.removeAttribute('disabled');
+        document.querySelector('#login_name')?.removeAttribute('required');
         hideElem('.non-local');
         showElem('.local');
-        document.getElementById('user_name')?.focus();
+        document.querySelector('#user_name')?.focus();
 
         if (this.getAttribute('data-password') === 'required') {
-          document.getElementById('password')?.setAttribute('required', 'required');
+          document.querySelector('#password')?.setAttribute('required', 'required');
         }
       } else {
         if (document.querySelector('.admin.edit.user')) {
-          document.getElementById('user_name')?.setAttribute('disabled', 'disabled');
+          document.querySelector('#user_name')?.setAttribute('disabled', 'disabled');
         }
-        document.getElementById('login_name')?.setAttribute('required', 'required');
+        document.querySelector('#login_name')?.setAttribute('required', 'required');
         showElem('.non-local');
         hideElem('.local');
-        document.getElementById('login_name')?.focus();
+        document.querySelector('#login_name')?.focus();
 
-        document.getElementById('password')?.removeAttribute('required');
+        document.querySelector('#password')?.removeAttribute('required');
       }
     });
   }
 
   function onUsePagedSearchChange() {
     const searchPageSizeElements = document.querySelectorAll('.search-page-size');
-    if (document.getElementById('use_paged_search').checked) {
+    if (document.querySelector('#use_paged_search').checked) {
       showElem('.search-page-size');
       for (const el of searchPageSizeElements) {
         el.querySelector('input')?.setAttribute('required', 'required');
@@ -67,7 +67,7 @@ export function initAdminCommon() {
       input.removeAttribute('required');
     }
 
-    const provider = document.getElementById('oauth2_provider').value;
+    const provider = document.querySelector('#oauth2_provider').value;
     switch (provider) {
       case 'openidConnect':
         document.querySelector('.open_id_connect_auto_discovery_url input').setAttribute('required', 'required');
@@ -91,19 +91,19 @@ export function initAdminCommon() {
   }
 
   function onOAuth2UseCustomURLChange(applyDefaultValues) {
-    const provider = document.getElementById('oauth2_provider').value;
+    const provider = document.querySelector('#oauth2_provider').value;
     hideElem('.oauth2_use_custom_url_field');
     for (const input of document.querySelectorAll('.oauth2_use_custom_url_field input[required]')) {
       input.removeAttribute('required');
     }
 
     const elProviderCustomUrlSettings = document.querySelector(`#${provider}_customURLSettings`);
-    if (elProviderCustomUrlSettings && document.getElementById('oauth2_use_custom_url').checked) {
+    if (elProviderCustomUrlSettings && document.querySelector('#oauth2_use_custom_url').checked) {
       for (const custom of ['token_url', 'auth_url', 'profile_url', 'email_url', 'tenant']) {
         if (applyDefaultValues) {
-          document.getElementById(`oauth2_${custom}`).value = document.getElementById(`${provider}_${custom}`).value;
+          document.querySelector(`#oauth2_${custom}`).value = document.querySelector(`#${provider}_${custom}`).value;
         }
-        const customInput = document.getElementById(`${provider}_${custom}`);
+        const customInput = document.querySelector(`#${provider}_${custom}`);
         if (customInput && customInput.getAttribute('data-available') === 'true') {
           for (const input of document.querySelectorAll(`.oauth2_${custom} input`)) {
             input.setAttribute('required', 'required');
@@ -115,12 +115,12 @@ export function initAdminCommon() {
   }
 
   function onEnableLdapGroupsChange() {
-    toggleElem(document.getElementById('ldap-group-options'), $('.js-ldap-group-toggle')[0].checked);
+    toggleElem(document.querySelector('#ldap-group-options'), $('.js-ldap-group-toggle')[0].checked);
   }
 
   // New authentication
   if (document.querySelector('.admin.new.authentication')) {
-    document.getElementById('auth_type')?.addEventListener('change', function () {
+    document.querySelector('#auth_type')?.addEventListener('change', function () {
       hideElem('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi');
 
       for (const input of document.querySelectorAll('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required]')) {
@@ -180,25 +180,25 @@ export function initAdminCommon() {
       }
     });
     $('#auth_type').trigger('change');
-    document.getElementById('security_protocol')?.addEventListener('change', onSecurityProtocolChange);
-    document.getElementById('use_paged_search')?.addEventListener('change', onUsePagedSearchChange);
-    document.getElementById('oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true));
-    document.getElementById('oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(true));
+    document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange);
+    document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange);
+    document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true));
+    document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(true));
     $('.js-ldap-group-toggle').on('change', onEnableLdapGroupsChange);
   }
   // Edit authentication
   if (document.querySelector('.admin.edit.authentication')) {
-    const authType = document.getElementById('auth_type')?.value;
+    const authType = document.querySelector('#auth_type')?.value;
     if (authType === '2' || authType === '5') {
-      document.getElementById('security_protocol')?.addEventListener('change', onSecurityProtocolChange);
+      document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange);
       $('.js-ldap-group-toggle').on('change', onEnableLdapGroupsChange);
       onEnableLdapGroupsChange();
       if (authType === '2') {
-        document.getElementById('use_paged_search')?.addEventListener('change', onUsePagedSearchChange);
+        document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange);
       }
     } else if (authType === '6') {
-      document.getElementById('oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true));
-      document.getElementById('oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(false));
+      document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true));
+      document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(false));
       onOAuth2Change(false);
     }
   }
@@ -206,13 +206,13 @@ export function initAdminCommon() {
   if (document.querySelector('.admin.authentication')) {
     $('#auth_name').on('input', function () {
       // appSubUrl is either empty or is a path that starts with `/` and doesn't have a trailing slash.
-      document.getElementById('oauth2-callback-url').textContent = `${window.location.origin}${appSubUrl}/user/oauth2/${encodeURIComponent(this.value)}/callback`;
+      document.querySelector('#oauth2-callback-url').textContent = `${window.location.origin}${appSubUrl}/user/oauth2/${encodeURIComponent(this.value)}/callback`;
     }).trigger('input');
   }
 
   // Notice
   if (document.querySelector('.admin.notice')) {
-    const detailModal = document.getElementById('detail-modal');
+    const detailModal = document.querySelector('#detail-modal');
 
     // Attach view detail modals
     $('.view-detail').on('click', function () {
@@ -244,7 +244,7 @@ export function initAdminCommon() {
           break;
       }
     });
-    document.getElementById('delete-selection')?.addEventListener('click', async function (e) {
+    document.querySelector('#delete-selection')?.addEventListener('click', async function (e) {
       e.preventDefault();
       this.classList.add('is-loading', 'disabled');
       const data = new FormData();
diff --git a/web_src/js/features/citation.js b/web_src/js/features/citation.js
index 918a467136..245ba56f81 100644
--- a/web_src/js/features/citation.js
+++ b/web_src/js/features/citation.js
@@ -27,9 +27,9 @@ export async function initCitationFileCopyContent() {
 
   if (!pageData.citationFileContent) return;
 
-  const citationCopyApa = document.getElementById('citation-copy-apa');
-  const citationCopyBibtex = document.getElementById('citation-copy-bibtex');
-  const inputContent = document.getElementById('citation-copy-content');
+  const citationCopyApa = document.querySelector('#citation-copy-apa');
+  const citationCopyBibtex = document.querySelector('#citation-copy-bibtex');
+  const inputContent = document.querySelector('#citation-copy-content');
 
   if ((!citationCopyApa && !citationCopyBibtex) || !inputContent) return;
 
@@ -41,7 +41,7 @@ export async function initCitationFileCopyContent() {
     citationCopyApa.classList.toggle('primary', !isBibtex);
   };
 
-  document.getElementById('cite-repo-button')?.addEventListener('click', async (e) => {
+  document.querySelector('#cite-repo-button')?.addEventListener('click', async (e) => {
     const dropdownBtn = e.target.closest('.ui.dropdown.button');
     dropdownBtn.classList.add('is-loading');
 
diff --git a/web_src/js/features/code-frequency.js b/web_src/js/features/code-frequency.js
index 47e1539ddc..da7cd6b2c0 100644
--- a/web_src/js/features/code-frequency.js
+++ b/web_src/js/features/code-frequency.js
@@ -1,7 +1,7 @@
 import {createApp} from 'vue';
 
 export async function initRepoCodeFrequency() {
-  const el = document.getElementById('repo-code-frequency-chart');
+  const el = document.querySelector('#repo-code-frequency-chart');
   if (!el) return;
 
   const {default: RepoCodeFrequency} = await import(/* webpackChunkName: "code-frequency-graph" */'../components/RepoCodeFrequency.vue');
diff --git a/web_src/js/features/colorpicker.js b/web_src/js/features/colorpicker.js
index 6d00d908c9..a85c04de41 100644
--- a/web_src/js/features/colorpicker.js
+++ b/web_src/js/features/colorpicker.js
@@ -1,7 +1,7 @@
 import {createTippy} from '../modules/tippy.js';
 
 export async function initColorPickers() {
-  const els = document.getElementsByClassName('js-color-picker-input');
+  const els = document.querySelectorAll('.js-color-picker-input');
   if (!els.length) return;
 
   await Promise.all([
diff --git a/web_src/js/features/common-global.js b/web_src/js/features/common-global.js
index 5162c71509..1ab2a55699 100644
--- a/web_src/js/features/common-global.js
+++ b/web_src/js/features/common-global.js
@@ -24,8 +24,8 @@ export function initGlobalFormDirtyLeaveConfirm() {
 }
 
 export function initHeadNavbarContentToggle() {
-  const navbar = document.getElementById('navbar');
-  const btn = document.getElementById('navbar-expand-toggle');
+  const navbar = document.querySelector('#navbar');
+  const btn = document.querySelector('#navbar-expand-toggle');
   if (!navbar || !btn) return;
 
   btn.addEventListener('click', () => {
diff --git a/web_src/js/features/common-issue-list.js b/web_src/js/features/common-issue-list.js
index 219a8a9c9a..707776487b 100644
--- a/web_src/js/features/common-issue-list.js
+++ b/web_src/js/features/common-issue-list.js
@@ -29,7 +29,7 @@ export function parseIssueListQuickGotoLink(repoLink, searchText) {
 }
 
 export function initCommonIssueListQuickGoto() {
-  const goto = document.getElementById('issue-list-quick-goto');
+  const goto = document.querySelector('#issue-list-quick-goto');
   if (!goto) return;
 
   const form = goto.closest('form');
diff --git a/web_src/js/features/comp/SearchUserBox.js b/web_src/js/features/comp/SearchUserBox.js
index 081c47425f..7ef23fe4b0 100644
--- a/web_src/js/features/comp/SearchUserBox.js
+++ b/web_src/js/features/comp/SearchUserBox.js
@@ -5,7 +5,7 @@ const {appSubUrl} = window.config;
 const looksLikeEmailAddressCheck = /^\S+@\S+$/;
 
 export function initCompSearchUserBox() {
-  const searchUserBox = document.getElementById('search-user-box');
+  const searchUserBox = document.querySelector('#search-user-box');
   if (!searchUserBox) return;
 
   const $searchUserBox = $(searchUserBox);
diff --git a/web_src/js/features/comp/WebHookEditor.js b/web_src/js/features/comp/WebHookEditor.js
index d74b59fd2a..38ff75e5a3 100644
--- a/web_src/js/features/comp/WebHookEditor.js
+++ b/web_src/js/features/comp/WebHookEditor.js
@@ -23,18 +23,18 @@ export function initCompWebHookEditor() {
   }
 
   // some webhooks (like Gitea) allow to set the request method (GET/POST), and it would toggle the "Content Type" field
-  const httpMethodInput = document.getElementById('http_method');
+  const httpMethodInput = document.querySelector('#http_method');
   if (httpMethodInput) {
     const updateContentType = function () {
       const visible = httpMethodInput.value === 'POST';
-      toggleElem(document.getElementById('content_type').closest('.field'), visible);
+      toggleElem(document.querySelector('#content_type').closest('.field'), visible);
     };
     updateContentType();
     httpMethodInput.addEventListener('change', updateContentType);
   }
 
   // Test delivery
-  document.getElementById('test-delivery')?.addEventListener('click', async function () {
+  document.querySelector('#test-delivery')?.addEventListener('click', async function () {
     this.classList.add('is-loading', 'disabled');
     await POST(this.getAttribute('data-link'));
     setTimeout(() => {
diff --git a/web_src/js/features/contributors.js b/web_src/js/features/contributors.js
index 79b3389fee..475c66e900 100644
--- a/web_src/js/features/contributors.js
+++ b/web_src/js/features/contributors.js
@@ -1,7 +1,7 @@
 import {createApp} from 'vue';
 
 export async function initRepoContributors() {
-  const el = document.getElementById('repo-contributors-chart');
+  const el = document.querySelector('#repo-contributors-chart');
   if (!el) return;
 
   const {default: RepoContributors} = await import(/* webpackChunkName: "contributors-graph" */'../components/RepoContributors.vue');
diff --git a/web_src/js/features/copycontent.js b/web_src/js/features/copycontent.js
index 03efe00701..ea1e5cf7d0 100644
--- a/web_src/js/features/copycontent.js
+++ b/web_src/js/features/copycontent.js
@@ -6,7 +6,7 @@ import {GET} from '../modules/fetch.js';
 const {i18n} = window.config;
 
 export function initCopyContent() {
-  const btn = document.getElementById('copy-content');
+  const btn = document.querySelector('#copy-content');
   if (!btn || btn.classList.contains('disabled')) return;
 
   btn.addEventListener('click', async () => {
diff --git a/web_src/js/features/heatmap.js b/web_src/js/features/heatmap.js
index 719eeb75fb..9155e844a2 100644
--- a/web_src/js/features/heatmap.js
+++ b/web_src/js/features/heatmap.js
@@ -3,7 +3,7 @@ import ActivityHeatmap from '../components/ActivityHeatmap.vue';
 import {translateMonth, translateDay} from '../utils.js';
 
 export function initHeatmap() {
-  const el = document.getElementById('user-heatmap');
+  const el = document.querySelector('#user-heatmap');
   if (!el) return;
 
   try {
diff --git a/web_src/js/features/install.js b/web_src/js/features/install.js
index 54ba3778f8..6354db6cdc 100644
--- a/web_src/js/features/install.js
+++ b/web_src/js/features/install.js
@@ -22,12 +22,12 @@ function initPreInstall() {
     mssql: '127.0.0.1:1433',
   };
 
-  const dbHost = document.getElementById('db_host');
-  const dbUser = document.getElementById('db_user');
-  const dbName = document.getElementById('db_name');
+  const dbHost = document.querySelector('#db_host');
+  const dbUser = document.querySelector('#db_user');
+  const dbName = document.querySelector('#db_name');
 
   // Database type change detection.
-  document.getElementById('db_type').addEventListener('change', function () {
+  document.querySelector('#db_type').addEventListener('change', function () {
     const dbType = this.value;
     hideElem('div[data-db-setting-for]');
     showElem(`div[data-db-setting-for=${dbType}]`);
@@ -46,14 +46,14 @@ function initPreInstall() {
       }
     } // else: for SQLite3, the default path is always prepared by backend code (setting)
   });
-  document.getElementById('db_type').dispatchEvent(new Event('change'));
+  document.querySelector('#db_type').dispatchEvent(new Event('change'));
 
-  const appUrl = document.getElementById('app_url');
+  const appUrl = document.querySelector('#app_url');
   if (appUrl.value.includes('://localhost')) {
     appUrl.value = window.location.href;
   }
 
-  const domain = document.getElementById('domain');
+  const domain = document.querySelector('#domain');
   if (domain.value.trim() === 'localhost') {
     domain.value = window.location.hostname;
   }
@@ -103,7 +103,7 @@ function initPreInstall() {
 }
 
 function initPostInstall() {
-  const el = document.getElementById('goto-user-login');
+  const el = document.querySelector('#goto-user-login');
   if (!el) return;
 
   const targetUrl = el.getAttribute('href');
diff --git a/web_src/js/features/notification.js b/web_src/js/features/notification.js
index f045879dec..c22fc17306 100644
--- a/web_src/js/features/notification.js
+++ b/web_src/js/features/notification.js
@@ -7,13 +7,13 @@ const {appSubUrl, notificationSettings, assetVersionEncoded} = window.config;
 let notificationSequenceNumber = 0;
 
 export function initNotificationsTable() {
-  const table = document.getElementById('notification_table');
+  const table = document.querySelector('#notification_table');
   if (!table) return;
 
   // when page restores from bfcache, delete previously clicked items
   window.addEventListener('pageshow', (e) => {
     if (e.persisted) { // page was restored from bfcache
-      const table = document.getElementById('notification_table');
+      const table = document.querySelector('#notification_table');
       const unreadCountEl = document.querySelector('.notifications-unread-count');
       let unreadCount = parseInt(unreadCountEl.textContent);
       for (const item of table.querySelectorAll('.notifications-item[data-remove="true"]')) {
@@ -145,7 +145,7 @@ async function updateNotificationCountWithCallback(callback, timeout, lastCount)
 }
 
 async function updateNotificationTable() {
-  const notificationDiv = document.getElementById('notification_div');
+  const notificationDiv = document.querySelector('#notification_div');
   if (notificationDiv) {
     try {
       const params = new URLSearchParams(window.location.search);
@@ -181,7 +181,7 @@ async function updateNotificationCount() {
 
     toggleElem('.notification_count', data.new !== 0);
 
-    for (const el of document.getElementsByClassName('notification_count')) {
+    for (const el of document.querySelectorAll('.notification_count')) {
       el.textContent = `${data.new}`;
     }
 
diff --git a/web_src/js/features/pull-view-file.js b/web_src/js/features/pull-view-file.js
index 2472e5a0bd..84c5eddb45 100644
--- a/web_src/js/features/pull-view-file.js
+++ b/web_src/js/features/pull-view-file.js
@@ -12,9 +12,9 @@ const collapseFilesBtnSelector = '#collapse-files-btn';
 // Refreshes the summary of viewed files if present
 // The data used will be window.config.pageData.prReview.numberOf{Viewed}Files
 function refreshViewedFilesSummary() {
-  const viewedFilesProgress = document.getElementById('viewed-files-summary');
+  const viewedFilesProgress = document.querySelector('#viewed-files-summary');
   viewedFilesProgress?.setAttribute('value', prReview.numberOfViewedFiles);
-  const summaryLabel = document.getElementById('viewed-files-summary-label');
+  const summaryLabel = document.querySelector('#viewed-files-summary-label');
   if (summaryLabel) summaryLabel.innerHTML = summaryLabel.getAttribute('data-text-changed-template')
     .replace('%[1]d', prReview.numberOfViewedFiles)
     .replace('%[2]d', prReview.numberOfFiles);
diff --git a/web_src/js/features/recent-commits.js b/web_src/js/features/recent-commits.js
index 030c251a05..b7f7c49987 100644
--- a/web_src/js/features/recent-commits.js
+++ b/web_src/js/features/recent-commits.js
@@ -1,7 +1,7 @@
 import {createApp} from 'vue';
 
 export async function initRepoRecentCommits() {
-  const el = document.getElementById('repo-recent-commits-chart');
+  const el = document.querySelector('#repo-recent-commits-chart');
   if (!el) return;
 
   const {default: RepoRecentCommits} = await import(/* webpackChunkName: "recent-commits-graph" */'../components/RepoRecentCommits.vue');
diff --git a/web_src/js/features/repo-diff-commitselect.js b/web_src/js/features/repo-diff-commitselect.js
index ebac64e855..2d0d63946c 100644
--- a/web_src/js/features/repo-diff-commitselect.js
+++ b/web_src/js/features/repo-diff-commitselect.js
@@ -2,7 +2,7 @@ import {createApp} from 'vue';
 import DiffCommitSelector from '../components/DiffCommitSelector.vue';
 
 export function initDiffCommitSelect() {
-  const el = document.getElementById('diff-commit-select');
+  const el = document.querySelector('#diff-commit-select');
   if (!el) return;
 
   const commitSelect = createApp(DiffCommitSelector);
diff --git a/web_src/js/features/repo-diff-filetree.js b/web_src/js/features/repo-diff-filetree.js
index 5dd2c42e74..6d9533d066 100644
--- a/web_src/js/features/repo-diff-filetree.js
+++ b/web_src/js/features/repo-diff-filetree.js
@@ -3,13 +3,13 @@ import DiffFileTree from '../components/DiffFileTree.vue';
 import DiffFileList from '../components/DiffFileList.vue';
 
 export function initDiffFileTree() {
-  const el = document.getElementById('diff-file-tree');
+  const el = document.querySelector('#diff-file-tree');
   if (!el) return;
 
   const fileTreeView = createApp(DiffFileTree);
   fileTreeView.mount(el);
 
-  const fileListElement = document.getElementById('diff-file-list');
+  const fileListElement = document.querySelector('#diff-file-list');
   if (!fileListElement) return;
 
   const fileListView = createApp(DiffFileList);
diff --git a/web_src/js/features/repo-diff.js b/web_src/js/features/repo-diff.js
index 00f74515df..cd01232a7e 100644
--- a/web_src/js/features/repo-diff.js
+++ b/web_src/js/features/repo-diff.js
@@ -13,7 +13,7 @@ import {POST, GET} from '../modules/fetch.js';
 const {pageData, i18n} = window.config;
 
 function initRepoDiffReviewButton() {
-  const reviewBox = document.getElementById('review-box');
+  const reviewBox = document.querySelector('#review-box');
   if (!reviewBox) return;
 
   const counter = reviewBox.querySelector('.review-comments-counter');
diff --git a/web_src/js/features/repo-editor.js b/web_src/js/features/repo-editor.js
index b4fae4f6aa..aa9ca657b0 100644
--- a/web_src/js/features/repo-editor.js
+++ b/web_src/js/features/repo-editor.js
@@ -112,7 +112,7 @@ export function initRepoEditor() {
 
     // Using events from https://github.com/codedance/jquery.AreYouSure#advanced-usage
     // to enable or disable the commit button
-    const commitButton = document.getElementById('commit-button');
+    const commitButton = document.querySelector('#commit-button');
     const $editForm = $('.ui.edit.form');
     const dirtyFileClass = 'dirty-file';
 
diff --git a/web_src/js/features/repo-findfile.js b/web_src/js/features/repo-findfile.js
index cff5068a1e..945eeeceff 100644
--- a/web_src/js/features/repo-findfile.js
+++ b/web_src/js/features/repo-findfile.js
@@ -106,11 +106,11 @@ async function loadRepoFiles() {
 }
 
 export function initFindFileInRepo() {
-  repoFindFileInput = document.getElementById('repo-file-find-input');
+  repoFindFileInput = document.querySelector('#repo-file-find-input');
   if (!repoFindFileInput) return;
 
   repoFindFileTableBody = document.querySelector('#repo-find-file-table tbody');
-  repoFindFileNoResult = document.getElementById('repo-find-file-no-result');
+  repoFindFileNoResult = document.querySelector('#repo-find-file-no-result');
   repoFindFileInput.addEventListener('input', () => filterRepoFiles(repoFindFileInput.value));
 
   loadRepoFiles();
diff --git a/web_src/js/features/repo-graph.js b/web_src/js/features/repo-graph.js
index 0086b92021..7084e40977 100644
--- a/web_src/js/features/repo-graph.js
+++ b/web_src/js/features/repo-graph.js
@@ -3,12 +3,12 @@ import {hideElem, showElem} from '../utils/dom.js';
 import {GET} from '../modules/fetch.js';
 
 export function initRepoGraphGit() {
-  const graphContainer = document.getElementById('git-graph-container');
+  const graphContainer = document.querySelector('#git-graph-container');
   if (!graphContainer) return;
 
-  document.getElementById('flow-color-monochrome')?.addEventListener('click', () => {
-    document.getElementById('flow-color-monochrome').classList.add('active');
-    document.getElementById('flow-color-colored')?.classList.remove('active');
+  document.querySelector('#flow-color-monochrome')?.addEventListener('click', () => {
+    document.querySelector('#flow-color-monochrome').classList.add('active');
+    document.querySelector('#flow-color-colored')?.classList.remove('active');
     graphContainer.classList.remove('colored');
     graphContainer.classList.add('monochrome');
     const params = new URLSearchParams(window.location.search);
@@ -30,9 +30,9 @@ export function initRepoGraphGit() {
     }
   });
 
-  document.getElementById('flow-color-colored')?.addEventListener('click', () => {
-    document.getElementById('flow-color-colored').classList.add('active');
-    document.getElementById('flow-color-monochrome')?.classList.remove('active');
+  document.querySelector('#flow-color-colored')?.addEventListener('click', () => {
+    document.querySelector('#flow-color-colored').classList.add('active');
+    document.querySelector('#flow-color-monochrome')?.classList.remove('active');
     graphContainer.classList.add('colored');
     graphContainer.classList.remove('monochrome');
     for (const link of document.querySelectorAll('.pagination a')) {
@@ -60,7 +60,7 @@ export function initRepoGraphGit() {
     const ajaxUrl = new URL(url);
     ajaxUrl.searchParams.set('div-only', 'true');
     window.history.replaceState({}, '', queryString ? `?${queryString}` : window.location.pathname);
-    document.getElementById('pagination').innerHTML = '';
+    document.querySelector('#pagination').innerHTML = '';
     hideElem('#rel-container');
     hideElem('#rev-container');
     showElem('#loading-indicator');
@@ -69,9 +69,9 @@ export function initRepoGraphGit() {
       const html = await response.text();
       const div = document.createElement('div');
       div.innerHTML = html;
-      document.getElementById('pagination').innerHTML = div.getElementById('pagination').innerHTML;
-      document.getElementById('rel-container').innerHTML = div.getElementById('rel-container').innerHTML;
-      document.getElementById('rev-container').innerHTML = div.getElementById('rev-container').innerHTML;
+      document.querySelector('#pagination').innerHTML = div.querySelector('#pagination').innerHTML;
+      document.querySelector('#rel-container').innerHTML = div.querySelector('#rel-container').innerHTML;
+      document.querySelector('#rev-container').innerHTML = div.querySelector('#rev-container').innerHTML;
       hideElem('#loading-indicator');
       showElem('#rel-container');
       showElem('#rev-container');
@@ -82,7 +82,7 @@ export function initRepoGraphGit() {
     dropdownSelected.splice(0, 0, '...flow-hide-pr-refs');
   }
 
-  const flowSelectRefsDropdown = document.getElementById('flow-select-refs-dropdown');
+  const flowSelectRefsDropdown = document.querySelector('#flow-select-refs-dropdown');
   $(flowSelectRefsDropdown).dropdown('set selected', dropdownSelected);
   $(flowSelectRefsDropdown).dropdown({
     clearable: true,
@@ -115,7 +115,7 @@ export function initRepoGraphGit() {
     if (e.target.matches('#rev-list li')) {
       const flow = e.target.getAttribute('data-flow');
       if (flow === '0') return;
-      document.getElementById(`flow-${flow}`)?.classList.add('highlight');
+      document.querySelector(`#flow-${flow}`)?.classList.add('highlight');
       e.target.classList.add('hover');
       for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
         item.classList.add('highlight');
@@ -136,7 +136,7 @@ export function initRepoGraphGit() {
     if (e.target.matches('#rev-list li')) {
       const flow = e.target.getAttribute('data-flow');
       if (flow === '0') return;
-      document.getElementById(`flow-${flow}`)?.classList.remove('highlight');
+      document.querySelector(`#flow-${flow}`)?.classList.remove('highlight');
       e.target.classList.remove('hover');
       for (const item of document.querySelectorAll(`#rev-list li[data-flow='${flow}']`)) {
         item.classList.remove('highlight');
diff --git a/web_src/js/features/repo-home.js b/web_src/js/features/repo-home.js
index 6a5bce8268..f48c1b1bb3 100644
--- a/web_src/js/features/repo-home.js
+++ b/web_src/js/features/repo-home.js
@@ -7,11 +7,11 @@ import {showErrorToast} from '../modules/toast.js';
 const {appSubUrl} = window.config;
 
 export function initRepoTopicBar() {
-  const mgrBtn = document.getElementById('manage_topic');
+  const mgrBtn = document.querySelector('#manage_topic');
   if (!mgrBtn) return;
 
-  const editDiv = document.getElementById('topic_edit');
-  const viewDiv = document.getElementById('repo-topics');
+  const editDiv = document.querySelector('#topic_edit');
+  const viewDiv = document.querySelector('#repo-topics');
   const topicDropdown = editDiv.querySelector('.ui.dropdown');
   let lastErrorToast;
 
@@ -28,7 +28,7 @@ export function initRepoTopicBar() {
     mgrBtn.focus();
   });
 
-  document.getElementById('save_topic').addEventListener('click', async (e) => {
+  document.querySelector('#save_topic').addEventListener('click', async (e) => {
     lastErrorToast?.hideToast();
     const topics = editDiv.querySelector('input[name=topics]').value;
 
diff --git a/web_src/js/features/repo-issue-edit.js b/web_src/js/features/repo-issue-edit.js
index 29b96f5127..8d43b6620c 100644
--- a/web_src/js/features/repo-issue-edit.js
+++ b/web_src/js/features/repo-issue-edit.js
@@ -55,7 +55,7 @@ async function onEditContent(event) {
           dropzone.querySelector('.files').append(input);
         });
         this.on('removedfile', async (file) => {
-          document.getElementById(file.uuid)?.remove();
+          document.querySelector(`#${file.uuid}`)?.remove();
           if (disableRemovedfileEvent) return;
           if (dropzone.getAttribute('data-remove-url') && !fileUuidDict[file.uuid].submitted) {
             try {
@@ -137,7 +137,7 @@ async function onEditContent(event) {
       }
       editContentZone.setAttribute('data-content-version', data.contentVersion);
       if (!data.content) {
-        renderContent.innerHTML = document.getElementById('no-content').innerHTML;
+        renderContent.innerHTML = document.querySelector('#no-content').innerHTML;
         rawContent.textContent = '';
       } else {
         renderContent.innerHTML = data.content;
@@ -166,7 +166,7 @@ async function onEditContent(event) {
 
   comboMarkdownEditor = getComboMarkdownEditor(editContentZone.querySelector('.combo-markdown-editor'));
   if (!comboMarkdownEditor) {
-    editContentZone.innerHTML = document.getElementById('issue-comment-editor-template').innerHTML;
+    editContentZone.innerHTML = document.querySelector('#issue-comment-editor-template').innerHTML;
     comboMarkdownEditor = await initComboMarkdownEditor(editContentZone.querySelector('.combo-markdown-editor'));
     comboMarkdownEditor.attachedDropzoneInst = await setupDropzone(editContentZone.querySelector('.dropzone'));
     editContentZone.querySelector('.ui.cancel.button').addEventListener('click', cancelAndReset);
diff --git a/web_src/js/features/repo-issue-list.js b/web_src/js/features/repo-issue-list.js
index 5d18a7ff8d..c8ae91d453 100644
--- a/web_src/js/features/repo-issue-list.js
+++ b/web_src/js/features/repo-issue-list.js
@@ -158,7 +158,7 @@ function initRepoIssueListAuthorDropdown() {
 }
 
 function initPinRemoveButton() {
-  for (const button of document.getElementsByClassName('issue-card-unpin')) {
+  for (const button of document.querySelectorAll('.issue-card-unpin')) {
     button.addEventListener('click', async (event) => {
       const el = event.currentTarget;
       const id = Number(el.getAttribute('data-issue-id'));
@@ -182,7 +182,7 @@ async function pinMoveEnd(e) {
 }
 
 async function initIssuePinSort() {
-  const pinDiv = document.getElementById('issue-pins');
+  const pinDiv = document.querySelector('#issue-pins');
 
   if (pinDiv === null) return;
 
diff --git a/web_src/js/features/repo-issue-pr-form.js b/web_src/js/features/repo-issue-pr-form.js
index 7b26e643c0..94a2857340 100644
--- a/web_src/js/features/repo-issue-pr-form.js
+++ b/web_src/js/features/repo-issue-pr-form.js
@@ -2,7 +2,7 @@ import {createApp} from 'vue';
 import PullRequestMergeForm from '../components/PullRequestMergeForm.vue';
 
 export function initRepoPullRequestMergeForm() {
-  const el = document.getElementById('pull-request-merge-form');
+  const el = document.querySelector('#pull-request-merge-form');
   if (!el) return;
 
   const view = createApp(PullRequestMergeForm);
diff --git a/web_src/js/features/repo-issue.js b/web_src/js/features/repo-issue.js
index 3cbbdc41fc..d53c3346f3 100644
--- a/web_src/js/features/repo-issue.js
+++ b/web_src/js/features/repo-issue.js
@@ -44,14 +44,14 @@ export function initRepoIssueTimeTracking() {
 
 async function updateDeadline(deadlineString) {
   hideElem('#deadline-err-invalid-date');
-  document.getElementById('deadline-loader')?.classList.add('is-loading');
+  document.querySelector('#deadline-loader')?.classList.add('is-loading');
 
   let realDeadline = null;
   if (deadlineString !== '') {
     const newDate = Date.parse(deadlineString);
 
     if (Number.isNaN(newDate)) {
-      document.getElementById('deadline-loader')?.classList.remove('is-loading');
+      document.querySelector('#deadline-loader')?.classList.remove('is-loading');
       showElem('#deadline-err-invalid-date');
       return false;
     }
@@ -59,7 +59,7 @@ async function updateDeadline(deadlineString) {
   }
 
   try {
-    const response = await POST(document.getElementById('update-issue-deadline-form').getAttribute('action'), {
+    const response = await POST(document.querySelector('#update-issue-deadline-form').getAttribute('action'), {
       data: {due_date: realDeadline},
     });
 
@@ -70,7 +70,7 @@ async function updateDeadline(deadlineString) {
     }
   } catch (error) {
     console.error(error);
-    document.getElementById('deadline-loader').classList.remove('is-loading');
+    document.querySelector('#deadline-loader').classList.remove('is-loading');
     showElem('#deadline-err-invalid-date');
   }
 }
@@ -182,7 +182,7 @@ export function initRepoIssueCommentDelete() {
           counter.textContent = String(num);
         }
 
-        document.getElementById(deleteButton.getAttribute('data-comment-id'))?.remove();
+        document.querySelector(`#${deleteButton.getAttribute('data-comment-id')}`)?.remove();
 
         if (conversationHolder && !conversationHolder.querySelector('.comment')) {
           const path = conversationHolder.getAttribute('data-path');
@@ -298,7 +298,7 @@ export function initRepoPullRequestMergeInstruction() {
 }
 
 export function initRepoPullRequestAllowMaintainerEdit() {
-  const wrapper = document.getElementById('allow-edits-from-maintainers');
+  const wrapper = document.querySelector('#allow-edits-from-maintainers');
   if (!wrapper) return;
   const checkbox = wrapper.querySelector('input[type="checkbox"]');
   checkbox.addEventListener('input', async () => {
@@ -678,7 +678,7 @@ export function initSingleCommentEditor($commentForm) {
   // * normal new issue/pr page, no status-button
   // * issue/pr view page, with comment form, has status-button
   const opts = {};
-  const statusButton = document.getElementById('status-button');
+  const statusButton = document.querySelector('#status-button');
   if (statusButton) {
     opts.onContentChanged = (editor) => {
       const statusText = statusButton.getAttribute(editor.value().trim() ? 'data-status-and-comment' : 'data-status');
diff --git a/web_src/js/features/repo-migrate.js b/web_src/js/features/repo-migrate.js
index 490e7df0e4..b8157e2dad 100644
--- a/web_src/js/features/repo-migrate.js
+++ b/web_src/js/features/repo-migrate.js
@@ -4,10 +4,10 @@ import {GET, POST} from '../modules/fetch.js';
 const {appSubUrl} = window.config;
 
 export function initRepoMigrationStatusChecker() {
-  const repoMigrating = document.getElementById('repo_migrating');
+  const repoMigrating = document.querySelector('#repo_migrating');
   if (!repoMigrating) return;
 
-  document.getElementById('repo_migrating_retry').addEventListener('click', doMigrationRetry);
+  document.querySelector('#repo_migrating_retry').addEventListener('click', doMigrationRetry);
 
   const task = repoMigrating.getAttribute('data-migrating-task-id');
 
@@ -20,7 +20,7 @@ export function initRepoMigrationStatusChecker() {
 
     // for all status
     if (data.message) {
-      document.getElementById('repo_migrating_progress_message').textContent = data.message;
+      document.querySelector('#repo_migrating_progress_message').textContent = data.message;
     }
 
     // TaskStatusFinished
@@ -36,7 +36,7 @@ export function initRepoMigrationStatusChecker() {
       showElem('#repo_migrating_retry');
       showElem('#repo_migrating_failed');
       showElem('#repo_migrating_failed_image');
-      document.getElementById('repo_migrating_failed_error').textContent = data.message;
+      document.querySelector('#repo_migrating_failed_error').textContent = data.message;
       return false;
     }
 
diff --git a/web_src/js/features/repo-migration.js b/web_src/js/features/repo-migration.js
index 59e282e4e7..7f7aa237ee 100644
--- a/web_src/js/features/repo-migration.js
+++ b/web_src/js/features/repo-migration.js
@@ -1,13 +1,13 @@
 import {hideElem, showElem, toggleElem} from '../utils/dom.js';
 
-const service = document.getElementById('service_type');
-const user = document.getElementById('auth_username');
-const pass = document.getElementById('auth_password');
-const token = document.getElementById('auth_token');
-const mirror = document.getElementById('mirror');
-const lfs = document.getElementById('lfs');
-const lfsSettings = document.getElementById('lfs_settings');
-const lfsEndpoint = document.getElementById('lfs_endpoint');
+const service = document.querySelector('#service_type');
+const user = document.querySelector('#auth_username');
+const pass = document.querySelector('#auth_password');
+const token = document.querySelector('#auth_token');
+const mirror = document.querySelector('#mirror');
+const lfs = document.querySelector('#lfs');
+const lfsSettings = document.querySelector('#lfs_settings');
+const lfsEndpoint = document.querySelector('#lfs_endpoint');
 const items = document.querySelectorAll('#migrate_items input[type=checkbox]');
 
 export function initRepoMigration() {
@@ -18,16 +18,16 @@ export function initRepoMigration() {
   pass?.addEventListener('input', () => {checkItems(false)});
   token?.addEventListener('input', () => {checkItems(true)});
   mirror?.addEventListener('change', () => {checkItems(true)});
-  document.getElementById('lfs_settings_show')?.addEventListener('click', (e) => {
+  document.querySelector('#lfs_settings_show')?.addEventListener('click', (e) => {
     e.preventDefault();
     e.stopPropagation();
     showElem(lfsEndpoint);
   });
   lfs?.addEventListener('change', setLFSSettingsVisibility);
 
-  const cloneAddr = document.getElementById('clone_addr');
+  const cloneAddr = document.querySelector('#clone_addr');
   cloneAddr?.addEventListener('change', () => {
-    const repoName = document.getElementById('repo_name');
+    const repoName = document.querySelector('#repo_name');
     if (cloneAddr.value && !repoName?.value) { // Only modify if repo_name input is blank
       repoName.value = cloneAddr.value.match(/^(.*\/)?((.+?)(\.git)?)$/)[3];
     }
diff --git a/web_src/js/features/repo-projects.js b/web_src/js/features/repo-projects.js
index a1cc4b346b..706942363d 100644
--- a/web_src/js/features/repo-projects.js
+++ b/web_src/js/features/repo-projects.js
@@ -5,8 +5,8 @@ import {POST, DELETE, PUT} from '../modules/fetch.js';
 
 function updateIssueCount(cards) {
   const parent = cards.parentElement;
-  const cnt = parent.getElementsByClassName('issue-card').length;
-  parent.getElementsByClassName('project-column-issue-count')[0].textContent = cnt;
+  const cnt = parent.querySelectorAll('.issue-card').length;
+  parent.querySelectorAll('.project-column-issue-count')[0].textContent = cnt;
 }
 
 async function createNewColumn(url, columnTitle, projectColorInput) {
@@ -26,7 +26,7 @@ async function createNewColumn(url, columnTitle, projectColorInput) {
 }
 
 async function moveIssue({item, from, to, oldIndex}) {
-  const columnCards = to.getElementsByClassName('issue-card');
+  const columnCards = to.querySelectorAll('.issue-card');
   updateIssueCount(from);
   updateIssueCount(to);
 
@@ -53,7 +53,7 @@ async function initRepoProjectSortable() {
 
   // the HTML layout is: #project-board > .board > .project-column .cards > .issue-card
   const mainBoard = els[0];
-  let boardColumns = mainBoard.getElementsByClassName('project-column');
+  let boardColumns = mainBoard.querySelectorAll('.project-column');
   createSortable(mainBoard, {
     group: 'project-column',
     draggable: '.project-column',
@@ -61,7 +61,7 @@ async function initRepoProjectSortable() {
     delayOnTouchOnly: true,
     delay: 500,
     onSort: async () => {
-      boardColumns = mainBoard.getElementsByClassName('project-column');
+      boardColumns = mainBoard.querySelectorAll('.project-column');
 
       const columnSorting = {
         columns: Array.from(boardColumns, (column, i) => ({
@@ -81,7 +81,7 @@ async function initRepoProjectSortable() {
   });
 
   for (const boardColumn of boardColumns) {
-    const boardCardList = boardColumn.getElementsByClassName('cards')[0];
+    const boardCardList = boardColumn.querySelectorAll('.cards')[0];
     createSortable(boardCardList, {
       group: 'shared',
       onAdd: moveIssue,
@@ -99,7 +99,7 @@ export function initRepoProject() {
 
   const _promise = initRepoProjectSortable();
 
-  for (const modal of document.getElementsByClassName('edit-project-column-modal')) {
+  for (const modal of document.querySelectorAll('.edit-project-column-modal')) {
     const projectHeader = modal.closest('.project-column-header');
     const projectTitleLabel = projectHeader?.querySelector('.project-column-title-label');
     const projectTitleInput = modal.querySelector('.project-column-title-input');
diff --git a/web_src/js/features/repo-release.js b/web_src/js/features/repo-release.js
index f3cfa74418..2be1ec58c6 100644
--- a/web_src/js/features/repo-release.js
+++ b/web_src/js/features/repo-release.js
@@ -20,7 +20,7 @@ export function initRepoReleaseNew() {
 }
 
 function initTagNameEditor() {
-  const el = document.getElementById('tag-name-editor');
+  const el = document.querySelector('#tag-name-editor');
   if (!el) return;
 
   const existingTags = JSON.parse(el.getAttribute('data-existing-tags'));
@@ -30,10 +30,10 @@ function initTagNameEditor() {
   const newTagHelperText = el.getAttribute('data-tag-helper-new');
   const existingTagHelperText = el.getAttribute('data-tag-helper-existing');
 
-  const tagNameInput = document.getElementById('tag-name');
+  const tagNameInput = document.querySelector('#tag-name');
   const hideTargetInput = function(tagNameInput) {
     const value = tagNameInput.value;
-    const tagHelper = document.getElementById('tag-helper');
+    const tagHelper = document.querySelector('#tag-helper');
     if (existingTags.includes(value)) {
       // If the tag already exists, hide the target branch selector.
       hideElem('#tag-target-selector');
diff --git a/web_src/js/features/repo-settings.js b/web_src/js/features/repo-settings.js
index 652f8ac290..6590c2b56c 100644
--- a/web_src/js/features/repo-settings.js
+++ b/web_src/js/features/repo-settings.js
@@ -44,7 +44,7 @@ export function initRepoSettingsCollaboration() {
 }
 
 export function initRepoSettingSearchTeamBox() {
-  const searchTeamBox = document.getElementById('search-team-box');
+  const searchTeamBox = document.querySelector('#search-team-box');
   if (!searchTeamBox) return;
 
   $(searchTeamBox).search({
@@ -78,29 +78,29 @@ export function initRepoSettingGitHook() {
 export function initRepoSettingBranches() {
   if (!document.querySelector('.repository.settings.branches')) return;
 
-  for (const el of document.getElementsByClassName('toggle-target-enabled')) {
+  for (const el of document.querySelectorAll('.toggle-target-enabled')) {
     el.addEventListener('change', function () {
       const target = document.querySelector(this.getAttribute('data-target'));
       target?.classList.toggle('disabled', !this.checked);
     });
   }
 
-  for (const el of document.getElementsByClassName('toggle-target-disabled')) {
+  for (const el of document.querySelectorAll('.toggle-target-disabled')) {
     el.addEventListener('change', function () {
       const target = document.querySelector(this.getAttribute('data-target'));
       if (this.checked) target?.classList.add('disabled'); // only disable, do not auto enable
     });
   }
 
-  document.getElementById('dismiss_stale_approvals')?.addEventListener('change', function () {
-    document.getElementById('ignore_stale_approvals_box')?.classList.toggle('disabled', this.checked);
+  document.querySelector('#dismiss_stale_approvals')?.addEventListener('change', function () {
+    document.querySelector('#ignore_stale_approvals_box')?.classList.toggle('disabled', this.checked);
   });
 
   // show the `Matched` mark for the status checks that match the pattern
   const markMatchedStatusChecks = () => {
-    const patterns = (document.getElementById('status_check_contexts').value || '').split(/[\r\n]+/);
+    const patterns = (document.querySelector('#status_check_contexts').value || '').split(/[\r\n]+/);
     const validPatterns = patterns.map((item) => item.trim()).filter(Boolean);
-    const marks = document.getElementsByClassName('status-check-matched-mark');
+    const marks = document.querySelectorAll('.status-check-matched-mark');
 
     for (const el of marks) {
       let matched = false;
@@ -115,5 +115,5 @@ export function initRepoSettingBranches() {
     }
   };
   markMatchedStatusChecks();
-  document.getElementById('status_check_contexts').addEventListener('input', onInputDebounce(markMatchedStatusChecks));
+  document.querySelector('#status_check_contexts').addEventListener('input', onInputDebounce(markMatchedStatusChecks));
 }
diff --git a/web_src/js/features/sshkey-helper.js b/web_src/js/features/sshkey-helper.js
index 3960eefe8e..5531c18451 100644
--- a/web_src/js/features/sshkey-helper.js
+++ b/web_src/js/features/sshkey-helper.js
@@ -1,8 +1,8 @@
 export function initSshKeyFormParser() {
   // Parse SSH Key
-  document.getElementById('ssh-key-content')?.addEventListener('input', function () {
+  document.querySelector('#ssh-key-content')?.addEventListener('input', function () {
     const arrays = this.value.split(' ');
-    const title = document.getElementById('ssh-key-title');
+    const title = document.querySelector('#ssh-key-title');
     if (!title.value && arrays.length === 3 && arrays[2] !== '') {
       title.value = arrays[2];
     }
diff --git a/web_src/js/features/user-auth-webauthn.js b/web_src/js/features/user-auth-webauthn.js
index 6dfbb4d765..ea26614ba7 100644
--- a/web_src/js/features/user-auth-webauthn.js
+++ b/web_src/js/features/user-auth-webauthn.js
@@ -109,7 +109,7 @@ async function webauthnRegistered(newCredential) {
 }
 
 function webAuthnError(errorType, message) {
-  const elErrorMsg = document.getElementById(`webauthn-error-msg`);
+  const elErrorMsg = document.querySelector(`#webauthn-error-msg`);
 
   if (errorType === 'general') {
     elErrorMsg.textContent = message || 'unknown error';
@@ -140,7 +140,7 @@ function detectWebAuthnSupport() {
 }
 
 export function initUserAuthWebAuthnRegister() {
-  const elRegister = document.getElementById('register-webauthn');
+  const elRegister = document.querySelector('#register-webauthn');
   if (!elRegister) {
     return;
   }
@@ -155,7 +155,7 @@ export function initUserAuthWebAuthnRegister() {
 }
 
 async function webAuthnRegisterRequest() {
-  const elNickname = document.getElementById('nickname');
+  const elNickname = document.querySelector('#nickname');
 
   const formData = new FormData();
   formData.append('name', elNickname.value);
diff --git a/web_src/js/features/user-auth.js b/web_src/js/features/user-auth.js
index a871ac471c..1ea131e75f 100644
--- a/web_src/js/features/user-auth.js
+++ b/web_src/js/features/user-auth.js
@@ -1,9 +1,9 @@
 import {checkAppUrl} from './common-global.js';
 
 export function initUserAuthOauth2() {
-  const outer = document.getElementById('oauth2-login-navigator');
+  const outer = document.querySelector('#oauth2-login-navigator');
   if (!outer) return;
-  const inner = document.getElementById('oauth2-login-navigator-inner');
+  const inner = document.querySelector('#oauth2-login-navigator-inner');
 
   checkAppUrl();
 
diff --git a/web_src/js/features/user-settings.js b/web_src/js/features/user-settings.js
index 2d8c53e457..8cb1f0582f 100644
--- a/web_src/js/features/user-settings.js
+++ b/web_src/js/features/user-settings.js
@@ -3,11 +3,11 @@ import {hideElem, showElem} from '../utils/dom.js';
 export function initUserSettings() {
   if (!document.querySelectorAll('.user.settings.profile').length) return;
 
-  const usernameInput = document.getElementById('username');
+  const usernameInput = document.querySelector('#username');
   if (!usernameInput) return;
   usernameInput.addEventListener('input', function () {
-    const prompt = document.getElementById('name-change-prompt');
-    const promptRedirect = document.getElementById('name-change-redirect-prompt');
+    const prompt = document.querySelector('#name-change-prompt');
+    const promptRedirect = document.querySelector('#name-change-redirect-prompt');
     if (this.value.toLowerCase() !== this.getAttribute('data-name').toLowerCase()) {
       showElem(prompt);
       showElem(promptRedirect);
diff --git a/web_src/js/markup/anchors.js b/web_src/js/markup/anchors.js
index 0e2c92713a..6f36d09683 100644
--- a/web_src/js/markup/anchors.js
+++ b/web_src/js/markup/anchors.js
@@ -9,19 +9,16 @@ function scrollToAnchor(encodedId) {
   if (!encodedId) return;
   const id = decodeURIComponent(encodedId);
   const prefixedId = addPrefix(id);
-  let el = document.getElementById(prefixedId);
+  let el = document.querySelector(`#${prefixedId}`);
 
   // check for matching user-generated `a[name]`
   if (!el) {
-    const nameAnchors = document.getElementsByName(prefixedId);
-    if (nameAnchors.length) {
-      el = nameAnchors[0];
-    }
+    el = document.querySelector(`a[name="${CSS.escape(prefixedId)}"]`);
   }
 
   // compat for links with old 'user-content-' prefixed hashes
   if (!el && hasPrefix(id)) {
-    return document.getElementById(id)?.scrollIntoView();
+    return document.querySelector(`#${id}`)?.scrollIntoView();
   }
 
   el?.scrollIntoView();
diff --git a/web_src/js/standalone/devtest.js b/web_src/js/standalone/devtest.js
index d0ca511c0f..8dbba554ac 100644
--- a/web_src/js/standalone/devtest.js
+++ b/web_src/js/standalone/devtest.js
@@ -1,11 +1,11 @@
 import {showInfoToast, showWarningToast, showErrorToast} from '../modules/toast.js';
 
-document.getElementById('info-toast').addEventListener('click', () => {
+document.querySelector('#info-toast').addEventListener('click', () => {
   showInfoToast('success 😀');
 });
-document.getElementById('warning-toast').addEventListener('click', () => {
+document.querySelector('#warning-toast').addEventListener('click', () => {
   showWarningToast('warning 😐');
 });
-document.getElementById('error-toast').addEventListener('click', () => {
+document.querySelector('#error-toast').addEventListener('click', () => {
   showErrorToast('error 🙁');
 });
diff --git a/web_src/js/standalone/swagger.js b/web_src/js/standalone/swagger.js
index 00854ef5d7..2928813167 100644
--- a/web_src/js/standalone/swagger.js
+++ b/web_src/js/standalone/swagger.js
@@ -2,7 +2,7 @@ import SwaggerUI from 'swagger-ui-dist/swagger-ui-es-bundle.js';
 import 'swagger-ui-dist/swagger-ui.css';
 
 window.addEventListener('load', async () => {
-  const url = document.getElementById('swagger-ui').getAttribute('data-source');
+  const url = document.querySelector('#swagger-ui').getAttribute('data-source');
   const res = await fetch(url);
   const spec = await res.json();
 

From 1844dc6c1d4d40e2b7f493d56b5f4e371a835e38 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Tue, 11 Jun 2024 00:26:13 +0000
Subject: [PATCH 08/46] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_fr-FR.ini | 12 ++++++------
 options/locale/locale_ja-JP.ini |  5 +++++
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/options/locale/locale_fr-FR.ini b/options/locale/locale_fr-FR.ini
index 230107fc96..6dcc7a4f3f 100644
--- a/options/locale/locale_fr-FR.ini
+++ b/options/locale/locale_fr-FR.ini
@@ -363,14 +363,14 @@ filter_by_team_repositories=Dépôts filtrés par équipe
 feed_of=Flux de « %s »
 
 show_archived=Archivé
-show_both_archived_unarchived=Afficher à la fois archivé et non archivé
-show_only_archived=Afficher uniquement les archivés
-show_only_unarchived=Afficher uniquement les non archivés
+show_both_archived_unarchived=Afficher à la fois les dépôts archivés et non archivés
+show_only_archived=Afficher uniquement les dépôts archivés
+show_only_unarchived=Afficher uniquement les dépôts non archivés
 
 show_private=Privé
-show_both_private_public=Afficher les publics et privés
-show_only_private=Afficher uniquement les privés
-show_only_public=Afficher uniquement les publics
+show_both_private_public=Afficher les dépôts publics et privés
+show_only_private=Afficher uniquement les dépôts privés
+show_only_public=Afficher uniquement les dépôts publics
 
 issues.in_your_repos=Dans vos dépôts
 
diff --git a/options/locale/locale_ja-JP.ini b/options/locale/locale_ja-JP.ini
index 89df5ac0b9..d85ffb4694 100644
--- a/options/locale/locale_ja-JP.ini
+++ b/options/locale/locale_ja-JP.ini
@@ -1378,6 +1378,7 @@ commitstatus.success=成功
 ext_issues=外部イシューへのアクセス
 ext_issues.desc=外部のイシュートラッカーへのリンク。
 
+projects.desc=プロジェクトでイシューとプルリクエストを管理します。
 projects.description=説明 (オプション)
 projects.description_placeholder=説明
 projects.create=プロジェクトを作成
@@ -1552,7 +1553,9 @@ issues.no_content=説明はありません。
 issues.close=イシューをクローズ
 issues.comment_pull_merged_at=がコミット %[1]s を %[2]s にマージ %[3]s
 issues.comment_manually_pull_merged_at=がコミット %[1]s を %[2]s に手動マージ %[3]s
+issues.close_comment_issue=コメントしてクローズ
 issues.reopen_issue=再オープンする
+issues.reopen_comment_issue=コメントして再オープン
 issues.create_comment=コメントする
 issues.comment.blocked_user=投稿者またはリポジトリのオーナーがあなたをブロックしているため、コメントの作成や編集はできません。
 issues.closed_at=`がイシューをクローズ <a id="%[1]s" href="#%[1]s">%[2]s</a>`
@@ -3412,6 +3415,7 @@ error.unit_not_allowed=このセクションへのアクセスが許可されて
 title=パッケージ
 desc=リポジトリ パッケージを管理します。
 empty=パッケージはまだありません。
+no_metadata=メタデータがありません。
 empty.documentation=パッケージレジストリの詳細については、 <a target="_blank" rel="noopener noreferrer" href="%s">ドキュメント</a> を参照してください。
 empty.repo=パッケージはアップロード済みで、ここに表示されていないですか？ <a href="%[1]s">パッケージ設定</a>を開いて、パッケージをこのリポジトリにリンクしてください。
 registry.documentation=%sレジストリの詳細については、 <a target="_blank" rel="noopener noreferrer" href="%s">ドキュメント</a> を参照してください。
@@ -3634,6 +3638,7 @@ runs.pushed_by=pushed by
 runs.invalid_workflow_helper=ワークフロー設定ファイルは無効です。あなたの設定ファイルを確認してください: %s
 runs.no_matching_online_runner_helper=ラベルに一致するオンラインのランナーが見つかりません: %s
 runs.no_job_without_needs=ワークフローには依存関係のないジョブが少なくとも1つ含まれている必要があります。
+runs.no_job=ワークフローには少なくとも1つのジョブが含まれている必要があります
 runs.actor=アクター
 runs.status=ステータス
 runs.actors_no_select=すべてのアクター

From 5342a61124bf2d4fbe4c1d560b13866198149ac9 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 11 Jun 2024 11:31:23 +0800
Subject: [PATCH 09/46] Delete legacy cookie before setting new cookie (#31306)

Try to fix #31202
---
 modules/web/middleware/cookie.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/web/middleware/cookie.go b/modules/web/middleware/cookie.go
index ec6b06f993..f2d25f5b1c 100644
--- a/modules/web/middleware/cookie.go
+++ b/modules/web/middleware/cookie.go
@@ -35,6 +35,10 @@ func GetSiteCookie(req *http.Request, name string) string {
 
 // SetSiteCookie returns given cookie value from request header.
 func SetSiteCookie(resp http.ResponseWriter, name, value string, maxAge int) {
+	// Previous versions would use a cookie path with a trailing /.
+	// These are more specific than cookies without a trailing /, so
+	// we need to delete these if they exist.
+	deleteLegacySiteCookie(resp, name)
 	cookie := &http.Cookie{
 		Name:     name,
 		Value:    url.QueryEscape(value),
@@ -46,10 +50,6 @@ func SetSiteCookie(resp http.ResponseWriter, name, value string, maxAge int) {
 		SameSite: setting.SessionConfig.SameSite,
 	}
 	resp.Header().Add("Set-Cookie", cookie.String())
-	// Previous versions would use a cookie path with a trailing /.
-	// These are more specific than cookies without a trailing /, so
-	// we need to delete these if they exist.
-	deleteLegacySiteCookie(resp, name)
 }
 
 // deleteLegacySiteCookie deletes the cookie with the given name at the cookie

From 397930d8c1ffaeefbfec438908b8ddfc75de249a Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Tue, 11 Jun 2024 06:54:39 +0200
Subject: [PATCH 10/46] Fix line number width in code preview (#31307)

Line numbers were using some hacky CSS `width: 1%` that did nothing to
the code rendering as far as I can tell but broken the inline preview in
markup when line numbers are greater than 2 digits. Also I removed one
duplicate `font-family` rule (it is set below in the `.lines-num,
.lines-code` selector.
---
 web_src/css/base.css | 2 --
 1 file changed, 2 deletions(-)

diff --git a/web_src/css/base.css b/web_src/css/base.css
index 0e54d17262..3bdcde99f6 100644
--- a/web_src/css/base.css
+++ b/web_src/css/base.css
@@ -1001,8 +1001,6 @@ overflow-menu .ui.label {
   padding: 0 8px;
   text-align: right !important;
   color: var(--color-text-light-2);
-  width: 1%;
-  font-family: var(--fonts-monospace);
 }
 
 .lines-num span.bottom-line::after {

From e6ab6e637fb4da2353522d192066869fc2a8a94b Mon Sep 17 00:00:00 2001
From: Kerwin Bryant <kerwin612@qq.com>
Date: Tue, 11 Jun 2024 21:07:10 +0800
Subject: [PATCH 11/46] code optimization (#31315)

Simplifying complex if-else to existing Iif operations
---
 modules/templates/helper.go                   | 31 +++++++++-
 modules/templates/helper_test.go              | 15 +++++
 templates/admin/auth/list.tmpl                |  2 +-
 templates/admin/config.tmpl                   | 56 +++++++++----------
 templates/admin/cron.tmpl                     |  2 +-
 templates/admin/emails/list.tmpl              |  6 +-
 templates/admin/user/list.tmpl                |  6 +-
 templates/repo/diff/whitespace_dropdown.tmpl  |  2 +-
 templates/repo/issue/filter_actions.tmpl      |  2 +-
 .../issue/labels/labels_selector_field.tmpl   |  4 +-
 .../repo/issue/view_content/sidebar.tmpl      |  2 +-
 templates/repo/issue/view_title.tmpl          |  2 +-
 templates/repo/settings/lfs_pointers.tmpl     |  6 +-
 templates/repo/star_unstar.tmpl               |  2 +-
 14 files changed, 90 insertions(+), 48 deletions(-)

diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index 94464fe628..8779de69ca 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -9,6 +9,7 @@ import (
 	"html"
 	"html/template"
 	"net/url"
+	"reflect"
 	"slices"
 	"strings"
 	"time"
@@ -237,8 +238,8 @@ func DotEscape(raw string) string {
 
 // Iif is an "inline-if", similar util.Iif[T] but templates need the non-generic version,
 // and it could be simply used as "{{Iif expr trueVal}}" (omit the falseVal).
-func Iif(condition bool, vals ...any) any {
-	if condition {
+func Iif(condition any, vals ...any) any {
+	if IsTruthy(condition) {
 		return vals[0]
 	} else if len(vals) > 1 {
 		return vals[1]
@@ -246,6 +247,32 @@ func Iif(condition bool, vals ...any) any {
 	return nil
 }
 
+func IsTruthy(v any) bool {
+	if v == nil {
+		return false
+	}
+
+	rv := reflect.ValueOf(v)
+	switch rv.Kind() {
+	case reflect.Bool:
+		return rv.Bool()
+	case reflect.String:
+		return rv.String() != ""
+	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+		return rv.Int() != 0
+	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+		return rv.Uint() != 0
+	case reflect.Float32, reflect.Float64:
+		return rv.Float() != 0
+	case reflect.Slice, reflect.Array, reflect.Map:
+		return rv.Len() > 0
+	case reflect.Ptr:
+		return !rv.IsNil() && IsTruthy(reflect.Indirect(rv).Interface())
+	default:
+		return rv.Kind() == reflect.Struct && !rv.IsNil()
+	}
+}
+
 // Eval the expression and return the result, see the comment of eval.Expr for details.
 // To use this helper function in templates, pass each token as a separate parameter.
 //
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go
index 0cefb7a6b2..c6c70cc18e 100644
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -65,3 +65,18 @@ func TestHTMLFormat(t *testing.T) {
 func TestSanitizeHTML(t *testing.T) {
 	assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
 }
+
+func TestIsTruthy(t *testing.T) {
+	var test any
+	assert.Equal(t, false, IsTruthy(test))
+	assert.Equal(t, false, IsTruthy(nil))
+	assert.Equal(t, false, IsTruthy(""))
+	assert.Equal(t, true, IsTruthy("non-empty"))
+	assert.Equal(t, true, IsTruthy(-1))
+	assert.Equal(t, false, IsTruthy(0))
+	assert.Equal(t, true, IsTruthy(42))
+	assert.Equal(t, false, IsTruthy(0.0))
+	assert.Equal(t, true, IsTruthy(3.14))
+	assert.Equal(t, false, IsTruthy([]int{}))
+	assert.Equal(t, true, IsTruthy([]int{1}))
+}
diff --git a/templates/admin/auth/list.tmpl b/templates/admin/auth/list.tmpl
index 6483ec800c..174dda1e2a 100644
--- a/templates/admin/auth/list.tmpl
+++ b/templates/admin/auth/list.tmpl
@@ -25,7 +25,7 @@
 							<td>{{.ID}}</td>
 							<td><a href="{{AppSubUrl}}/admin/auths/{{.ID}}">{{.Name}}</a></td>
 							<td>{{.TypeName}}</td>
-							<td>{{if .IsActive}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
+							<td>{{svg (Iif .IsActive "octicon-check" "octicon-x")}}</td>
 							<td>{{DateTime "short" .UpdatedUnix}}</td>
 							<td>{{DateTime "short" .CreatedUnix}}</td>
 							<td><a href="{{AppSubUrl}}/admin/auths/{{.ID}}">{{svg "octicon-pencil"}}</a></td>
diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl
index 8c16429920..197a6c6add 100644
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -16,9 +16,9 @@
 				<dt>{{ctx.Locale.Tr "admin.config.domain"}}</dt>
 				<dd>{{.Domain}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.offline_mode"}}</dt>
-				<dd>{{if .OfflineMode}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .OfflineMode "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.disable_router_log"}}</dt>
-				<dd>{{if .DisableRouterLog}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .DisableRouterLog "octicon-check" "octicon-x")}}</dd>
 
 				<div class="divider"></div>
 
@@ -55,10 +55,10 @@
 		<div class="ui attached table segment">
 			<dl class="admin-dl-horizontal">
 				<dt>{{ctx.Locale.Tr "admin.config.ssh_enabled"}}</dt>
-				<dd>{{if not .SSH.Disabled}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif (not .SSH.Disabled) "octicon-check" "octicon-x")}}</dd>
 				{{if not .SSH.Disabled}}
 					<dt>{{ctx.Locale.Tr "admin.config.ssh_start_builtin_server"}}</dt>
-					<dd>{{if .SSH.StartBuiltinServer}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+					<dd>{{svg (Iif .SSH.StartBuiltinServer "octicon-check" "octicon-x")}}</dd>
 					<dt>{{ctx.Locale.Tr "admin.config.ssh_domain"}}</dt>
 					<dd>{{.SSH.Domain}}</dd>
 					<dt>{{ctx.Locale.Tr "admin.config.ssh_port"}}</dt>
@@ -74,7 +74,7 @@
 						<dt>{{ctx.Locale.Tr "admin.config.ssh_keygen_path"}}</dt>
 						<dd>{{.SSH.KeygenPath}}</dd>
 						<dt>{{ctx.Locale.Tr "admin.config.ssh_minimum_key_size_check"}}</dt>
-						<dd>{{if .SSH.MinimumKeySizeCheck}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+						<dd>{{svg (Iif .SSH.MinimumKeySizeCheck "octicon-check" "octicon-x")}}</dd>
 						{{if .SSH.MinimumKeySizeCheck}}
 							<dt>{{ctx.Locale.Tr "admin.config.ssh_minimum_key_sizes"}}</dt>
 							<dd>{{.SSH.MinimumKeySizes}}</dd>
@@ -90,7 +90,7 @@
 		<div class="ui attached table segment">
 			<dl class="admin-dl-horizontal">
 				<dt>{{ctx.Locale.Tr "admin.config.lfs_enabled"}}</dt>
-				<dd>{{if .LFS.StartServer}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .LFS.StartServer "octicon-check" "octicon-x")}}</dd>
 				{{if .LFS.StartServer}}
 					<dt>{{ctx.Locale.Tr "admin.config.lfs_content_path"}}</dt>
 					<dd>{{JsonUtils.EncodeToString .LFS.Storage.ToShadowCopy}}</dd>
@@ -134,36 +134,36 @@
 		<div class="ui attached table segment">
 			<dl class="admin-dl-horizontal">
 				<dt>{{ctx.Locale.Tr "admin.config.register_email_confirm"}}</dt>
-				<dd>{{if .Service.RegisterEmailConfirm}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.RegisterEmailConfirm "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.disable_register"}}</dt>
-				<dd>{{if .Service.DisableRegistration}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.DisableRegistration "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.allow_only_internal_registration"}}</dt>
-				<dd>{{if .Service.AllowOnlyInternalRegistration}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.AllowOnlyInternalRegistration "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.allow_only_external_registration"}}</dt>
-				<dd>{{if .Service.AllowOnlyExternalRegistration}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.AllowOnlyExternalRegistration "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.show_registration_button"}}</dt>
-				<dd>{{if .Service.ShowRegistrationButton}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.ShowRegistrationButton "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.enable_openid_signup"}}</dt>
-				<dd>{{if .Service.EnableOpenIDSignUp}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.EnableOpenIDSignUp "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.enable_openid_signin"}}</dt>
-				<dd>{{if .Service.EnableOpenIDSignIn}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.EnableOpenIDSignIn "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.require_sign_in_view"}}</dt>
-				<dd>{{if .Service.RequireSignInView}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.RequireSignInView "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.mail_notify"}}</dt>
-				<dd>{{if .Service.EnableNotifyMail}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.EnableNotifyMail "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.enable_captcha"}}</dt>
-				<dd>{{if .Service.EnableCaptcha}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.EnableCaptcha "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.default_keep_email_private"}}</dt>
-				<dd>{{if .Service.DefaultKeepEmailPrivate}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.DefaultKeepEmailPrivate "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.default_allow_create_organization"}}</dt>
-				<dd>{{if .Service.DefaultAllowCreateOrganization}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.DefaultAllowCreateOrganization "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.enable_timetracking"}}</dt>
-				<dd>{{if .Service.EnableTimetracking}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.EnableTimetracking "octicon-check" "octicon-x")}}</dd>
 				{{if .Service.EnableTimetracking}}
 					<dt>{{ctx.Locale.Tr "admin.config.default_enable_timetracking"}}</dt>
-					<dd>{{if .Service.DefaultEnableTimetracking}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+					<dd>{{svg (Iif .Service.DefaultEnableTimetracking "octicon-check" "octicon-x")}}</dd>
 					<dt>{{ctx.Locale.Tr "admin.config.default_allow_only_contributors_to_track_time"}}</dt>
-					<dd>{{if .Service.DefaultAllowOnlyContributorsToTrackTime}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+					<dd>{{svg (Iif .Service.DefaultAllowOnlyContributorsToTrackTime "octicon-check" "octicon-x")}}</dd>
 				{{end}}
 				<dt>{{ctx.Locale.Tr "admin.config.default_visibility_organization"}}</dt>
 				<dd>{{.Service.DefaultOrgVisibility}}</dd>
@@ -171,7 +171,7 @@
 				<dt>{{ctx.Locale.Tr "admin.config.no_reply_address"}}</dt>
 				<dd>{{if .Service.NoReplyAddress}}{{.Service.NoReplyAddress}}{{else}}-{{end}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.default_enable_dependencies"}}</dt>
-				<dd>{{if .Service.DefaultEnableDependencies}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Service.DefaultEnableDependencies "octicon-check" "octicon-x")}}</dd>
 				<div class="divider"></div>
 				<dt>{{ctx.Locale.Tr "admin.config.active_code_lives"}}</dt>
 				<dd>{{.Service.ActiveCodeLives}} {{ctx.Locale.Tr "tool.raw_minutes"}}</dd>
@@ -190,7 +190,7 @@
 				<dt>{{ctx.Locale.Tr "admin.config.deliver_timeout"}}</dt>
 				<dd>{{.Webhook.DeliverTimeout}} {{ctx.Locale.Tr "tool.raw_seconds"}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.skip_tls_verify"}}</dt>
-				<dd>{{if .Webhook.SkipTLSVerify}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Webhook.SkipTLSVerify "octicon-check" "octicon-x")}}</dd>
 			</dl>
 		</div>
 
@@ -200,7 +200,7 @@
 		<div class="ui attached table segment">
 			<dl class="admin-dl-horizontal">
 				<dt>{{ctx.Locale.Tr "admin.config.mailer_enabled"}}</dt>
-				<dd>{{if .MailerEnabled}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .MailerEnabled "octicon-check" "octicon-x")}}</dd>
 				{{if .MailerEnabled}}
 					<dt>{{ctx.Locale.Tr "admin.config.mailer_name"}}</dt>
 					<dd>{{.Mailer.Name}}</dd>
@@ -220,7 +220,7 @@
 						<dt>{{ctx.Locale.Tr "admin.config.mailer_protocol"}}</dt>
 						<dd>{{.Mailer.Protocol}}</dd>
 						<dt>{{ctx.Locale.Tr "admin.config.mailer_enable_helo"}}</dt>
-						<dd>{{if .Mailer.EnableHelo}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+						<dd>{{svg (Iif .Mailer.EnableHelo "octicon-check" "octicon-x")}}</dd>
 						<dt>{{ctx.Locale.Tr "admin.config.mailer_smtp_addr"}}</dt>
 						<dd>{{.Mailer.SMTPAddr}}</dd>
 						<dt>{{ctx.Locale.Tr "admin.config.mailer_smtp_port"}}</dt>
@@ -279,7 +279,7 @@
 				<dt>{{ctx.Locale.Tr "admin.config.session_life_time"}}</dt>
 				<dd>{{.SessionConfig.Maxlifetime}} {{ctx.Locale.Tr "tool.raw_seconds"}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.https_only"}}</dt>
-				<dd>{{if .SessionConfig.Secure}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .SessionConfig.Secure "octicon-check" "octicon-x")}}</dd>
 			</dl>
 		</div>
 
@@ -289,7 +289,7 @@
 		<div class="ui attached table segment">
 			<dl class="admin-dl-horizontal">
 				<dt>{{ctx.Locale.Tr "admin.config.git_disable_diff_highlight"}}</dt>
-				<dd>{{if .Git.DisableDiffHighlight}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+				<dd>{{svg (Iif .Git.DisableDiffHighlight "octicon-check" "octicon-x")}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.git_max_diff_lines"}}</dt>
 				<dd>{{.Git.MaxGitDiffLines}}</dd>
 				<dt>{{ctx.Locale.Tr "admin.config.git_max_diff_line_characters"}}</dt>
@@ -321,7 +321,7 @@
 			<dl class="admin-dl-horizontal">
 				{{if .Loggers.xorm.IsEnabled}}
 					<dt>{{ctx.Locale.Tr "admin.config.xorm_log_sql"}}</dt>
-					<dd>{{if $.LogSQL}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</dd>
+					<dd>{{svg (Iif $.LogSQL "octicon-check" "octicon-x")}}</dd>
 				{{end}}
 
 				{{if .Loggers.access.IsEnabled}}
diff --git a/templates/admin/cron.tmpl b/templates/admin/cron.tmpl
index 3cb641488c..bb412ef146 100644
--- a/templates/admin/cron.tmpl
+++ b/templates/admin/cron.tmpl
@@ -26,7 +26,7 @@
 							<td>{{DateTime "full" .Next}}</td>
 							<td>{{if gt .Prev.Year 1}}{{DateTime "full" .Prev}}{{else}}-{{end}}</td>
 							<td>{{.ExecTimes}}</td>
-							<td {{if ne .Status ""}}data-tooltip-content="{{.FormatLastMessage ctx.Locale}}"{{end}} >{{if eq .Status ""}}—{{else if eq .Status "finished"}}{{svg "octicon-check" 16}}{{else}}{{svg "octicon-x" 16}}{{end}}</td>
+							<td {{if ne .Status ""}}data-tooltip-content="{{.FormatLastMessage ctx.Locale}}"{{end}} >{{if eq .Status ""}}—{{else}}{{svg (Iif (eq .Status "finished") "octicon-check" "octicon-x") 16}}{{end}}</td>
 						</tr>
 					{{end}}
 				</tbody>
diff --git a/templates/admin/emails/list.tmpl b/templates/admin/emails/list.tmpl
index 388863df9b..1f226afcc4 100644
--- a/templates/admin/emails/list.tmpl
+++ b/templates/admin/emails/list.tmpl
@@ -46,17 +46,17 @@
 							<td><a href="{{AppSubUrl}}/{{.Name | PathEscape}}">{{.Name}}</a></td>
 							<td class="gt-ellipsis tw-max-w-48">{{.FullName}}</td>
 							<td class="gt-ellipsis tw-max-w-48">{{.Email}}</td>
-							<td>{{if .IsPrimary}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
+							<td>{{svg (Iif .IsPrimary "octicon-check" "octicon-x")}}</td>
 							<td>
 								{{if .CanChange}}
 									<a class="link-email-action" href data-uid="{{.UID}}"
 										data-email="{{.Email}}"
 										data-primary="{{if .IsPrimary}}1{{else}}0{{end}}"
 										data-activate="{{if .IsActivated}}0{{else}}1{{end}}">
-										{{if .IsActivated}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
+										{{svg (Iif .IsActivated "octicon-check" "octicon-x")}}
 									</a>
 								{{else}}
-									{{if .IsActivated}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}
+									{{svg (Iif .IsActivated "octicon-check" "octicon-x")}}
 								{{end}}
 							</td>
 						</tr>
diff --git a/templates/admin/user/list.tmpl b/templates/admin/user/list.tmpl
index 528d047507..bc54d33431 100644
--- a/templates/admin/user/list.tmpl
+++ b/templates/admin/user/list.tmpl
@@ -93,9 +93,9 @@
 								{{end}}
 							</td>
 							<td class="gt-ellipsis tw-max-w-48">{{.Email}}</td>
-							<td>{{if .IsActive}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
-							<td>{{if .IsRestricted}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
-							<td>{{if index $.UsersTwoFaStatus .ID}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
+							<td>{{svg (Iif .IsActive "octicon-check" "octicon-x")}}</td>
+							<td>{{svg (Iif .IsRestricted "octicon-check" "octicon-x")}}</td>
+							<td>{{svg (Iif (index $.UsersTwoFaStatus .ID) "octicon-check" "octicon-x")}}</td>
 							<td>{{DateTime "short" .CreatedUnix}}</td>
 							{{if .LastLoginUnix}}
 								<td>{{DateTime "short" .LastLoginUnix}}</td>
diff --git a/templates/repo/diff/whitespace_dropdown.tmpl b/templates/repo/diff/whitespace_dropdown.tmpl
index c54de165a4..cf695791ca 100644
--- a/templates/repo/diff/whitespace_dropdown.tmpl
+++ b/templates/repo/diff/whitespace_dropdown.tmpl
@@ -27,4 +27,4 @@
 		</a>
 	</div>
 </div>
-<a class="ui tiny basic button" href="?style={{if .IsSplitStyle}}unified{{else}}split{{end}}&whitespace={{$.WhitespaceBehavior}}&show-outdated={{$.ShowOutdatedComments}}" data-tooltip-content="{{if .IsSplitStyle}}{{ctx.Locale.Tr "repo.diff.show_unified_view"}}{{else}}{{ctx.Locale.Tr "repo.diff.show_split_view"}}{{end}}">{{if .IsSplitStyle}}{{svg "gitea-join"}}{{else}}{{svg "gitea-split"}}{{end}}</a>
+<a class="ui tiny basic button" href="?style={{if .IsSplitStyle}}unified{{else}}split{{end}}&whitespace={{$.WhitespaceBehavior}}&show-outdated={{$.ShowOutdatedComments}}" data-tooltip-content="{{if .IsSplitStyle}}{{ctx.Locale.Tr "repo.diff.show_unified_view"}}{{else}}{{ctx.Locale.Tr "repo.diff.show_split_view"}}{{end}}">{{svg (Iif .IsSplitStyle "gitea-join" "gitea-split")}}</a>
diff --git a/templates/repo/issue/filter_actions.tmpl b/templates/repo/issue/filter_actions.tmpl
index 18986db773..88d0653f7d 100644
--- a/templates/repo/issue/filter_actions.tmpl
+++ b/templates/repo/issue/filter_actions.tmpl
@@ -30,7 +30,7 @@
 					{{end}}
 					{{$previousExclusiveScope = $exclusiveScope}}
 					<div class="item issue-action tw-flex tw-justify-between" data-action="toggle" data-element-id="{{.ID}}" data-url="{{$.RepoLink}}/issues/labels">
-						{{if SliceUtils.Contains $.SelLabelIDs .ID}}{{if $exclusiveScope}}{{svg "octicon-dot-fill"}}{{else}}{{svg "octicon-check"}}{{end}}{{end}} {{RenderLabel $.Context ctx.Locale .}}
+						{{if SliceUtils.Contains $.SelLabelIDs .ID}}{{svg (Iif $exclusiveScope "octicon-dot-fill" "octicon-check")}}{{end}} {{RenderLabel $.Context ctx.Locale .}}
 						{{template "repo/issue/labels/label_archived" .}}
 					</div>
 				{{end}}
diff --git a/templates/repo/issue/labels/labels_selector_field.tmpl b/templates/repo/issue/labels/labels_selector_field.tmpl
index e5f15caca5..3d65a7d8cd 100644
--- a/templates/repo/issue/labels/labels_selector_field.tmpl
+++ b/templates/repo/issue/labels/labels_selector_field.tmpl
@@ -21,7 +21,7 @@
 					<div class="divider"></div>
 				{{end}}
 				{{$previousExclusiveScope = $exclusiveScope}}
-				<a class="{{if .IsChecked}}checked{{end}} item" href="#" data-id="{{.ID}}" {{if .IsArchived}}data-is-archived{{end}} data-id-selector="#label_{{.ID}}" data-scope="{{$exclusiveScope}}"><span class="octicon-check {{if not .IsChecked}}tw-invisible{{end}}">{{if $exclusiveScope}}{{svg "octicon-dot-fill"}}{{else}}{{svg "octicon-check"}}{{end}}</span>&nbsp;&nbsp;{{RenderLabel $.Context ctx.Locale .}}
+				<a class="{{if .IsChecked}}checked{{end}} item" href="#" data-id="{{.ID}}" {{if .IsArchived}}data-is-archived{{end}} data-id-selector="#label_{{.ID}}" data-scope="{{$exclusiveScope}}"><span class="octicon-check {{if not .IsChecked}}tw-invisible{{end}}">{{svg (Iif $exclusiveScope "octicon-dot-fill" "octicon-check")}}</span>&nbsp;&nbsp;{{RenderLabel $.Context ctx.Locale .}}
 					{{if .Description}}<br><small class="desc">{{.Description | RenderEmoji $.Context}}</small>{{end}}
 					<p class="archived-label-hint">{{template "repo/issue/labels/label_archived" .}}</p>
 				</a>
@@ -34,7 +34,7 @@
 					<div class="divider"></div>
 				{{end}}
 				{{$previousExclusiveScope = $exclusiveScope}}
-				<a class="{{if .IsChecked}}checked{{end}} item" href="#" data-id="{{.ID}}" {{if .IsArchived}}data-is-archived{{end}} data-id-selector="#label_{{.ID}}" data-scope="{{$exclusiveScope}}"><span class="octicon-check {{if not .IsChecked}}tw-invisible{{end}}">{{if $exclusiveScope}}{{svg "octicon-dot-fill"}}{{else}}{{svg "octicon-check"}}{{end}}</span>&nbsp;&nbsp;{{RenderLabel $.Context ctx.Locale .}}
+				<a class="{{if .IsChecked}}checked{{end}} item" href="#" data-id="{{.ID}}" {{if .IsArchived}}data-is-archived{{end}} data-id-selector="#label_{{.ID}}" data-scope="{{$exclusiveScope}}"><span class="octicon-check {{if not .IsChecked}}tw-invisible{{end}}">{{svg (Iif $exclusiveScope "octicon-dot-fill" "octicon-check")}}</span>&nbsp;&nbsp;{{RenderLabel $.Context ctx.Locale .}}
 					{{if .Description}}<br><small class="desc">{{.Description | RenderEmoji $.Context}}</small>{{end}}
 					<p class="archived-label-hint">{{template "repo/issue/labels/label_archived" .}}</p>
 				</a>
diff --git a/templates/repo/issue/view_content/sidebar.tmpl b/templates/repo/issue/view_content/sidebar.tmpl
index bb0bb2cff3..ce34c5e939 100644
--- a/templates/repo/issue/view_content/sidebar.tmpl
+++ b/templates/repo/issue/view_content/sidebar.tmpl
@@ -92,7 +92,7 @@
 								</span>
 							{{end}}
 							{{if and .CanChange (or .Checked (and (not $.Issue.IsClosed) (not $.Issue.PullRequest.HasMerged)))}}
-								<a href="#" class="ui muted icon re-request-review{{if .Checked}} checked{{end}}" data-tooltip-content="{{if .Checked}}{{ctx.Locale.Tr "repo.issues.remove_request_review"}}{{else}}{{ctx.Locale.Tr "repo.issues.re_request_review"}}{{end}}" data-issue-id="{{$.Issue.ID}}" data-id="{{.ItemID}}" data-update-url="{{$.RepoLink}}/issues/request_review">{{if .Checked}}{{svg "octicon-trash"}}{{else}}{{svg "octicon-sync"}}{{end}}</a>
+								<a href="#" class="ui muted icon re-request-review{{if .Checked}} checked{{end}}" data-tooltip-content="{{if .Checked}}{{ctx.Locale.Tr "repo.issues.remove_request_review"}}{{else}}{{ctx.Locale.Tr "repo.issues.re_request_review"}}{{end}}" data-issue-id="{{$.Issue.ID}}" data-id="{{.ItemID}}" data-update-url="{{$.RepoLink}}/issues/request_review">{{svg (Iif .Checked "octicon-trash" "octicon-sync")}}</a>
 							{{end}}
 							{{svg (printf "octicon-%s" .Review.Type.Icon) 16 (printf "text %s" (.Review.HTMLTypeColorName))}}
 						</div>
diff --git a/templates/repo/issue/view_title.tmpl b/templates/repo/issue/view_title.tmpl
index 58d3759a9d..1243681f3a 100644
--- a/templates/repo/issue/view_title.tmpl
+++ b/templates/repo/issue/view_title.tmpl
@@ -36,7 +36,7 @@
 		{{if .HasMerged}}
 			<div class="ui purple label issue-state-label">{{svg "octicon-git-merge" 16 "tw-mr-1"}} {{if eq .Issue.PullRequest.Status 3}}{{ctx.Locale.Tr "repo.pulls.manually_merged"}}{{else}}{{ctx.Locale.Tr "repo.pulls.merged"}}{{end}}</div>
 		{{else if .Issue.IsClosed}}
-			<div class="ui red label issue-state-label">{{if .Issue.IsPull}}{{svg "octicon-git-pull-request"}}{{else}}{{svg "octicon-issue-closed"}}{{end}} {{ctx.Locale.Tr "repo.issues.closed_title"}}</div>
+			<div class="ui red label issue-state-label">{{svg (Iif .Issue.IsPull "octicon-git-pull-request" "octicon-issue-closed")}} {{ctx.Locale.Tr "repo.issues.closed_title"}}</div>
 		{{else if .Issue.IsPull}}
 			{{if .IsPullWorkInProgress}}
 				<div class="ui grey label issue-state-label">{{svg "octicon-git-pull-request-draft"}} {{ctx.Locale.Tr "repo.issues.draft_title"}}</div>
diff --git a/templates/repo/settings/lfs_pointers.tmpl b/templates/repo/settings/lfs_pointers.tmpl
index 758aec6bb0..4cfc0fc673 100644
--- a/templates/repo/settings/lfs_pointers.tmpl
+++ b/templates/repo/settings/lfs_pointers.tmpl
@@ -41,9 +41,9 @@
 									{{ShortSha .Oid}}
 								</a>
 							</td>
-							<td>{{if .InRepo}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
-							<td>{{if .Exists}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
-							<td>{{if .Accessible}}{{svg "octicon-check"}}{{else}}{{svg "octicon-x"}}{{end}}</td>
+							<td>{{svg (Iif .InRepo "octicon-check" "octicon-x")}}</td>
+							<td>{{svg (Iif .Exists "octicon-check" "octicon-x")}}</td>
+							<td>{{svg (Iif .Accessible "octicon-check" "octicon-x")}}</td>
 							<td class="tw-text-right">
 								<a class="ui primary button" href="{{$.LFSFilesLink}}/find?oid={{.Oid}}&size={{.Size}}&sha={{.SHA}}">{{ctx.Locale.Tr "repo.settings.lfs_findcommits"}}</a>
 							</td>
diff --git a/templates/repo/star_unstar.tmpl b/templates/repo/star_unstar.tmpl
index 0f09d8b492..9234a0d196 100644
--- a/templates/repo/star_unstar.tmpl
+++ b/templates/repo/star_unstar.tmpl
@@ -3,7 +3,7 @@
 		{{$buttonText := ctx.Locale.Tr "repo.star"}}
 		{{if $.IsStaringRepo}}{{$buttonText = ctx.Locale.Tr "repo.unstar"}}{{end}}
 		<button type="submit" class="ui compact small basic button"{{if not $.IsSigned}} disabled{{end}} aria-label="{{$buttonText}}">
-			{{if $.IsStaringRepo}}{{svg "octicon-star-fill"}}{{else}}{{svg "octicon-star"}}{{end}}
+			{{svg (Iif $.IsStaringRepo "octicon-star-fill" "octicon-star")}}
 			<span aria-hidden="true">{{$buttonText}}</span>
 		</button>
 		<a hx-boost="false" class="ui basic label" href="{{$.RepoLink}}/stars">

From 61c97fdef10d29f8813ee18734b37bb2797e3bab Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Tue, 11 Jun 2024 15:47:13 +0200
Subject: [PATCH 12/46] update nix flake and add gofumpt (#31320)

nix flake maintenance
---
 flake.lock | 6 +++---
 flake.nix  | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/flake.lock b/flake.lock
index 0b2278f080..606f8836c1 100644
--- a/flake.lock
+++ b/flake.lock
@@ -20,11 +20,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1715534503,
-        "narHash": "sha256-5ZSVkFadZbFP1THataCaSf0JH2cAH3S29hU9rrxTEqk=",
+        "lastModified": 1717974879,
+        "narHash": "sha256-GTO3C88+5DX171F/gVS3Qga/hOs/eRMxPFpiHq2t+D8=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "2057814051972fa1453ddfb0d98badbea9b83c06",
+        "rev": "c7b821ba2e1e635ba5a76d299af62821cbcb09f3",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index c6e915e9db..22354663dd 100644
--- a/flake.nix
+++ b/flake.nix
@@ -30,6 +30,7 @@
 
             # backend
             go_1_22
+            gofumpt
           ];
         };
       }

From 4bf848a06bfa069e5f381235193924f2b35f2d9d Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Tue, 11 Jun 2024 22:52:12 +0800
Subject: [PATCH 13/46] Make template `Iif` exactly match `if` (#31322)

---
 modules/templates/helper.go      | 16 +++++-----
 modules/templates/helper_test.go | 52 ++++++++++++++++++++++++--------
 2 files changed, 47 insertions(+), 21 deletions(-)

diff --git a/modules/templates/helper.go b/modules/templates/helper.go
index 8779de69ca..330cbf8908 100644
--- a/modules/templates/helper.go
+++ b/modules/templates/helper.go
@@ -239,7 +239,7 @@ func DotEscape(raw string) string {
 // Iif is an "inline-if", similar util.Iif[T] but templates need the non-generic version,
 // and it could be simply used as "{{Iif expr trueVal}}" (omit the falseVal).
 func Iif(condition any, vals ...any) any {
-	if IsTruthy(condition) {
+	if isTemplateTruthy(condition) {
 		return vals[0]
 	} else if len(vals) > 1 {
 		return vals[1]
@@ -247,7 +247,7 @@ func Iif(condition any, vals ...any) any {
 	return nil
 }
 
-func IsTruthy(v any) bool {
+func isTemplateTruthy(v any) bool {
 	if v == nil {
 		return false
 	}
@@ -256,20 +256,20 @@ func IsTruthy(v any) bool {
 	switch rv.Kind() {
 	case reflect.Bool:
 		return rv.Bool()
-	case reflect.String:
-		return rv.String() != ""
 	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
 		return rv.Int() != 0
 	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
 		return rv.Uint() != 0
 	case reflect.Float32, reflect.Float64:
 		return rv.Float() != 0
-	case reflect.Slice, reflect.Array, reflect.Map:
+	case reflect.Complex64, reflect.Complex128:
+		return rv.Complex() != 0
+	case reflect.String, reflect.Slice, reflect.Array, reflect.Map:
 		return rv.Len() > 0
-	case reflect.Ptr:
-		return !rv.IsNil() && IsTruthy(reflect.Indirect(rv).Interface())
+	case reflect.Struct:
+		return true
 	default:
-		return rv.Kind() == reflect.Struct && !rv.IsNil()
+		return !rv.IsNil()
 	}
 }
 
diff --git a/modules/templates/helper_test.go b/modules/templates/helper_test.go
index c6c70cc18e..ea5da7be80 100644
--- a/modules/templates/helper_test.go
+++ b/modules/templates/helper_test.go
@@ -5,8 +5,11 @@ package templates
 
 import (
 	"html/template"
+	"strings"
 	"testing"
 
+	"code.gitea.io/gitea/modules/util"
+
 	"github.com/stretchr/testify/assert"
 )
 
@@ -66,17 +69,40 @@ func TestSanitizeHTML(t *testing.T) {
 	assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
 }
 
-func TestIsTruthy(t *testing.T) {
-	var test any
-	assert.Equal(t, false, IsTruthy(test))
-	assert.Equal(t, false, IsTruthy(nil))
-	assert.Equal(t, false, IsTruthy(""))
-	assert.Equal(t, true, IsTruthy("non-empty"))
-	assert.Equal(t, true, IsTruthy(-1))
-	assert.Equal(t, false, IsTruthy(0))
-	assert.Equal(t, true, IsTruthy(42))
-	assert.Equal(t, false, IsTruthy(0.0))
-	assert.Equal(t, true, IsTruthy(3.14))
-	assert.Equal(t, false, IsTruthy([]int{}))
-	assert.Equal(t, true, IsTruthy([]int{1}))
+func TestTemplateTruthy(t *testing.T) {
+	tmpl := template.New("test")
+	tmpl.Funcs(template.FuncMap{"Iif": Iif})
+	template.Must(tmpl.Parse(`{{if .Value}}true{{else}}false{{end}}:{{Iif .Value "true" "false"}}`))
+
+	cases := []any{
+		nil, false, true, "", "string", 0, 1,
+		byte(0), byte(1), int64(0), int64(1), float64(0), float64(1),
+		complex(0, 0), complex(1, 0),
+		(chan int)(nil), make(chan int),
+		(func())(nil), func() {},
+		util.ToPointer(0), util.ToPointer(util.ToPointer(0)),
+		util.ToPointer(1), util.ToPointer(util.ToPointer(1)),
+		[0]int{},
+		[1]int{0},
+		[]int(nil),
+		[]int{},
+		[]int{0},
+		map[any]any(nil),
+		map[any]any{},
+		map[any]any{"k": "v"},
+		(*struct{})(nil),
+		struct{}{},
+		util.ToPointer(struct{}{}),
+	}
+	w := &strings.Builder{}
+	truthyCount := 0
+	for i, v := range cases {
+		w.Reset()
+		assert.NoError(t, tmpl.Execute(w, struct{ Value any }{v}), "case %d (%T) %#v fails", i, v, v)
+		out := w.String()
+		truthyCount += util.Iif(out == "true:true", 1, 0)
+		truthyMatches := out == "true:true" || out == "false:false"
+		assert.True(t, truthyMatches, "case %d (%T) %#v fail: %s", i, v, v, out)
+	}
+	assert.True(t, truthyCount != 0 && truthyCount != len(cases))
 }

From fc2d75f86d77b022ece848acf2581c14ef21d43b Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Tue, 11 Jun 2024 20:47:45 +0200
Subject: [PATCH 14/46] Enable `unparam` linter (#31277)

Enable [unparam](https://github.com/mvdan/unparam) linter.

Often I could not tell the intention why param is unused, so I put
`//nolint` for those cases like webhook request creation functions never
using `ctx`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
---
 .golangci.yml                          |  1 +
 models/dbfs/dbfile.go                  | 17 +++------
 models/issues/issue_search.go          | 51 ++++++++++----------------
 models/issues/pull_list.go             | 16 ++------
 modules/auth/password/hash/common.go   |  2 +-
 modules/packages/cran/metadata.go      | 18 ++++-----
 modules/setting/config_env.go          |  2 +-
 modules/setting/storage.go             |  2 +-
 modules/storage/azureblob.go           | 31 ++++------------
 modules/util/keypair.go                |  9 ++---
 routers/api/actions/artifacts.go       |  8 +---
 routers/api/actions/artifacts_utils.go |  8 ++--
 routers/api/packages/container/blob.go |  2 +-
 routers/api/packages/nuget/nuget.go    |  2 +-
 routers/api/v1/repo/compare.go         |  2 +-
 routers/api/v1/repo/pull.go            | 28 +++++++-------
 routers/web/admin/config.go            |  2 +-
 services/pull/merge.go                 |  2 +-
 services/webhook/dingtalk.go           |  2 +-
 services/webhook/discord.go            |  2 +-
 services/webhook/feishu.go             |  2 +-
 services/webhook/matrix.go             |  2 +-
 services/webhook/msteams.go            |  2 +-
 services/webhook/packagist.go          |  2 +-
 services/webhook/slack.go              |  2 +-
 services/webhook/telegram.go           |  2 +-
 services/webhook/wechatwork.go         |  2 +-
 27 files changed, 86 insertions(+), 135 deletions(-)

diff --git a/.golangci.yml b/.golangci.yml
index 1750872765..37617ad365 100644
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -22,6 +22,7 @@ linters:
     - typecheck
     - unconvert
     - unused
+    - unparam
     - wastedassign
 
 run:
diff --git a/models/dbfs/dbfile.go b/models/dbfs/dbfile.go
index 3650ce057e..dd27b5c36b 100644
--- a/models/dbfs/dbfile.go
+++ b/models/dbfs/dbfile.go
@@ -215,16 +215,15 @@ func fileTimestampToTime(timestamp int64) time.Time {
 	return time.UnixMicro(timestamp)
 }
 
-func (f *file) loadMetaByPath() (*dbfsMeta, error) {
+func (f *file) loadMetaByPath() error {
 	var fileMeta dbfsMeta
 	if ok, err := db.GetEngine(f.ctx).Where("full_path = ?", f.fullPath).Get(&fileMeta); err != nil {
-		return nil, err
+		return err
 	} else if ok {
 		f.metaID = fileMeta.ID
 		f.blockSize = fileMeta.BlockSize
-		return &fileMeta, nil
 	}
-	return nil, nil
+	return nil
 }
 
 func (f *file) open(flag int) (err error) {
@@ -288,10 +287,7 @@ func (f *file) createEmpty() error {
 	if err != nil {
 		return err
 	}
-	if _, err = f.loadMetaByPath(); err != nil {
-		return err
-	}
-	return nil
+	return f.loadMetaByPath()
 }
 
 func (f *file) truncate() error {
@@ -368,8 +364,5 @@ func buildPath(path string) string {
 func newDbFile(ctx context.Context, path string) (*file, error) {
 	path = buildPath(path)
 	f := &file{ctx: ctx, fullPath: path, blockSize: defaultFileBlockSize}
-	if _, err := f.loadMetaByPath(); err != nil {
-		return nil, err
-	}
-	return f, nil
+	return f, f.loadMetaByPath()
 }
diff --git a/models/issues/issue_search.go b/models/issues/issue_search.go
index 491def1229..c1d7d921a9 100644
--- a/models/issues/issue_search.go
+++ b/models/issues/issue_search.go
@@ -99,9 +99,9 @@ func applySorts(sess *xorm.Session, sortType string, priorityRepoID int64) {
 	}
 }
 
-func applyLimit(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyLimit(sess *xorm.Session, opts *IssuesOptions) {
 	if opts.Paginator == nil || opts.Paginator.IsListAll() {
-		return sess
+		return
 	}
 
 	start := 0
@@ -109,11 +109,9 @@ func applyLimit(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
 		start = (opts.Paginator.Page - 1) * opts.Paginator.PageSize
 	}
 	sess.Limit(opts.Paginator.PageSize, start)
-
-	return sess
 }
 
-func applyLabelsCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyLabelsCondition(sess *xorm.Session, opts *IssuesOptions) {
 	if len(opts.LabelIDs) > 0 {
 		if opts.LabelIDs[0] == 0 {
 			sess.Where("issue.id NOT IN (SELECT issue_id FROM issue_label)")
@@ -136,11 +134,9 @@ func applyLabelsCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Session
 	if len(opts.ExcludedLabelNames) > 0 {
 		sess.And(builder.NotIn("issue.id", BuildLabelNamesIssueIDsCondition(opts.ExcludedLabelNames)))
 	}
-
-	return sess
 }
 
-func applyMilestoneCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyMilestoneCondition(sess *xorm.Session, opts *IssuesOptions) {
 	if len(opts.MilestoneIDs) == 1 && opts.MilestoneIDs[0] == db.NoConditionID {
 		sess.And("issue.milestone_id = 0")
 	} else if len(opts.MilestoneIDs) > 0 {
@@ -153,11 +149,9 @@ func applyMilestoneCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Sess
 				From("milestone").
 				Where(builder.In("name", opts.IncludeMilestones)))
 	}
-
-	return sess
 }
 
-func applyProjectCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyProjectCondition(sess *xorm.Session, opts *IssuesOptions) {
 	if opts.ProjectID > 0 { // specific project
 		sess.Join("INNER", "project_issue", "issue.id = project_issue.issue_id").
 			And("project_issue.project_id=?", opts.ProjectID)
@@ -166,10 +160,9 @@ func applyProjectCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Sessio
 	}
 	// opts.ProjectID == 0 means all projects,
 	// do not need to apply any condition
-	return sess
 }
 
-func applyProjectColumnCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyProjectColumnCondition(sess *xorm.Session, opts *IssuesOptions) {
 	// opts.ProjectColumnID == 0 means all project columns,
 	// do not need to apply any condition
 	if opts.ProjectColumnID > 0 {
@@ -177,10 +170,9 @@ func applyProjectColumnCondition(sess *xorm.Session, opts *IssuesOptions) *xorm.
 	} else if opts.ProjectColumnID == db.NoConditionID {
 		sess.In("issue.id", builder.Select("issue_id").From("project_issue").Where(builder.Eq{"project_board_id": 0}))
 	}
-	return sess
 }
 
-func applyRepoConditions(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyRepoConditions(sess *xorm.Session, opts *IssuesOptions) {
 	if len(opts.RepoIDs) == 1 {
 		opts.RepoCond = builder.Eq{"issue.repo_id": opts.RepoIDs[0]}
 	} else if len(opts.RepoIDs) > 1 {
@@ -195,10 +187,9 @@ func applyRepoConditions(sess *xorm.Session, opts *IssuesOptions) *xorm.Session
 	if opts.RepoCond != nil {
 		sess.And(opts.RepoCond)
 	}
-	return sess
 }
 
-func applyConditions(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
+func applyConditions(sess *xorm.Session, opts *IssuesOptions) {
 	if len(opts.IssueIDs) > 0 {
 		sess.In("issue.id", opts.IssueIDs)
 	}
@@ -261,8 +252,6 @@ func applyConditions(sess *xorm.Session, opts *IssuesOptions) *xorm.Session {
 	if opts.User != nil {
 		sess.And(issuePullAccessibleRepoCond("issue.repo_id", opts.User.ID, opts.Org, opts.Team, opts.IsPull.Value()))
 	}
-
-	return sess
 }
 
 // teamUnitsRepoCond returns query condition for those repo id in the special org team with special units access
@@ -339,22 +328,22 @@ func issuePullAccessibleRepoCond(repoIDstr string, userID int64, org *organizati
 	return cond
 }
 
-func applyAssigneeCondition(sess *xorm.Session, assigneeID int64) *xorm.Session {
-	return sess.Join("INNER", "issue_assignees", "issue.id = issue_assignees.issue_id").
+func applyAssigneeCondition(sess *xorm.Session, assigneeID int64) {
+	sess.Join("INNER", "issue_assignees", "issue.id = issue_assignees.issue_id").
 		And("issue_assignees.assignee_id = ?", assigneeID)
 }
 
-func applyPosterCondition(sess *xorm.Session, posterID int64) *xorm.Session {
-	return sess.And("issue.poster_id=?", posterID)
+func applyPosterCondition(sess *xorm.Session, posterID int64) {
+	sess.And("issue.poster_id=?", posterID)
 }
 
-func applyMentionedCondition(sess *xorm.Session, mentionedID int64) *xorm.Session {
-	return sess.Join("INNER", "issue_user", "issue.id = issue_user.issue_id").
+func applyMentionedCondition(sess *xorm.Session, mentionedID int64) {
+	sess.Join("INNER", "issue_user", "issue.id = issue_user.issue_id").
 		And("issue_user.is_mentioned = ?", true).
 		And("issue_user.uid = ?", mentionedID)
 }
 
-func applyReviewRequestedCondition(sess *xorm.Session, reviewRequestedID int64) *xorm.Session {
+func applyReviewRequestedCondition(sess *xorm.Session, reviewRequestedID int64) {
 	existInTeamQuery := builder.Select("team_user.team_id").
 		From("team_user").
 		Where(builder.Eq{"team_user.uid": reviewRequestedID})
@@ -375,11 +364,11 @@ func applyReviewRequestedCondition(sess *xorm.Session, reviewRequestedID int64)
 			),
 			builder.In("review.id", maxReview),
 		))
-	return sess.Where("issue.poster_id <> ?", reviewRequestedID).
+	sess.Where("issue.poster_id <> ?", reviewRequestedID).
 		And(builder.In("issue.id", subQuery))
 }
 
-func applyReviewedCondition(sess *xorm.Session, reviewedID int64) *xorm.Session {
+func applyReviewedCondition(sess *xorm.Session, reviewedID int64) {
 	// Query for pull requests where you are a reviewer or commenter, excluding
 	// any pull requests already returned by the review requested filter.
 	notPoster := builder.Neq{"issue.poster_id": reviewedID}
@@ -406,11 +395,11 @@ func applyReviewedCondition(sess *xorm.Session, reviewedID int64) *xorm.Session
 			builder.In("type", CommentTypeComment, CommentTypeCode, CommentTypeReview),
 		)),
 	)
-	return sess.And(notPoster, builder.Or(reviewed, commented))
+	sess.And(notPoster, builder.Or(reviewed, commented))
 }
 
-func applySubscribedCondition(sess *xorm.Session, subscriberID int64) *xorm.Session {
-	return sess.And(
+func applySubscribedCondition(sess *xorm.Session, subscriberID int64) {
+	sess.And(
 		builder.
 			NotIn("issue.id",
 				builder.Select("issue_id").
diff --git a/models/issues/pull_list.go b/models/issues/pull_list.go
index e8011a916f..a1d46f8cd4 100644
--- a/models/issues/pull_list.go
+++ b/models/issues/pull_list.go
@@ -28,7 +28,7 @@ type PullRequestsOptions struct {
 	MilestoneID int64
 }
 
-func listPullRequestStatement(ctx context.Context, baseRepoID int64, opts *PullRequestsOptions) (*xorm.Session, error) {
+func listPullRequestStatement(ctx context.Context, baseRepoID int64, opts *PullRequestsOptions) *xorm.Session {
 	sess := db.GetEngine(ctx).Where("pull_request.base_repo_id=?", baseRepoID)
 
 	sess.Join("INNER", "issue", "pull_request.issue_id = issue.id")
@@ -46,7 +46,7 @@ func listPullRequestStatement(ctx context.Context, baseRepoID int64, opts *PullR
 		sess.And("issue.milestone_id=?", opts.MilestoneID)
 	}
 
-	return sess, nil
+	return sess
 }
 
 // GetUnmergedPullRequestsByHeadInfo returns all pull requests that are open and has not been merged
@@ -130,23 +130,15 @@ func PullRequests(ctx context.Context, baseRepoID int64, opts *PullRequestsOptio
 		opts.Page = 1
 	}
 
-	countSession, err := listPullRequestStatement(ctx, baseRepoID, opts)
-	if err != nil {
-		log.Error("listPullRequestStatement: %v", err)
-		return nil, 0, err
-	}
+	countSession := listPullRequestStatement(ctx, baseRepoID, opts)
 	maxResults, err := countSession.Count(new(PullRequest))
 	if err != nil {
 		log.Error("Count PRs: %v", err)
 		return nil, maxResults, err
 	}
 
-	findSession, err := listPullRequestStatement(ctx, baseRepoID, opts)
+	findSession := listPullRequestStatement(ctx, baseRepoID, opts)
 	applySorts(findSession, opts.SortType, 0)
-	if err != nil {
-		log.Error("listPullRequestStatement: %v", err)
-		return nil, maxResults, err
-	}
 	findSession = db.SetSessionPagination(findSession, opts)
 	prs := make([]*PullRequest, 0, opts.PageSize)
 	return prs, maxResults, findSession.Find(&prs)
diff --git a/modules/auth/password/hash/common.go b/modules/auth/password/hash/common.go
index ac6faf35cf..487c0738f4 100644
--- a/modules/auth/password/hash/common.go
+++ b/modules/auth/password/hash/common.go
@@ -18,7 +18,7 @@ func parseIntParam(value, param, algorithmName, config string, previousErr error
 	return parsed, previousErr // <- Keep the previous error as this function should still return an error once everything has been checked if any call failed
 }
 
-func parseUIntParam(value, param, algorithmName, config string, previousErr error) (uint64, error) {
+func parseUIntParam(value, param, algorithmName, config string, previousErr error) (uint64, error) { //nolint:unparam
 	parsed, err := strconv.ParseUint(value, 10, 64)
 	if err != nil {
 		log.Error("invalid integer for %s representation in %s hash spec %s", param, algorithmName, config)
diff --git a/modules/packages/cran/metadata.go b/modules/packages/cran/metadata.go
index 24e6f323af..0b0bfb07c6 100644
--- a/modules/packages/cran/metadata.go
+++ b/modules/packages/cran/metadata.go
@@ -185,8 +185,6 @@ func ParseDescription(r io.Reader) (*Package, error) {
 }
 
 func setField(p *Package, data string) error {
-	const listDelimiter = ", "
-
 	if data == "" {
 		return nil
 	}
@@ -215,19 +213,19 @@ func setField(p *Package, data string) error {
 	case "Description":
 		p.Metadata.Description = value
 	case "URL":
-		p.Metadata.ProjectURL = splitAndTrim(value, listDelimiter)
+		p.Metadata.ProjectURL = splitAndTrim(value)
 	case "License":
 		p.Metadata.License = value
 	case "Author":
-		p.Metadata.Authors = splitAndTrim(authorReplacePattern.ReplaceAllString(value, ""), listDelimiter)
+		p.Metadata.Authors = splitAndTrim(authorReplacePattern.ReplaceAllString(value, ""))
 	case "Depends":
-		p.Metadata.Depends = splitAndTrim(value, listDelimiter)
+		p.Metadata.Depends = splitAndTrim(value)
 	case "Imports":
-		p.Metadata.Imports = splitAndTrim(value, listDelimiter)
+		p.Metadata.Imports = splitAndTrim(value)
 	case "Suggests":
-		p.Metadata.Suggests = splitAndTrim(value, listDelimiter)
+		p.Metadata.Suggests = splitAndTrim(value)
 	case "LinkingTo":
-		p.Metadata.LinkingTo = splitAndTrim(value, listDelimiter)
+		p.Metadata.LinkingTo = splitAndTrim(value)
 	case "NeedsCompilation":
 		p.Metadata.NeedsCompilation = value == "yes"
 	}
@@ -235,8 +233,8 @@ func setField(p *Package, data string) error {
 	return nil
 }
 
-func splitAndTrim(s, sep string) []string {
-	items := strings.Split(s, sep)
+func splitAndTrim(s string) []string {
+	items := strings.Split(s, ", ")
 	for i := range items {
 		items[i] = strings.TrimSpace(items[i])
 	}
diff --git a/modules/setting/config_env.go b/modules/setting/config_env.go
index 242f40914a..dfcb7db3c8 100644
--- a/modules/setting/config_env.go
+++ b/modules/setting/config_env.go
@@ -97,7 +97,7 @@ func decodeEnvSectionKey(encoded string) (ok bool, section, key string) {
 
 // decodeEnvironmentKey decode the environment key to section and key
 // The environment key is in the form of GITEA__SECTION__KEY or GITEA__SECTION__KEY__FILE
-func decodeEnvironmentKey(prefixGitea, suffixFile, envKey string) (ok bool, section, key string, useFileValue bool) {
+func decodeEnvironmentKey(prefixGitea, suffixFile, envKey string) (ok bool, section, key string, useFileValue bool) { //nolint:unparam
 	if !strings.HasPrefix(envKey, prefixGitea) {
 		return false, "", "", false
 	}
diff --git a/modules/setting/storage.go b/modules/setting/storage.go
index d44c968423..d6f7672b61 100644
--- a/modules/setting/storage.go
+++ b/modules/setting/storage.go
@@ -161,7 +161,7 @@ const (
 	targetSecIsSec                                  // target section is from the name seciont [name]
 )
 
-func getStorageSectionByType(rootCfg ConfigProvider, typ string) (ConfigSection, targetSecType, error) {
+func getStorageSectionByType(rootCfg ConfigProvider, typ string) (ConfigSection, targetSecType, error) { //nolint:unparam
 	targetSec, err := rootCfg.GetSection(storageSectionName + "." + typ)
 	if err != nil {
 		if !IsValidStorageType(StorageType(typ)) {
diff --git a/modules/storage/azureblob.go b/modules/storage/azureblob.go
index 52a7d1637e..211522c5bb 100644
--- a/modules/storage/azureblob.go
+++ b/modules/storage/azureblob.go
@@ -163,10 +163,7 @@ func (a *AzureBlobStorage) getObjectNameFromPath(path string) string {
 
 // Open opens a file
 func (a *AzureBlobStorage) Open(path string) (Object, error) {
-	blobClient, err := a.getBlobClient(path)
-	if err != nil {
-		return nil, convertAzureBlobErr(err)
-	}
+	blobClient := a.getBlobClient(path)
 	res, err := blobClient.GetProperties(a.ctx, &blob.GetPropertiesOptions{})
 	if err != nil {
 		return nil, convertAzureBlobErr(err)
@@ -229,10 +226,7 @@ func (a azureBlobFileInfo) Sys() any {
 
 // Stat returns the stat information of the object
 func (a *AzureBlobStorage) Stat(path string) (os.FileInfo, error) {
-	blobClient, err := a.getBlobClient(path)
-	if err != nil {
-		return nil, convertAzureBlobErr(err)
-	}
+	blobClient := a.getBlobClient(path)
 	res, err := blobClient.GetProperties(a.ctx, &blob.GetPropertiesOptions{})
 	if err != nil {
 		return nil, convertAzureBlobErr(err)
@@ -247,20 +241,14 @@ func (a *AzureBlobStorage) Stat(path string) (os.FileInfo, error) {
 
 // Delete delete a file
 func (a *AzureBlobStorage) Delete(path string) error {
-	blobClient, err := a.getBlobClient(path)
-	if err != nil {
-		return convertAzureBlobErr(err)
-	}
-	_, err = blobClient.Delete(a.ctx, nil)
+	blobClient := a.getBlobClient(path)
+	_, err := blobClient.Delete(a.ctx, nil)
 	return convertAzureBlobErr(err)
 }
 
 // URL gets the redirect URL to a file. The presigned link is valid for 5 minutes.
 func (a *AzureBlobStorage) URL(path, name string) (*url.URL, error) {
-	blobClient, err := a.getBlobClient(path)
-	if err != nil {
-		return nil, convertAzureBlobErr(err)
-	}
+	blobClient := a.getBlobClient(path)
 
 	startTime := time.Now()
 	u, err := blobClient.GetSASURL(sas.BlobPermissions{
@@ -290,10 +278,7 @@ func (a *AzureBlobStorage) IterateObjects(dirName string, fn func(path string, o
 			return convertAzureBlobErr(err)
 		}
 		for _, object := range resp.Segment.BlobItems {
-			blobClient, err := a.getBlobClient(*object.Name)
-			if err != nil {
-				return convertAzureBlobErr(err)
-			}
+			blobClient := a.getBlobClient(*object.Name)
 			object := &azureBlobObject{
 				Context:    a.ctx,
 				blobClient: blobClient,
@@ -313,8 +298,8 @@ func (a *AzureBlobStorage) IterateObjects(dirName string, fn func(path string, o
 }
 
 // Delete delete a file
-func (a *AzureBlobStorage) getBlobClient(path string) (*blob.Client, error) {
-	return a.client.ServiceClient().NewContainerClient(a.cfg.Container).NewBlobClient(a.buildAzureBlobPath(path)), nil
+func (a *AzureBlobStorage) getBlobClient(path string) *blob.Client {
+	return a.client.ServiceClient().NewContainerClient(a.cfg.Container).NewBlobClient(a.buildAzureBlobPath(path))
 }
 
 func init() {
diff --git a/modules/util/keypair.go b/modules/util/keypair.go
index 8b86c142af..07f27bd1ba 100644
--- a/modules/util/keypair.go
+++ b/modules/util/keypair.go
@@ -15,10 +15,7 @@ import (
 // GenerateKeyPair generates a public and private keypair
 func GenerateKeyPair(bits int) (string, string, error) {
 	priv, _ := rsa.GenerateKey(rand.Reader, bits)
-	privPem, err := pemBlockForPriv(priv)
-	if err != nil {
-		return "", "", err
-	}
+	privPem := pemBlockForPriv(priv)
 	pubPem, err := pemBlockForPub(&priv.PublicKey)
 	if err != nil {
 		return "", "", err
@@ -26,12 +23,12 @@ func GenerateKeyPair(bits int) (string, string, error) {
 	return privPem, pubPem, nil
 }
 
-func pemBlockForPriv(priv *rsa.PrivateKey) (string, error) {
+func pemBlockForPriv(priv *rsa.PrivateKey) string {
 	privBytes := pem.EncodeToMemory(&pem.Block{
 		Type:  "RSA PRIVATE KEY",
 		Bytes: x509.MarshalPKCS1PrivateKey(priv),
 	})
-	return string(privBytes), nil
+	return string(privBytes)
 }
 
 func pemBlockForPub(pub *rsa.PublicKey) (string, error) {
diff --git a/routers/api/actions/artifacts.go b/routers/api/actions/artifacts.go
index 16af957d0f..72a2a26c47 100644
--- a/routers/api/actions/artifacts.go
+++ b/routers/api/actions/artifacts.go
@@ -242,16 +242,12 @@ func (ar artifactRoutes) uploadArtifact(ctx *ArtifactContext) {
 	}
 
 	// get upload file size
-	fileRealTotalSize, contentLength, err := getUploadFileSize(ctx)
-	if err != nil {
-		log.Error("Error get upload file size: %v", err)
-		ctx.Error(http.StatusInternalServerError, "Error get upload file size")
-		return
-	}
+	fileRealTotalSize, contentLength := getUploadFileSize(ctx)
 
 	// get artifact retention days
 	expiredDays := setting.Actions.ArtifactRetentionDays
 	if queryRetentionDays := ctx.Req.URL.Query().Get("retentionDays"); queryRetentionDays != "" {
+		var err error
 		expiredDays, err = strconv.ParseInt(queryRetentionDays, 10, 64)
 		if err != nil {
 			log.Error("Error parse retention days: %v", err)
diff --git a/routers/api/actions/artifacts_utils.go b/routers/api/actions/artifacts_utils.go
index aaf89ef40e..3517d57f78 100644
--- a/routers/api/actions/artifacts_utils.go
+++ b/routers/api/actions/artifacts_utils.go
@@ -43,7 +43,7 @@ func validateRunID(ctx *ArtifactContext) (*actions.ActionTask, int64, bool) {
 	return task, runID, true
 }
 
-func validateRunIDV4(ctx *ArtifactContext, rawRunID string) (*actions.ActionTask, int64, bool) {
+func validateRunIDV4(ctx *ArtifactContext, rawRunID string) (*actions.ActionTask, int64, bool) { //nolint:unparam
 	task := ctx.ActionTask
 	runID, err := strconv.ParseInt(rawRunID, 10, 64)
 	if err != nil || task.Job.RunID != runID {
@@ -84,11 +84,11 @@ func parseArtifactItemPath(ctx *ArtifactContext) (string, string, bool) {
 
 // getUploadFileSize returns the size of the file to be uploaded.
 // The raw size is the size of the file as reported by the header X-TFS-FileLength.
-func getUploadFileSize(ctx *ArtifactContext) (int64, int64, error) {
+func getUploadFileSize(ctx *ArtifactContext) (int64, int64) {
 	contentLength := ctx.Req.ContentLength
 	xTfsLength, _ := strconv.ParseInt(ctx.Req.Header.Get(artifactXTfsFileLengthHeader), 10, 64)
 	if xTfsLength > 0 {
-		return xTfsLength, contentLength, nil
+		return xTfsLength, contentLength
 	}
-	return contentLength, contentLength, nil
+	return contentLength, contentLength
 }
diff --git a/routers/api/packages/container/blob.go b/routers/api/packages/container/blob.go
index f2d63297c1..9e3a47076c 100644
--- a/routers/api/packages/container/blob.go
+++ b/routers/api/packages/container/blob.go
@@ -26,7 +26,7 @@ var uploadVersionMutex sync.Mutex
 
 // saveAsPackageBlob creates a package blob from an upload
 // The uploaded blob gets stored in a special upload version to link them to the package/image
-func saveAsPackageBlob(ctx context.Context, hsr packages_module.HashedSizeReader, pci *packages_service.PackageCreationInfo) (*packages_model.PackageBlob, error) {
+func saveAsPackageBlob(ctx context.Context, hsr packages_module.HashedSizeReader, pci *packages_service.PackageCreationInfo) (*packages_model.PackageBlob, error) { //nolint:unparam
 	pb := packages_service.NewPackageBlob(hsr)
 
 	exists := false
diff --git a/routers/api/packages/nuget/nuget.go b/routers/api/packages/nuget/nuget.go
index 3633d0d007..0d7212d7f7 100644
--- a/routers/api/packages/nuget/nuget.go
+++ b/routers/api/packages/nuget/nuget.go
@@ -36,7 +36,7 @@ func apiError(ctx *context.Context, status int, obj any) {
 	})
 }
 
-func xmlResponse(ctx *context.Context, status int, obj any) {
+func xmlResponse(ctx *context.Context, status int, obj any) { //nolint:unparam
 	ctx.Resp.Header().Set("Content-Type", "application/atom+xml; charset=utf-8")
 	ctx.Resp.WriteHeader(status)
 	if _, err := ctx.Resp.Write([]byte(xml.Header)); err != nil {
diff --git a/routers/api/v1/repo/compare.go b/routers/api/v1/repo/compare.go
index cfd61d768c..429145c714 100644
--- a/routers/api/v1/repo/compare.go
+++ b/routers/api/v1/repo/compare.go
@@ -64,7 +64,7 @@ func CompareDiff(ctx *context.APIContext) {
 		}
 	}
 
-	_, _, headGitRepo, ci, _, _ := parseCompareInfo(ctx, api.CreatePullRequestOption{
+	_, headGitRepo, ci, _, _ := parseCompareInfo(ctx, api.CreatePullRequestOption{
 		Base: infos[0],
 		Head: infos[1],
 	})
diff --git a/routers/api/v1/repo/pull.go b/routers/api/v1/repo/pull.go
index 4014fe80f3..1fc94708da 100644
--- a/routers/api/v1/repo/pull.go
+++ b/routers/api/v1/repo/pull.go
@@ -408,7 +408,7 @@ func CreatePullRequest(ctx *context.APIContext) {
 	)
 
 	// Get repo/branch information
-	_, headRepo, headGitRepo, compareInfo, baseBranch, headBranch := parseCompareInfo(ctx, form)
+	headRepo, headGitRepo, compareInfo, baseBranch, headBranch := parseCompareInfo(ctx, form)
 	if ctx.Written() {
 		return
 	}
@@ -1054,7 +1054,7 @@ func MergePullRequest(ctx *context.APIContext) {
 	ctx.Status(http.StatusOK)
 }
 
-func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption) (*user_model.User, *repo_model.Repository, *git.Repository, *git.CompareInfo, string, string) {
+func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption) (*repo_model.Repository, *git.Repository, *git.CompareInfo, string, string) {
 	baseRepo := ctx.Repo.Repository
 
 	// Get compared branches information
@@ -1087,14 +1087,14 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 			} else {
 				ctx.Error(http.StatusInternalServerError, "GetUserByName", err)
 			}
-			return nil, nil, nil, nil, "", ""
+			return nil, nil, nil, "", ""
 		}
 		headBranch = headInfos[1]
 		// The head repository can also point to the same repo
 		isSameRepo = ctx.Repo.Owner.ID == headUser.ID
 	} else {
 		ctx.NotFound()
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	ctx.Repo.PullRequest.SameRepo = isSameRepo
@@ -1102,7 +1102,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	// Check if base branch is valid.
 	if !ctx.Repo.GitRepo.IsBranchExist(baseBranch) && !ctx.Repo.GitRepo.IsTagExist(baseBranch) {
 		ctx.NotFound("BaseNotExist")
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	// Check if current user has fork of repository or in the same repository.
@@ -1110,7 +1110,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	if headRepo == nil && !isSameRepo {
 		log.Trace("parseCompareInfo[%d]: does not have fork or in same repository", baseRepo.ID)
 		ctx.NotFound("GetForkedRepo")
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	var headGitRepo *git.Repository
@@ -1121,7 +1121,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 		headGitRepo, err = gitrepo.OpenRepository(ctx, headRepo)
 		if err != nil {
 			ctx.Error(http.StatusInternalServerError, "OpenRepository", err)
-			return nil, nil, nil, nil, "", ""
+			return nil, nil, nil, "", ""
 		}
 	}
 
@@ -1130,7 +1130,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	if err != nil {
 		headGitRepo.Close()
 		ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 	if !permBase.CanReadIssuesOrPulls(true) || !permBase.CanRead(unit.TypeCode) {
 		if log.IsTrace() {
@@ -1141,7 +1141,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 		}
 		headGitRepo.Close()
 		ctx.NotFound("Can't read pulls or can't read UnitTypeCode")
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	// user should have permission to read headrepo's codes
@@ -1149,7 +1149,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	if err != nil {
 		headGitRepo.Close()
 		ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 	if !permHead.CanRead(unit.TypeCode) {
 		if log.IsTrace() {
@@ -1160,24 +1160,24 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 		}
 		headGitRepo.Close()
 		ctx.NotFound("Can't read headRepo UnitTypeCode")
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	// Check if head branch is valid.
 	if !headGitRepo.IsBranchExist(headBranch) && !headGitRepo.IsTagExist(headBranch) {
 		headGitRepo.Close()
 		ctx.NotFound()
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
 	compareInfo, err := headGitRepo.GetCompareInfo(repo_model.RepoPath(baseRepo.Owner.Name, baseRepo.Name), baseBranch, headBranch, false, false)
 	if err != nil {
 		headGitRepo.Close()
 		ctx.Error(http.StatusInternalServerError, "GetCompareInfo", err)
-		return nil, nil, nil, nil, "", ""
+		return nil, nil, nil, "", ""
 	}
 
-	return headUser, headRepo, headGitRepo, compareInfo, baseBranch, headBranch
+	return headRepo, headGitRepo, compareInfo, baseBranch, headBranch
 }
 
 // UpdatePullRequest merge PR's baseBranch into headBranch
diff --git a/routers/web/admin/config.go b/routers/web/admin/config.go
index fd8c73b62d..2a842cff82 100644
--- a/routers/web/admin/config.go
+++ b/routers/web/admin/config.go
@@ -183,7 +183,7 @@ func ChangeConfig(ctx *context.Context) {
 	value := ctx.FormString("value")
 	cfg := setting.Config()
 
-	marshalBool := func(v string) (string, error) {
+	marshalBool := func(v string) (string, error) { //nolint:unparam
 		if b, _ := strconv.ParseBool(v); b {
 			return "true", nil
 		}
diff --git a/services/pull/merge.go b/services/pull/merge.go
index 6b5e9ea330..9ef3fb2e05 100644
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@@ -246,7 +246,7 @@ func Merge(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.U
 }
 
 // doMergeAndPush performs the merge operation without changing any pull information in database and pushes it up to the base repository
-func doMergeAndPush(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, mergeStyle repo_model.MergeStyle, expectedHeadCommitID, message string, pushTrigger repo_module.PushTrigger) (string, error) {
+func doMergeAndPush(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, mergeStyle repo_model.MergeStyle, expectedHeadCommitID, message string, pushTrigger repo_module.PushTrigger) (string, error) { //nolint:unparam
 	// Clone base repo.
 	mergeCtx, cancel, err := createTemporaryRepoForMerge(ctx, pr, doer, expectedHeadCommitID)
 	if err != nil {
diff --git a/services/webhook/dingtalk.go b/services/webhook/dingtalk.go
index c57d04415a..f6018f7374 100644
--- a/services/webhook/dingtalk.go
+++ b/services/webhook/dingtalk.go
@@ -190,6 +190,6 @@ type dingtalkConvertor struct{}
 
 var _ payloadConvertor[DingtalkPayload] = dingtalkConvertor{}
 
-func newDingtalkRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newDingtalkRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	return newJSONRequest(dingtalkConvertor{}, w, t, true)
 }
diff --git a/services/webhook/discord.go b/services/webhook/discord.go
index 3883ac9eb8..31332396f2 100644
--- a/services/webhook/discord.go
+++ b/services/webhook/discord.go
@@ -260,7 +260,7 @@ type discordConvertor struct {
 
 var _ payloadConvertor[DiscordPayload] = discordConvertor{}
 
-func newDiscordRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newDiscordRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	meta := &DiscordMeta{}
 	if err := json.Unmarshal([]byte(w.Meta), meta); err != nil {
 		return nil, nil, fmt.Errorf("newDiscordRequest meta json: %w", err)
diff --git a/services/webhook/feishu.go b/services/webhook/feishu.go
index 1ec436894b..38f324aa7b 100644
--- a/services/webhook/feishu.go
+++ b/services/webhook/feishu.go
@@ -168,6 +168,6 @@ type feishuConvertor struct{}
 
 var _ payloadConvertor[FeishuPayload] = feishuConvertor{}
 
-func newFeishuRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newFeishuRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	return newJSONRequest(feishuConvertor{}, w, t, true)
 }
diff --git a/services/webhook/matrix.go b/services/webhook/matrix.go
index 5dcfdcb0dd..e649a07609 100644
--- a/services/webhook/matrix.go
+++ b/services/webhook/matrix.go
@@ -24,7 +24,7 @@ import (
 	webhook_module "code.gitea.io/gitea/modules/webhook"
 )
 
-func newMatrixRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newMatrixRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	meta := &MatrixMeta{}
 	if err := json.Unmarshal([]byte(w.Meta), meta); err != nil {
 		return nil, nil, fmt.Errorf("GetMatrixPayload meta json: %w", err)
diff --git a/services/webhook/msteams.go b/services/webhook/msteams.go
index 99d0106184..b052b9da10 100644
--- a/services/webhook/msteams.go
+++ b/services/webhook/msteams.go
@@ -347,6 +347,6 @@ type msteamsConvertor struct{}
 
 var _ payloadConvertor[MSTeamsPayload] = msteamsConvertor{}
 
-func newMSTeamsRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newMSTeamsRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	return newJSONRequest(msteamsConvertor{}, w, t, true)
 }
diff --git a/services/webhook/packagist.go b/services/webhook/packagist.go
index 7880d8b606..593b97a174 100644
--- a/services/webhook/packagist.go
+++ b/services/webhook/packagist.go
@@ -112,7 +112,7 @@ type packagistConvertor struct {
 
 var _ payloadConvertor[PackagistPayload] = packagistConvertor{}
 
-func newPackagistRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newPackagistRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	meta := &PackagistMeta{}
 	if err := json.Unmarshal([]byte(w.Meta), meta); err != nil {
 		return nil, nil, fmt.Errorf("newpackagistRequest meta json: %w", err)
diff --git a/services/webhook/slack.go b/services/webhook/slack.go
index ba8bac27d9..ffa2936bea 100644
--- a/services/webhook/slack.go
+++ b/services/webhook/slack.go
@@ -283,7 +283,7 @@ type slackConvertor struct {
 
 var _ payloadConvertor[SlackPayload] = slackConvertor{}
 
-func newSlackRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newSlackRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	meta := &SlackMeta{}
 	if err := json.Unmarshal([]byte(w.Meta), meta); err != nil {
 		return nil, nil, fmt.Errorf("newSlackRequest meta json: %w", err)
diff --git a/services/webhook/telegram.go b/services/webhook/telegram.go
index c2b4820032..de6c878dad 100644
--- a/services/webhook/telegram.go
+++ b/services/webhook/telegram.go
@@ -191,6 +191,6 @@ type telegramConvertor struct{}
 
 var _ payloadConvertor[TelegramPayload] = telegramConvertor{}
 
-func newTelegramRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newTelegramRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	return newJSONRequest(telegramConvertor{}, w, t, true)
 }
diff --git a/services/webhook/wechatwork.go b/services/webhook/wechatwork.go
index 46e7856ecf..2e9d31cb7c 100644
--- a/services/webhook/wechatwork.go
+++ b/services/webhook/wechatwork.go
@@ -177,6 +177,6 @@ type wechatworkConvertor struct{}
 
 var _ payloadConvertor[WechatworkPayload] = wechatworkConvertor{}
 
-func newWechatworkRequest(ctx context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
+func newWechatworkRequest(_ context.Context, w *webhook_model.Webhook, t *webhook_model.HookTask) (*http.Request, []byte, error) {
 	return newJSONRequest(wechatworkConvertor{}, w, t, true)
 }

From e25d6960b5749fbf7f88ebb6b27878c0459817da Mon Sep 17 00:00:00 2001
From: Zoupers Zou <1171443643@qq.com>
Date: Wed, 12 Jun 2024 06:22:28 +0800
Subject: [PATCH 15/46] Fix #31185 try fix lfs download from bitbucket failed
 (#31201)

Fix #31185
---
 modules/lfs/http_client.go                   |  4 ++--
 modules/lfs/http_client_test.go              |  4 ++--
 modules/lfs/shared.go                        |  2 ++
 modules/lfs/transferadapter.go               |  1 +
 modules/lfs/transferadapter_test.go          |  2 +-
 services/lfs/server.go                       |  2 +-
 tests/integration/api_repo_lfs_locks_test.go | 10 +++++-----
 tests/integration/api_repo_lfs_test.go       |  4 ++--
 8 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/modules/lfs/http_client.go b/modules/lfs/http_client.go
index e06879baea..f5ddd38b09 100644
--- a/modules/lfs/http_client.go
+++ b/modules/lfs/http_client.go
@@ -211,7 +211,7 @@ func createRequest(ctx context.Context, method, url string, headers map[string]s
 	for key, value := range headers {
 		req.Header.Set(key, value)
 	}
-	req.Header.Set("Accept", MediaType)
+	req.Header.Set("Accept", AcceptHeader)
 
 	return req, nil
 }
@@ -251,6 +251,6 @@ func handleErrorResponse(resp *http.Response) error {
 		return err
 	}
 
-	log.Trace("ErrorResponse: %v", er)
+	log.Trace("ErrorResponse(%v): %v", resp.Status, er)
 	return errors.New(er.Message)
 }
diff --git a/modules/lfs/http_client_test.go b/modules/lfs/http_client_test.go
index 7459d9c0c9..7431132f76 100644
--- a/modules/lfs/http_client_test.go
+++ b/modules/lfs/http_client_test.go
@@ -155,7 +155,7 @@ func TestHTTPClientDownload(t *testing.T) {
 	hc := &http.Client{Transport: RoundTripFunc(func(req *http.Request) *http.Response {
 		assert.Equal(t, "POST", req.Method)
 		assert.Equal(t, MediaType, req.Header.Get("Content-type"))
-		assert.Equal(t, MediaType, req.Header.Get("Accept"))
+		assert.Equal(t, AcceptHeader, req.Header.Get("Accept"))
 
 		var batchRequest BatchRequest
 		err := json.NewDecoder(req.Body).Decode(&batchRequest)
@@ -263,7 +263,7 @@ func TestHTTPClientUpload(t *testing.T) {
 	hc := &http.Client{Transport: RoundTripFunc(func(req *http.Request) *http.Response {
 		assert.Equal(t, "POST", req.Method)
 		assert.Equal(t, MediaType, req.Header.Get("Content-type"))
-		assert.Equal(t, MediaType, req.Header.Get("Accept"))
+		assert.Equal(t, AcceptHeader, req.Header.Get("Accept"))
 
 		var batchRequest BatchRequest
 		err := json.NewDecoder(req.Body).Decode(&batchRequest)
diff --git a/modules/lfs/shared.go b/modules/lfs/shared.go
index 6b2e55f2fb..80f4fed00d 100644
--- a/modules/lfs/shared.go
+++ b/modules/lfs/shared.go
@@ -10,6 +10,8 @@ import (
 const (
 	// MediaType contains the media type for LFS server requests
 	MediaType = "application/vnd.git-lfs+json"
+	// Some LFS servers offer content with other types, so fallback to '*/*' if application/vnd.git-lfs+json cannot be served
+	AcceptHeader = "application/vnd.git-lfs+json;q=0.9, */*;q=0.8"
 )
 
 // BatchRequest contains multiple requests processed in one batch operation.
diff --git a/modules/lfs/transferadapter.go b/modules/lfs/transferadapter.go
index d425b91946..fbc3a3ad8c 100644
--- a/modules/lfs/transferadapter.go
+++ b/modules/lfs/transferadapter.go
@@ -37,6 +37,7 @@ func (a *BasicTransferAdapter) Download(ctx context.Context, l *Link) (io.ReadCl
 	if err != nil {
 		return nil, err
 	}
+	log.Debug("Download Request: %+v", req)
 	resp, err := performRequest(ctx, a.client, req)
 	if err != nil {
 		return nil, err
diff --git a/modules/lfs/transferadapter_test.go b/modules/lfs/transferadapter_test.go
index 6023cd07d3..7fec137efe 100644
--- a/modules/lfs/transferadapter_test.go
+++ b/modules/lfs/transferadapter_test.go
@@ -26,7 +26,7 @@ func TestBasicTransferAdapter(t *testing.T) {
 	p := Pointer{Oid: "b5a2c96250612366ea272ffac6d9744aaf4b45aacd96aa7cfcb931ee3b558259", Size: 5}
 
 	roundTripHandler := func(req *http.Request) *http.Response {
-		assert.Equal(t, MediaType, req.Header.Get("Accept"))
+		assert.Equal(t, AcceptHeader, req.Header.Get("Accept"))
 		assert.Equal(t, "test-value", req.Header.Get("test-header"))
 
 		url := req.URL.String()
diff --git a/services/lfs/server.go b/services/lfs/server.go
index 2e330aa1a4..ae3dffe0c2 100644
--- a/services/lfs/server.go
+++ b/services/lfs/server.go
@@ -477,7 +477,7 @@ func buildObjectResponse(rc *requestContext, pointer lfs_module.Pointer, downloa
 			}
 
 			// This is only needed to workaround https://github.com/git-lfs/git-lfs/issues/3662
-			verifyHeader["Accept"] = lfs_module.MediaType
+			verifyHeader["Accept"] = lfs_module.AcceptHeader
 
 			rep.Actions["verify"] = &lfs_module.Link{Href: rc.VerifyLink(pointer), Header: verifyHeader}
 		}
diff --git a/tests/integration/api_repo_lfs_locks_test.go b/tests/integration/api_repo_lfs_locks_test.go
index 5aa1396941..427e0b9fb1 100644
--- a/tests/integration/api_repo_lfs_locks_test.go
+++ b/tests/integration/api_repo_lfs_locks_test.go
@@ -105,7 +105,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 	for _, test := range tests {
 		session := loginUser(t, test.user.Name)
 		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks", test.repo.FullName()), map[string]string{"path": test.path})
-		req.Header.Set("Accept", lfs.MediaType)
+		req.Header.Set("Accept", lfs.AcceptHeader)
 		req.Header.Set("Content-Type", lfs.MediaType)
 		resp := session.MakeRequest(t, req, test.httpResult)
 		if len(test.addTime) > 0 {
@@ -123,7 +123,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 	for _, test := range resultsTests {
 		session := loginUser(t, test.user.Name)
 		req := NewRequestf(t, "GET", "/%s.git/info/lfs/locks", test.repo.FullName())
-		req.Header.Set("Accept", lfs.MediaType)
+		req.Header.Set("Accept", lfs.AcceptHeader)
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		var lfsLocks api.LFSLockList
 		DecodeJSON(t, resp, &lfsLocks)
@@ -135,7 +135,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 		}
 
 		req = NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks/verify", test.repo.FullName()), map[string]string{})
-		req.Header.Set("Accept", lfs.MediaType)
+		req.Header.Set("Accept", lfs.AcceptHeader)
 		req.Header.Set("Content-Type", lfs.MediaType)
 		resp = session.MakeRequest(t, req, http.StatusOK)
 		var lfsLocksVerify api.LFSLockListVerify
@@ -159,7 +159,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 	for _, test := range deleteTests {
 		session := loginUser(t, test.user.Name)
 		req := NewRequestWithJSON(t, "POST", fmt.Sprintf("/%s.git/info/lfs/locks/%s/unlock", test.repo.FullName(), test.lockID), map[string]string{})
-		req.Header.Set("Accept", lfs.MediaType)
+		req.Header.Set("Accept", lfs.AcceptHeader)
 		req.Header.Set("Content-Type", lfs.MediaType)
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		var lfsLockRep api.LFSLockResponse
@@ -172,7 +172,7 @@ func TestAPILFSLocksLogged(t *testing.T) {
 	for _, test := range resultsTests {
 		session := loginUser(t, test.user.Name)
 		req := NewRequestf(t, "GET", "/%s.git/info/lfs/locks", test.repo.FullName())
-		req.Header.Set("Accept", lfs.MediaType)
+		req.Header.Set("Accept", lfs.AcceptHeader)
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		var lfsLocks api.LFSLockList
 		DecodeJSON(t, resp, &lfsLocks)
diff --git a/tests/integration/api_repo_lfs_test.go b/tests/integration/api_repo_lfs_test.go
index 211dcf76c1..6b42b83bc5 100644
--- a/tests/integration/api_repo_lfs_test.go
+++ b/tests/integration/api_repo_lfs_test.go
@@ -84,7 +84,7 @@ func TestAPILFSBatch(t *testing.T) {
 
 	newRequest := func(t testing.TB, br *lfs.BatchRequest) *RequestWrapper {
 		return NewRequestWithJSON(t, "POST", "/user2/lfs-batch-repo.git/info/lfs/objects/batch", br).
-			SetHeader("Accept", lfs.MediaType).
+			SetHeader("Accept", lfs.AcceptHeader).
 			SetHeader("Content-Type", lfs.MediaType)
 	}
 	decodeResponse := func(t *testing.T, b *bytes.Buffer) *lfs.BatchResponse {
@@ -447,7 +447,7 @@ func TestAPILFSVerify(t *testing.T) {
 
 	newRequest := func(t testing.TB, p *lfs.Pointer) *RequestWrapper {
 		return NewRequestWithJSON(t, "POST", "/user2/lfs-verify-repo.git/info/lfs/verify", p).
-			SetHeader("Accept", lfs.MediaType).
+			SetHeader("Accept", lfs.AcceptHeader).
 			SetHeader("Content-Type", lfs.MediaType)
 	}
 

From a975ce8d9db773b060b7233e91fd490b6a6bfe46 Mon Sep 17 00:00:00 2001
From: Kerwin Bryant <kerwin612@qq.com>
Date: Wed, 12 Jun 2024 12:06:12 +0800
Subject: [PATCH 16/46] Optimize profile layout to enhance visual experience
 (#31278)

Co-authored-by: silverwind <me@silverwind.io>
---
 templates/shared/user/profile_big_avatar.tmpl | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/templates/shared/user/profile_big_avatar.tmpl b/templates/shared/user/profile_big_avatar.tmpl
index 29c6eb0eb0..1069209495 100644
--- a/templates/shared/user/profile_big_avatar.tmpl
+++ b/templates/shared/user/profile_big_avatar.tmpl
@@ -48,16 +48,8 @@
 				<li>
 					{{svg "octicon-mail"}}
 					<a class="tw-flex-1" href="mailto:{{.ContextUser.Email}}" rel="nofollow">{{.ContextUser.Email}}</a>
-					<a href="{{AppSubUrl}}/user/settings#privacy-user-settings">
-						{{if .ShowUserEmail}}
-							<i data-tooltip-content="{{ctx.Locale.Tr "user.email_visibility.limited"}}">
-								{{svg "octicon-unlock"}}
-							</i>
-						{{else}}
-							<i data-tooltip-content="{{ctx.Locale.Tr "user.email_visibility.private"}}">
-								{{svg "octicon-lock"}}
-							</i>
-						{{end}}
+					<a class="flex-text-inline" href="{{AppSubUrl}}/user/settings#privacy-user-settings" data-tooltip-content="{{ctx.Locale.Tr (Iif .ShowUserEmail "user.email_visibility.limited" "user.email_visibility.private")}}">
+						{{svg (Iif .ShowUserEmail "octicon-unlock" "octicon-lock")}}
 					</a>
 				</li>
 			{{else}}

From 1968c2222dcf47ebd1697afb4e79a81e74702d31 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Wed, 12 Jun 2024 18:22:01 +0800
Subject: [PATCH 17/46] Fix adopt repository has empty object name in database
 (#31333)

Fix #31330
Fix #31311

A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.
---
 modules/repository/branch.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/repository/branch.go b/modules/repository/branch.go
index a3fca7c7ce..2bf9930f19 100644
--- a/modules/repository/branch.go
+++ b/modules/repository/branch.go
@@ -45,6 +45,7 @@ func SyncRepoBranchesWithRepo(ctx context.Context, repo *repo_model.Repository,
 	if err != nil {
 		return 0, fmt.Errorf("UpdateRepository: %w", err)
 	}
+	repo.ObjectFormatName = objFmt.Name() // keep consistent with db
 
 	allBranches := container.Set[string]{}
 	{

From 130ea31d6d4105d466185759186c5ece5148731f Mon Sep 17 00:00:00 2001
From: Yarden Shoham <git@yardenshoham.com>
Date: Wed, 12 Jun 2024 13:27:00 +0300
Subject: [PATCH 18/46] Fix dates displaying in a wrong manner when we're close
 to the end of the month (#31331)

I tested and all timestamps work as before.

- Reference https://github.com/github/relative-time-element/pull/285
- Fixes https://github.com/go-gitea/gitea/issues/31197

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 8b1ba766d5..56c6f8643e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,7 +10,7 @@
         "@citation-js/plugin-csl": "0.7.11",
         "@citation-js/plugin-software-formats": "0.6.1",
         "@github/markdown-toolbar-element": "2.2.3",
-        "@github/relative-time-element": "4.4.1",
+        "@github/relative-time-element": "4.4.2",
         "@github/text-expander-element": "2.6.1",
         "@mcaptcha/vanilla-glue": "0.1.0-alpha-3",
         "@primer/octicons": "19.9.0",
@@ -1028,9 +1028,9 @@
       "integrity": "sha512-AlquKGee+IWiAMYVB0xyHFZRMnu4n3X4HTvJHu79GiVJ1ojTukCWyxMlF5NMsecoLcBKsuBhx3QPv2vkE/zQ0A=="
     },
     "node_modules/@github/relative-time-element": {
-      "version": "4.4.1",
-      "resolved": "https://registry.npmjs.org/@github/relative-time-element/-/relative-time-element-4.4.1.tgz",
-      "integrity": "sha512-E2vRcIgDj8AHv/iHpQMLJ/RqKOJ704OXkKw6+Zdhk3X+kVQhOf3Wj8KVz4DfCQ1eOJR8XxY6XVv73yd+pjMfXA=="
+      "version": "4.4.2",
+      "resolved": "https://registry.npmjs.org/@github/relative-time-element/-/relative-time-element-4.4.2.tgz",
+      "integrity": "sha512-wTXunu3hmuGljA5CHaaoUIKV0oI35wno0FKJl2yqKplTRnsCA5bPNj4bDeVIubkuskql6jwionWLlGM1Y6QLaw=="
     },
     "node_modules/@github/text-expander-element": {
       "version": "2.6.1",
diff --git a/package.json b/package.json
index 5add488bb6..a0f9b343b4 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,7 @@
     "@citation-js/plugin-csl": "0.7.11",
     "@citation-js/plugin-software-formats": "0.6.1",
     "@github/markdown-toolbar-element": "2.2.3",
-    "@github/relative-time-element": "4.4.1",
+    "@github/relative-time-element": "4.4.2",
     "@github/text-expander-element": "2.6.1",
     "@mcaptcha/vanilla-glue": "0.1.0-alpha-3",
     "@primer/octicons": "19.9.0",

From 45dbeb5600d1f552c0134721fe49e8fd1099b5a4 Mon Sep 17 00:00:00 2001
From: Rowan Bohde <rowan.bohde@gmail.com>
Date: Wed, 12 Jun 2024 06:34:35 -0500
Subject: [PATCH 19/46] Reduce memory usage for chunked artifact uploads to
 MinIO (#31325)

When using the MinIO storage driver for Actions Artifacts, we found that
the chunked artifact required significantly more memory usage to both
upload and merge than the local storage driver. This seems to be related
to hardcoding a value of `-1` for the size to the MinIO client [which
has a warning about memory usage in the respective
docs](https://pkg.go.dev/github.com/minio/minio-go/v7#Client.PutObject).
Specifying the size in both the upload and merge case reduces memory
usage of the MinIO client.

Co-authored-by: Kyle D <kdumontnu@gmail.com>
---
 routers/api/actions/artifacts_chunks.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/routers/api/actions/artifacts_chunks.go b/routers/api/actions/artifacts_chunks.go
index bba8ec5f94..3d1a3891d9 100644
--- a/routers/api/actions/artifacts_chunks.go
+++ b/routers/api/actions/artifacts_chunks.go
@@ -39,7 +39,7 @@ func saveUploadChunkBase(st storage.ObjectStorage, ctx *ArtifactContext,
 		r = io.TeeReader(r, hasher)
 	}
 	// save chunk to storage
-	writtenSize, err := st.Save(storagePath, r, -1)
+	writtenSize, err := st.Save(storagePath, r, contentSize)
 	if err != nil {
 		return -1, fmt.Errorf("save chunk to storage error: %v", err)
 	}
@@ -208,7 +208,7 @@ func mergeChunksForArtifact(ctx *ArtifactContext, chunks []*chunkFileItem, st st
 
 	// save merged file
 	storagePath := fmt.Sprintf("%d/%d/%d.%s", artifact.RunID%255, artifact.ID%255, time.Now().UnixNano(), extension)
-	written, err := st.Save(storagePath, mergedReader, -1)
+	written, err := st.Save(storagePath, mergedReader, artifact.FileCompressedSize)
 	if err != nil {
 		return fmt.Errorf("save merged file error: %v", err)
 	}

From 21ba5ca03be47a9a7051d13fcfa258bb03dd93df Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Wed, 12 Jun 2024 16:58:03 +0200
Subject: [PATCH 20/46] Fix navbar `+` menu flashing on page load (#31281)

Fixes
https://github.com/go-gitea/gitea/pull/31273#issuecomment-2153771331.
Same method as used in https://github.com/go-gitea/gitea/pull/30215. All
left-opening dropdowns need to use it method.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
---
 templates/base/head_navbar.tmpl              |  6 ++---
 templates/repo/issue/labels/label_list.tmpl  | 24 +++++++++-----------
 web_src/css/modules/header.css               |  6 -----
 web_src/css/modules/navbar.css               | 20 ++++++++++++----
 web_src/js/components/DiffCommitSelector.vue |  2 +-
 web_src/js/modules/fomantic/dropdown.js      | 16 +++++++++++++
 6 files changed, 46 insertions(+), 28 deletions(-)

diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index 2b52247303..4889924819 100644
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -4,7 +4,7 @@
 {{end}}
 
 <nav id="navbar" aria-label="{{ctx.Locale.Tr "aria.navbar"}}">
-	<div class="navbar-left ui secondary menu">
+	<div class="navbar-left">
 		<!-- the logo -->
 		<a class="item" id="navbar-logo" href="{{AppSubUrl}}/" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}">
 			<img width="30" height="30" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}" aria-hidden="true">
@@ -61,7 +61,7 @@
 	</div>
 
 	<!-- the full dropdown menus -->
-	<div class="navbar-right ui secondary menu">
+	<div class="navbar-right">
 		{{if and .IsSigned .MustChangePassword}}
 			<div class="ui dropdown jump item" data-tooltip-content="{{ctx.Locale.Tr "user_profile_and_more"}}">
 				<span class="text tw-flex tw-items-center">
@@ -104,7 +104,7 @@
 					<span class="not-mobile">{{svg "octicon-triangle-down"}}</span>
 					<span class="only-mobile">{{ctx.Locale.Tr "create_new"}}</span>
 				</span>
-				<div class="menu left">
+				<div class="menu">
 					<a class="item" href="{{AppSubUrl}}/repo/create">
 						{{svg "octicon-plus"}} {{ctx.Locale.Tr "new_repo"}}
 					</a>
diff --git a/templates/repo/issue/labels/label_list.tmpl b/templates/repo/issue/labels/label_list.tmpl
index 8d7fc2c3db..413d6405b2 100644
--- a/templates/repo/issue/labels/label_list.tmpl
+++ b/templates/repo/issue/labels/label_list.tmpl
@@ -1,19 +1,17 @@
 <h4 class="ui top attached header">
 	{{ctx.Locale.Tr "repo.issues.label_count" .NumLabels}}
 	<div class="ui right">
-		<div class="ui secondary menu">
-			<!-- Sort -->
-			<div class="item ui jump dropdown tw-py-2">
-				<span class="text">
-					{{ctx.Locale.Tr "repo.issues.filter_sort"}}
-				</span>
-				{{svg "octicon-triangle-down" 14 "dropdown icon"}}
-				<div class="menu">
-					<a class="{{if or (eq .SortType "alphabetically") (not .SortType)}}active {{end}}item" href="?sort=alphabetically&state={{$.State}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.alphabetically"}}</a>
-					<a class="{{if eq .SortType "reversealphabetically"}}active {{end}}item" href="?sort=reversealphabetically&state={{$.State}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.reverse_alphabetically"}}</a>
-					<a class="{{if eq .SortType "leastissues"}}active {{end}}item" href="?sort=leastissues&state={{$.State}}">{{ctx.Locale.Tr "repo.milestones.filter_sort.least_issues"}}</a>
-					<a class="{{if eq .SortType "mostissues"}}active {{end}}item" href="?sort=mostissues&state={{$.State}}">{{ctx.Locale.Tr "repo.milestones.filter_sort.most_issues"}}</a>
-				</div>
+		<!-- Sort -->
+		<div class="item ui jump dropdown tw-py-2">
+			<span class="text">
+				{{ctx.Locale.Tr "repo.issues.filter_sort"}}
+			</span>
+			{{svg "octicon-triangle-down" 14 "dropdown icon"}}
+			<div class="menu">
+				<a class="{{if or (eq .SortType "alphabetically") (not .SortType)}}active {{end}}item" href="?sort=alphabetically&state={{$.State}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.alphabetically"}}</a>
+				<a class="{{if eq .SortType "reversealphabetically"}}active {{end}}item" href="?sort=reversealphabetically&state={{$.State}}">{{ctx.Locale.Tr "repo.issues.label.filter_sort.reverse_alphabetically"}}</a>
+				<a class="{{if eq .SortType "leastissues"}}active {{end}}item" href="?sort=leastissues&state={{$.State}}">{{ctx.Locale.Tr "repo.milestones.filter_sort.least_issues"}}</a>
+				<a class="{{if eq .SortType "mostissues"}}active {{end}}item" href="?sort=mostissues&state={{$.State}}">{{ctx.Locale.Tr "repo.milestones.filter_sort.most_issues"}}</a>
 			</div>
 		</div>
 	</div> <!-- filter menu -->
diff --git a/web_src/css/modules/header.css b/web_src/css/modules/header.css
index 9cec5fcbe6..20f98bfbac 100644
--- a/web_src/css/modules/header.css
+++ b/web_src/css/modules/header.css
@@ -134,12 +134,6 @@ h4.ui.header .sub.header {
   font-weight: var(--font-weight-normal);
 }
 
-/* open dropdown menus to the left in right-attached headers */
-.ui.attached.header > .ui.right .ui.dropdown .menu {
-  right: 0;
-  left: auto;
-}
-
 /* if a .top.attached.header is followed by a .segment, add some margin */
 .ui.segments + .ui.top.attached.header,
 .ui.attached.segment + .ui.top.attached.header {
diff --git a/web_src/css/modules/navbar.css b/web_src/css/modules/navbar.css
index 848f9331d0..556da2df3b 100644
--- a/web_src/css/modules/navbar.css
+++ b/web_src/css/modules/navbar.css
@@ -19,12 +19,26 @@
   margin: 0;
   display: flex;
   align-items: center;
+  gap: 5px;
 }
 
 #navbar-logo {
   margin: 0;
 }
 
+.navbar-left > .item,
+.navbar-right > .item {
+  color: var(--color-nav-text);
+  position: relative;
+  text-decoration: none;
+  line-height: var(--line-height-default);
+  flex: 0 0 auto;
+  font-weight: var(--font-weight-normal);
+  align-items: center;
+  padding: .78571429em .92857143em;
+  border-radius: .28571429rem;
+}
+
 #navbar .item {
   min-height: 36px;
   min-width: 36px;
@@ -33,10 +47,6 @@
   display: flex;
 }
 
-#navbar > .menu > .item {
-  color: var(--color-nav-text);
-}
-
 #navbar .dropdown .item {
   justify-content: stretch;
 }
@@ -70,7 +80,7 @@
   }
   #navbar .navbar-mobile-right {
     display: flex;
-    margin-left: auto !important;
+    margin: 0 0 0 auto !important;
     width: auto !important;
   }
   #navbar .navbar-mobile-right > .item {
diff --git a/web_src/js/components/DiffCommitSelector.vue b/web_src/js/components/DiffCommitSelector.vue
index c28be67e38..6a4a84f615 100644
--- a/web_src/js/components/DiffCommitSelector.vue
+++ b/web_src/js/components/DiffCommitSelector.vue
@@ -202,7 +202,7 @@ export default {
     >
       <svg-icon name="octicon-git-commit"/>
     </button>
-    <div class="menu left transition" id="diff-commit-selector-menu" :class="{visible: menuVisible}" v-show="menuVisible" v-cloak :aria-expanded="menuVisible ? 'true': 'false'">
+    <div class="left menu" id="diff-commit-selector-menu" :class="{visible: menuVisible}" v-show="menuVisible" v-cloak :aria-expanded="menuVisible ? 'true': 'false'">
       <div class="loading-indicator is-loading" v-if="isLoading"/>
       <div v-if="!isLoading" class="vertical item" id="diff-commit-list-show-all" role="menuitem" @keydown.enter="showAllChanges()" @click="showAllChanges()">
         <div class="gt-ellipsis">
diff --git a/web_src/js/modules/fomantic/dropdown.js b/web_src/js/modules/fomantic/dropdown.js
index 82e710860d..bbffb59152 100644
--- a/web_src/js/modules/fomantic/dropdown.js
+++ b/web_src/js/modules/fomantic/dropdown.js
@@ -94,6 +94,22 @@ function delegateOne($dropdown) {
     updateSelectionLabel($label[0]);
     return $label;
   });
+
+  const oldSet = dropdownCall('internal', 'set');
+  const oldSetDirection = oldSet.direction;
+  oldSet.direction = function($menu) {
+    oldSetDirection.call(this, $menu);
+    const classNames = dropdownCall('setting', 'className');
+    $menu = $menu || $dropdown.find('> .menu');
+    const elMenu = $menu[0];
+    // detect whether the menu is outside the viewport, and adjust the position
+    // there is a bug in fomantic's builtin `direction` function, in some cases (when the menu width is only a little larger) it wrongly opens the menu at right and triggers the scrollbar.
+    elMenu.classList.add(classNames.loading);
+    if (elMenu.getBoundingClientRect().right > document.documentElement.clientWidth) {
+      elMenu.classList.add(classNames.leftward);
+    }
+    elMenu.classList.remove(classNames.loading);
+  };
 }
 
 // for static dropdown elements (generated by server-side template), prepare them with necessary aria attributes

From 90bcdf9829ebc4ce1636f887cd2b032046078d9c Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Wed, 12 Jun 2024 17:23:42 +0200
Subject: [PATCH 21/46] Fix line number widths (#31341)

Fixes regression
https://github.com/go-gitea/gitea/pull/31307#issuecomment-2162554913

Table CSS is weird. A `auto` value does not work and causes the
regression while any pixel value causes another regression in diff where
the code lines do not stretch. Partially revert that PR and clean up
some related too-deep CSS selectors.

<img width="109" alt="Screenshot 2024-06-12 at 15 07 22"
src="https://github.com/go-gitea/gitea/assets/115237/756c5dea-44b8-49f9-8a08-acef68075f62">
<img width="119" alt="Screenshot 2024-06-12 at 15 07 43"
src="https://github.com/go-gitea/gitea/assets/115237/28ae1adc-118e-4016-8d09-033b9f1c9a6f">
<img width="151" alt="Screenshot 2024-06-12 at 15 07 07"
src="https://github.com/go-gitea/gitea/assets/115237/08db7ed9-de4e-405e-874d-c7ebe3082557">
<img width="141" alt="Screenshot 2024-06-12 at 15 07 14"
src="https://github.com/go-gitea/gitea/assets/115237/c4a5492b-1bf1-4773-bc8d-64eb36d823f9">
---
 web_src/css/base.css | 9 +++++++++
 web_src/css/repo.css | 8 --------
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/web_src/css/base.css b/web_src/css/base.css
index 3bdcde99f6..eef4eb6eff 100644
--- a/web_src/css/base.css
+++ b/web_src/css/base.css
@@ -1001,6 +1001,13 @@ overflow-menu .ui.label {
   padding: 0 8px;
   text-align: right !important;
   color: var(--color-text-light-2);
+  width: 1%; /* this apparently needs to be a percentage so that code column stretches in diffs */
+  min-width: 72px;
+  white-space: nowrap;
+}
+
+.code-diff .lines-num {
+  min-width: 50px;
 }
 
 .lines-num span.bottom-line::after {
@@ -1020,6 +1027,7 @@ overflow-menu .ui.label {
 
 .lines-type-marker {
   vertical-align: top;
+  white-space: nowrap;
 }
 
 .lines-num,
@@ -1052,6 +1060,7 @@ overflow-menu .ui.label {
 
 .lines-escape {
   width: 0;
+  white-space: nowrap;
 }
 
 .lines-code {
diff --git a/web_src/css/repo.css b/web_src/css/repo.css
index e44bc9811b..0e3d06650e 100644
--- a/web_src/css/repo.css
+++ b/web_src/css/repo.css
@@ -1555,8 +1555,6 @@ td .commit-summary {
 
 .repository .diff-file-box .file-body.file-code .lines-num {
   text-align: right;
-  width: 1%;
-  min-width: 50px;
 }
 
 .repository .diff-file-box .file-body.file-code .lines-num span.fold {
@@ -1582,12 +1580,6 @@ td .commit-summary {
   table-layout: fixed;
 }
 
-.repository .diff-file-box .code-diff tbody tr td.lines-num,
-.repository .diff-file-box .code-diff tbody tr td.lines-escape,
-.repository .diff-file-box .code-diff tbody tr td.lines-type-marker {
-  white-space: nowrap;
-}
-
 .repository .diff-file-box .code-diff tbody tr td.center {
   text-align: center;
 }

From 7115dce773e3021b3538ae360c4e7344d5bbf45b Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Thu, 13 Jun 2024 06:35:46 +0800
Subject: [PATCH 22/46] Fix hash render end with colon (#31319)

Fix a hash render problem like `<hash>: xxxxx` which is usually used in
release notes.
---
 modules/markup/html.go               | 2 +-
 modules/markup/html_internal_test.go | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/markup/html.go b/modules/markup/html.go
index 8dbc958299..565bc175b7 100644
--- a/modules/markup/html.go
+++ b/modules/markup/html.go
@@ -49,7 +49,7 @@ var (
 	// hashCurrentPattern matches string that represents a commit SHA, e.g. d8a994ef243349f321568f9e36d5c3f444b99cae
 	// Although SHA1 hashes are 40 chars long, SHA256 are 64, the regex matches the hash from 7 to 64 chars in length
 	// so that abbreviated hash links can be used as well. This matches git and GitHub usability.
-	hashCurrentPattern = regexp.MustCompile(`(?:\s|^|\(|\[)([0-9a-f]{7,64})(?:\s|$|\)|\]|[.,](\s|$))`)
+	hashCurrentPattern = regexp.MustCompile(`(?:\s|^|\(|\[)([0-9a-f]{7,64})(?:\s|$|\)|\]|[.,:](\s|$))`)
 
 	// shortLinkPattern matches short but difficult to parse [[name|link|arg=test]] syntax
 	shortLinkPattern = regexp.MustCompile(`\[\[(.*?)\]\](\w*)`)
diff --git a/modules/markup/html_internal_test.go b/modules/markup/html_internal_test.go
index 9aa9c22d70..74089cffdd 100644
--- a/modules/markup/html_internal_test.go
+++ b/modules/markup/html_internal_test.go
@@ -380,6 +380,7 @@ func TestRegExp_sha1CurrentPattern(t *testing.T) {
 		"(abcdefabcdefabcdefabcdefabcdefabcdefabcd)",
 		"[abcdefabcdefabcdefabcdefabcdefabcdefabcd]",
 		"abcdefabcdefabcdefabcdefabcdefabcdefabcd.",
+		"abcdefabcdefabcdefabcdefabcdefabcdefabcd:",
 	}
 	falseTestCases := []string{
 		"test",

From 47ca61d8ba41f363745f6d0f93cb8efafa92564b Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Thu, 13 Jun 2024 09:06:46 +0800
Subject: [PATCH 23/46] Improve detecting empty files (#31332)

Co-authored-by: silverwind <me@silverwind.io>
---
 options/locale/locale_en-US.ini       |  1 +
 routers/web/repo/blame.go             |  2 --
 routers/web/repo/setting/lfs.go       |  1 +
 routers/web/repo/view.go              |  7 +++----
 templates/repo/blame.tmpl             |  2 ++
 templates/repo/file_info.tmpl         |  4 ++--
 templates/repo/settings/lfs_file.tmpl |  6 ++----
 templates/repo/view_file.tmpl         |  2 ++
 templates/shared/fileisempty.tmpl     |  3 +++
 templates/shared/filetoolarge.tmpl    |  2 +-
 web_src/css/repo.css                  | 12 ++++++++++++
 11 files changed, 29 insertions(+), 13 deletions(-)
 create mode 100644 templates/shared/fileisempty.tmpl

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 539715b3f9..fbada5472c 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -1238,6 +1238,7 @@ file_view_rendered = View Rendered
 file_view_raw = View Raw
 file_permalink = Permalink
 file_too_large = The file is too large to be shown.
+file_is_empty = The file is empty.
 code_preview_line_from_to = Lines %[1]d to %[2]d in %[3]s
 code_preview_line_in = Line %[1]d in %[2]s
 invisible_runes_header = `This file contains invisible Unicode characters`
diff --git a/routers/web/repo/blame.go b/routers/web/repo/blame.go
index 1887e4d95d..3e76ea6df4 100644
--- a/routers/web/repo/blame.go
+++ b/routers/web/repo/blame.go
@@ -99,8 +99,6 @@ func RefBlame(ctx *context.Context) {
 	}
 
 	ctx.Data["NumLines"], err = blob.GetBlobLineCount()
-	ctx.Data["NumLinesSet"] = true
-
 	if err != nil {
 		ctx.NotFound("GetBlobLineCount", err)
 		return
diff --git a/routers/web/repo/setting/lfs.go b/routers/web/repo/setting/lfs.go
index 6dddade066..2891556d6f 100644
--- a/routers/web/repo/setting/lfs.go
+++ b/routers/web/repo/setting/lfs.go
@@ -303,6 +303,7 @@ func LFSFileGet(ctx *context.Context) {
 		rd := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
 
 		// Building code view blocks with line number on server side.
+		// FIXME: the logic is not right here: it first calls EscapeControlReader then calls HTMLEscapeString: double-escaping
 		escapedContent := &bytes.Buffer{}
 		ctx.Data["EscapeStatus"], _ = charset.EscapeControlReader(rd, escapedContent, ctx.Locale)
 
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 386ef7be5c..0aa3fe1efd 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -286,6 +286,7 @@ func renderReadmeFile(ctx *context.Context, subfolder string, readmeFile *git.Tr
 
 	ctx.Data["FileIsText"] = fInfo.isTextFile
 	ctx.Data["FileName"] = path.Join(subfolder, readmeFile.Name())
+	ctx.Data["FileSize"] = fInfo.fileSize
 	ctx.Data["IsLFSFile"] = fInfo.isLFSFile
 
 	if fInfo.isLFSFile {
@@ -301,7 +302,6 @@ func renderReadmeFile(ctx *context.Context, subfolder string, readmeFile *git.Tr
 		// Pretend that this is a normal text file to display 'This file is too large to be shown'
 		ctx.Data["IsFileTooLarge"] = true
 		ctx.Data["IsTextFile"] = true
-		ctx.Data["FileSize"] = fInfo.fileSize
 		return
 	}
 
@@ -552,7 +552,6 @@ func renderFile(ctx *context.Context, entry *git.TreeEntry) {
 			} else {
 				ctx.Data["NumLines"] = bytes.Count(buf, []byte{'\n'}) + 1
 			}
-			ctx.Data["NumLinesSet"] = true
 
 			language, err := files_service.TryGetContentLanguage(ctx.Repo.GitRepo, ctx.Repo.CommitID, ctx.Repo.TreePath)
 			if err != nil {
@@ -606,8 +605,8 @@ func renderFile(ctx *context.Context, entry *git.TreeEntry) {
 			break
 		}
 
-		// TODO: this logic seems strange, it duplicates with "isRepresentableAsText=true", it is not the same as "LFSFileGet" in "lfs.go"
-		// maybe for this case, the file is a binary file, and shouldn't be rendered?
+		// TODO: this logic duplicates with "isRepresentableAsText=true", it is not the same as "LFSFileGet" in "lfs.go"
+		// It is used by "external renders", markupRender will execute external programs to get rendered content.
 		if markupType := markup.Type(blob.Name()); markupType != "" {
 			rd := io.MultiReader(bytes.NewReader(buf), dataRc)
 			ctx.Data["IsMarkup"] = true
diff --git a/templates/repo/blame.tmpl b/templates/repo/blame.tmpl
index 4ad3ed85c9..3e7cd92066 100644
--- a/templates/repo/blame.tmpl
+++ b/templates/repo/blame.tmpl
@@ -32,6 +32,8 @@
 		<div class="file-view code-view unicode-escaped">
 			{{if .IsFileTooLarge}}
 				{{template "shared/filetoolarge" dict "RawFileLink" .RawFileLink}}
+			{{else if not .FileSize}}
+				{{template "shared/fileisempty"}}
 			{{else}}
 			<table>
 				<tbody>
diff --git a/templates/repo/file_info.tmpl b/templates/repo/file_info.tmpl
index 823cf1b7d8..b63af68973 100644
--- a/templates/repo/file_info.tmpl
+++ b/templates/repo/file_info.tmpl
@@ -4,12 +4,12 @@
 			{{ctx.Locale.Tr "repo.symbolic_link"}}
 		</div>
 	{{end}}
-	{{if .NumLinesSet}}{{/* Explicit attribute needed to show 0 line changes */}}
+	{{if ne .NumLines nil}}
 		<div class="file-info-entry">
 			{{.NumLines}} {{ctx.Locale.TrN .NumLines "repo.line" "repo.lines"}}
 		</div>
 	{{end}}
-	{{if .FileSize}}
+	{{if ne .FileSize nil}}
 		<div class="file-info-entry">
 			{{FileSize .FileSize}}{{if .IsLFSFile}} ({{ctx.Locale.Tr "repo.stored_lfs"}}){{end}}
 		</div>
diff --git a/templates/repo/settings/lfs_file.tmpl b/templates/repo/settings/lfs_file.tmpl
index a015cc8bd1..f6fac05b69 100644
--- a/templates/repo/settings/lfs_file.tmpl
+++ b/templates/repo/settings/lfs_file.tmpl
@@ -16,10 +16,8 @@
 				<div class="file-view{{if .IsMarkup}} markup {{.MarkupType}}{{else if .IsPlainText}} plain-text{{else if .IsTextFile}} code-view{{end}}">
 					{{if .IsFileTooLarge}}
 						{{template "shared/filetoolarge" dict "RawFileLink" .RawFileLink}}
-					{{else if .IsMarkup}}
-						{{if .FileContent}}{{.FileContent | SafeHTML}}{{end}}
-					{{else if .IsPlainText}}
-						<pre>{{if .FileContent}}{{.FileContent | SafeHTML}}{{end}}</pre>
+					{{else if not .FileSize}}
+						{{template "shared/fileisempty"}}
 					{{else if not .IsTextFile}}
 						<div class="view-raw">
 							{{if .IsImageFile}}
diff --git a/templates/repo/view_file.tmpl b/templates/repo/view_file.tmpl
index 0a34b6c325..0ec400cfe9 100644
--- a/templates/repo/view_file.tmpl
+++ b/templates/repo/view_file.tmpl
@@ -91,6 +91,8 @@
 		<div class="file-view{{if .IsMarkup}} markup {{.MarkupType}}{{else if .IsPlainText}} plain-text{{else if .IsTextSource}} code-view{{end}}">
 			{{if .IsFileTooLarge}}
 				{{template "shared/filetoolarge" dict "RawFileLink" .RawFileLink}}
+			{{else if not .FileSize}}
+				{{template "shared/fileisempty"}}
 			{{else if .IsMarkup}}
 				{{if .FileContent}}{{.FileContent}}{{end}}
 			{{else if .IsPlainText}}
diff --git a/templates/shared/fileisempty.tmpl b/templates/shared/fileisempty.tmpl
new file mode 100644
index 0000000000..a92bcbcdbc
--- /dev/null
+++ b/templates/shared/fileisempty.tmpl
@@ -0,0 +1,3 @@
+<div class="file-not-rendered-prompt">
+	{{ctx.Locale.Tr "repo.file_is_empty"}}
+</div>
diff --git a/templates/shared/filetoolarge.tmpl b/templates/shared/filetoolarge.tmpl
index 8842fb1b91..cb23864ec8 100644
--- a/templates/shared/filetoolarge.tmpl
+++ b/templates/shared/filetoolarge.tmpl
@@ -1,4 +1,4 @@
-<div class="tw-p-4">
+<div class="file-not-rendered-prompt">
 	{{ctx.Locale.Tr "repo.file_too_large"}}
 	{{if .RawFileLink}}<a href="{{.RawFileLink}}" rel="nofollow">{{ctx.Locale.Tr "repo.file_view_raw"}}</a>{{end}}
 </div>
diff --git a/web_src/css/repo.css b/web_src/css/repo.css
index 0e3d06650e..357a4ee195 100644
--- a/web_src/css/repo.css
+++ b/web_src/css/repo.css
@@ -1706,6 +1706,18 @@ td .commit-summary {
 .file-view.markup {
   padding: 1em 2em;
 }
+
+.file-view.markup:has(.file-not-rendered-prompt) {
+  padding: 0; /* let the file-not-rendered-prompt layout itself */
+}
+
+.file-not-rendered-prompt {
+  padding: 1rem;
+  text-align: center;
+  font-size: 1rem !important; /* use consistent styles for various containers (code, markup, etc) */
+  line-height: var(--line-height-default) !important; /* same as above */
+}
+
 .repository .activity-header {
   display: flex;
   justify-content: space-between;

From fede3cbada9edeee6895727cc01c0b28cf4c759a Mon Sep 17 00:00:00 2001
From: Kerwin Bryant <kerwin612@qq.com>
Date: Thu, 13 Jun 2024 09:43:41 +0800
Subject: [PATCH 24/46] Fixed incorrect localization `explorer.go` (#31348)

see: https://github.com/go-gitea/gitea/pull/29701/files#r1637325139
---
 templates/user/dashboard/issues.tmpl | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/templates/user/dashboard/issues.tmpl b/templates/user/dashboard/issues.tmpl
index 278907e43f..b47a21e87c 100644
--- a/templates/user/dashboard/issues.tmpl
+++ b/templates/user/dashboard/issues.tmpl
@@ -51,11 +51,7 @@
 							<input type="hidden" name="type" value="{{$.ViewType}}">
 							<input type="hidden" name="sort" value="{{$.SortType}}">
 							<input type="hidden" name="state" value="{{$.State}}">
-							{{if .PageIsPulls}}
-								{{template "shared/search/combo_fuzzy" dict "Value" $.Keyword "IsFuzzy" $.IsFuzzy "Placeholder" (ctx.Locale.Tr "search.pull_kind") "Tooltip" (ctx.Locale.Tr "explorer.go")}}
-							{{else}}
-								{{template "shared/search/combo_fuzzy" dict "Value" $.Keyword "IsFuzzy" $.IsFuzzy "Placeholder" (ctx.Locale.Tr "search.issue_kind") "Tooltip" (ctx.Locale.Tr "explorer.go")}}
-							{{end}}
+							{{template "shared/search/combo_fuzzy" dict "Value" $.Keyword "IsFuzzy" $.IsFuzzy "Placeholder" (ctx.Locale.Tr (Iif .PageIsPulls "search.pull_kind" "search.issue_kind")) "Tooltip" (ctx.Locale.Tr "explore.go_to")}}
 						</div>
 					</form>
 					<!-- Sort -->

From bb04311b0b5b7a28f94c4bc409db1c4a04bcef17 Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Thu, 13 Jun 2024 11:13:11 +0200
Subject: [PATCH 25/46] [Refactor] Unify repo search order by logic (#30876)

have repo OrderBy definitions defined in one place and use a single type
for OrderBy database options
---
 models/db/search.go            |  6 ---
 models/repo/repo_list.go       | 25 ------------
 models/repo/search.go          | 72 +++++++++++++++++++++++++++++-----
 routers/api/v1/repo/repo.go    |  2 +-
 routers/web/explore/repo.go    | 42 ++++----------------
 templates/swagger/v1_json.tmpl |  2 +-
 6 files changed, 71 insertions(+), 78 deletions(-)

diff --git a/models/db/search.go b/models/db/search.go
index aa577f08e0..37565f45e1 100644
--- a/models/db/search.go
+++ b/models/db/search.go
@@ -18,12 +18,6 @@ const (
 	SearchOrderByRecentUpdated         SearchOrderBy = "updated_unix DESC"
 	SearchOrderByOldest                SearchOrderBy = "created_unix ASC"
 	SearchOrderByNewest                SearchOrderBy = "created_unix DESC"
-	SearchOrderBySize                  SearchOrderBy = "size ASC"
-	SearchOrderBySizeReverse           SearchOrderBy = "size DESC"
-	SearchOrderByGitSize               SearchOrderBy = "git_size ASC"
-	SearchOrderByGitSizeReverse        SearchOrderBy = "git_size DESC"
-	SearchOrderByLFSSize               SearchOrderBy = "lfs_size ASC"
-	SearchOrderByLFSSizeReverse        SearchOrderBy = "lfs_size DESC"
 	SearchOrderByID                    SearchOrderBy = "id ASC"
 	SearchOrderByIDReverse             SearchOrderBy = "id DESC"
 	SearchOrderByStars                 SearchOrderBy = "num_stars ASC"
diff --git a/models/repo/repo_list.go b/models/repo/repo_list.go
index eacc98e222..e22d872ae4 100644
--- a/models/repo/repo_list.go
+++ b/models/repo/repo_list.go
@@ -207,31 +207,6 @@ type SearchRepoOptions struct {
 	OnlyShowRelevant bool
 }
 
-// SearchOrderBy is used to sort the result
-type SearchOrderBy string
-
-func (s SearchOrderBy) String() string {
-	return string(s)
-}
-
-// Strings for sorting result
-const (
-	SearchOrderByAlphabetically        SearchOrderBy = "name ASC"
-	SearchOrderByAlphabeticallyReverse SearchOrderBy = "name DESC"
-	SearchOrderByLeastUpdated          SearchOrderBy = "updated_unix ASC"
-	SearchOrderByRecentUpdated         SearchOrderBy = "updated_unix DESC"
-	SearchOrderByOldest                SearchOrderBy = "created_unix ASC"
-	SearchOrderByNewest                SearchOrderBy = "created_unix DESC"
-	SearchOrderBySize                  SearchOrderBy = "size ASC"
-	SearchOrderBySizeReverse           SearchOrderBy = "size DESC"
-	SearchOrderByID                    SearchOrderBy = "id ASC"
-	SearchOrderByIDReverse             SearchOrderBy = "id DESC"
-	SearchOrderByStars                 SearchOrderBy = "num_stars ASC"
-	SearchOrderByStarsReverse          SearchOrderBy = "num_stars DESC"
-	SearchOrderByForks                 SearchOrderBy = "num_forks ASC"
-	SearchOrderByForksReverse          SearchOrderBy = "num_forks DESC"
-)
-
 // UserOwnedRepoCond returns user ownered repositories
 func UserOwnedRepoCond(userID int64) builder.Cond {
 	return builder.Eq{
diff --git a/models/repo/search.go b/models/repo/search.go
index 54d6dcfb44..c500d41be8 100644
--- a/models/repo/search.go
+++ b/models/repo/search.go
@@ -5,20 +5,72 @@ package repo
 
 import "code.gitea.io/gitea/models/db"
 
+// Strings for sorting result
+const (
+	// only used for repos
+	SearchOrderByAlphabetically        db.SearchOrderBy = "owner_name ASC, name ASC"
+	SearchOrderByAlphabeticallyReverse db.SearchOrderBy = "owner_name DESC, name DESC"
+	SearchOrderBySize                  db.SearchOrderBy = "size ASC"
+	SearchOrderBySizeReverse           db.SearchOrderBy = "size DESC"
+	SearchOrderByGitSize               db.SearchOrderBy = "git_size ASC"
+	SearchOrderByGitSizeReverse        db.SearchOrderBy = "git_size DESC"
+	SearchOrderByLFSSize               db.SearchOrderBy = "lfs_size ASC"
+	SearchOrderByLFSSizeReverse        db.SearchOrderBy = "lfs_size DESC"
+	// alias as also used elsewhere
+	SearchOrderByLeastUpdated  db.SearchOrderBy = db.SearchOrderByLeastUpdated
+	SearchOrderByRecentUpdated db.SearchOrderBy = db.SearchOrderByRecentUpdated
+	SearchOrderByOldest        db.SearchOrderBy = db.SearchOrderByOldest
+	SearchOrderByNewest        db.SearchOrderBy = db.SearchOrderByNewest
+	SearchOrderByID            db.SearchOrderBy = db.SearchOrderByID
+	SearchOrderByIDReverse     db.SearchOrderBy = db.SearchOrderByIDReverse
+	SearchOrderByStars         db.SearchOrderBy = db.SearchOrderByStars
+	SearchOrderByStarsReverse  db.SearchOrderBy = db.SearchOrderByStarsReverse
+	SearchOrderByForks         db.SearchOrderBy = db.SearchOrderByForks
+	SearchOrderByForksReverse  db.SearchOrderBy = db.SearchOrderByForksReverse
+)
+
 // SearchOrderByMap represents all possible search order
 var SearchOrderByMap = map[string]map[string]db.SearchOrderBy{
 	"asc": {
-		"alpha":   "owner_name ASC, name ASC",
-		"created": db.SearchOrderByOldest,
-		"updated": db.SearchOrderByLeastUpdated,
-		"size":    db.SearchOrderBySize,
-		"id":      db.SearchOrderByID,
+		"alpha":    SearchOrderByAlphabetically,
+		"created":  SearchOrderByOldest,
+		"updated":  SearchOrderByLeastUpdated,
+		"size":     SearchOrderBySize,
+		"git_size": SearchOrderByGitSize,
+		"lfs_size": SearchOrderByLFSSize,
+		"id":       SearchOrderByID,
+		"stars":    SearchOrderByStars,
+		"forks":    SearchOrderByForks,
 	},
 	"desc": {
-		"alpha":   "owner_name DESC, name DESC",
-		"created": db.SearchOrderByNewest,
-		"updated": db.SearchOrderByRecentUpdated,
-		"size":    db.SearchOrderBySizeReverse,
-		"id":      db.SearchOrderByIDReverse,
+		"alpha":    SearchOrderByAlphabeticallyReverse,
+		"created":  SearchOrderByNewest,
+		"updated":  SearchOrderByRecentUpdated,
+		"size":     SearchOrderBySizeReverse,
+		"git_size": SearchOrderByGitSizeReverse,
+		"lfs_size": SearchOrderByLFSSizeReverse,
+		"id":       SearchOrderByIDReverse,
+		"stars":    SearchOrderByStarsReverse,
+		"forks":    SearchOrderByForksReverse,
 	},
 }
+
+// SearchOrderByFlatMap is similar to SearchOrderByMap but use human language keywords
+// to decide between asc and desc
+var SearchOrderByFlatMap = map[string]db.SearchOrderBy{
+	"newest":                SearchOrderByMap["desc"]["created"],
+	"oldest":                SearchOrderByMap["asc"]["created"],
+	"leastupdate":           SearchOrderByMap["asc"]["updated"],
+	"reversealphabetically": SearchOrderByMap["desc"]["alpha"],
+	"alphabetically":        SearchOrderByMap["asc"]["alpha"],
+	"reversesize":           SearchOrderByMap["desc"]["size"],
+	"size":                  SearchOrderByMap["asc"]["size"],
+	"reversegitsize":        SearchOrderByMap["desc"]["git_size"],
+	"gitsize":               SearchOrderByMap["asc"]["git_size"],
+	"reverselfssize":        SearchOrderByMap["desc"]["lfs_size"],
+	"lfssize":               SearchOrderByMap["asc"]["lfs_size"],
+	"moststars":             SearchOrderByMap["desc"]["stars"],
+	"feweststars":           SearchOrderByMap["asc"]["stars"],
+	"mostforks":             SearchOrderByMap["desc"]["forks"],
+	"fewestforks":           SearchOrderByMap["asc"]["forks"],
+}
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 594f2d86f6..9ba5887525 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -107,7 +107,7 @@ func Search(ctx *context.APIContext) {
 	// - name: sort
 	//   in: query
 	//   description: sort repos by attribute. Supported values are
-	//                "alpha", "created", "updated", "size", and "id".
+	//                "alpha", "created", "updated", "size", "git_size", "lfs_size", "stars", "forks" and "id".
 	//                Default is "alpha"
 	//   type: string
 	// - name: order
diff --git a/routers/web/explore/repo.go b/routers/web/explore/repo.go
index 66477a255c..22b1fc5bf9 100644
--- a/routers/web/explore/repo.go
+++ b/routers/web/explore/repo.go
@@ -6,6 +6,7 @@ package explore
 import (
 	"fmt"
 	"net/http"
+	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	repo_model "code.gitea.io/gitea/models/repo"
@@ -57,47 +58,18 @@ func RenderRepoSearch(ctx *context.Context, opts *RepoSearchOptions) {
 		orderBy db.SearchOrderBy
 	)
 
-	sortOrder := ctx.FormString("sort")
+	sortOrder := strings.ToLower(ctx.FormString("sort"))
 	if sortOrder == "" {
 		sortOrder = setting.UI.ExploreDefaultSort
 	}
-	ctx.Data["SortType"] = sortOrder
 
-	switch sortOrder {
-	case "newest":
-		orderBy = db.SearchOrderByNewest
-	case "oldest":
-		orderBy = db.SearchOrderByOldest
-	case "leastupdate":
-		orderBy = db.SearchOrderByLeastUpdated
-	case "reversealphabetically":
-		orderBy = db.SearchOrderByAlphabeticallyReverse
-	case "alphabetically":
-		orderBy = db.SearchOrderByAlphabetically
-	case "reversesize":
-		orderBy = db.SearchOrderBySizeReverse
-	case "size":
-		orderBy = db.SearchOrderBySize
-	case "reversegitsize":
-		orderBy = db.SearchOrderByGitSizeReverse
-	case "gitsize":
-		orderBy = db.SearchOrderByGitSize
-	case "reverselfssize":
-		orderBy = db.SearchOrderByLFSSizeReverse
-	case "lfssize":
-		orderBy = db.SearchOrderByLFSSize
-	case "moststars":
-		orderBy = db.SearchOrderByStarsReverse
-	case "feweststars":
-		orderBy = db.SearchOrderByStars
-	case "mostforks":
-		orderBy = db.SearchOrderByForksReverse
-	case "fewestforks":
-		orderBy = db.SearchOrderByForks
-	default:
-		ctx.Data["SortType"] = "recentupdate"
+	if order, ok := repo_model.SearchOrderByFlatMap[sortOrder]; ok {
+		orderBy = order
+	} else {
+		sortOrder = "recentupdate"
 		orderBy = db.SearchOrderByRecentUpdated
 	}
+	ctx.Data["SortType"] = sortOrder
 
 	keyword := ctx.FormTrim("q")
 
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 34f09f0587..09efbd4aa1 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -3689,7 +3689,7 @@
           },
           {
             "type": "string",
-            "description": "sort repos by attribute. Supported values are \"alpha\", \"created\", \"updated\", \"size\", and \"id\". Default is \"alpha\"",
+            "description": "sort repos by attribute. Supported values are \"alpha\", \"created\", \"updated\", \"size\", \"git_size\", \"lfs_size\", \"stars\", \"forks\" and \"id\". Default is \"alpha\"",
             "name": "sort",
             "in": "query"
           },

From e61e9a36b7117bab2cb122a95d606a86527ed45d Mon Sep 17 00:00:00 2001
From: yp05327 <576951401@qq.com>
Date: Thu, 13 Jun 2024 18:42:07 +0900
Subject: [PATCH 26/46] Fix PullRequestList.GetIssueIDs's logic  (#31352)

fix a bug from #30490

`prs.GetIssueIDs()` will also be used in other places, e.g.
`InvalidateCodeComments`
so we should not add `if pr.Issue == nil` in it, or if `pr.Issue` is
already loaded, you will not get the issueID in the results list and
this is not an expected result.

So this will caused a bug:
before calling `InvalidateCodeComments`, all `pr.Issues` in `prs` are
loaded, so `issueIDs` in this function will always be `[]`.

![image](https://github.com/go-gitea/gitea/assets/18380374/ef94d9d2-0bf9-455a-abd6-4d5e6497db7c)
---
 models/issues/pull_list.go | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/models/issues/pull_list.go b/models/issues/pull_list.go
index a1d46f8cd4..f80a2284f0 100644
--- a/models/issues/pull_list.go
+++ b/models/issues/pull_list.go
@@ -192,8 +192,10 @@ func (prs PullRequestList) LoadIssues(ctx context.Context) (IssueList, error) {
 		return nil, nil
 	}
 
-	// Load issues.
-	issueIDs := prs.GetIssueIDs()
+	// Load issues which are not loaded
+	issueIDs := container.FilterSlice(prs, func(pr *PullRequest) (int64, bool) {
+		return pr.IssueID, pr.Issue == nil && pr.IssueID > 0
+	})
 	issues := make(map[int64]*Issue, len(issueIDs))
 	if err := db.GetEngine(ctx).
 		In("id", issueIDs).
@@ -229,10 +231,7 @@ func (prs PullRequestList) LoadIssues(ctx context.Context) (IssueList, error) {
 // GetIssueIDs returns all issue ids
 func (prs PullRequestList) GetIssueIDs() []int64 {
 	return container.FilterSlice(prs, func(pr *PullRequest) (int64, bool) {
-		if pr.Issue == nil {
-			return pr.IssueID, pr.IssueID > 0
-		}
-		return 0, false
+		return pr.IssueID, pr.IssueID > 0
 	})
 }
 

From 5b56d13e0d0ebb2b70c54567104faf4a208d0ab1 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Fri, 14 Jun 2024 00:27:38 +0000
Subject: [PATCH 27/46] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_cs-CZ.ini | 48 ++++++++++++++++++++++++++++-----
 1 file changed, 41 insertions(+), 7 deletions(-)

diff --git a/options/locale/locale_cs-CZ.ini b/options/locale/locale_cs-CZ.ini
index acc0d0bc27..4cbac49ddc 100644
--- a/options/locale/locale_cs-CZ.ini
+++ b/options/locale/locale_cs-CZ.ini
@@ -164,6 +164,8 @@ search=Hledat...
 type_tooltip=Druh vyhledávání
 fuzzy=Fuzzy
 fuzzy_tooltip=Zahrnout výsledky, které také úzce odpovídají hledanému výrazu
+exact=Přesně
+exact_tooltip=Zahrnout pouze výsledky, které přesně odpovídají hledanému výrazu
 repo_kind=Hledat repozitáře...
 user_kind=Hledat uživatele...
 org_kind=Hledat organizace...
@@ -177,6 +179,8 @@ branch_kind=Hledat větve...
 commit_kind=Hledat commity...
 runner_kind=Hledat runnery...
 no_results=Nebyly nalezeny žádné odpovídající výsledky.
+issue_kind=Hledat úkoly...
+pull_kind=Hledat pull request...
 keyword_search_unavailable=Hledání podle klíčového slova není momentálně dostupné. Obraťte se na správce webu.
 
 [aria]
@@ -432,6 +436,7 @@ oauth_signin_submit=Propojit účet
 oauth.signin.error=Došlo k chybě při zpracování žádosti o autorizaci. Pokud tato chyba přetrvává, obraťte se na správce webu.
 oauth.signin.error.access_denied=Žádost o autorizaci byla zamítnuta.
 oauth.signin.error.temporarily_unavailable=Autorizace se nezdařila, protože ověřovací server je dočasně nedostupný. Opakujte akci později.
+oauth_callback_unable_auto_reg=Automatická registrace je povolena, ale OAuth2 poskytovatel %[1]s vrátil chybějící pole: %[2]s, nelze vytvořit účet automaticky, vytvořte účet nebo se připojte k účtu, nebo kontaktujte správce webu.
 openid_connect_submit=Připojit
 openid_connect_title=Připojení k existujícímu účtu
 openid_connect_desc=Zvolené OpenID URI není známé. Přidružte nový účet zde.
@@ -712,8 +717,9 @@ cancel=Zrušit
 language=Jazyk
 ui=Motiv vzhledu
 hidden_comment_types=Skryté typy komentářů
+hidden_comment_types_description=Zde zaškrtnuté typy komentářů nebudou zobrazeny na stránkách úkolů. Zaškrtnutím položky „Štítek“ například odstraní všechny komentáře „{uživatel} přidal/odstranil {štítek}“.
 hidden_comment_types.ref_tooltip=Komentáře, na které se odkazovalo z jiného úkolu/commitu/…
-hidden_comment_types.issue_ref_tooltip=Komentáře, kde uživatel změní větev/značku spojenou s problémem
+hidden_comment_types.issue_ref_tooltip=Komentáře, kde uživatel změní větev/značku spojenou s úkolem
 comment_type_group_reference=Reference
 comment_type_group_label=Štítek
 comment_type_group_milestone=Milník
@@ -758,6 +764,8 @@ manage_themes=Vyberte výchozí motiv vzhledu
 manage_openid=Správa OpenID adres
 email_desc=Vaše hlavní e-mailová adresa bude použita pro oznámení, obnovení hesla, a pokud není skrytá, pro operace Gitu.
 theme_desc=Toto bude váš výchozí motiv vzhledu napříč stránkou.
+theme_colorblindness_help=Podpora šablony pro barvoslepost
+theme_colorblindness_prompt=Gitea právě získala některé motivy se základní podporou barvosleposti, které mají pouze několik barev. Práce stále probíhá. Další vylepšení by bylo možné provést definováním více barev v CSS souborů.
 primary=Hlavní
 activated=Aktivován
 requires_activation=Vyžaduje aktivaci
@@ -882,6 +890,7 @@ repo_and_org_access=Repozitář a přístup organizace
 permissions_public_only=Pouze veřejnost
 permissions_access_all=Vše (veřejné, soukromé a omezené)
 select_permissions=Vyberte oprávnění
+permission_not_set=Není nastaveno
 permission_no_access=Bez přístupu
 permission_read=Přečtené
 permission_write=čtení i zápis
@@ -1061,6 +1070,7 @@ watchers=Sledující
 stargazers=Sledující
 stars_remove_warning=Tímto odstraníte všechny hvězdičky z tohoto repozitáře.
 forks=Rozštěpení
+stars=Oblíbené
 reactions_more=a %d dalších
 unit_disabled=Správce webu zakázal tuto sekci repozitáře.
 language_other=Jiný
@@ -1108,7 +1118,7 @@ template.one_item=Musíte vybrat alespoň jednu položku šablony
 template.invalid=Musíte vybrat repositář šablony
 
 archive.title=Tento repozitář je archivovaný. Můžete prohlížet soubory, klonovat, ale nemůžete nahrávat a vytvářet nové úkoly nebo pull requesty.
-archive.title_date=Tento repositář byl archivován %s. Můžete zobrazit soubory a klonovat je, ale nemůžete nahrávat ani otevírat problémy nebo pull requesty.
+archive.title_date=Tento repositář byl archivován %s. Můžete zobrazit soubory a klonovat je, ale nemůžete nahrávat ani otevírat úkoly nebo pull requesty.
 archive.issue.nocomment=Tento repozitář je archivovaný. Nemůžete komentovat úkoly.
 archive.pull.nocomment=Tento repozitář je archivovaný. Nemůžete komentovat pull requesty.
 
@@ -1228,6 +1238,8 @@ file_view_rendered=Zobrazit vykreslené
 file_view_raw=Zobrazit v surovém stavu
 file_permalink=Trvalý odkaz
 file_too_large=Soubor je příliš velký pro zobrazení.
+code_preview_line_from_to=Řádky %[1]d do%[2]d v %[3]s
+code_preview_line_in=Řádek %[1]d v %[2]s
 invisible_runes_header=`Tento soubor obsahuje neviditelné znaky Unicode`
 invisible_runes_description=`Tento soubor obsahuje neviditelné Unicode znaky, které jsou pro člověka nerozeznatelné, ale mohou být zpracovány jiným způsobem. Pokud si myslíte, že je to záměrné, můžete toto varování bezpečně ignorovat. Použijte tlačítko Escape sekvence k jejich zobrazení.`
 ambiguous_runes_header=`Tento soubor obsahuje nejednoznačné znaky Unicode`
@@ -1282,6 +1294,7 @@ editor.or=nebo
 editor.cancel_lower=Zrušit
 editor.commit_signed_changes=Odevzdat podepsané změny
 editor.commit_changes=Odevzdat změny
+editor.add_tmpl=Přidán „{nazev_souboru}“
 editor.add=Přidat %s
 editor.update=Aktualizovat %s
 editor.delete=Odstranit %s
@@ -1364,6 +1377,7 @@ commitstatus.success=Úspěch
 ext_issues=Přístup k externím úkolům
 ext_issues.desc=Odkaz na externí systém úkolů.
 
+projects.desc=Spravujte úkoly a pull requesty v projektech.
 projects.description=Popis (volitelné)
 projects.description_placeholder=Popis
 projects.create=Vytvořit projekt
@@ -1391,6 +1405,7 @@ projects.column.new=Nový sloupec
 projects.column.set_default=Nastavit jako výchozí
 projects.column.set_default_desc=Nastavit tento sloupec jako výchozí pro nekategorizované úkoly a požadavky na natažení
 projects.column.delete=Smazat sloupec
+projects.column.deletion_desc=Smazání sloupce projektu přesune všechny související úkoly do výchozího sloupce. Pokračovat?
 projects.column.color=Barva
 projects.open=Otevřít
 projects.close=Zavřít
@@ -1426,6 +1441,7 @@ issues.new.clear_assignees=Smazat zpracovatele
 issues.new.no_assignees=Bez zpracovatelů
 issues.new.no_reviewers=Žádní posuzovatelé
 issues.new.blocked_user=Nemůžete vytvořit úkol, protože jste zablokováni zadavatelem příspěvku nebo vlastníkem repozitáře.
+issues.edit.already_changed=Nelze uložit změny v úkolu. Zdá se, že obsah byl již změněn jiným uživatelem. Aktualizujte stránku a zkuste ji znovu problém upravit, abyste se vyhnuli přepsání jejich změn
 issues.edit.blocked_user=Nemůžete upravovat obsah, protože jste zablokováni zadavatelem příspěvku nebo vlastníkem repozitáře.
 issues.choose.get_started=Začínáme
 issues.choose.open_external_link=Otevřít
@@ -1433,7 +1449,7 @@ issues.choose.blank=Výchozí
 issues.choose.blank_about=Vytvořit úkol z výchozí šablony.
 issues.choose.ignore_invalid_templates=Neplatné šablony byly ignorovány
 issues.choose.invalid_templates=%v nalezených neplatných šablon
-issues.choose.invalid_config=Nastavení problému obsahuje chyby:
+issues.choose.invalid_config=Nastavení úkolu obsahuje chyby:
 issues.no_ref=Není určena žádná větev/značka
 issues.create=Vytvořit úkol
 issues.new_label=Nový štítek
@@ -1534,10 +1550,12 @@ issues.context.reference_issue=Odkázat v novém úkolu
 issues.context.edit=Upravit
 issues.context.delete=Smazat
 issues.no_content=K dispozici není žádný popis.
-issues.close=Zavřít problém
+issues.close=Zavřít úkol
 issues.comment_pull_merged_at=sloučený commit %[1]s do %[2]s %[3]s
 issues.comment_manually_pull_merged_at=ručně sloučený commit %[1]s do %[2]s %[3]s
+issues.close_comment_issue=Okomentovat a zavřít
 issues.reopen_issue=Znovuotevřít
+issues.reopen_comment_issue=Znovu otevřít s komentářem
 issues.create_comment=Okomentovat
 issues.comment.blocked_user=Nemůžete vytvořit nebo upravovat komentář, protože jste zablokováni zadavatelem příspěvku nebo vlastníkem repozitáře.
 issues.closed_at=`uzavřel/a tento úkol <a id="%[1]s" href="#%[1]s">%[2]s</a>`
@@ -1598,7 +1616,7 @@ issues.attachment.open_tab=`Klikněte pro zobrazení „%s“ v nové záložce`
 issues.attachment.download=`Klikněte pro stažení „%s“`
 issues.subscribe=Odebírat
 issues.unsubscribe=Zrušit odběr
-issues.unpin_issue=Odepnout problém
+issues.unpin_issue=Odepnout úkol
 issues.max_pinned=Nemůžete připnout další úkoly
 issues.pin_comment=připnuto %s
 issues.unpin_comment=odepnul/a tento %s
@@ -1657,7 +1675,7 @@ issues.due_date_form=rrrr-mm-dd
 issues.due_date_form_add=Přidat termín dokončení
 issues.due_date_form_edit=Upravit
 issues.due_date_form_remove=Odstranit
-issues.due_date_not_writer=Potřebujete přístup k zápisu do tohoto repozitáře, abyste mohli aktualizovat datum dokončení problému.
+issues.due_date_not_writer=Potřebujete přístup k zápisu do tohoto repozitáře, abyste mohli aktualizovat datum dokončení úkolu.
 issues.due_date_not_set=Žádný termín dokončení.
 issues.due_date_added=přidal/a termín dokončení %s %s
 issues.due_date_modified=upravil/a termín termínu z %[2]s na %[1]s %[3]s
@@ -1739,6 +1757,7 @@ compare.compare_head=porovnat
 pulls.desc=Povolit pull requesty a posuzování kódu.
 pulls.new=Nový pull request
 pulls.new.blocked_user=Nemůžete vytvořit pull request, protože jste zablokování vlastníkem repozitáře.
+pulls.edit.already_changed=Nelze uložit změny v pull requestu. Zdá se, že obsah byl již změněn jiným uživatelem. Aktualizujte stránku a zkuste znovu komentář upravit, abyste se vyhnuli přepsání jejich změn
 pulls.view=Zobrazit pull request
 pulls.compare_changes=Nový pull request
 pulls.allow_edits_from_maintainers=Povolit úpravy od správců
@@ -1858,6 +1877,7 @@ pulls.close=Zavřít pull request
 pulls.closed_at=`uzavřel/a tento pull request <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 pulls.reopened_at=`znovuotevřel/a tento pull request <a id="%[1]s" href="#%[1]s">%[2]s</a>`
 pulls.cmd_instruction_hint=`Zobrazit <a class="show-instruction">instrukce příkazové řádky</a>.`
+pulls.cmd_instruction_checkout_title=Checkout
 pulls.cmd_instruction_checkout_desc=Z vašeho repositáře projektu se podívejte na novou větev a vyzkoušejte změny.
 pulls.cmd_instruction_merge_title=Sloučit
 pulls.cmd_instruction_merge_desc=Slučte změny a aktualizujte je na Gitea.
@@ -1883,6 +1903,7 @@ pulls.recently_pushed_new_branches=Nahráli jste větev <strong>%[1]s</strong> %
 
 pull.deleted_branch=(odstraněno):%s
 
+comments.edit.already_changed=Nelze uložit změny v komentáři. Zdá se, že obsah byl již změněn jiným uživatelem. Aktualizujte stránku a zkuste znovu komentář upravit, abyste se vyhnuli přepsání jejich změn
 
 milestones.new=Nový milník
 milestones.closed=Zavřen dne %s
@@ -1959,6 +1980,7 @@ wiki.page_name_desc=Zadejte název této Wiki stránky. Některé speciální n
 wiki.original_git_entry_tooltip=Zobrazit originální Git soubor namísto použití přátelského odkazu.
 
 activity=Aktivita
+activity.navbar.pulse=Pulz
 activity.navbar.code_frequency=Frekvence kódu
 activity.navbar.contributors=Přispěvatelé
 activity.navbar.recent_commits=Nedávné commity
@@ -2052,6 +2074,7 @@ settings.mirror_settings.docs.disabled_push_mirror.pull_mirror_warning=Právě t
 settings.mirror_settings.docs.disabled_push_mirror.info=Push zrcadla byla zakázána administrátorem vašeho webu.
 settings.mirror_settings.docs.no_new_mirrors=Váš repozitář zrcadlí změny do nebo z jiného repozitáře. Mějte prosím na paměti, že v tuto chvíli nemůžete vytvořit žádná nová zrcadla.
 settings.mirror_settings.docs.can_still_use=I když nemůžete upravit stávající zrcadla nebo vytvořit nová, stále můžete použít své stávající zrcadlo.
+settings.mirror_settings.docs.pull_mirror_instructions=Chcete-li nastavit zrcadlo pro natažení, konzultujte prosím:
 settings.mirror_settings.docs.more_information_if_disabled=Více informací o zrcadlech pro nahrání a natažení naleznete zde:
 settings.mirror_settings.docs.doc_link_title=Jak mohu zrcadlit repozitáře?
 settings.mirror_settings.docs.doc_link_pull_section=sekci "stahovat ze vzdáleného úložiště" v dokumentaci.
@@ -2079,6 +2102,7 @@ settings.advanced_settings=Pokročilá nastavení
 settings.wiki_desc=Povolit Wiki repozitáře
 settings.use_internal_wiki=Používat vestavěnou Wiki
 settings.default_wiki_branch_name=Výchozí název větve Wiki
+settings.default_wiki_everyone_access=Výchozí přístupová práva pro přihlášené uživatele:
 settings.failed_to_change_default_wiki_branch=Změna výchozí větve wiki se nezdařila.
 settings.use_external_wiki=Používat externí Wiki
 settings.external_wiki_url=URL externí Wiki
@@ -2760,6 +2784,7 @@ teams.invite.by=Pozvání od %s
 teams.invite.description=Pro připojení k týmu klikněte na tlačítko níže.
 
 [admin]
+maintenance=Údržba
 dashboard=Přehled
 self_check=Samokontrola
 identity_access=Identita a přístup
@@ -2782,6 +2807,7 @@ settings=Nastavení správce
 
 dashboard.new_version_hint=Gitea %s je nyní k dispozici, právě u vás běži %s. Podívej se na <a target="_blank" rel="noreferrer" href="https://blog.gitea.io">blogu</a> pro více informací.
 dashboard.statistic=Souhrn
+dashboard.maintenance_operations=Operace údržby
 dashboard.system_status=Status systému
 dashboard.operation_name=Název operace
 dashboard.operation_switch=Přepnout
@@ -3067,12 +3093,14 @@ auths.tips=Tipy
 auths.tips.oauth2.general=Ověřování OAuth2
 auths.tips.oauth2.general.tip=Při registraci nové OAuth2 autentizace by URL callbacku/přesměrování měla být:
 auths.tip.oauth2_provider=Poskytovatel OAuth2
+auths.tip.bitbucket=Vytvořte nového OAuth konzumenta na https://bitbucket.org/account/user/{vase-uzivatelske-jmeno}/oauth-consumers/new a přidejte oprávnění „Account“ - „Read“
 auths.tip.nextcloud=Zaregistrujte nového OAuth konzumenta na vaší instanci pomocí následujícího menu „Nastavení -> Zabezpečení -> OAuth 2.0 klient“
 auths.tip.dropbox=Vytvořte novou aplikaci na https://www.dropbox.com/developers/apps
 auths.tip.facebook=Registrujte novou aplikaci na https://developers.facebook.com/apps a přidejte produkt „Facebook Login“
 auths.tip.github=Registrujte novou OAuth aplikaci na https://github.com/settings/applications/new
 auths.tip.gitlab_new=Zaregistrujte novou aplikaci na https://gitlab.com/-/profile/applications
 auths.tip.google_plus=Získejte klientské pověření OAuth2 z Google API konzole na https://console.developers.google.com/
+auths.tip.openid_connect=Použijte OpenID Connect URL pro objevování spojení „https://{server}/.well-known/openid-configuration“ k nastavení koncových bodů
 auths.tip.twitter=Jděte na https://dev.twitter.com/apps, vytvořte aplikaci a ujistěte se, že volba „Allow this application to be used to Sign in with Twitter“ je povolená
 auths.tip.discord=Registrujte novou aplikaci na https://discordapp.com/developers/applications/me
 auths.tip.gitea=Registrovat novou Oauth2 aplikaci. Návod naleznete na https://docs.gitea.com/development/oauth2-provider
@@ -3285,11 +3313,13 @@ notices.op=Akce
 notices.delete_success=Systémové upozornění bylo smazáno.
 
 self_check.no_problem_found=Zatím nebyl nalezen žádný problém.
+self_check.startup_warnings=Upozornění při spuštění:
 self_check.database_collation_mismatch=Očekávejte, že databáze použije collation: %s
 self_check.database_collation_case_insensitive=Databáze používá collation %s, což je collation nerozlišující velká a malá písmena. Ačkoli s ní Gitea může pracovat, mohou se vyskytnout vzácné případy, kdy nebude fungovat podle očekávání.
 self_check.database_inconsistent_collation_columns=Databáze používá collation %s, ale tyto sloupce používají chybné collation. To může způsobit neočekávané problémy.
 self_check.database_fix_mysql=Pro uživatele MySQL/MariaDB můžete použít příkaz "gitea doctor convert", který opraví problémy s collation, nebo můžete také problém vyřešit příkazem "ALTER ... COLLATE ..." SQL ručně.
 self_check.database_fix_mssql=Uživatelé MSSQL mohou problém vyřešit pouze pomocí příkazu "ALTER ... COLLATE ..." SQL ručně.
+self_check.location_origin_mismatch=Aktuální URL (%[1]s) se neshoduje s URL viditelnou pro Gitea (%[2]s). Pokud používáte reverzní proxy, ujistěte se, že hlavičky „Host“ a „X-Forwarded-Proto“ jsou nastaveny správně.
 
 [action]
 create_repo=vytvořil/a repozitář <a href="%s">%s</a>
@@ -3301,7 +3331,7 @@ reopen_issue=`znovuotevřel/a úkol <a href="%[1]s">%[3]s#%[2]s</a>`
 create_pull_request=`vytvořil/a pull request <a href="%[1]s">%[3]s#%[2]s</a>`
 close_pull_request=`uzavřel/a pull request <a href="%[1]s">%[3]s#%[2]s</a>`
 reopen_pull_request=`znovuotevřel/a pull request <a href="%[1]s">%[3]s#%[2]s</a>`
-comment_issue=`okomentoval/a problém <a href="%[1]s">%[3]s#%[2]s</a>`
+comment_issue=`okomentoval/a úkol <a href="%[1]s">%[3]s#%[2]s</a>`
 comment_pull=`okomentoval/a pull request <a href="%[1]s">%[3]s#%[2]s</a>`
 merge_pull_request=`sloučil/a pull request <a href="%[1]s">%[3]s#%[2]s</a>`
 auto_merge_pull_request=`automaticky sloučen pull request <a href="%[1]s">%[3]s#%[2]s</a>`
@@ -3317,6 +3347,7 @@ mirror_sync_create=synchronizoval/a novou referenci <a href="%[2]s">%[3]s</a> do
 mirror_sync_delete=synchronizoval/a a smazal/a referenci <code>%[2]s</code> v <a href="%[1]s">%[3]s</a> ze zrcadla
 approve_pull_request=`schválil/a <a href="%[1]s">%[3]s#%[2]s</a>`
 reject_pull_request=`navrhl/a změny pro <a href="%[1]s">%[3]s#%[2]s</a>`
+publish_release=`vydal/a <a href="%[2]s"> "%[4]s" </a> v <a href="%[1]s">%[3]s</a>`
 review_dismissed=`zamítl/a posouzení z <b>%[4]s</b> pro <a href="%[1]s">%[3]s#%[2]s</a>`
 review_dismissed_reason=Důvod:
 create_branch=vytvořil/a větev <a href="%[2]s">%[3]s</a> v <a href="%[1]s">%[4]s</a>
@@ -3383,6 +3414,7 @@ error.unit_not_allowed=Nejste oprávněni přistupovat k této části repozitá
 title=Balíčky
 desc=Správa balíčků repozitáře.
 empty=Zatím nejsou žádné balíčky.
+no_metadata=Žádná metadata.
 empty.documentation=Další informace o registru balíčků naleznete v <a target="_blank" rel="noopener noreferrer" href="%s">dokumentaci</a>.
 empty.repo=Nahráli jste balíček, ale nezobrazil se zde? Přejděte na <a href="%[1]s">nastavení balíčku</a> a propojte jej s tímto repozitářem.
 registry.documentation=Další informace o registru %s naleznete v <a target="_blank" rel="noopener noreferrer" href="%s">dokumentaci</a>.
@@ -3464,6 +3496,7 @@ npm.install=Pro instalaci balíčku pomocí npm spusťte následující příkaz
 npm.install2=nebo ho přidejte do souboru package.json:
 npm.dependencies=Závislosti
 npm.dependencies.development=Vývojové závislosti
+npm.dependencies.bundle=Vnitřní závislosti
 npm.dependencies.peer=Vzájemné závislosti
 npm.dependencies.optional=Volitelné závislosti
 npm.details.tag=Značka
@@ -3601,6 +3634,7 @@ runs.pushed_by=náhrán
 runs.invalid_workflow_helper=Konfigurační soubor pracovního postupu je neplatný. Zkontrolujte prosím konfigurační soubor: %s
 runs.no_matching_online_runner_helper=Žádný odpovídající online runner s popiskem: %s
 runs.no_job_without_needs=Pracovní postup musí obsahovat alespoň jednu úlohu bez závislostí.
+runs.no_job=Pracovní postup musí obsahovat alespoň jednu úlohu
 runs.actor=Aktér
 runs.status=Status
 runs.actors_no_select=Všichni aktéři

From 1761459ebc7eb6d432eced093b4583425a5c5d4b Mon Sep 17 00:00:00 2001
From: Oleksandr Redko <oleksandr.red+github@gmail.com>
Date: Fri, 14 Jun 2024 04:26:33 +0300
Subject: [PATCH 28/46] Refactor to use UnsafeStringToBytes (#31358)

The PR replaces all `goldmark/util.BytesToReadOnlyString` with
`util.UnsafeBytesToString`, `goldmark/util.StringToReadOnlyBytes` with
`util.UnsafeStringToBytes`. This removes one `TODO`.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 modules/markup/markdown/prefixed_id.go       | 6 +++---
 modules/markup/markdown/transform_heading.go | 6 +++---
 modules/references/references.go             | 5 ++---
 modules/system/db.go                         | 7 +++----
 modules/util/sanitize.go                     | 6 ++----
 modules/util/string.go                       | 2 +-
 6 files changed, 14 insertions(+), 18 deletions(-)

diff --git a/modules/markup/markdown/prefixed_id.go b/modules/markup/markdown/prefixed_id.go
index 9c60949202..63d7fadc0a 100644
--- a/modules/markup/markdown/prefixed_id.go
+++ b/modules/markup/markdown/prefixed_id.go
@@ -9,9 +9,9 @@ import (
 
 	"code.gitea.io/gitea/modules/container"
 	"code.gitea.io/gitea/modules/markup/common"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/yuin/goldmark/ast"
-	"github.com/yuin/goldmark/util"
 )
 
 type prefixedIDs struct {
@@ -36,7 +36,7 @@ func (p *prefixedIDs) GenerateWithDefault(value, dft []byte) []byte {
 	if !bytes.HasPrefix(result, []byte("user-content-")) {
 		result = append([]byte("user-content-"), result...)
 	}
-	if p.values.Add(util.BytesToReadOnlyString(result)) {
+	if p.values.Add(util.UnsafeBytesToString(result)) {
 		return result
 	}
 	for i := 1; ; i++ {
@@ -49,7 +49,7 @@ func (p *prefixedIDs) GenerateWithDefault(value, dft []byte) []byte {
 
 // Put puts a given element id to the used ids table.
 func (p *prefixedIDs) Put(value []byte) {
-	p.values.Add(util.BytesToReadOnlyString(value))
+	p.values.Add(util.UnsafeBytesToString(value))
 }
 
 func newPrefixedIDs() *prefixedIDs {
diff --git a/modules/markup/markdown/transform_heading.go b/modules/markup/markdown/transform_heading.go
index 6f38abfad9..6d48f34d93 100644
--- a/modules/markup/markdown/transform_heading.go
+++ b/modules/markup/markdown/transform_heading.go
@@ -7,10 +7,10 @@ import (
 	"fmt"
 
 	"code.gitea.io/gitea/modules/markup"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/yuin/goldmark/ast"
 	"github.com/yuin/goldmark/text"
-	"github.com/yuin/goldmark/util"
 )
 
 func (g *ASTTransformer) transformHeading(_ *markup.RenderContext, v *ast.Heading, reader text.Reader, tocList *[]markup.Header) {
@@ -21,11 +21,11 @@ func (g *ASTTransformer) transformHeading(_ *markup.RenderContext, v *ast.Headin
 	}
 	txt := v.Text(reader.Source())
 	header := markup.Header{
-		Text:  util.BytesToReadOnlyString(txt),
+		Text:  util.UnsafeBytesToString(txt),
 		Level: v.Level,
 	}
 	if id, found := v.AttributeString("id"); found {
-		header.ID = util.BytesToReadOnlyString(id.([]byte))
+		header.ID = util.UnsafeBytesToString(id.([]byte))
 	}
 	*tocList = append(*tocList, header)
 	g.applyElementDir(v)
diff --git a/modules/references/references.go b/modules/references/references.go
index 1b656ed4cb..2889430bcf 100644
--- a/modules/references/references.go
+++ b/modules/references/references.go
@@ -14,8 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup/mdstripper"
 	"code.gitea.io/gitea/modules/setting"
-
-	"github.com/yuin/goldmark/util"
+	"code.gitea.io/gitea/modules/util"
 )
 
 var (
@@ -341,7 +340,7 @@ func FindRenderizableReferenceNumeric(content string, prOnly, crossLinkOnly bool
 			return false, nil
 		}
 	}
-	r := getCrossReference(util.StringToReadOnlyBytes(content), match[2], match[3], false, prOnly)
+	r := getCrossReference(util.UnsafeStringToBytes(content), match[2], match[3], false, prOnly)
 	if r == nil {
 		return false, nil
 	}
diff --git a/modules/system/db.go b/modules/system/db.go
index 05e9de0ae8..17178283d9 100644
--- a/modules/system/db.go
+++ b/modules/system/db.go
@@ -8,8 +8,7 @@ import (
 
 	"code.gitea.io/gitea/models/system"
 	"code.gitea.io/gitea/modules/json"
-
-	"github.com/yuin/goldmark/util"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // DBStore can be used to store app state items in local filesystem
@@ -24,7 +23,7 @@ func (f *DBStore) Get(ctx context.Context, item StateItem) error {
 	if content == "" {
 		return nil
 	}
-	return json.Unmarshal(util.StringToReadOnlyBytes(content), item)
+	return json.Unmarshal(util.UnsafeStringToBytes(content), item)
 }
 
 // Set saves the state item
@@ -33,5 +32,5 @@ func (f *DBStore) Set(ctx context.Context, item StateItem) error {
 	if err != nil {
 		return err
 	}
-	return system.SaveAppStateContent(ctx, item.Name(), util.BytesToReadOnlyString(b))
+	return system.SaveAppStateContent(ctx, item.Name(), util.UnsafeBytesToString(b))
 }
diff --git a/modules/util/sanitize.go b/modules/util/sanitize.go
index f1ea2574f1..0dd8b342a2 100644
--- a/modules/util/sanitize.go
+++ b/modules/util/sanitize.go
@@ -6,8 +6,6 @@ package util
 import (
 	"bytes"
 	"unicode"
-
-	"github.com/yuin/goldmark/util"
 )
 
 type sanitizedError struct {
@@ -33,7 +31,7 @@ var schemeSep = []byte("://")
 
 // SanitizeCredentialURLs remove all credentials in URLs (starting with "scheme://") for the input string: "https://user:pass@domain.com" => "https://sanitized-credential@domain.com"
 func SanitizeCredentialURLs(s string) string {
-	bs := util.StringToReadOnlyBytes(s)
+	bs := UnsafeStringToBytes(s)
 	schemeSepPos := bytes.Index(bs, schemeSep)
 	if schemeSepPos == -1 || bytes.IndexByte(bs[schemeSepPos:], '@') == -1 {
 		return s // fast return if there is no URL scheme or no userinfo
@@ -70,5 +68,5 @@ func SanitizeCredentialURLs(s string) string {
 		schemeSepPos = bytes.Index(bs, schemeSep)
 	}
 	out = append(out, bs...)
-	return util.BytesToReadOnlyString(out)
+	return UnsafeBytesToString(out)
 }
diff --git a/modules/util/string.go b/modules/util/string.go
index 2cf44d29b1..cf50f591c6 100644
--- a/modules/util/string.go
+++ b/modules/util/string.go
@@ -87,11 +87,11 @@ func ToSnakeCase(input string) string {
 }
 
 // UnsafeBytesToString uses Go's unsafe package to convert a byte slice to a string.
-// TODO: replace all "goldmark/util.BytesToReadOnlyString" with this official approach
 func UnsafeBytesToString(b []byte) string {
 	return unsafe.String(unsafe.SliceData(b), len(b))
 }
 
+// UnsafeStringToBytes uses Go's unsafe package to convert a string to a byte slice.
 func UnsafeStringToBytes(s string) []byte {
 	return unsafe.Slice(unsafe.StringData(s), len(s))
 }

From e4abaff7ffbbc5acd3aa668a9c458fbdf76f9573 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Fri, 14 Jun 2024 10:31:07 +0800
Subject: [PATCH 29/46] Fix bug filtering issues which have no project (#31337)

Fix #31327
This is a quick patch to fix the bug.
Some parameters are using 0, some are using -1. I think it needs a
refactor to keep consistent. But that will be another PR.
---
 modules/indexer/issues/dboptions.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/modules/indexer/issues/dboptions.go b/modules/indexer/issues/dboptions.go
index d9cf9b5e3b..50916024af 100644
--- a/modules/indexer/issues/dboptions.go
+++ b/modules/indexer/issues/dboptions.go
@@ -38,6 +38,12 @@ func ToSearchOptions(keyword string, opts *issues_model.IssuesOptions) *SearchOp
 		searchOpt.MilestoneIDs = opts.MilestoneIDs
 	}
 
+	if opts.ProjectID > 0 {
+		searchOpt.ProjectID = optional.Some(opts.ProjectID)
+	} else if opts.ProjectID == -1 { // FIXME: this is inconsistent from other places
+		searchOpt.ProjectID = optional.Some[int64](0) // Those issues with no project(projectid==0)
+	}
+
 	// See the comment of issues_model.SearchOptions for the reason why we need to convert
 	convertID := func(id int64) optional.Option[int64] {
 		if id > 0 {
@@ -49,7 +55,6 @@ func ToSearchOptions(keyword string, opts *issues_model.IssuesOptions) *SearchOp
 		return nil
 	}
 
-	searchOpt.ProjectID = convertID(opts.ProjectID)
 	searchOpt.ProjectColumnID = convertID(opts.ProjectColumnID)
 	searchOpt.PosterID = convertID(opts.PosterID)
 	searchOpt.AssigneeID = convertID(opts.AssigneeID)

From fa82a8af12ece9eaf78a0cf9d9330adb60c01724 Mon Sep 17 00:00:00 2001
From: Lunny Xiao <xiaolunwen@gmail.com>
Date: Fri, 14 Jun 2024 11:17:05 +0800
Subject: [PATCH 30/46] Have new announcement about docs contributions (#31364)

According to the maintainers' discussion and voting. We decide to move
docs to https://gitea.com/gitea/docs . Add some hints on this repository
to not make contributors confusing.
---
 .github/pull_request_template.md | 11 ++++++-----
 CONTRIBUTING.md                  |  3 ++-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index b752abb794..b7594a1ba7 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,9 +1,10 @@
-<!-- start tips --> 
+<!-- start tips -->
 Please check the following:
 1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for backports.
 2. Make sure you have read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md .
-3. Describe what your pull request does and which issue you're targeting (if any).
-4. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
-5. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
-6. Delete all these tips before posting.
+3. For documentations contribution, please go to https://gitea.com/gitea/docs
+4. Describe what your pull request does and which issue you're targeting (if any).
+5. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
+6. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
+7. Delete all these tips before posting.
 <!-- end tips -->
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 04c06ffd14..60146276db 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -358,7 +358,8 @@ $REWRITTEN_PR_SUMMARY
 
 ## Documentation
 
-If you add a new feature or change an existing aspect of Gitea, the documentation for that feature must be created or updated in the same PR.
+If you add a new feature or change an existing aspect of Gitea, the documentation for that feature must be created or updated in another PR at [https://gitea.com/gitea/docs](https://gitea.com/gitea/docs).
+**The docs directory on main repository will be removed at some time. We will have a yaml file to store configuration file's meta data. After that completed, configuration documentation should be in the main repository.**
 
 ## API v1
 

From 4e7b067a7fdfb3e2c8dfdf87475e3938051fd400 Mon Sep 17 00:00:00 2001
From: KN4CK3R <admin@oldschoolhack.me>
Date: Fri, 14 Jun 2024 06:45:52 +0200
Subject: [PATCH 31/46] Extract and display readme and comments for Composer
 packages (#30927)

Related #30075

CC @thojo0

Example with rendered readme:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/3516fef5-2631-40fd-8841-5d9894ec8904)
---
 modules/packages/composer/metadata.go      | 44 ++++++++++++++-
 modules/packages/composer/metadata_test.go | 62 +++++++++++++++-------
 templates/package/content/composer.tmpl    | 10 ++--
 3 files changed, 90 insertions(+), 26 deletions(-)

diff --git a/modules/packages/composer/metadata.go b/modules/packages/composer/metadata.go
index 1d0f025648..2c2e9ebf27 100644
--- a/modules/packages/composer/metadata.go
+++ b/modules/packages/composer/metadata.go
@@ -6,6 +6,7 @@ package composer
 import (
 	"archive/zip"
 	"io"
+	"path"
 	"regexp"
 	"strings"
 
@@ -36,10 +37,14 @@ type Package struct {
 	Metadata *Metadata
 }
 
+// https://getcomposer.org/doc/04-schema.md
+
 // Metadata represents the metadata of a Composer package
 type Metadata struct {
 	Description string            `json:"description,omitempty"`
+	Readme      string            `json:"readme,omitempty"`
 	Keywords    []string          `json:"keywords,omitempty"`
+	Comments    Comments          `json:"_comments,omitempty"`
 	Homepage    string            `json:"homepage,omitempty"`
 	License     Licenses          `json:"license,omitempty"`
 	Authors     []Author          `json:"authors,omitempty"`
@@ -74,6 +79,28 @@ func (l *Licenses) UnmarshalJSON(data []byte) error {
 	return nil
 }
 
+// Comments represents the comments of a Composer package
+type Comments []string
+
+// UnmarshalJSON reads from a string or array
+func (c *Comments) UnmarshalJSON(data []byte) error {
+	switch data[0] {
+	case '"':
+		var value string
+		if err := json.Unmarshal(data, &value); err != nil {
+			return err
+		}
+		*c = Comments{value}
+	case '[':
+		values := make([]string, 0, 5)
+		if err := json.Unmarshal(data, &values); err != nil {
+			return err
+		}
+		*c = Comments(values)
+	}
+	return nil
+}
+
 // Author represents an author
 type Author struct {
 	Name     string `json:"name,omitempty"`
@@ -101,14 +128,14 @@ func ParsePackage(r io.ReaderAt, size int64) (*Package, error) {
 			}
 			defer f.Close()
 
-			return ParseComposerFile(f)
+			return ParseComposerFile(archive, path.Dir(file.Name), f)
 		}
 	}
 	return nil, ErrMissingComposerFile
 }
 
 // ParseComposerFile parses a composer.json file to retrieve the metadata of a Composer package
-func ParseComposerFile(r io.Reader) (*Package, error) {
+func ParseComposerFile(archive *zip.Reader, pathPrefix string, r io.Reader) (*Package, error) {
 	var cj struct {
 		Name    string `json:"name"`
 		Version string `json:"version"`
@@ -137,6 +164,19 @@ func ParseComposerFile(r io.Reader) (*Package, error) {
 		cj.Type = "library"
 	}
 
+	if cj.Readme == "" {
+		cj.Readme = "README.md"
+	}
+	f, err := archive.Open(path.Join(pathPrefix, cj.Readme))
+	if err == nil {
+		// 10kb limit for readme content
+		buf, _ := io.ReadAll(io.LimitReader(f, 10*1024))
+		cj.Readme = string(buf)
+		_ = f.Close()
+	} else {
+		cj.Readme = ""
+	}
+
 	return &Package{
 		Name:     cj.Name,
 		Version:  cj.Version,
diff --git a/modules/packages/composer/metadata_test.go b/modules/packages/composer/metadata_test.go
index a0e1a77a6e..a5e317daf1 100644
--- a/modules/packages/composer/metadata_test.go
+++ b/modules/packages/composer/metadata_test.go
@@ -17,6 +17,8 @@ import (
 const (
 	name        = "gitea/composer-package"
 	description = "Package Description"
+	readme      = "Package Readme"
+	comments    = "Package Comment"
 	packageType = "composer-plugin"
 	author      = "Gitea Authors"
 	email       = "no.reply@gitea.io"
@@ -41,7 +43,8 @@ const composerContent = `{
     },
     "require": {
         "php": ">=7.2 || ^8.0"
-    }
+    },
+    "_comments": "` + comments + `"
 }`
 
 func TestLicenseUnmarshal(t *testing.T) {
@@ -54,18 +57,30 @@ func TestLicenseUnmarshal(t *testing.T) {
 	assert.Equal(t, "MIT", l[0])
 }
 
+func TestCommentsUnmarshal(t *testing.T) {
+	var c Comments
+	assert.NoError(t, json.NewDecoder(strings.NewReader(`["comment"]`)).Decode(&c))
+	assert.Len(t, c, 1)
+	assert.Equal(t, "comment", c[0])
+	assert.NoError(t, json.NewDecoder(strings.NewReader(`"comment"`)).Decode(&c))
+	assert.Len(t, c, 1)
+	assert.Equal(t, "comment", c[0])
+}
+
 func TestParsePackage(t *testing.T) {
-	createArchive := func(name, content string) []byte {
+	createArchive := func(files map[string]string) []byte {
 		var buf bytes.Buffer
 		archive := zip.NewWriter(&buf)
-		w, _ := archive.Create(name)
-		w.Write([]byte(content))
+		for name, content := range files {
+			w, _ := archive.Create(name)
+			w.Write([]byte(content))
+		}
 		archive.Close()
 		return buf.Bytes()
 	}
 
 	t.Run("MissingComposerFile", func(t *testing.T) {
-		data := createArchive("dummy.txt", "")
+		data := createArchive(map[string]string{"dummy.txt": ""})
 
 		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
 		assert.Nil(t, cp)
@@ -73,7 +88,7 @@ func TestParsePackage(t *testing.T) {
 	})
 
 	t.Run("MissingComposerFileInRoot", func(t *testing.T) {
-		data := createArchive("sub/sub/composer.json", "")
+		data := createArchive(map[string]string{"sub/sub/composer.json": ""})
 
 		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
 		assert.Nil(t, cp)
@@ -81,43 +96,52 @@ func TestParsePackage(t *testing.T) {
 	})
 
 	t.Run("InvalidComposerFile", func(t *testing.T) {
-		data := createArchive("composer.json", "")
+		data := createArchive(map[string]string{"composer.json": ""})
 
 		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
 		assert.Nil(t, cp)
 		assert.Error(t, err)
 	})
 
-	t.Run("Valid", func(t *testing.T) {
-		data := createArchive("composer.json", composerContent)
+	t.Run("InvalidPackageName", func(t *testing.T) {
+		data := createArchive(map[string]string{"composer.json": "{}"})
 
 		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
-		assert.NoError(t, err)
-		assert.NotNil(t, cp)
-	})
-}
-
-func TestParseComposerFile(t *testing.T) {
-	t.Run("InvalidPackageName", func(t *testing.T) {
-		cp, err := ParseComposerFile(strings.NewReader(`{}`))
 		assert.Nil(t, cp)
 		assert.ErrorIs(t, err, ErrInvalidName)
 	})
 
 	t.Run("InvalidPackageVersion", func(t *testing.T) {
-		cp, err := ParseComposerFile(strings.NewReader(`{"name": "gitea/composer-package", "version": "1.a.3"}`))
+		data := createArchive(map[string]string{"composer.json": `{"name": "gitea/composer-package", "version": "1.a.3"}`})
+
+		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
 		assert.Nil(t, cp)
 		assert.ErrorIs(t, err, ErrInvalidVersion)
 	})
 
+	t.Run("InvalidReadmePath", func(t *testing.T) {
+		data := createArchive(map[string]string{"composer.json": `{"name": "gitea/composer-package", "readme": "sub/README.md"}`})
+
+		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
+		assert.NoError(t, err)
+		assert.NotNil(t, cp)
+
+		assert.Empty(t, cp.Metadata.Readme)
+	})
+
 	t.Run("Valid", func(t *testing.T) {
-		cp, err := ParseComposerFile(strings.NewReader(composerContent))
+		data := createArchive(map[string]string{"composer.json": composerContent, "README.md": readme})
+
+		cp, err := ParsePackage(bytes.NewReader(data), int64(len(data)))
 		assert.NoError(t, err)
 		assert.NotNil(t, cp)
 
 		assert.Equal(t, name, cp.Name)
 		assert.Empty(t, cp.Version)
 		assert.Equal(t, description, cp.Metadata.Description)
+		assert.Equal(t, readme, cp.Metadata.Readme)
+		assert.Len(t, cp.Metadata.Comments, 1)
+		assert.Equal(t, comments, cp.Metadata.Comments[0])
 		assert.Len(t, cp.Metadata.Authors, 1)
 		assert.Equal(t, author, cp.Metadata.Authors[0].Name)
 		assert.Equal(t, email, cp.Metadata.Authors[0].Email)
diff --git a/templates/package/content/composer.tmpl b/templates/package/content/composer.tmpl
index c2dc6345c3..8d48e6c95d 100644
--- a/templates/package/content/composer.tmpl
+++ b/templates/package/content/composer.tmpl
@@ -22,11 +22,11 @@
 		</div>
 	</div>
 
-	{{if .PackageDescriptor.Metadata.Description}}
+	{{if or .PackageDescriptor.Metadata.Description .PackageDescriptor.Metadata.Comments}}
 		<h4 class="ui top attached header">{{ctx.Locale.Tr "packages.about"}}</h4>
-		<div class="ui attached segment">
-			{{.PackageDescriptor.Metadata.Description}}
-		</div>
+		{{if .PackageDescriptor.Metadata.Description}}<div class="ui attached segment">{{.PackageDescriptor.Metadata.Description}}</div>{{end}}
+		{{if .PackageDescriptor.Metadata.Readme}}<div class="ui attached segment markup markdown">{{RenderMarkdownToHtml $.Context .PackageDescriptor.Metadata.Readme}}</div>{{end}}
+		{{if .PackageDescriptor.Metadata.Comments}}<div class="ui attached segment">{{StringUtils.Join .PackageDescriptor.Metadata.Comments " "}}</div>{{end}}
 	{{end}}
 
 	{{if or .PackageDescriptor.Metadata.Require .PackageDescriptor.Metadata.RequireDev}}
@@ -39,7 +39,7 @@
 		</div>
 	{{end}}
 
-	{{if or .PackageDescriptor.Metadata.Keywords}}
+	{{if .PackageDescriptor.Metadata.Keywords}}
 		<h4 class="ui top attached header">{{ctx.Locale.Tr "packages.keywords"}}</h4>
 		<div class="ui attached segment">
 			{{range .PackageDescriptor.Metadata.Keywords}}

From d4e4226c3cbfa62a6adf15f4466747468eb208c7 Mon Sep 17 00:00:00 2001
From: mzroot <minoga_dot@mail.ru>
Date: Fri, 14 Jun 2024 19:56:10 +0300
Subject: [PATCH 32/46] Add tag protection via rest api #17862 (#31295)

Add tag protection manage via rest API.

---------

Co-authored-by: Alexander Kogay <kogay.a@citilink.ru>
Co-authored-by: Giteabot <teabot@gitea.io>
---
 models/git/protected_tag.go       |  13 ++
 modules/structs/repo_tag.go       |  28 +++
 routers/api/v1/api.go             |   9 +
 routers/api/v1/repo/tag.go        | 350 ++++++++++++++++++++++++++++++
 routers/api/v1/swagger/options.go |   6 +
 routers/api/v1/swagger/repo.go    |  14 ++
 services/convert/convert.go       |  26 +++
 templates/swagger/v1_json.tmpl    | 332 ++++++++++++++++++++++++++++
 8 files changed, 778 insertions(+)

diff --git a/models/git/protected_tag.go b/models/git/protected_tag.go
index 8a05045651..9a6646c742 100644
--- a/models/git/protected_tag.go
+++ b/models/git/protected_tag.go
@@ -110,6 +110,19 @@ func GetProtectedTagByID(ctx context.Context, id int64) (*ProtectedTag, error) {
 	return tag, nil
 }
 
+// GetProtectedTagByNamePattern gets protected tag by name_pattern
+func GetProtectedTagByNamePattern(ctx context.Context, repoID int64, pattern string) (*ProtectedTag, error) {
+	tag := &ProtectedTag{NamePattern: pattern, RepoID: repoID}
+	has, err := db.GetEngine(ctx).Get(tag)
+	if err != nil {
+		return nil, err
+	}
+	if !has {
+		return nil, nil
+	}
+	return tag, nil
+}
+
 // IsUserAllowedToControlTag checks if a user can control the specific tag.
 // It returns true if the tag name is not protected or the user is allowed to control it.
 func IsUserAllowedToControlTag(ctx context.Context, tags []*ProtectedTag, tagName string, userID int64) (bool, error) {
diff --git a/modules/structs/repo_tag.go b/modules/structs/repo_tag.go
index 4a7d895288..5722513f4f 100644
--- a/modules/structs/repo_tag.go
+++ b/modules/structs/repo_tag.go
@@ -3,6 +3,8 @@
 
 package structs
 
+import "time"
+
 // Tag represents a repository tag
 type Tag struct {
 	Name       string      `json:"name"`
@@ -38,3 +40,29 @@ type CreateTagOption struct {
 	Message string `json:"message"`
 	Target  string `json:"target"`
 }
+
+// TagProtection represents a tag protection
+type TagProtection struct {
+	ID                 int64    `json:"id"`
+	NamePattern        string   `json:"name_pattern"`
+	WhitelistUsernames []string `json:"whitelist_usernames"`
+	WhitelistTeams     []string `json:"whitelist_teams"`
+	// swagger:strfmt date-time
+	Created time.Time `json:"created_at"`
+	// swagger:strfmt date-time
+	Updated time.Time `json:"updated_at"`
+}
+
+// CreateTagProtectionOption options for creating a tag protection
+type CreateTagProtectionOption struct {
+	NamePattern        string   `json:"name_pattern"`
+	WhitelistUsernames []string `json:"whitelist_usernames"`
+	WhitelistTeams     []string `json:"whitelist_teams"`
+}
+
+// EditTagProtectionOption options for editing a tag protection
+type EditTagProtectionOption struct {
+	NamePattern        *string  `json:"name_pattern"`
+	WhitelistUsernames []string `json:"whitelist_usernames"`
+	WhitelistTeams     []string `json:"whitelist_teams"`
+}
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index 74062c44ac..5363489939 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -1168,6 +1168,15 @@ func Routes() *web.Route {
 					m.Post("", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, bind(api.CreateTagOption{}), repo.CreateTag)
 					m.Delete("/*", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, repo.DeleteTag)
 				}, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo(true))
+				m.Group("/tag_protections", func() {
+					m.Combo("").Get(repo.ListTagProtection).
+						Post(bind(api.CreateTagProtectionOption{}), mustNotBeArchived, repo.CreateTagProtection)
+					m.Group("/{id}", func() {
+						m.Combo("").Get(repo.GetTagProtection).
+							Patch(bind(api.EditTagProtectionOption{}), mustNotBeArchived, repo.EditTagProtection).
+							Delete(repo.DeleteTagProtection)
+					})
+				}, reqToken(), reqAdmin())
 				m.Group("/actions", func() {
 					m.Get("/tasks", repo.ListActionTasks)
 				}, reqRepoReader(unit.TypeActions), context.ReferencesGitRepo(true))
diff --git a/routers/api/v1/repo/tag.go b/routers/api/v1/repo/tag.go
index 8577a0e896..f72034950f 100644
--- a/routers/api/v1/repo/tag.go
+++ b/routers/api/v1/repo/tag.go
@@ -7,9 +7,13 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
+	"strings"
 
 	"code.gitea.io/gitea/models"
+	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/models/organization"
 	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
 	api "code.gitea.io/gitea/modules/structs"
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/api/v1/utils"
@@ -287,3 +291,349 @@ func DeleteTag(ctx *context.APIContext) {
 
 	ctx.Status(http.StatusNoContent)
 }
+
+// ListTagProtection lists tag protections for a repo
+func ListTagProtection(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/tag_protections repository repoListTagProtection
+	// ---
+	// summary: List tag protections for a repository
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/TagProtectionList"
+
+	repo := ctx.Repo.Repository
+	pts, err := git_model.GetProtectedTags(ctx, repo.ID)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTags", err)
+		return
+	}
+	apiPts := make([]*api.TagProtection, len(pts))
+	for i := range pts {
+		apiPts[i] = convert.ToTagProtection(ctx, pts[i], repo)
+	}
+
+	ctx.JSON(http.StatusOK, apiPts)
+}
+
+// GetTagProtection gets a tag protection
+func GetTagProtection(ctx *context.APIContext) {
+	// swagger:operation GET /repos/{owner}/{repo}/tag_protections/{id} repository repoGetTagProtection
+	// ---
+	// summary: Get a specific tag protection for the repository
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: id
+	//   in: path
+	//   description: id of the tag protect to get
+	//   type: integer
+	//   required: true
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/TagProtection"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	repo := ctx.Repo.Repository
+	id := ctx.ParamsInt64(":id")
+	pt, err := git_model.GetProtectedTagByID(ctx, id)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTagByID", err)
+		return
+	}
+
+	if pt == nil || repo.ID != pt.RepoID {
+		ctx.NotFound()
+		return
+	}
+
+	ctx.JSON(http.StatusOK, convert.ToTagProtection(ctx, pt, repo))
+}
+
+// CreateTagProtection creates a tag protection for a repo
+func CreateTagProtection(ctx *context.APIContext) {
+	// swagger:operation POST /repos/{owner}/{repo}/tag_protections repository repoCreateTagProtection
+	// ---
+	// summary: Create a tag protections for a repository
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: body
+	//   in: body
+	//   schema:
+	//     "$ref": "#/definitions/CreateTagProtectionOption"
+	// responses:
+	//   "201":
+	//     "$ref": "#/responses/TagProtection"
+	//   "403":
+	//     "$ref": "#/responses/forbidden"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	//   "422":
+	//     "$ref": "#/responses/validationError"
+	//   "423":
+	//     "$ref": "#/responses/repoArchivedError"
+
+	form := web.GetForm(ctx).(*api.CreateTagProtectionOption)
+	repo := ctx.Repo.Repository
+
+	namePattern := strings.TrimSpace(form.NamePattern)
+	if namePattern == "" {
+		ctx.Error(http.StatusBadRequest, "name_pattern are empty", "name_pattern are empty")
+		return
+	}
+
+	if len(form.WhitelistUsernames) == 0 && len(form.WhitelistTeams) == 0 {
+		ctx.Error(http.StatusBadRequest, "both whitelist_usernames and whitelist_teams are empty", "both whitelist_usernames and whitelist_teams are empty")
+		return
+	}
+
+	pt, err := git_model.GetProtectedTagByNamePattern(ctx, repo.ID, namePattern)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectTagOfRepo", err)
+		return
+	} else if pt != nil {
+		ctx.Error(http.StatusForbidden, "Create tag protection", "Tag protection already exist")
+		return
+	}
+
+	var whitelistUsers, whitelistTeams []int64
+	whitelistUsers, err = user_model.GetUserIDsByNames(ctx, form.WhitelistUsernames, false)
+	if err != nil {
+		if user_model.IsErrUserNotExist(err) {
+			ctx.Error(http.StatusUnprocessableEntity, "User does not exist", err)
+			return
+		}
+		ctx.Error(http.StatusInternalServerError, "GetUserIDsByNames", err)
+		return
+	}
+
+	if repo.Owner.IsOrganization() {
+		whitelistTeams, err = organization.GetTeamIDsByNames(ctx, repo.OwnerID, form.WhitelistTeams, false)
+		if err != nil {
+			if organization.IsErrTeamNotExist(err) {
+				ctx.Error(http.StatusUnprocessableEntity, "Team does not exist", err)
+				return
+			}
+			ctx.Error(http.StatusInternalServerError, "GetTeamIDsByNames", err)
+			return
+		}
+	}
+
+	protectTag := &git_model.ProtectedTag{
+		RepoID:           repo.ID,
+		NamePattern:      strings.TrimSpace(namePattern),
+		AllowlistUserIDs: whitelistUsers,
+		AllowlistTeamIDs: whitelistTeams,
+	}
+	if err := git_model.InsertProtectedTag(ctx, protectTag); err != nil {
+		ctx.Error(http.StatusInternalServerError, "InsertProtectedTag", err)
+		return
+	}
+
+	pt, err = git_model.GetProtectedTagByID(ctx, protectTag.ID)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTagByID", err)
+		return
+	}
+
+	if pt == nil || pt.RepoID != repo.ID {
+		ctx.Error(http.StatusInternalServerError, "New tag protection not found", err)
+		return
+	}
+
+	ctx.JSON(http.StatusCreated, convert.ToTagProtection(ctx, pt, repo))
+}
+
+// EditTagProtection edits a tag protection for a repo
+func EditTagProtection(ctx *context.APIContext) {
+	// swagger:operation PATCH /repos/{owner}/{repo}/tag_protections/{id} repository repoEditTagProtection
+	// ---
+	// summary: Edit a tag protections for a repository. Only fields that are set will be changed
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: id
+	//   in: path
+	//   description: id of protected tag
+	//   type: integer
+	//   required: true
+	// - name: body
+	//   in: body
+	//   schema:
+	//     "$ref": "#/definitions/EditTagProtectionOption"
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/TagProtection"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	//   "422":
+	//     "$ref": "#/responses/validationError"
+	//   "423":
+	//     "$ref": "#/responses/repoArchivedError"
+
+	repo := ctx.Repo.Repository
+	form := web.GetForm(ctx).(*api.EditTagProtectionOption)
+
+	id := ctx.ParamsInt64(":id")
+	pt, err := git_model.GetProtectedTagByID(ctx, id)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTagByID", err)
+		return
+	}
+
+	if pt == nil || pt.RepoID != repo.ID {
+		ctx.NotFound()
+		return
+	}
+
+	if form.NamePattern != nil {
+		pt.NamePattern = *form.NamePattern
+	}
+
+	var whitelistUsers, whitelistTeams []int64
+	if form.WhitelistTeams != nil {
+		if repo.Owner.IsOrganization() {
+			whitelistTeams, err = organization.GetTeamIDsByNames(ctx, repo.OwnerID, form.WhitelistTeams, false)
+			if err != nil {
+				if organization.IsErrTeamNotExist(err) {
+					ctx.Error(http.StatusUnprocessableEntity, "Team does not exist", err)
+					return
+				}
+				ctx.Error(http.StatusInternalServerError, "GetTeamIDsByNames", err)
+				return
+			}
+		}
+		pt.AllowlistTeamIDs = whitelistTeams
+	}
+
+	if form.WhitelistUsernames != nil {
+		whitelistUsers, err = user_model.GetUserIDsByNames(ctx, form.WhitelistUsernames, false)
+		if err != nil {
+			if user_model.IsErrUserNotExist(err) {
+				ctx.Error(http.StatusUnprocessableEntity, "User does not exist", err)
+				return
+			}
+			ctx.Error(http.StatusInternalServerError, "GetUserIDsByNames", err)
+			return
+		}
+		pt.AllowlistUserIDs = whitelistUsers
+	}
+
+	err = git_model.UpdateProtectedTag(ctx, pt)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "UpdateProtectedTag", err)
+		return
+	}
+
+	pt, err = git_model.GetProtectedTagByID(ctx, id)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTagByID", err)
+		return
+	}
+
+	if pt == nil || pt.RepoID != repo.ID {
+		ctx.Error(http.StatusInternalServerError, "New tag protection not found", "New tag protection not found")
+		return
+	}
+
+	ctx.JSON(http.StatusOK, convert.ToTagProtection(ctx, pt, repo))
+}
+
+// DeleteTagProtection
+func DeleteTagProtection(ctx *context.APIContext) {
+	// swagger:operation DELETE /repos/{owner}/{repo}/tag_protections/{id} repository repoDeleteTagProtection
+	// ---
+	// summary: Delete a specific tag protection for the repository
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: owner
+	//   in: path
+	//   description: owner of the repo
+	//   type: string
+	//   required: true
+	// - name: repo
+	//   in: path
+	//   description: name of the repo
+	//   type: string
+	//   required: true
+	// - name: id
+	//   in: path
+	//   description: id of protected tag
+	//   type: integer
+	//   required: true
+	// responses:
+	//   "204":
+	//     "$ref": "#/responses/empty"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	repo := ctx.Repo.Repository
+	id := ctx.ParamsInt64(":id")
+	pt, err := git_model.GetProtectedTagByID(ctx, id)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "GetProtectedTagByID", err)
+		return
+	}
+
+	if pt == nil || pt.RepoID != repo.ID {
+		ctx.NotFound()
+		return
+	}
+
+	err = git_model.DeleteProtectedTag(ctx, pt)
+	if err != nil {
+		ctx.Error(http.StatusInternalServerError, "DeleteProtectedTag", err)
+		return
+	}
+
+	ctx.Status(http.StatusNoContent)
+}
diff --git a/routers/api/v1/swagger/options.go b/routers/api/v1/swagger/options.go
index cd551cbdfa..1de58632d5 100644
--- a/routers/api/v1/swagger/options.go
+++ b/routers/api/v1/swagger/options.go
@@ -170,6 +170,12 @@ type swaggerParameterBodies struct {
 	// in:body
 	CreateTagOption api.CreateTagOption
 
+	// in:body
+	CreateTagProtectionOption api.CreateTagProtectionOption
+
+	// in:body
+	EditTagProtectionOption api.EditTagProtectionOption
+
 	// in:body
 	CreateAccessTokenOption api.CreateAccessTokenOption
 
diff --git a/routers/api/v1/swagger/repo.go b/routers/api/v1/swagger/repo.go
index fcd34a63a9..345835f9a5 100644
--- a/routers/api/v1/swagger/repo.go
+++ b/routers/api/v1/swagger/repo.go
@@ -70,6 +70,20 @@ type swaggerResponseAnnotatedTag struct {
 	Body api.AnnotatedTag `json:"body"`
 }
 
+// TagProtectionList
+// swagger:response TagProtectionList
+type swaggerResponseTagProtectionList struct {
+	// in:body
+	Body []api.TagProtection `json:"body"`
+}
+
+// TagProtection
+// swagger:response TagProtection
+type swaggerResponseTagProtection struct {
+	// in:body
+	Body api.TagProtection `json:"body"`
+}
+
 // Reference
 // swagger:response Reference
 type swaggerResponseReference struct {
diff --git a/services/convert/convert.go b/services/convert/convert.go
index c44179632e..5db33ad85d 100644
--- a/services/convert/convert.go
+++ b/services/convert/convert.go
@@ -408,6 +408,32 @@ func ToAnnotatedTagObject(repo *repo_model.Repository, commit *git.Commit) *api.
 	}
 }
 
+// ToTagProtection convert a git.ProtectedTag to an api.TagProtection
+func ToTagProtection(ctx context.Context, pt *git_model.ProtectedTag, repo *repo_model.Repository) *api.TagProtection {
+	readers, err := access_model.GetRepoReaders(ctx, repo)
+	if err != nil {
+		log.Error("GetRepoReaders: %v", err)
+	}
+
+	whitelistUsernames := getWhitelistEntities(readers, pt.AllowlistUserIDs)
+
+	teamReaders, err := organization.OrgFromUser(repo.Owner).TeamsWithAccessToRepo(ctx, repo.ID, perm.AccessModeRead)
+	if err != nil {
+		log.Error("Repo.Owner.TeamsWithAccessToRepo: %v", err)
+	}
+
+	whitelistTeams := getWhitelistEntities(teamReaders, pt.AllowlistTeamIDs)
+
+	return &api.TagProtection{
+		ID:                 pt.ID,
+		NamePattern:        pt.NamePattern,
+		WhitelistUsernames: whitelistUsernames,
+		WhitelistTeams:     whitelistTeams,
+		Created:            pt.CreatedUnix.AsTime(),
+		Updated:            pt.UpdatedUnix.AsTime(),
+	}
+}
+
 // ToTopicResponse convert from models.Topic to api.TopicResponse
 func ToTopicResponse(topic *repo_model.Topic) *api.TopicResponse {
 	return &api.TopicResponse{
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 09efbd4aa1..ebfdcb6a8f 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13797,6 +13797,233 @@
         }
       }
     },
+    "/repos/{owner}/{repo}/tag_protections": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "List tag protections for a repository",
+        "operationId": "repoListTagProtection",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/TagProtectionList"
+          }
+        }
+      },
+      "post": {
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Create a tag protections for a repository",
+        "operationId": "repoCreateTagProtection",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "schema": {
+              "$ref": "#/definitions/CreateTagProtectionOption"
+            }
+          }
+        ],
+        "responses": {
+          "201": {
+            "$ref": "#/responses/TagProtection"
+          },
+          "403": {
+            "$ref": "#/responses/forbidden"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          },
+          "422": {
+            "$ref": "#/responses/validationError"
+          },
+          "423": {
+            "$ref": "#/responses/repoArchivedError"
+          }
+        }
+      }
+    },
+    "/repos/{owner}/{repo}/tag_protections/{id}": {
+      "get": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Get a specific tag protection for the repository",
+        "operationId": "repoGetTagProtection",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "id of the tag protect to get",
+            "name": "id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/TagProtection"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "delete": {
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Delete a specific tag protection for the repository",
+        "operationId": "repoDeleteTagProtection",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "id of protected tag",
+            "name": "id",
+            "in": "path",
+            "required": true
+          }
+        ],
+        "responses": {
+          "204": {
+            "$ref": "#/responses/empty"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      },
+      "patch": {
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "repository"
+        ],
+        "summary": "Edit a tag protections for a repository. Only fields that are set will be changed",
+        "operationId": "repoEditTagProtection",
+        "parameters": [
+          {
+            "type": "string",
+            "description": "owner of the repo",
+            "name": "owner",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "string",
+            "description": "name of the repo",
+            "name": "repo",
+            "in": "path",
+            "required": true
+          },
+          {
+            "type": "integer",
+            "description": "id of protected tag",
+            "name": "id",
+            "in": "path",
+            "required": true
+          },
+          {
+            "name": "body",
+            "in": "body",
+            "schema": {
+              "$ref": "#/definitions/EditTagProtectionOption"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/responses/TagProtection"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          },
+          "422": {
+            "$ref": "#/responses/validationError"
+          },
+          "423": {
+            "$ref": "#/responses/repoArchivedError"
+          }
+        }
+      }
+    },
     "/repos/{owner}/{repo}/tags": {
       "get": {
         "produces": [
@@ -19954,6 +20181,31 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "CreateTagProtectionOption": {
+      "description": "CreateTagProtectionOption options for creating a tag protection",
+      "type": "object",
+      "properties": {
+        "name_pattern": {
+          "type": "string",
+          "x-go-name": "NamePattern"
+        },
+        "whitelist_teams": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistTeams"
+        },
+        "whitelist_usernames": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistUsernames"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "CreateTeamOption": {
       "description": "CreateTeamOption options for creating a team",
       "type": "object",
@@ -20870,6 +21122,31 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "EditTagProtectionOption": {
+      "description": "EditTagProtectionOption options for editing a tag protection",
+      "type": "object",
+      "properties": {
+        "name_pattern": {
+          "type": "string",
+          "x-go-name": "NamePattern"
+        },
+        "whitelist_teams": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistTeams"
+        },
+        "whitelist_usernames": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistUsernames"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "EditTeamOption": {
       "description": "EditTeamOption options for editing a team",
       "type": "object",
@@ -24024,6 +24301,46 @@
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
     },
+    "TagProtection": {
+      "description": "TagProtection represents a tag protection",
+      "type": "object",
+      "properties": {
+        "created_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Created"
+        },
+        "id": {
+          "type": "integer",
+          "format": "int64",
+          "x-go-name": "ID"
+        },
+        "name_pattern": {
+          "type": "string",
+          "x-go-name": "NamePattern"
+        },
+        "updated_at": {
+          "type": "string",
+          "format": "date-time",
+          "x-go-name": "Updated"
+        },
+        "whitelist_teams": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistTeams"
+        },
+        "whitelist_usernames": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-go-name": "WhitelistUsernames"
+        }
+      },
+      "x-go-package": "code.gitea.io/gitea/modules/structs"
+    },
     "Team": {
       "description": "Team represents a team in an organization",
       "type": "object",
@@ -25635,6 +25952,21 @@
         }
       }
     },
+    "TagProtection": {
+      "description": "TagProtection",
+      "schema": {
+        "$ref": "#/definitions/TagProtection"
+      }
+    },
+    "TagProtectionList": {
+      "description": "TagProtectionList",
+      "schema": {
+        "type": "array",
+        "items": {
+          "$ref": "#/definitions/TagProtection"
+        }
+      }
+    },
     "TasksList": {
       "description": "TasksList",
       "schema": {

From 23147494a789d77cbf187d3ddcca44b772370f26 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Sat, 15 Jun 2024 00:26:00 +0000
Subject: [PATCH 33/46] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_cs-CZ.ini | 7 +++++++
 options/locale/locale_pt-PT.ini | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/options/locale/locale_cs-CZ.ini b/options/locale/locale_cs-CZ.ini
index 4cbac49ddc..10c5a0fc5d 100644
--- a/options/locale/locale_cs-CZ.ini
+++ b/options/locale/locale_cs-CZ.ini
@@ -1238,6 +1238,7 @@ file_view_rendered=Zobrazit vykreslené
 file_view_raw=Zobrazit v surovém stavu
 file_permalink=Trvalý odkaz
 file_too_large=Soubor je příliš velký pro zobrazení.
+file_is_empty=Soubor je prázdný.
 code_preview_line_from_to=Řádky %[1]d do%[2]d v %[3]s
 code_preview_line_in=Řádek %[1]d v %[2]s
 invisible_runes_header=`Tento soubor obsahuje neviditelné znaky Unicode`
@@ -1323,6 +1324,7 @@ editor.file_deleting_no_longer_exists=Odstraňovaný soubor „%s“ již není
 editor.file_changed_while_editing=Obsah souboru byl změněn od doby, kdy jste začaly s úpravou. <a target="_blank" rel="noopener noreferrer" href="%s">Klikněte zde</a>, abyste je zobrazili, nebo <strong>potvrďte změny ještě jednou</strong> pro jejich přepsání.
 editor.file_already_exists=Soubor „%s“ již existuje v tomto repozitáři.
 editor.commit_id_not_matching=ID commitu se neshoduje s ID, když jsi začal/a s úpravami. Odevzdat do záplatové větve a poté sloučit.
+editor.push_out_of_date=Nahrání se zdá být zastaralé.
 editor.commit_empty_file_header=Odevzdat prázdný soubor
 editor.commit_empty_file_text=Soubor, který se chystáte odevzdat, je prázdný. Pokračovat?
 editor.no_changes_to_show=Žádné změny k zobrazení.
@@ -2080,6 +2082,7 @@ settings.mirror_settings.docs.doc_link_title=Jak mohu zrcadlit repozitáře?
 settings.mirror_settings.docs.doc_link_pull_section=sekci "stahovat ze vzdáleného úložiště" v dokumentaci.
 settings.mirror_settings.docs.pulling_remote_title=Stažení ze vzdáleného úložiště
 settings.mirror_settings.mirrored_repository=Zrcadlený repozitář
+settings.mirror_settings.pushed_repository=Odeslaný repozitář
 settings.mirror_settings.direction=Směr
 settings.mirror_settings.direction.pull=Natáhnout
 settings.mirror_settings.direction.push=Nahrát
@@ -3284,6 +3287,7 @@ monitor.queue.name=Název
 monitor.queue.type=Typ
 monitor.queue.exemplar=Typ vzoru
 monitor.queue.numberworkers=Počet workerů
+monitor.queue.activeworkers=Aktivní workery
 monitor.queue.maxnumberworkers=Maximální počet workerů
 monitor.queue.numberinqueue=Číslo ve frontě
 monitor.queue.review_add=Posoudit / přidat workery
@@ -3593,6 +3597,8 @@ status.cancelled=Zrušeno
 status.skipped=Přeskočeno
 status.blocked=Blokováno
 
+runners=Runnery
+runners.runner_manage_panel=Správa runnerů
 runners.new=Vytvořit nový runner
 runners.new_notice=Jak spustit runner
 runners.status=Status
@@ -3619,6 +3625,7 @@ runners.delete_runner_success=Runner byl úspěšně odstraněn
 runners.delete_runner_failed=Odstranění runneru selhalo
 runners.delete_runner_header=Potvrdit odstranění tohoto runneru
 runners.delete_runner_notice=Pokud na tomto runneru běží úloha, bude ukončena a označena jako neúspěšná. Může dojít k přerušení vytváření pracovního postupu.
+runners.none=Žádné runnery nejsou k dispozici
 runners.status.unspecified=Neznámý
 runners.status.idle=Nečinný
 runners.status.active=Aktivní
diff --git a/options/locale/locale_pt-PT.ini b/options/locale/locale_pt-PT.ini
index f444cf6072..bf7bd492f8 100644
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@@ -1238,6 +1238,7 @@ file_view_rendered=Ver resultado processado
 file_view_raw=Ver em bruto
 file_permalink=Ligação permanente
 file_too_large=O ficheiro é demasiado grande para ser apresentado.
+file_is_empty=O ficheiro está vazio.
 code_preview_line_from_to=Linhas %[1]d até %[2]d em %[3]s
 code_preview_line_in=Linha %[1]d em %[2]s
 invisible_runes_header=`Este ficheiro contém caracteres Unicode invisíveis`
@@ -1554,7 +1555,9 @@ issues.no_content=Nenhuma descrição fornecida.
 issues.close=Encerrar questão
 issues.comment_pull_merged_at=cometimento %[1]s integrado em %[2]s %[3]s
 issues.comment_manually_pull_merged_at=cometimento %[1]s integrado manualmente em %[2]s %[3]s
+issues.close_comment_issue=Fechar com comentário
 issues.reopen_issue=Reabrir
+issues.reopen_comment_issue=Reabrir com comentário
 issues.create_comment=Comentar
 issues.comment.blocked_user=Não pode criar ou editar o comentário porque foi bloqueado/a pelo remetente ou pelo/a proprietário/a do repositório.
 issues.closed_at=`encerrou esta questão <a id="%[1]s" href="#%[1]s">%[2]s</a>`

From 84cbb6c4d2ad57dc8816c0320eac061f753b50c1 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sat, 15 Jun 2024 11:43:57 +0800
Subject: [PATCH 34/46] Fix duplicate sub-path for avatars (#31365)

Fix #31361, and add tests

And this PR introduces an undocumented & debug-purpose-only config
option: `USE_SUB_URL_PATH`. It does nothing for end users, it only helps
the development of sub-path related problems.

And also fix #31366

Co-authored-by: @ExplodingDragon
---
 custom/conf/app.example.ini                 |  4 ++
 models/repo/avatar_test.go                  | 28 +++++++++++++
 models/user/avatar.go                       |  6 ++-
 models/user/avatar_test.go                  | 28 +++++++++++++
 modules/httplib/url.go                      | 28 +++++++++----
 modules/httplib/url_test.go                 | 10 ++---
 modules/setting/global.go                   | 18 +++++++++
 modules/setting/server.go                   | 11 +++--
 modules/setting/setting.go                  |  5 ---
 routers/api/packages/container/container.go |  2 +-
 routers/common/middleware.go                | 45 ++++++++++++++++-----
 routers/common/middleware_test.go           |  2 +-
 services/pull/merge.go                      |  3 +-
 13 files changed, 150 insertions(+), 40 deletions(-)
 create mode 100644 models/repo/avatar_test.go
 create mode 100644 models/user/avatar_test.go
 create mode 100644 modules/setting/global.go

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index e619aae729..9196180d81 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -81,6 +81,10 @@ RUN_USER = ; git
 ;; Overwrite the automatically generated public URL. Necessary for proxies and docker.
 ;ROOT_URL = %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/
 ;;
+;; For development purpose only. It makes Gitea handle sub-path ("/sub-path/owner/repo/...") directly when debugging without a reverse proxy.
+;; DO NOT USE IT IN PRODUCTION!!!
+;USE_SUB_URL_PATH = false
+;;
 ;; when STATIC_URL_PREFIX is empty it will follow ROOT_URL
 ;STATIC_URL_PREFIX =
 ;;
diff --git a/models/repo/avatar_test.go b/models/repo/avatar_test.go
new file mode 100644
index 0000000000..fc1f8baeca
--- /dev/null
+++ b/models/repo/avatar_test.go
@@ -0,0 +1,28 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestRepoAvatarLink(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "https://localhost/")()
+	defer test.MockVariableValue(&setting.AppSubURL, "")()
+
+	repo := &Repository{ID: 1, Avatar: "avatar.png"}
+	link := repo.AvatarLink(db.DefaultContext)
+	assert.Equal(t, "https://localhost/repo-avatars/avatar.png", link)
+
+	setting.AppURL = "https://localhost/sub-path/"
+	setting.AppSubURL = "/sub-path"
+	link = repo.AvatarLink(db.DefaultContext)
+	assert.Equal(t, "https://localhost/sub-path/repo-avatars/avatar.png", link)
+}
diff --git a/models/user/avatar.go b/models/user/avatar.go
index 921bc1b1a1..5453c78fc6 100644
--- a/models/user/avatar.go
+++ b/models/user/avatar.go
@@ -89,9 +89,11 @@ func (u *User) AvatarLinkWithSize(ctx context.Context, size int) string {
 	return avatars.GenerateEmailAvatarFastLink(ctx, u.AvatarEmail, size)
 }
 
-// AvatarLink returns the full avatar url with http host. TODO: refactor it to a relative URL, but it is still used in API response at the moment
+// AvatarLink returns the full avatar url with http host.
+// TODO: refactor it to a relative URL, but it is still used in API response at the moment
 func (u *User) AvatarLink(ctx context.Context) string {
-	return httplib.MakeAbsoluteURL(ctx, u.AvatarLinkWithSize(ctx, 0))
+	relLink := u.AvatarLinkWithSize(ctx, 0) // it can't be empty
+	return httplib.MakeAbsoluteURL(ctx, relLink)
 }
 
 // IsUploadAvatarChanged returns true if the current user's avatar would be changed with the provided data
diff --git a/models/user/avatar_test.go b/models/user/avatar_test.go
new file mode 100644
index 0000000000..1078875ee1
--- /dev/null
+++ b/models/user/avatar_test.go
@@ -0,0 +1,28 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package user
+
+import (
+	"testing"
+
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestUserAvatarLink(t *testing.T) {
+	defer test.MockVariableValue(&setting.AppURL, "https://localhost/")()
+	defer test.MockVariableValue(&setting.AppSubURL, "")()
+
+	u := &User{ID: 1, Avatar: "avatar.png"}
+	link := u.AvatarLink(db.DefaultContext)
+	assert.Equal(t, "https://localhost/avatars/avatar.png", link)
+
+	setting.AppURL = "https://localhost/sub-path/"
+	setting.AppSubURL = "/sub-path"
+	link = u.AvatarLink(db.DefaultContext)
+	assert.Equal(t, "https://localhost/sub-path/avatars/avatar.png", link)
+}
diff --git a/modules/httplib/url.go b/modules/httplib/url.go
index 8dc5b71181..219dfe695c 100644
--- a/modules/httplib/url.go
+++ b/modules/httplib/url.go
@@ -57,11 +57,16 @@ func getForwardedHost(req *http.Request) string {
 	return req.Header.Get("X-Forwarded-Host")
 }
 
-// GuessCurrentAppURL tries to guess the current full URL by http headers. It always has a '/' suffix, exactly the same as setting.AppURL
+// GuessCurrentAppURL tries to guess the current full app URL (with sub-path) by http headers. It always has a '/' suffix, exactly the same as setting.AppURL
 func GuessCurrentAppURL(ctx context.Context) string {
+	return GuessCurrentHostURL(ctx) + setting.AppSubURL + "/"
+}
+
+// GuessCurrentHostURL tries to guess the current full host URL (no sub-path) by http headers, there is no trailing slash.
+func GuessCurrentHostURL(ctx context.Context) string {
 	req, ok := ctx.Value(RequestContextKey).(*http.Request)
 	if !ok {
-		return setting.AppURL
+		return strings.TrimSuffix(setting.AppURL, setting.AppSubURL+"/")
 	}
 	// If no scheme provided by reverse proxy, then do not guess the AppURL, use the configured one.
 	// At the moment, if site admin doesn't configure the proxy headers correctly, then Gitea would guess wrong.
@@ -74,20 +79,27 @@ func GuessCurrentAppURL(ctx context.Context) string {
 	// So in the future maybe it should introduce a new config option, to let site admin decide how to guess the AppURL.
 	reqScheme := getRequestScheme(req)
 	if reqScheme == "" {
-		return setting.AppURL
+		return strings.TrimSuffix(setting.AppURL, setting.AppSubURL+"/")
 	}
 	reqHost := getForwardedHost(req)
 	if reqHost == "" {
 		reqHost = req.Host
 	}
-	return reqScheme + "://" + reqHost + setting.AppSubURL + "/"
+	return reqScheme + "://" + reqHost
 }
 
-func MakeAbsoluteURL(ctx context.Context, s string) string {
-	if IsRelativeURL(s) {
-		return GuessCurrentAppURL(ctx) + strings.TrimPrefix(s, "/")
+// MakeAbsoluteURL tries to make a link to an absolute URL:
+// * If link is empty, it returns the current app URL.
+// * If link is absolute, it returns the link.
+// * Otherwise, it returns the current host URL + link, the link itself should have correct sub-path (AppSubURL) if needed.
+func MakeAbsoluteURL(ctx context.Context, link string) string {
+	if link == "" {
+		return GuessCurrentAppURL(ctx)
 	}
-	return s
+	if !IsRelativeURL(link) {
+		return link
+	}
+	return GuessCurrentHostURL(ctx) + "/" + strings.TrimPrefix(link, "/")
 }
 
 func IsCurrentGiteaSiteURL(ctx context.Context, s string) bool {
diff --git a/modules/httplib/url_test.go b/modules/httplib/url_test.go
index 9980cb74e8..28aaee6e12 100644
--- a/modules/httplib/url_test.go
+++ b/modules/httplib/url_test.go
@@ -46,14 +46,14 @@ func TestMakeAbsoluteURL(t *testing.T) {
 
 	ctx := context.Background()
 	assert.Equal(t, "http://cfg-host/sub/", MakeAbsoluteURL(ctx, ""))
-	assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "foo"))
-	assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
+	assert.Equal(t, "http://cfg-host/foo", MakeAbsoluteURL(ctx, "foo"))
+	assert.Equal(t, "http://cfg-host/foo", MakeAbsoluteURL(ctx, "/foo"))
 	assert.Equal(t, "http://other/foo", MakeAbsoluteURL(ctx, "http://other/foo"))
 
 	ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
 		Host: "user-host",
 	})
-	assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
+	assert.Equal(t, "http://cfg-host/foo", MakeAbsoluteURL(ctx, "/foo"))
 
 	ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
 		Host: "user-host",
@@ -61,7 +61,7 @@ func TestMakeAbsoluteURL(t *testing.T) {
 			"X-Forwarded-Host": {"forwarded-host"},
 		},
 	})
-	assert.Equal(t, "http://cfg-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
+	assert.Equal(t, "http://cfg-host/foo", MakeAbsoluteURL(ctx, "/foo"))
 
 	ctx = context.WithValue(ctx, RequestContextKey, &http.Request{
 		Host: "user-host",
@@ -70,7 +70,7 @@ func TestMakeAbsoluteURL(t *testing.T) {
 			"X-Forwarded-Proto": {"https"},
 		},
 	})
-	assert.Equal(t, "https://forwarded-host/sub/foo", MakeAbsoluteURL(ctx, "/foo"))
+	assert.Equal(t, "https://forwarded-host/foo", MakeAbsoluteURL(ctx, "/foo"))
 }
 
 func TestIsCurrentGiteaSiteURL(t *testing.T) {
diff --git a/modules/setting/global.go b/modules/setting/global.go
new file mode 100644
index 0000000000..55dfe485b2
--- /dev/null
+++ b/modules/setting/global.go
@@ -0,0 +1,18 @@
+// Copyright 2024 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package setting
+
+// Global settings
+var (
+	// RunUser is the OS user that Gitea is running as. ini:"RUN_USER"
+	RunUser string
+	// RunMode is the running mode of Gitea, it only accepts two values: "dev" and "prod".
+	// Non-dev values will be replaced by "prod". ini: "RUN_MODE"
+	RunMode string
+	// IsProd is true if RunMode is not "dev"
+	IsProd bool
+
+	// AppName is the Application name, used in the page title. ini: "APP_NAME"
+	AppName string
+)
diff --git a/modules/setting/server.go b/modules/setting/server.go
index 7d6ece2727..d7a71578d4 100644
--- a/modules/setting/server.go
+++ b/modules/setting/server.go
@@ -40,16 +40,16 @@ const (
 	LandingPageLogin         LandingPage = "/user/login"
 )
 
+// Server settings
 var (
-	// AppName is the Application name, used in the page title.
-	// It maps to ini:"APP_NAME"
-	AppName string
 	// AppURL is the Application ROOT_URL. It always has a '/' suffix
 	// It maps to ini:"ROOT_URL"
 	AppURL string
 	// AppSubURL represents the sub-url mounting point for gitea. It is either "" or starts with '/' and ends without '/', such as '/{subpath}'.
 	// This value is empty if site does not have sub-url.
 	AppSubURL string
+	// UseSubURLPath makes Gitea handle requests with sub-path like "/sub-path/owner/repo/...", to make it easier to debug sub-path related problems without a reverse proxy.
+	UseSubURLPath bool
 	// AppDataPath is the default path for storing data.
 	// It maps to ini:"APP_DATA_PATH" in [server] and defaults to AppWorkPath + "/data"
 	AppDataPath string
@@ -59,8 +59,6 @@ var (
 	// AssetVersion holds a opaque value that is used for cache-busting assets
 	AssetVersion string
 
-	// Server settings
-
 	Protocol                   Scheme
 	UseProxyProtocol           bool // `ini:"USE_PROXY_PROTOCOL"`
 	ProxyProtocolTLSBridging   bool //`ini:"PROXY_PROTOCOL_TLS_BRIDGING"`
@@ -275,9 +273,10 @@ func loadServerFrom(rootCfg ConfigProvider) {
 	// This should be TrimRight to ensure that there is only a single '/' at the end of AppURL.
 	AppURL = strings.TrimRight(appURL.String(), "/") + "/"
 
-	// Suburl should start with '/' and end without '/', such as '/{subpath}'.
+	// AppSubURL should start with '/' and end without '/', such as '/{subpath}'.
 	// This value is empty if site does not have sub-url.
 	AppSubURL = strings.TrimSuffix(appURL.Path, "/")
+	UseSubURLPath = sec.Key("USE_SUB_URL_PATH").MustBool(false)
 	StaticURLPrefix = strings.TrimSuffix(sec.Key("STATIC_URL_PREFIX").MustString(AppSubURL), "/")
 
 	// Check if Domain differs from AppURL domain than update it to AppURL's domain
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index f056fbfc6c..b4f913cdae 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -25,12 +25,7 @@ var (
 	// AppStartTime store time gitea has started
 	AppStartTime time.Time
 
-	// Other global setting objects
-
 	CfgProvider ConfigProvider
-	RunMode     string
-	RunUser     string
-	IsProd      bool
 	IsWindows   bool
 
 	// IsInTesting indicates whether the testing is running. A lot of unreliable code causes a lot of nonsense error logs during testing
diff --git a/routers/api/packages/container/container.go b/routers/api/packages/container/container.go
index b0c4458d51..5007037bee 100644
--- a/routers/api/packages/container/container.go
+++ b/routers/api/packages/container/container.go
@@ -117,7 +117,7 @@ func apiErrorDefined(ctx *context.Context, err *namedError) {
 
 func apiUnauthorizedError(ctx *context.Context) {
 	// container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed
-	realmURL := strings.TrimSuffix(httplib.GuessCurrentAppURL(ctx), setting.AppSubURL+"/") + "/v2/token"
+	realmURL := httplib.GuessCurrentHostURL(ctx) + "/v2/token"
 	ctx.Resp.Header().Add("WWW-Authenticate", `Bearer realm="`+realmURL+`",service="container_registry",scope="*"`)
 	apiErrorDefined(ctx, errUnauthorized)
 }
diff --git a/routers/common/middleware.go b/routers/common/middleware.go
index 8b661993bb..de49648396 100644
--- a/routers/common/middleware.go
+++ b/routers/common/middleware.go
@@ -25,7 +25,7 @@ import (
 // ProtocolMiddlewares returns HTTP protocol related middlewares, and it provides a global panic recovery
 func ProtocolMiddlewares() (handlers []any) {
 	// first, normalize the URL path
-	handlers = append(handlers, stripSlashesMiddleware)
+	handlers = append(handlers, normalizeRequestPathMiddleware)
 
 	// prepare the ContextData and panic recovery
 	handlers = append(handlers, func(next http.Handler) http.Handler {
@@ -75,9 +75,9 @@ func ProtocolMiddlewares() (handlers []any) {
 	return handlers
 }
 
-func stripSlashesMiddleware(next http.Handler) http.Handler {
+func normalizeRequestPathMiddleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
-		// First of all escape the URL RawPath to ensure that all routing is done using a correctly escaped URL
+		// escape the URL RawPath to ensure that all routing is done using a correctly escaped URL
 		req.URL.RawPath = req.URL.EscapedPath()
 
 		urlPath := req.URL.RawPath
@@ -86,19 +86,42 @@ func stripSlashesMiddleware(next http.Handler) http.Handler {
 			urlPath = rctx.RoutePath
 		}
 
-		sanitizedPath := &strings.Builder{}
-		prevWasSlash := false
-		for _, chr := range strings.TrimRight(urlPath, "/") {
-			if chr != '/' || !prevWasSlash {
-				sanitizedPath.WriteRune(chr)
+		normalizedPath := strings.TrimRight(urlPath, "/")
+		// the following code block is a slow-path for replacing all repeated slashes "//" to one single "/"
+		// if the path doesn't have repeated slashes, then no need to execute it
+		if strings.Contains(normalizedPath, "//") {
+			buf := &strings.Builder{}
+			prevWasSlash := false
+			for _, chr := range normalizedPath {
+				if chr != '/' || !prevWasSlash {
+					buf.WriteRune(chr)
+				}
+				prevWasSlash = chr == '/'
 			}
-			prevWasSlash = chr == '/'
+			normalizedPath = buf.String()
+		}
+
+		if setting.UseSubURLPath {
+			remainingPath, ok := strings.CutPrefix(normalizedPath, setting.AppSubURL+"/")
+			if ok {
+				normalizedPath = "/" + remainingPath
+			} else if normalizedPath == setting.AppSubURL {
+				normalizedPath = "/"
+			} else if !strings.HasPrefix(normalizedPath+"/", "/v2/") {
+				// do not respond to other requests, to simulate a real sub-path environment
+				http.Error(resp, "404 page not found, sub-path is: "+setting.AppSubURL, http.StatusNotFound)
+				return
+			}
+			// TODO: it's not quite clear about how req.URL and rctx.RoutePath work together.
+			// Fortunately, it is only used for debug purpose, we have enough time to figure it out in the future.
+			req.URL.RawPath = normalizedPath
+			req.URL.Path = normalizedPath
 		}
 
 		if rctx == nil {
-			req.URL.Path = sanitizedPath.String()
+			req.URL.Path = normalizedPath
 		} else {
-			rctx.RoutePath = sanitizedPath.String()
+			rctx.RoutePath = normalizedPath
 		}
 		next.ServeHTTP(resp, req)
 	})
diff --git a/routers/common/middleware_test.go b/routers/common/middleware_test.go
index f16b9374ec..c96071c3a8 100644
--- a/routers/common/middleware_test.go
+++ b/routers/common/middleware_test.go
@@ -61,7 +61,7 @@ func TestStripSlashesMiddleware(t *testing.T) {
 		})
 
 		// pass the test middleware to validate the changes
-		handlerToTest := stripSlashesMiddleware(testMiddleware)
+		handlerToTest := normalizeRequestPathMiddleware(testMiddleware)
 		// create a mock request to use
 		req := httptest.NewRequest("GET", tt.inputPath, nil)
 		// call the handler using a mock response recorder
diff --git a/services/pull/merge.go b/services/pull/merge.go
index 9ef3fb2e05..e19292c31c 100644
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@@ -23,6 +23,7 @@ import (
 	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/references"
 	repo_module "code.gitea.io/gitea/modules/repository"
@@ -56,7 +57,7 @@ func getMergeMessage(ctx context.Context, baseGitRepo *git.Repository, pr *issue
 		issueReference = "!"
 	}
 
-	reviewedOn := fmt.Sprintf("Reviewed-on: %s/%s", setting.AppURL, pr.Issue.Link())
+	reviewedOn := fmt.Sprintf("Reviewed-on: %s", httplib.MakeAbsoluteURL(ctx, pr.Issue.Link()))
 	reviewedBy := pr.GetApprovers(ctx)
 
 	if mergeStyle != "" {

From 42718d32af9d259205bee0fde818ffc0c3a9797f Mon Sep 17 00:00:00 2001
From: Zettat123 <zettat123@gmail.com>
Date: Sat, 15 Jun 2024 12:20:14 +0800
Subject: [PATCH 35/46] Allow downloading attachments of draft releases
 (#31369)

Fix #31362
---
 routers/web/repo/repo.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
index 5a74971827..514a5ab02c 100644
--- a/routers/web/repo/repo.go
+++ b/routers/web/repo/repo.go
@@ -418,8 +418,9 @@ func RedirectDownload(ctx *context.Context) {
 	tagNames := []string{vTag}
 	curRepo := ctx.Repo.Repository
 	releases, err := db.Find[repo_model.Release](ctx, repo_model.FindReleasesOptions{
-		RepoID:   curRepo.ID,
-		TagNames: tagNames,
+		IncludeDrafts: ctx.Repo.CanWrite(unit.TypeReleases),
+		RepoID:        curRepo.ID,
+		TagNames:      tagNames,
 	})
 	if err != nil {
 		ctx.ServerError("RedirectDownload", err)

From e37ecd17324946d9b2db07ea10d4a9fbb53da20f Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Sat, 15 Jun 2024 06:48:52 +0200
Subject: [PATCH 36/46] rm const do inline (#31360)

https://github.com/go-gitea/gitea/pull/30876/files#r1637288202
---
 models/repo/search.go | 60 +++++++++++++------------------------------
 1 file changed, 18 insertions(+), 42 deletions(-)

diff --git a/models/repo/search.go b/models/repo/search.go
index c500d41be8..2baa85dc6f 100644
--- a/models/repo/search.go
+++ b/models/repo/search.go
@@ -5,53 +5,29 @@ package repo
 
 import "code.gitea.io/gitea/models/db"
 
-// Strings for sorting result
-const (
-	// only used for repos
-	SearchOrderByAlphabetically        db.SearchOrderBy = "owner_name ASC, name ASC"
-	SearchOrderByAlphabeticallyReverse db.SearchOrderBy = "owner_name DESC, name DESC"
-	SearchOrderBySize                  db.SearchOrderBy = "size ASC"
-	SearchOrderBySizeReverse           db.SearchOrderBy = "size DESC"
-	SearchOrderByGitSize               db.SearchOrderBy = "git_size ASC"
-	SearchOrderByGitSizeReverse        db.SearchOrderBy = "git_size DESC"
-	SearchOrderByLFSSize               db.SearchOrderBy = "lfs_size ASC"
-	SearchOrderByLFSSizeReverse        db.SearchOrderBy = "lfs_size DESC"
-	// alias as also used elsewhere
-	SearchOrderByLeastUpdated  db.SearchOrderBy = db.SearchOrderByLeastUpdated
-	SearchOrderByRecentUpdated db.SearchOrderBy = db.SearchOrderByRecentUpdated
-	SearchOrderByOldest        db.SearchOrderBy = db.SearchOrderByOldest
-	SearchOrderByNewest        db.SearchOrderBy = db.SearchOrderByNewest
-	SearchOrderByID            db.SearchOrderBy = db.SearchOrderByID
-	SearchOrderByIDReverse     db.SearchOrderBy = db.SearchOrderByIDReverse
-	SearchOrderByStars         db.SearchOrderBy = db.SearchOrderByStars
-	SearchOrderByStarsReverse  db.SearchOrderBy = db.SearchOrderByStarsReverse
-	SearchOrderByForks         db.SearchOrderBy = db.SearchOrderByForks
-	SearchOrderByForksReverse  db.SearchOrderBy = db.SearchOrderByForksReverse
-)
-
 // SearchOrderByMap represents all possible search order
 var SearchOrderByMap = map[string]map[string]db.SearchOrderBy{
 	"asc": {
-		"alpha":    SearchOrderByAlphabetically,
-		"created":  SearchOrderByOldest,
-		"updated":  SearchOrderByLeastUpdated,
-		"size":     SearchOrderBySize,
-		"git_size": SearchOrderByGitSize,
-		"lfs_size": SearchOrderByLFSSize,
-		"id":       SearchOrderByID,
-		"stars":    SearchOrderByStars,
-		"forks":    SearchOrderByForks,
+		"alpha":    "owner_name ASC, name ASC",
+		"created":  db.SearchOrderByOldest,
+		"updated":  db.SearchOrderByLeastUpdated,
+		"size":     "size ASC",
+		"git_size": "git_size ASC",
+		"lfs_size": "lfs_size ASC",
+		"id":       db.SearchOrderByID,
+		"stars":    db.SearchOrderByStars,
+		"forks":    db.SearchOrderByForks,
 	},
 	"desc": {
-		"alpha":    SearchOrderByAlphabeticallyReverse,
-		"created":  SearchOrderByNewest,
-		"updated":  SearchOrderByRecentUpdated,
-		"size":     SearchOrderBySizeReverse,
-		"git_size": SearchOrderByGitSizeReverse,
-		"lfs_size": SearchOrderByLFSSizeReverse,
-		"id":       SearchOrderByIDReverse,
-		"stars":    SearchOrderByStarsReverse,
-		"forks":    SearchOrderByForksReverse,
+		"alpha":    "owner_name DESC, name DESC",
+		"created":  db.SearchOrderByNewest,
+		"updated":  db.SearchOrderByRecentUpdated,
+		"size":     "size DESC",
+		"git_size": "git_size DESC",
+		"lfs_size": "lfs_size DESC",
+		"id":       db.SearchOrderByIDReverse,
+		"stars":    db.SearchOrderByStarsReverse,
+		"forks":    db.SearchOrderByForksReverse,
 	},
 }
 

From 78e8296e113e2fd9259ec05fe87035427821ea0b Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Sat, 15 Jun 2024 08:45:02 +0200
Subject: [PATCH 37/46] Rename repo_model.SearchOrderByMap to
 repo_model.OrderByMap (#31359)

https://github.com/go-gitea/gitea/pull/30876#discussion_r1637112394
---
 models/repo/search.go       | 38 ++++++++++++++++++-------------------
 routers/api/v1/repo/repo.go |  2 +-
 routers/web/explore/repo.go |  2 +-
 routers/web/repo/repo.go    |  2 +-
 4 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/models/repo/search.go b/models/repo/search.go
index 2baa85dc6f..a73d9fc215 100644
--- a/models/repo/search.go
+++ b/models/repo/search.go
@@ -5,8 +5,8 @@ package repo
 
 import "code.gitea.io/gitea/models/db"
 
-// SearchOrderByMap represents all possible search order
-var SearchOrderByMap = map[string]map[string]db.SearchOrderBy{
+// OrderByMap represents all possible search order
+var OrderByMap = map[string]map[string]db.SearchOrderBy{
 	"asc": {
 		"alpha":    "owner_name ASC, name ASC",
 		"created":  db.SearchOrderByOldest,
@@ -31,22 +31,22 @@ var SearchOrderByMap = map[string]map[string]db.SearchOrderBy{
 	},
 }
 
-// SearchOrderByFlatMap is similar to SearchOrderByMap but use human language keywords
+// OrderByFlatMap is similar to OrderByMap but use human language keywords
 // to decide between asc and desc
-var SearchOrderByFlatMap = map[string]db.SearchOrderBy{
-	"newest":                SearchOrderByMap["desc"]["created"],
-	"oldest":                SearchOrderByMap["asc"]["created"],
-	"leastupdate":           SearchOrderByMap["asc"]["updated"],
-	"reversealphabetically": SearchOrderByMap["desc"]["alpha"],
-	"alphabetically":        SearchOrderByMap["asc"]["alpha"],
-	"reversesize":           SearchOrderByMap["desc"]["size"],
-	"size":                  SearchOrderByMap["asc"]["size"],
-	"reversegitsize":        SearchOrderByMap["desc"]["git_size"],
-	"gitsize":               SearchOrderByMap["asc"]["git_size"],
-	"reverselfssize":        SearchOrderByMap["desc"]["lfs_size"],
-	"lfssize":               SearchOrderByMap["asc"]["lfs_size"],
-	"moststars":             SearchOrderByMap["desc"]["stars"],
-	"feweststars":           SearchOrderByMap["asc"]["stars"],
-	"mostforks":             SearchOrderByMap["desc"]["forks"],
-	"fewestforks":           SearchOrderByMap["asc"]["forks"],
+var OrderByFlatMap = map[string]db.SearchOrderBy{
+	"newest":                OrderByMap["desc"]["created"],
+	"oldest":                OrderByMap["asc"]["created"],
+	"leastupdate":           OrderByMap["asc"]["updated"],
+	"reversealphabetically": OrderByMap["desc"]["alpha"],
+	"alphabetically":        OrderByMap["asc"]["alpha"],
+	"reversesize":           OrderByMap["desc"]["size"],
+	"size":                  OrderByMap["asc"]["size"],
+	"reversegitsize":        OrderByMap["desc"]["git_size"],
+	"gitsize":               OrderByMap["asc"]["git_size"],
+	"reverselfssize":        OrderByMap["desc"]["lfs_size"],
+	"lfssize":               OrderByMap["asc"]["lfs_size"],
+	"moststars":             OrderByMap["desc"]["stars"],
+	"feweststars":           OrderByMap["asc"]["stars"],
+	"mostforks":             OrderByMap["desc"]["forks"],
+	"fewestforks":           OrderByMap["asc"]["forks"],
 }
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 9ba5887525..4f617d27af 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -184,7 +184,7 @@ func Search(ctx *context.APIContext) {
 		if len(sortOrder) == 0 {
 			sortOrder = "asc"
 		}
-		if searchModeMap, ok := repo_model.SearchOrderByMap[sortOrder]; ok {
+		if searchModeMap, ok := repo_model.OrderByMap[sortOrder]; ok {
 			if orderBy, ok := searchModeMap[sortMode]; ok {
 				opts.OrderBy = orderBy
 			} else {
diff --git a/routers/web/explore/repo.go b/routers/web/explore/repo.go
index 22b1fc5bf9..1d17f962f2 100644
--- a/routers/web/explore/repo.go
+++ b/routers/web/explore/repo.go
@@ -63,7 +63,7 @@ func RenderRepoSearch(ctx *context.Context, opts *RepoSearchOptions) {
 		sortOrder = setting.UI.ExploreDefaultSort
 	}
 
-	if order, ok := repo_model.SearchOrderByFlatMap[sortOrder]; ok {
+	if order, ok := repo_model.OrderByFlatMap[sortOrder]; ok {
 		orderBy = order
 	} else {
 		sortOrder = "recentupdate"
diff --git a/routers/web/repo/repo.go b/routers/web/repo/repo.go
index 514a5ab02c..92f74bbf33 100644
--- a/routers/web/repo/repo.go
+++ b/routers/web/repo/repo.go
@@ -616,7 +616,7 @@ func SearchRepo(ctx *context.Context) {
 		if len(sortOrder) == 0 {
 			sortOrder = "asc"
 		}
-		if searchModeMap, ok := repo_model.SearchOrderByMap[sortOrder]; ok {
+		if searchModeMap, ok := repo_model.OrderByMap[sortOrder]; ok {
 			if orderBy, ok := searchModeMap[sortMode]; ok {
 				opts.OrderBy = orderBy
 			} else {

From c70d4f03c97dea47c0314bc3153bc448278a9a80 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Sun, 16 Jun 2024 00:28:50 +0000
Subject: [PATCH 38/46] [skip ci] Updated translations via Crowdin

---
 options/locale/locale_ja-JP.ini | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/options/locale/locale_ja-JP.ini b/options/locale/locale_ja-JP.ini
index d85ffb4694..acce73b0af 100644
--- a/options/locale/locale_ja-JP.ini
+++ b/options/locale/locale_ja-JP.ini
@@ -1238,6 +1238,7 @@ file_view_rendered=レンダリング表示
 file_view_raw=Rawデータを見る
 file_permalink=パーマリンク
 file_too_large=このファイルは大きすぎるため、表示できません。
+file_is_empty=ファイルは空です。
 code_preview_line_from_to=%[1]d 行目から %[2]d 行目 in %[3]s
 code_preview_line_in=%[1]d 行目 in %[2]s
 invisible_runes_header=このファイルには不可視のUnicode文字が含まれています
@@ -1442,6 +1443,7 @@ issues.new.clear_assignees=担当者をクリア
 issues.new.no_assignees=担当者なし
 issues.new.no_reviewers=レビューアなし
 issues.new.blocked_user=リポジトリのオーナーがあなたをブロックしているため、イシューを作成できません。
+issues.edit.already_changed=イシューの変更を保存できません。 他のユーザーによって内容がすでに変更されているようです。 変更を上書きしないようにするため、ページを更新してからもう一度編集してください
 issues.edit.blocked_user=投稿者またはリポジトリのオーナーがあなたをブロックしているため、内容を編集できません。
 issues.choose.get_started=始める
 issues.choose.open_external_link=オープン
@@ -1757,6 +1759,7 @@ compare.compare_head=比較
 pulls.desc=プルリクエストとコードレビューの有効化。
 pulls.new=新しいプルリクエスト
 pulls.new.blocked_user=リポジトリのオーナーがあなたをブロックしているため、プルリクエストを作成できません。
+pulls.edit.already_changed=プルリクエストの変更を保存できません。 他のユーザーによって内容がすでに変更されているようです。 変更を上書きしないようにするため、ページを更新してからもう一度編集してください
 pulls.view=プルリクエストを表示
 pulls.compare_changes=新規プルリクエスト
 pulls.allow_edits_from_maintainers=メンテナーからの編集を許可する
@@ -1902,6 +1905,7 @@ pulls.recently_pushed_new_branches=%[2]s 、あなたはブランチ <strong>%[1
 
 pull.deleted_branch=(削除済み):%s
 
+comments.edit.already_changed=コメントの変更を保存できません。 他のユーザーによって内容がすでに変更されているようです。 変更を上書きしないようにするため、ページを更新してからもう一度編集してください
 
 milestones.new=新しいマイルストーン
 milestones.closed=%s にクローズ

From f446e3b4ab2d3f787a17d1cfe09ee8f5f7b10089 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Sun, 16 Jun 2024 10:07:21 +0800
Subject: [PATCH 39/46] Fix JS error when creating new issue (#31383)

Fix #31336
---
 web_src/js/features/repo-legacy.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web_src/js/features/repo-legacy.js b/web_src/js/features/repo-legacy.js
index e53d86cca0..de4f611b5d 100644
--- a/web_src/js/features/repo-legacy.js
+++ b/web_src/js/features/repo-legacy.js
@@ -272,7 +272,7 @@ export function initRepoCommentForm() {
       }
 
       $list.find('.selected').html(`
-        <a class="item muted sidebar-item-link" href=${htmlEscape(this.getAttribute('href'))}>
+        <a class="item muted sidebar-item-link" href="${htmlEscape(this.getAttribute('data-href'))}">
           ${icon}
           ${htmlEscape(this.textContent)}
         </a>

From 129206da4543f2024601af20dac3eaf978d0c432 Mon Sep 17 00:00:00 2001
From: GiteaBot <teabot@gitea.io>
Date: Mon, 17 Jun 2024 00:27:39 +0000
Subject: [PATCH 40/46] [skip ci] Updated licenses and gitignores

---
 options/gitignore/IAR         | 47 +++++++++++++++++++++++++++++++++++
 options/gitignore/Objective-C |  7 ------
 options/gitignore/Terraform   |  3 ---
 3 files changed, 47 insertions(+), 10 deletions(-)
 create mode 100644 options/gitignore/IAR

diff --git a/options/gitignore/IAR b/options/gitignore/IAR
new file mode 100644
index 0000000000..e8938b31a4
--- /dev/null
+++ b/options/gitignore/IAR
@@ -0,0 +1,47 @@
+# Compiled binaries
+*.o
+*.bin
+*.elf
+*.hex
+*.map
+*.out
+*.obj
+
+# Trash
+*.bak
+thumbs.db
+*.~*
+
+# IAR Settings  
+**/settings/*.crun  
+**/settings/*.dbgdt  
+**/settings/*.cspy  
+**/settings/*.cspy.*  
+**/settings/*.xcl  
+**/settings/*.dni  
+**/settings/*.wsdt  
+**/settings/*.wspos  
+
+# IAR Debug Exe  
+**/Exe/*.sim  
+
+# IAR Debug Obj  
+**/Obj/*.pbd  
+**/Obj/*.pbd.*  
+**/Obj/*.pbi  
+**/Obj/*.pbi.*  
+
+# IAR project "Debug" directory
+Debug/
+
+# IAR project "Release" directory
+Release/
+
+# IAR project settings directory
+settings/
+
+# IAR backup files
+Backup*
+
+# IAR .dep files
+*.dep
\ No newline at end of file
diff --git a/options/gitignore/Objective-C b/options/gitignore/Objective-C
index 9b8cd0706f..2ebce16e6e 100644
--- a/options/gitignore/Objective-C
+++ b/options/gitignore/Objective-C
@@ -42,10 +42,3 @@ fastlane/report.xml
 fastlane/Preview.html
 fastlane/screenshots/**/*.png
 fastlane/test_output
-
-# Code Injection
-#
-# After new code Injection tools there's a generated folder /iOSInjectionProject
-# https://github.com/johnno1962/injectionforxcode
-
-iOSInjectionProject/
diff --git a/options/gitignore/Terraform b/options/gitignore/Terraform
index 15073ca88b..2faf43d0a1 100644
--- a/options/gitignore/Terraform
+++ b/options/gitignore/Terraform
@@ -35,6 +35,3 @@ override.tf.json
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
-
-# Ignore hcl file
-.terraform.lock.hcl

From f5dfd7d73cbc606ae65e5bab33efad1604b6331e Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 17 Jun 2024 09:18:35 +0800
Subject: [PATCH 41/46] Add a simple test for AdoptRepository (#31391)

Follow #31333
---
 services/repository/adopt_test.go | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/services/repository/adopt_test.go b/services/repository/adopt_test.go
index c1520e01c9..38949c7602 100644
--- a/services/repository/adopt_test.go
+++ b/services/repository/adopt_test.go
@@ -6,10 +6,13 @@ package repository
 import (
 	"os"
 	"path"
+	"path/filepath"
 	"testing"
 
 	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/stretchr/testify/assert"
@@ -83,3 +86,13 @@ func TestListUnadoptedRepositories_ListOptions(t *testing.T) {
 	assert.Equal(t, 2, count)
 	assert.Equal(t, unadoptedList[1], repoNames[0])
 }
+
+func TestAdoptRepository(t *testing.T) {
+	assert.NoError(t, unittest.PrepareTestDatabase())
+	assert.NoError(t, unittest.CopyDir(filepath.Join(setting.RepoRootPath, "user2", "repo1.git"), filepath.Join(setting.RepoRootPath, "user2", "test-adopt.git")))
+	user2 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
+	_, err := AdoptRepository(db.DefaultContext, user2, user2, CreateRepoOptions{Name: "test-adopt"})
+	assert.NoError(t, err)
+	repoTestAdopt := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{Name: "test-adopt"})
+	assert.Equal(t, "sha1", repoTestAdopt.ObjectFormatName)
+}

From 597d1da96b92b181c106813ce26149334b2b44e5 Mon Sep 17 00:00:00 2001
From: Brecht Van Lommel <brecht@blender.org>
Date: Mon, 17 Jun 2024 08:16:14 +0200
Subject: [PATCH 42/46] Fix missing images in editor preview due to wrong links
 (#31299)

Parse base path and tree path so that media links can be correctly
created with /media/.

Resolves #31294

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 modules/markup/renderer.go         |   8 +--
 modules/structs/miscellaneous.go   |   6 +-
 routers/api/v1/misc/markup_test.go | 100 ++++++++++++++++++-----------
 routers/common/markup.go           |  63 +++++++++---------
 templates/swagger/v1_json.tmpl     |   4 +-
 5 files changed, 103 insertions(+), 78 deletions(-)

diff --git a/modules/markup/renderer.go b/modules/markup/renderer.go
index 66e8cf611d..5eb568cb1f 100644
--- a/modules/markup/renderer.go
+++ b/modules/markup/renderer.go
@@ -86,10 +86,10 @@ type RenderContext struct {
 }
 
 type Links struct {
-	AbsolutePrefix bool
-	Base           string
-	BranchPath     string
-	TreePath       string
+	AbsolutePrefix bool   // add absolute URL prefix to auto-resolved links like "#issue", but not for pre-provided links and medias
+	Base           string // base prefix for pre-provided links and medias (images, videos)
+	BranchPath     string // actually it is the ref path, eg: "branch/features/feat-12", "tag/v1.0"
+	TreePath       string // the dir of the file, eg: "doc" if the file "doc/CHANGE.md" is being rendered
 }
 
 func (l *Links) Prefix() string {
diff --git a/modules/structs/miscellaneous.go b/modules/structs/miscellaneous.go
index bff10f95b7..3b206c1dd7 100644
--- a/modules/structs/miscellaneous.go
+++ b/modules/structs/miscellaneous.go
@@ -25,7 +25,8 @@ type MarkupOption struct {
 	//
 	// in: body
 	Mode string
-	// Context to render
+	// URL path for rendering issue, media and file links
+	// Expected format: /subpath/{user}/{repo}/src/{branch, commit, tag}/{identifier/path}/{file/dir}
 	//
 	// in: body
 	Context string
@@ -53,7 +54,8 @@ type MarkdownOption struct {
 	//
 	// in: body
 	Mode string
-	// Context to render
+	// URL path for rendering issue, media and file links
+	// Expected format: /subpath/{user}/{repo}/src/{branch, commit, tag}/{identifier/path}/{file/dir}
 	//
 	// in: body
 	Context string
diff --git a/routers/api/v1/misc/markup_test.go b/routers/api/v1/misc/markup_test.go
index 5236fd06ae..e2ab7141b7 100644
--- a/routers/api/v1/misc/markup_test.go
+++ b/routers/api/v1/misc/markup_test.go
@@ -7,6 +7,7 @@ import (
 	go_context "context"
 	"io"
 	"net/http"
+	"path"
 	"strings"
 	"testing"
 
@@ -19,36 +20,40 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
-const (
-	AppURL  = "http://localhost:3000/"
-	Repo    = "gogits/gogs"
-	FullURL = AppURL + Repo + "/"
-)
+const AppURL = "http://localhost:3000/"
 
-func testRenderMarkup(t *testing.T, mode, filePath, text, responseBody string, responseCode int) {
+func testRenderMarkup(t *testing.T, mode string, wiki bool, filePath, text, expectedBody string, expectedCode int) {
 	setting.AppURL = AppURL
+	context := "/gogits/gogs"
+	if !wiki {
+		context += path.Join("/src/branch/main", path.Dir(filePath))
+	}
 	options := api.MarkupOption{
 		Mode:     mode,
 		Text:     text,
-		Context:  Repo,
-		Wiki:     true,
+		Context:  context,
+		Wiki:     wiki,
 		FilePath: filePath,
 	}
 	ctx, resp := contexttest.MockAPIContext(t, "POST /api/v1/markup")
 	web.SetForm(ctx, &options)
 	Markup(ctx)
-	assert.Equal(t, responseBody, resp.Body.String())
-	assert.Equal(t, responseCode, resp.Code)
+	assert.Equal(t, expectedBody, resp.Body.String())
+	assert.Equal(t, expectedCode, resp.Code)
 	resp.Body.Reset()
 }
 
-func testRenderMarkdown(t *testing.T, mode, text, responseBody string, responseCode int) {
+func testRenderMarkdown(t *testing.T, mode string, wiki bool, text, responseBody string, responseCode int) {
 	setting.AppURL = AppURL
+	context := "/gogits/gogs"
+	if !wiki {
+		context += "/src/branch/main"
+	}
 	options := api.MarkdownOption{
 		Mode:    mode,
 		Text:    text,
-		Context: Repo,
-		Wiki:    true,
+		Context: context,
+		Wiki:    wiki,
 	}
 	ctx, resp := contexttest.MockAPIContext(t, "POST /api/v1/markdown")
 	web.SetForm(ctx, &options)
@@ -65,7 +70,7 @@ func TestAPI_RenderGFM(t *testing.T) {
 		},
 	})
 
-	testCasesCommon := []string{
+	testCasesWiki := []string{
 		// dear imgui wiki markdown extract: special wiki syntax
 		`Wiki! Enjoy :)
 - [[Links, Language bindings, Engine bindings|Links]]
@@ -74,20 +79,20 @@ func TestAPI_RenderGFM(t *testing.T) {
 		// rendered
 		`<p>Wiki! Enjoy :)</p>
 <ul>
-<li><a href="` + FullURL + `wiki/Links" rel="nofollow">Links, Language bindings, Engine bindings</a></li>
-<li><a href="` + FullURL + `wiki/Tips" rel="nofollow">Tips</a></li>
-<li>Bezier widget (by <a href="` + AppURL + `r-lyeh" rel="nofollow">@r-lyeh</a>) <a href="https://github.com/ocornut/imgui/issues/786" rel="nofollow">https://github.com/ocornut/imgui/issues/786</a></li>
+<li><a href="http://localhost:3000/gogits/gogs/wiki/Links" rel="nofollow">Links, Language bindings, Engine bindings</a></li>
+<li><a href="http://localhost:3000/gogits/gogs/wiki/Tips" rel="nofollow">Tips</a></li>
+<li>Bezier widget (by <a href="http://localhost:3000/r-lyeh" rel="nofollow">@r-lyeh</a>) <a href="https://github.com/ocornut/imgui/issues/786" rel="nofollow">https://github.com/ocornut/imgui/issues/786</a></li>
 </ul>
 `,
 		// Guard wiki sidebar: special syntax
 		`[[Guardfile-DSL / Configuring-Guard|Guardfile-DSL---Configuring-Guard]]`,
 		// rendered
-		`<p><a href="` + FullURL + `wiki/Guardfile-DSL---Configuring-Guard" rel="nofollow">Guardfile-DSL / Configuring-Guard</a></p>
+		`<p><a href="http://localhost:3000/gogits/gogs/wiki/Guardfile-DSL---Configuring-Guard" rel="nofollow">Guardfile-DSL / Configuring-Guard</a></p>
 `,
 		// special syntax
 		`[[Name|Link]]`,
 		// rendered
-		`<p><a href="` + FullURL + `wiki/Link" rel="nofollow">Name</a></p>
+		`<p><a href="http://localhost:3000/gogits/gogs/wiki/Link" rel="nofollow">Name</a></p>
 `,
 		// empty
 		``,
@@ -95,7 +100,7 @@ func TestAPI_RenderGFM(t *testing.T) {
 		``,
 	}
 
-	testCasesDocument := []string{
+	testCasesWikiDocument := []string{
 		// wine-staging wiki home extract: special wiki syntax, images
 		`## What is Wine Staging?
 **Wine Staging** on website [wine-staging.com](http://wine-staging.com).
@@ -111,31 +116,48 @@ Here are some links to the most important topics. You can find the full list of
 <p><strong>Wine Staging</strong> on website <a href="http://wine-staging.com" rel="nofollow">wine-staging.com</a>.</p>
 <h2 id="user-content-quick-links">Quick Links</h2>
 <p>Here are some links to the most important topics. You can find the full list of pages at the sidebar.</p>
-<p><a href="` + FullURL + `wiki/Configuration" rel="nofollow">Configuration</a>
-<a href="` + FullURL + `wiki/raw/images/icon-bug.png" rel="nofollow"><img src="` + FullURL + `wiki/raw/images/icon-bug.png" title="icon-bug.png" alt="images/icon-bug.png"/></a></p>
+<p><a href="http://localhost:3000/gogits/gogs/wiki/Configuration" rel="nofollow">Configuration</a>
+<a href="http://localhost:3000/gogits/gogs/wiki/raw/images/icon-bug.png" rel="nofollow"><img src="http://localhost:3000/gogits/gogs/wiki/raw/images/icon-bug.png" title="icon-bug.png" alt="images/icon-bug.png"/></a></p>
 `,
 	}
 
-	for i := 0; i < len(testCasesCommon); i += 2 {
-		text := testCasesCommon[i]
-		response := testCasesCommon[i+1]
-		testRenderMarkdown(t, "gfm", text, response, http.StatusOK)
-		testRenderMarkup(t, "gfm", "", text, response, http.StatusOK)
-		testRenderMarkdown(t, "comment", text, response, http.StatusOK)
-		testRenderMarkup(t, "comment", "", text, response, http.StatusOK)
-		testRenderMarkup(t, "file", "path/test.md", text, response, http.StatusOK)
+	for i := 0; i < len(testCasesWiki); i += 2 {
+		text := testCasesWiki[i]
+		response := testCasesWiki[i+1]
+		testRenderMarkdown(t, "gfm", true, text, response, http.StatusOK)
+		testRenderMarkup(t, "gfm", true, "", text, response, http.StatusOK)
+		testRenderMarkdown(t, "comment", true, text, response, http.StatusOK)
+		testRenderMarkup(t, "comment", true, "", text, response, http.StatusOK)
+		testRenderMarkup(t, "file", true, "path/test.md", text, response, http.StatusOK)
 	}
 
-	for i := 0; i < len(testCasesDocument); i += 2 {
-		text := testCasesDocument[i]
-		response := testCasesDocument[i+1]
-		testRenderMarkdown(t, "gfm", text, response, http.StatusOK)
-		testRenderMarkup(t, "gfm", "", text, response, http.StatusOK)
-		testRenderMarkup(t, "file", "path/test.md", text, response, http.StatusOK)
+	for i := 0; i < len(testCasesWikiDocument); i += 2 {
+		text := testCasesWikiDocument[i]
+		response := testCasesWikiDocument[i+1]
+		testRenderMarkdown(t, "gfm", true, text, response, http.StatusOK)
+		testRenderMarkup(t, "gfm", true, "", text, response, http.StatusOK)
+		testRenderMarkup(t, "file", true, "path/test.md", text, response, http.StatusOK)
 	}
 
-	testRenderMarkup(t, "file", "path/test.unknown", "## Test", "Unsupported render extension: .unknown\n", http.StatusUnprocessableEntity)
-	testRenderMarkup(t, "unknown", "", "## Test", "Unknown mode: unknown\n", http.StatusUnprocessableEntity)
+	input := "[Link](test.md)\n![Image](image.png)"
+	testRenderMarkdown(t, "gfm", false, input, `<p><a href="http://localhost:3000/gogits/gogs/src/branch/main/test.md" rel="nofollow">Link</a>
+<a href="http://localhost:3000/gogits/gogs/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/gogits/gogs/media/branch/main/image.png" alt="Image"/></a></p>
+`, http.StatusOK)
+
+	testRenderMarkdown(t, "gfm", false, input, `<p><a href="http://localhost:3000/gogits/gogs/src/branch/main/test.md" rel="nofollow">Link</a>
+<a href="http://localhost:3000/gogits/gogs/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/gogits/gogs/media/branch/main/image.png" alt="Image"/></a></p>
+`, http.StatusOK)
+
+	testRenderMarkup(t, "gfm", false, "", input, `<p><a href="http://localhost:3000/gogits/gogs/src/branch/main/test.md" rel="nofollow">Link</a>
+<a href="http://localhost:3000/gogits/gogs/media/branch/main/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/gogits/gogs/media/branch/main/image.png" alt="Image"/></a></p>
+`, http.StatusOK)
+
+	testRenderMarkup(t, "file", false, "path/new-file.md", input, `<p><a href="http://localhost:3000/gogits/gogs/src/branch/main/path/test.md" rel="nofollow">Link</a>
+<a href="http://localhost:3000/gogits/gogs/media/branch/main/path/image.png" target="_blank" rel="nofollow noopener"><img src="http://localhost:3000/gogits/gogs/media/branch/main/path/image.png" alt="Image"/></a></p>
+`, http.StatusOK)
+
+	testRenderMarkup(t, "file", true, "path/test.unknown", "## Test", "Unsupported render extension: .unknown\n", http.StatusUnprocessableEntity)
+	testRenderMarkup(t, "unknown", true, "", "## Test", "Unknown mode: unknown\n", http.StatusUnprocessableEntity)
 }
 
 var simpleCases = []string{
@@ -160,7 +182,7 @@ func TestAPI_RenderSimple(t *testing.T) {
 	options := api.MarkdownOption{
 		Mode:    "markdown",
 		Text:    "",
-		Context: Repo,
+		Context: "/gogits/gogs",
 	}
 	ctx, resp := contexttest.MockAPIContext(t, "POST /api/v1/markdown")
 	for i := 0; i < len(simpleCases); i += 2 {
diff --git a/routers/common/markup.go b/routers/common/markup.go
index f7d096008a..0a00eac7d4 100644
--- a/routers/common/markup.go
+++ b/routers/common/markup.go
@@ -7,63 +7,67 @@ package common
 import (
 	"fmt"
 	"net/http"
+	"path"
 	"strings"
 
 	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/markup"
 	"code.gitea.io/gitea/modules/markup/markdown"
 	"code.gitea.io/gitea/modules/setting"
-	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/context"
-
-	"mvdan.cc/xurls/v2"
 )
 
 // RenderMarkup renders markup text for the /markup and /markdown endpoints
-func RenderMarkup(ctx *context.Base, repo *context.Repository, mode, text, urlPrefix, filePath string, wiki bool) {
-	var markupType string
-	relativePath := ""
+func RenderMarkup(ctx *context.Base, repo *context.Repository, mode, text, urlPathContext, filePath string, wiki bool) {
+	// urlPathContext format is "/subpath/{user}/{repo}/src/{branch, commit, tag}/{identifier/path}/{file/dir}"
+	// filePath is the path of the file to render if the end user is trying to preview a repo file (mode == "file")
+	// filePath will be used as RenderContext.RelativePath
 
-	if len(text) == 0 {
-		_, _ = ctx.Write([]byte(""))
-		return
+	// for example, when previewing file "/gitea/owner/repo/src/branch/features/feat-123/doc/CHANGE.md", then filePath is "doc/CHANGE.md"
+	// and the urlPathContext is "/gitea/owner/repo/src/branch/features/feat-123/doc"
+
+	var markupType, relativePath string
+
+	links := markup.Links{AbsolutePrefix: true}
+	if urlPathContext != "" {
+		links.Base = fmt.Sprintf("%s%s", httplib.GuessCurrentHostURL(ctx), urlPathContext)
 	}
 
 	switch mode {
 	case "markdown":
 		// Raw markdown
 		if err := markdown.RenderRaw(&markup.RenderContext{
-			Ctx: ctx,
-			Links: markup.Links{
-				AbsolutePrefix: true,
-				Base:           urlPrefix,
-			},
+			Ctx:   ctx,
+			Links: links,
 		}, strings.NewReader(text), ctx.Resp); err != nil {
 			ctx.Error(http.StatusInternalServerError, err.Error())
 		}
 		return
 	case "comment":
-		// Comment as markdown
+		// Issue & comment content
 		markupType = markdown.MarkupName
 	case "gfm":
-		// Github Flavored Markdown as document
+		// GitHub Flavored Markdown
 		markupType = markdown.MarkupName
 	case "file":
-		// File as document based on file extension
-		markupType = ""
+		markupType = "" // render the repo file content by its extension
 		relativePath = filePath
 	default:
 		ctx.Error(http.StatusUnprocessableEntity, fmt.Sprintf("Unknown mode: %s", mode))
 		return
 	}
 
-	if !strings.HasPrefix(setting.AppSubURL+"/", urlPrefix) {
-		// check if urlPrefix is already set to a URL
-		linkRegex, _ := xurls.StrictMatchingScheme("https?://")
-		m := linkRegex.FindStringIndex(urlPrefix)
-		if m == nil {
-			urlPrefix = util.URLJoin(setting.AppURL, urlPrefix)
-		}
+	fields := strings.SplitN(strings.TrimPrefix(urlPathContext, setting.AppSubURL+"/"), "/", 5)
+	if len(fields) == 5 && fields[2] == "src" && (fields[3] == "branch" || fields[3] == "commit" || fields[3] == "tag") {
+		// absolute base prefix is something like "https://host/subpath/{user}/{repo}"
+		absoluteBasePrefix := fmt.Sprintf("%s%s/%s", httplib.GuessCurrentAppURL(ctx), fields[0], fields[1])
+
+		fileDir := path.Dir(filePath)                      // it is "doc" if filePath is "doc/CHANGE.md"
+		refPath := strings.Join(fields[3:], "/")           // it is "branch/features/feat-12/doc"
+		refPath = strings.TrimSuffix(refPath, "/"+fileDir) // now we get the correct branch path: "branch/features/feat-12"
+
+		links = markup.Links{AbsolutePrefix: true, Base: absoluteBasePrefix, BranchPath: refPath, TreePath: fileDir}
 	}
 
 	meta := map[string]string{}
@@ -81,12 +85,9 @@ func RenderMarkup(ctx *context.Base, repo *context.Repository, mode, text, urlPr
 	}
 
 	if err := markup.Render(&markup.RenderContext{
-		Ctx:  ctx,
-		Repo: repoCtx,
-		Links: markup.Links{
-			AbsolutePrefix: true,
-			Base:           urlPrefix,
-		},
+		Ctx:          ctx,
+		Repo:         repoCtx,
+		Links:        links,
 		Metas:        meta,
 		IsWiki:       wiki,
 		Type:         markupType,
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index ebfdcb6a8f..4aa64c5376 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -22404,7 +22404,7 @@
       "type": "object",
       "properties": {
         "Context": {
-          "description": "Context to render\n\nin: body",
+          "description": "URL path for rendering issue, media and file links\nExpected format: /subpath/{user}/{repo}/src/{branch, commit, tag}/{identifier/path}/{file/dir}\n\nin: body",
           "type": "string"
         },
         "Mode": {
@@ -22427,7 +22427,7 @@
       "type": "object",
       "properties": {
         "Context": {
-          "description": "Context to render\n\nin: body",
+          "description": "URL path for rendering issue, media and file links\nExpected format: /subpath/{user}/{repo}/src/{branch, commit, tag}/{identifier/path}/{file/dir}\n\nin: body",
           "type": "string"
         },
         "FilePath": {

From 25f3ec5b65ef00fb2cf584a37c5981e674459575 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 17 Jun 2024 14:45:12 +0800
Subject: [PATCH 43/46] Fix natural sort (#31384)

Fix #31374
---
 modules/base/natural_sort.go      | 57 ++++++++++++++++++++++++++++++-
 modules/base/natural_sort_test.go | 43 +++++++++++++++--------
 2 files changed, 85 insertions(+), 15 deletions(-)

diff --git a/modules/base/natural_sort.go b/modules/base/natural_sort.go
index 0f90ec70ce..acb9002276 100644
--- a/modules/base/natural_sort.go
+++ b/modules/base/natural_sort.go
@@ -4,12 +4,67 @@
 package base
 
 import (
+	"unicode/utf8"
+
 	"golang.org/x/text/collate"
 	"golang.org/x/text/language"
 )
 
+func naturalSortGetRune(str string, pos int) (r rune, size int, has bool) {
+	if pos >= len(str) {
+		return 0, 0, false
+	}
+	r, size = utf8.DecodeRuneInString(str[pos:])
+	if r == utf8.RuneError {
+		r, size = rune(str[pos]), 1 // if invalid input, treat it as a single byte ascii
+	}
+	return r, size, true
+}
+
+func naturalSortAdvance(str string, pos int) (end int, isNumber bool) {
+	end = pos
+	for {
+		r, size, has := naturalSortGetRune(str, end)
+		if !has {
+			break
+		}
+		isCurRuneNum := '0' <= r && r <= '9'
+		if end == pos {
+			isNumber = isCurRuneNum
+			end += size
+		} else if isCurRuneNum == isNumber {
+			end += size
+		} else {
+			break
+		}
+	}
+	return end, isNumber
+}
+
 // NaturalSortLess compares two strings so that they could be sorted in natural order
 func NaturalSortLess(s1, s2 string) bool {
+	// There is a bug in Golang's collate package: https://github.com/golang/go/issues/67997
+	// text/collate: CompareString(collate.Numeric) returns wrong result for "0.0" vs "1.0" #67997
+	// So we need to handle the number parts by ourselves
 	c := collate.New(language.English, collate.Numeric)
-	return c.CompareString(s1, s2) < 0
+	pos1, pos2 := 0, 0
+	for pos1 < len(s1) && pos2 < len(s2) {
+		end1, isNum1 := naturalSortAdvance(s1, pos1)
+		end2, isNum2 := naturalSortAdvance(s2, pos2)
+		part1, part2 := s1[pos1:end1], s2[pos2:end2]
+		if isNum1 && isNum2 {
+			if part1 != part2 {
+				if len(part1) != len(part2) {
+					return len(part1) < len(part2)
+				}
+				return part1 < part2
+			}
+		} else {
+			if cmp := c.CompareString(part1, part2); cmp != 0 {
+				return cmp < 0
+			}
+		}
+		pos1, pos2 = end1, end2
+	}
+	return len(s1) < len(s2)
 }
diff --git a/modules/base/natural_sort_test.go b/modules/base/natural_sort_test.go
index f27a4eb53a..b001bc4ac9 100644
--- a/modules/base/natural_sort_test.go
+++ b/modules/base/natural_sort_test.go
@@ -10,21 +10,36 @@ import (
 )
 
 func TestNaturalSortLess(t *testing.T) {
-	test := func(s1, s2 string, less bool) {
-		assert.Equal(t, less, NaturalSortLess(s1, s2), "s1=%q, s2=%q", s1, s2)
+	testLess := func(s1, s2 string) {
+		assert.True(t, NaturalSortLess(s1, s2), "s1<s2 should be true: s1=%q, s2=%q", s1, s2)
+		assert.False(t, NaturalSortLess(s2, s1), "s2<s1 should be false: s1=%q, s2=%q", s1, s2)
+	}
+	testEqual := func(s1, s2 string) {
+		assert.False(t, NaturalSortLess(s1, s2), "s1<s2 should be false: s1=%q, s2=%q", s1, s2)
+		assert.False(t, NaturalSortLess(s2, s1), "s2<s1 should be false: s1=%q, s2=%q", s1, s2)
 	}
-	test("v1.20.0", "v1.2.0", false)
-	test("v1.20.0", "v1.29.0", true)
-	test("v1.20.0", "v1.20.0", false)
-	test("abc", "bcd", true)
-	test("a-1-a", "a-1-b", true)
-	test("2", "12", true)
-	test("a", "ab", true)
 
-	test("A", "b", true)
-	test("a", "B", true)
+	testEqual("", "")
+	testLess("", "a")
+	testLess("", "1")
 
-	test("cafe", "café", true)
-	test("café", "cafe", false)
-	test("caff", "café", false)
+	testLess("v1.2", "v1.2.0")
+	testLess("v1.2.0", "v1.10.0")
+	testLess("v1.20.0", "v1.29.0")
+	testEqual("v1.20.0", "v1.20.0")
+
+	testLess("a", "A")
+	testLess("a", "B")
+	testLess("A", "b")
+	testLess("A", "ab")
+
+	testLess("abc", "bcd")
+	testLess("a-1-a", "a-1-b")
+	testLess("2", "12")
+
+	testLess("cafe", "café")
+	testLess("café", "caff")
+
+	testLess("A-2", "A-11")
+	testLess("0.txt", "1.txt")
 }

From 0f09c22663909cca5a386ba563cadaef09bd7846 Mon Sep 17 00:00:00 2001
From: wxiaoguang <wxiaoguang@gmail.com>
Date: Mon, 17 Jun 2024 16:42:46 +0800
Subject: [PATCH 44/46] Improve rubygems package registry (#31357)

To make it work with Bundler:
https://guides.rubygems.org/rubygems-org-compact-index-api/

It only adds 2 new API endpoints and improves some tests, existing logic
is not changed.
---
 routers/api/packages/api.go                   |   2 +
 routers/api/packages/rubygems/rubygems.go     | 138 +++++++-
 .../integration/api_packages_rubygems_test.go | 312 ++++++++++++------
 3 files changed, 345 insertions(+), 107 deletions(-)

diff --git a/routers/api/packages/api.go b/routers/api/packages/api.go
index 5e3cbac8f9..4122f632ff 100644
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@@ -588,6 +588,8 @@ func CommonRoutes() *web.Route {
 			r.Get("/prerelease_specs.4.8.gz", rubygems.EnumeratePackagesPreRelease)
 			r.Get("/quick/Marshal.4.8/{filename}", rubygems.ServePackageSpecification)
 			r.Get("/gems/{filename}", rubygems.DownloadPackageFile)
+			r.Get("/info/{packagename}", rubygems.GetPackageInfo)
+			r.Get("/versions", rubygems.GetAllPackagesVersions)
 			r.Group("/api/v1/gems", func() {
 				r.Post("/", rubygems.UploadPackageFile)
 				r.Delete("/yank", rubygems.DeletePackage)
diff --git a/routers/api/packages/rubygems/rubygems.go b/routers/api/packages/rubygems/rubygems.go
index ba5f4de080..0a08378b47 100644
--- a/routers/api/packages/rubygems/rubygems.go
+++ b/routers/api/packages/rubygems/rubygems.go
@@ -6,6 +6,7 @@ package rubygems
 import (
 	"compress/gzip"
 	"compress/zlib"
+	"crypto/md5"
 	"errors"
 	"fmt"
 	"io"
@@ -227,12 +228,7 @@ func UploadPackageFile(ctx *context.Context) {
 		return
 	}
 
-	var filename string
-	if rp.Metadata.Platform == "" || rp.Metadata.Platform == "ruby" {
-		filename = strings.ToLower(fmt.Sprintf("%s-%s.gem", rp.Name, rp.Version))
-	} else {
-		filename = strings.ToLower(fmt.Sprintf("%s-%s-%s.gem", rp.Name, rp.Version, rp.Metadata.Platform))
-	}
+	filename := makeGemFullFileName(rp.Name, rp.Version, rp.Metadata.Platform)
 
 	_, _, err = packages_service.CreatePackageAndAddFile(
 		ctx,
@@ -300,6 +296,136 @@ func DeletePackage(ctx *context.Context) {
 	}
 }
 
+// GetPackageInfo returns a custom text based format for the single rubygem with a line for each version of the rubygem
+// ref: https://guides.rubygems.org/rubygems-org-compact-index-api/
+func GetPackageInfo(ctx *context.Context) {
+	packageName := ctx.Params("packagename")
+	versions, err := packages_model.GetVersionsByPackageName(ctx, ctx.Package.Owner.ID, packages_model.TypeRubyGems, packageName)
+	if err != nil {
+		apiError(ctx, http.StatusInternalServerError, err)
+		return
+	}
+	if len(versions) == 0 {
+		apiError(ctx, http.StatusNotFound, nil)
+		return
+	}
+	infoContent, err := makePackageInfo(ctx, versions)
+	if err != nil {
+		apiError(ctx, http.StatusInternalServerError, err)
+		return
+	}
+	ctx.PlainText(http.StatusOK, infoContent)
+}
+
+// GetAllPackagesVersions returns a custom text based format containing information about all versions of all rubygems.
+// ref: https://guides.rubygems.org/rubygems-org-compact-index-api/
+func GetAllPackagesVersions(ctx *context.Context) {
+	packages, err := packages_model.GetPackagesByType(ctx, ctx.Package.Owner.ID, packages_model.TypeRubyGems)
+	if err != nil {
+		apiError(ctx, http.StatusInternalServerError, err)
+		return
+	}
+
+	out := &strings.Builder{}
+	out.WriteString("---\n")
+	for _, pkg := range packages {
+		versions, err := packages_model.GetVersionsByPackageName(ctx, ctx.Package.Owner.ID, packages_model.TypeRubyGems, pkg.Name)
+		if err != nil {
+			apiError(ctx, http.StatusInternalServerError, err)
+			return
+		}
+		if len(versions) == 0 {
+			continue
+		}
+
+		info, err := makePackageInfo(ctx, versions)
+		if err != nil {
+			apiError(ctx, http.StatusInternalServerError, err)
+			return
+		}
+
+		// format: RUBYGEM [-]VERSION_PLATFORM[,VERSION_PLATFORM],...] MD5
+		_, _ = fmt.Fprintf(out, "%s ", pkg.Name)
+		for i, v := range versions {
+			sep := util.Iif(i == len(versions)-1, "", ",")
+			_, _ = fmt.Fprintf(out, "%s%s", v.Version, sep)
+		}
+		_, _ = fmt.Fprintf(out, " %x\n", md5.Sum([]byte(info)))
+	}
+
+	ctx.PlainText(http.StatusOK, out.String())
+}
+
+func writePackageVersionRequirements(prefix string, reqs []rubygems_module.VersionRequirement, out *strings.Builder) {
+	out.WriteString(prefix)
+	if len(reqs) == 0 {
+		reqs = []rubygems_module.VersionRequirement{{Restriction: ">=", Version: "0"}}
+	}
+	for i, req := range reqs {
+		sep := util.Iif(i == 0, "", "&")
+		_, _ = fmt.Fprintf(out, "%s%s %s", sep, req.Restriction, req.Version)
+	}
+}
+
+func makePackageVersionDependency(ctx *context.Context, version *packages_model.PackageVersion) (string, error) {
+	// format: VERSION[-PLATFORM] [DEPENDENCY[,DEPENDENCY,...]]|REQUIREMENT[,REQUIREMENT,...]
+	// DEPENDENCY: GEM:CONSTRAINT[&CONSTRAINT]
+	// REQUIREMENT: KEY:VALUE (always contains "checksum")
+	pd, err := packages_model.GetPackageDescriptor(ctx, version)
+	if err != nil {
+		return "", err
+	}
+
+	metadata := pd.Metadata.(*rubygems_module.Metadata)
+	fullFilename := makeGemFullFileName(pd.Package.Name, version.Version, metadata.Platform)
+	file, err := packages_model.GetFileForVersionByName(ctx, version.ID, fullFilename, "")
+	if err != nil {
+		return "", err
+	}
+	blob, err := packages_model.GetBlobByID(ctx, file.BlobID)
+	if err != nil {
+		return "", err
+	}
+
+	buf := &strings.Builder{}
+	buf.WriteString(version.Version)
+	buf.WriteByte(' ')
+	for i, dep := range metadata.RuntimeDependencies {
+		sep := util.Iif(i == 0, "", ",")
+		writePackageVersionRequirements(fmt.Sprintf("%s%s:", sep, dep.Name), dep.Version, buf)
+	}
+	_, _ = fmt.Fprintf(buf, "|checksum:%s", blob.HashSHA256)
+	if len(metadata.RequiredRubyVersion) != 0 {
+		writePackageVersionRequirements(",ruby:", metadata.RequiredRubyVersion, buf)
+	}
+	if len(metadata.RequiredRubygemsVersion) != 0 {
+		writePackageVersionRequirements(",rubygems:", metadata.RequiredRubygemsVersion, buf)
+	}
+	return buf.String(), nil
+}
+
+func makePackageInfo(ctx *context.Context, versions []*packages_model.PackageVersion) (string, error) {
+	ret := "---\n"
+	for _, v := range versions {
+		dep, err := makePackageVersionDependency(ctx, v)
+		if err != nil {
+			return "", err
+		}
+		ret += dep + "\n"
+	}
+	return ret, nil
+}
+
+func makeGemFullFileName(gemName, version, platform string) string {
+	var basename string
+	if platform == "" || platform == "ruby" {
+		basename = fmt.Sprintf("%s-%s", gemName, version)
+	} else {
+		basename = fmt.Sprintf("%s-%s-%s", gemName, version, platform)
+	}
+	return strings.ToLower(basename) + ".gem"
+}
+
 func getVersionsByFilename(ctx *context.Context, filename string) ([]*packages_model.PackageVersion, error) {
 	pvs, _, err := packages_model.SearchVersions(ctx, &packages_model.PackageSearchOptions{
 		OwnerID:         ctx.Package.Owner.ID,
diff --git a/tests/integration/api_packages_rubygems_test.go b/tests/integration/api_packages_rubygems_test.go
index 5670731c49..fe9283df4d 100644
--- a/tests/integration/api_packages_rubygems_test.go
+++ b/tests/integration/api_packages_rubygems_test.go
@@ -4,7 +4,11 @@
 package integration
 
 import (
+	"archive/tar"
 	"bytes"
+	"compress/gzip"
+	"crypto/sha256"
+	"crypto/sha512"
 	"encoding/base64"
 	"fmt"
 	"mime/multipart"
@@ -21,101 +25,167 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
+type tarFile struct {
+	Name string
+	Data []byte
+}
+
+func makeArchiveFileTar(files []*tarFile) []byte {
+	buf := new(bytes.Buffer)
+	tarWriter := tar.NewWriter(buf)
+	for _, file := range files {
+		_ = tarWriter.WriteHeader(&tar.Header{
+			Typeflag: tar.TypeReg,
+			Name:     file.Name,
+			Mode:     0o644,
+			Size:     int64(len(file.Data)),
+		})
+		_, _ = tarWriter.Write(file.Data)
+	}
+	_ = tarWriter.Close()
+	return buf.Bytes()
+}
+
+func makeArchiveFileGz(data []byte) []byte {
+	buf := new(bytes.Buffer)
+	gzWriter, _ := gzip.NewWriterLevel(buf, gzip.NoCompression)
+	_, _ = gzWriter.Write(data)
+	_ = gzWriter.Close()
+	return buf.Bytes()
+}
+
+func makeRubyGem(name, version string) []byte {
+	metadataContent := fmt.Sprintf(`--- !ruby/object:Gem::Specification
+name: %s
+version: !ruby/object:Gem::Version
+  version: %s
+platform: ruby
+authors:
+- Gitea
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2021-08-23 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: runtime-dep
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.2.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: dev-dep
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.2'
+description: RubyGems package test
+email: rubygems@gitea.io
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- lib/gitea.rb
+homepage: https://gitea.io/
+licenses:
+- MIT
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: 2.3.0
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '1.0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.7.6.2
+signing_key:
+specification_version: 4
+summary: Gitea package
+test_files: []
+`, name, version)
+
+	metadataGz := makeArchiveFileGz([]byte(metadataContent))
+	dataTarGz := makeArchiveFileGz(makeArchiveFileTar([]*tarFile{
+		{
+			Name: "lib/gitea.rb",
+			Data: []byte("class Gitea\nend"),
+		},
+	}))
+
+	checksumsYaml := fmt.Sprintf(`---
+SHA256:
+  metadata.gz: %x
+  data.tar.gz: %x
+SHA512:
+  metadata.gz: %x
+  data.tar.gz: %x
+`, sha256.Sum256(metadataGz), sha256.Sum256(dataTarGz), sha512.Sum512(metadataGz), sha512.Sum512(dataTarGz))
+
+	files := []*tarFile{
+		{
+			Name: "data.tar.gz",
+			Data: dataTarGz,
+		},
+		{
+			Name: "metadata.gz",
+			Data: metadataGz,
+		},
+		{
+			Name: "checksums.yaml.gz",
+			Data: makeArchiveFileGz([]byte(checksumsYaml)),
+		},
+	}
+	return makeArchiveFileTar(files)
+}
+
 func TestPackageRubyGems(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
 
 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 
-	packageName := "gitea"
-	packageVersion := "1.0.5"
-	packageFilename := "gitea-1.0.5.gem"
+	testGemName := "gitea"
+	testGemVersion := "1.0.5"
+	testGemContent := makeRubyGem(testGemName, testGemVersion)
+	testGemContentChecksum := fmt.Sprintf("%x", sha256.Sum256(testGemContent))
 
-	gemContent, _ := base64.StdEncoding.DecodeString(`bWV0YWRhdGEuZ3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDA0NDQAMDAwMDAw
-MAAwMDAwMDAwADAwMDAwMDAxMDQxADE0MTEwNzcyMzY2ADAxMzQ0MQAgMAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHdoZWVsAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAd2hlZWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDAwADAwMDAw
-MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf
-iwgA9vQjYQID1VVNb9QwEL37V5he9pRsmlJAFlQckCoOXAriQIUix5nNmsYf2JOqKwS/nYmz2d3Q
-qqCCKpFdadfjmfdm5nmcLMv4k9DXm6Wrv4BCcQ5GiPcelF5pJVE7y6w0IHirESS7hhDJJu4I+jhu
-Mc53Tsd5kZ8y30lcuWAEH2KY7HHtQhQs4+cJkwwuwNdeB6JhtbaNDoLTL1MQsFJrqQnr8jNrJJJH
-WZTHWfEiK094UYj0zYvp4Z9YAx5sA1ZpSCS3M30zeWwo2bG60FvUBjIKJts2GwMW76r0Yr9NzjN3
-YhwsGX2Ozl4dpcWwvK9d43PQtDIv9igvHwSyIIwFmXHjqTqxLY8MPkCADmQk80p2EfZ6VbM6/ue6
-/1D0Bq7/qeA/zh6W82leHmhFWUHn/JbsEfT6q7QbiCpoj8l0QcEUFLmX6kq2wBEiMjBSd+Pwt7T5
-Ot0kuXYMbkD1KOuOBnWYb7hBsAP4bhlkFRqnqpWefMZ/pHCn6+WIFGq2dgY8EQq+RvRRLJcTyZJ1
-WhHqGPTu7QdmACXdJFLwb9+ZdxErbSPKrqsMxJhAWCJ1qaqRdtu6yktcT/STsamG0qp7rsa5EL/K
-MBua30uw4ynzExqYWRJDfx8/kQWN3PwsDh2jYLr1W+pZcAmCs9splvnz/Flesqhbq21bXcGG/OLh
-+2fv/JTF3hgZyCW9OaZjxoZjdnBGfgKpxZyJ1QYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGF0
-YS50YXIuZ3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAwMDA0NDQAMDAwMDAwMAAw
-MDAwMDAwADAwMDAwMDAwMjQyADE0MTEwNzcyMzY2ADAxMzM2MQAgMAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c3RhcgAwMHdoZWVsAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAd2hlZWwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwMDAwADAwMDAwMDAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfiwgA
-9vQjYQID7M/NCsMgDABgz32KrA/QxersK/Q17ExXIcyhlr7+HLv1sJ02KPhBCPk5JOyn881nsl2c
-xI+gRDRaC3zbZ8RBCamlxGHolTFlX11kLwDFH6wp21hO2RYi/rD3bb5/7iCubFOCMbBtABzNkIjn
-bvGlAnisOUE7EnOALUR2p7b06e6aV4iqqqrquJ4AAAD//wMA+sA/NQAIAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGNoZWNr
-c3Vtcy55YW1sLmd6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMDAwNDQ0ADAwMDAwMDAAMDAw
-MDAwMAAwMDAwMDAwMDQ1MAAxNDExMDc3MjM2NgAwMTQ2MTIAIDAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdXN0YXIAMDB3aGVlbAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAHdoZWVsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDAwMDAwMAAwMDAwMDAwAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH4sIAPb0
-I2ECA2WQOa4UQAxE8znFXGCQ21vbPyMj5wRuL0Qk6EecnmZCyKyy9FSvXq/X4/u3ryj68Xg+f/Zn
-VHzGlx+/P57qvU4XxWalBKftSXOgCjNYkdRycrC5Axem+W4HqS12PNEv7836jF9vnlHxwSyxKY+y
-go0cPblyHzkrZ4HF1GSVhe7mOOoasXNk2fnbUxb+19Pp9tobD/QlJKMX7y204PREh6nQ5hG9Alw6
-x4TnmtA+aekGfm6wAseog2LSgpR4Q7cYnAH3K4qAQa6A6JCC1gpuY7P+9YxE5SZ+j0eVGbaBTwBQ
-iIqRUyyzLCoFCBdYNWxniapTavD97blXTzFvgoVoAsKBAtlU48cdaOmeZDpwV01OtcGwjscfeUrY
-B9QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`)
+	testAnotherGemName := "gitea-another"
+	testAnotherGemVersion := "0.99"
 
 	root := fmt.Sprintf("/api/packages/%s/rubygems", user.Name)
 
-	uploadFile := func(t *testing.T, expectedStatus int) {
-		req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/api/v1/gems", root), bytes.NewReader(gemContent)).
+	uploadFile := func(t *testing.T, content []byte, expectedStatus int) {
+		req := NewRequestWithBody(t, "POST", fmt.Sprintf("%s/api/v1/gems", root), bytes.NewReader(content)).
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, expectedStatus)
 	}
@@ -123,7 +193,7 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`)
 	t.Run("Upload", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		uploadFile(t, http.StatusCreated)
+		uploadFile(t, testGemContent, http.StatusCreated)
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeRubyGems)
 		assert.NoError(t, err)
@@ -133,34 +203,33 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`)
 		assert.NoError(t, err)
 		assert.NotNil(t, pd.SemVer)
 		assert.IsType(t, &rubygems.Metadata{}, pd.Metadata)
-		assert.Equal(t, packageName, pd.Package.Name)
-		assert.Equal(t, packageVersion, pd.Version.Version)
+		assert.Equal(t, testGemName, pd.Package.Name)
+		assert.Equal(t, testGemVersion, pd.Version.Version)
 
 		pfs, err := packages.GetFilesByVersionID(db.DefaultContext, pvs[0].ID)
 		assert.NoError(t, err)
 		assert.Len(t, pfs, 1)
-		assert.Equal(t, packageFilename, pfs[0].Name)
+		assert.Equal(t, fmt.Sprintf("%s-%s.gem", testGemName, testGemVersion), pfs[0].Name)
 		assert.True(t, pfs[0].IsLead)
 
 		pb, err := packages.GetBlobByID(db.DefaultContext, pfs[0].BlobID)
 		assert.NoError(t, err)
-		assert.Equal(t, int64(4608), pb.Size)
+		assert.EqualValues(t, len(testGemContent), pb.Size)
 	})
 
 	t.Run("UploadExists", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
-
-		uploadFile(t, http.StatusConflict)
+		uploadFile(t, testGemContent, http.StatusConflict)
 	})
 
 	t.Run("Download", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/gems/%s", root, packageFilename)).
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/gems/%s-%s.gem", root, testGemName, testGemVersion)).
 			AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
-		assert.Equal(t, gemContent, resp.Body.Bytes())
+		assert.Equal(t, testGemContent, resp.Body.Bytes())
 
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeRubyGems)
 		assert.NoError(t, err)
@@ -171,7 +240,7 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA`)
 	t.Run("DownloadGemspec", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
-		req := NewRequest(t, "GET", fmt.Sprintf("%s/quick/Marshal.4.8/%sspec.rz", root, packageFilename)).
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/quick/Marshal.4.8/%s-%s.gemspec.rz", root, testGemName, testGemVersion)).
 			AddBasicAuth(user.Name)
 		resp := MakeRequest(t, req, http.StatusOK)
 
@@ -206,22 +275,63 @@ gAAAAP//MS06Gw==`)
 		enumeratePackages(t, "prerelease_specs.4.8.gz", b)
 	})
 
-	t.Run("Delete", func(t *testing.T) {
+	t.Run("UploadAnother", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		uploadFile(t, makeRubyGem(testAnotherGemName, testAnotherGemVersion), http.StatusCreated)
+	})
+
+	t.Run("PackageInfo", func(t *testing.T) {
 		defer tests.PrintCurrentTest(t)()
 
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/info/%s", root, testGemName)).AddBasicAuth(user.Name)
+		resp := MakeRequest(t, req, http.StatusOK)
+		expected := fmt.Sprintf(`---
+1.0.5 runtime-dep:>= 1.2.0&< 2.0|checksum:%s,ruby:>= 2.3.0,rubygems:>= 1.0
+`, testGemContentChecksum)
+		assert.Equal(t, expected, resp.Body.String())
+	})
+
+	t.Run("Versions", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/versions", root)).AddBasicAuth(user.Name)
+		resp := MakeRequest(t, req, http.StatusOK)
+		assert.Equal(t, `---
+gitea 1.0.5 08843c2dd0ea19910e6b056b98e38f1c
+gitea-another 0.99 8b639e4048d282941485368ec42609be
+`, resp.Body.String())
+	})
+
+	deleteGemPackage := func(t *testing.T, packageName, packageVersion string) {
 		body := bytes.Buffer{}
 		writer := multipart.NewWriter(&body)
-		writer.WriteField("gem_name", packageName)
-		writer.WriteField("version", packageVersion)
-		writer.Close()
-
+		_ = writer.WriteField("gem_name", packageName)
+		_ = writer.WriteField("version", packageVersion)
+		_ = writer.Close()
 		req := NewRequestWithBody(t, "DELETE", fmt.Sprintf("%s/api/v1/gems/yank", root), &body).
 			SetHeader("Content-Type", writer.FormDataContentType()).
 			AddBasicAuth(user.Name)
 		MakeRequest(t, req, http.StatusOK)
+	}
 
+	t.Run("DeleteAll", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		deleteGemPackage(t, testGemName, testGemVersion)
+		deleteGemPackage(t, testAnotherGemName, testAnotherGemVersion)
 		pvs, err := packages.GetVersionsByPackageType(db.DefaultContext, user.ID, packages.TypeRubyGems)
 		assert.NoError(t, err)
 		assert.Empty(t, pvs)
 	})
+
+	t.Run("PackageInfoAfterDelete", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/info/%s", root, testGemName)).AddBasicAuth(user.Name)
+		MakeRequest(t, req, http.StatusNotFound)
+	})
+
+	t.Run("VersionsAfterDelete", func(t *testing.T) {
+		defer tests.PrintCurrentTest(t)()
+		req := NewRequest(t, "GET", fmt.Sprintf("%s/versions", root)).AddBasicAuth(user.Name)
+		resp := MakeRequest(t, req, http.StatusOK)
+		assert.Equal(t, "---\n", resp.Body.String())
+	})
 }

From 4b6eb46e69e460ad81e61f67e468a0f365cbd6a6 Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Mon, 17 Jun 2024 15:21:59 +0200
Subject: [PATCH 45/46] Fix double border in system status table (#31363)

Fix regression from https://github.com/go-gitea/gitea/pull/30712 where
the introduction of this `<div>` caused the `.ui.attached:not(.message)
+ .ui.attached.segment:not(.top)` CSS selector to no longer work and
cause a double border.

Before:

<img width="200" alt="Screenshot 2024-06-13 at 19 06 12"
src="https://github.com/go-gitea/gitea/assets/115237/a9fa0688-adf0-4b2d-a958-6a7679a62031">

After:
<img width="232" alt="Screenshot 2024-06-13 at 19 05 57"
src="https://github.com/go-gitea/gitea/assets/115237/025b780f-f72f-4049-86de-a5d84851bd1d">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---
 templates/admin/dashboard.tmpl | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/templates/admin/dashboard.tmpl b/templates/admin/dashboard.tmpl
index 3445433d53..2f9875f0d9 100644
--- a/templates/admin/dashboard.tmpl
+++ b/templates/admin/dashboard.tmpl
@@ -76,9 +76,11 @@
 			{{ctx.Locale.Tr "admin.dashboard.system_status"}}
 		</h4>
 		{{/* TODO: make these stats work in multi-server deployments, likely needs per-server stats in DB */}}
-		<div class="no-loading-indicator tw-hidden"></div>
-		<div hx-get="{{$.Link}}/system_status" hx-swap="morph:innerHTML" hx-trigger="every 5s" hx-indicator=".no-loading-indicator" class="ui attached table segment">
-			{{template "admin/system_status" .}}
+		<div class="ui attached table segment">
+			<div class="no-loading-indicator tw-hidden"></div>
+			<div hx-get="{{$.Link}}/system_status" hx-swap="morph:innerHTML" hx-trigger="every 5s" hx-indicator=".no-loading-indicator">
+				{{template "admin/system_status" .}}
+			</div>
 		</div>
 	</div>
 {{template "admin/layout_footer" .}}

From 363c1235987793dffa5cc851aaae585eb81f091e Mon Sep 17 00:00:00 2001
From: 6543 <6543@obermui.de>
Date: Mon, 17 Jun 2024 21:22:39 +0200
Subject: [PATCH 46/46] Add cache test for admins (#31265)

Add a test to probe the cache similar to the email test func.


![image](https://github.com/go-gitea/gitea/assets/24977596/700e2733-586d-4091-900f-f5f71e6e94bf)


![image](https://github.com/go-gitea/gitea/assets/24977596/2a953802-18fc-4e81-a37d-24ebe1297365)


![image](https://github.com/go-gitea/gitea/assets/24977596/e00d62ad-bb60-41cc-9138-09993daee156)

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: silverwind <me@silverwind.io>
---
 modules/cache/cache.go          | 32 ++++++++++++++++++
 modules/cache/cache_test.go     | 12 +++++++
 options/locale/locale_en-US.ini |  5 +++
 routers/web/admin/admin.go      |  9 +++++
 routers/web/admin/config.go     | 17 ++++++++++
 routers/web/web.go              |  1 +
 templates/admin/config.tmpl     | 12 +++++--
 templates/admin/self_check.tmpl | 58 +++++++++++++++++++--------------
 8 files changed, 119 insertions(+), 27 deletions(-)

diff --git a/modules/cache/cache.go b/modules/cache/cache.go
index 0753671158..b5400b0bd6 100644
--- a/modules/cache/cache.go
+++ b/modules/cache/cache.go
@@ -4,6 +4,7 @@
 package cache
 
 import (
+	"fmt"
 	"strconv"
 	"time"
 
@@ -35,6 +36,37 @@ func Init() error {
 	return nil
 }
 
+const (
+	testCacheKey       = "DefaultCache.TestKey"
+	SlowCacheThreshold = 100 * time.Microsecond
+)
+
+func Test() (time.Duration, error) {
+	if defaultCache == nil {
+		return 0, fmt.Errorf("default cache not initialized")
+	}
+
+	testData := fmt.Sprintf("%x", make([]byte, 500))
+
+	start := time.Now()
+
+	if err := defaultCache.Delete(testCacheKey); err != nil {
+		return 0, fmt.Errorf("expect cache to delete data based on key if exist but got: %w", err)
+	}
+	if err := defaultCache.Put(testCacheKey, testData, 10); err != nil {
+		return 0, fmt.Errorf("expect cache to store data but got: %w", err)
+	}
+	testVal, hit := defaultCache.Get(testCacheKey)
+	if !hit {
+		return 0, fmt.Errorf("expect cache hit but got none")
+	}
+	if testVal != testData {
+		return 0, fmt.Errorf("expect cache to return same value as stored but got other")
+	}
+
+	return time.Since(start), nil
+}
+
 // GetCache returns the currently configured cache
 func GetCache() StringCache {
 	return defaultCache
diff --git a/modules/cache/cache_test.go b/modules/cache/cache_test.go
index 0c68cc26ee..e0b82f86f2 100644
--- a/modules/cache/cache_test.go
+++ b/modules/cache/cache_test.go
@@ -34,6 +34,18 @@ func TestNewContext(t *testing.T) {
 	assert.Nil(t, con)
 }
 
+func TestTest(t *testing.T) {
+	defaultCache = nil
+	_, err := Test()
+	assert.Error(t, err)
+
+	createTestCache()
+	elapsed, err := Test()
+	assert.NoError(t, err)
+	// mem cache should take from 300ns up to 1ms on modern hardware ...
+	assert.Less(t, elapsed, SlowCacheThreshold)
+}
+
 func TestGetCache(t *testing.T) {
 	createTestCache()
 
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index fbada5472c..815cba6eec 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -93,6 +93,7 @@ remove_all = Remove All
 remove_label_str = Remove item "%s"
 edit = Edit
 view = View
+test = Test
 
 enabled = Enabled
 disabled = Disabled
@@ -3225,6 +3226,10 @@ config.cache_adapter = Cache Adapter
 config.cache_interval = Cache Interval
 config.cache_conn = Cache Connection
 config.cache_item_ttl = Cache Item TTL
+config.cache_test = Test Cache
+config.cache_test_failed = Failed to probe the cache: %v.
+config.cache_test_slow = Cache test successful, but response is slow: %s.
+config.cache_test_succeeded = Cache test successful, got a response in %s.
 
 config.session_config = Session Configuration
 config.session_provider = Session Provider
diff --git a/routers/web/admin/admin.go b/routers/web/admin/admin.go
index dee1650b5a..6fc97c949e 100644
--- a/routers/web/admin/admin.go
+++ b/routers/web/admin/admin.go
@@ -15,6 +15,7 @@ import (
 	activities_model "code.gitea.io/gitea/models/activities"
 	"code.gitea.io/gitea/models/db"
 	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/json"
@@ -222,6 +223,14 @@ func SelfCheck(ctx *context.Context) {
 
 		ctx.Data["DatabaseCheckHasProblems"] = hasProblem
 	}
+
+	elapsed, err := cache.Test()
+	if err != nil {
+		ctx.Data["CacheError"] = err
+	} else if elapsed > cache.SlowCacheThreshold {
+		ctx.Data["CacheSlow"] = fmt.Sprint(elapsed)
+	}
+
 	ctx.HTML(http.StatusOK, tplSelfCheck)
 }
 
diff --git a/routers/web/admin/config.go b/routers/web/admin/config.go
index 2a842cff82..2ae93e9cac 100644
--- a/routers/web/admin/config.go
+++ b/routers/web/admin/config.go
@@ -12,6 +12,7 @@ import (
 
 	system_model "code.gitea.io/gitea/models/system"
 	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
@@ -42,6 +43,22 @@ func SendTestMail(ctx *context.Context) {
 	ctx.Redirect(setting.AppSubURL + "/admin/config")
 }
 
+// TestCache test the cache settings
+func TestCache(ctx *context.Context) {
+	elapsed, err := cache.Test()
+	if err != nil {
+		ctx.Flash.Error(ctx.Tr("admin.config.cache_test_failed", err))
+	} else {
+		if elapsed > cache.SlowCacheThreshold {
+			ctx.Flash.Warning(ctx.Tr("admin.config.cache_test_slow", elapsed))
+		} else {
+			ctx.Flash.Info(ctx.Tr("admin.config.cache_test_succeeded", elapsed))
+		}
+	}
+
+	ctx.Redirect(setting.AppSubURL + "/admin/config")
+}
+
 func shadowPasswordKV(cfgItem, splitter string) string {
 	fields := strings.Split(cfgItem, splitter)
 	for i := 0; i < len(fields); i++ {
diff --git a/routers/web/web.go b/routers/web/web.go
index 5fb1ce0e80..08f5d3d068 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -692,6 +692,7 @@ func registerRoutes(m *web.Route) {
 			m.Get("", admin.Config)
 			m.Post("", admin.ChangeConfig)
 			m.Post("/test_mail", admin.SendTestMail)
+			m.Post("/test_cache", admin.TestCache)
 			m.Get("/settings", admin.ConfigSettings)
 		})
 
diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl
index 197a6c6add..87f18192a6 100644
--- a/templates/admin/config.tmpl
+++ b/templates/admin/config.tmpl
@@ -229,8 +229,8 @@
 					<dt>{{ctx.Locale.Tr "admin.config.mailer_user"}}</dt>
 					<dd>{{if .Mailer.User}}{{.Mailer.User}}{{else}}(empty){{end}}</dd>
 					<div class="divider"></div>
-					<dt class="tw-py-1">{{ctx.Locale.Tr "admin.config.send_test_mail"}}</dt>
-					<dd>
+					<dt class="tw-py-1 tw-flex tw-items-center">{{ctx.Locale.Tr "admin.config.send_test_mail"}}</dt>
+					<dd class="tw-py-0">
 						<form class="ui form ignore-dirty" action="{{AppSubUrl}}/admin/config/test_mail" method="post">
 							{{.CsrfTokenHtml}}
 							<div class="ui tiny input">
@@ -260,6 +260,14 @@
 					<dt>{{ctx.Locale.Tr "admin.config.cache_item_ttl"}}</dt>
 					<dd><code>{{.CacheItemTTL}}</code></dd>
 				{{end}}
+				<div class="divider"></div>
+				<dt class="tw-py-1 tw-flex tw-items-center">{{ctx.Locale.Tr "admin.config.cache_test"}}</dt>
+				<dd class="tw-py-0">
+					<form class="ui form ignore-dirty" action="{{AppSubUrl}}/admin/config/test_cache" method="post">
+						{{.CsrfTokenHtml}}
+						<button class="ui tiny primary button">{{ctx.Locale.Tr "test"}}</button>
+					</form>
+				</dd>
 			</dl>
 		</div>
 
diff --git a/templates/admin/self_check.tmpl b/templates/admin/self_check.tmpl
index b249bf228e..a7f43f4e12 100644
--- a/templates/admin/self_check.tmpl
+++ b/templates/admin/self_check.tmpl
@@ -17,32 +17,40 @@
 	<div class="ui attached segment tw-hidden self-check-problem" id="self-check-by-frontend"></div>
 
 	{{if .DatabaseCheckHasProblems}}
-	<div class="ui attached segment self-check-problem">
-		{{if .DatabaseType.IsMySQL}}
-			<div class="tw-p-2">{{ctx.Locale.Tr "admin.self_check.database_fix_mysql"}}</div>
-		{{else if .DatabaseType.IsMSSQL}}
-			<div class="tw-p-2">{{ctx.Locale.Tr "admin.self_check.database_fix_mssql"}}</div>
-		{{end}}
-		{{if .DatabaseCheckCollationMismatch}}
-			<div class="ui red message">{{ctx.Locale.Tr "admin.self_check.database_collation_mismatch" .DatabaseCheckResult.ExpectedCollation}}</div>
-		{{end}}
-		{{if .DatabaseCheckCollationCaseInsensitive}}
-			<div class="ui warning message">{{ctx.Locale.Tr "admin.self_check.database_collation_case_insensitive" .DatabaseCheckResult.DatabaseCollation}}</div>
-		{{end}}
-		{{if .DatabaseCheckInconsistentCollationColumns}}
-			<div class="ui red message">
-				<details>
-					<summary>{{ctx.Locale.Tr "admin.self_check.database_inconsistent_collation_columns" .DatabaseCheckResult.DatabaseCollation}}</summary>
-					<ul class="tw-w-full">
-					{{range .DatabaseCheckInconsistentCollationColumns}}
-						<li>{{.}}</li>
-					{{end}}
-					</ul>
-				</details>
-			</div>
-		{{end}}
-	</div>
+		<div class="ui attached segment self-check-problem">
+			{{if .DatabaseType.IsMySQL}}
+				<div class="tw-p-2">{{ctx.Locale.Tr "admin.self_check.database_fix_mysql"}}</div>
+			{{else if .DatabaseType.IsMSSQL}}
+				<div class="tw-p-2">{{ctx.Locale.Tr "admin.self_check.database_fix_mssql"}}</div>
+			{{end}}
+			{{if .DatabaseCheckCollationMismatch}}
+				<div class="ui red message">{{ctx.Locale.Tr "admin.self_check.database_collation_mismatch" .DatabaseCheckResult.ExpectedCollation}}</div>
+			{{end}}
+			{{if .DatabaseCheckCollationCaseInsensitive}}
+				<div class="ui warning message">{{ctx.Locale.Tr "admin.self_check.database_collation_case_insensitive" .DatabaseCheckResult.DatabaseCollation}}</div>
+			{{end}}
+			{{if .DatabaseCheckInconsistentCollationColumns}}
+				<div class="ui red message">
+					<details>
+						<summary>{{ctx.Locale.Tr "admin.self_check.database_inconsistent_collation_columns" .DatabaseCheckResult.DatabaseCollation}}</summary>
+						<ul class="tw-w-full">
+						{{range .DatabaseCheckInconsistentCollationColumns}}
+							<li>{{.}}</li>
+						{{end}}
+						</ul>
+					</details>
+				</div>
+			{{end}}
+		</div>
 	{{end}}
+
+	{{if .CacheError}}
+		<div class="ui red message">{{ctx.Locale.Tr "admin.config.cache_test_failed" .CacheError}}</div>
+	{{end}}
+	{{if .CacheSlow}}
+		<div class="ui warning message">{{ctx.Locale.Tr "admin.config.cache_test_slow" .CacheSlow}}</div>
+	{{end}}
+
 	{{/* only shown when there is no visible "self-check-problem" */}}
 	<div class="ui attached segment tw-hidden self-check-no-problem">
 		{{ctx.Locale.Tr "admin.self_check.no_problem_found"}}