[v10.0/forgejo] fix: avoid Gitea migration warnings (take 2) (#6578)

**Backport:** https://codeberg.org/forgejo/forgejo/pulls/6577

274bc480b4 introduced a regression in https://codeberg.org/forgejo/forgejo/pulls/6343

Trying to remove fields that have already been removed by

dd1523c72e/models/forgejo_migrations/v14.go

Is a noop for SQLite and went undetected by the upgrade tests.

Fixes: https://codeberg.org/forgejo/forgejo/issues/6575
Co-authored-by: Earl Warren <contact@earl-warren.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6578
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>
Co-committed-by: forgejo-backport-action <forgejo-backport-action@noreply.codeberg.org>

.deadcode-out

@@ -1,7 +1,7 @@
-forgejo.org/cmd
+code.gitea.io/gitea/cmd
 	NoMainListener
 
-forgejo.org/cmd/forgejo
+code.gitea.io/gitea/cmd/forgejo
 	ContextSetNoInit
 	ContextSetNoExit
 	ContextSetStderr
@@ -9,94 +9,128 @@ forgejo.org/cmd/forgejo
 	ContextSetStdout
 	ContextSetStdin
 
-forgejo.org/models
+code.gitea.io/gitea/models
+	IsErrUpdateTaskNotExist
+	ErrUpdateTaskNotExist.Error
+	ErrUpdateTaskNotExist.Unwrap
 	IsErrSHANotFound
 	IsErrMergeDivergingFastForwardOnly
 
-forgejo.org/models/auth
+code.gitea.io/gitea/models/actions
+	ScheduleList.GetUserIDs
+	ScheduleList.GetRepoIDs
+	ScheduleList.LoadTriggerUser
+	ScheduleList.LoadRepos
+
+code.gitea.io/gitea/models/asymkey
+	ErrGPGKeyAccessDenied.Error
+	ErrGPGKeyAccessDenied.Unwrap
+	HasDeployKey
+
+code.gitea.io/gitea/models/auth
+	GetSourceByName
 	WebAuthnCredentials
 
-forgejo.org/models/db
+code.gitea.io/gitea/models/db
 	TruncateBeans
 	InTransaction
 	DumpTables
 
-forgejo.org/models/dbfs
+code.gitea.io/gitea/models/dbfs
 	file.renameTo
 	Create
 	Rename
 
-forgejo.org/models/forgefed
+code.gitea.io/gitea/models/forgefed
 	GetFederationHost
 
-forgejo.org/models/forgejo/semver
+code.gitea.io/gitea/models/forgejo/semver
 	GetVersion
 	SetVersionString
 	SetVersion
 
-forgejo.org/models/git
+code.gitea.io/gitea/models/git
 	RemoveDeletedBranchByID
 
-forgejo.org/models/issues
+code.gitea.io/gitea/models/issues
 	IsErrUnknownDependencyType
+	ErrNewIssueInsert.Error
 	IsErrIssueWasClosed
+	ChangeMilestoneStatus
 
-forgejo.org/models/organization
+code.gitea.io/gitea/models/organization
+	GetTeamNamesByID
+	UpdateTeamUnits
 	SearchMembersOptions.ToConds
+	UsersInTeamsCount
 
-forgejo.org/models/perm/access
+code.gitea.io/gitea/models/perm/access
 	GetRepoWriters
 
-forgejo.org/models/repo
+code.gitea.io/gitea/models/project
+	UpdateColumnSorting
+	ChangeProjectStatus
+
+code.gitea.io/gitea/models/repo
+	DeleteAttachmentsByIssue
+	FindReposMapByIDs
+	IsErrTopicNotExist
+	ErrTopicNotExist.Error
+	ErrTopicNotExist.Unwrap
+	GetTopicByName
 	WatchRepoMode
 
-forgejo.org/models/user
+code.gitea.io/gitea/models/user
+	ErrUserInactive.Error
+	ErrUserInactive.Unwrap
 	IsErrExternalLoginUserAlreadyExist
 	IsErrExternalLoginUserNotExist
 	NewFederatedUser
 	IsErrUserSettingIsNotExist
 	GetUserAllSettings
 	DeleteUserSetting
+	GetUserEmailsByNames
+	GetUserNamesByIDs
 
-forgejo.org/modules/activitypub
+code.gitea.io/gitea/modules/activitypub
 	NewContext
 	Context.APClientFactory
 
-forgejo.org/modules/assetfs
+code.gitea.io/gitea/modules/assetfs
 	Bindata
 
-forgejo.org/modules/auth/password/hash
+code.gitea.io/gitea/modules/auth/password/hash
 	DummyHasher.HashWithSaltBytes
 	NewDummyHasher
 
-forgejo.org/modules/auth/password/pwn
+code.gitea.io/gitea/modules/auth/password/pwn
 	WithHTTP
 
-forgejo.org/modules/base
+code.gitea.io/gitea/modules/base
 	SetupGiteaRoot
 
-forgejo.org/modules/cache
+code.gitea.io/gitea/modules/cache
 	GetInt
 	WithNoCacheContext
 	RemoveContextData
 
-forgejo.org/modules/emoji
+code.gitea.io/gitea/modules/charset
+	BreakWriter.Write
+
+code.gitea.io/gitea/modules/emoji
 	ReplaceCodes
 
-forgejo.org/modules/eventsource
+code.gitea.io/gitea/modules/eventsource
 	Event.String
 
-forgejo.org/modules/forgefed
-	NewForgeUndoLike
-	ForgeUndoLike.UnmarshalJSON
-	ForgeUndoLike.Validate
+code.gitea.io/gitea/modules/forgefed
 	GetItemByType
 	JSONUnmarshalerFn
 	NotEmpty
 	ToRepository
 	OnRepository
 
-forgejo.org/modules/git
+code.gitea.io/gitea/modules/git
 	AllowLFSFiltersArgs
 	AddChanges
 	AddChangesWithArgs
@@ -104,57 +138,71 @@ forgejo.org/modules/git
 	CommitChangesWithArgs
 	SetUpdateHook
 	openRepositoryWithDefaultContext
+	IsTagExist
 	ToEntryMode
+	LimitedReaderCloser.Read
+	LimitedReaderCloser.Close
 
-forgejo.org/modules/gitrepo
+code.gitea.io/gitea/modules/gitgraph
+	Parser.Reset
+
+code.gitea.io/gitea/modules/gitrepo
 	GetBranchCommitID
 	GetWikiDefaultBranch
 
-forgejo.org/modules/graceful
+code.gitea.io/gitea/modules/graceful
 	Manager.TerminateContext
 	Manager.Err
 	Manager.Value
 	Manager.Deadline
 
-forgejo.org/modules/hcaptcha
+code.gitea.io/gitea/modules/hcaptcha
 	WithHTTP
 
-forgejo.org/modules/hostmatcher
+code.gitea.io/gitea/modules/hostmatcher
 	HostMatchList.AppendPattern
 
-forgejo.org/modules/json
+code.gitea.io/gitea/modules/json
 	StdJSON.Marshal
 	StdJSON.Unmarshal
 	StdJSON.NewEncoder
 	StdJSON.NewDecoder
 	StdJSON.Indent
 
-forgejo.org/modules/log
-	NewEventWriterBuffer
-
-forgejo.org/modules/markup
+code.gitea.io/gitea/modules/markup
 	GetRendererByType
 	RenderString
 	IsMarkupFile
 
-forgejo.org/modules/markup/console
+code.gitea.io/gitea/modules/markup/console
 	Render
 	RenderString
 
-forgejo.org/modules/markup/markdown
+code.gitea.io/gitea/modules/markup/markdown
+	IsDetails
+	IsSummary
+	IsTaskCheckBoxListItem
+	IsIcon
 	RenderRawString
 
-forgejo.org/modules/markup/mdstripper
+code.gitea.io/gitea/modules/markup/markdown/math
+	WithInlineDollarParser
+	WithBlockDollarParser
+
+code.gitea.io/gitea/modules/markup/mdstripper
 	stripRenderer.AddOptions
 	StripMarkdown
 
-forgejo.org/modules/markup/orgmode
+code.gitea.io/gitea/modules/markup/orgmode
 	RenderString
 
-forgejo.org/modules/process
+code.gitea.io/gitea/modules/private
+	ActionsRunnerRegister
+
+code.gitea.io/gitea/modules/process
 	Manager.ExecTimeout
 
-forgejo.org/modules/queue
+code.gitea.io/gitea/modules/queue
 	newBaseChannelSimple
 	newBaseChannelUnique
 	newBaseRedisSimple
@@ -163,73 +211,89 @@ forgejo.org/modules/queue
 	testStateRecorder.Reset
 	newWorkerPoolQueueForTest
 
-forgejo.org/modules/queue/lqinternal
+code.gitea.io/gitea/modules/queue/lqinternal
 	QueueItemIDBytes
 	QueueItemKeyBytes
 	ListLevelQueueKeys
 
-forgejo.org/modules/setting
+code.gitea.io/gitea/modules/setting
 	NewConfigProviderFromData
 	GitConfigType.GetOption
 	InitLoggersForTest
 
-forgejo.org/modules/sync
+code.gitea.io/gitea/modules/storage
+	ErrInvalidConfiguration.Error
+	IsErrInvalidConfiguration
+
+code.gitea.io/gitea/modules/structs
+	ParseCreateHook
+	ParsePushHook
+
+code.gitea.io/gitea/modules/sync
 	StatusTable.Start
 	StatusTable.IsRunning
 
-forgejo.org/modules/timeutil
+code.gitea.io/gitea/modules/timeutil
 	GetExecutableModTime
 	MockSet
 	MockUnset
 
-forgejo.org/modules/translation
+code.gitea.io/gitea/modules/translation
 	MockLocale.Language
 	MockLocale.TrString
 	MockLocale.Tr
 	MockLocale.TrN
-	MockLocale.TrPluralString
-	MockLocale.TrPluralStringAllForms
 	MockLocale.TrSize
-	MockLocale.HasKey
 	MockLocale.PrettyNumber
 
-forgejo.org/modules/translation/localeiter
-	IterateMessagesContent
-
-forgejo.org/modules/util
+code.gitea.io/gitea/modules/util
 	OptionalArg
 
-forgejo.org/modules/util/filebuffer
+code.gitea.io/gitea/modules/util/filebuffer
 	CreateFromReader
 
-forgejo.org/modules/validation
+code.gitea.io/gitea/modules/validation
 	IsErrNotValid
-	ValidateIDExists
 
-forgejo.org/modules/web
+code.gitea.io/gitea/modules/web
 	RouteMock
 	RouteMockReset
 
-forgejo.org/modules/zstd
+code.gitea.io/gitea/modules/web/middleware
+	DeleteLocaleCookie
+
+code.gitea.io/gitea/modules/zstd
 	NewWriter
 	Writer.Write
 	Writer.Close
 
-forgejo.org/routers/web/org
+code.gitea.io/gitea/routers/web
+	NotFound
+
+code.gitea.io/gitea/routers/web/org
 	MustEnableProjects
 
-forgejo.org/services/context
+code.gitea.io/gitea/services/context
 	GetPrivateContext
 
-forgejo.org/services/repository
+code.gitea.io/gitea/services/convert
+	ToSecret
+
+code.gitea.io/gitea/services/forms
+	DeadlineForm.Validate
+
+code.gitea.io/gitea/services/pull
+	IsCommitStatusContextSuccess
+
+code.gitea.io/gitea/services/repository
 	IsErrForkAlreadyExist
 
-forgejo.org/services/repository/files
+code.gitea.io/gitea/services/repository/files
 	ContentType.String
+	GetFileResponseFromCommit
+	TemporaryUploadRepository.GetLastCommit
+	TemporaryUploadRepository.GetLastCommitByRef
 
-forgejo.org/services/repository/gitgraph
-	Parser.Reset
-
-forgejo.org/services/webhook
+code.gitea.io/gitea/services/webhook
 	NewNotifier
 

.devcontainer/devcontainer.json

@@ -1,12 +1,16 @@
 {
   "name": "Gitea DevContainer",
-  "image": "mcr.microsoft.com/devcontainers/go:1.24-bullseye",
+  "image": "mcr.microsoft.com/devcontainers/go:1.23-bullseye",
   "features": {
     // installs nodejs into container
     "ghcr.io/devcontainers/features/node:1": {
-      "version": "22"
+      "version": "20"
     },
     "ghcr.io/devcontainers/features/git-lfs:1.2.3": {},
+    "ghcr.io/devcontainers-contrib/features/poetry:2": {},
+    "ghcr.io/devcontainers/features/python:1": {
+      "version": "3.12"
+    },
     "ghcr.io/warrenbuckley/codespace-features/sqlite:1": {}
   },
   "customizations": {

.dockerignore

@@ -34,7 +34,6 @@ _testmain.go
 
 *coverage.out
 coverage.all
-coverage/
 cpu.out
 
 /modules/migration/bindata.go

.editorconfig

@@ -12,9 +12,6 @@ insert_final_newline = true
 [{*.{go,tmpl,html},Makefile,go.mod}]
 indent_style = tab
 
-[go.*]
-indent_style = tab
-
 [templates/custom/*.tmpl]
 insert_final_newline = false
 
@@ -29,8 +26,3 @@ insert_final_newline = false
 
 [options/locale/locale_*.ini]
 insert_final_newline = false
-
-# Weblate JSON output defaults to four spaces
-[options/locale_next/locale_*.json]
-indent_style = space
-indent_size = 4

.forgejo/testdata/build-release/Dockerfile

@@ -1,4 +1,4 @@
-FROM data.forgejo.org/oci/alpine:3.21
+FROM data.forgejo.org/oci/alpine:3.20
 ARG RELEASE_VERSION=unkown
 LABEL maintainer="contact@forgejo.org" \
       org.opencontainers.image.version="${RELEASE_VERSION}"

.forgejo/testdata/build-release/go.mod

@@ -1,3 +1,3 @@
-module forgejo.org
+module code.gitea.io/gitea
 
 go 1.23.3

.forgejo/workflows-composite/build-backend/action.yaml

@@ -3,7 +3,7 @@ runs:
   steps:
     - run: |
         su forgejo -c 'make deps-backend'
-    - uses: https://data.forgejo.org/actions/cache@v4
+    - uses: actions/cache@v4
       id: cache-backend
       with:
         path: ${{github.workspace}}/gitea

.forgejo/workflows-composite/setup-cache-go/action.yaml

@@ -27,10 +27,8 @@ runs:
     - name: "Get go environment information"
       id: go-environment
       run: |
-        chmod 755 $HOME # ensure ${RUN_AS_USER} has permission when go is located in $HOME
-        export GOROOT="$(go env GOROOT)"
-        echo "modcache=$(su ${RUN_AS_USER} -c '${GOROOT}/bin/go env GOMODCACHE')" >> "$GITHUB_OUTPUT"
-        echo "cache=$(su ${RUN_AS_USER} -c '${GOROOT}/bin/go env GOCACHE')" >> "$GITHUB_OUTPUT"
+        echo "modcache=$(su ${RUN_AS_USER} -c '/opt/hostedtoolcache/go/${GO_VERSION}/x64/bin/go env GOMODCACHE')" >> "$GITHUB_OUTPUT"
+        echo "cache=$(su ${RUN_AS_USER} -c '/opt/hostedtoolcache/go/${GO_VERSION}/x64/bin/go env GOCACHE')" >> "$GITHUB_OUTPUT"
       env:
         RUN_AS_USER: ${{ inputs.username }}
         GO_VERSION: ${{ steps.go-version.outputs.go-version }}
@@ -50,7 +48,7 @@ runs:
 
     - name: "Restore Go dependencies from cache or mark for later caching"
       id: cache-deps
-      uses: https://data.forgejo.org/actions/cache@v4
+      uses: actions/cache@v4
       with:
         key: setup-cache-go-deps-${{ runner.os }}-${{ inputs.username }}-${{ steps.go-version.outputs.go_version }}-${{ hashFiles('go.sum', 'go.mod') }}
         restore-keys: |

.forgejo/workflows-composite/setup-env/action.yaml

@@ -19,7 +19,7 @@ runs:
         set -ex
         toolchain=$(grep -oP '(?<=toolchain ).+' go.mod)
         version=$(go version | cut -d' ' -f3)
-        if dpkg --compare-versions ${version#go} lt ${toolchain#go}; then
-          echo "go version too low: $toolchain >= $version"
+        if [ "$toolchain" != "$version" ]; then
+          echo "go version mismatch: $toolchain <> $version"
           exit 1
         fi

.forgejo/workflows/backport.yml

@@ -40,14 +40,14 @@ jobs:
       )
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
       - name: event info
         run: |
           cat <<'EOF'
           ${{ toJSON(github) }}
           EOF
-      - uses: https://data.forgejo.org/actions/git-backporting@v4.8.5
+      - uses: https://data.forgejo.org/actions/git-backporting@v4.8.4
         with:
           target-branch-pattern: "^backport/(?<target>(v.*))$"
           strategy: ort

.forgejo/workflows/build-release-integration.yml

@@ -25,7 +25,7 @@ jobs:
     if: vars.ROLE == 'forgejo-coding'
     runs-on: lxc-bookworm
     steps:
-      - uses: https://data.forgejo.org/actions/checkout@v4
+      - uses: actions/checkout@v4
 
       - id: forgejo
         uses: https://data.forgejo.org/actions/setup-forgejo@v2.0.4

.forgejo/workflows/build-release.yml

@@ -33,7 +33,7 @@ jobs:
     # root is used for testing, allow it
     if: vars.ROLE == 'forgejo-integration' || github.repository_owner == 'root'
     steps:
-      - uses: https://data.forgejo.org/actions/checkout@v4
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
@@ -45,7 +45,7 @@ jobs:
 
       - uses: https://data.forgejo.org/actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 20
 
       - uses: https://data.forgejo.org/actions/setup-go@v5
         with:
@@ -164,7 +164,7 @@ jobs:
 
       - name: build container & release
         if: ${{ secrets.TOKEN != '' }}
-        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.4
+        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.1
         with:
           forgejo: "${{ env.GITHUB_SERVER_URL }}"
           owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
@@ -183,7 +183,7 @@ jobs:
 
       - name: build rootless container
         if: ${{ secrets.TOKEN != '' }}
-        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.4
+        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/build@v5.3.1
         with:
           forgejo: "${{ env.GITHUB_SERVER_URL }}"
           owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"

.forgejo/workflows/cascade-setup-end-to-end.yml

@@ -35,13 +35,13 @@ jobs:
       )
     runs-on: docker
     container:
-      image: data.forgejo.org/oci/node:22-bookworm
+      image: data.forgejo.org/oci/node:20-bookworm
     steps:
-      - uses: https://data.forgejo.org/actions/checkout@v4
+      - uses: actions/checkout@v4
         with:
           fetch-depth: '0'
           show-progress: 'false'
-      - uses: https://data.forgejo.org/actions/cascading-pr@v2.2.0
+      - uses: https://code.forgejo.org/actions/cascading-pr@v2.2.0
         with:
           origin-url: ${{ env.GITHUB_SERVER_URL }}
           origin-repo: ${{ github.repository }}

.forgejo/workflows/forgejo-integration-cleanup.yml

@@ -9,7 +9,7 @@ jobs:
     if: vars.ROLE == 'forgejo-integration'
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
 
       - name: apt install curl jq

.forgejo/workflows/merge-requirements.yml

@@ -16,7 +16,7 @@ jobs:
     if: vars.ROLE == 'forgejo-coding'
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
       - name: Debug output
         run: |
@@ -31,7 +31,7 @@ jobs:
             || contains(toJSON(github.event.pull_request.labels), 'test/manual')
           )
         run: |
-          echo "A team member must set the label to either 'present', 'not-needed' or 'manual'."
+          echo "Test label must be set to either 'present', 'not-needed' or 'manual'."
           exit 1
       - name: Missing manual test instructions
         if: >

.forgejo/workflows/mirror.yml

@@ -11,7 +11,7 @@ jobs:
     if: ${{ secrets.MIRROR_TOKEN != '' }}
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
       - name: git push {v*/,}forgejo
         run: |

.forgejo/workflows/publish-release.yml

@@ -2,8 +2,6 @@
 #
 # See also https://forgejo.org/docs/next/contributor/release/#stable-release-process
 #
-# TOKEN_NEXT_DIGEST is a token with write repository access to https://invisible.forgejo.org/infrastructure/next-digest issued by https://invisible.forgejo.org/forgejo-next-digest
-#
 # https://codeberg.org/forgejo-experimental/forgejo
 #
 #  Copies a release from codeberg.org/forgejo-integration to codeberg.org/forgejo-experimental
@@ -16,7 +14,7 @@
 #  vars.DOER: forgejo-experimental-ci
 #  secrets.TOKEN: <generated from codeberg.org/forgejo-experimental-ci>
 #
-# http://invisible.forgejo.org/forgejo/forgejo
+# http://private.forgejo.org/forgejo/forgejo
 #
 #  Copies & sign a release from codeberg.org/forgejo-integration to codeberg.org/forgejo
 #
@@ -41,10 +39,10 @@ jobs:
     runs-on: lxc-bookworm
     if: vars.DOER != '' && vars.FORGEJO != '' && vars.TO_OWNER != '' && vars.FROM_OWNER != '' && secrets.TOKEN != ''
     steps:
-      - uses: https://data.forgejo.org/actions/checkout@v4
+      - uses: actions/checkout@v4
 
       - name: copy & sign
-        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/publish@v5.3.4
+        uses: https://data.forgejo.org/forgejo/forgejo-build-publish/publish@v5.3.1
         with:
           from-forgejo: ${{ vars.FORGEJO }}
           to-forgejo: ${{ vars.FORGEJO }}
@@ -63,14 +61,14 @@ jobs:
 
       - name: get trigger mirror issue
         id: mirror
-        uses: https://data.forgejo.org/infrastructure/issue-action/get@v1.3.0
+        uses: https://data.forgejo.org/infrastructure/issue-action/get@v1.1.0
         with:
           forgejo: https://code.forgejo.org
           repository: forgejo/forgejo
           labels: mirror-trigger
 
       - name: trigger the mirror
-        uses: https://data.forgejo.org/infrastructure/issue-action/set@v1.3.0
+        uses: https://data.forgejo.org/infrastructure/issue-action/set@v1.1.0
         with:
           forgejo: https://code.forgejo.org
           repository: forgejo/forgejo
@@ -82,7 +80,7 @@ jobs:
       - name: upgrade v*.next.forgejo.org
         uses: https://data.forgejo.org/infrastructure/next-digest@v1.1.0
         with:
-          url: https://placeholder:${{ secrets.TOKEN_NEXT_DIGEST }}@invisible.forgejo.org/infrastructure/next-digest
+          url: https://placeholder:${{ secrets.TOKEN_NEXT_DIGEST }}@code.forgejo.org/infrastructure/next-digest
           ref_name: '${{ github.ref_name }}'
           image: 'codeberg.org/forgejo-experimental/forgejo'
           tag_suffix: '-rootless'

.forgejo/workflows/release-notes-assistant-milestones.yml

@@ -4,15 +4,12 @@ on:
   schedule:
     - cron: '@daily'
 
-env:
-  RNA_VERSION: v1.2.5 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org
-
 jobs:
   release-notes:
     if: vars.ROLE == 'forgejo-coding'
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
       - uses: https://data.forgejo.org/actions/checkout@v4
 
@@ -32,5 +29,5 @@ jobs:
           set -x
           curl -sS $GITHUB_SERVER_URL/api/v1/repos/$GITHUB_REPOSITORY/milestones?state=open | jq -r '.[] | .title' | while read forgejo version ; do
             milestone="$forgejo $version"
-            go run code.forgejo.org/forgejo/release-notes-assistant@$RNA_VERSION --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone"  --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version
+            go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage milestone --storage-location "$milestone"  --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} release $version
           done

.forgejo/workflows/release-notes-assistant.yml

@@ -7,15 +7,12 @@ on:
       - synchronize
       - labeled
 
-env:
-  RNA_VERSION: v1.2.5 # renovate: datasource=gitea-releases depName=forgejo/release-notes-assistant registryUrl=https://code.forgejo.org
-
 jobs:
   release-notes:
     if: ( vars.ROLE == 'forgejo-coding' ) && contains(github.event.pull_request.labels.*.name, 'worth a release-note')
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
     steps:
       - uses: https://data.forgejo.org/actions/checkout@v4
 
@@ -41,4 +38,4 @@ jobs:
 
       - name: release-notes-assistant preview
         run: |
-          go run code.forgejo.org/forgejo/release-notes-assistant@$RNA_VERSION --config .release-notes-assistant.yaml --storage pr --storage-location ${{ github.event.pull_request.number }}  --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} preview ${{ github.event.pull_request.number }}
+          go run code.forgejo.org/forgejo/release-notes-assistant@v1.1.1 --config .release-notes-assistant.yaml --storage pr --storage-location ${{ github.event.pull_request.number }}  --forgejo-url $GITHUB_SERVER_URL --repository $GITHUB_REPOSITORY --token ${{ secrets.RELEASE_NOTES_ASSISTANT_TOKEN }} preview ${{ github.event.pull_request.number }}

.forgejo/workflows/renovate.yml

@@ -18,9 +18,6 @@ on:
 env:
   RENOVATE_DRY_RUN: ${{ (github.event_name != 'schedule' && github.ref_name != github.event.repository.default_branch) && 'full' || '' }}
   RENOVATE_REPOSITORIES: ${{ github.repository }}
-  # fix because 10.0.0-58-7e1df53+gitea-1.22.0 < 10.0.0 for semver
-  # and codeberg api returns such versions from `git describe --tags`
-  # RENOVATE_X_PLATFORM_VERSION: 10.0.0+gitea-1.22.0 currently not needed
 
 jobs:
   renovate:
@@ -28,7 +25,7 @@ jobs:
 
     runs-on: docker
     container:
-      image: data.forgejo.org/renovate/renovate:40.31.0
+      image: data.forgejo.org/forgejo-contrib/renovate:39.69.2
 
     steps:
       - name: Load renovate repo cache

.forgejo/workflows/testing.yml

@@ -13,7 +13,7 @@ jobs:
     if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     steps:
       - name: event info
@@ -24,13 +24,13 @@ jobs:
       - uses: https://data.forgejo.org/actions/checkout@v4
       - uses: ./.forgejo/workflows-composite/setup-env
       - run: su forgejo -c 'make deps-backend deps-tools'
-      - run: su forgejo -c 'make --always-make -j$(nproc) lint-backend tidy-check swagger-check lint-swagger fmt-check swagger-validate' # ensure the "go-licenses" make target runs
+      - run: su forgejo -c 'make --always-make -j$(nproc) lint-backend tidy-check swagger-check fmt-check swagger-validate' # ensure the "go-licenses" make target runs
       - uses: ./.forgejo/workflows-composite/build-backend
   frontend-checks:
     if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
     runs-on: docker
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     steps:
       - uses: https://data.forgejo.org/actions/checkout@v4
@@ -46,7 +46,7 @@ jobs:
           apt-get update -qq
           apt-get -q install -qq -y zstd
       - name: "Cache frontend build for playwright testing"
-        uses: https://data.forgejo.org/actions/cache/save@v4
+        uses: actions/cache/save@v4
         with:
           path: ${{github.workspace}}/public/assets
           key: frontend-build-${{ github.sha }}
@@ -55,7 +55,7 @@ jobs:
     runs-on: docker
     needs: [backend-checks, frontend-checks]
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     services:
       elasticsearch:
@@ -104,7 +104,7 @@ jobs:
           fetch-depth: 20
       - uses: ./.forgejo/workflows-composite/setup-env
       - name: "Restore frontend build"
-        uses: https://data.forgejo.org/actions/cache/restore@v4
+        uses: actions/cache/restore@v4
         id: cache-frontend
         with:
           path: ${{github.workspace}}/public/assets
@@ -116,7 +116,7 @@ jobs:
       - uses: ./.forgejo/workflows-composite/build-backend
       - name: Get changed files
         id: changed-files
-        uses: https://data.forgejo.org/tj-actions/changed-files@v46
+        uses: https://data.forgejo.org/tj-actions/changed-files@v45
         with:
           separator: '\n'
       - run: |
@@ -138,7 +138,7 @@ jobs:
     runs-on: docker
     needs: [backend-checks, frontend-checks, test-unit]
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     name: ${{ format('test-remote-cacher ({0})', matrix.cacher.name) }}
     strategy:
@@ -180,7 +180,7 @@ jobs:
     runs-on: docker
     needs: [backend-checks, frontend-checks]
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     services:
       mysql:
@@ -211,7 +211,7 @@ jobs:
     runs-on: docker
     needs: [backend-checks, frontend-checks]
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     services:
       minio:
@@ -223,7 +223,7 @@ jobs:
       ldap:
         image: data.forgejo.org/oci/test-openldap:latest
       pgsql:
-        image: data.forgejo.org/oci/bitnami/postgresql:16
+        image: data.forgejo.org/oci/bitnami/postgresql:15
         env:
           POSTGRESQL_DATABASE: test
           POSTGRESQL_PASSWORD: postgres
@@ -250,7 +250,7 @@ jobs:
     runs-on: docker
     needs: [backend-checks, frontend-checks]
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     steps:
       - uses: https://data.forgejo.org/actions/checkout@v4
@@ -278,7 +278,7 @@ jobs:
       - test-remote-cacher
       - test-unit
     container:
-      image: 'data.forgejo.org/oci/node:22-bookworm'
+      image: 'data.forgejo.org/oci/node:20-bookworm'
       options: --tmpfs /tmp:exec,noatime
     steps:
       - uses: https://data.forgejo.org/actions/checkout@v4

.gitignore

@@ -37,7 +37,6 @@ _testmain.go
 
 *coverage.out
 coverage.all
-coverage/
 cpu.out
 
 /modules/migration/bindata.go
@@ -57,7 +56,6 @@ cpu.out
 /gitea-vet
 /debug
 /integrations.test
-/forgejo
 
 /bin
 /dist
@@ -74,7 +72,6 @@ cpu.out
 /tests/e2e/reports
 /tests/e2e/test-artifacts
 /tests/e2e/test-snapshots
-/tests/e2e/.auth
 /tests/*.ini
 /tests/**/*.git/**/*.sample
 /node_modules

.golangci.yml

@@ -1,9 +1,7 @@
-version: "2"
-output:
-  sort-order:
-    - file
 linters:
-  default: none
+  enable-all: false
+  disable-all: true
+  fast: false
   enable:
     - bidichk
     - depguard
@@ -11,155 +9,142 @@ linters:
     - errcheck
     - forbidigo
     - gocritic
+    - gofmt
+    - gofumpt
+    - gosimple
     - govet
     - ineffassign
     - nakedret
     - nolintlint
     - revive
     - staticcheck
+    - stylecheck
+    - tenv
     - testifylint
+    - typecheck
     - unconvert
-    - unparam
     - unused
-    - usetesting
+    - unparam
     - wastedassign
-  settings:
-    depguard:
-      rules:
-        main:
-          deny:
-            - pkg: encoding/json
-              desc: use gitea's modules/json instead of encoding/json
-            - pkg: github.com/unknwon/com
-              desc: use gitea's util and replacements
-            - pkg: io/ioutil
-              desc: use os or io instead
-            - pkg: golang.org/x/exp
-              desc: it's experimental and unreliable
-            - pkg: forgejo.org/modules/git/internal
-              desc: do not use the internal package, use AddXxx function instead
-            - pkg: gopkg.in/ini.v1
-              desc: do not use the ini package, use gitea's config system instead
-            - pkg: github.com/minio/sha256-simd
-              desc: use crypto/sha256 instead, see https://codeberg.org/forgejo/forgejo/pulls/1528
-    gocritic:
-      disabled-checks:
-        - ifElseChain
-    revive:
-      severity: error
-      rules:
-        - name: atomic
-        - name: bare-return
-        - name: blank-imports
-        - name: constant-logical-expr
-        - name: context-as-argument
-        - name: context-keys-type
-        - name: dot-imports
-        - name: duplicated-imports
-        - name: empty-lines
-        - name: error-naming
-        - name: error-return
-        - name: error-strings
-        - name: errorf
-        - name: exported
-        - name: identical-branches
-        - name: if-return
-        - name: increment-decrement
-        - name: indent-error-flow
-        - name: modifies-value-receiver
-        - name: package-comments
-        - name: range
-        - name: receiver-naming
-        - name: redefines-builtin-id
-        - name: string-of-int
-        - name: superfluous-else
-        - name: time-naming
-        - name: unconditional-recursion
-        - name: unexported-return
-        - name: unreachable-code
-        - name: var-declaration
-        - name: var-naming
-        - name: redefines-builtin-id
-          disabled: true
-    staticcheck:
-      checks:
-        - all
-    testifylint:
-      disable:
-        - go-require
-  exclusions:
-    generated: lax
-    presets:
-      - comments
-      - common-false-positives
-      - legacy
-      - std-error-handling
+
+run:
+  timeout: 10m
+
+output:
+  sort-results: true
+  sort-order: [file]
+  show-stats: true
+
+linters-settings:
+  stylecheck:
+    checks: ["all", "-ST1005", "-ST1003"]
+  nakedret:
+    max-func-lines: 0
+  gocritic:
+    disabled-checks:
+      - ifElseChain
+  revive:
+    severity: error
     rules:
-      - linters:
-          - nolintlint
-        path: models/db/sql_postgres_with_schema.go
-      - linters:
-          - dupl
-          - errcheck
-          - gocyclo
-          - gosec
-          - staticcheck
-          - unparam
-        path: _test\.go
-      - linters:
-          - dupl
-          - errcheck
-          - gocyclo
-          - gosec
-        path: models/migrations/v
-      - linters:
-          - forbidigo
-        path: cmd
-      - linters:
-          - dupl
-        text: (?i)webhook
-      - linters:
-          - gocritic
-        text: (?i)`ID' should not be capitalized
-      - linters:
-          - deadcode
-          - unused
-        text: (?i)swagger
-      - linters:
-          - staticcheck
-        text: (?i)argument x is overwritten before first use
-      - linters:
-          - gocritic
-        text: '(?i)commentFormatting: put a space between `//` and comment text'
-      - linters:
-          - gocritic
-        text: '(?i)exitAfterDefer:'
-      - linters:
-          - staticcheck
-        text: "(ST1005|ST1003|QF1001):"
-    paths:
-      - node_modules
-      - public
-      - web_src
-      - third_party$
-      - builtin$
-      - examples$
+      - name: atomic
+      - name: bare-return
+      - name: blank-imports
+      - name: constant-logical-expr
+      - name: context-as-argument
+      - name: context-keys-type
+      - name: dot-imports
+      - name: duplicated-imports
+      - name: empty-lines
+      - name: error-naming
+      - name: error-return
+      - name: error-strings
+      - name: errorf
+      - name: exported
+      - name: identical-branches
+      - name: if-return
+      - name: increment-decrement
+      - name: indent-error-flow
+      - name: modifies-value-receiver
+      - name: package-comments
+      - name: range
+      - name: receiver-naming
+      - name: redefines-builtin-id
+      - name: string-of-int
+      - name: superfluous-else
+      - name: time-naming
+      - name: unconditional-recursion
+      - name: unexported-return
+      - name: unreachable-code
+      - name: var-declaration
+      - name: var-naming
+      - name: redefines-builtin-id
+        disabled: true
+  gofumpt:
+    extra-rules: true
+  depguard:
+    rules:
+      main:
+        deny:
+          - pkg: encoding/json
+            desc: use gitea's modules/json instead of encoding/json
+          - pkg: github.com/unknwon/com
+            desc: use gitea's util and replacements
+          - pkg: io/ioutil
+            desc: use os or io instead
+          - pkg: golang.org/x/exp
+            desc: it's experimental and unreliable
+          - pkg: code.gitea.io/gitea/modules/git/internal
+            desc: do not use the internal package, use AddXxx function instead
+          - pkg: gopkg.in/ini.v1
+            desc: do not use the ini package, use gitea's config system instead
+          - pkg: github.com/minio/sha256-simd
+            desc: use crypto/sha256 instead, see https://codeberg.org/forgejo/forgejo/pulls/1528
+  testifylint:
+    disable:
+      - go-require
+
 issues:
   max-issues-per-linter: 0
   max-same-issues: 0
-formatters:
-  enable:
-    - gofmt
-    - gofumpt
-  settings:
-    gofumpt:
-      extra-rules: true
-  exclusions:
-    generated: lax
-    paths:
-      - node_modules
-      - public
-      - web_src
-      - third_party$
-      - builtin$
-      - examples$
+  exclude-dirs: [node_modules, public, web_src]
+  exclude-case-sensitive: true
+  exclude-rules:
+    - path: models/db/sql_postgres_with_schema.go
+      linters:
+        - nolintlint
+    - path: _test\.go
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec
+        - unparam
+        - staticcheck
+    - path: models/migrations/v
+      linters:
+        - gocyclo
+        - errcheck
+        - dupl
+        - gosec
+    - path: cmd
+      linters:
+        - forbidigo
+    - text: "webhook"
+      linters:
+        - dupl
+    - text: "`ID' should not be capitalized"
+      linters:
+        - gocritic
+    - text: "swagger"
+      linters:
+        - unused
+        - deadcode
+    - text: "argument x is overwritten before first use"
+      linters:
+        - staticcheck
+    - text: "commentFormatting: put a space between `//` and comment text"
+      linters:
+        - gocritic
+    - text: "exitAfterDefer:"
+      linters:
+        - gocritic

BSDmakefile

@@ -36,6 +36,10 @@ GARGS = "--no-print-directory"
     JARG = -j$(.MAKE.JOBS)
 .endif
 
+# bmake prefers out-of-source builds and tries to cd into ./obj (among others)
+# where possible. GNU Make doesn't, so override that value.
+.OBJDIR: ./
+
 # The GNU convention is to use the lowercased `prefix` variable/macro to
 # specify the installation directory. Humor them.
 GPREFIX =
@@ -44,12 +48,11 @@ GPREFIX =
 .endif
 
 .BEGIN: .SILENT
-	which $(GMAKE) >/dev/null || (printf "Error: GNU Make is required!\n\n" 1>&2 && false)
+	which $(GMAKE) || (printf "Error: GNU Make is required!\n\n" 1>&2 && false)
 
-.PHONY: EMPTY
-EMPTY: .SILENT
-	$(GMAKE) $(GPREFIX) $(GARGS) $(JARG)
+.PHONY: FRC
+$(.TARGETS): FRC
+	$(GMAKE) $(GPREFIX) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG)
 
-.PHONY: $(.TARGETS)
-$(.TARGETS): .SILENT
-	$(GMAKE) $(GPREFIX) $(GARGS) $(JARG) $@
+.DONE .DEFAULT: .SILENT
+	$(GMAKE) $(GPREFIX) $(GARGS) $(.TARGETS:S,.DONE,,) $(JARG)

CODEOWNERS

@@ -9,10 +9,10 @@
 # Files related to frontend development.
 
 # Javascript and CSS code.
-web_src/.* @beowulf @gusted
+web_src/.* @caesar @crystal @gusted
 
 # HTML templates used by the backend.
-templates/.* @beowulf @gusted
+templates/.* @caesar @crystal @gusted
 ## the issue sidebar was touched by fnetx
 templates/repo/issue/view_content/sidebar.* @fnetx
 
@@ -33,9 +33,8 @@ models/.* @gusted
 # for code that lives in here.
 routers/.* @gusted
 
-# Let locale changes be checked by the translation team.
-options/locale/.* @0ko
-options/locale_next/.* @0ko
+# Let new strings be checked by the translation team.
+options/locale/locale_en-US.ini @0ko
 
 # Personal interest
 .*/webhook.* @oliverpool

Dockerfile

@@ -1,9 +1,9 @@
-FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/xx AS xx
+FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/xx AS xx
 
-FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/golang:1.24-alpine3.21 AS build-env
+FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 as build-env
 
 ARG GOPROXY
-ENV GOPROXY=${GOPROXY:-https://proxy.golang.org,direct}
+ENV GOPROXY=${GOPROXY:-direct}
 
 ARG RELEASE_VERSION
 ARG TAGS="sqlite sqlite_unlock_notify"
@@ -30,8 +30,8 @@ RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
 
 RUN apk --no-cache add build-base git nodejs npm
 
-COPY . ${GOPATH}/src/forgejo.org
-WORKDIR ${GOPATH}/src/forgejo.org
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 
 RUN make clean
 RUN make frontend
@@ -47,11 +47,11 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
               /tmp/local/etc/s6/gitea/* \
               /tmp/local/etc/s6/openssh/* \
               /tmp/local/etc/s6/.s6-svscan/* \
-              /go/src/forgejo.org/gitea \
-              /go/src/forgejo.org/environment-to-ini
-RUN chmod 644 /go/src/forgejo.org/contrib/autocompletion/bash_autocomplete
+              /go/src/code.gitea.io/gitea/gitea \
+              /go/src/code.gitea.io/gitea/environment-to-ini
+RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
 
-FROM data.forgejo.org/oci/alpine:3.21
+FROM code.forgejo.org/oci/alpine:3.20
 ARG RELEASE_VERSION
 LABEL maintainer="contact@forgejo.org" \
       org.opencontainers.image.authors="Forgejo" \
@@ -98,11 +98,11 @@ ENV GITEA_CUSTOM=/data/gitea
 VOLUME ["/data"]
 
 ENTRYPOINT ["/usr/bin/entrypoint"]
-CMD ["/usr/bin/s6-svscan", "/etc/s6"]
+CMD ["/bin/s6-svscan", "/etc/s6"]
 
 COPY --from=build-env /tmp/local /
 RUN cd /usr/local/bin ; ln -s gitea forgejo
-COPY --from=build-env /go/src/forgejo.org/gitea /app/gitea/gitea
+COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
 RUN ln -s /app/gitea/gitea /app/gitea/forgejo-cli
-COPY --from=build-env /go/src/forgejo.org/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/forgejo.org/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
+COPY --from=build-env /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
+COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh

Dockerfile.rootless

@@ -1,9 +1,9 @@
-FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/xx AS xx
+FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/xx AS xx
 
-FROM --platform=$BUILDPLATFORM data.forgejo.org/oci/golang:1.24-alpine3.21 AS build-env
+FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 as build-env
 
 ARG GOPROXY
-ENV GOPROXY=${GOPROXY:-https://proxy.golang.org,direct}
+ENV GOPROXY=${GOPROXY:-direct}
 
 ARG RELEASE_VERSION
 ARG TAGS="sqlite sqlite_unlock_notify"
@@ -30,8 +30,8 @@ RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true
 
 RUN apk --no-cache add build-base git nodejs npm
 
-COPY . ${GOPATH}/src/forgejo.org
-WORKDIR ${GOPATH}/src/forgejo.org
+COPY . ${GOPATH}/src/code.gitea.io/gitea
+WORKDIR ${GOPATH}/src/code.gitea.io/gitea
 
 RUN make clean
 RUN make frontend
@@ -45,12 +45,11 @@ COPY docker/rootless /tmp/local
 RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
               /tmp/local/usr/local/bin/docker-setup.sh \
               /tmp/local/usr/local/bin/gitea \
-              /go/src/forgejo.org/gitea \
-              /go/src/forgejo.org/environment-to-ini
-RUN chmod 644 /go/src/forgejo.org/contrib/autocompletion/bash_autocomplete
+              /go/src/code.gitea.io/gitea/gitea \
+              /go/src/code.gitea.io/gitea/environment-to-ini
+RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete
 
-FROM data.forgejo.org/oci/alpine:3.21
-ARG RELEASE_VERSION
+FROM code.forgejo.org/oci/alpine:3.20
 LABEL maintainer="contact@forgejo.org" \
       org.opencontainers.image.authors="Forgejo" \
       org.opencontainers.image.url="https://forgejo.org" \
@@ -72,7 +71,6 @@ RUN apk --no-cache add \
     git \
     curl \
     gnupg \
-    openssh-client \
     && rm -rf /var/cache/apk/*
 
 RUN addgroup \
@@ -91,10 +89,10 @@ RUN chown git:git /var/lib/gitea /etc/gitea
 
 COPY --from=build-env /tmp/local /
 RUN cd /usr/local/bin ; ln -s gitea forgejo
-COPY --from=build-env --chown=root:root /go/src/forgejo.org/gitea /app/gitea/gitea
+COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea
 RUN ln -s /app/gitea/gitea /app/gitea/forgejo-cli
-COPY --from=build-env --chown=root:root /go/src/forgejo.org/environment-to-ini /usr/local/bin/environment-to-ini
-COPY --from=build-env /go/src/forgejo.org/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
+COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
+COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh
 
 #git:git
 USER 1000:1000

Makefile

@@ -16,7 +16,7 @@ else
 
 DIST := dist
 DIST_DIRS := $(DIST)/binaries $(DIST)/release
-IMPORT := forgejo.org
+IMPORT := code.gitea.io/gitea
 
 GO ?= $(shell go env GOROOT)/bin/go
 SHASUM ?= shasum -a 256
@@ -37,19 +37,19 @@ endif
 XGO_VERSION := go-1.21.x
 
 AIR_PACKAGE ?= github.com/air-verse/air@v1 # renovate: datasource=go
-EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3.2.1 # renovate: datasource=go
-GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.8.0 # renovate: datasource=go
-GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.1.6 # renovate: datasource=go
+EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/v3/cmd/editorconfig-checker@v3.0.3 # renovate: datasource=go
+GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.7.0 # renovate: datasource=go
+GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.62.2 # renovate: datasource=go
 GXZ_PACKAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11 # renovate: datasource=go
 MISSPELL_PACKAGE ?= github.com/golangci/misspell/cmd/misspell@v0.6.0 # renovate: datasource=go
 SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.31.0 # renovate: datasource=go
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
 GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0 # renovate: datasource=go
 GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v1 # renovate: datasource=go
-DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.32.0 # renovate: datasource=go
-GOMOCK_PACKAGE ?= go.uber.org/mock/mockgen@v0.5.1 # renovate: datasource=go
-GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.18.1 # renovate: datasource=go
-RENOVATE_NPM_PACKAGE ?= renovate@40.31.0 # renovate: datasource=docker packageName=data.forgejo.org/renovate/renovate
+DEADCODE_PACKAGE ?= golang.org/x/tools/cmd/deadcode@v0.28.0 # renovate: datasource=go
+GOMOCK_PACKAGE ?= go.uber.org/mock/mockgen@v0.4.0 # renovate: datasource=go
+GOPLS_PACKAGE ?= golang.org/x/tools/gopls@v0.17.0 # renovate: datasource=go
+RENOVATE_NPM_PACKAGE ?= renovate@39.82.1 # renovate: datasource=docker packageName=code.forgejo.org/forgejo-contrib/renovate
 
 # https://github.com/disposable-email-domains/disposable-email-domains/commits/main/
 DISPOSABLE_EMAILS_SHA ?= 0c27e671231d27cf66370034d7f6818037416989 # renovate: ...
@@ -59,8 +59,20 @@ ifeq ($(HAS_GO), yes)
 	CGO_CFLAGS ?= $(shell $(GO) env CGO_CFLAGS) $(CGO_EXTRA_CFLAGS)
 endif
 
-GOFLAGS := -v
-EXECUTABLE ?= gitea
+ifeq ($(GOOS),windows)
+	IS_WINDOWS := yes
+else ifeq ($(patsubst Windows%,Windows,$(OS)),Windows)
+	ifeq ($(GOOS),)
+		IS_WINDOWS := yes
+	endif
+endif
+ifeq ($(IS_WINDOWS),yes)
+	GOFLAGS := -v -buildmode=exe
+	EXECUTABLE ?= gitea.exe
+else
+	GOFLAGS := -v
+	EXECUTABLE ?= gitea
+endif
 
 ifeq ($(shell sed --version 2>/dev/null | grep -q GNU && echo gnu),gnu)
 	SED_INPLACE := sed -i
@@ -92,36 +104,38 @@ else
     FORGEJO_VERSION_API ?= $(GITEA_VERSION)+${GITEA_COMPATIBILITY}
   else
     # drop the "g" prefix prepended by git describe to the commit hash
-    FORGEJO_VERSION ?= $(shell git describe --exclude '*-test' --tags --always 2>/dev/null | sed 's/^v//' | sed 's/\-g/-/')
-    ifneq ($(FORGEJO_VERSION),)
-      ifeq ($(findstring $(GITEA_COMPATIBILITY),$(FORGEJO_VERSION)),)
-        FORGEJO_VERSION := $(FORGEJO_VERSION)+$(GITEA_COMPATIBILITY)
-      endif
-    endif
+    FORGEJO_VERSION ?= $(shell git describe --exclude '*-test' --tags --always | sed 's/^v//' | sed 's/\-g/-/')+${GITEA_COMPATIBILITY}
   endif
 endif
 FORGEJO_VERSION_MAJOR=$(shell echo $(FORGEJO_VERSION) | sed -e 's/\..*//')
 FORGEJO_VERSION_MINOR=$(shell echo $(FORGEJO_VERSION) | sed -E -e 's/^([0-9]+\.[0-9]+).*/\1/')
 
+show-version-full:
+	@echo ${FORGEJO_VERSION}
+
+show-version-major:
+	@echo ${FORGEJO_VERSION_MAJOR}
+
+show-version-minor:
+	@echo ${FORGEJO_VERSION_MINOR}
+
 RELEASE_VERSION ?= ${FORGEJO_VERSION}
 VERSION ?= ${RELEASE_VERSION}
 
 FORGEJO_VERSION_API ?= ${FORGEJO_VERSION}
 
-# Strip binaries by default to reduce size, allow overriding for debugging
-STRIP ?= 1
-ifeq ($(STRIP),1)
-	LDFLAGS := $(LDFLAGS) -s -w
-endif
+show-version-api:
+	@echo ${FORGEJO_VERSION_API}
+
 LDFLAGS := $(LDFLAGS) -X "main.ReleaseVersion=$(RELEASE_VERSION)" -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(FORGEJO_VERSION)" -X "main.Tags=$(TAGS)" -X "main.ForgejoVersion=$(FORGEJO_VERSION_API)"
 
 LINUX_ARCHS ?= linux/amd64,linux/386,linux/arm-5,linux/arm-6,linux/arm64
 
 ifeq ($(HAS_GO), yes)
-	GO_TEST_PACKAGES ?= $(filter-out $(shell $(GO) list forgejo.org/models/migrations/...) $(shell $(GO) list forgejo.org/models/forgejo_migrations/...) forgejo.org/tests/integration/migration-test forgejo.org/tests forgejo.org/tests/integration forgejo.org/tests/e2e,$(shell $(GO) list ./...))
+	GO_TEST_PACKAGES ?= $(filter-out $(shell $(GO) list code.gitea.io/gitea/models/migrations/...) $(shell $(GO) list code.gitea.io/gitea/models/forgejo_migrations/...) code.gitea.io/gitea/tests/integration/migration-test code.gitea.io/gitea/tests code.gitea.io/gitea/tests/integration code.gitea.io/gitea/tests/e2e,$(shell $(GO) list ./...))
 endif
 REMOTE_CACHER_MODULES ?= cache nosql session queue
-GO_TEST_REMOTE_CACHER_PACKAGES ?= $(addprefix forgejo.org/modules/,$(REMOTE_CACHER_MODULES))
+GO_TEST_REMOTE_CACHER_PACKAGES ?= $(addprefix code.gitea.io/gitea/modules/,$(REMOTE_CACHER_MODULES))
 
 FOMANTIC_WORK_DIR := web_src/fomantic
 
@@ -154,7 +168,7 @@ GO_DIRS := build cmd models modules routers services tests
 WEB_DIRS := web_src/js web_src/css
 
 STYLELINT_FILES := web_src/css web_src/js/components/*.vue
-SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) docs/content templates options/locale/locale_en-US.ini .github $(wildcard *.go *.js *.ts *.vue *.md *.yml *.yaml)
+SPELLCHECK_FILES := $(GO_DIRS) $(WEB_DIRS) docs/content templates options/locale/locale_en-US.ini .github $(wildcard *.go *.js *.ts *.vue *.md *.yml *.yaml *.toml)
 
 GO_SOURCES := $(wildcard *.go)
 GO_SOURCES += $(shell find $(GO_DIRS) -type f -name "*.go" ! -path modules/options/bindata.go ! -path modules/public/bindata.go ! -path modules/templates/bindata.go)
@@ -162,7 +176,7 @@ GO_SOURCES += $(GENERATED_GO_DEST)
 GO_SOURCES_NO_BINDATA := $(GO_SOURCES)
 
 ifeq ($(HAS_GO), yes)
-	MIGRATION_PACKAGES := $(shell $(GO) list forgejo.org/models/migrations/... forgejo.org/models/forgejo_migrations/...)
+	MIGRATION_PACKAGES := $(shell $(GO) list code.gitea.io/gitea/models/migrations/... code.gitea.io/gitea/models/forgejo_migrations/...)
 endif
 
 ifeq ($(filter $(TAGS_SPLIT),bindata),bindata)
@@ -201,7 +215,7 @@ all: build
 .PHONY: help
 help:
 	@echo "Make Routines:"
-	@echo " - \"\"                               equivalent to \"build\""
+	@echo " - \"\"                             equivalent to \"build\""
 	@echo " - build                            build everything"
 	@echo " - frontend                         build frontend files"
 	@echo " - backend                          build backend files"
@@ -214,12 +228,16 @@ help:
 	@echo " - deps-frontend                    install frontend dependencies"
 	@echo " - deps-backend                     install backend dependencies"
 	@echo " - deps-tools                       install tool dependencies"
+	@echo " - deps-py                          install python dependencies"
 	@echo " - lint                             lint everything"
 	@echo " - lint-fix                         lint everything and fix issues"
 	@echo " - lint-frontend                    lint frontend files"
 	@echo " - lint-frontend-fix                lint frontend files and fix issues"
 	@echo " - lint-backend                     lint backend files"
 	@echo " - lint-backend-fix                 lint backend files and fix issues"
+	@echo " - lint-codespell                   lint typos"
+	@echo " - lint-codespell-fix               lint typos and fix them automatically"
+	@echo " - lint-codespell-fix-i             lint typos and fix them interactively"
 	@echo " - lint-go                          lint go files"
 	@echo " - lint-go-fix                      lint go files and fix issues"
 	@echo " - lint-go-vet                      lint go files with vet"
@@ -230,7 +248,11 @@ help:
 	@echo " - lint-css-fix                     lint css files and fix issues"
 	@echo " - lint-md                          lint markdown files"
 	@echo " - lint-swagger                     lint swagger files"
+	@echo " - lint-templates                   lint template files"
 	@echo " - lint-renovate                    lint renovate files"
+	@echo " - lint-yaml                        lint yaml files"
+	@echo " - lint-spell                       lint spelling"
+	@echo " - lint-spell-fix                   lint spelling and fix issues"
 	@echo " - checks                           run various consistency checks"
 	@echo " - checks-frontend                  check frontend files"
 	@echo " - checks-backend                   check backend files"
@@ -261,30 +283,6 @@ help:
 	@echo " - test-sqlite[\#TestSpecificName]  run integration test for sqlite"
 	@echo " - reproduce-build\#version         build a reproducible binary for the specified release version"
 
-.PHONY: verify-version
-verify-version:
-ifeq ($(FORGEJO_VERSION),)
-	@echo "Error: Could not determine FORGEJO_VERSION; version file $(STORED_VERSION_FILE) not present and no suitable git tag found"
-	@echo 'In most cases this likely means you forgot to fetch git tags, you can fix this by executing `git fetch --tags`. If this is not possible and this is part of a custom build process, then you can set a specific version by writing it to $(STORED_VERSION_FILE) (This must be a semver compatible version).'
-	@false
-endif
-
-.PHONY: show-version-full
-show-version-full: verify-version
-	@echo ${FORGEJO_VERSION}
-
-.PHONY: show-version-major
-show-version-major: verify-version
-	@echo ${FORGEJO_VERSION_MAJOR}
-
-.PHONY: show-version-minor
-show-version-minor: verify-version
-	@echo ${FORGEJO_VERSION_MINOR}
-
-.PHONY: show-version-api
-show-version-api: verify-version
-	@echo ${FORGEJO_VERSION_API}
-
 ###
 # Check system and environment requirements
 ###
@@ -410,10 +408,10 @@ checks-frontend: lockfile-check svg-check
 checks-backend: tidy-check swagger-check fmt-check swagger-validate security-check
 
 .PHONY: lint
-lint: lint-frontend lint-backend
+lint: lint-frontend lint-backend lint-spell
 
 .PHONY: lint-fix
-lint-fix: lint-frontend-fix lint-backend-fix
+lint-fix: lint-frontend-fix lint-backend-fix lint-spell-fix
 
 .PHONY: lint-frontend
 lint-frontend: lint-js lint-css
@@ -422,11 +420,23 @@ lint-frontend: lint-js lint-css
 lint-frontend-fix: lint-js-fix lint-css-fix
 
 .PHONY: lint-backend
-lint-backend: lint-go lint-go-vet lint-editorconfig lint-renovate lint-locale lint-locale-usage lint-disposable-emails
+lint-backend: lint-go lint-go-vet lint-editorconfig lint-renovate lint-locale lint-disposable-emails
 
 .PHONY: lint-backend-fix
 lint-backend-fix: lint-go-fix lint-go-vet lint-editorconfig lint-disposable-emails-fix
 
+.PHONY: lint-codespell
+lint-codespell:
+	codespell
+
+.PHONY: lint-codespell-fix
+lint-codespell-fix:
+	codespell -w
+
+.PHONY: lint-codespell-fix-i
+lint-codespell-fix-i:
+	codespell -w -i 3 -C 2
+
 .PHONY: lint-js
 lint-js: node_modules
 	npx eslint --color --max-warnings=0
@@ -449,23 +459,27 @@ lint-swagger: node_modules
 
 .PHONY: lint-renovate
 lint-renovate: node_modules
-	npx --yes --package $(RENOVATE_NPM_PACKAGE) -- renovate-config-validator > .lint-renovate 2>&1 || true
-	@if grep --quiet --extended-regexp -e '^( ERROR:)' .lint-renovate ; then cat .lint-renovate ; rm .lint-renovate ; exit 1 ; fi
+	npx --yes --package $(RENOVATE_NPM_PACKAGE) -- renovate-config-validator --strict > .lint-renovate 2>&1 || true
+	@if grep --quiet --extended-regexp -e '^( WARN:|ERROR:)' .lint-renovate ; then cat .lint-renovate ; rm .lint-renovate ; exit 1 ; fi
 	@rm .lint-renovate
 
 .PHONY: lint-locale
 lint-locale:
-	$(GO) run build/lint-locale/lint-locale.go
-
-.PHONY: lint-locale-usage
-lint-locale-usage:
-	$(GO) run build/lint-locale-usage/lint-locale-usage.go
+	$(GO) run build/lint-locale.go
 
 .PHONY: lint-md
 lint-md: node_modules
 	npx markdownlint docs *.md
 
-RUN_DEADCODE = $(GO) run $(DEADCODE_PACKAGE) -generated=false -f='{{println .Path}}{{range .Funcs}}{{printf "\t%s\n" .Name}}{{end}}{{println}}' -test forgejo.org
+.PHONY: lint-spell
+lint-spell: lint-codespell
+	@go run $(MISSPELL_PACKAGE) -error $(SPELLCHECK_FILES)
+
+.PHONY: lint-spell-fix
+lint-spell-fix: lint-codespell-fix
+	@go run $(MISSPELL_PACKAGE) -w $(SPELLCHECK_FILES)
+
+RUN_DEADCODE = $(GO) run $(DEADCODE_PACKAGE) -generated=false -f='{{println .Path}}{{range .Funcs}}{{printf "\t%s\n" .Name}}{{end}}{{println}}' -test code.gitea.io/gitea
 
 .PHONY: lint-go
 lint-go:
@@ -479,6 +493,13 @@ lint-go-fix:
 	$(GO) run $(GOLANGCI_LINT_PACKAGE) run $(GOLANGCI_LINT_ARGS) --fix
 	$(RUN_DEADCODE) > .deadcode-out
 
+# workaround step for the lint-go-windows CI task because 'go run' can not
+# have distinct GOOS/GOARCH for its build and run steps
+.PHONY: lint-go-windows
+lint-go-windows:
+	@GOOS= GOARCH= $(GO) install $(GOLANGCI_LINT_PACKAGE)
+	golangci-lint run
+
 .PHONY: lint-go-vet
 lint-go-vet:
 	@echo "Running go vet..."
@@ -501,9 +522,18 @@ lint-disposable-emails:
 lint-disposable-emails-fix:
 	$(GO) run build/generate-disposable-email.go -r $(DISPOSABLE_EMAILS_SHA)
 
+.PHONY: lint-templates
+lint-templates: .venv node_modules
+	@node tools/lint-templates-svg.js
+	@poetry run djlint $(shell find templates -type f -iname '*.tmpl')
+
+.PHONY: lint-yaml
+lint-yaml: .venv
+	@poetry run yamllint .
+
 .PHONY: security-check
 security-check:
-	go run $(GOVULNCHECK_PACKAGE) -show color ./...
+	go run $(GOVULNCHECK_PACKAGE) ./...
 
 ###
 # Development and testing targets
@@ -557,7 +587,7 @@ test-check:
 
 .PHONY: test\#%
 test\#%:
-	@echo "Running go test with $(GOTESTFLAGS) -tags '$(TEST_TAGS)'..."
+	@echo "Running go test with -tags '$(TEST_TAGS)'..."
 	@$(GOTEST) $(GOTESTFLAGS) -tags='$(TEST_TAGS)' -run $(subst .,/,$*) $(GO_TEST_PACKAGES)
 
 .PHONY: coverage
@@ -590,7 +620,7 @@ tidy-check: tidy
 go-licenses: $(GO_LICENSE_FILE)
 
 $(GO_LICENSE_FILE): go.mod go.sum
-	-$(GO) run $(GO_LICENSES_PACKAGE) save . --force --ignore forgejo.org --save_path=$(GO_LICENSE_TMP_DIR) 2>/dev/null
+	-$(GO) run $(GO_LICENSES_PACKAGE) save . --force --ignore code.gitea.io/gitea --save_path=$(GO_LICENSE_TMP_DIR) 2>/dev/null
 	$(GO) run build/generate-go-licenses.go $(GO_LICENSE_TMP_DIR) $(GO_LICENSE_FILE)
 	@rm -rf $(GO_LICENSE_TMP_DIR)
 
@@ -720,33 +750,33 @@ integration-test-coverage-sqlite: integrations.cover.sqlite.test generate-ini-sq
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini ./integrations.cover.sqlite.test -test.coverprofile=integration.coverage.out
 
 integrations.mysql.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration -o integrations.mysql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.mysql.test
 
 integrations.pgsql.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration -o integrations.pgsql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.pgsql.test
 
 integrations.sqlite.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration -o integrations.sqlite.test -tags '$(TEST_TAGS)'
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -o integrations.sqlite.test -tags '$(TEST_TAGS)'
 
 integrations.cover.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.test
 
 integrations.cover.sqlite.test: git-check $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.sqlite.test -tags '$(TEST_TAGS)'
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration -coverpkg $(shell echo $(GO_TEST_PACKAGES) | tr ' ' ',') -o integrations.cover.sqlite.test -tags '$(TEST_TAGS)'
 
 .PHONY: migrations.mysql.test
 migrations.mysql.test: $(GO_SOURCES) generate-ini-mysql
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration/migration-test -o migrations.mysql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.mysql.test
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/mysql.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.mysql.test $(GOTESTCOMPILEDRUNSUFFIX)
 
 .PHONY: migrations.pgsql.test
 migrations.pgsql.test: $(GO_SOURCES) generate-ini-pgsql
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration/migration-test -o migrations.pgsql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.pgsql.test
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.pgsql.test $(GOTESTCOMPILEDRUNSUFFIX)
 
 .PHONY: migrations.sqlite.test
 migrations.sqlite.test: $(GO_SOURCES) generate-ini-sqlite
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/integration/migration-test -o migrations.sqlite.test -tags '$(TEST_TAGS)'
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/integration/migration-test -o migrations.sqlite.test -tags '$(TEST_TAGS)'
 	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTESTCOMPILEDRUNPREFIX) ./migrations.sqlite.test $(GOTESTCOMPILEDRUNSUFFIX)
 
 .PHONY: migrations.individual.mysql.test
@@ -757,7 +787,7 @@ migrations.individual.mysql.test: $(GO_SOURCES)
 
 .PHONY: migrations.individual.sqlite.test\#%
 migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' forgejo.org/models/migrations/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
 
 .PHONY: migrations.individual.pgsql.test
 migrations.individual.pgsql.test: $(GO_SOURCES)
@@ -767,7 +797,7 @@ migrations.individual.pgsql.test: $(GO_SOURCES)
 
 .PHONY: migrations.individual.pgsql.test\#%
 migrations.individual.pgsql.test\#%: $(GO_SOURCES) generate-ini-pgsql
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' forgejo.org/models/migrations/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/pgsql.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
 
 .PHONY: migrations.individual.sqlite.test
 migrations.individual.sqlite.test: $(GO_SOURCES) generate-ini-sqlite
@@ -777,16 +807,16 @@ migrations.individual.sqlite.test: $(GO_SOURCES) generate-ini-sqlite
 
 .PHONY: migrations.individual.sqlite.test\#%
 migrations.individual.sqlite.test\#%: $(GO_SOURCES) generate-ini-sqlite
-	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' forgejo.org/models/migrations/$*
+	GITEA_ROOT="$(CURDIR)" GITEA_CONF=tests/sqlite.ini $(GOTEST) $(GOTESTFLAGS) -tags '$(TEST_TAGS)' code.gitea.io/gitea/models/migrations/$*
 
 e2e.mysql.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/e2e -o e2e.mysql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.mysql.test
 
 e2e.pgsql.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/e2e -o e2e.pgsql.test
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.pgsql.test
 
 e2e.sqlite.test: $(GO_SOURCES)
-	$(GOTEST) $(GOTESTFLAGS) -c forgejo.org/tests/e2e -o e2e.sqlite.test -tags '$(TEST_TAGS)'
+	$(GOTEST) $(GOTESTFLAGS) -c code.gitea.io/gitea/tests/e2e -o e2e.sqlite.test -tags '$(TEST_TAGS)'
 
 .PHONY: check
 check: test
@@ -796,8 +826,8 @@ check: test
 ###
 
 .PHONY: install $(TAGS_PREREQ)
-install: $(wildcard *.go) | verify-version
-	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) install -v -tags '$(TAGS)' -ldflags '$(LDFLAGS)'
+install: $(wildcard *.go)
+	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) install -v -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)'
 
 .PHONY: build
 build: frontend backend
@@ -824,14 +854,14 @@ generate-go: $(TAGS_PREREQ)
 merge-locales:
 	@echo "NOT NEEDED: THIS IS A NOOP AS OF Forgejo 7.0 BUT KEPT FOR BACKWARD COMPATIBILITY"
 
-$(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ) | verify-version
-	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '$(LDFLAGS)' -o $@
+$(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
+	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@
 
 forgejo: $(EXECUTABLE)
 	ln -f $(EXECUTABLE) forgejo
 
-static-executable: $(GO_SOURCES) $(TAGS_PREREQ) | verify-version
-	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -o $(EXECUTABLE)
+static-executable: $(GO_SOURCES) $(TAGS_PREREQ)
+	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags 'netgo osusergo $(TAGS)' -ldflags '-s -w -linkmode external -extldflags "-static" $(LDFLAGS)' -o $(EXECUTABLE)
 
 .PHONY: release
 release: frontend generate release-linux release-copy release-compress vendor release-sources release-check
@@ -842,19 +872,23 @@ sources-tarbal: frontend generate vendor release-sources release-check
 $(DIST_DIRS):
 	mkdir -p $(DIST_DIRS)
 
+.PHONY: release-windows
+release-windows: | $(DIST_DIRS)
+	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -buildmode exe -dest $(DIST)/binaries -tags 'osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets 'windows/*' -out gitea-$(VERSION) .
+
 .PHONY: release-linux
-release-linux: | $(DIST_DIRS) verify-version
+release-linux: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '-linkmode external -extldflags "-static" $(LDFLAGS)' -targets '$(LINUX_ARCHS)' -out forgejo-$(VERSION) .
 ifeq ($(CI),true)
 	cp /build/* $(DIST)/binaries
 endif
 
 .PHONY: release-darwin
-release-darwin: | $(DIST_DIRS) verify-version
+release-darwin: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'darwin-10.12/amd64,darwin-10.12/arm64' -out gitea-$(VERSION) .
 
 .PHONY: release-freebsd
-release-freebsd: | $(DIST_DIRS) verify-version
+release-freebsd: | $(DIST_DIRS)
 	CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) run $(XGO_PACKAGE) -go $(XGO_VERSION) -dest $(DIST)/binaries -tags 'netgo osusergo $(TAGS)' -ldflags '$(LDFLAGS)' -targets 'freebsd/amd64' -out gitea-$(VERSION) .
 
 .PHONY: release-copy
@@ -908,7 +942,10 @@ reproduce-build\#%:
 ###
 
 .PHONY: deps
-deps: deps-frontend deps-backend deps-tools
+deps: deps-frontend deps-backend deps-tools deps-py
+
+.PHONY: deps-py
+deps-py: .venv
 
 .PHONY: deps-frontend
 deps-frontend: node_modules
@@ -990,11 +1027,12 @@ generate-gitignore:
 
 .PHONY: generate-gomock
 generate-gomock:
-	$(GO) run $(GOMOCK_PACKAGE) -package mock -destination ./modules/queue/mock/redisuniversalclient.go forgejo.org/modules/nosql RedisClient
+	$(GO) run $(GOMOCK_PACKAGE) -package mock -destination ./modules/queue/mock/redisuniversalclient.go code.gitea.io/gitea/modules/nosql RedisClient
 
 .PHONY: generate-images
 generate-images: | node_modules
-	node tools/generate-images.js
+	npm install --no-save fabric@6 imagemin-zopfli@7
+	node tools/generate-images.js $(TAGS)
 
 .PHONY: generate-manpage
 generate-manpage:

README.md

@@ -15,6 +15,11 @@ Our promise: **Independent Free/Libre Software forever!**
 
 ## What does Forgejo offer?
 
+<!-- If you want to know what Forgejo is like,
+you can check out public instances,
+e.g. [Codeberg.org](https://codeberg.org).
+-->
+
 If you like any of the following, Forgejo is literally meant for you:
 
 - Lightweight: Forgejo can easily be hosted on nearly **every machine**.

RELEASE-NOTES.md

@@ -1590,7 +1590,7 @@ this situation, [follow the instructions in the companion blog post](https://for
 
   The most prominent ones are described here, others can be found in the list of commits included in the release as described above.
 
-  * [Fix links to pull request reviews sent via mail](https://codeberg.org/forgejo/forgejo/commit/88e179d5ef8ee41f71d068195685ff098b38ca31). The pull request link was correct but it did not go the review and stayed at the beginning of the page
+  * [Fix links to pull request reviews sent via mail](https://codeberg.org/forgejo/forgejo/commit/88e179d5ef8ee41f71d068195685ff098b38ca31). The pull request link was correct but it did not go the the review and stayed at the beginning of the page
   * [Recognize OGG as an audio format](https://codeberg.org/forgejo/forgejo/commit/622ec5c79f299c32ac2667a1aa7b4bf5d7c2d6cf)
   * [Consistently show the last time a cron job was run in the admin panel](https://codeberg.org/forgejo/forgejo/commit/5f769ef20)
   * [Fix NuGet registry v2 & v3 API search endpoints](https://codeberg.org/forgejo/forgejo/commit/471138829b0c24fe8c621dbb866ae8bb45ebc674)
@@ -1609,7 +1609,7 @@ this situation, [follow the instructions in the companion blog post](https://for
   * [Fix pull request check list when there are more than 30](https://codeberg.org/forgejo/forgejo/commit/e226b9646)
   * [Fix attachment clipboard copy on insecure origin](https://codeberg.org/forgejo/forgejo/commit/12ac84c26)
   * [Fix the profile README rendering](https://codeberg.org/forgejo/forgejo/commit/84c3b60a4) that [was inconsistent with other markdown files renderings](https://codeberg.org/forgejo/forgejo/issues/833)
-  * [Fix API leaking the user email when the caller is not authenticated](https://codeberg.org/forgejo/forgejo/commit/d89003cc1)
+  * [Fix API leaking the user email when the caller is not authentified](https://codeberg.org/forgejo/forgejo/commit/d89003cc1)
 
 ## 1.20.2-0
 
@@ -1667,7 +1667,7 @@ $ git -C forgejo log --oneline --no-merges origin/v1.19/forgejo..origin/v1.20/fo
   The semantic version was updated to `5.0.0+0-gitea-1.20.1` because it contains breaking changes.
 - **Breaking:**
   - [Scoped access tokens](https://codeberg.org/forgejo/forgejo/commit/18de83b2a3fc120922096b7348d6375094ae1532) or (Personal Access Tokens), were refactored and although existing tokens are still valid, they may have a different scope than before. To ensure that no tokens have a larger scope than expected they must be removed and recreated.
-  - If your `app.ini` has one of the following `[indexer].ISSUE_INDEXER_QUEUE_TYPE`, `[indexer].ISSUE_INDEXER_QUEUE_BATCH_NUMBER`, `[indexer].`, `[indexer].ISSUE_INDEXER_QUEUE_DIR`, `[indexer].ISSUE_INDEXER_QUEUE_CONN_STR`, `[indexer].UPDATE_BUFFER_LEN`, `[mailer].SEND_BUFFER_LEN`, `[repository].PULL_REQUEST_QUEUE_LENGTH` or `[repository].MIRROR_QUEUE_LENGTH`, Forgejo will abort immediately. Unless you know exactly what you're doing, you must comment them out so the default values are used.
+  - If your `app.ini` has one of the the following `[indexer].ISSUE_INDEXER_QUEUE_TYPE`, `[indexer].ISSUE_INDEXER_QUEUE_BATCH_NUMBER`, `[indexer].`, `[indexer].ISSUE_INDEXER_QUEUE_DIR`, `[indexer].ISSUE_INDEXER_QUEUE_CONN_STR`, `[indexer].UPDATE_BUFFER_LEN`, `[mailer].SEND_BUFFER_LEN`, `[repository].PULL_REQUEST_QUEUE_LENGTH` or `[repository].MIRROR_QUEUE_LENGTH`, Forgejo will abort immediately. Unless you know exactly what you're doing, you must comment them out so the default values are used.
   - The `-p` option of `environment-to-ini` is [no longer supported](https://codeberg.org/forgejo/forgejo/commit/fa0b5b14c2faa6a5f76bb2e7bc9241a5e4354189)
   - The ".png" suffix for [user and organizations is now reserved](https://codeberg.org/forgejo/forgejo/commit/2b91841cd3e1213ff3e4ed4209d6a4be89c2fa79)
   - The section `[git.reflog]` is [now obsolete and its keys have been moved](https://codeberg.org/forgejo/forgejo/commit/2f149c5c9db97f20fbbc65e32d1f3133048b11a2) to the following replacements:
@@ -1761,7 +1761,7 @@ $ git -C forgejo log --oneline --no-merges origin/v1.19/forgejo..origin/v1.20/fo
   - [The repository migration can be canceled](https://codeberg.org/forgejo/forgejo/commit/f6e029e6c7849d4361abf7f1d749b5d528364ac4)
   - [Add button on the diff header to copy the file name](https://codeberg.org/forgejo/forgejo/commit/c5ede35124c8d5280219c24049bb0ad7da9f02ed)
   - [Add --quiet option to the dump CLI](https://codeberg.org/forgejo/forgejo/commit/cb1536471bcef4d78a3fe5cbd738b9f60fabbcc2)
-  - [Support searching for an issue with its number in the list of issues](https://codeberg.org/forgejo/forgejo/commit/1144b1d129de530b2c07dfdfaf55de383cd82212)
+  - [Support searching for an issue with its number in the the list of issues](https://codeberg.org/forgejo/forgejo/commit/1144b1d129de530b2c07dfdfaf55de383cd82212)
   - [Improve the list of notifications](https://codeberg.org/forgejo/forgejo/commit/f7ede92f82f7f3ec7bb31a1249f9524e5b728f34)
   - [When editing a file in the web UI, allow for a preview whenever possible](https://codeberg.org/forgejo/forgejo/commit/ac64c8297444ade63a2a364c4afb7e6c1de5a75f)
   - [Make release download URLs human readable](https://codeberg.org/forgejo/forgejo/commit/42919ccb7cd32ab67d0878baf2bac6cd007899a8)
@@ -1798,7 +1798,7 @@ $ git -C forgejo log --oneline --no-merges origin/v1.19/forgejo..origin/v1.20/fo
   - [Add API for gitignore templates](https://codeberg.org/forgejo/forgejo/commit/36a5d4c2f3b5670e5e921034cd5d25817534a6d4)
   - [Add API to upuload a file to an empty repository](https://codeberg.org/forgejo/forgejo/commit/cf465b472166ccf6d3e001e3043e4bf43e16e6b3)
   - [Allow for --not when listing the commits of a repo](https://codeberg.org/forgejo/forgejo/commit/f766b002938b5c81e343c81fda3c0669fa09809f)
-  - [Add `files` and `verification` parameters to improve performances when listing the commits of a repo](https://codeberg.org/forgejo/forgejo/commit/1dd83dbb917d55bd253001646d6743f247a4d98b)
+  - [Add `files` and `verification` parameters to improve performances when listing the commits of a a repo](https://codeberg.org/forgejo/forgejo/commit/1dd83dbb917d55bd253001646d6743f247a4d98b)
   - [Allow for listing a single commit in a repository](https://codeberg.org/forgejo/forgejo/commit/5930ab5fdf7a970fcca3cd50b44cf1cacb615a54)
   - [Create a branch directly from commit on the create branch API](https://codeberg.org/forgejo/forgejo/commit/cd9a13ebb47d32f46b38439a524e3b2e0c619490)
   - [Add API for Label templates](https://codeberg.org/forgejo/forgejo/commit/25dc1556cd70b567a4920beb002a0addfbfd6ef2)

build/backport-locales.go

@@ -12,8 +12,8 @@ import (
 	"path/filepath"
 	"strings"
 
-	"forgejo.org/modules/container"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 func main() {

build/code-batch-process.go

@@ -15,7 +15,7 @@ import (
 	"strconv"
 	"strings"
 
-	"forgejo.org/build/codeformat"
+	"code.gitea.io/gitea/build/codeformat"
 )
 
 // Windows has a limitation for command line arguments, the size can not exceed 32KB.

build/codeformat/formatimports.go

@@ -13,8 +13,8 @@ import (
 )
 
 var importPackageGroupOrders = map[string]int{
-	"":             1, // internal
-	"forgejo.org/": 2,
+	"":                     1, // internal
+	"code.gitea.io/gitea/": 2,
 }
 
 var errInvalidCommentBetweenImports = errors.New("comments between imported packages are invalid, please move comments to the end of the package line")

build/codeformat/formatimports_test.go

@@ -58,8 +58,8 @@ import (
 
 	"code.gitea.io/other/package"
 
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
   "xorm.io/the/package"
 
@@ -82,8 +82,8 @@ import (
 	_ "image/jpeg" // for processing jpeg images
 	_ "image/png"  // for processing png images
 
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
 	"code.gitea.io/other/package"
 	"github.com/issue9/identicon"

build/generate-emoji.go

@@ -20,7 +20,7 @@ import (
 	"strings"
 	"unicode/utf8"
 
-	"forgejo.org/modules/json"
+	"code.gitea.io/gitea/modules/json"
 )
 
 const (

build/generate-gitignores.go

@@ -15,7 +15,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/modules/util"
 )
 
 func main() {

build/generate-go-licenses.go

@@ -16,7 +16,7 @@ import (
 	"sort"
 	"strings"
 
-	"forgejo.org/modules/container"
+	"code.gitea.io/gitea/modules/container"
 )
 
 // regexp is based on go-license, excluding README and NOTICE
@@ -102,9 +102,9 @@ func main() {
 		pkgName := path.Dir(pkgPath)
 
 		// There might be a bug somewhere in go-licenses that sometimes interprets the
-		// root package as "." and sometimes as "forgejo.org". Workaround by
+		// root package as "." and sometimes as "code.gitea.io/gitea". Workaround by
 		// removing both of them for the sake of stable output.
-		if pkgName == "." || pkgName == "forgejo.org" {
+		if pkgName == "." || pkgName == "code.gitea.io/gitea" {
 			continue
 		}
 

build/generate-licenses.go

@@ -15,7 +15,7 @@ import (
 	"path/filepath"
 	"strings"
 
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/modules/util"
 )
 
 func main() {

build/lint-locale-usage/lint-locale-usage.go

@@ -1,383 +0,0 @@
-// Copyright 2023 The Gitea Authors. All rights reserved.
-// Copyright 2025 The Forgejo Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package main
-
-import (
-	"fmt"
-	"go/ast"
-	goParser "go/parser"
-	"go/token"
-	"io/fs"
-	"os"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"text/template"
-	tmplParser "text/template/parse"
-
-	"forgejo.org/modules/container"
-	fjTemplates "forgejo.org/modules/templates"
-	"forgejo.org/modules/translation/localeiter"
-	"forgejo.org/modules/util"
-)
-
-// this works by first gathering all valid source string IDs from `en-US` reference files
-// and then checking if all used source strings are actually defined
-
-type LocatedError struct {
-	Location string
-	Kind     string
-	Err      error
-}
-
-func (e LocatedError) Error() string {
-	var sb strings.Builder
-
-	sb.WriteString(e.Location)
-	sb.WriteString(":\t")
-	if e.Kind != "" {
-		sb.WriteString(e.Kind)
-		sb.WriteString(": ")
-	}
-	sb.WriteString("ERROR: ")
-	sb.WriteString(e.Err.Error())
-
-	return sb.String()
-}
-
-func InitLocaleTrFunctions() map[string][]uint {
-	ret := make(map[string][]uint)
-
-	f0 := []uint{0}
-	ret["Tr"] = f0
-	ret["TrString"] = f0
-	ret["TrHTML"] = f0
-
-	ret["TrPluralString"] = []uint{1}
-	ret["TrN"] = []uint{1, 2}
-
-	return ret
-}
-
-type Handler struct {
-	OnMsgid            func(fset *token.FileSet, pos token.Pos, msgid string)
-	OnUnexpectedInvoke func(fset *token.FileSet, pos token.Pos, funcname string, argc int)
-	LocaleTrFunctions  map[string][]uint
-}
-
-// the `Handle*File` functions follow the following calling convention:
-// * `fname` is the name of the input file
-// * `src` is either `nil` (then the function invokes `ReadFile` to read the file)
-//   or the contents of the file as {`[]byte`, or a `string`}
-
-func (handler Handler) HandleGoFile(fname string, src any) error {
-	fset := token.NewFileSet()
-	node, err := goParser.ParseFile(fset, fname, src, goParser.SkipObjectResolution)
-	if err != nil {
-		return LocatedError{
-			Location: fname,
-			Kind:     "Go parser",
-			Err:      err,
-		}
-	}
-
-	ast.Inspect(node, func(n ast.Node) bool {
-		// search for function calls of the form `anything.Tr(any-string-lit, ...)`
-
-		call, ok := n.(*ast.CallExpr)
-		if !ok || len(call.Args) < 1 {
-			return true
-		}
-
-		funSel, ok := call.Fun.(*ast.SelectorExpr)
-		if !ok {
-			return true
-		}
-
-		ltf, ok := handler.LocaleTrFunctions[funSel.Sel.Name]
-		if !ok {
-			return true
-		}
-
-		var gotUnexpectedInvoke *int
-
-		for _, argNum := range ltf {
-			if len(call.Args) >= int(argNum+1) {
-				argLit, ok := call.Args[int(argNum)].(*ast.BasicLit)
-				if !ok || argLit.Kind != token.STRING {
-					continue
-				}
-
-				// extract string content
-				arg, err := strconv.Unquote(argLit.Value)
-				if err == nil {
-					// found interesting strings
-					handler.OnMsgid(fset, argLit.ValuePos, arg)
-				}
-			} else {
-				argc := len(call.Args)
-				gotUnexpectedInvoke = &argc
-			}
-		}
-
-		if gotUnexpectedInvoke != nil {
-			handler.OnUnexpectedInvoke(fset, funSel.Sel.NamePos, funSel.Sel.Name, *gotUnexpectedInvoke)
-		}
-
-		return true
-	})
-
-	return nil
-}
-
-// derived from source: modules/templates/scopedtmpl/scopedtmpl.go, L169-L213
-func (handler Handler) handleTemplateNode(fset *token.FileSet, node tmplParser.Node) {
-	switch node.Type() {
-	case tmplParser.NodeAction:
-		handler.handleTemplatePipeNode(fset, node.(*tmplParser.ActionNode).Pipe)
-	case tmplParser.NodeList:
-		nodeList := node.(*tmplParser.ListNode)
-		handler.handleTemplateFileNodes(fset, nodeList.Nodes)
-	case tmplParser.NodePipe:
-		handler.handleTemplatePipeNode(fset, node.(*tmplParser.PipeNode))
-	case tmplParser.NodeTemplate:
-		handler.handleTemplatePipeNode(fset, node.(*tmplParser.TemplateNode).Pipe)
-	case tmplParser.NodeIf:
-		nodeIf := node.(*tmplParser.IfNode)
-		handler.handleTemplateBranchNode(fset, nodeIf.BranchNode)
-	case tmplParser.NodeRange:
-		nodeRange := node.(*tmplParser.RangeNode)
-		handler.handleTemplateBranchNode(fset, nodeRange.BranchNode)
-	case tmplParser.NodeWith:
-		nodeWith := node.(*tmplParser.WithNode)
-		handler.handleTemplateBranchNode(fset, nodeWith.BranchNode)
-
-	case tmplParser.NodeCommand:
-		nodeCommand := node.(*tmplParser.CommandNode)
-
-		handler.handleTemplateFileNodes(fset, nodeCommand.Args)
-
-		if len(nodeCommand.Args) < 2 {
-			return
-		}
-
-		nodeChain, ok := nodeCommand.Args[0].(*tmplParser.ChainNode)
-		if !ok {
-			return
-		}
-
-		nodeIdent, ok := nodeChain.Node.(*tmplParser.IdentifierNode)
-		if !ok || nodeIdent.Ident != "ctx" || len(nodeChain.Field) != 2 || nodeChain.Field[0] != "Locale" {
-			return
-		}
-
-		ltf, ok := handler.LocaleTrFunctions[nodeChain.Field[1]]
-		if !ok {
-			return
-		}
-
-		var gotUnexpectedInvoke *int
-
-		for _, argNum := range ltf {
-			if len(nodeCommand.Args) >= int(argNum+2) {
-				nodeString, ok := nodeCommand.Args[int(argNum+1)].(*tmplParser.StringNode)
-				if ok {
-					// found interesting strings
-					// the column numbers are a bit "off", but much better than nothing
-					handler.OnMsgid(fset, token.Pos(nodeString.Pos), nodeString.Text)
-				}
-			} else {
-				argc := len(nodeCommand.Args) - 1
-				gotUnexpectedInvoke = &argc
-			}
-		}
-
-		if gotUnexpectedInvoke != nil {
-			handler.OnUnexpectedInvoke(fset, token.Pos(nodeChain.Pos), nodeChain.Field[1], *gotUnexpectedInvoke)
-		}
-
-	default:
-	}
-}
-
-func (handler Handler) handleTemplatePipeNode(fset *token.FileSet, pipeNode *tmplParser.PipeNode) {
-	if pipeNode == nil {
-		return
-	}
-
-	// NOTE: we can't pass `pipeNode.Cmds` to handleTemplateFileNodes due to incompatible argument types
-	for _, node := range pipeNode.Cmds {
-		handler.handleTemplateNode(fset, node)
-	}
-}
-
-func (handler Handler) handleTemplateBranchNode(fset *token.FileSet, branchNode tmplParser.BranchNode) {
-	handler.handleTemplatePipeNode(fset, branchNode.Pipe)
-	handler.handleTemplateFileNodes(fset, branchNode.List.Nodes)
-	if branchNode.ElseList != nil {
-		handler.handleTemplateFileNodes(fset, branchNode.ElseList.Nodes)
-	}
-}
-
-func (handler Handler) handleTemplateFileNodes(fset *token.FileSet, nodes []tmplParser.Node) {
-	for _, node := range nodes {
-		handler.handleTemplateNode(fset, node)
-	}
-}
-
-func (handler Handler) HandleTemplateFile(fname string, src any) error {
-	var tmplContent []byte
-	switch src2 := src.(type) {
-	case nil:
-		var err error
-		tmplContent, err = os.ReadFile(fname)
-		if err != nil {
-			return LocatedError{
-				Location: fname,
-				Kind:     "ReadFile",
-				Err:      err,
-			}
-		}
-	case []byte:
-		tmplContent = src2
-	case string:
-		// SAFETY: we do not modify tmplContent below
-		tmplContent = util.UnsafeStringToBytes(src2)
-	default:
-		panic("invalid type for 'src'")
-	}
-
-	fset := token.NewFileSet()
-	fset.AddFile(fname, 1, len(tmplContent)).SetLinesForContent(tmplContent)
-	// SAFETY: we do not modify tmplContent2 below
-	tmplContent2 := util.UnsafeBytesToString(tmplContent)
-
-	tmpl := template.New(fname)
-	tmpl.Funcs(fjTemplates.NewFuncMap())
-	tmplParsed, err := tmpl.Parse(tmplContent2)
-	if err != nil {
-		return LocatedError{
-			Location: fname,
-			Kind:     "Template parser",
-			Err:      err,
-		}
-	}
-	handler.handleTemplateFileNodes(fset, tmplParsed.Root.Nodes)
-	return nil
-}
-
-// This command assumes that we get started from the project root directory
-//
-// Possible command line flags:
-//
-//	--allow-missing-msgids        don't return an error code if missing message IDs are found
-//
-// EXIT CODES:
-//
-//	0  success, no issues found
-//	1  unable to walk directory tree
-//	2  unable to parse locale ini/json files
-//	3  unable to parse go or text/template files
-//	4  found missing message IDs
-//
-//nolint:forbidigo
-func main() {
-	allowMissingMsgids := false
-	for _, arg := range os.Args[1:] {
-		if arg == "--allow-missing-msgids" {
-			allowMissingMsgids = true
-		}
-	}
-
-	onError := func(err error) {
-		if err == nil {
-			return
-		}
-		fmt.Println(err.Error())
-		os.Exit(3)
-	}
-
-	msgids := make(container.Set[string])
-
-	localeFile := filepath.Join(filepath.Join("options", "locale"), "locale_en-US.ini")
-	localeContent, err := os.ReadFile(localeFile)
-	if err != nil {
-		fmt.Printf("%s:\tERROR: %s\n", localeFile, err.Error())
-		os.Exit(2)
-	}
-
-	if err = localeiter.IterateMessagesContent(localeContent, func(trKey, trValue string) error {
-		msgids[trKey] = struct{}{}
-		return nil
-	}); err != nil {
-		fmt.Printf("%s:\tERROR: %s\n", localeFile, err.Error())
-		os.Exit(2)
-	}
-
-	localeFile = filepath.Join(filepath.Join("options", "locale_next"), "locale_en-US.json")
-	localeContent, err = os.ReadFile(localeFile)
-	if err != nil {
-		fmt.Printf("%s:\tERROR: %s\n", localeFile, err.Error())
-		os.Exit(2)
-	}
-
-	if err := localeiter.IterateMessagesNextContent(localeContent, func(trKey, pluralForm, trValue string) error {
-		// ignore plural form
-		msgids[trKey] = struct{}{}
-		return nil
-	}); err != nil {
-		fmt.Printf("%s:\tERROR: %s\n", localeFile, err.Error())
-		os.Exit(2)
-	}
-
-	gotAnyMsgidError := false
-
-	handler := Handler{
-		OnMsgid: func(fset *token.FileSet, pos token.Pos, msgid string) {
-			if !msgids.Contains(msgid) {
-				gotAnyMsgidError = true
-				fmt.Printf("%s:\tmissing msgid: %s\n", fset.Position(pos).String(), msgid)
-			}
-		},
-		OnUnexpectedInvoke: func(fset *token.FileSet, pos token.Pos, funcname string, argc int) {
-			gotAnyMsgidError = true
-			fmt.Printf("%s:\tunexpected invocation of %s with %d arguments\n", fset.Position(pos).String(), funcname, argc)
-		},
-		LocaleTrFunctions: InitLocaleTrFunctions(),
-	}
-
-	if err := filepath.WalkDir(".", func(fpath string, d fs.DirEntry, err error) error {
-		if err != nil {
-			if os.IsNotExist(err) {
-				return nil
-			}
-			return err
-		}
-		name := d.Name()
-		if d.IsDir() {
-			if name == "docker" || name == ".git" || name == "node_modules" {
-				return fs.SkipDir
-			}
-		} else if name == "bindata.go" || fpath == "modules/translation/i18n/i18n_test.go" {
-			// skip false positives
-		} else if strings.HasSuffix(name, ".go") {
-			onError(handler.HandleGoFile(fpath, nil))
-		} else if strings.HasSuffix(name, ".tmpl") {
-			if strings.HasPrefix(fpath, "tests") && strings.HasSuffix(name, ".ini.tmpl") {
-				// skip false positives
-			} else {
-				onError(handler.HandleTemplateFile(fpath, nil))
-			}
-		}
-		return nil
-	}); err != nil {
-		fmt.Printf("walkdir ERROR: %s\n", err.Error())
-		os.Exit(1)
-	}
-
-	if !allowMissingMsgids && gotAnyMsgidError {
-		os.Exit(4)
-	}
-}

build/lint-locale-usage/lint-locale-usage_test.go

@@ -1,50 +0,0 @@
-// Copyright 2025 The Forgejo Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-
-package main
-
-import (
-	"go/token"
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
-)
-
-func buildHandler(ret *[]string) Handler {
-	return Handler{
-		OnMsgid: func(fset *token.FileSet, pos token.Pos, msgid string) {
-			*ret = append(*ret, msgid)
-		},
-		OnUnexpectedInvoke: func(fset *token.FileSet, pos token.Pos, funcname string, argc int) {},
-		LocaleTrFunctions:  InitLocaleTrFunctions(),
-	}
-}
-
-func HandleGoFileWrapped(t *testing.T, fname, src string) []string {
-	var ret []string
-	handler := buildHandler(&ret)
-	require.NoError(t, handler.HandleGoFile(fname, src))
-	return ret
-}
-
-func HandleTemplateFileWrapped(t *testing.T, fname, src string) []string {
-	var ret []string
-	handler := buildHandler(&ret)
-	require.NoError(t, handler.HandleTemplateFile(fname, src))
-	return ret
-}
-
-func TestUsagesParser(t *testing.T) {
-	t.Run("go, simple", func(t *testing.T) {
-		assert.Equal(t,
-			[]string{"what.an.example"},
-			HandleGoFileWrapped(t, "<g1>", "package main\nfunc Render(ctx *context.Context) string { return ctx.Tr(\"what.an.example\"); }\n"))
-	})
-
-	t.Run("template, simple", func(t *testing.T) {
-		assert.Equal(t,
-			[]string{"what.an.example"},
-			HandleTemplateFileWrapped(t, "<t1>", "{{ ctx.Locale.Tr \"what.an.example\" }}\n"))
-	})
-}

build/lint-locale.go

@@ -14,10 +14,9 @@ import (
 	"slices"
 	"strings"
 
-	"forgejo.org/modules/translation/localeiter"
-
 	"github.com/microcosm-cc/bluemonday"
 	"github.com/sergi/go-diff/diffmatchpatch"
+	"gopkg.in/ini.v1" //nolint:depguard
 )
 
 var (
@@ -27,8 +26,6 @@ var (
 
 	// Matches href="", href="#", href="%s", href="#%s", href="%[1]s" and href="#%[1]s".
 	placeHolderRegex = regexp.MustCompile(`href="#?(%s|%\[\d\]s)?"`)
-
-	dmp = diffmatchpatch.New()
 )
 
 func initBlueMondayPolicy() {
@@ -52,7 +49,7 @@ func initBlueMondayPolicy() {
 	policy.AllowAttrs("id").Matching(positionalPlaceholderRe).OnElements("code")
 
 	// Allowed elements with no attributes. Must be a recognized tagname.
-	policy.AllowElements("strong", "br", "b", "strike", "code", "i", "kbd")
+	policy.AllowElements("strong", "br", "b", "strike", "code", "i")
 
 	// TODO: Remove <c> in `actions.workflow.dispatch.trigger_found`.
 	policy.AllowNoAttrs().OnElements("c")
@@ -62,9 +59,9 @@ func initRemoveTags() {
 	oldnew := []string{}
 	for _, el := range []string{
 		"email@example.com", "correu@example.com", "epasts@domens.lv", "email@exemplo.com", "eposta@ornek.com", "email@példa.hu", "email@esempio.it",
-		"user", "utente", "lietotājs", "gebruiker", "usuário", "Benutzer", "Bruker", "bruger", "użytkownik",
+		"user", "utente", "lietotājs", "gebruiker", "usuário", "Benutzer", "Bruker", "bruger",
 		"server", "servidor", "kiszolgáló", "serveris",
-		"label", "etichetta", "etiķete", "rótulo", "Label", "utilizador", "etiket", "iezīme", "etykieta",
+		"label", "etichetta", "etiķete", "rótulo", "Label", "utilizador", "etiket", "iezīme",
 	} {
 		oldnew = append(oldnew, "<"+el+">", "REPLACED-TAG")
 	}
@@ -82,48 +79,41 @@ func preprocessTranslationValue(value string) string {
 	return value
 }
 
-func checkValue(trKey, value string) []string {
-	keyValue := preprocessTranslationValue(value)
-
-	if html.UnescapeString(policy.Sanitize(keyValue)) == keyValue {
-		return nil
-	}
-
-	// Create a nice diff of the difference.
-	diffs := dmp.DiffMain(keyValue, html.UnescapeString(policy.Sanitize(keyValue)), false)
-	diffs = dmp.DiffCleanupSemantic(diffs)
-	diffs = dmp.DiffCleanupEfficiency(diffs)
-
-	return []string{trKey + ": " + dmp.DiffPrettyText(diffs)}
-}
-
 func checkLocaleContent(localeContent []byte) []string {
-	errors := []string{}
+	// Same configuration as Forgejo uses.
+	cfg := ini.Empty(ini.LoadOptions{
+		IgnoreContinuation: true,
+	})
+	cfg.NameMapper = ini.SnackCase
 
-	if err := localeiter.IterateMessagesContent(localeContent, func(trKey, trValue string) error {
-		errors = append(errors, checkValue(trKey, trValue)...)
-		return nil
-	}); err != nil {
+	if err := cfg.Append(localeContent); err != nil {
 		panic(err)
 	}
 
-	return errors
-}
-
-func checkLocaleNextContent(localeContent []byte) []string {
+	dmp := diffmatchpatch.New()
 	errors := []string{}
 
-	if err := localeiter.IterateMessagesNextContent(localeContent, func(trKey, pluralForm, trValue string) error {
-		fullKey := trKey
-		if pluralForm != "" {
-			fullKey = trKey + "." + pluralForm
+	for _, section := range cfg.Sections() {
+		for _, key := range section.Keys() {
+			var trKey string
+			if section.Name() == "" || section.Name() == "DEFAULT" || section.Name() == "common" {
+				trKey = key.Name()
+			} else {
+				trKey = section.Name() + "." + key.Name()
+			}
+
+			keyValue := preprocessTranslationValue(key.Value())
+
+			if html.UnescapeString(policy.Sanitize(keyValue)) != keyValue {
+				// Create a nice diff of the difference.
+				diffs := dmp.DiffMain(keyValue, html.UnescapeString(policy.Sanitize(keyValue)), false)
+				diffs = dmp.DiffCleanupSemantic(diffs)
+				diffs = dmp.DiffCleanupEfficiency(diffs)
+
+				errors = append(errors, trKey+": "+dmp.DiffPrettyText(diffs))
+			}
 		}
-		errors = append(errors, checkValue(fullKey, trValue)...)
-		return nil
-	}); err != nil {
-		panic(err)
 	}
-
 	return errors
 }
 
@@ -137,7 +127,6 @@ func main() {
 		panic(err)
 	}
 
-	// Safety check that we are not reading the wrong directory.
 	if !slices.ContainsFunc(localeFiles, func(e fs.DirEntry) bool { return strings.HasSuffix(e.Name(), ".ini") }) {
 		fmt.Println("No locale files found")
 		os.Exit(1)
@@ -151,7 +140,6 @@ func main() {
 
 		localeContent, err := os.ReadFile(filepath.Join(localeDir, localeFile.Name()))
 		if err != nil {
-			fmt.Println(localeFile.Name())
 			panic(err)
 		}
 
@@ -163,33 +151,5 @@ func main() {
 		}
 	}
 
-	// Check the locale next.
-	localeDir = filepath.Join("options", "locale_next")
-	localeFiles, err = os.ReadDir(localeDir)
-	if err != nil {
-		panic(err)
-	}
-
-	// Safety check that we are not reading the wrong directory.
-	if !slices.ContainsFunc(localeFiles, func(e fs.DirEntry) bool { return strings.HasSuffix(e.Name(), ".json") }) {
-		fmt.Println("No locale_next files found")
-		os.Exit(1)
-	}
-
-	for _, localeFile := range localeFiles {
-		localeContent, err := os.ReadFile(filepath.Join(localeDir, localeFile.Name()))
-		if err != nil {
-			fmt.Println(localeFile.Name())
-			panic(err)
-		}
-
-		if err := checkLocaleNextContent(localeContent); len(err) > 0 {
-			fmt.Println(localeFile.Name())
-			fmt.Println(strings.Join(err, "\n"))
-			fmt.Println()
-			exitCode = 1
-		}
-	}
-
 	os.Exit(exitCode)
 }

build/lint-locale/lint-locale_test.go

@@ -1,106 +0,0 @@
-// Copyright 2024 The Forgejo Authors. All rights reserved.
-// SPDX-License-Identifier: MIT
-package main
-
-import (
-	"testing"
-
-	"github.com/stretchr/testify/assert"
-)
-
-func TestLocalizationPolicy(t *testing.T) {
-	initBlueMondayPolicy()
-	initRemoveTags()
-
-	t.Run("Remove tags", func(t *testing.T) {
-		assert.Empty(t, checkLocaleContent([]byte(`hidden_comment_types_description = Comment types checked here will not be shown inside issue pages. Checking "Label" for example removes all "<user> added/removed <label>" comments.`)))
-
-		assert.Equal(t, []string{"key: \x1b[31m<not-an-allowed-key>\x1b[0m REPLACED-TAG"}, checkLocaleContent([]byte(`key = "<not-an-allowed-key> <label>"`)))
-		assert.Equal(t, []string{"key: \x1b[31m<user@example.com>\x1b[0m REPLACED-TAG"}, checkLocaleContent([]byte(`key = "<user@example.com> <email@example.com>"`)))
-		assert.Equal(t, []string{"key: \x1b[31m<tag>\x1b[0m REPLACED-TAG \x1b[31m</tag>\x1b[0m"}, checkLocaleContent([]byte(`key = "<tag> <email@example.com> </tag>"`)))
-	})
-
-	t.Run("Specific exception", func(t *testing.T) {
-		assert.Empty(t, checkLocaleContent([]byte(`workflow.dispatch.trigger_found = This workflow has a <c>workflow_dispatch</c> event trigger.`)))
-		assert.Empty(t, checkLocaleContent([]byte(`pulls.title_desc_one = wants to merge %[1]d commit from <code>%[2]s</code> into <code id="%[4]s">%[3]s</code>`)))
-		assert.Empty(t, checkLocaleContent([]byte(`editor.commit_directly_to_this_branch = Commit directly to the <strong class="%[2]s">%[1]s</strong> branch.`)))
-
-		assert.Equal(t, []string{"workflow.dispatch.trigger_found: This workflow has a \x1b[31m<d>\x1b[0mworkflow_dispatch\x1b[31m</d>\x1b[0m event trigger."}, checkLocaleContent([]byte(`workflow.dispatch.trigger_found = This workflow has a <d>workflow_dispatch</d> event trigger.`)))
-		assert.Equal(t, []string{"key: <code\x1b[31m id=\"branch_targe\"\x1b[0m>%[3]s</code>"}, checkLocaleContent([]byte(`key = <code id="branch_targe">%[3]s</code>`)))
-		assert.Equal(t, []string{"key: <a\x1b[31m class=\"ui sh\"\x1b[0m href=\"https://TO-BE-REPLACED.COM\">"}, checkLocaleContent([]byte(`key = <a class="ui sh" href="%[3]s">`)))
-		assert.Equal(t, []string{"key: <a\x1b[31m class=\"js-click-me\"\x1b[0m href=\"https://TO-BE-REPLACED.COM\">"}, checkLocaleContent([]byte(`key = <a class="js-click-me" href="%[3]s">`)))
-		assert.Equal(t, []string{"key: <strong\x1b[31m class=\"branch-target\"\x1b[0m>%[1]s</strong>"}, checkLocaleContent([]byte(`key = <strong class="branch-target">%[1]s</strong>`)))
-	})
-
-	t.Run("General safe tags", func(t *testing.T) {
-		assert.Empty(t, checkLocaleContent([]byte("error404 = The page you are trying to reach either <strong>does not exist</strong> or <strong>you are not authorized</strong> to view it.")))
-		assert.Empty(t, checkLocaleContent([]byte("teams.specific_repositories_helper = Members will only have access to repositories explicitly added to the team. Selecting this <strong>will not</strong> automatically remove repositories already added with <i>All repositories</i>.")))
-		assert.Empty(t, checkLocaleContent([]byte("sqlite_helper = File path for the SQLite3 database.<br>Enter an absolute path if you run Forgejo as a service.")))
-		assert.Empty(t, checkLocaleContent([]byte("hi_user_x = Hi <b>%s</b>,")))
-
-		assert.Equal(t, []string{"error404: The page you are trying to reach either <strong\x1b[31m title='aaa'\x1b[0m>does not exist</strong> or <strong>you are not authorized</strong> to view it."}, checkLocaleContent([]byte("error404 = The page you are trying to reach either <strong title='aaa'>does not exist</strong> or <strong>you are not authorized</strong> to view it.")))
-	})
-
-	t.Run("<a>", func(t *testing.T) {
-		assert.Empty(t, checkLocaleContent([]byte(`admin.new_user.text = Please <a href="%s">click here</a> to manage this user from the admin panel.`)))
-		assert.Empty(t, checkLocaleContent([]byte(`access_token_desc = Selected token permissions limit authorization only to the corresponding <a href="%[1]s" target="_blank">API</a> routes. Read the <a href="%[2]s" target="_blank">documentation</a> for more information.`)))
-		assert.Empty(t, checkLocaleContent([]byte(`webauthn_desc = Security keys are hardware devices containing cryptographic keys. They can be used for two-factor authentication. Security keys must support the <a rel="noreferrer" target="_blank" href="%s">WebAuthn Authenticator</a> standard.`)))
-		assert.Empty(t, checkLocaleContent([]byte("issues.closed_at = `closed this issue <a id=\"%[1]s\" href=\"#%[1]s\">%[2]s</a>`")))
-
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"https://example.com\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com">`)))
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"javascript:alert('1')\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="javascript:alert('1')">`)))
-		assert.Equal(t, []string{"key: <a href=\"https://TO-BE-REPLACED.COM\"\x1b[31m download\x1b[0m>"}, checkLocaleContent([]byte(`key = <a href="%s" download>`)))
-		assert.Equal(t, []string{"key: <a href=\"https://TO-BE-REPLACED.COM\"\x1b[31m target=\"_self\"\x1b[0m>"}, checkLocaleContent([]byte(`key = <a href="%s" target="_self">`)))
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"https://example.com/%s\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com/%s">`)))
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"https://example.com/?q=%s\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com/?q=%s">`)))
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"%s/open-redirect\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="%s/open-redirect">`)))
-		assert.Equal(t, []string{"key: \x1b[31m<a href=\"%s?q=open-redirect\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="%s?q=open-redirect">`)))
-	})
-
-	t.Run("Escaped HTML characters", func(t *testing.T) {
-		assert.Empty(t, checkLocaleContent([]byte("activity.git_stats_push_to_branch = `إلى %s و\"`")))
-
-		assert.Equal(t, []string{"key: و\x1b[31m&nbsp;\x1b[0m\x1b[32m\u00a0\x1b[0m"}, checkLocaleContent([]byte(`key = و&nbsp;`)))
-	})
-}
-
-func TestNextLocalizationPolicy(t *testing.T) {
-	initBlueMondayPolicy()
-	initRemoveTags()
-
-	t.Run("Nested locales", func(t *testing.T) {
-		assert.Empty(t, checkLocaleNextContent([]byte(`{
-			"settings": {
-				"hidden_comment_types_description": "Comment types checked here will not be shown inside issue pages. Checking \"Label\" for example removes all \"<user> added/removed <label>\" comments."
-			}
-		}`)))
-
-		assert.Equal(t, []string{"settings.hidden_comment_types_description: \"\x1b[31m<not-an-allowed-key>\x1b[0m REPLACED-TAG\""}, checkLocaleNextContent([]byte(`{
-			"settings": {
-				"hidden_comment_types_description": "\"<not-an-allowed-key> <label>\""
-			}
-		}`)))
-	})
-
-	t.Run("Flat locales", func(t *testing.T) {
-		assert.Empty(t, checkLocaleNextContent([]byte(`{
-			"settings.hidden_comment_types_description": "Comment types checked here will not be shown inside issue pages. Checking \"Label\" for example removes all \"<user> added/removed <label>\" comments."
-		}`)))
-
-		assert.Equal(t, []string{"settings.hidden_comment_types_description: \"\x1b[31m<not-an-allowed-key>\x1b[0m REPLACED-TAG\""}, checkLocaleNextContent([]byte(`{
-			"settings.hidden_comment_types_description": "\"<not-an-allowed-key> <label>\""
-		}`)))
-	})
-
-	t.Run("Plural form", func(t *testing.T) {
-		assert.Equal(t, []string{"repo.pulls.title_desc: key = \x1b[31m<a href=\"https://example.com\">\x1b[0m"}, checkLocaleNextContent([]byte(`{"repo.pulls.title_desc": {
-                       "few": "key = <a href=\"%s\">",
-                       "other": "key = <a href=\"https://example.com\">"
-    }}`)))
-
-		assert.Equal(t, []string{"repo.pulls.title_desc.few: key = \x1b[31m<a href=\"https://example.com\">\x1b[0m"}, checkLocaleNextContent([]byte(`{"repo.pulls.title_desc": {
-                       "few": "key = <a href=\"https://example.com\">",
-                       "other": "key = <a href=\"%s\">"
-    }}`)))
-	})
-}

build/lint-locale_test.go

@@ -0,0 +1,65 @@
+// Copyright 2024 The Forgejo Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+package main
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestLocalizationPolicy(t *testing.T) {
+	initBlueMondayPolicy()
+	initRemoveTags()
+
+	t.Run("Remove tags", func(t *testing.T) {
+		assert.Empty(t, checkLocaleContent([]byte(`hidden_comment_types_description = Comment types checked here will not be shown inside issue pages. Checking "Label" for example removes all "<user> added/removed <label>" comments.`)))
+
+		assert.EqualValues(t, []string{"key: \x1b[31m<not-an-allowed-key>\x1b[0m REPLACED-TAG"}, checkLocaleContent([]byte(`key = "<not-an-allowed-key> <label>"`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<user@example.com>\x1b[0m REPLACED-TAG"}, checkLocaleContent([]byte(`key = "<user@example.com> <email@example.com>"`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<tag>\x1b[0m REPLACED-TAG \x1b[31m</tag>\x1b[0m"}, checkLocaleContent([]byte(`key = "<tag> <email@example.com> </tag>"`)))
+	})
+
+	t.Run("Specific exception", func(t *testing.T) {
+		assert.Empty(t, checkLocaleContent([]byte(`workflow.dispatch.trigger_found = This workflow has a <c>workflow_dispatch</c> event trigger.`)))
+		assert.Empty(t, checkLocaleContent([]byte(`pulls.title_desc_one = wants to merge %[1]d commit from <code>%[2]s</code> into <code id="%[4]s">%[3]s</code>`)))
+		assert.Empty(t, checkLocaleContent([]byte(`editor.commit_directly_to_this_branch = Commit directly to the <strong class="%[2]s">%[1]s</strong> branch.`)))
+
+		assert.EqualValues(t, []string{"workflow.dispatch.trigger_found: This workflow has a \x1b[31m<d>\x1b[0mworkflow_dispatch\x1b[31m</d>\x1b[0m event trigger."}, checkLocaleContent([]byte(`workflow.dispatch.trigger_found = This workflow has a <d>workflow_dispatch</d> event trigger.`)))
+		assert.EqualValues(t, []string{"key: <code\x1b[31m id=\"branch_targe\"\x1b[0m>%[3]s</code>"}, checkLocaleContent([]byte(`key = <code id="branch_targe">%[3]s</code>`)))
+		assert.EqualValues(t, []string{"key: <a\x1b[31m class=\"ui sh\"\x1b[0m href=\"https://TO-BE-REPLACED.COM\">"}, checkLocaleContent([]byte(`key = <a class="ui sh" href="%[3]s">`)))
+		assert.EqualValues(t, []string{"key: <a\x1b[31m class=\"js-click-me\"\x1b[0m href=\"https://TO-BE-REPLACED.COM\">"}, checkLocaleContent([]byte(`key = <a class="js-click-me" href="%[3]s">`)))
+		assert.EqualValues(t, []string{"key: <strong\x1b[31m class=\"branch-target\"\x1b[0m>%[1]s</strong>"}, checkLocaleContent([]byte(`key = <strong class="branch-target">%[1]s</strong>`)))
+	})
+
+	t.Run("General safe tags", func(t *testing.T) {
+		assert.Empty(t, checkLocaleContent([]byte("error404 = The page you are trying to reach either <strong>does not exist</strong> or <strong>you are not authorized</strong> to view it.")))
+		assert.Empty(t, checkLocaleContent([]byte("teams.specific_repositories_helper = Members will only have access to repositories explicitly added to the team. Selecting this <strong>will not</strong> automatically remove repositories already added with <i>All repositories</i>.")))
+		assert.Empty(t, checkLocaleContent([]byte("sqlite_helper = File path for the SQLite3 database.<br>Enter an absolute path if you run Forgejo as a service.")))
+		assert.Empty(t, checkLocaleContent([]byte("hi_user_x = Hi <b>%s</b>,")))
+
+		assert.EqualValues(t, []string{"error404: The page you are trying to reach either <strong\x1b[31m title='aaa'\x1b[0m>does not exist</strong> or <strong>you are not authorized</strong> to view it."}, checkLocaleContent([]byte("error404 = The page you are trying to reach either <strong title='aaa'>does not exist</strong> or <strong>you are not authorized</strong> to view it.")))
+	})
+
+	t.Run("<a>", func(t *testing.T) {
+		assert.Empty(t, checkLocaleContent([]byte(`admin.new_user.text = Please <a href="%s">click here</a> to manage this user from the admin panel.`)))
+		assert.Empty(t, checkLocaleContent([]byte(`access_token_desc = Selected token permissions limit authorization only to the corresponding <a href="%[1]s" target="_blank">API</a> routes. Read the <a href="%[2]s" target="_blank">documentation</a> for more information.`)))
+		assert.Empty(t, checkLocaleContent([]byte(`webauthn_desc = Security keys are hardware devices containing cryptographic keys. They can be used for two-factor authentication. Security keys must support the <a rel="noreferrer" target="_blank" href="%s">WebAuthn Authenticator</a> standard.`)))
+		assert.Empty(t, checkLocaleContent([]byte("issues.closed_at = `closed this issue <a id=\"%[1]s\" href=\"#%[1]s\">%[2]s</a>`")))
+
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"https://example.com\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com">`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"javascript:alert('1')\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="javascript:alert('1')">`)))
+		assert.EqualValues(t, []string{"key: <a href=\"https://TO-BE-REPLACED.COM\"\x1b[31m download\x1b[0m>"}, checkLocaleContent([]byte(`key = <a href="%s" download>`)))
+		assert.EqualValues(t, []string{"key: <a href=\"https://TO-BE-REPLACED.COM\"\x1b[31m target=\"_self\"\x1b[0m>"}, checkLocaleContent([]byte(`key = <a href="%s" target="_self">`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"https://example.com/%s\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com/%s">`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"https://example.com/?q=%s\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="https://example.com/?q=%s">`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"%s/open-redirect\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="%s/open-redirect">`)))
+		assert.EqualValues(t, []string{"key: \x1b[31m<a href=\"%s?q=open-redirect\">\x1b[0m"}, checkLocaleContent([]byte(`key = <a href="%s?q=open-redirect">`)))
+	})
+
+	t.Run("Escaped HTML characters", func(t *testing.T) {
+		assert.Empty(t, checkLocaleContent([]byte("activity.git_stats_push_to_branch = `إلى %s و\"`")))
+
+		assert.EqualValues(t, []string{"key: و\x1b[31m&nbsp\x1b[0m\x1b[32m\u00a0\x1b[0m"}, checkLocaleContent([]byte(`key = و&nbsp;`)))
+	})
+}

build/update-locales.sh

@@ -0,0 +1,52 @@
+#!/bin/sh
+
+# this script runs in alpine image which only has `sh` shell
+
+set +e
+if sed --version 2>/dev/null | grep -q GNU; then
+  SED_INPLACE="sed -i"
+else
+  SED_INPLACE="sed -i ''"
+fi
+set -e
+
+if [ ! -f ./options/locale/locale_en-US.ini ]; then
+  echo "please run this script in the root directory of the project"
+  exit 1
+fi
+
+mv ./options/locale/locale_en-US.ini ./options/
+
+# the "ini" library for locale has many quirks, its behavior is different from Crowdin.
+# see i18n_test.go for more details
+
+# this script helps to unquote the Crowdin outputs for the quirky ini library
+# * find all `key="...\"..."` lines
+# * remove the leading quote
+# * remove the trailing quote
+# * unescape the quotes
+# * eg: key="...\"..." => key=..."...
+$SED_INPLACE -r -e '/^[-.A-Za-z0-9_]+[ ]*=[ ]*".*"$/ {
+	s/^([-.A-Za-z0-9_]+)[ ]*=[ ]*"/\1=/
+	s/"$//
+	s/\\"/"/g
+	}' ./options/locale/*.ini
+
+# * if the escaped line is incomplete like `key="...` or `key=..."`, quote it with backticks
+# * eg: key="... => key=`"...`
+# * eg: key=..." => key=`..."`
+$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*(".*[^"])$/\1=`\2`/' ./options/locale/*.ini
+$SED_INPLACE -r -e 's/^([-.A-Za-z0-9_]+)[ ]*=[ ]*([^"].*")$/\1=`\2`/' ./options/locale/*.ini
+
+# Remove translation under 25% of en_us
+baselines=$(wc -l "./options/locale_en-US.ini" | cut -d" " -f1)
+baselines=$((baselines / 4))
+for filename in ./options/locale/*.ini; do
+  lines=$(wc -l "$filename" | cut -d" " -f1)
+  if [ $lines -lt $baselines ]; then
+    echo "Removing $filename: $lines/$baselines"
+    rm "$filename"
+  fi
+done
+
+mv ./options/locale_en-US.ini ./options/locale/

cmd/actions.go

@@ -4,28 +4,25 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-// CmdActions represents the available actions sub-commands.
-func cmdActions() *cli.Command {
-	return &cli.Command{
+var (
+	// CmdActions represents the available actions sub-commands.
+	CmdActions = &cli.Command{
 		Name:  "actions",
 		Usage: "Manage Forgejo Actions",
-		Commands: []*cli.Command{
-			subcmdActionsGenRunnerToken(),
+		Subcommands: []*cli.Command{
+			subcmdActionsGenRunnerToken,
 		},
 	}
-}
 
-func subcmdActionsGenRunnerToken() *cli.Command {
-	return &cli.Command{
+	subcmdActionsGenRunnerToken = &cli.Command{
 		Name:    "generate-runner-token",
 		Usage:   "Generate a new token for a runner to use to register with the server",
 		Action:  runGenerateActionsRunnerToken,
@@ -39,10 +36,10 @@ func subcmdActionsGenRunnerToken() *cli.Command {
 			},
 		},
 	}
-}
+)
 
-func runGenerateActionsRunnerToken(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runGenerateActionsRunnerToken(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	setting.MustInstalled()

cmd/admin.go

@@ -8,71 +8,63 @@ import (
 	"context"
 	"fmt"
 
-	"forgejo.org/models/db"
-	repo_model "forgejo.org/models/repo"
-	"forgejo.org/modules/git"
-	"forgejo.org/modules/gitrepo"
-	"forgejo.org/modules/log"
-	repo_module "forgejo.org/modules/repository"
+	"code.gitea.io/gitea/models/db"
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/gitrepo"
+	"code.gitea.io/gitea/modules/log"
+	repo_module "code.gitea.io/gitea/modules/repository"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-// CmdAdmin represents the available admin sub-command.
-func cmdAdmin() *cli.Command {
-	return &cli.Command{
+var (
+	// CmdAdmin represents the available admin sub-command.
+	CmdAdmin = &cli.Command{
 		Name:  "admin",
 		Usage: "Perform common administrative operations",
-		Commands: []*cli.Command{
-			subcmdUser(),
-			subcmdRepoSyncReleases(),
-			subcmdRegenerate(),
-			subcmdAuth(),
-			subcmdSendMail(),
+		Subcommands: []*cli.Command{
+			subcmdUser,
+			subcmdRepoSyncReleases,
+			subcmdRegenerate,
+			subcmdAuth,
+			subcmdSendMail,
 		},
 	}
-}
 
-func subcmdRepoSyncReleases() *cli.Command {
-	return &cli.Command{
+	subcmdRepoSyncReleases = &cli.Command{
 		Name:   "repo-sync-releases",
 		Usage:  "Synchronize repository releases with tags",
 		Action: runRepoSyncReleases,
 	}
-}
 
-func subcmdRegenerate() *cli.Command {
-	return &cli.Command{
+	subcmdRegenerate = &cli.Command{
 		Name:  "regenerate",
 		Usage: "Regenerate specific files",
-		Commands: []*cli.Command{
+		Subcommands: []*cli.Command{
 			microcmdRegenHooks,
 			microcmdRegenKeys,
 		},
 	}
-}
 
-func subcmdAuth() *cli.Command {
-	return &cli.Command{
+	subcmdAuth = &cli.Command{
 		Name:  "auth",
 		Usage: "Modify external auth providers",
-		Commands: []*cli.Command{
-			microcmdAuthAddOauth(),
-			microcmdAuthUpdateOauth(),
-			microcmdAuthAddLdapBindDn(),
-			microcmdAuthUpdateLdapBindDn(),
-			microcmdAuthAddLdapSimpleAuth(),
-			microcmdAuthUpdateLdapSimpleAuth(),
-			microcmdAuthAddSMTP(),
-			microcmdAuthUpdateSMTP(),
-			microcmdAuthList(),
-			microcmdAuthDelete(),
+		Subcommands: []*cli.Command{
+			microcmdAuthAddOauth,
+			microcmdAuthUpdateOauth,
+			microcmdAuthAddLdapBindDn,
+			microcmdAuthUpdateLdapBindDn,
+			microcmdAuthAddLdapSimpleAuth,
+			microcmdAuthUpdateLdapSimpleAuth,
+			microcmdAuthAddSMTP,
+			microcmdAuthUpdateSMTP,
+			microcmdAuthList,
+			microcmdAuthDelete,
 		},
 	}
-}
 
-func subcmdSendMail() *cli.Command {
-	return &cli.Command{
+	subcmdSendMail = &cli.Command{
 		Name:   "sendmail",
 		Usage:  "Send a message to all users",
 		Action: runSendMail,
@@ -94,17 +86,15 @@ func subcmdSendMail() *cli.Command {
 			},
 		},
 	}
-}
 
-func idFlag() *cli.Int64Flag {
-	return &cli.Int64Flag{
+	idFlag = &cli.Int64Flag{
 		Name:  "id",
 		Usage: "ID of authentication source",
 	}
-}
+)
 
-func runRepoSyncReleases(ctx context.Context, _ *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRepoSyncReleases(_ *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_auth.go

@@ -4,30 +4,26 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"os"
 	"text/tabwriter"
 
-	auth_model "forgejo.org/models/auth"
-	"forgejo.org/models/db"
-	auth_service "forgejo.org/services/auth"
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
+	auth_service "code.gitea.io/gitea/services/auth"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdAuthDelete() *cli.Command {
-	return &cli.Command{
+var (
+	microcmdAuthDelete = &cli.Command{
 		Name:   "delete",
 		Usage:  "Delete specific auth source",
-		Flags:  []cli.Flag{idFlag()},
+		Flags:  []cli.Flag{idFlag},
 		Action: runDeleteAuth,
 	}
-}
-
-func microcmdAuthList() *cli.Command {
-	return &cli.Command{
+	microcmdAuthList = &cli.Command{
 		Name:   "list",
 		Usage:  "List auth sources",
 		Action: runListAuth,
@@ -58,10 +54,10 @@ func microcmdAuthList() *cli.Command {
 			},
 		},
 	}
-}
+)
 
-func runListAuth(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runListAuth(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -85,7 +81,7 @@ func runListAuth(ctx context.Context, c *cli.Command) error {
 
 	// loop through each source and print
 	w := tabwriter.NewWriter(os.Stdout, c.Int("min-width"), c.Int("tab-width"), c.Int("padding"), padChar, flags)
-	fmt.Fprint(w, "ID\tName\tType\tEnabled\n")
+	fmt.Fprintf(w, "ID\tName\tType\tEnabled\n")
 	for _, source := range authSources {
 		fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", source.ID, source.Name, source.Type.String(), source.IsActive)
 	}
@@ -94,12 +90,12 @@ func runListAuth(ctx context.Context, c *cli.Command) error {
 	return nil
 }
 
-func runDeleteAuth(ctx context.Context, c *cli.Command) error {
+func runDeleteAuth(c *cli.Context) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_auth_ldap.go

@@ -8,10 +8,10 @@ import (
 	"fmt"
 	"strings"
 
-	"forgejo.org/models/auth"
-	"forgejo.org/services/auth/source/ldap"
+	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/services/auth/source/ldap"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 type (
@@ -23,8 +23,8 @@ type (
 	}
 )
 
-func commonLdapCLIFlags() []cli.Flag {
-	return []cli.Flag{
+var (
+	commonLdapCLIFlags = []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Usage: "Authentication name.",
@@ -102,10 +102,8 @@ func commonLdapCLIFlags() []cli.Flag {
 			Usage: "The attribute of the user’s LDAP record containing the user’s avatar.",
 		},
 	}
-}
 
-func ldapBindDnCLIFlags() []cli.Flag {
-	return append(commonLdapCLIFlags(),
+	ldapBindDnCLIFlags = append(commonLdapCLIFlags,
 		&cli.StringFlag{
 			Name:  "bind-dn",
 			Usage: "The DN to bind to the LDAP server with when searching for the user.",
@@ -130,59 +128,49 @@ func ldapBindDnCLIFlags() []cli.Flag {
 			Name:  "page-size",
 			Usage: "Search page size.",
 		})
-}
 
-func ldapSimpleAuthCLIFlags() []cli.Flag {
-	return append(commonLdapCLIFlags(),
+	ldapSimpleAuthCLIFlags = append(commonLdapCLIFlags,
 		&cli.StringFlag{
 			Name:  "user-dn",
 			Usage: "The user's DN.",
 		})
-}
 
-func microcmdAuthAddLdapBindDn() *cli.Command {
-	return &cli.Command{
+	microcmdAuthAddLdapBindDn = &cli.Command{
 		Name:  "add-ldap",
 		Usage: "Add new LDAP (via Bind DN) authentication source",
-		Action: func(ctx context.Context, cli *cli.Command) error {
-			return newAuthService().addLdapBindDn(ctx, cli)
+		Action: func(c *cli.Context) error {
+			return newAuthService().addLdapBindDn(c)
 		},
-		Flags: ldapBindDnCLIFlags(),
+		Flags: ldapBindDnCLIFlags,
 	}
-}
 
-func microcmdAuthUpdateLdapBindDn() *cli.Command {
-	return &cli.Command{
+	microcmdAuthUpdateLdapBindDn = &cli.Command{
 		Name:  "update-ldap",
 		Usage: "Update existing LDAP (via Bind DN) authentication source",
-		Action: func(ctx context.Context, cli *cli.Command) error {
-			return newAuthService().updateLdapBindDn(ctx, cli)
+		Action: func(c *cli.Context) error {
+			return newAuthService().updateLdapBindDn(c)
 		},
-		Flags: append([]cli.Flag{idFlag()}, ldapBindDnCLIFlags()...),
+		Flags: append([]cli.Flag{idFlag}, ldapBindDnCLIFlags...),
 	}
-}
 
-func microcmdAuthAddLdapSimpleAuth() *cli.Command {
-	return &cli.Command{
+	microcmdAuthAddLdapSimpleAuth = &cli.Command{
 		Name:  "add-ldap-simple",
 		Usage: "Add new LDAP (simple auth) authentication source",
-		Action: func(ctx context.Context, cli *cli.Command) error {
-			return newAuthService().addLdapSimpleAuth(ctx, cli)
+		Action: func(c *cli.Context) error {
+			return newAuthService().addLdapSimpleAuth(c)
 		},
-		Flags: ldapSimpleAuthCLIFlags(),
+		Flags: ldapSimpleAuthCLIFlags,
 	}
-}
 
-func microcmdAuthUpdateLdapSimpleAuth() *cli.Command {
-	return &cli.Command{
+	microcmdAuthUpdateLdapSimpleAuth = &cli.Command{
 		Name:  "update-ldap-simple",
 		Usage: "Update existing LDAP (simple auth) authentication source",
-		Action: func(ctx context.Context, cli *cli.Command) error {
-			return newAuthService().updateLdapSimpleAuth(ctx, cli)
+		Action: func(c *cli.Context) error {
+			return newAuthService().updateLdapSimpleAuth(c)
 		},
-		Flags: append([]cli.Flag{idFlag()}, ldapSimpleAuthCLIFlags()...),
+		Flags: append([]cli.Flag{idFlag}, ldapSimpleAuthCLIFlags...),
 	}
-}
+)
 
 // newAuthService creates a service with default functions.
 func newAuthService() *authService {
@@ -195,7 +183,7 @@ func newAuthService() *authService {
 }
 
 // parseAuthSource assigns values on authSource according to command line flags.
-func parseAuthSource(c *cli.Command, authSource *auth.Source) {
+func parseAuthSource(c *cli.Context, authSource *auth.Source) {
 	if c.IsSet("name") {
 		authSource.Name = c.String("name")
 	}
@@ -214,7 +202,7 @@ func parseAuthSource(c *cli.Command, authSource *auth.Source) {
 }
 
 // parseLdapConfig assigns values on config according to command line flags.
-func parseLdapConfig(c *cli.Command, config *ldap.Source) error {
+func parseLdapConfig(c *cli.Context, config *ldap.Source) error {
 	if c.IsSet("name") {
 		config.Name = c.String("name")
 	}
@@ -301,7 +289,7 @@ func findLdapSecurityProtocolByName(name string) (ldap.SecurityProtocol, bool) {
 
 // getAuthSource gets the login source by its id defined in the command line flags.
 // It returns an error if the id is not set, does not match any source or if the source is not of expected type.
-func (a *authService) getAuthSource(ctx context.Context, c *cli.Command, authType auth.Type) (*auth.Source, error) {
+func (a *authService) getAuthSource(ctx context.Context, c *cli.Context, authType auth.Type) (*auth.Source, error) {
 	if err := argsSet(c, "id"); err != nil {
 		return nil, err
 	}
@@ -319,12 +307,12 @@ func (a *authService) getAuthSource(ctx context.Context, c *cli.Command, authTyp
 }
 
 // addLdapBindDn adds a new LDAP via Bind DN authentication source.
-func (a *authService) addLdapBindDn(ctx context.Context, c *cli.Command) error {
+func (a *authService) addLdapBindDn(c *cli.Context) error {
 	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-search-base", "user-filter", "email-attribute"); err != nil {
 		return err
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := a.initDB(ctx); err != nil {
@@ -348,8 +336,8 @@ func (a *authService) addLdapBindDn(ctx context.Context, c *cli.Command) error {
 }
 
 // updateLdapBindDn updates a new LDAP via Bind DN authentication source.
-func (a *authService) updateLdapBindDn(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func (a *authService) updateLdapBindDn(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := a.initDB(ctx); err != nil {
@@ -370,12 +358,12 @@ func (a *authService) updateLdapBindDn(ctx context.Context, c *cli.Command) erro
 }
 
 // addLdapSimpleAuth adds a new LDAP (simple auth) authentication source.
-func (a *authService) addLdapSimpleAuth(ctx context.Context, c *cli.Command) error {
+func (a *authService) addLdapSimpleAuth(c *cli.Context) error {
 	if err := argsSet(c, "name", "security-protocol", "host", "port", "user-dn", "user-filter", "email-attribute"); err != nil {
 		return err
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := a.initDB(ctx); err != nil {
@@ -399,8 +387,8 @@ func (a *authService) addLdapSimpleAuth(ctx context.Context, c *cli.Command) err
 }
 
 // updateLdapSimpleAuth updates a new LDAP (simple auth) authentication source.
-func (a *authService) updateLdapSimpleAuth(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func (a *authService) updateLdapSimpleAuth(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := a.initDB(ctx); err != nil {

cmd/admin_auth_ldap_test.go

@@ -7,18 +7,19 @@ import (
 	"context"
 	"testing"
 
-	"forgejo.org/models/auth"
-	"forgejo.org/modules/test"
-	"forgejo.org/services/auth/source/ldap"
+	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/services/auth/source/ldap"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func TestAddLdapBindDn(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
+	osExiter := cli.OsExiter
+	defer func() { cli.OsExiter = osExiter }()
+	cli.OsExiter = func(code int) {}
 
 	// Test cases
 	cases := []struct {
@@ -215,22 +216,22 @@ func TestAddLdapBindDn(t *testing.T) {
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "should not call updateAuthSource", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call updateAuthSource", n)
 				return nil
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
-				assert.FailNow(t, "should not call getAuthSourceByID", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
 				return nil, nil
 			},
 		}
 
 		// Create a copy of command to test
-		app := cli.Command{}
-		app.Flags = microcmdAuthAddLdapBindDn().Flags
+		app := cli.NewApp()
+		app.Flags = microcmdAuthAddLdapBindDn.Flags
 		app.Action = service.addLdapBindDn
 
 		// Run it
-		err := app.Run(t.Context(), c.args)
+		err := app.Run(c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -242,7 +243,9 @@ func TestAddLdapBindDn(t *testing.T) {
 
 func TestAddLdapSimpleAuth(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
+	osExiter := cli.OsExiter
+	defer func() { cli.OsExiter = osExiter }()
+	cli.OsExiter = func(code int) {}
 
 	// Test cases
 	cases := []struct {
@@ -444,22 +447,22 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "should not call updateAuthSource", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call updateAuthSource", n)
 				return nil
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
-				assert.FailNow(t, "should not call getAuthSourceByID", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call getAuthSourceByID", n)
 				return nil, nil
 			},
 		}
 
 		// Create a copy of command to test
-		app := cli.Command{}
-		app.Flags = microcmdAuthAddLdapSimpleAuth().Flags
+		app := cli.NewApp()
+		app.Flags = microcmdAuthAddLdapSimpleAuth.Flags
 		app.Action = service.addLdapSimpleAuth
 
 		// Run it
-		err := app.Run(t.Context(), c.args)
+		err := app.Run(c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -471,7 +474,9 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 
 func TestUpdateLdapBindDn(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
+	osExiter := cli.OsExiter
+	defer func() { cli.OsExiter = osExiter }()
+	cli.OsExiter = func(code int) {}
 
 	// Test cases
 	cases := []struct {
@@ -893,7 +898,7 @@ func TestUpdateLdapBindDn(t *testing.T) {
 				return nil
 			},
 			createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "should not call createAuthSource", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call createAuthSource", n)
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
@@ -915,12 +920,12 @@ func TestUpdateLdapBindDn(t *testing.T) {
 		}
 
 		// Create a copy of command to test
-		app := cli.Command{}
-		app.Flags = microcmdAuthUpdateLdapBindDn().Flags
+		app := cli.NewApp()
+		app.Flags = microcmdAuthUpdateLdapBindDn.Flags
 		app.Action = service.updateLdapBindDn
 
 		// Run it
-		err := app.Run(t.Context(), c.args)
+		err := app.Run(c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {
@@ -932,7 +937,9 @@ func TestUpdateLdapBindDn(t *testing.T) {
 
 func TestUpdateLdapSimpleAuth(t *testing.T) {
 	// Mock cli functions to do not exit on error
-	defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
+	osExiter := cli.OsExiter
+	defer func() { cli.OsExiter = osExiter }()
+	cli.OsExiter = func(code int) {}
 
 	// Test cases
 	cases := []struct {
@@ -1281,7 +1288,7 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 				return nil
 			},
 			createAuthSource: func(ctx context.Context, authSource *auth.Source) error {
-				assert.FailNow(t, "should not call createAuthSource", "case: %d", n)
+				assert.FailNow(t, "case %d: should not call createAuthSource", n)
 				return nil
 			},
 			updateAuthSource: func(ctx context.Context, authSource *auth.Source) error {
@@ -1303,12 +1310,12 @@ func TestUpdateLdapSimpleAuth(t *testing.T) {
 		}
 
 		// Create a copy of command to test
-		app := cli.Command{}
-		app.Flags = microcmdAuthUpdateLdapSimpleAuth().Flags
+		app := cli.NewApp()
+		app.Flags = microcmdAuthUpdateLdapSimpleAuth.Flags
 		app.Action = service.updateLdapSimpleAuth
 
 		// Run it
-		err := app.Run(t.Context(), c.args)
+		err := app.Run(c.args)
 		if c.errMsg != "" {
 			assert.EqualError(t, err, c.errMsg, "case %d: error should match", n)
 		} else {

cmd/admin_auth_oauth.go

@@ -4,19 +4,18 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"net/url"
 
-	auth_model "forgejo.org/models/auth"
-	"forgejo.org/services/auth/source/oauth2"
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/services/auth/source/oauth2"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func oauthCLIFlags() []cli.Flag {
-	return []cli.Flag{
+var (
+	oauthCLIFlags = []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Value: "",
@@ -121,27 +120,23 @@ func oauthCLIFlags() []cli.Flag {
 			Usage: "Activate automatic team membership removal depending on groups",
 		},
 	}
-}
 
-func microcmdAuthAddOauth() *cli.Command {
-	return &cli.Command{
+	microcmdAuthAddOauth = &cli.Command{
 		Name:   "add-oauth",
 		Usage:  "Add new Oauth authentication source",
 		Action: runAddOauth,
-		Flags:  oauthCLIFlags(),
+		Flags:  oauthCLIFlags,
 	}
-}
 
-func microcmdAuthUpdateOauth() *cli.Command {
-	return &cli.Command{
+	microcmdAuthUpdateOauth = &cli.Command{
 		Name:   "update-oauth",
 		Usage:  "Update existing Oauth authentication source",
 		Action: runUpdateOauth,
-		Flags:  append(oauthCLIFlags()[:1], append([]cli.Flag{idFlag()}, oauthCLIFlags()[1:]...)...),
+		Flags:  append(oauthCLIFlags[:1], append([]cli.Flag{idFlag}, oauthCLIFlags[1:]...)...),
 	}
-}
+)
 
-func parseOAuth2Config(_ context.Context, c *cli.Command) *oauth2.Source {
+func parseOAuth2Config(c *cli.Context) *oauth2.Source {
 	var customURLMapping *oauth2.CustomURLMapping
 	if c.IsSet("use-custom-urls") {
 		customURLMapping = &oauth2.CustomURLMapping{
@@ -173,15 +168,15 @@ func parseOAuth2Config(_ context.Context, c *cli.Command) *oauth2.Source {
 	}
 }
 
-func runAddOauth(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runAddOauth(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
 		return err
 	}
 
-	config := parseOAuth2Config(ctx, c)
+	config := parseOAuth2Config(c)
 	if config.Provider == "openidConnect" {
 		discoveryURL, err := url.Parse(config.OpenIDConnectAutoDiscoveryURL)
 		if err != nil || (discoveryURL.Scheme != "http" && discoveryURL.Scheme != "https") {
@@ -197,12 +192,12 @@ func runAddOauth(ctx context.Context, c *cli.Command) error {
 	})
 }
 
-func runUpdateOauth(ctx context.Context, c *cli.Command) error {
+func runUpdateOauth(c *cli.Context) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_auth_stmp.go

@@ -4,19 +4,18 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"strings"
 
-	auth_model "forgejo.org/models/auth"
-	"forgejo.org/modules/util"
-	"forgejo.org/services/auth/source/smtp"
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/auth/source/smtp"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func smtpCLIFlags() []cli.Flag {
-	return []cli.Flag{
+var (
+	smtpCLIFlags = []cli.Flag{
 		&cli.StringFlag{
 			Name:  "name",
 			Value: "",
@@ -72,27 +71,23 @@ func smtpCLIFlags() []cli.Flag {
 			Value: true,
 		},
 	}
-}
 
-func microcmdAuthAddSMTP() *cli.Command {
-	return &cli.Command{
+	microcmdAuthAddSMTP = &cli.Command{
 		Name:   "add-smtp",
 		Usage:  "Add new SMTP authentication source",
 		Action: runAddSMTP,
-		Flags:  smtpCLIFlags(),
+		Flags:  smtpCLIFlags,
 	}
-}
 
-func microcmdAuthUpdateSMTP() *cli.Command {
-	return &cli.Command{
+	microcmdAuthUpdateSMTP = &cli.Command{
 		Name:   "update-smtp",
 		Usage:  "Update existing SMTP authentication source",
 		Action: runUpdateSMTP,
-		Flags:  append(smtpCLIFlags()[:1], append([]cli.Flag{idFlag()}, smtpCLIFlags()[1:]...)...),
+		Flags:  append(smtpCLIFlags[:1], append([]cli.Flag{idFlag}, smtpCLIFlags[1:]...)...),
 	}
-}
+)
 
-func parseSMTPConfig(c *cli.Command, conf *smtp.Source) error {
+func parseSMTPConfig(c *cli.Context, conf *smtp.Source) error {
 	if c.IsSet("auth-type") {
 		conf.Auth = c.String("auth-type")
 		validAuthTypes := []string{"PLAIN", "LOGIN", "CRAM-MD5"}
@@ -128,8 +123,8 @@ func parseSMTPConfig(c *cli.Command, conf *smtp.Source) error {
 	return nil
 }
 
-func runAddSMTP(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runAddSMTP(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -168,12 +163,12 @@ func runAddSMTP(ctx context.Context, c *cli.Command) error {
 	})
 }
 
-func runUpdateSMTP(ctx context.Context, c *cli.Command) error {
+func runUpdateSMTP(c *cli.Context) error {
 	if !c.IsSet("id") {
 		return errors.New("--id flag is missing")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_regenerate.go

@@ -4,13 +4,11 @@
 package cmd
 
 import (
-	"context"
+	asymkey_model "code.gitea.io/gitea/models/asymkey"
+	"code.gitea.io/gitea/modules/graceful"
+	repo_service "code.gitea.io/gitea/services/repository"
 
-	asymkey_model "forgejo.org/models/asymkey"
-	"forgejo.org/modules/graceful"
-	repo_service "forgejo.org/services/repository"
-
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 var (
@@ -27,8 +25,8 @@ var (
 	}
 )
 
-func runRegenerateHooks(ctx context.Context, _ *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRegenerateHooks(_ *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -37,8 +35,8 @@ func runRegenerateHooks(ctx context.Context, _ *cli.Command) error {
 	return repo_service.SyncRepositoryHooks(graceful.GetManager().ShutdownContext())
 }
 
-func runRegenerateKeys(ctx context.Context, _ *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRegenerateKeys(_ *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_user.go

@@ -4,20 +4,18 @@
 package cmd
 
 import (
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func subcmdUser() *cli.Command {
-	return &cli.Command{
-		Name:  "user",
-		Usage: "Modify users",
-		Commands: []*cli.Command{
-			microcmdUserCreate(),
-			microcmdUserList(),
-			microcmdUserChangePassword(),
-			microcmdUserDelete(),
-			microcmdUserGenerateAccessToken(),
-			microcmdUserMustChangePassword(),
-		},
-	}
+var subcmdUser = &cli.Command{
+	Name:  "user",
+	Usage: "Modify users",
+	Subcommands: []*cli.Command{
+		microcmdUserCreate,
+		microcmdUserList,
+		microcmdUserChangePassword,
+		microcmdUserDelete,
+		microcmdUserGenerateAccessToken,
+		microcmdUserMustChangePassword,
+	},
 }

cmd/admin_user_change_password.go

@@ -4,52 +4,49 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 
-	user_model "forgejo.org/models/user"
-	"forgejo.org/modules/auth/password"
-	"forgejo.org/modules/optional"
-	"forgejo.org/modules/setting"
-	user_service "forgejo.org/services/user"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/auth/password"
+	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/setting"
+	user_service "code.gitea.io/gitea/services/user"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserChangePassword() *cli.Command {
-	return &cli.Command{
-		Name:   "change-password",
-		Usage:  "Change a user's password",
-		Action: runChangePassword,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "username",
-				Aliases: []string{"u"},
-				Value:   "",
-				Usage:   "The user to change password for",
-			},
-			&cli.StringFlag{
-				Name:    "password",
-				Aliases: []string{"p"},
-				Value:   "",
-				Usage:   "New password to set for user",
-			},
-			&cli.BoolFlag{
-				Name:  "must-change-password",
-				Usage: "User must change password",
-				Value: true,
-			},
+var microcmdUserChangePassword = &cli.Command{
+	Name:   "change-password",
+	Usage:  "Change a user's password",
+	Action: runChangePassword,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"u"},
+			Value:   "",
+			Usage:   "The user to change password for",
 		},
-	}
+		&cli.StringFlag{
+			Name:    "password",
+			Aliases: []string{"p"},
+			Value:   "",
+			Usage:   "New password to set for user",
+		},
+		&cli.BoolFlag{
+			Name:  "must-change-password",
+			Usage: "User must change password",
+			Value: true,
+		},
+	},
 }
 
-func runChangePassword(ctx context.Context, c *cli.Command) error {
+func runChangePassword(c *cli.Context) error {
 	if err := argsSet(c, "username", "password"); err != nil {
 		return err
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_user_create.go

@@ -4,92 +4,71 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
-	"strings"
 
-	auth_model "forgejo.org/models/auth"
-	"forgejo.org/models/db"
-	user_model "forgejo.org/models/user"
-	pwd "forgejo.org/modules/auth/password"
-	"forgejo.org/modules/optional"
-	"forgejo.org/modules/setting"
+	auth_model "code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/models/db"
+	user_model "code.gitea.io/gitea/models/user"
+	pwd "code.gitea.io/gitea/modules/auth/password"
+	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserCreate() *cli.Command {
-	return &cli.Command{
-		Name:   "create",
-		Usage:  "Create a new user in database",
-		Action: runCreateUser,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:  "name",
-				Usage: "Username. DEPRECATED: use username instead",
-			},
-			&cli.StringFlag{
-				Name:  "username",
-				Usage: "Username",
-			},
-			&cli.StringFlag{
-				Name:  "password",
-				Usage: "User password",
-			},
-			&cli.StringFlag{
-				Name:  "email",
-				Usage: "User email address",
-			},
-			&cli.BoolFlag{
-				Name:  "admin",
-				Usage: "User is an admin",
-			},
-			&cli.BoolFlag{
-				Name:  "random-password",
-				Usage: "Generate a random password for the user",
-			},
-			&cli.BoolFlag{
-				Name:  "must-change-password",
-				Usage: "Set this option to false to prevent forcing the user to change their password after initial login",
-				Value: true,
-			},
-			&cli.IntFlag{
-				Name:  "random-password-length",
-				Usage: "Length of the random password to be generated",
-				Value: 12,
-			},
-			&cli.BoolFlag{
-				Name:  "access-token",
-				Usage: "Generate access token for the user",
-			},
-			&cli.StringFlag{
-				Name:  "access-token-name",
-				Usage: `Name of the generated access token`,
-				Value: "gitea-admin",
-			},
-			&cli.StringFlag{
-				Name:  "access-token-scopes",
-				Usage: `Scopes of the generated access token, comma separated. Examples: "all", "public-only,read:issue", "write:repository,write:user"`,
-				Value: "all",
-			},
-			&cli.BoolFlag{
-				Name:  "restricted",
-				Usage: "Make a restricted user account",
-			},
-			&cli.StringFlag{
-				Name:  "fullname",
-				Usage: `The full, human-readable name of the user`,
-			},
+var microcmdUserCreate = &cli.Command{
+	Name:   "create",
+	Usage:  "Create a new user in database",
+	Action: runCreateUser,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:  "name",
+			Usage: "Username. DEPRECATED: use username instead",
 		},
-	}
+		&cli.StringFlag{
+			Name:  "username",
+			Usage: "Username",
+		},
+		&cli.StringFlag{
+			Name:  "password",
+			Usage: "User password",
+		},
+		&cli.StringFlag{
+			Name:  "email",
+			Usage: "User email address",
+		},
+		&cli.BoolFlag{
+			Name:  "admin",
+			Usage: "User is an admin",
+		},
+		&cli.BoolFlag{
+			Name:  "random-password",
+			Usage: "Generate a random password for the user",
+		},
+		&cli.BoolFlag{
+			Name:               "must-change-password",
+			Usage:              "Set this option to false to prevent forcing the user to change their password after initial login",
+			Value:              true,
+			DisableDefaultText: true,
+		},
+		&cli.IntFlag{
+			Name:  "random-password-length",
+			Usage: "Length of the random password to be generated",
+			Value: 12,
+		},
+		&cli.BoolFlag{
+			Name:  "access-token",
+			Usage: "Generate access token for the user",
+		},
+		&cli.BoolFlag{
+			Name:  "restricted",
+			Usage: "Make a restricted user account",
+		},
+	},
 }
 
-func runCreateUser(ctx context.Context, c *cli.Command) error {
-	// this command highly depends on the many setting options (create org, visibility, etc.), so it must have a full setting load first
-	// duplicate setting loading should be safe at the moment, but it should be refactored & improved in the future.
-	setting.LoadSettings()
-
+func runCreateUser(c *cli.Context) error {
 	if err := argsSet(c, "email"); err != nil {
 		return err
 	}
@@ -110,10 +89,10 @@ func runCreateUser(ctx context.Context, c *cli.Command) error {
 		username = c.String("username")
 	} else {
 		username = c.String("name")
-		_, _ = fmt.Fprint(c.Root().ErrWriter, "--name flag is deprecated. Use --username instead.\n")
+		_, _ = fmt.Fprintf(c.App.ErrWriter, "--name flag is deprecated. Use --username instead.\n")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -167,7 +146,6 @@ func runCreateUser(ctx context.Context, c *cli.Command) error {
 		IsAdmin:            isAdmin,
 		MustChangePassword: mustChangePassword,
 		Visibility:         visibility,
-		FullName:           c.String("fullname"),
 	}
 
 	overwriteDefault := &user_model.CreateUserOverwriteOptions{
@@ -175,40 +153,23 @@ func runCreateUser(ctx context.Context, c *cli.Command) error {
 		IsRestricted: restricted,
 	}
 
-	var accessTokenName string
-	var accessTokenScope auth_model.AccessTokenScope
-	if c.IsSet("access-token") {
-		accessTokenName = strings.TrimSpace(c.String("access-token-name"))
-		if accessTokenName == "" {
-			return errors.New("access-token-name cannot be empty")
-		}
-		var err error
-		accessTokenScope, err = auth_model.AccessTokenScope(c.String("access-token-scopes")).Normalize()
-		if err != nil {
-			return fmt.Errorf("invalid access token scope provided: %w", err)
-		}
-		if !accessTokenScope.HasPermissionScope() {
-			return errors.New("access token does not have any permission")
-		}
-	} else if c.IsSet("access-token-name") || c.IsSet("access-token-scopes") {
-		return errors.New("access-token-name and access-token-scopes flags are only valid when access-token flag is set")
-	}
-
-	// arguments should be prepared before creating the user & access token, in case there is anything wrong
-
-	// create the user
 	if err := user_model.CreateUser(ctx, u, overwriteDefault); err != nil {
 		return fmt.Errorf("CreateUser: %w", err)
 	}
-	fmt.Printf("New user '%s' has been successfully created!\n", username)
 
-	// create the access token
-	if accessTokenScope != "" {
-		t := &auth_model.AccessToken{Name: accessTokenName, UID: u.ID, Scope: accessTokenScope}
+	if c.Bool("access-token") {
+		t := &auth_model.AccessToken{
+			Name: "gitea-admin",
+			UID:  u.ID,
+		}
+
 		if err := auth_model.NewAccessToken(ctx, t); err != nil {
 			return err
 		}
+
 		fmt.Printf("Access token was successfully created... %s\n", t.Token)
 	}
+
+	fmt.Printf("New user '%s' has been successfully created!\n", username)
 	return nil
 }

cmd/admin_user_delete.go

@@ -4,52 +4,49 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"strings"
 
-	user_model "forgejo.org/models/user"
-	"forgejo.org/modules/storage"
-	user_service "forgejo.org/services/user"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/storage"
+	user_service "code.gitea.io/gitea/services/user"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserDelete() *cli.Command {
-	return &cli.Command{
-		Name:  "delete",
-		Usage: "Delete specific user by id, name or email",
-		Flags: []cli.Flag{
-			&cli.Int64Flag{
-				Name:  "id",
-				Usage: "ID of user of the user to delete",
-			},
-			&cli.StringFlag{
-				Name:    "username",
-				Aliases: []string{"u"},
-				Usage:   "Username of the user to delete",
-			},
-			&cli.StringFlag{
-				Name:    "email",
-				Aliases: []string{"e"},
-				Usage:   "Email of the user to delete",
-			},
-			&cli.BoolFlag{
-				Name:  "purge",
-				Usage: "Purge user, all their repositories, organizations and comments",
-			},
+var microcmdUserDelete = &cli.Command{
+	Name:  "delete",
+	Usage: "Delete specific user by id, name or email",
+	Flags: []cli.Flag{
+		&cli.Int64Flag{
+			Name:  "id",
+			Usage: "ID of user of the user to delete",
 		},
-		Action: runDeleteUser,
-	}
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"u"},
+			Usage:   "Username of the user to delete",
+		},
+		&cli.StringFlag{
+			Name:    "email",
+			Aliases: []string{"e"},
+			Usage:   "Email of the user to delete",
+		},
+		&cli.BoolFlag{
+			Name:  "purge",
+			Usage: "Purge user, all their repositories, organizations and comments",
+		},
+	},
+	Action: runDeleteUser,
 }
 
-func runDeleteUser(ctx context.Context, c *cli.Command) error {
+func runDeleteUser(c *cli.Context) error {
 	if !c.IsSet("id") && !c.IsSet("username") && !c.IsSet("email") {
 		return errors.New("You must provide the id, username or email of a user to delete")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {

cmd/admin_user_generate_access_token.go

@@ -4,52 +4,49 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 
-	auth_model "forgejo.org/models/auth"
-	user_model "forgejo.org/models/user"
+	auth_model "code.gitea.io/gitea/models/auth"
+	user_model "code.gitea.io/gitea/models/user"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserGenerateAccessToken() *cli.Command {
-	return &cli.Command{
-		Name:  "generate-access-token",
-		Usage: "Generate an access token for a specific user",
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "username",
-				Aliases: []string{"u"},
-				Usage:   "Username",
-			},
-			&cli.StringFlag{
-				Name:    "token-name",
-				Aliases: []string{"t"},
-				Usage:   "Token name",
-				Value:   "gitea-admin",
-			},
-			&cli.BoolFlag{
-				Name:  "raw",
-				Usage: "Display only the token value",
-			},
-			&cli.StringFlag{
-				Name:  "scopes",
-				Value: "all",
-				Usage: `Comma separated list of scopes to apply to access token, examples: "all", "public-only,read:issue", "write:repository,write:user"`,
-			},
+var microcmdUserGenerateAccessToken = &cli.Command{
+	Name:  "generate-access-token",
+	Usage: "Generate an access token for a specific user",
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"u"},
+			Usage:   "Username",
 		},
-		Action: runGenerateAccessToken,
-	}
+		&cli.StringFlag{
+			Name:    "token-name",
+			Aliases: []string{"t"},
+			Usage:   "Token name",
+			Value:   "gitea-admin",
+		},
+		&cli.BoolFlag{
+			Name:  "raw",
+			Usage: "Display only the token value",
+		},
+		&cli.StringFlag{
+			Name:  "scopes",
+			Value: "",
+			Usage: "Comma separated list of scopes to apply to access token",
+		},
+	},
+	Action: runGenerateAccessToken,
 }
 
-func runGenerateAccessToken(ctx context.Context, c *cli.Command) error {
+func runGenerateAccessToken(c *cli.Context) error {
 	if !c.IsSet("username") {
-		return errors.New("you must provide a username to generate a token for")
+		return errors.New("You must provide a username to generate a token for")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -80,9 +77,6 @@ func runGenerateAccessToken(ctx context.Context, c *cli.Command) error {
 	if err != nil {
 		return fmt.Errorf("invalid access token scope provided: %w", err)
 	}
-	if !accessTokenScope.HasPermissionScope() {
-		return errors.New("access token does not have any permission")
-	}
 	t.Scope = accessTokenScope
 
 	// create the token

cmd/admin_user_list.go

@@ -4,32 +4,29 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 	"os"
 	"text/tabwriter"
 
-	user_model "forgejo.org/models/user"
+	user_model "code.gitea.io/gitea/models/user"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserList() *cli.Command {
-	return &cli.Command{
-		Name:   "list",
-		Usage:  "List users",
-		Action: runListUsers,
-		Flags: []cli.Flag{
-			&cli.BoolFlag{
-				Name:  "admin",
-				Usage: "List only admin users",
-			},
+var microcmdUserList = &cli.Command{
+	Name:   "list",
+	Usage:  "List users",
+	Action: runListUsers,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:  "admin",
+			Usage: "List only admin users",
 		},
-	}
+	},
 }
 
-func runListUsers(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runListUsers(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(ctx); err != nil {
@@ -44,7 +41,7 @@ func runListUsers(ctx context.Context, c *cli.Command) error {
 	w := tabwriter.NewWriter(os.Stdout, 5, 0, 1, ' ', 0)
 
 	if c.IsSet("admin") {
-		fmt.Fprint(w, "ID\tUsername\tEmail\tIsActive\n")
+		fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\n")
 		for _, u := range users {
 			if u.IsAdmin {
 				fmt.Fprintf(w, "%d\t%s\t%s\t%t\n", u.ID, u.Name, u.Email, u.IsActive)
@@ -52,7 +49,7 @@ func runListUsers(ctx context.Context, c *cli.Command) error {
 		}
 	} else {
 		twofa := user_model.UserList(users).GetTwoFaStatus(ctx)
-		fmt.Fprint(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\t2FA\n")
+		fmt.Fprintf(w, "ID\tUsername\tEmail\tIsActive\tIsAdmin\t2FA\n")
 		for _, u := range users {
 			fmt.Fprintf(w, "%d\t%s\t%s\t%t\t%t\t%t\n", u.ID, u.Name, u.Email, u.IsActive, u.IsAdmin, twofa[u.ID])
 		}

cmd/admin_user_must_change_password.go

@@ -4,41 +4,38 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 
-	user_model "forgejo.org/models/user"
+	user_model "code.gitea.io/gitea/models/user"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func microcmdUserMustChangePassword() *cli.Command {
-	return &cli.Command{
-		Name:   "must-change-password",
-		Usage:  "Set the must change password flag for the provided users or all users",
-		Action: runMustChangePassword,
-		Flags: []cli.Flag{
-			&cli.BoolFlag{
-				Name:    "all",
-				Aliases: []string{"A"},
-				Usage:   "All users must change password, except those explicitly excluded with --exclude",
-			},
-			&cli.StringSliceFlag{
-				Name:    "exclude",
-				Aliases: []string{"e"},
-				Usage:   "Do not change the must-change-password flag for these users",
-			},
-			&cli.BoolFlag{
-				Name:  "unset",
-				Usage: "Instead of setting the must-change-password flag, unset it",
-			},
+var microcmdUserMustChangePassword = &cli.Command{
+	Name:   "must-change-password",
+	Usage:  "Set the must change password flag for the provided users or all users",
+	Action: runMustChangePassword,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:    "all",
+			Aliases: []string{"A"},
+			Usage:   "All users must change password, except those explicitly excluded with --exclude",
 		},
-	}
+		&cli.StringSliceFlag{
+			Name:    "exclude",
+			Aliases: []string{"e"},
+			Usage:   "Do not change the must-change-password flag for these users",
+		},
+		&cli.BoolFlag{
+			Name:  "unset",
+			Usage: "Instead of setting the must-change-password flag, unset it",
+		},
+	},
 }
 
-func runMustChangePassword(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runMustChangePassword(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if c.NArg() == 0 && !c.IsSet("all") {

cmd/cert.go

@@ -6,7 +6,6 @@
 package cmd
 
 import (
-	"context"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
@@ -21,49 +20,47 @@ import (
 	"strings"
 	"time"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdCert represents the available cert sub-command.
-func cmdCert() *cli.Command {
-	return &cli.Command{
-		Name:  "cert",
-		Usage: "Generate self-signed certificate",
-		Description: `Generate a self-signed X.509 certificate for a TLS server.
+var CmdCert = &cli.Command{
+	Name:  "cert",
+	Usage: "Generate self-signed certificate",
+	Description: `Generate a self-signed X.509 certificate for a TLS server.
 Outputs to 'cert.pem' and 'key.pem' and will overwrite existing files.`,
-		Action: runCert,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:  "host",
-				Value: "",
-				Usage: "Comma-separated hostnames and IPs to generate a certificate for",
-			},
-			&cli.StringFlag{
-				Name:  "ecdsa-curve",
-				Value: "",
-				Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521",
-			},
-			&cli.IntFlag{
-				Name:  "rsa-bits",
-				Value: 3072,
-				Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set",
-			},
-			&cli.StringFlag{
-				Name:  "start-date",
-				Value: "",
-				Usage: "Creation date formatted as Jan 1 15:04:05 2011",
-			},
-			&cli.DurationFlag{
-				Name:  "duration",
-				Value: 365 * 24 * time.Hour,
-				Usage: "Duration that certificate is valid for",
-			},
-			&cli.BoolFlag{
-				Name:  "ca",
-				Usage: "whether this cert should be its own Certificate Authority",
-			},
+	Action: runCert,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:  "host",
+			Value: "",
+			Usage: "Comma-separated hostnames and IPs to generate a certificate for",
 		},
-	}
+		&cli.StringFlag{
+			Name:  "ecdsa-curve",
+			Value: "",
+			Usage: "ECDSA curve to use to generate a key. Valid values are P224, P256, P384, P521",
+		},
+		&cli.IntFlag{
+			Name:  "rsa-bits",
+			Value: 3072,
+			Usage: "Size of RSA key to generate. Ignored if --ecdsa-curve is set",
+		},
+		&cli.StringFlag{
+			Name:  "start-date",
+			Value: "",
+			Usage: "Creation date formatted as Jan 1 15:04:05 2011",
+		},
+		&cli.DurationFlag{
+			Name:  "duration",
+			Value: 365 * 24 * time.Hour,
+			Usage: "Duration that certificate is valid for",
+		},
+		&cli.BoolFlag{
+			Name:  "ca",
+			Usage: "whether this cert should be its own Certificate Authority",
+		},
+	},
 }
 
 func publicKey(priv any) any {
@@ -92,7 +89,7 @@ func pemBlockForKey(priv any) *pem.Block {
 	}
 }
 
-func runCert(ctx context.Context, c *cli.Command) error {
+func runCert(c *cli.Context) error {
 	if err := argsSet(c, "host"); err != nil {
 		return err
 	}

cmd/cmd.go

@@ -15,26 +15,24 @@ import (
 	"strings"
 	"syscall"
 
-	"forgejo.org/models/db"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // argsSet checks that all the required arguments are set. args is a list of
 // arguments that must be set in the passed Context.
-func argsSet(c *cli.Command, args ...string) error {
+func argsSet(c *cli.Context, args ...string) error {
 	for _, a := range args {
 		if !c.IsSet(a) {
 			return errors.New(a + " is not set")
 		}
 
-		if s, ok := c.Value(a).(string); ok {
-			if util.IsEmptyString(s) {
-				return errors.New(a + " is required")
-			}
+		if util.IsEmptyString(c.String(a)) {
+			return errors.New(a + " is required")
 		}
 	}
 	return nil
@@ -75,8 +73,8 @@ If this is the intended configuration file complete the [database] section.`, se
 	return nil
 }
 
-func installSignals(ctx context.Context) (context.Context, context.CancelFunc) {
-	ctx, cancel := context.WithCancel(ctx)
+func installSignals() (context.Context, context.CancelFunc) {
+	ctx, cancel := context.WithCancel(context.Background())
 	go func() {
 		// install notify
 		signalChannel := make(chan os.Signal, 1)
@@ -111,7 +109,7 @@ func setupConsoleLogger(level log.Level, colorize bool, out io.Writer) {
 	log.GetManager().GetLogger(log.DEFAULT).ReplaceAllWriters(writer)
 }
 
-func globalBool(c *cli.Command, name string) bool {
+func globalBool(c *cli.Context, name string) bool {
 	for _, ctx := range c.Lineage() {
 		if ctx.Bool(name) {
 			return true
@@ -122,16 +120,16 @@ func globalBool(c *cli.Command, name string) bool {
 
 // PrepareConsoleLoggerLevel by default, use INFO level for console logger, but some sub-commands (for git/ssh protocol) shouldn't output any log to stdout.
 // Any log appears in git stdout pipe will break the git protocol, eg: client can't push and hangs forever.
-func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(ctx context.Context, cli *cli.Command) (context.Context, error) {
-	return func(ctx context.Context, cli *cli.Command) (context.Context, error) {
+func PrepareConsoleLoggerLevel(defaultLevel log.Level) func(*cli.Context) error {
+	return func(c *cli.Context) error {
 		level := defaultLevel
-		if globalBool(cli, "quiet") {
+		if globalBool(c, "quiet") {
 			level = log.FATAL
 		}
-		if globalBool(cli, "debug") || globalBool(cli, "verbose") {
+		if globalBool(c, "debug") || globalBool(c, "verbose") {
 			level = log.TRACE
 		}
 		log.SetConsoleLogger(log.DEFAULT, "console-default", level)
-		return ctx, nil
+		return nil
 	}
 }

cmd/docs.go

@@ -0,0 +1,65 @@
+// Copyright 2020 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/urfave/cli/v2"
+)
+
+// CmdDocs represents the available docs sub-command.
+var CmdDocs = &cli.Command{
+	Name:        "docs",
+	Usage:       "Output CLI documentation",
+	Description: "A command to output Forgejo's CLI documentation, optionally to a file.",
+	Action:      runDocs,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:  "man",
+			Usage: "Output man pages instead",
+		},
+		&cli.StringFlag{
+			Name:    "output",
+			Aliases: []string{"o"},
+			Usage:   "Path to output to instead of stdout (will overwrite if exists)",
+		},
+	},
+}
+
+func runDocs(ctx *cli.Context) error {
+	docs, err := ctx.App.ToMarkdown()
+	if ctx.Bool("man") {
+		docs, err = ctx.App.ToMan()
+	}
+	if err != nil {
+		return err
+	}
+
+	if !ctx.Bool("man") {
+		// Clean up markdown. The following bug was fixed in v2, but is present in v1.
+		// It affects markdown output (even though the issue is referring to man pages)
+		// https://github.com/urfave/cli/issues/1040
+		firstHashtagIndex := strings.Index(docs, "#")
+
+		if firstHashtagIndex > 0 {
+			docs = docs[firstHashtagIndex:]
+		}
+	}
+
+	out := os.Stdout
+	if ctx.String("output") != "" {
+		fi, err := os.Create(ctx.String("output"))
+		if err != nil {
+			return err
+		}
+		defer fi.Close()
+		out = fi
+	}
+
+	_, err = fmt.Fprintln(out, docs)
+	return err
+}

cmd/doctor.go

@@ -4,7 +4,6 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 	golog "log"
 	"os"
@@ -12,94 +11,89 @@ import (
 	"strings"
 	"text/tabwriter"
 
-	"forgejo.org/models/db"
-	"forgejo.org/models/migrations"
-	migrate_base "forgejo.org/models/migrations/base"
-	"forgejo.org/modules/container"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
-	"forgejo.org/services/doctor"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/migrations"
+	migrate_base "code.gitea.io/gitea/models/migrations/base"
+	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/services/doctor"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
+	"xorm.io/xorm"
 )
 
 // CmdDoctor represents the available doctor sub-command.
-func cmdDoctor() *cli.Command {
-	return &cli.Command{
-		Name:        "doctor",
-		Usage:       "Diagnose and optionally fix problems, convert or re-create database tables",
-		Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.",
+var CmdDoctor = &cli.Command{
+	Name:        "doctor",
+	Usage:       "Diagnose and optionally fix problems, convert or re-create database tables",
+	Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.",
 
-		Commands: []*cli.Command{
-			cmdDoctorCheck(),
-			cmdRecreateTable(),
-			cmdDoctorConvert(),
-		},
-	}
+	Subcommands: []*cli.Command{
+		cmdDoctorCheck,
+		cmdRecreateTable,
+		cmdDoctorConvert,
+	},
 }
 
-func cmdDoctorCheck() *cli.Command {
-	return &cli.Command{
-		Name:        "check",
-		Usage:       "Diagnose and optionally fix problems",
-		Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.",
-		Action:      runDoctorCheck,
-		Flags: []cli.Flag{
-			&cli.BoolFlag{
-				Name:  "list",
-				Usage: "List the available checks",
-			},
-			&cli.BoolFlag{
-				Name:  "default",
-				Usage: "Run the default checks (if neither --run or --all is set, this is the default behaviour)",
-			},
-			&cli.StringSliceFlag{
-				Name:  "run",
-				Usage: "Run the provided checks - (if --default is set, the default checks will also run)",
-			},
-			&cli.BoolFlag{
-				Name:  "all",
-				Usage: "Run all the available checks",
-			},
-			&cli.BoolFlag{
-				Name:  "fix",
-				Usage: "Automatically fix what we can",
-			},
-			&cli.StringFlag{
-				Name:  "log-file",
-				Usage: `Name of the log file (no verbose log output by default). Set to "-" to output to stdout`,
-			},
-			&cli.BoolFlag{
-				Name:    "color",
-				Aliases: []string{"H"},
-				Usage:   "Use color for outputted information",
-			},
+var cmdDoctorCheck = &cli.Command{
+	Name:        "check",
+	Usage:       "Diagnose and optionally fix problems",
+	Description: "A command to diagnose problems with the current Forgejo instance according to the given configuration. Some problems can optionally be fixed by modifying the database or data storage.",
+	Action:      runDoctorCheck,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:  "list",
+			Usage: "List the available checks",
 		},
-	}
+		&cli.BoolFlag{
+			Name:  "default",
+			Usage: "Run the default checks (if neither --run or --all is set, this is the default behaviour)",
+		},
+		&cli.StringSliceFlag{
+			Name:  "run",
+			Usage: "Run the provided checks - (if --default is set, the default checks will also run)",
+		},
+		&cli.BoolFlag{
+			Name:  "all",
+			Usage: "Run all the available checks",
+		},
+		&cli.BoolFlag{
+			Name:  "fix",
+			Usage: "Automatically fix what we can",
+		},
+		&cli.StringFlag{
+			Name:  "log-file",
+			Usage: `Name of the log file (no verbose log output by default). Set to "-" to output to stdout`,
+		},
+		&cli.BoolFlag{
+			Name:    "color",
+			Aliases: []string{"H"},
+			Usage:   "Use color for outputted information",
+		},
+	},
 }
 
-func cmdRecreateTable() *cli.Command {
-	return &cli.Command{
-		Name:      "recreate-table",
-		Usage:     "Recreate tables from XORM definitions and copy the data.",
-		ArgsUsage: "[TABLE]... : (TABLEs to recreate - leave blank for all)",
-		Flags: []cli.Flag{
-			&cli.BoolFlag{
-				Name:  "debug",
-				Usage: "Print SQL commands sent",
-			},
+var cmdRecreateTable = &cli.Command{
+	Name:      "recreate-table",
+	Usage:     "Recreate tables from XORM definitions and copy the data.",
+	ArgsUsage: "[TABLE]... : (TABLEs to recreate - leave blank for all)",
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name:  "debug",
+			Usage: "Print SQL commands sent",
 		},
-		Description: `The database definitions Forgejo uses change across versions, sometimes changing default values and leaving old unused columns.
+	},
+	Description: `The database definitions Forgejo uses change across versions, sometimes changing default values and leaving old unused columns.
 
 This command will cause Xorm to recreate tables, copying over the data and deleting the old table.
 
 You should back-up your database before doing this and ensure that your database is up-to-date first.`,
-		Action: runRecreateTable,
-	}
+	Action: runRecreateTable,
 }
 
-func runRecreateTable(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runRecreateTable(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	// Redirect the default golog to here
@@ -126,7 +120,7 @@ func runRecreateTable(stdCtx context.Context, ctx *cli.Command) error {
 
 	args := ctx.Args()
 	names := make([]string, 0, ctx.NArg())
-	for i := range ctx.NArg() {
+	for i := 0; i < ctx.NArg(); i++ {
 		names = append(names, args.Get(i))
 	}
 
@@ -136,31 +130,24 @@ func runRecreateTable(stdCtx context.Context, ctx *cli.Command) error {
 	}
 	recreateTables := migrate_base.RecreateTables(beans...)
 
-	return db.InitEngineWithMigration(stdCtx, func(x db.Engine) error {
-		engine, err := db.GetMasterEngine(x)
-		if err != nil {
+	return db.InitEngineWithMigration(stdCtx, func(x *xorm.Engine) error {
+		if err := migrations.EnsureUpToDate(x); err != nil {
 			return err
 		}
-
-		if err := migrations.EnsureUpToDate(engine); err != nil {
-			return err
-		}
-
-		return recreateTables(engine)
+		return recreateTables(x)
 	})
 }
 
-func setupDoctorDefaultLogger(ctx *cli.Command, colorize bool) {
+func setupDoctorDefaultLogger(ctx *cli.Context, colorize bool) {
 	// Silence the default loggers
 	setupConsoleLogger(log.FATAL, log.CanColorStderr, os.Stderr)
 
 	logFile := ctx.String("log-file")
-	switch logFile {
-	case "":
+	if logFile == "" {
 		return // if no doctor log-file is set, do not show any log from default logger
-	case "-":
+	} else if logFile == "-" {
 		setupConsoleLogger(log.TRACE, colorize, os.Stdout)
-	default:
+	} else {
 		logFile, _ = filepath.Abs(logFile)
 		writeMode := log.WriterMode{Level: log.TRACE, WriterOption: log.WriterFileOption{FileName: logFile}}
 		writer, err := log.NewEventWriter("console-to-file", "file", writeMode)
@@ -172,8 +159,8 @@ func setupDoctorDefaultLogger(ctx *cli.Command, colorize bool) {
 	}
 }
 
-func runDoctorCheck(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runDoctorCheck(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	colorize := log.CanColorStdout

cmd/doctor_convert.go

@@ -4,28 +4,25 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 
-	"forgejo.org/models/db"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // cmdDoctorConvert represents the available convert sub-command.
-func cmdDoctorConvert() *cli.Command {
-	return &cli.Command{
-		Name:        "convert",
-		Usage:       "Convert the database",
-		Description: "A command to convert an existing MySQL database from utf8 to utf8mb4",
-		Action:      runDoctorConvert,
-	}
+var cmdDoctorConvert = &cli.Command{
+	Name:        "convert",
+	Usage:       "Convert the database",
+	Description: "A command to convert an existing MySQL database from utf8 to utf8mb4",
+	Action:      runDoctorConvert,
 }
 
-func runDoctorConvert(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runDoctorConvert(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(stdCtx); err != nil {

cmd/doctor_test.go

@@ -7,11 +7,11 @@ import (
 	"context"
 	"testing"
 
-	"forgejo.org/modules/log"
-	"forgejo.org/services/doctor"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/services/doctor"
 
 	"github.com/stretchr/testify/require"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func TestDoctorRun(t *testing.T) {
@@ -22,12 +22,12 @@ func TestDoctorRun(t *testing.T) {
 
 		SkipDatabaseInitialization: true,
 	})
-	app := cli.Command{}
-	app.Commands = []*cli.Command{cmdDoctorCheck()}
-	err := app.Run(t.Context(), []string{"./gitea", "check", "--run", "test-check"})
+	app := cli.NewApp()
+	app.Commands = []*cli.Command{cmdDoctorCheck}
+	err := app.Run([]string{"./gitea", "check", "--run", "test-check"})
 	require.NoError(t, err)
-	err = app.Run(t.Context(), []string{"./gitea", "check", "--run", "no-such"})
+	err = app.Run([]string{"./gitea", "check", "--run", "no-such"})
 	require.ErrorContains(t, err, `unknown checks: "no-such"`)
-	err = app.Run(t.Context(), []string{"./gitea", "check", "--run", "test-check,no-such"})
+	err = app.Run([]string{"./gitea", "check", "--run", "test-check,no-such"})
 	require.ErrorContains(t, err, `unknown checks: "no-such"`)
 }

cmd/dump.go

@@ -5,8 +5,6 @@
 package cmd
 
 import (
-	"context"
-	"errors"
 	"fmt"
 	"io"
 	"os"
@@ -15,16 +13,16 @@ import (
 	"strings"
 	"time"
 
-	"forgejo.org/models/db"
-	"forgejo.org/modules/json"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/storage"
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/util"
 
 	"code.forgejo.org/go-chi/session"
 	"github.com/mholt/archiver/v3"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func addReader(w archiver.Writer, r io.ReadCloser, info os.FileInfo, customName string, verbose bool) error {
@@ -85,10 +83,6 @@ func (o *outputType) Set(value string) error {
 	return fmt.Errorf("allowed values are %s", o.Join())
 }
 
-func (o *outputType) Get() any {
-	return o.String()
-}
-
 func (o outputType) String() string {
 	if o.selected == "" {
 		return o.Default
@@ -102,81 +96,76 @@ var outputTypeEnum = &outputType{
 }
 
 // CmdDump represents the available dump sub-command.
-func cmdDump() *cli.Command {
-	return &cli.Command{
-		Name:  "dump",
-		Usage: "Dump Forgejo files and database",
-		Description: `Dump compresses all related files and database into zip file.
+var CmdDump = &cli.Command{
+	Name:  "dump",
+	Usage: "Dump Forgejo files and database",
+	Description: `Dump compresses all related files and database into zip file.
 It can be used for backup and capture Forgejo server image to send to maintainer`,
-		Action: runDump,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "file",
-				Aliases: []string{"f"},
-				Value:   fmt.Sprintf("forgejo-dump-%d.zip", time.Now().Unix()),
-				Usage:   "Name of the dump file which will be created. Supply '-' for stdout. See type for available types.",
-			},
-			&cli.BoolFlag{
-				Name:    "verbose",
-				Aliases: []string{"V"},
-				Usage:   "Show process details",
-			},
-			&cli.BoolFlag{
-				Name:    "quiet",
-				Aliases: []string{"q"},
-				Usage:   "Only display warnings and errors",
-			},
-			&cli.StringFlag{
-				Name:    "tempdir",
-				Aliases: []string{"t"},
-				Usage:   "Temporary dir path",
-			},
-			&cli.StringFlag{
-				Name:    "database",
-				Aliases: []string{"d"},
-				Usage:   "Specify the database SQL syntax: sqlite3, mysql, postgres",
-			},
-			&cli.BoolFlag{
-				Name:    "skip-repository",
-				Aliases: []string{"R"},
-				Usage:   "Skip repositories",
-			},
-			&cli.BoolFlag{
-				Name:    "skip-log",
-				Aliases: []string{"L"},
-				Usage:   "Skip logs",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-custom-dir",
-				Usage: "Skip custom directory",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-lfs-data",
-				Usage: "Skip LFS data",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-attachment-data",
-				Usage: "Skip attachment data",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-package-data",
-				Usage: "Skip package data",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-index",
-				Usage: "Skip bleve index data",
-			},
-			&cli.BoolFlag{
-				Name:  "skip-repo-archives",
-				Usage: "Skip repository archives",
-			},
-			&cli.GenericFlag{
-				Name:  "type",
-				Value: outputTypeEnum,
-				Usage: fmt.Sprintf("Dump output format: %s", outputTypeEnum.Join()),
-			},
+	Action: runDump,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "file",
+			Aliases: []string{"f"},
+			Value:   fmt.Sprintf("forgejo-dump-%d.zip", time.Now().Unix()),
+			Usage:   "Name of the dump file which will be created. Supply '-' for stdout. See type for available types.",
 		},
-	}
+		&cli.BoolFlag{
+			Name:    "verbose",
+			Aliases: []string{"V"},
+			Usage:   "Show process details",
+		},
+		&cli.BoolFlag{
+			Name:    "quiet",
+			Aliases: []string{"q"},
+			Usage:   "Only display warnings and errors",
+		},
+		&cli.StringFlag{
+			Name:    "tempdir",
+			Aliases: []string{"t"},
+			Value:   os.TempDir(),
+			Usage:   "Temporary dir path",
+		},
+		&cli.StringFlag{
+			Name:    "database",
+			Aliases: []string{"d"},
+			Usage:   "Specify the database SQL syntax: sqlite3, mysql, postgres",
+		},
+		&cli.BoolFlag{
+			Name:    "skip-repository",
+			Aliases: []string{"R"},
+			Usage:   "Skip the repository dumping",
+		},
+		&cli.BoolFlag{
+			Name:    "skip-log",
+			Aliases: []string{"L"},
+			Usage:   "Skip the log dumping",
+		},
+		&cli.BoolFlag{
+			Name:  "skip-custom-dir",
+			Usage: "Skip custom directory",
+		},
+		&cli.BoolFlag{
+			Name:  "skip-lfs-data",
+			Usage: "Skip LFS data",
+		},
+		&cli.BoolFlag{
+			Name:  "skip-attachment-data",
+			Usage: "Skip attachment data",
+		},
+		&cli.BoolFlag{
+			Name:  "skip-package-data",
+			Usage: "Skip package data",
+		},
+		&cli.BoolFlag{
+			Name:  "skip-index",
+			Usage: "Skip bleve index data",
+		},
+		&cli.GenericFlag{
+			Name:  "type",
+			Value: outputTypeEnum,
+			Usage: fmt.Sprintf("Dump output format: %s", outputTypeEnum.Join()),
+		},
+	},
 }
 
 func fatal(format string, args ...any) {
@@ -184,7 +173,7 @@ func fatal(format string, args ...any) {
 	log.Fatal(format, args...)
 }
 
-func runDump(stdCtx context.Context, ctx *cli.Command) error {
+func runDump(ctx *cli.Context) error {
 	var file *os.File
 	fileName := ctx.String("file")
 	outType := ctx.String("type")
@@ -220,16 +209,16 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 
 	if !setting.InstallLock {
 		log.Error("Is '%s' really the right config path?\n", setting.CustomConf)
-		return errors.New("forgejo is not initialized")
+		return fmt.Errorf("forgejo is not initialized")
 	}
 	setting.LoadSettings() // cannot access session settings otherwise
 
 	verbose := ctx.Bool("verbose")
 	if verbose && ctx.Bool("quiet") {
-		return errors.New("--quiet and --verbose cannot both be set")
+		return fmt.Errorf("--quiet and --verbose cannot both be set")
 	}
 
-	stdCtx, cancel := installSignals(stdCtx)
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	err := db.InitEngine(stdCtx)
@@ -244,7 +233,7 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	if file == nil {
 		file, err = os.Create(fileName)
 		if err != nil {
-			fatal("Failed to open %s: %v", fileName, err)
+			fatal("Unable to open %s: %v", fileName, err)
 		}
 	}
 	defer file.Close()
@@ -261,7 +250,7 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 		iface, err = archiver.ByExtension(fileName)
 	}
 	if err != nil {
-		fatal("Failed to get archiver for extension: %v", err)
+		fatal("Unable to get archiver for extension: %v", err)
 	}
 
 	w, _ := iface.(archiver.Writer)
@@ -271,7 +260,7 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	defer w.Close()
 
 	if ctx.IsSet("skip-repository") && ctx.Bool("skip-repository") {
-		log.Info("Skipping local repositories")
+		log.Info("Skip dumping local repositories")
 	} else {
 		log.Info("Dumping local repositories... %s", setting.RepoRootPath)
 		if err := addRecursiveExclude(w, "repos", setting.RepoRootPath, []string{absFileName}, verbose); err != nil {
@@ -279,9 +268,9 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 		}
 
 		if ctx.IsSet("skip-lfs-data") && ctx.Bool("skip-lfs-data") {
-			log.Info("Skipping LFS data")
+			log.Info("Skip dumping LFS data")
 		} else if !setting.LFS.StartServer {
-			log.Info("LFS not enabled - skipping")
+			log.Info("LFS isn't enabled. Skip dumping LFS data")
 		} else if err := storage.LFS.IterateObjects("", func(objPath string, object storage.Object) error {
 			info, err := object.Stat()
 			if err != nil {
@@ -295,31 +284,18 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	}
 
 	tmpDir := ctx.String("tempdir")
-	if tmpDir == "" {
-		tmpDir, err = os.MkdirTemp("", "forgejo-dump-*")
-		if err != nil {
-			fatal("Failed to create temporary directory: %v", err)
-		}
-
-		defer func() {
-			if err := util.Remove(tmpDir); err != nil {
-				log.Warn("Failed to remove temporary directory: %s: Error: %v", tmpDir, err)
-			}
-		}()
-	}
-
 	if _, err := os.Stat(tmpDir); os.IsNotExist(err) {
 		fatal("Path does not exist: %s", tmpDir)
 	}
 
 	dbDump, err := os.CreateTemp(tmpDir, "forgejo-db.sql")
 	if err != nil {
-		fatal("Failed to create temporary file: %v", err)
+		fatal("Failed to create tmp file: %v", err)
 	}
 	defer func() {
 		_ = dbDump.Close()
 		if err := util.Remove(dbDump.Name()); err != nil {
-			log.Warn("Failed to remove temporary database file: %s: Error: %v", dbDump.Name(), err)
+			log.Warn("Unable to remove temporary file: %s: Error: %v", dbDump.Name(), err)
 		}
 	}()
 
@@ -355,16 +331,16 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 					fatal("Failed to include custom: %v", err)
 				}
 			} else {
-				log.Info("Custom dir %s is inside data dir %s, skipping", setting.CustomPath, setting.AppDataPath)
+				log.Info("Custom dir %s is inside data dir %s, skipped", setting.CustomPath, setting.AppDataPath)
 			}
 		} else {
-			log.Info("Custom dir %s does not exist, skipping", setting.CustomPath)
+			log.Info("Custom dir %s doesn't exist, skipped", setting.CustomPath)
 		}
 	}
 
 	isExist, err := util.IsExist(setting.AppDataPath)
 	if err != nil {
-		log.Error("Failed to check if %s exists: %v", setting.AppDataPath, err)
+		log.Error("Unable to check if %s exists. Error: %v", setting.AppDataPath, err)
 	}
 	if isExist {
 		log.Info("Packing data directory...%s", setting.AppDataPath)
@@ -379,16 +355,10 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 		}
 
 		if ctx.IsSet("skip-index") && ctx.Bool("skip-index") {
-			log.Info("Skipping bleve index data")
 			excludes = append(excludes, setting.Indexer.RepoPath)
 			excludes = append(excludes, setting.Indexer.IssuePath)
 		}
 
-		if ctx.IsSet("skip-repo-archives") && ctx.Bool("skip-repo-archives") {
-			log.Info("Skipping repository archives data")
-			excludes = append(excludes, setting.RepoArchive.Storage.Path)
-		}
-
 		excludes = append(excludes, setting.RepoRootPath)
 		excludes = append(excludes, setting.LFS.Storage.Path)
 		excludes = append(excludes, setting.Attachment.Storage.Path)
@@ -401,7 +371,7 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	}
 
 	if ctx.IsSet("skip-attachment-data") && ctx.Bool("skip-attachment-data") {
-		log.Info("Skipping attachment data")
+		log.Info("Skip dumping attachment data")
 	} else if err := storage.Attachments.IterateObjects("", func(objPath string, object storage.Object) error {
 		info, err := object.Stat()
 		if err != nil {
@@ -414,9 +384,9 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	}
 
 	if ctx.IsSet("skip-package-data") && ctx.Bool("skip-package-data") {
-		log.Info("Skipping package data")
+		log.Info("Skip dumping package data")
 	} else if !setting.Packages.Enabled {
-		log.Info("Package registry not enabled - skipping")
+		log.Info("Packages isn't enabled. Skip dumping package data")
 	} else if err := storage.Packages.IterateObjects("", func(objPath string, object storage.Object) error {
 		info, err := object.Stat()
 		if err != nil {
@@ -432,11 +402,11 @@ func runDump(stdCtx context.Context, ctx *cli.Command) error {
 	// ensuring that it's clear the dump is skipped whether the directory's initialized
 	// yet or not.
 	if ctx.IsSet("skip-log") && ctx.Bool("skip-log") {
-		log.Info("Skipping log files")
+		log.Info("Skip dumping log files")
 	} else {
 		isExist, err := util.IsExist(setting.Log.RootPath)
 		if err != nil {
-			log.Error("Failed to check if %s exists: %v", setting.Log.RootPath, err)
+			log.Error("Unable to check if %s exists. Error: %v", setting.Log.RootPath, err)
 		}
 		if isExist {
 			if err := addRecursiveExclude(w, "log", setting.Log.RootPath, []string{absFileName}, verbose); err != nil {
@@ -486,7 +456,7 @@ func addRecursiveExclude(w archiver.Writer, insidePath, absPath string, excludeA
 		currentInsidePath := path.Join(insidePath, file.Name())
 
 		if util.SliceContainsString(excludeAbsPath, currentAbsPath) {
-			log.Debug("Skipping %q (matched an excluded path)", currentAbsPath)
+			log.Debug("Skipping %q because matched an excluded path.", currentAbsPath)
 			continue
 		}
 

cmd/dump_repo.go

@@ -10,79 +10,77 @@ import (
 	"os"
 	"strings"
 
-	"forgejo.org/modules/git"
-	"forgejo.org/modules/log"
-	base "forgejo.org/modules/migration"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/structs"
-	"forgejo.org/modules/util"
-	"forgejo.org/services/convert"
-	"forgejo.org/services/migrations"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	base "code.gitea.io/gitea/modules/migration"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/convert"
+	"code.gitea.io/gitea/services/migrations"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdDumpRepository represents the available dump repository sub-command.
-func cmdDumpRepository() *cli.Command {
-	return &cli.Command{
-		Name:        "dump-repo",
-		Usage:       "Dump the repository from git/github/gitea/gitlab",
-		Description: "This is a command for dumping the repository data.",
-		Action:      runDumpRepository,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:  "git_service",
-				Value: "",
-				Usage: "Git service, git, github, gitea, gitlab. If clone_addr could be recognized, this could be ignored.",
-			},
-			&cli.StringFlag{
-				Name:    "repo_dir",
-				Aliases: []string{"r"},
-				Value:   "./data",
-				Usage:   "Repository dir path to store the data",
-			},
-			&cli.StringFlag{
-				Name:  "clone_addr",
-				Value: "",
-				Usage: "The URL will be clone, currently could be a git/github/gitea/gitlab http/https URL",
-			},
-			&cli.StringFlag{
-				Name:  "auth_username",
-				Value: "",
-				Usage: "The username to visit the clone_addr",
-			},
-			&cli.StringFlag{
-				Name:  "auth_password",
-				Value: "",
-				Usage: "The password to visit the clone_addr",
-			},
-			&cli.StringFlag{
-				Name:  "auth_token",
-				Value: "",
-				Usage: "The personal token to visit the clone_addr",
-			},
-			&cli.StringFlag{
-				Name:  "owner_name",
-				Value: "",
-				Usage: "The data will be stored on a directory with owner name if not empty",
-			},
-			&cli.StringFlag{
-				Name:  "repo_name",
-				Value: "",
-				Usage: "The data will be stored on a directory with repository name if not empty",
-			},
-			&cli.StringFlag{
-				Name:  "units",
-				Value: "",
-				Usage: `Which items will be migrated, one or more units should be separated as comma.
-wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
-			},
+var CmdDumpRepository = &cli.Command{
+	Name:        "dump-repo",
+	Usage:       "Dump the repository from git/github/gitea/gitlab",
+	Description: "This is a command for dumping the repository data.",
+	Action:      runDumpRepository,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:  "git_service",
+			Value: "",
+			Usage: "Git service, git, github, gitea, gitlab. If clone_addr could be recognized, this could be ignored.",
 		},
-	}
+		&cli.StringFlag{
+			Name:    "repo_dir",
+			Aliases: []string{"r"},
+			Value:   "./data",
+			Usage:   "Repository dir path to store the data",
+		},
+		&cli.StringFlag{
+			Name:  "clone_addr",
+			Value: "",
+			Usage: "The URL will be clone, currently could be a git/github/gitea/gitlab http/https URL",
+		},
+		&cli.StringFlag{
+			Name:  "auth_username",
+			Value: "",
+			Usage: "The username to visit the clone_addr",
+		},
+		&cli.StringFlag{
+			Name:  "auth_password",
+			Value: "",
+			Usage: "The password to visit the clone_addr",
+		},
+		&cli.StringFlag{
+			Name:  "auth_token",
+			Value: "",
+			Usage: "The personal token to visit the clone_addr",
+		},
+		&cli.StringFlag{
+			Name:  "owner_name",
+			Value: "",
+			Usage: "The data will be stored on a directory with owner name if not empty",
+		},
+		&cli.StringFlag{
+			Name:  "repo_name",
+			Value: "",
+			Usage: "The data will be stored on a directory with repository name if not empty",
+		},
+		&cli.StringFlag{
+			Name:  "units",
+			Value: "",
+			Usage: `Which items will be migrated, one or more units should be separated as comma.
+wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
+		},
+	},
 }
 
-func runDumpRepository(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runDumpRepository(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(stdCtx); err != nil {

cmd/embedded.go

@@ -4,41 +4,38 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"os"
 	"path/filepath"
 	"strings"
 
-	"forgejo.org/modules/assetfs"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/options"
-	"forgejo.org/modules/public"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/templates"
-	"forgejo.org/modules/util"
+	"code.gitea.io/gitea/modules/assetfs"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/options"
+	"code.gitea.io/gitea/modules/public"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/util"
 
 	"github.com/gobwas/glob"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdEmbedded represents the available extract sub-command.
-func cmdEmbedded() *cli.Command {
-	return &cli.Command{
+var (
+	CmdEmbedded = &cli.Command{
 		Name:        "embedded",
 		Usage:       "Extract embedded resources",
 		Description: "A command for extracting embedded resources, like templates and images",
-		Commands: []*cli.Command{
-			subcmdList(),
-			subcmdView(),
-			subcmdExtract(),
+		Subcommands: []*cli.Command{
+			subcmdList,
+			subcmdView,
+			subcmdExtract,
 		},
 	}
-}
 
-func subcmdList() *cli.Command {
-	return &cli.Command{
+	subcmdList = &cli.Command{
 		Name:   "list",
 		Usage:  "List files matching the given pattern",
 		Action: runList,
@@ -50,10 +47,8 @@ func subcmdList() *cli.Command {
 			},
 		},
 	}
-}
 
-func subcmdView() *cli.Command {
-	return &cli.Command{
+	subcmdView = &cli.Command{
 		Name:   "view",
 		Usage:  "View a file matching the given pattern",
 		Action: runView,
@@ -65,10 +60,8 @@ func subcmdView() *cli.Command {
 			},
 		},
 	}
-}
 
-func subcmdExtract() *cli.Command {
-	return &cli.Command{
+	subcmdExtract = &cli.Command{
 		Name:   "extract",
 		Usage:  "Extract resources",
 		Action: runExtract,
@@ -97,9 +90,9 @@ func subcmdExtract() *cli.Command {
 			},
 		},
 	}
-}
 
-var matchedAssetFiles []assetFile
+	matchedAssetFiles []assetFile
+)
 
 type assetFile struct {
 	fs   *assetfs.LayeredFS
@@ -107,7 +100,7 @@ type assetFile struct {
 	path string
 }
 
-func initEmbeddedExtractor(_ context.Context, c *cli.Command) error {
+func initEmbeddedExtractor(c *cli.Context) error {
 	setupConsoleLogger(log.ERROR, log.CanColorStderr, os.Stderr)
 
 	patterns, err := compileCollectPatterns(c.Args().Slice())
@@ -122,32 +115,32 @@ func initEmbeddedExtractor(_ context.Context, c *cli.Command) error {
 	return nil
 }
 
-func runList(ctx context.Context, c *cli.Command) error {
-	if err := runListDo(ctx, c); err != nil {
+func runList(c *cli.Context) error {
+	if err := runListDo(c); err != nil {
 		fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runView(ctx context.Context, c *cli.Command) error {
-	if err := runViewDo(ctx, c); err != nil {
+func runView(c *cli.Context) error {
+	if err := runViewDo(c); err != nil {
 		fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runExtract(ctx context.Context, c *cli.Command) error {
-	if err := runExtractDo(ctx, c); err != nil {
+func runExtract(c *cli.Context) error {
+	if err := runExtractDo(c); err != nil {
 		fmt.Fprintf(os.Stderr, "%v\n", err)
 		return err
 	}
 	return nil
 }
 
-func runListDo(ctx context.Context, c *cli.Command) error {
-	if err := initEmbeddedExtractor(ctx, c); err != nil {
+func runListDo(c *cli.Context) error {
+	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
 
@@ -158,8 +151,8 @@ func runListDo(ctx context.Context, c *cli.Command) error {
 	return nil
 }
 
-func runViewDo(ctx context.Context, c *cli.Command) error {
-	if err := initEmbeddedExtractor(ctx, c); err != nil {
+func runViewDo(c *cli.Context) error {
+	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
 
@@ -181,8 +174,8 @@ func runViewDo(ctx context.Context, c *cli.Command) error {
 	return nil
 }
 
-func runExtractDo(ctx context.Context, c *cli.Command) error {
-	if err := initEmbeddedExtractor(ctx, c); err != nil {
+func runExtractDo(c *cli.Context) error {
+	if err := initEmbeddedExtractor(c); err != nil {
 		return err
 	}
 
@@ -278,7 +271,7 @@ func extractAsset(d string, a assetFile, overwrite, rename bool) error {
 	return nil
 }
 
-func collectAssetFilesByPattern(c *cli.Command, globs []glob.Glob, path string, layer *assetfs.Layer) {
+func collectAssetFilesByPattern(c *cli.Context, globs []glob.Glob, path string, layer *assetfs.Layer) {
 	fs := assetfs.Layered(layer)
 	files, err := fs.ListAllFiles(".", true)
 	if err != nil {

cmd/forgejo/actions.go

@@ -6,25 +6,24 @@ package forgejo
 import (
 	"context"
 	"encoding/hex"
-	"errors"
 	"fmt"
 	"io"
 	"os"
 	"strings"
 
-	actions_model "forgejo.org/models/actions"
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/setting"
-	private_routers "forgejo.org/routers/private"
+	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
+	private_routers "code.gitea.io/gitea/routers/private"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func CmdActions(ctx context.Context) *cli.Command {
 	return &cli.Command{
 		Name:  "actions",
 		Usage: "Commands for managing Forgejo Actions",
-		Commands: []*cli.Command{
+		Subcommands: []*cli.Command{
 			SubcmdActionsGenerateRunnerToken(ctx),
 			SubcmdActionsGenerateRunnerSecret(ctx),
 			SubcmdActionsRegister(ctx),
@@ -37,7 +36,7 @@ func SubcmdActionsGenerateRunnerToken(ctx context.Context) *cli.Command {
 		Name:   "generate-runner-token",
 		Usage:  "Generate a new token for a runner to use to register with the server",
 		Before: prepareWorkPathAndCustomConf(ctx),
-		Action: RunGenerateActionsRunnerToken,
+		Action: func(cliCtx *cli.Context) error { return RunGenerateActionsRunnerToken(ctx, cliCtx) },
 		Flags: []cli.Flag{
 			&cli.StringFlag{
 				Name:    "scope",
@@ -53,7 +52,7 @@ func SubcmdActionsGenerateRunnerSecret(ctx context.Context) *cli.Command {
 	return &cli.Command{
 		Name:   "generate-secret",
 		Usage:  "Generate a secret suitable for input to the register subcommand",
-		Action: RunGenerateSecret,
+		Action: func(cliCtx *cli.Context) error { return RunGenerateSecret(ctx, cliCtx) },
 	}
 }
 
@@ -62,7 +61,7 @@ func SubcmdActionsRegister(ctx context.Context) *cli.Command {
 		Name:   "register",
 		Usage:  "Idempotent registration of a runner using a shared secret",
 		Before: prepareWorkPathAndCustomConf(ctx),
-		Action: RunRegister,
+		Action: func(cliCtx *cli.Context) error { return RunRegister(ctx, cliCtx) },
 		Flags: []cli.Flag{
 			&cli.StringFlag{
 				Name:  "secret",
@@ -106,26 +105,26 @@ func SubcmdActionsRegister(ctx context.Context) *cli.Command {
 	}
 }
 
-func readSecret(ctx context.Context, cli *cli.Command) (string, error) {
-	if cli.IsSet("secret") {
-		return cli.String("secret"), nil
+func readSecret(ctx context.Context, cliCtx *cli.Context) (string, error) {
+	if cliCtx.IsSet("secret") {
+		return cliCtx.String("secret"), nil
 	}
-	if cli.IsSet("secret-stdin") {
+	if cliCtx.IsSet("secret-stdin") {
 		buf, err := io.ReadAll(ContextGetStdin(ctx))
 		if err != nil {
 			return "", err
 		}
 		return string(buf), nil
 	}
-	if cli.IsSet("secret-file") {
-		path := cli.String("secret-file")
+	if cliCtx.IsSet("secret-file") {
+		path := cliCtx.String("secret-file")
 		buf, err := os.ReadFile(path)
 		if err != nil {
 			return "", err
 		}
 		return string(buf), nil
 	}
-	return "", errors.New("at least one of the --secret, --secret-stdin, --secret-file options is required")
+	return "", fmt.Errorf("at least one of the --secret, --secret-stdin, --secret-file options is required")
 }
 
 func validateSecret(secret string) error {
@@ -139,18 +138,18 @@ func validateSecret(secret string) error {
 	return nil
 }
 
-func getLabels(cli *cli.Command) (*[]string, error) {
-	if !cli.Bool("keep-labels") {
-		lblValue := strings.Split(cli.String("labels"), ",")
+func getLabels(cliCtx *cli.Context) (*[]string, error) {
+	if !cliCtx.Bool("keep-labels") {
+		lblValue := strings.Split(cliCtx.String("labels"), ",")
 		return &lblValue, nil
 	}
-	if cli.String("labels") != "" {
-		return nil, errors.New("--labels and --keep-labels should not be used together")
+	if cliCtx.String("labels") != "" {
+		return nil, fmt.Errorf("--labels and --keep-labels should not be used together")
 	}
 	return nil, nil
 }
 
-func RunRegister(ctx context.Context, cli *cli.Command) error {
+func RunRegister(ctx context.Context, cliCtx *cli.Context) error {
 	var cancel context.CancelFunc
 	if !ContextGetNoInit(ctx) {
 		ctx, cancel = installSignals(ctx)
@@ -162,17 +161,17 @@ func RunRegister(ctx context.Context, cli *cli.Command) error {
 	}
 	setting.MustInstalled()
 
-	secret, err := readSecret(ctx, cli)
+	secret, err := readSecret(ctx, cliCtx)
 	if err != nil {
 		return err
 	}
 	if err := validateSecret(secret); err != nil {
 		return err
 	}
-	scope := cli.String("scope")
-	name := cli.String("name")
-	version := cli.String("version")
-	labels, err := getLabels(cli)
+	scope := cliCtx.String("scope")
+	name := cliCtx.String("name")
+	version := cliCtx.String("version")
+	labels, err := getLabels(cliCtx)
 	if err != nil {
 		return err
 	}
@@ -210,7 +209,7 @@ func RunRegister(ctx context.Context, cli *cli.Command) error {
 	return nil
 }
 
-func RunGenerateSecret(ctx context.Context, cli *cli.Command) error {
+func RunGenerateSecret(ctx context.Context, cliCtx *cli.Context) error {
 	runner := actions_model.ActionRunner{}
 	if err := runner.GenerateToken(); err != nil {
 		return err
@@ -221,7 +220,7 @@ func RunGenerateSecret(ctx context.Context, cli *cli.Command) error {
 	return nil
 }
 
-func RunGenerateActionsRunnerToken(ctx context.Context, cli *cli.Command) error {
+func RunGenerateActionsRunnerToken(ctx context.Context, cliCtx *cli.Context) error {
 	if !ContextGetNoInit(ctx) {
 		var cancel context.CancelFunc
 		ctx, cancel = installSignals(ctx)
@@ -230,7 +229,7 @@ func RunGenerateActionsRunnerToken(ctx context.Context, cli *cli.Command) error
 
 	setting.MustInstalled()
 
-	scope := cli.String("scope")
+	scope := cliCtx.String("scope")
 
 	respText, extra := private.GenerateActionsRunnerToken(ctx, scope)
 	if extra.HasError() {

cmd/forgejo/actions_test.go

@@ -4,13 +4,14 @@
 package forgejo
 
 import (
-	"context"
 	"fmt"
 	"testing"
 
+	"code.gitea.io/gitea/services/context"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func TestActions_getLabels(t *testing.T) {
@@ -53,21 +54,21 @@ func TestActions_getLabels(t *testing.T) {
 		},
 	}
 
-	flags := SubcmdActionsRegister(t.Context()).Flags
+	flags := SubcmdActionsRegister(context.Context{}).Flags
 	for _, c := range cases {
 		t.Run(fmt.Sprintf("args: %v", c.args), func(t *testing.T) {
 			// Create a copy of command to test
 			var result *resultType
-			app := cli.Command{}
+			app := cli.NewApp()
 			app.Flags = flags
-			app.Action = func(_ context.Context, ctx *cli.Command) error {
+			app.Action = func(ctx *cli.Context) error {
 				labels, err := getLabels(ctx)
 				result = &resultType{labels, err}
 				return nil
 			}
 
 			// Run it
-			_ = app.Run(t.Context(), c.args)
+			_ = app.Run(c.args)
 
 			// Test the results
 			require.NotNil(t, result)

cmd/forgejo/f3.go

@@ -8,19 +8,19 @@ import (
 	"context"
 	"errors"
 
-	"forgejo.org/models"
-	"forgejo.org/modules/git"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/storage"
-	"forgejo.org/services/f3/util"
+	"code.gitea.io/gitea/models"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/services/f3/util"
 
-	_ "forgejo.org/services/f3/driver" // register the driver
+	_ "code.gitea.io/gitea/services/f3/driver" // register the driver
 
 	f3_cmd "code.forgejo.org/f3/gof3/v3/cmd"
 	f3_logger "code.forgejo.org/f3/gof3/v3/logger"
 	f3_util "code.forgejo.org/f3/gof3/v3/util"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func CmdF3(ctx context.Context) *cli.Command {
@@ -28,21 +28,21 @@ func CmdF3(ctx context.Context) *cli.Command {
 	return &cli.Command{
 		Name:  "f3",
 		Usage: "F3",
-		Commands: []*cli.Command{
+		Subcommands: []*cli.Command{
 			SubcmdF3Mirror(ctx),
 		},
 	}
 }
 
 func SubcmdF3Mirror(ctx context.Context) *cli.Command {
-	mirrorCmd := f3_cmd.CreateCmdMirror()
+	mirrorCmd := f3_cmd.CreateCmdMirror(ctx)
 	mirrorCmd.Before = prepareWorkPathAndCustomConf(ctx)
 	f3Action := mirrorCmd.Action
-	mirrorCmd.Action = func(ctx context.Context, cli *cli.Command) error { return runMirror(ctx, cli, f3Action) }
+	mirrorCmd.Action = func(c *cli.Context) error { return runMirror(ctx, c, f3Action) }
 	return mirrorCmd
 }
 
-func runMirror(ctx context.Context, c *cli.Command, action cli.ActionFunc) error {
+func runMirror(ctx context.Context, c *cli.Context, action cli.ActionFunc) error {
 	setting.LoadF3Setting()
 	if !setting.F3.Enabled {
 		return errors.New("F3 is disabled, it is not ready to be used and is only present for development purposes")
@@ -69,7 +69,7 @@ func runMirror(ctx context.Context, c *cli.Command, action cli.ActionFunc) error
 		}
 	}
 
-	err := action(ctx, c)
+	err := action(c)
 	if panicError, ok := err.(f3_util.PanicError); ok {
 		log.Debug("F3 Stack trace\n%s", panicError.Stack())
 	}

cmd/forgejo/forgejo.go

@@ -11,12 +11,12 @@ import (
 	"os/signal"
 	"syscall"
 
-	"forgejo.org/models/db"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 type key int
@@ -34,7 +34,7 @@ func CmdForgejo(ctx context.Context) *cli.Command {
 		Name:  "forgejo-cli",
 		Usage: "Forgejo CLI",
 		Flags: []cli.Flag{},
-		Commands: []*cli.Command{
+		Subcommands: []*cli.Command{
 			CmdActions(ctx),
 			CmdF3(ctx),
 		},
@@ -147,12 +147,12 @@ func handleCliResponseExtra(ctx context.Context, extra private.ResponseExtra) er
 	return cli.Exit(extra.Error, 1)
 }
 
-func prepareWorkPathAndCustomConf(ctx context.Context) func(ctx context.Context, cli *cli.Command) (context.Context, error) {
-	return func(ctx context.Context, cli *cli.Command) (context.Context, error) {
+func prepareWorkPathAndCustomConf(ctx context.Context) func(c *cli.Context) error {
+	return func(c *cli.Context) error {
 		if !ContextGetNoInit(ctx) {
 			var args setting.ArgWorkPathAndCustomConf
 			// from children to parent, check the global flags
-			for _, curCtx := range cli.Lineage() {
+			for _, curCtx := range c.Lineage() {
 				if curCtx.IsSet("work-path") && args.WorkPath == "" {
 					args.WorkPath = curCtx.String("work-path")
 				}
@@ -165,6 +165,6 @@ func prepareWorkPathAndCustomConf(ctx context.Context) func(ctx context.Context,
 			}
 			setting.InitWorkPathAndCommonConfig(os.Getenv, args)
 		}
-		return ctx, nil
+		return nil
 	}
 }

cmd/generate.go

@@ -5,65 +5,56 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 	"os"
 
-	"forgejo.org/modules/generate"
+	"code.gitea.io/gitea/modules/generate"
 
 	"github.com/mattn/go-isatty"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-// CmdGenerate represents the available generate sub-command.
-func cmdGenerate() *cli.Command {
-	return &cli.Command{
+var (
+	// CmdGenerate represents the available generate sub-command.
+	CmdGenerate = &cli.Command{
 		Name:  "generate",
 		Usage: "Generate Gitea's secrets/keys/tokens",
-		Commands: []*cli.Command{
-			subcmdSecret(),
+		Subcommands: []*cli.Command{
+			subcmdSecret,
 		},
 	}
-}
 
-func subcmdSecret() *cli.Command {
-	return &cli.Command{
+	subcmdSecret = &cli.Command{
 		Name:  "secret",
 		Usage: "Generate a secret token",
-		Commands: []*cli.Command{
-			microcmdGenerateInternalToken(),
-			microcmdGenerateLfsJwtSecret(),
-			microcmdGenerateSecretKey(),
+		Subcommands: []*cli.Command{
+			microcmdGenerateInternalToken,
+			microcmdGenerateLfsJwtSecret,
+			microcmdGenerateSecretKey,
 		},
 	}
-}
 
-func microcmdGenerateInternalToken() *cli.Command {
-	return &cli.Command{
+	microcmdGenerateInternalToken = &cli.Command{
 		Name:   "INTERNAL_TOKEN",
 		Usage:  "Generate a new INTERNAL_TOKEN",
 		Action: runGenerateInternalToken,
 	}
-}
 
-func microcmdGenerateLfsJwtSecret() *cli.Command {
-	return &cli.Command{
+	microcmdGenerateLfsJwtSecret = &cli.Command{
 		Name:    "JWT_SECRET",
 		Aliases: []string{"LFS_JWT_SECRET"},
 		Usage:   "Generate a new JWT_SECRET",
 		Action:  runGenerateLfsJwtSecret,
 	}
-}
 
-func microcmdGenerateSecretKey() *cli.Command {
-	return &cli.Command{
+	microcmdGenerateSecretKey = &cli.Command{
 		Name:   "SECRET_KEY",
 		Usage:  "Generate a new SECRET_KEY",
 		Action: runGenerateSecretKey,
 	}
-}
+)
 
-func runGenerateInternalToken(ctx context.Context, c *cli.Command) error {
+func runGenerateInternalToken(c *cli.Context) error {
 	internalToken, err := generate.NewInternalToken()
 	if err != nil {
 		return err
@@ -72,25 +63,28 @@ func runGenerateInternalToken(ctx context.Context, c *cli.Command) error {
 	fmt.Printf("%s", internalToken)
 
 	if isatty.IsTerminal(os.Stdout.Fd()) {
-		fmt.Println()
+		fmt.Printf("\n")
 	}
 
 	return nil
 }
 
-func runGenerateLfsJwtSecret(ctx context.Context, c *cli.Command) error {
-	_, jwtSecretBase64 := generate.NewJwtSecret()
+func runGenerateLfsJwtSecret(c *cli.Context) error {
+	_, jwtSecretBase64, err := generate.NewJwtSecret()
+	if err != nil {
+		return err
+	}
 
 	fmt.Printf("%s", jwtSecretBase64)
 
 	if isatty.IsTerminal(os.Stdout.Fd()) {
-		fmt.Print("\n")
+		fmt.Printf("\n")
 	}
 
 	return nil
 }
 
-func runGenerateSecretKey(ctx context.Context, c *cli.Command) error {
+func runGenerateSecretKey(c *cli.Context) error {
 	secretKey, err := generate.NewSecretKey()
 	if err != nil {
 		return err
@@ -99,7 +93,7 @@ func runGenerateSecretKey(ctx context.Context, c *cli.Command) error {
 	fmt.Printf("%s", secretKey)
 
 	if isatty.IsTerminal(os.Stdout.Fd()) {
-		fmt.Print("\n")
+		fmt.Printf("\n")
 	}
 
 	return nil

cmd/hook.go

@@ -14,38 +14,36 @@ import (
 	"strings"
 	"time"
 
-	"forgejo.org/modules/git"
-	"forgejo.org/modules/git/pushoptions"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/private"
-	repo_module "forgejo.org/modules/repository"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/git/pushoptions"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/private"
+	repo_module "code.gitea.io/gitea/modules/repository"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 const (
 	hookBatchSize = 30
 )
 
-// CmdHook represents the available hooks sub-command.
-func cmdHook() *cli.Command {
-	return &cli.Command{
+var (
+	// CmdHook represents the available hooks sub-command.
+	CmdHook = &cli.Command{
 		Name:        "hook",
 		Usage:       "(internal) Should only be called by Git",
 		Description: "Delegate commands to corresponding Git hooks",
 		Before:      PrepareConsoleLoggerLevel(log.FATAL),
-		Commands: []*cli.Command{
-			subcmdHookPreReceive(),
-			subcmdHookUpdate(),
-			subcmdHookPostReceive(),
-			subcmdHookProcReceive(),
+		Subcommands: []*cli.Command{
+			subcmdHookPreReceive,
+			subcmdHookUpdate,
+			subcmdHookPostReceive,
+			subcmdHookProcReceive,
 		},
 	}
-}
 
-func subcmdHookPreReceive() *cli.Command {
-	return &cli.Command{
+	subcmdHookPreReceive = &cli.Command{
 		Name:        "pre-receive",
 		Usage:       "Delegate pre-receive Git hook",
 		Description: "This command should only be called by Git",
@@ -56,10 +54,7 @@ func subcmdHookPreReceive() *cli.Command {
 			},
 		},
 	}
-}
-
-func subcmdHookUpdate() *cli.Command {
-	return &cli.Command{
+	subcmdHookUpdate = &cli.Command{
 		Name:        "update",
 		Usage:       "Delegate update Git hook",
 		Description: "This command should only be called by Git",
@@ -70,10 +65,7 @@ func subcmdHookUpdate() *cli.Command {
 			},
 		},
 	}
-}
-
-func subcmdHookPostReceive() *cli.Command {
-	return &cli.Command{
+	subcmdHookPostReceive = &cli.Command{
 		Name:        "post-receive",
 		Usage:       "Delegate post-receive Git hook",
 		Description: "This command should only be called by Git",
@@ -84,11 +76,8 @@ func subcmdHookPostReceive() *cli.Command {
 			},
 		},
 	}
-}
-
-// Note: new hook since git 2.29
-func subcmdHookProcReceive() *cli.Command {
-	return &cli.Command{
+	// Note: new hook since git 2.29
+	subcmdHookProcReceive = &cli.Command{
 		Name:        "proc-receive",
 		Usage:       "Delegate proc-receive Git hook",
 		Description: "This command should only be called by Git",
@@ -99,7 +88,7 @@ func subcmdHookProcReceive() *cli.Command {
 			},
 		},
 	}
-}
+)
 
 type delayWriter struct {
 	internal io.Writer
@@ -172,14 +161,14 @@ func (n *nilWriter) WriteString(s string) (int, error) {
 	return len(s), nil
 }
 
-func runHookPreReceive(ctx context.Context, c *cli.Command) error {
+func runHookPreReceive(c *cli.Context) error {
 	if isInternal, _ := strconv.ParseBool(os.Getenv(repo_module.EnvIsInternal)); isInternal {
 		return nil
 	}
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), true)
+	setup(ctx, c.Bool("debug"))
 
 	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
 		if setting.OnlyAllowPushIfGiteaEnvironmentSet {
@@ -231,7 +220,10 @@ Forgejo or set your environment appropriately.`, "")
 		}
 	}
 
-	supportProcReceive := git.CheckGitVersionAtLeast("2.29") == nil
+	supportProcReceive := false
+	if git.CheckGitVersionAtLeast("2.29") == nil {
+		supportProcReceive = true
+	}
 
 	for scanner.Scan() {
 		// TODO: support news feeds for wiki
@@ -258,7 +250,7 @@ Forgejo or set your environment appropriately.`, "")
 			newCommitIDs[count] = newCommitID
 			refFullNames[count] = refFullName
 			count++
-			fmt.Fprint(out, "*")
+			fmt.Fprintf(out, "*")
 
 			if count >= hookBatchSize {
 				fmt.Fprintf(out, " Checking %d references\n", count)
@@ -274,10 +266,10 @@ Forgejo or set your environment appropriately.`, "")
 				lastline = 0
 			}
 		} else {
-			fmt.Fprint(out, ".")
+			fmt.Fprintf(out, ".")
 		}
 		if lastline >= hookBatchSize {
-			fmt.Fprint(out, "\n")
+			fmt.Fprintf(out, "\n")
 			lastline = 0
 		}
 	}
@@ -294,7 +286,7 @@ Forgejo or set your environment appropriately.`, "")
 			return fail(ctx, extra.UserMsg, "HookPreReceive(last) failed: %v", extra.Error)
 		}
 	} else if lastline > 0 {
-		fmt.Fprint(out, "\n")
+		fmt.Fprintf(out, "\n")
 	}
 
 	fmt.Fprintf(out, "Checked %d references in total\n", total)
@@ -302,13 +294,13 @@ Forgejo or set your environment appropriately.`, "")
 }
 
 // runHookUpdate process the update hook: https://git-scm.com/docs/githooks#update
-func runHookUpdate(ctx context.Context, c *cli.Command) error {
+func runHookUpdate(c *cli.Context) error {
 	// Now if we're an internal don't do anything else
 	if isInternal, _ := strconv.ParseBool(os.Getenv(repo_module.EnvIsInternal)); isInternal {
 		return nil
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	if c.NArg() != 3 {
@@ -334,11 +326,11 @@ func runHookUpdate(ctx context.Context, c *cli.Command) error {
 	return fail(ctx, fmt.Sprintf("The modification of %s is skipped as it's an internal reference.", refFullName), "")
 }
 
-func runHookPostReceive(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runHookPostReceive(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), true)
+	setup(ctx, c.Bool("debug"))
 
 	// First of all run update-server-info no matter what
 	if _, _, err := git.NewCommand(ctx, "update-server-info").RunStdString(nil); err != nil {
@@ -410,7 +402,7 @@ Forgejo or set your environment appropriately.`, "")
 			continue
 		}
 
-		fmt.Fprint(out, ".")
+		fmt.Fprintf(out, ".")
 		oldCommitIDs[count] = string(fields[0])
 		newCommitIDs[count] = string(fields[1])
 		refFullNames[count] = git.RefName(fields[2])
@@ -498,11 +490,11 @@ func hookPrintResults(results []private.HookPostReceiveBranchResult) {
 	}
 }
 
-func runHookProcReceive(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runHookProcReceive(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), true)
+	setup(ctx, c.Bool("debug"))
 
 	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
 		if setting.OnlyAllowPushIfGiteaEnvironmentSet {

cmd/hook_test.go

@@ -6,6 +6,7 @@ package cmd
 import (
 	"bufio"
 	"bytes"
+	"context"
 	"io"
 	"net/http"
 	"net/http/httptest"
@@ -14,12 +15,12 @@ import (
 	"testing"
 	"time"
 
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/test"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // Capture what's being written into a standard file descriptor.
@@ -41,7 +42,7 @@ func captureOutput(t *testing.T, stdFD *os.File) (finish func() (output string))
 }
 
 func TestPktLine(t *testing.T) {
-	ctx := t.Context()
+	ctx := context.Background()
 
 	t.Run("Read", func(t *testing.T) {
 		s := strings.NewReader("0000")
@@ -134,14 +135,14 @@ func TestDelayWriter(t *testing.T) {
 	defer ts.Close()
 	defer test.MockVariableValue(&setting.LocalURL, ts.URL+"/")()
 
-	app := cli.Command{}
-	app.Commands = []*cli.Command{subcmdHookPreReceive()}
+	app := cli.NewApp()
+	app.Commands = []*cli.Command{subcmdHookPreReceive}
 
 	t.Run("Should delay", func(t *testing.T) {
 		defer test.MockVariableValue(&setting.Git.VerbosePushDelay, time.Millisecond*500)()
 		finish := captureOutput(t, os.Stdout)
 
-		err = app.Run(t.Context(), []string{"./forgejo", "pre-receive"})
+		err = app.Run([]string{"./forgejo", "pre-receive"})
 		require.NoError(t, err)
 		out := finish()
 
@@ -153,7 +154,7 @@ func TestDelayWriter(t *testing.T) {
 		defer test.MockVariableValue(&setting.Git.VerbosePushDelay, time.Second*5)()
 		finish := captureOutput(t, os.Stdout)
 
-		err = app.Run(t.Context(), []string{"./forgejo", "pre-receive"})
+		err = app.Run([]string{"./forgejo", "pre-receive"})
 		require.NoError(t, err)
 		out := finish()
 
@@ -163,15 +164,15 @@ func TestDelayWriter(t *testing.T) {
 }
 
 func TestRunHookUpdate(t *testing.T) {
-	app := cli.Command{}
-	app.Commands = []*cli.Command{subcmdHookUpdate()}
+	app := cli.NewApp()
+	app.Commands = []*cli.Command{subcmdHookUpdate}
 
 	t.Run("Removal of internal reference", func(t *testing.T) {
 		defer test.MockVariableValue(&cli.OsExiter, func(code int) {})()
 		defer test.MockVariableValue(&setting.IsProd, false)()
 		finish := captureOutput(t, os.Stderr)
 
-		err := app.Run(t.Context(), []string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"})
+		err := app.Run([]string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"})
 		out := finish()
 		require.Error(t, err)
 
@@ -183,7 +184,7 @@ func TestRunHookUpdate(t *testing.T) {
 		defer test.MockVariableValue(&setting.IsProd, false)()
 		finish := captureOutput(t, os.Stderr)
 
-		err := app.Run(t.Context(), []string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000001"})
+		err := app.Run([]string{"./forgejo", "update", "refs/pull/1/head", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000001"})
 		out := finish()
 		require.Error(t, err)
 
@@ -191,12 +192,12 @@ func TestRunHookUpdate(t *testing.T) {
 	})
 
 	t.Run("Removal of branch", func(t *testing.T) {
-		err := app.Run(t.Context(), []string{"./forgejo", "update", "refs/head/main", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"})
+		err := app.Run([]string{"./forgejo", "update", "refs/head/main", "0a51ae26bc73c47e2f754560c40904cf14ed51a9", "0000000000000000000000000000000000000000"})
 		require.NoError(t, err)
 	})
 
 	t.Run("Not enough arguments", func(t *testing.T) {
-		err := app.Run(t.Context(), []string{"./forgejo", "update"})
+		err := app.Run([]string{"./forgejo", "update"})
 		require.NoError(t, err)
 	})
 }

cmd/keys.go

@@ -4,55 +4,52 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"strings"
 
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/private"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdKeys represents the available keys sub-command
-func cmdKeys() *cli.Command {
-	return &cli.Command{
-		Name:        "keys",
-		Usage:       "(internal) Should only be called by SSH server",
-		Description: "Queries the Forgejo database to get the authorized command for a given ssh key fingerprint",
-		Before:      PrepareConsoleLoggerLevel(log.FATAL),
-		Action:      runKeys,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "expected",
-				Aliases: []string{"e"},
-				Value:   "git",
-				Usage:   "Expected user for whom provide key commands",
-			},
-			&cli.StringFlag{
-				Name:    "username",
-				Aliases: []string{"u"},
-				Value:   "",
-				Usage:   "Username trying to log in by SSH",
-			},
-			&cli.StringFlag{
-				Name:    "type",
-				Aliases: []string{"t"},
-				Value:   "",
-				Usage:   "Type of the SSH key provided to the SSH Server (requires content to be provided too)",
-			},
-			&cli.StringFlag{
-				Name:    "content",
-				Aliases: []string{"k"},
-				Value:   "",
-				Usage:   "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)",
-			},
+var CmdKeys = &cli.Command{
+	Name:        "keys",
+	Usage:       "(internal) Should only be called by SSH server",
+	Description: "Queries the Forgejo database to get the authorized command for a given ssh key fingerprint",
+	Before:      PrepareConsoleLoggerLevel(log.FATAL),
+	Action:      runKeys,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "expected",
+			Aliases: []string{"e"},
+			Value:   "git",
+			Usage:   "Expected user for whom provide key commands",
 		},
-	}
+		&cli.StringFlag{
+			Name:    "username",
+			Aliases: []string{"u"},
+			Value:   "",
+			Usage:   "Username trying to log in by SSH",
+		},
+		&cli.StringFlag{
+			Name:    "type",
+			Aliases: []string{"t"},
+			Value:   "",
+			Usage:   "Type of the SSH key provided to the SSH Server (requires content to be provided too)",
+		},
+		&cli.StringFlag{
+			Name:    "content",
+			Aliases: []string{"k"},
+			Value:   "",
+			Usage:   "Base64 encoded content of the SSH key provided to the SSH Server (requires type to be provided too)",
+		},
+	},
 }
 
-func runKeys(ctx context.Context, c *cli.Command) error {
+func runKeys(c *cli.Context) error {
 	if !c.IsSet("username") {
 		return errors.New("No username provided")
 	}
@@ -71,16 +68,16 @@ func runKeys(ctx context.Context, c *cli.Command) error {
 		return errors.New("No key type and content provided")
 	}
 
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), true)
+	setup(ctx, c.Bool("debug"))
 
 	authorizedString, extra := private.AuthorizedPublicKeyByContent(ctx, content)
 	// do not use handleCliResponseExtra or cli.NewExitError, if it exists immediately, it breaks some tests like Test_CmdKeys
 	if extra.Error != nil {
 		return extra.Error
 	}
-	_, _ = fmt.Fprintln(c.Root().Writer, strings.TrimSpace(authorizedString.Text))
+	_, _ = fmt.Fprintln(c.App.Writer, strings.TrimSpace(authorizedString.Text))
 	return nil
 }

cmd/mailer.go

@@ -4,17 +4,16 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
 
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func runSendMail(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runSendMail(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	setting.MustInstalled()

cmd/main.go

@@ -10,11 +10,11 @@ import (
 	"path/filepath"
 	"strings"
 
-	"forgejo.org/cmd/forgejo"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/cmd/forgejo"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // cmdHelp is our own help subcommand with more information
@@ -25,18 +25,18 @@ func cmdHelp() *cli.Command {
 		Aliases:   []string{"h"},
 		Usage:     "Shows a list of commands or help for one command",
 		ArgsUsage: "[command]",
-		Action: func(ctx context.Context, c *cli.Command) (err error) {
-			lineage := c.Lineage() // The order is from child to parent: help, doctor, Forgejo
+		Action: func(c *cli.Context) (err error) {
+			lineage := c.Lineage() // The order is from child to parent: help, doctor, Gitea, {Command:nil}
 			targetCmdIdx := 0
-			if c.Name == "help" {
+			if c.Command.Name == "help" {
 				targetCmdIdx = 1
 			}
-			if targetCmdIdx+1 < len(lineage) {
-				err = cli.ShowCommandHelp(ctx, lineage[targetCmdIdx+1], lineage[targetCmdIdx].Name)
+			if lineage[targetCmdIdx+1].Command != nil {
+				err = cli.ShowCommandHelp(lineage[targetCmdIdx+1], lineage[targetCmdIdx].Command.Name)
 			} else {
 				err = cli.ShowAppHelp(c)
 			}
-			_, _ = fmt.Fprintf(c.Root().Writer, `
+			_, _ = fmt.Fprintf(c.App.Writer, `
 DEFAULT CONFIGURATION:
    AppPath:    %s
    WorkPath:   %s
@@ -77,25 +77,25 @@ func appGlobalFlags() []cli.Flag {
 	}
 }
 
-func prepareSubcommandWithConfig(command *cli.Command, globalFlags func() []cli.Flag) {
-	command.Flags = append(globalFlags(), command.Flags...)
+func prepareSubcommandWithConfig(command *cli.Command, globalFlags []cli.Flag) {
+	command.Flags = append(append([]cli.Flag{}, globalFlags...), command.Flags...)
 	command.Action = prepareWorkPathAndCustomConf(command.Action)
 	command.HideHelp = true
 	if command.Name != "help" {
-		command.Commands = append(command.Commands, cmdHelp())
+		command.Subcommands = append(command.Subcommands, cmdHelp())
 	}
-	for i := range command.Commands {
-		prepareSubcommandWithConfig(command.Commands[i], globalFlags)
+	for i := range command.Subcommands {
+		prepareSubcommandWithConfig(command.Subcommands[i], globalFlags)
 	}
 }
 
 // prepareWorkPathAndCustomConf wraps the Action to prepare the work path and custom config
 // It can't use "Before", because each level's sub-command's Before will be called one by one, so the "init" would be done multiple times
-func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(_ context.Context, _ *cli.Command) error {
-	return func(ctx context.Context, cli *cli.Command) error {
+func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(ctx *cli.Context) error {
+	return func(ctx *cli.Context) error {
 		var args setting.ArgWorkPathAndCustomConf
 		// from children to parent, check the global flags
-		for _, curCtx := range cli.Lineage() {
+		for _, curCtx := range ctx.Lineage() {
 			if curCtx.IsSet("work-path") && args.WorkPath == "" {
 				args.WorkPath = curCtx.String("work-path")
 			}
@@ -107,24 +107,24 @@ func prepareWorkPathAndCustomConf(action cli.ActionFunc) func(_ context.Context,
 			}
 		}
 		setting.InitWorkPathAndCommonConfig(os.Getenv, args)
-		if cli.Bool("help") || action == nil {
+		if ctx.Bool("help") || action == nil {
 			// the default behavior of "urfave/cli": "nil action" means "show help"
-			return cmdHelp().Action(ctx, cli)
+			return cmdHelp().Action(ctx)
 		}
-		return action(ctx, cli)
+		return action(ctx)
 	}
 }
 
-func NewMainApp(version, versionExtra string) *cli.Command {
+func NewMainApp(version, versionExtra string) *cli.App {
 	path, err := os.Executable()
 	if err != nil {
 		panic(err)
 	}
 	executable := filepath.Base(path)
 
-	subCmdsStandalone := make([]*cli.Command, 0, 10)
-	subCmdWithConfig := make([]*cli.Command, 0, 10)
-	globalFlags := func() []cli.Flag { return []cli.Flag{} }
+	var subCmdsStandalone []*cli.Command = make([]*cli.Command, 0, 10)
+	var subCmdWithConfig []*cli.Command = make([]*cli.Command, 0, 10)
+	var globalFlags []cli.Flag = make([]cli.Flag, 0, 10)
 
 	//
 	// If the executable is forgejo-cli, provide a Forgejo specific CLI
@@ -133,16 +133,14 @@ func NewMainApp(version, versionExtra string) *cli.Command {
 	if executable == "forgejo-cli" {
 		subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdActions(context.Background()))
 		subCmdWithConfig = append(subCmdWithConfig, forgejo.CmdF3(context.Background()))
-		globalFlags = func() []cli.Flag {
-			return []cli.Flag{
-				&cli.BoolFlag{
-					Name: "quiet",
-				},
-				&cli.BoolFlag{
-					Name: "verbose",
-				},
-			}
-		}
+		globalFlags = append(globalFlags, []cli.Flag{
+			&cli.BoolFlag{
+				Name: "quiet",
+			},
+			&cli.BoolFlag{
+				Name: "verbose",
+			},
+		}...)
 	} else {
 		//
 		// Otherwise provide a Gitea compatible CLI which includes Forgejo
@@ -151,54 +149,55 @@ func NewMainApp(version, versionExtra string) *cli.Command {
 		// binary and rename it to forgejo if they want.
 		//
 		subCmdsStandalone = append(subCmdsStandalone, forgejo.CmdForgejo(context.Background()))
-		subCmdWithConfig = append(subCmdWithConfig, cmdActions())
+		subCmdWithConfig = append(subCmdWithConfig, CmdActions)
 	}
 
 	return innerNewMainApp(version, versionExtra, subCmdsStandalone, subCmdWithConfig, globalFlags)
 }
 
-func innerNewMainApp(version, versionExtra string, subCmdsStandaloneArgs, subCmdWithConfigArgs []*cli.Command, globalFlagsArgs func() []cli.Flag) *cli.Command {
-	app := &cli.Command{}
+func innerNewMainApp(version, versionExtra string, subCmdsStandaloneArgs, subCmdWithConfigArgs []*cli.Command, globalFlagsArgs []cli.Flag) *cli.App {
+	app := cli.NewApp()
+	app.HelpName = "forgejo"
 	app.Name = "Forgejo"
 	app.Usage = "Beyond coding. We forge."
 	app.Description = `By default, forgejo will start serving using the web-server with no argument, which can alternatively be run by running the subcommand "web".`
 	app.Version = version + versionExtra
-	app.EnableShellCompletion = true
+	app.EnableBashCompletion = true
 
 	// these sub-commands need to use config file
 	subCmdWithConfig := []*cli.Command{
 		cmdHelp(), // the "help" sub-command was used to show the more information for "work path" and "custom config"
-		cmdWeb(),
-		cmdServ(),
-		cmdHook(),
-		cmdKeys(),
-		cmdDump(),
-		cmdAdmin(),
-		cmdMigrate(),
-		cmdDoctor(),
-		cmdManager(),
-		cmdEmbedded(),
-		cmdMigrateStorage(),
-		cmdDumpRepository(),
-		cmdRestoreRepository(),
+		CmdWeb,
+		CmdServ,
+		CmdHook,
+		CmdKeys,
+		CmdDump,
+		CmdAdmin,
+		CmdMigrate,
+		CmdDoctor,
+		CmdManager,
+		CmdEmbedded,
+		CmdMigrateStorage,
+		CmdDumpRepository,
+		CmdRestoreRepository,
 	}
 
 	subCmdWithConfig = append(subCmdWithConfig, subCmdWithConfigArgs...)
 
 	// these sub-commands do not need the config file, and they do not depend on any path or environment variable.
 	subCmdStandalone := []*cli.Command{
-		cmdCert(),
-		cmdGenerate(),
+		CmdCert,
+		CmdGenerate,
+		CmdDocs,
 	}
 	subCmdStandalone = append(subCmdStandalone, subCmdsStandaloneArgs...)
 
-	app.DefaultCommand = cmdWeb().Name
+	app.DefaultCommand = CmdWeb.Name
 
-	globalFlags := func() []cli.Flag {
-		return append(appGlobalFlags(), globalFlagsArgs()...)
-	}
+	globalFlags := appGlobalFlags()
+	globalFlags = append(globalFlags, globalFlagsArgs...)
 	app.Flags = append(app.Flags, cli.VersionFlag)
-	app.Flags = append(app.Flags, globalFlags()...)
+	app.Flags = append(app.Flags, globalFlags...)
 	app.HideHelp = true // use our own help action to show helps (with more information like default config)
 	app.Before = PrepareConsoleLoggerLevel(log.INFO)
 	for i := range subCmdWithConfig {
@@ -207,12 +206,11 @@ func innerNewMainApp(version, versionExtra string, subCmdsStandaloneArgs, subCmd
 	app.Commands = append(app.Commands, subCmdWithConfig...)
 	app.Commands = append(app.Commands, subCmdStandalone...)
 
-	setting.InitGiteaEnvVars()
 	return app
 }
 
-func RunMainApp(app *cli.Command, args ...string) error {
-	err := app.Run(context.Background(), args)
+func RunMainApp(app *cli.App, args ...string) error {
+	err := app.Run(args)
 	if err == nil {
 		return nil
 	}
@@ -221,7 +219,7 @@ func RunMainApp(app *cli.Command, args ...string) error {
 		cli.OsExiter(1)
 		return err
 	}
-	_, _ = fmt.Fprintf(app.Root().ErrWriter, "Command error: %v\n", err)
+	_, _ = fmt.Fprintf(app.ErrWriter, "Command error: %v\n", err)
 	cli.OsExiter(1)
 	return err
 }

cmd/main_test.go

@@ -4,21 +4,20 @@
 package cmd
 
 import (
-	"context"
-	"errors"
 	"fmt"
 	"io"
+	"os"
 	"path/filepath"
 	"strings"
 	"testing"
 
-	"forgejo.org/models/unittest"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/test"
+	"code.gitea.io/gitea/models/unittest"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/test"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func TestMain(m *testing.M) {
@@ -29,10 +28,10 @@ func makePathOutput(workPath, customPath, customConf string) string {
 	return fmt.Sprintf("WorkPath=%s\nCustomPath=%s\nCustomConf=%s", workPath, customPath, customConf)
 }
 
-func newTestApp(testCmdAction func(_ context.Context, ctx *cli.Command) error) *cli.Command {
+func newTestApp(testCmdAction func(ctx *cli.Context) error) *cli.App {
 	app := NewMainApp("version", "version-extra")
 	testCmd := &cli.Command{Name: "test-cmd", Action: testCmdAction}
-	prepareSubcommandWithConfig(testCmd, appGlobalFlags)
+	prepareSubcommandWithConfig(testCmd, appGlobalFlags())
 	app.Commands = append(app.Commands, testCmd)
 	app.DefaultCommand = testCmd.Name
 	return app
@@ -44,7 +43,7 @@ type runResult struct {
 	ExitCode int
 }
 
-func runTestApp(app *cli.Command, args ...string) (runResult, error) {
+func runTestApp(app *cli.App, args ...string) (runResult, error) {
 	outBuf := new(strings.Builder)
 	errBuf := new(strings.Builder)
 	app.Writer = outBuf
@@ -67,6 +66,7 @@ func TestCliCmd(t *testing.T) {
 	defaultCustomConf := filepath.Join(defaultCustomPath, "conf/app.ini")
 
 	cli.CommandHelpTemplate = "(command help template)"
+	cli.AppHelpTemplate = "(app help template)"
 	cli.SubcommandHelpTemplate = "(subcommand help template)"
 
 	cases := []struct {
@@ -110,55 +110,70 @@ func TestCliCmd(t *testing.T) {
 		},
 	}
 
-	for _, c := range cases {
-		t.Run(c.cmd, func(t *testing.T) {
-			defer test.MockProtect(&setting.AppWorkPath)()
-			defer test.MockProtect(&setting.CustomPath)()
-			defer test.MockProtect(&setting.CustomConf)()
-
-			app := newTestApp(func(_ context.Context, ctx *cli.Command) error {
-				_, _ = fmt.Fprint(ctx.Root().Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
-				return nil
-			})
-
-			for k, v := range c.env {
-				t.Setenv(k, v)
+	app := newTestApp(func(ctx *cli.Context) error {
+		_, _ = fmt.Fprint(ctx.App.Writer, makePathOutput(setting.AppWorkPath, setting.CustomPath, setting.CustomConf))
+		return nil
+	})
+	var envBackup []string
+	for _, s := range os.Environ() {
+		if strings.HasPrefix(s, "GITEA_") && strings.Contains(s, "=") {
+			envBackup = append(envBackup, s)
+		}
+	}
+	clearGiteaEnv := func() {
+		for _, s := range os.Environ() {
+			if strings.HasPrefix(s, "GITEA_") {
+				_ = os.Unsetenv(s)
 			}
-			args := strings.Split(c.cmd, " ") // for test only, "split" is good enough
-			r, err := runTestApp(app, args...)
-			require.NoError(t, err, c.cmd)
-			assert.NotEmpty(t, c.exp, c.cmd)
-			assert.Contains(t, r.Stdout, c.exp, c.cmd+"\n"+r.Stdout)
-		})
+		}
+	}
+	defer func() {
+		clearGiteaEnv()
+		for _, s := range envBackup {
+			k, v, _ := strings.Cut(s, "=")
+			_ = os.Setenv(k, v)
+		}
+	}()
+
+	for _, c := range cases {
+		clearGiteaEnv()
+		for k, v := range c.env {
+			_ = os.Setenv(k, v)
+		}
+		args := strings.Split(c.cmd, " ") // for test only, "split" is good enough
+		r, err := runTestApp(app, args...)
+		require.NoError(t, err, c.cmd)
+		assert.NotEmpty(t, c.exp, c.cmd)
+		assert.Contains(t, r.Stdout, c.exp, c.cmd)
 	}
 }
 
 func TestCliCmdError(t *testing.T) {
-	app := newTestApp(func(_ context.Context, ctx *cli.Command) error { return errors.New("normal error") })
+	app := newTestApp(func(ctx *cli.Context) error { return fmt.Errorf("normal error") })
 	r, err := runTestApp(app, "./gitea", "test-cmd")
 	require.Error(t, err)
 	assert.Equal(t, 1, r.ExitCode)
-	assert.Empty(t, r.Stdout)
+	assert.Equal(t, "", r.Stdout)
 	assert.Equal(t, "Command error: normal error\n", r.Stderr)
 
-	app = newTestApp(func(_ context.Context, ctx *cli.Command) error { return cli.Exit("exit error", 2) })
+	app = newTestApp(func(ctx *cli.Context) error { return cli.Exit("exit error", 2) })
 	r, err = runTestApp(app, "./gitea", "test-cmd")
 	require.Error(t, err)
 	assert.Equal(t, 2, r.ExitCode)
-	assert.Empty(t, r.Stdout)
+	assert.Equal(t, "", r.Stdout)
 	assert.Equal(t, "exit error\n", r.Stderr)
 
-	app = newTestApp(func(_ context.Context, ctx *cli.Command) error { return nil })
+	app = newTestApp(func(ctx *cli.Context) error { return nil })
 	r, err = runTestApp(app, "./gitea", "test-cmd", "--no-such")
 	require.Error(t, err)
 	assert.Equal(t, 1, r.ExitCode)
-	assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stderr)
-	assert.Empty(t, r.Stdout)
+	assert.Equal(t, "Incorrect Usage: flag provided but not defined: -no-such\n\n", r.Stdout)
+	assert.Equal(t, "", r.Stderr) // the cli package's strange behavior, the error message is not in stderr ....
 
-	app = newTestApp(func(_ context.Context, ctx *cli.Command) error { return nil })
+	app = newTestApp(func(ctx *cli.Context) error { return nil })
 	r, err = runTestApp(app, "./gitea", "test-cmd")
 	require.NoError(t, err)
 	assert.Equal(t, -1, r.ExitCode) // the cli.OsExiter is not called
-	assert.Empty(t, r.Stdout)
-	assert.Empty(t, r.Stderr)
+	assert.Equal(t, "", r.Stdout)
+	assert.Equal(t, "", r.Stderr)
 }

cmd/manager.go

@@ -4,34 +4,30 @@
 package cmd
 
 import (
-	"context"
 	"os"
 	"time"
 
-	"forgejo.org/modules/private"
+	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-// CmdManager represents the manager command
-func cmdManager() *cli.Command {
-	return &cli.Command{
+var (
+	// CmdManager represents the manager command
+	CmdManager = &cli.Command{
 		Name:        "manager",
 		Usage:       "Manage the running forgejo process",
 		Description: "This is a command for managing the running forgejo process",
-		Commands: []*cli.Command{
-			subcmdShutdown(),
-			subcmdRestart(),
-			subcmdReloadTemplates(),
-			subcmdFlushQueues(),
-			subcmdLogging(),
-			subCmdProcesses(),
+		Subcommands: []*cli.Command{
+			subcmdShutdown,
+			subcmdRestart,
+			subcmdReloadTemplates,
+			subcmdFlushQueues,
+			subcmdLogging,
+			subCmdProcesses,
 		},
 	}
-}
-
-func subcmdShutdown() *cli.Command {
-	return &cli.Command{
+	subcmdShutdown = &cli.Command{
 		Name:  "shutdown",
 		Usage: "Gracefully shutdown the running process",
 		Flags: []cli.Flag{
@@ -41,10 +37,7 @@ func subcmdShutdown() *cli.Command {
 		},
 		Action: runShutdown,
 	}
-}
-
-func subcmdRestart() *cli.Command {
-	return &cli.Command{
+	subcmdRestart = &cli.Command{
 		Name:  "restart",
 		Usage: "Gracefully restart the running process - (not implemented for windows servers)",
 		Flags: []cli.Flag{
@@ -54,10 +47,7 @@ func subcmdRestart() *cli.Command {
 		},
 		Action: runRestart,
 	}
-}
-
-func subcmdReloadTemplates() *cli.Command {
-	return &cli.Command{
+	subcmdReloadTemplates = &cli.Command{
 		Name:  "reload-templates",
 		Usage: "Reload template files in the running process",
 		Flags: []cli.Flag{
@@ -67,10 +57,7 @@ func subcmdReloadTemplates() *cli.Command {
 		},
 		Action: runReloadTemplates,
 	}
-}
-
-func subcmdFlushQueues() *cli.Command {
-	return &cli.Command{
+	subcmdFlushQueues = &cli.Command{
 		Name:   "flush-queues",
 		Usage:  "Flush queues in the running process",
 		Action: runFlushQueues,
@@ -89,10 +76,7 @@ func subcmdFlushQueues() *cli.Command {
 			},
 		},
 	}
-}
-
-func subCmdProcesses() *cli.Command {
-	return &cli.Command{
+	subCmdProcesses = &cli.Command{
 		Name:   "processes",
 		Usage:  "Display running processes within the current process",
 		Action: runProcesses,
@@ -122,49 +106,49 @@ func subCmdProcesses() *cli.Command {
 			},
 		},
 	}
-}
+)
 
-func runShutdown(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runShutdown(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	extra := private.Shutdown(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runRestart(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRestart(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	extra := private.Restart(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runReloadTemplates(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runReloadTemplates(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	extra := private.ReloadTemplates(ctx)
 	return handleCliResponseExtra(extra)
 }
 
-func runFlushQueues(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runFlushQueues(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	extra := private.FlushQueues(ctx, c.Duration("timeout"), c.Bool("non-blocking"))
 	return handleCliResponseExtra(extra)
 }
 
-func runProcesses(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runProcesses(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	extra := private.Processes(ctx, os.Stdout, c.Bool("flat"), c.Bool("no-system"), c.Bool("stacktraces"), c.Bool("json"), c.String("cancel"))
 	return handleCliResponseExtra(extra)
 }

cmd/manager_logging.go

@@ -4,19 +4,18 @@
 package cmd
 
 import (
-	"context"
 	"errors"
 	"fmt"
 	"os"
 
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/private"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/private"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
-func defaultLoggingFlags() []cli.Flag {
-	return []cli.Flag{
+var (
+	defaultLoggingFlags = []cli.Flag{
 		&cli.StringFlag{
 			Name:  "logger",
 			Usage: `Logger name - will default to "default"`,
@@ -57,13 +56,11 @@ func defaultLoggingFlags() []cli.Flag {
 			Name: "debug",
 		},
 	}
-}
 
-func subcmdLogging() *cli.Command {
-	return &cli.Command{
+	subcmdLogging = &cli.Command{
 		Name:  "logging",
 		Usage: "Adjust logging commands",
-		Commands: []*cli.Command{
+		Subcommands: []*cli.Command{
 			{
 				Name:  "pause",
 				Usage: "Pause logging (Forgejo will buffer logs up to a certain point and will drop them after that point)",
@@ -107,11 +104,11 @@ func subcmdLogging() *cli.Command {
 			}, {
 				Name:  "add",
 				Usage: "Add a logger",
-				Commands: []*cli.Command{
+				Subcommands: []*cli.Command{
 					{
 						Name:  "file",
 						Usage: "Add a file logger",
-						Flags: append(defaultLoggingFlags(), []cli.Flag{
+						Flags: append(defaultLoggingFlags, []cli.Flag{
 							&cli.StringFlag{
 								Name:    "filename",
 								Aliases: []string{"f"},
@@ -155,7 +152,7 @@ func subcmdLogging() *cli.Command {
 					}, {
 						Name:  "conn",
 						Usage: "Add a net conn logger",
-						Flags: append(defaultLoggingFlags(), []cli.Flag{
+						Flags: append(defaultLoggingFlags, []cli.Flag{
 							&cli.BoolFlag{
 								Name:    "reconnect-on-message",
 								Aliases: []string{"R"},
@@ -196,13 +193,13 @@ func subcmdLogging() *cli.Command {
 			},
 		},
 	}
-}
+)
 
-func runRemoveLogger(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRemoveLogger(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	logger := c.String("logger")
 	if len(logger) == 0 {
 		logger = log.DEFAULT
@@ -213,11 +210,11 @@ func runRemoveLogger(ctx context.Context, c *cli.Command) error {
 	return handleCliResponseExtra(extra)
 }
 
-func runAddConnLogger(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runAddConnLogger(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	vals := map[string]any{}
 	mode := "conn"
 	vals["net"] = "tcp"
@@ -240,14 +237,14 @@ func runAddConnLogger(ctx context.Context, c *cli.Command) error {
 	if c.IsSet("reconnect-on-message") {
 		vals["reconnectOnMsg"] = c.Bool("reconnect-on-message")
 	}
-	return commonAddLogger(ctx, c, mode, vals)
+	return commonAddLogger(c, mode, vals)
 }
 
-func runAddFileLogger(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runAddFileLogger(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	vals := map[string]any{}
 	mode := "file"
 	if c.IsSet("filename") {
@@ -273,10 +270,10 @@ func runAddFileLogger(ctx context.Context, c *cli.Command) error {
 	if c.IsSet("compression-level") {
 		vals["compressionLevel"] = c.Int("compression-level")
 	}
-	return commonAddLogger(ctx, c, mode, vals)
+	return commonAddLogger(c, mode, vals)
 }
 
-func commonAddLogger(ctx context.Context, c *cli.Command, mode string, vals map[string]any) error {
+func commonAddLogger(c *cli.Context, mode string, vals map[string]any) error {
 	if len(c.String("level")) > 0 {
 		vals["level"] = log.LevelFromString(c.String("level")).String()
 	}
@@ -303,47 +300,47 @@ func commonAddLogger(ctx context.Context, c *cli.Command, mode string, vals map[
 	if c.IsSet("writer") {
 		writer = c.String("writer")
 	}
-	ctx, cancel := installSignals(ctx)
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	extra := private.AddLogger(ctx, logger, writer, mode, vals)
 	return handleCliResponseExtra(extra)
 }
 
-func runPauseLogging(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runPauseLogging(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	userMsg := private.PauseLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runResumeLogging(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runResumeLogging(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	userMsg := private.ResumeLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runReleaseReopenLogging(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runReleaseReopenLogging(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 	userMsg := private.ReleaseReopenLogging(ctx)
 	_, _ = fmt.Fprintln(os.Stdout, userMsg)
 	return nil
 }
 
-func runSetLogSQL(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runSetLogSQL(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
-	setup(ctx, c.Bool("debug"), false)
+	setup(ctx, c.Bool("debug"))
 
 	extra := private.SetLogSQL(ctx, !c.Bool("off"))
 	return handleCliResponseExtra(extra)

cmd/migrate.go

@@ -6,26 +6,24 @@ package cmd
 import (
 	"context"
 
-	"forgejo.org/models/db"
-	"forgejo.org/models/migrations"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/migrations"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdMigrate represents the available migrate sub-command.
-func cmdMigrate() *cli.Command {
-	return &cli.Command{
-		Name:        "migrate",
-		Usage:       "Migrate the database",
-		Description: "This is a command for migrating the database, so that you can run 'forgejo admin user create' before starting the server.",
-		Action:      runMigrate,
-	}
+var CmdMigrate = &cli.Command{
+	Name:        "migrate",
+	Usage:       "Migrate the database",
+	Description: "This is a command for migrating the database, so that you can run 'forgejo admin user create' before starting the server.",
+	Action:      runMigrate,
 }
 
-func runMigrate(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runMigrate(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(stdCtx); err != nil {
@@ -38,13 +36,7 @@ func runMigrate(stdCtx context.Context, ctx *cli.Command) error {
 	log.Info("Log path: %s", setting.Log.RootPath)
 	log.Info("Configuration file: %s", setting.CustomConf)
 
-	if err := db.InitEngineWithMigration(context.Background(), func(dbEngine db.Engine) error {
-		masterEngine, err := db.GetMasterEngine(dbEngine)
-		if err != nil {
-			return err
-		}
-		return migrations.Migrate(masterEngine)
-	}); err != nil {
+	if err := db.InitEngineWithMigration(context.Background(), migrations.Migrate); err != nil {
 		log.Fatal("Failed to initialize ORM engine: %v", err)
 		return err
 	}

cmd/migrate_storage.go

@@ -10,93 +10,90 @@ import (
 	"io/fs"
 	"strings"
 
-	actions_model "forgejo.org/models/actions"
-	"forgejo.org/models/db"
-	git_model "forgejo.org/models/git"
-	"forgejo.org/models/migrations"
-	packages_model "forgejo.org/models/packages"
-	repo_model "forgejo.org/models/repo"
-	user_model "forgejo.org/models/user"
-	"forgejo.org/modules/log"
-	packages_module "forgejo.org/modules/packages"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/storage"
+	actions_model "code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/models/db"
+	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/models/migrations"
+	packages_model "code.gitea.io/gitea/models/packages"
+	repo_model "code.gitea.io/gitea/models/repo"
+	user_model "code.gitea.io/gitea/models/user"
+	"code.gitea.io/gitea/modules/log"
+	packages_module "code.gitea.io/gitea/modules/packages"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/storage"
 
-	"github.com/urfave/cli/v3"
-	"xorm.io/xorm"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdMigrateStorage represents the available migrate storage sub-command.
-func cmdMigrateStorage() *cli.Command {
-	return &cli.Command{
-		Name:        "migrate-storage",
-		Usage:       "Migrate the storage",
-		Description: "Copies stored files from storage configured in app.ini to parameter-configured storage",
-		Action:      runMigrateStorage,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "type",
-				Aliases: []string{"t"},
-				Value:   "",
-				Usage:   "Type of stored files to copy.  Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages', 'actions-log', 'actions-artifacts'",
-			},
-			&cli.StringFlag{
-				Name:    "storage",
-				Aliases: []string{"s"},
-				Value:   "",
-				Usage:   "New storage type: local (default) or minio",
-			},
-			&cli.StringFlag{
-				Name:    "path",
-				Aliases: []string{"p"},
-				Value:   "",
-				Usage:   "New storage placement if store is local (leave blank for default)",
-			},
-			&cli.StringFlag{
-				Name:  "minio-endpoint",
-				Value: "",
-				Usage: "Minio storage endpoint",
-			},
-			&cli.StringFlag{
-				Name:  "minio-access-key-id",
-				Value: "",
-				Usage: "Minio storage accessKeyID",
-			},
-			&cli.StringFlag{
-				Name:  "minio-secret-access-key",
-				Value: "",
-				Usage: "Minio storage secretAccessKey",
-			},
-			&cli.StringFlag{
-				Name:  "minio-bucket",
-				Value: "",
-				Usage: "Minio storage bucket",
-			},
-			&cli.StringFlag{
-				Name:  "minio-location",
-				Value: "",
-				Usage: "Minio storage location to create bucket",
-			},
-			&cli.StringFlag{
-				Name:  "minio-base-path",
-				Value: "",
-				Usage: "Minio storage base path on the bucket",
-			},
-			&cli.BoolFlag{
-				Name:  "minio-use-ssl",
-				Usage: "Enable SSL for minio",
-			},
-			&cli.BoolFlag{
-				Name:  "minio-insecure-skip-verify",
-				Usage: "Skip SSL verification",
-			},
-			&cli.StringFlag{
-				Name:  "minio-checksum-algorithm",
-				Value: "",
-				Usage: "Minio checksum algorithm (default/md5)",
-			},
+var CmdMigrateStorage = &cli.Command{
+	Name:        "migrate-storage",
+	Usage:       "Migrate the storage",
+	Description: "Copies stored files from storage configured in app.ini to parameter-configured storage",
+	Action:      runMigrateStorage,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "type",
+			Aliases: []string{"t"},
+			Value:   "",
+			Usage:   "Type of stored files to copy.  Allowed types: 'attachments', 'lfs', 'avatars', 'repo-avatars', 'repo-archivers', 'packages', 'actions-log', 'actions-artifacts'",
 		},
-	}
+		&cli.StringFlag{
+			Name:    "storage",
+			Aliases: []string{"s"},
+			Value:   "",
+			Usage:   "New storage type: local (default) or minio",
+		},
+		&cli.StringFlag{
+			Name:    "path",
+			Aliases: []string{"p"},
+			Value:   "",
+			Usage:   "New storage placement if store is local (leave blank for default)",
+		},
+		&cli.StringFlag{
+			Name:  "minio-endpoint",
+			Value: "",
+			Usage: "Minio storage endpoint",
+		},
+		&cli.StringFlag{
+			Name:  "minio-access-key-id",
+			Value: "",
+			Usage: "Minio storage accessKeyID",
+		},
+		&cli.StringFlag{
+			Name:  "minio-secret-access-key",
+			Value: "",
+			Usage: "Minio storage secretAccessKey",
+		},
+		&cli.StringFlag{
+			Name:  "minio-bucket",
+			Value: "",
+			Usage: "Minio storage bucket",
+		},
+		&cli.StringFlag{
+			Name:  "minio-location",
+			Value: "",
+			Usage: "Minio storage location to create bucket",
+		},
+		&cli.StringFlag{
+			Name:  "minio-base-path",
+			Value: "",
+			Usage: "Minio storage base path on the bucket",
+		},
+		&cli.BoolFlag{
+			Name:  "minio-use-ssl",
+			Usage: "Enable SSL for minio",
+		},
+		&cli.BoolFlag{
+			Name:  "minio-insecure-skip-verify",
+			Usage: "Skip SSL verification",
+		},
+		&cli.StringFlag{
+			Name:  "minio-checksum-algorithm",
+			Value: "",
+			Usage: "Minio checksum algorithm (default/md5)",
+		},
+	},
 }
 
 func migrateAttachments(ctx context.Context, dstStorage storage.ObjectStorage) error {
@@ -184,8 +181,8 @@ func migrateActionsArtifacts(ctx context.Context, dstStorage storage.ObjectStora
 	})
 }
 
-func runMigrateStorage(stdCtx context.Context, ctx *cli.Command) error {
-	stdCtx, cancel := installSignals(stdCtx)
+func runMigrateStorage(ctx *cli.Context) error {
+	stdCtx, cancel := installSignals()
 	defer cancel()
 
 	if err := initDB(stdCtx); err != nil {
@@ -198,9 +195,7 @@ func runMigrateStorage(stdCtx context.Context, ctx *cli.Command) error {
 	log.Info("Log path: %s", setting.Log.RootPath)
 	log.Info("Configuration file: %s", setting.CustomConf)
 
-	if err := db.InitEngineWithMigration(context.Background(), func(e db.Engine) error {
-		return migrations.Migrate(e.(*xorm.Engine))
-	}); err != nil {
+	if err := db.InitEngineWithMigration(context.Background(), migrations.Migrate); err != nil {
 		log.Fatal("Failed to initialize ORM engine: %v", err)
 		return err
 	}

cmd/migrate_storage_test.go

@@ -4,21 +4,22 @@
 package cmd
 
 import (
+	"context"
 	"io"
 	"os"
 	"strings"
 	"testing"
 
-	"forgejo.org/models/actions"
-	"forgejo.org/models/db"
-	"forgejo.org/models/packages"
-	"forgejo.org/models/unittest"
-	user_model "forgejo.org/models/user"
-	packages_module "forgejo.org/modules/packages"
-	"forgejo.org/modules/setting"
-	"forgejo.org/modules/storage"
-	"forgejo.org/modules/test"
-	packages_service "forgejo.org/services/packages"
+	"code.gitea.io/gitea/models/actions"
+	"code.gitea.io/gitea/models/db"
+	"code.gitea.io/gitea/models/packages"
+	"code.gitea.io/gitea/models/unittest"
+	user_model "code.gitea.io/gitea/models/user"
+	packages_module "code.gitea.io/gitea/modules/packages"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/storage"
+	"code.gitea.io/gitea/modules/test"
+	packages_service "code.gitea.io/gitea/services/packages"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -30,7 +31,7 @@ func createLocalStorage(t *testing.T) (storage.ObjectStorage, string) {
 	p := t.TempDir()
 
 	storage, err := storage.NewLocalStorage(
-		t.Context(),
+		context.Background(),
 		&setting.Storage{
 			Path: p,
 		})
@@ -71,7 +72,7 @@ func TestMigratePackages(t *testing.T) {
 	assert.NotNil(t, v)
 	assert.NotNil(t, f)
 
-	ctx := t.Context()
+	ctx := context.Background()
 
 	dstStorage, p := createLocalStorage(t)
 
@@ -81,8 +82,8 @@ func TestMigratePackages(t *testing.T) {
 	entries, err := os.ReadDir(p)
 	require.NoError(t, err)
 	assert.Len(t, entries, 2)
-	assert.Equal(t, "01", entries[0].Name())
-	assert.Equal(t, "tmp", entries[1].Name())
+	assert.EqualValues(t, "01", entries[0].Name())
+	assert.EqualValues(t, "tmp", entries[1].Name())
 }
 
 func TestMigrateActionsArtifacts(t *testing.T) {

cmd/restore_repo.go

@@ -4,55 +4,52 @@
 package cmd
 
 import (
-	"context"
 	"strings"
 
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // CmdRestoreRepository represents the available restore a repository sub-command.
-func cmdRestoreRepository() *cli.Command {
-	return &cli.Command{
-		Name:        "restore-repo",
-		Usage:       "Restore the repository from disk",
-		Description: "This is a command for restoring the repository data.",
-		Action:      runRestoreRepository,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "repo_dir",
-				Aliases: []string{"r"},
-				Value:   "./data",
-				Usage:   "Repository dir path to restore from",
-			},
-			&cli.StringFlag{
-				Name:  "owner_name",
-				Value: "",
-				Usage: "Restore destination owner name",
-			},
-			&cli.StringFlag{
-				Name:  "repo_name",
-				Value: "",
-				Usage: "Restore destination repository name",
-			},
-			&cli.StringFlag{
-				Name:  "units",
-				Value: "",
-				Usage: `Which items will be restored, one or more units should be separated as comma.
-wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
-			},
-			&cli.BoolFlag{
-				Name:  "validation",
-				Usage: "Sanity check the content of the files before trying to load them",
-			},
+var CmdRestoreRepository = &cli.Command{
+	Name:        "restore-repo",
+	Usage:       "Restore the repository from disk",
+	Description: "This is a command for restoring the repository data.",
+	Action:      runRestoreRepository,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "repo_dir",
+			Aliases: []string{"r"},
+			Value:   "./data",
+			Usage:   "Repository dir path to restore from",
 		},
-	}
+		&cli.StringFlag{
+			Name:  "owner_name",
+			Value: "",
+			Usage: "Restore destination owner name",
+		},
+		&cli.StringFlag{
+			Name:  "repo_name",
+			Value: "",
+			Usage: "Restore destination repository name",
+		},
+		&cli.StringFlag{
+			Name:  "units",
+			Value: "",
+			Usage: `Which items will be restored, one or more units should be separated as comma.
+wiki, issues, labels, releases, release_assets, milestones, pull_requests, comments are allowed. Empty means all units.`,
+		},
+		&cli.BoolFlag{
+			Name:  "validation",
+			Usage: "Sanity check the content of the files before trying to load them",
+		},
+	},
 }
 
-func runRestoreRepository(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runRestoreRepository(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	setting.MustInstalled()

cmd/serv.go

@@ -18,22 +18,22 @@ import (
 	"time"
 	"unicode"
 
-	asymkey_model "forgejo.org/models/asymkey"
-	git_model "forgejo.org/models/git"
-	"forgejo.org/models/perm"
-	"forgejo.org/modules/git"
-	"forgejo.org/modules/json"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/pprof"
-	"forgejo.org/modules/private"
-	"forgejo.org/modules/process"
-	repo_module "forgejo.org/modules/repository"
-	"forgejo.org/modules/setting"
-	"forgejo.org/services/lfs"
+	asymkey_model "code.gitea.io/gitea/models/asymkey"
+	git_model "code.gitea.io/gitea/models/git"
+	"code.gitea.io/gitea/models/perm"
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/json"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/pprof"
+	"code.gitea.io/gitea/modules/private"
+	"code.gitea.io/gitea/modules/process"
+	repo_module "code.gitea.io/gitea/modules/repository"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/services/lfs"
 
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/kballard/go-shellquote"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 const (
@@ -41,40 +41,35 @@ const (
 )
 
 // CmdServ represents the available serv sub-command.
-func cmdServ() *cli.Command {
-	return &cli.Command{
-		Name:        "serv",
-		Usage:       "(internal) Should only be called by SSH shell",
-		Description: "Serv provides access auth for repositories",
-		Before:      PrepareConsoleLoggerLevel(log.FATAL),
-		Action:      runServ,
-		Flags: []cli.Flag{
-			&cli.BoolFlag{
-				Name: "enable-pprof",
-			},
-			&cli.BoolFlag{
-				Name: "debug",
-			},
+var CmdServ = &cli.Command{
+	Name:        "serv",
+	Usage:       "(internal) Should only be called by SSH shell",
+	Description: "Serv provides access auth for repositories",
+	Before:      PrepareConsoleLoggerLevel(log.FATAL),
+	Action:      runServ,
+	Flags: []cli.Flag{
+		&cli.BoolFlag{
+			Name: "enable-pprof",
 		},
-	}
+		&cli.BoolFlag{
+			Name: "debug",
+		},
+	},
 }
 
-func setup(ctx context.Context, debug, gitNeeded bool) {
+func setup(ctx context.Context, debug bool) {
 	if debug {
 		setupConsoleLogger(log.TRACE, false, os.Stderr)
 	} else {
 		setupConsoleLogger(log.FATAL, false, os.Stderr)
 	}
 	setting.MustInstalled()
-	// Sanity check to ensure path is not relative, see: https://github.com/go-gitea/gitea/pull/19317
 	if _, err := os.Stat(setting.RepoRootPath); err != nil {
 		_ = fail(ctx, "Unable to access repository path", "Unable to access repository path %q, err: %v", setting.RepoRootPath, err)
 		return
 	}
-	if gitNeeded {
-		if err := git.InitSimple(context.Background()); err != nil {
-			_ = fail(ctx, "Failed to init git", "Failed to init git, err: %v", err)
-		}
+	if err := git.InitSimple(context.Background()); err != nil {
+		_ = fail(ctx, "Failed to init git", "Failed to init git, err: %v", err)
 	}
 }
 
@@ -133,12 +128,12 @@ func handleCliResponseExtra(extra private.ResponseExtra) error {
 	return nil
 }
 
-func runServ(ctx context.Context, c *cli.Command) error {
-	ctx, cancel := installSignals(ctx)
+func runServ(c *cli.Context) error {
+	ctx, cancel := installSignals()
 	defer cancel()
 
 	// FIXME: This needs to internationalised
-	setup(ctx, c.Bool("debug"), true)
+	setup(ctx, c.Bool("debug"))
 
 	if setting.SSH.Disabled {
 		fmt.Println("Forgejo: SSH has been disabled")
@@ -196,7 +191,7 @@ func runServ(ctx context.Context, c *cli.Command) error {
 		if git.CheckGitVersionAtLeast("2.29") == nil {
 			// for AGit Flow
 			if cmd == "ssh_info" {
-				fmt.Print(`{"type":"agit","version":1}`)
+				fmt.Print(`{"type":"gitea","version":1}`)
 				return nil
 			}
 		}
@@ -258,12 +253,11 @@ func runServ(ctx context.Context, c *cli.Command) error {
 	}
 
 	if verb == lfsAuthenticateVerb {
-		switch lfsVerb {
-		case "upload":
+		if lfsVerb == "upload" {
 			requestedMode = perm.AccessModeWrite
-		case "download":
+		} else if lfsVerb == "download" {
 			requestedMode = perm.AccessModeRead
-		default:
+		} else {
 			return fail(ctx, "Unknown LFS verb", "Unknown lfs verb %s", lfsVerb)
 		}
 	}

cmd/web.go

@@ -12,64 +12,61 @@ import (
 	"path/filepath"
 	"strconv"
 	"strings"
-	"time"
 
 	_ "net/http/pprof" // Used for debugging if enabled and a web server is running
 
-	"forgejo.org/modules/container"
-	"forgejo.org/modules/graceful"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/process"
-	"forgejo.org/modules/public"
-	"forgejo.org/modules/setting"
-	"forgejo.org/routers"
-	"forgejo.org/routers/install"
+	"code.gitea.io/gitea/modules/container"
+	"code.gitea.io/gitea/modules/graceful"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/process"
+	"code.gitea.io/gitea/modules/public"
+	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/routers"
+	"code.gitea.io/gitea/routers/install"
 
 	"github.com/felixge/fgprof"
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 // PIDFile could be set from build tag
 var PIDFile = "/run/gitea.pid"
 
 // CmdWeb represents the available web sub-command.
-func cmdWeb() *cli.Command {
-	return &cli.Command{
-		Name:  "web",
-		Usage: "Start the Forgejo web server",
-		Description: `The Forgejo web server is the only thing you need to run,
+var CmdWeb = &cli.Command{
+	Name:  "web",
+	Usage: "Start the Forgejo web server",
+	Description: `The Forgejo web server is the only thing you need to run,
 and it takes care of all the other things for you`,
-		Before: PrepareConsoleLoggerLevel(log.INFO),
-		Action: runWeb,
-		Flags: []cli.Flag{
-			&cli.StringFlag{
-				Name:    "port",
-				Aliases: []string{"p"},
-				Value:   "3000",
-				Usage:   "Temporary port number to prevent conflict",
-			},
-			&cli.StringFlag{
-				Name:  "install-port",
-				Value: "3000",
-				Usage: "Temporary port number to run the install page on to prevent conflict",
-			},
-			&cli.StringFlag{
-				Name:    "pid",
-				Aliases: []string{"P"},
-				Value:   PIDFile,
-				Usage:   "Custom pid file path",
-			},
-			&cli.BoolFlag{
-				Name:    "quiet",
-				Aliases: []string{"q"},
-				Usage:   "Only display Fatal logging errors until logging is set-up",
-			},
-			&cli.BoolFlag{
-				Name:  "verbose",
-				Usage: "Set initial logging to TRACE level until logging is properly set-up",
-			},
+	Before: PrepareConsoleLoggerLevel(log.INFO),
+	Action: runWeb,
+	Flags: []cli.Flag{
+		&cli.StringFlag{
+			Name:    "port",
+			Aliases: []string{"p"},
+			Value:   "3000",
+			Usage:   "Temporary port number to prevent conflict",
 		},
-	}
+		&cli.StringFlag{
+			Name:  "install-port",
+			Value: "3000",
+			Usage: "Temporary port number to run the install page on to prevent conflict",
+		},
+		&cli.StringFlag{
+			Name:    "pid",
+			Aliases: []string{"P"},
+			Value:   PIDFile,
+			Usage:   "Custom pid file path",
+		},
+		&cli.BoolFlag{
+			Name:    "quiet",
+			Aliases: []string{"q"},
+			Usage:   "Only display Fatal logging errors until logging is set-up",
+		},
+		&cli.BoolFlag{
+			Name:  "verbose",
+			Usage: "Set initial logging to TRACE level until logging is properly set-up",
+		},
+	},
 }
 
 func runHTTPRedirector() {
@@ -118,19 +115,9 @@ func showWebStartupMessage(msg string) {
 	log.Info("* CustomPath: %s", setting.CustomPath)
 	log.Info("* ConfigFile: %s", setting.CustomConf)
 	log.Info("%s", msg) // show startup message
-
-	if setting.CORSConfig.Enabled {
-		log.Info("CORS Service Enabled")
-	}
-	if setting.DefaultUILocation != time.Local {
-		log.Info("Default UI Location is %v", setting.DefaultUILocation.String())
-	}
-	if setting.MailService != nil {
-		log.Info("Mail Service Enabled: RegisterEmailConfirm=%v, Service.EnableNotifyMail=%v", setting.Service.RegisterEmailConfirm, setting.Service.EnableNotifyMail)
-	}
 }
 
-func serveInstall(_ context.Context, ctx *cli.Command) error {
+func serveInstall(ctx *cli.Context) error {
 	showWebStartupMessage("Prepare to run install page")
 
 	routers.InitWebInstallPage(graceful.GetManager().HammerContext())
@@ -163,7 +150,7 @@ func serveInstall(_ context.Context, ctx *cli.Command) error {
 	return nil
 }
 
-func serveInstalled(_ context.Context, ctx *cli.Command) error {
+func serveInstalled(ctx *cli.Context) error {
 	setting.InitCfgProvider(setting.CustomConf)
 	setting.LoadCommonSettings()
 	setting.MustInstalled()
@@ -197,9 +184,12 @@ func serveInstalled(_ context.Context, ctx *cli.Command) error {
 	publicFilesSet.Remove(".well-known")
 	publicFilesSet.Remove("assets")
 	publicFilesSet.Remove("robots.txt")
-	for fn := range publicFilesSet.Seq() {
+	for _, fn := range publicFilesSet.Values() {
 		log.Error("Found legacy public asset %q in CustomPath. Please move it to %s/public/assets/%s", fn, setting.CustomPath, fn)
 	}
+	if _, err := os.Stat(filepath.Join(setting.CustomPath, "robots.txt")); err == nil {
+		log.Error(`Found legacy public asset "robots.txt" in CustomPath. Please move it to %s/public/robots.txt`, setting.CustomPath)
+	}
 
 	routers.InitWebInstalled(graceful.GetManager().HammerContext())
 
@@ -235,7 +225,7 @@ func servePprof() {
 	finished()
 }
 
-func runWeb(ctx context.Context, cli *cli.Command) error {
+func runWeb(ctx *cli.Context) error {
 	defer func() {
 		if panicked := recover(); panicked != nil {
 			log.Fatal("PANIC: %v\n%s", panicked, log.Stack(2))
@@ -253,12 +243,12 @@ func runWeb(ctx context.Context, cli *cli.Command) error {
 	}
 
 	// Set pid file setting
-	if cli.IsSet("pid") {
-		createPIDFile(cli.String("pid"))
+	if ctx.IsSet("pid") {
+		createPIDFile(ctx.String("pid"))
 	}
 
 	if !setting.InstallLock {
-		if err := serveInstall(ctx, cli); err != nil {
+		if err := serveInstall(ctx); err != nil {
 			return err
 		}
 	} else {
@@ -269,7 +259,7 @@ func runWeb(ctx context.Context, cli *cli.Command) error {
 		go servePprof()
 	}
 
-	return serveInstalled(ctx, cli)
+	return serveInstalled(ctx)
 }
 
 func setPort(port string) error {

cmd/web_acme.go

@@ -12,10 +12,10 @@ import (
 	"strconv"
 	"strings"
 
-	"forgejo.org/modules/graceful"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/process"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/graceful"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/process"
+	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/caddyserver/certmagic"
 )
@@ -54,8 +54,8 @@ func runACME(listenAddr string, m http.Handler) error {
 		altTLSALPNPort = p
 	}
 
-	certmagic.Default.Storage = &certmagic.FileStorage{Path: setting.AcmeLiveDirectory}
-
+	magic := certmagic.NewDefault()
+	magic.Storage = &certmagic.FileStorage{Path: setting.AcmeLiveDirectory}
 	// Try to use private CA root if provided, otherwise defaults to system's trust
 	var certPool *x509.CertPool
 	if setting.AcmeCARoot != "" {
@@ -65,8 +65,7 @@ func runACME(listenAddr string, m http.Handler) error {
 			log.Warn("Failed to parse CA Root certificate, using default CA trust: %v", err)
 		}
 	}
-
-	certmagic.DefaultACME = certmagic.ACMEIssuer{
+	myACME := certmagic.NewACMEIssuer(magic, certmagic.ACMEIssuer{
 		CA:                      setting.AcmeURL,
 		TrustedRoots:            certPool,
 		Email:                   setting.AcmeEmail,
@@ -76,11 +75,7 @@ func runACME(listenAddr string, m http.Handler) error {
 		ListenHost:              setting.HTTPAddr,
 		AltTLSALPNPort:          altTLSALPNPort,
 		AltHTTPPort:             altHTTPPort,
-	}
-
-	magic := certmagic.NewDefault()
-
-	myACME := certmagic.NewACMEIssuer(magic, certmagic.DefaultACME)
+	})
 
 	magic.Issuers = []certmagic.Issuer{myACME}
 

cmd/web_graceful.go

@@ -9,9 +9,9 @@ import (
 	"net/http/fcgi"
 	"strings"
 
-	"forgejo.org/modules/graceful"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/graceful"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 )
 
 func runHTTP(network, listenAddr, name string, m http.Handler, useProxyProtocol bool) error {

cmd/web_https.go

@@ -9,9 +9,9 @@ import (
 	"os"
 	"strings"
 
-	"forgejo.org/modules/graceful"
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/graceful"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 
 	"github.com/klauspost/cpuid/v2"
 )

contrib/backport/README

@@ -0,0 +1,41 @@
+`backport`
+==========
+
+`backport` is a command to help create backports of PRs. It backports a
+provided PR from main on to a released version.
+
+It will create a backport branch, cherry-pick the PR's merge commit, adjust
+the commit message and then push this back up to your fork's remote.
+
+The default version will read from `docs/config.yml`. You can override this
+using the option `--version`.
+
+The upstream branches will be fetched, using the remote `origin`. This can
+be overridden using `--upstream`, and fetching can be avoided using
+`--no-fetch`.
+
+By default the branch created will be called `backport-$PR-$VERSION`. You
+can override this using the option `--backport-branch`. This branch will
+be created from `--release-branch` which is `release/$(VERSION)`
+by default and will be pulled from `$(UPSTREAM)`.
+
+The merge-commit as determined by the github API will be used as the SHA to
+cherry-pick. You can override this using `--cherry-pick`.
+
+The commit message will be amended to add the `Backport` header.
+`--no-amend-message` can be set to stop this from happening.
+
+If cherry-pick is successful the backported branch will be pushed up to your
+fork using your remote. These will be determined using `git remote -v`. You
+can set your fork name using `--fork-user` and your remote name using
+`--remote`. You can avoid pushing using `--no-push`.
+
+If the push is successful, `xdg-open` will be called to open a backport url.
+You can stop this using `--no-xdg-open`.
+
+Installation
+============
+
+```bash
+go install contrib/backport/backport.go
+```

contrib/backport/backport.go

@@ -0,0 +1,474 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+//nolint:forbidigo
+package main
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"net/http"
+	"os"
+	"os/exec"
+	"os/signal"
+	"path"
+	"strconv"
+	"strings"
+	"syscall"
+
+	"github.com/google/go-github/v64/github"
+	"github.com/urfave/cli/v2"
+	"gopkg.in/yaml.v3"
+)
+
+const defaultVersion = "v1.18" // to backport to
+
+func main() {
+	app := cli.NewApp()
+	app.Name = "backport"
+	app.Usage = "Backport provided PR-number on to the current or previous released version"
+	app.Description = `Backport will look-up the PR in Gitea's git log and attempt to cherry-pick it on the current version`
+	app.ArgsUsage = "<PR-to-backport>"
+
+	app.Flags = []cli.Flag{
+		&cli.StringFlag{
+			Name:  "version",
+			Usage: "Version branch to backport on to",
+		},
+		&cli.StringFlag{
+			Name:  "upstream",
+			Value: "origin",
+			Usage: "Upstream remote for the Gitea upstream",
+		},
+		&cli.StringFlag{
+			Name:  "release-branch",
+			Value: "",
+			Usage: "Release branch to backport on. Will default to release/<version>",
+		},
+		&cli.StringFlag{
+			Name:  "cherry-pick",
+			Usage: "SHA to cherry-pick as backport",
+		},
+		&cli.StringFlag{
+			Name:  "backport-branch",
+			Usage: "Backport branch to backport on to (default: backport-<pr>-<version>",
+		},
+		&cli.StringFlag{
+			Name:  "remote",
+			Value: "",
+			Usage: "Remote for your fork of the Gitea upstream",
+		},
+		&cli.StringFlag{
+			Name:  "fork-user",
+			Value: "",
+			Usage: "Forked user name on Github",
+		},
+		&cli.BoolFlag{
+			Name:  "no-fetch",
+			Usage: "Set this flag to prevent fetch of remote branches",
+		},
+		&cli.BoolFlag{
+			Name:  "no-amend-message",
+			Usage: "Set this flag to prevent automatic amendment of the commit message",
+		},
+		&cli.BoolFlag{
+			Name:  "no-push",
+			Usage: "Set this flag to prevent pushing the backport up to your fork",
+		},
+		&cli.BoolFlag{
+			Name:  "no-xdg-open",
+			Usage: "Set this flag to not use xdg-open to open the PR URL",
+		},
+		&cli.BoolFlag{
+			Name:  "continue",
+			Usage: "Set this flag to continue from a git cherry-pick that has broken",
+		},
+	}
+	cli.AppHelpTemplate = `NAME:
+	{{.Name}} - {{.Usage}}
+USAGE:
+	{{.HelpName}} {{if .VisibleFlags}}[options]{{end}} {{if .ArgsUsage}}{{.ArgsUsage}}{{else}}[arguments...]{{end}}
+	{{if len .Authors}}
+AUTHOR:
+	{{range .Authors}}{{ . }}{{end}}
+	{{end}}{{if .Commands}}
+OPTIONS:
+	{{range .VisibleFlags}}{{.}}
+	{{end}}{{end}}
+`
+
+	app.Action = runBackport
+
+	if err := app.Run(os.Args); err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to backport: %v\n", err)
+	}
+}
+
+func runBackport(c *cli.Context) error {
+	ctx, cancel := installSignals()
+	defer cancel()
+
+	continuing := c.Bool("continue")
+
+	var pr string
+
+	version := c.String("version")
+	if version == "" && continuing {
+		// determine version from current branch name
+		var err error
+		pr, version, err = readCurrentBranch(ctx)
+		if err != nil {
+			return err
+		}
+	}
+	if version == "" {
+		version = readVersion()
+	}
+	if version == "" {
+		version = defaultVersion
+	}
+
+	upstream := c.String("upstream")
+	if upstream == "" {
+		upstream = "origin"
+	}
+
+	forkUser := c.String("fork-user")
+	remote := c.String("remote")
+	if remote == "" && !c.Bool("--no-push") {
+		var err error
+		remote, forkUser, err = determineRemote(ctx, forkUser)
+		if err != nil {
+			return err
+		}
+	}
+
+	upstreamReleaseBranch := c.String("release-branch")
+	if upstreamReleaseBranch == "" {
+		upstreamReleaseBranch = path.Join("release", version)
+	}
+
+	localReleaseBranch := path.Join(upstream, upstreamReleaseBranch)
+
+	args := c.Args().Slice()
+	if len(args) == 0 && pr == "" {
+		return fmt.Errorf("no PR number provided\nProvide a PR number to backport")
+	} else if len(args) != 1 && pr == "" {
+		return fmt.Errorf("multiple PRs provided %v\nOnly a single PR can be backported at a time", args)
+	}
+	if pr == "" {
+		pr = args[0]
+	}
+
+	backportBranch := c.String("backport-branch")
+	if backportBranch == "" {
+		backportBranch = "backport-" + pr + "-" + version
+	}
+
+	fmt.Printf("* Backporting %s to %s as %s\n", pr, localReleaseBranch, backportBranch)
+
+	sha := c.String("cherry-pick")
+	if sha == "" {
+		var err error
+		sha, err = determineSHAforPR(ctx, pr)
+		if err != nil {
+			return err
+		}
+	}
+	if sha == "" {
+		return fmt.Errorf("unable to determine sha for cherry-pick of %s", pr)
+	}
+
+	if !c.Bool("no-fetch") {
+		if err := fetchRemoteAndMain(ctx, upstream, upstreamReleaseBranch); err != nil {
+			return err
+		}
+	}
+
+	if !continuing {
+		if err := checkoutBackportBranch(ctx, backportBranch, localReleaseBranch); err != nil {
+			return err
+		}
+	}
+
+	if err := cherrypick(ctx, sha); err != nil {
+		return err
+	}
+
+	if !c.Bool("no-amend-message") {
+		if err := amendCommit(ctx, pr); err != nil {
+			return err
+		}
+	}
+
+	if !c.Bool("no-push") {
+		url := "https://github.com/go-gitea/gitea/compare/" + upstreamReleaseBranch + "..." + forkUser + ":" + backportBranch
+
+		if err := gitPushUp(ctx, remote, backportBranch); err != nil {
+			return err
+		}
+
+		if !c.Bool("no-xdg-open") {
+			if err := xdgOpen(ctx, url); err != nil {
+				return err
+			}
+		} else {
+			fmt.Printf("* Navigate to %s to open PR\n", url)
+		}
+	}
+	return nil
+}
+
+func xdgOpen(ctx context.Context, url string) error {
+	fmt.Printf("* `xdg-open %s`\n", url)
+	out, err := exec.CommandContext(ctx, "xdg-open", url).Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "%s", string(out))
+		return fmt.Errorf("unable to xdg-open to %s: %w", url, err)
+	}
+	return nil
+}
+
+func gitPushUp(ctx context.Context, remote, backportBranch string) error {
+	fmt.Printf("* `git push -u %s %s`\n", remote, backportBranch)
+	out, err := exec.CommandContext(ctx, "git", "push", "-u", remote, backportBranch).Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "%s", string(out))
+		return fmt.Errorf("unable to push up to %s: %w", remote, err)
+	}
+	return nil
+}
+
+func amendCommit(ctx context.Context, pr string) error {
+	fmt.Printf("* Amending commit to prepend `Backport #%s` to body\n", pr)
+	out, err := exec.CommandContext(ctx, "git", "log", "-1", "--pretty=format:%B").Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "%s", string(out))
+		return fmt.Errorf("unable to get last log message: %w", err)
+	}
+
+	parts := strings.SplitN(string(out), "\n", 2)
+
+	if len(parts) != 2 {
+		return fmt.Errorf("unable to interpret log message:\n%s", string(out))
+	}
+	subject, body := parts[0], parts[1]
+	if !strings.HasSuffix(subject, " (#"+pr+")") {
+		subject = subject + " (#" + pr + ")"
+	}
+
+	out, err = exec.CommandContext(ctx, "git", "commit", "--amend", "-m", subject+"\n\nBackport #"+pr+"\n"+body).Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "%s", string(out))
+		return fmt.Errorf("unable to amend last log message: %w", err)
+	}
+	return nil
+}
+
+func cherrypick(ctx context.Context, sha string) error {
+	// Check if a CHERRY_PICK_HEAD exists
+	if _, err := os.Stat(".git/CHERRY_PICK_HEAD"); err == nil {
+		// Assume that we are in the middle of cherry-pick - continue it
+		fmt.Println("* Attempting git cherry-pick --continue")
+		out, err := exec.CommandContext(ctx, "git", "cherry-pick", "--continue").Output()
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "git cherry-pick --continue failed:\n%s\n", string(out))
+			return fmt.Errorf("unable to continue cherry-pick: %w", err)
+		}
+		return nil
+	}
+
+	fmt.Printf("* Attempting git cherry-pick %s\n", sha)
+	out, err := exec.CommandContext(ctx, "git", "cherry-pick", sha).Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "git cherry-pick %s failed:\n%s\n", sha, string(out))
+		return fmt.Errorf("git cherry-pick %s failed: %w", sha, err)
+	}
+	return nil
+}
+
+func checkoutBackportBranch(ctx context.Context, backportBranch, releaseBranch string) error {
+	out, err := exec.CommandContext(ctx, "git", "branch", "--show-current").Output()
+	if err != nil {
+		return fmt.Errorf("unable to check current branch %w", err)
+	}
+
+	currentBranch := strings.TrimSpace(string(out))
+	fmt.Printf("* Current branch is %s\n", currentBranch)
+	if currentBranch == backportBranch {
+		fmt.Printf("* Current branch is %s - not checking out\n", currentBranch)
+		return nil
+	}
+
+	if _, err := exec.CommandContext(ctx, "git", "rev-list", "-1", backportBranch).Output(); err == nil {
+		fmt.Printf("* Branch %s already exists. Checking it out...\n", backportBranch)
+		return exec.CommandContext(ctx, "git", "checkout", "-f", backportBranch).Run()
+	}
+
+	fmt.Printf("* `git checkout -b %s %s`\n", backportBranch, releaseBranch)
+	return exec.CommandContext(ctx, "git", "checkout", "-b", backportBranch, releaseBranch).Run()
+}
+
+func fetchRemoteAndMain(ctx context.Context, remote, releaseBranch string) error {
+	fmt.Printf("* `git fetch %s main`\n", remote)
+	out, err := exec.CommandContext(ctx, "git", "fetch", remote, "main").Output()
+	if err != nil {
+		fmt.Println(string(out))
+		return fmt.Errorf("unable to fetch %s from %s: %w", "main", remote, err)
+	}
+	fmt.Println(string(out))
+
+	fmt.Printf("* `git fetch %s %s`\n", remote, releaseBranch)
+	out, err = exec.CommandContext(ctx, "git", "fetch", remote, releaseBranch).Output()
+	if err != nil {
+		fmt.Println(string(out))
+		return fmt.Errorf("unable to fetch %s from %s: %w", releaseBranch, remote, err)
+	}
+	fmt.Println(string(out))
+
+	return nil
+}
+
+func determineRemote(ctx context.Context, forkUser string) (string, string, error) {
+	out, err := exec.CommandContext(ctx, "git", "remote", "-v").Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to list git remotes:\n%s\n", string(out))
+		return "", "", fmt.Errorf("unable to determine forked remote: %w", err)
+	}
+	lines := strings.Split(string(out), "\n")
+	for _, line := range lines {
+		fields := strings.Split(line, "\t")
+		name, remote := fields[0], fields[1]
+		// only look at pushers
+		if !strings.HasSuffix(remote, " (push)") {
+			continue
+		}
+		// only look at github.com pushes
+		if !strings.Contains(remote, "github.com") {
+			continue
+		}
+		// ignore go-gitea/gitea
+		if strings.Contains(remote, "go-gitea/gitea") {
+			continue
+		}
+		if !strings.Contains(remote, forkUser) {
+			continue
+		}
+		if strings.HasPrefix(remote, "git@github.com:") {
+			forkUser = strings.TrimPrefix(remote, "git@github.com:")
+		} else if strings.HasPrefix(remote, "https://github.com/") {
+			forkUser = strings.TrimPrefix(remote, "https://github.com/")
+		} else if strings.HasPrefix(remote, "https://www.github.com/") {
+			forkUser = strings.TrimPrefix(remote, "https://www.github.com/")
+		} else if forkUser == "" {
+			return "", "", fmt.Errorf("unable to extract forkUser from remote %s: %s", name, remote)
+		}
+		idx := strings.Index(forkUser, "/")
+		if idx >= 0 {
+			forkUser = forkUser[:idx]
+		}
+		return name, forkUser, nil
+	}
+	return "", "", fmt.Errorf("unable to find appropriate remote in:\n%s", string(out))
+}
+
+func readCurrentBranch(ctx context.Context) (pr, version string, err error) {
+	out, err := exec.CommandContext(ctx, "git", "branch", "--show-current").Output()
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to read current git branch:\n%s\n", string(out))
+		return "", "", fmt.Errorf("unable to read current git branch: %w", err)
+	}
+	parts := strings.Split(strings.TrimSpace(string(out)), "-")
+
+	if len(parts) != 3 || parts[0] != "backport" {
+		fmt.Fprintf(os.Stderr, "Unable to continue from git branch:\n%s\n", string(out))
+		return "", "", fmt.Errorf("unable to continue from git branch:\n%s", string(out))
+	}
+
+	return parts[1], parts[2], nil
+}
+
+func readVersion() string {
+	bs, err := os.ReadFile("docs/config.yaml")
+	if err != nil {
+		if err == os.ErrNotExist {
+			log.Println("`docs/config.yaml` not present")
+			return ""
+		}
+		fmt.Fprintf(os.Stderr, "Unable to read `docs/config.yaml`: %v\n", err)
+		return ""
+	}
+
+	type params struct {
+		Version string
+	}
+	type docConfig struct {
+		Params params
+	}
+	dc := &docConfig{}
+	if err := yaml.Unmarshal(bs, dc); err != nil {
+		fmt.Fprintf(os.Stderr, "Unable to read `docs/config.yaml`: %v\n", err)
+		return ""
+	}
+
+	if dc.Params.Version == "" {
+		fmt.Fprintf(os.Stderr, "No version in `docs/config.yaml`")
+		return ""
+	}
+
+	version := dc.Params.Version
+	if version[0] != 'v' {
+		version = "v" + version
+	}
+
+	split := strings.SplitN(version, ".", 3)
+
+	return strings.Join(split[:2], ".")
+}
+
+func determineSHAforPR(ctx context.Context, prStr string) (string, error) {
+	prNum, err := strconv.Atoi(prStr)
+	if err != nil {
+		return "", err
+	}
+
+	client := github.NewClient(http.DefaultClient)
+
+	pr, _, err := client.PullRequests.Get(ctx, "go-gitea", "gitea", prNum)
+	if err != nil {
+		return "", err
+	}
+
+	if pr.Merged == nil || !*pr.Merged {
+		return "", fmt.Errorf("PR #%d is not yet merged - cannot determine sha to backport", prNum)
+	}
+
+	if pr.MergeCommitSHA != nil {
+		return *pr.MergeCommitSHA, nil
+	}
+
+	return "", nil
+}
+
+func installSignals() (context.Context, context.CancelFunc) {
+	ctx, cancel := context.WithCancel(context.Background())
+	go func() {
+		// install notify
+		signalChannel := make(chan os.Signal, 1)
+
+		signal.Notify(
+			signalChannel,
+			syscall.SIGINT,
+			syscall.SIGTERM,
+		)
+		select {
+		case <-signalChannel:
+		case <-ctx.Done():
+		}
+		cancel()
+		signal.Reset()
+	}()
+
+	return ctx, cancel
+}

contrib/environment-to-ini/environment-to-ini.go

@@ -4,17 +4,16 @@
 package main
 
 import (
-	"context"
 	"os"
 
-	"forgejo.org/modules/log"
-	"forgejo.org/modules/setting"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/urfave/cli/v3"
+	"github.com/urfave/cli/v2"
 )
 
 func main() {
-	app := cli.Command{}
+	app := cli.NewApp()
 	app.Name = "environment-to-ini"
 	app.Usage = "Use provided environment to update configuration ini"
 	app.Description = `As a helper to allow docker users to update the forgejo configuration
@@ -73,13 +72,13 @@ func main() {
 		},
 	}
 	app.Action = runEnvironmentToIni
-	err := app.Run(context.Background(), os.Args)
+	err := app.Run(os.Args)
 	if err != nil {
 		log.Fatal("Failed to run app with %s: %v", os.Args, err)
 	}
 }
 
-func runEnvironmentToIni(ctx context.Context, c *cli.Command) error {
+func runEnvironmentToIni(c *cli.Context) error {
 	// the config system may change the environment variables, so get a copy first, to be used later
 	env := append([]string{}, os.Environ()...)
 	setting.InitWorkPathAndCfgProvider(os.Getenv, setting.ArgWorkPathAndCustomConf{

custom/conf/app.example.ini

@@ -1131,6 +1131,9 @@ LEVEL = Info
 ;; Add co-authored-by and co-committed-by trailers if committer does not match author
 ;ADD_CO_COMMITTER_TRAILERS = true
 ;;
+;; In addition to testing patches using the three-way merge method, re-test conflicting patches with git apply
+;TEST_CONFLICTING_PATCHES_WITH_GIT_APPLY = false
+;;
 ;; Retarget child pull requests to the parent pull request branch target on merge of parent pull request. It only works on merged PRs where the head and base branch target the same repo.
 ;RETARGET_CHILDREN_ON_MERGE = true
 
@@ -1160,13 +1163,9 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
-;; Signing format that Forgejo should use, openpgp uses GPG and ssh uses OpenSSH.
-;FORMAT = openpgp
-;;
 ;; GPG key to use to sign commits, Defaults to the default - that is the value of git config --get user.signingkey
 ;; run in the context of the RUN_USER
-;; Switch to none to stop signing completely.
-;; If `FORMAT` is set to **ssh** this should be set to an absolute path to an public OpenSSH key.
+;; Switch to none to stop signing completely
 ;SIGNING_KEY = default
 ;;
 ;; If a SIGNING_KEY ID is provided and is not set to default, use the provided Name and Email address as the signer.
@@ -1572,15 +1571,6 @@ LEVEL = Info
 ;; - manage_gpg_keys: a user cannot configure gpg keys
 ;;EXTERNAL_USER_DISABLE_FEATURES =
 
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;[moderation]
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; When true enables moderation capabilities; default is false.
-;; If enabled it will be possible for users to report abusive content (new actions are added in the UI and /report_abuse route will be enabled) and a new Moderation section will be added to Admin settings where the reports can be reviewed.
-;ENABLED = false
-
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;[openid]
@@ -1951,7 +1941,7 @@ LEVEL = Info
 ;ENABLED = true
 ;;
 ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
-;ALLOWED_TYPES = .avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.webp,.xls,.xlsx,.zip
+;ALLOWED_TYPES = .avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.xls,.xlsx,.zip
 ;;
 ;; Max size of each file. Defaults to 2048MB
 ;MAX_SIZE = 2048
@@ -2417,8 +2407,8 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; The first locale will be used as the default if user browser's language doesn't match any locale in the list.
-;LANGS = en-US,zh-CN,zh-HK,zh-TW,da,de-DE,nds,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pt-PT,pl-PL,bg,it-IT,fi-FI,fil,eo,tr-TR,cs-CZ,sl,sv-SE,ko-KR,el-GR,fa-IR,hu-HU,id-ID
-;NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Dansk,Deutsch,Plattdüütsch,Français,Nederlands,Latviešu,Русский,Українська,日本語,Español,Português do Brasil,Português de Portugal,Polski,Български,Italiano,Suomi,Filipino,Esperanto,Türkçe,Čeština,Slovenščina,Svenska,한국어,Ελληνικά,فارسی,Magyar nyelv,Bahasa Indonesia
+;LANGS = en-US,zh-CN,zh-HK,zh-TW,de-DE,nds,fr-FR,nl-NL,lv-LV,ru-RU,uk-UA,ja-JP,es-ES,pt-BR,pt-PT,pl-PL,bg,it-IT,fi-FI,fil,eo,tr-TR,cs-CZ,sl,sv-SE,ko-KR,el-GR,fa-IR,hu-HU,id-ID
+;NAMES = English,简体中文,繁體中文（香港）,繁體中文（台灣）,Deutsch,Plattdüütsch,Français,Nederlands,Latviešu,Русский,Українська,日本語,Español,Português do Brasil,Português de Portugal,Polski,Български,Italiano,Suomi,Filipino,Esperanto,Türkçe,Čeština,Slovenščina,Svenska,한국어,Ελληνικά,فارسی,Magyar nyelv,Bahasa Indonesia
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -2450,7 +2440,7 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Set the maximum number of characters in a mermaid source. (Set to -1 to disable limits)
-;MERMAID_MAX_SOURCE_CHARACTERS = 50000
+;MERMAID_MAX_SOURCE_CHARACTERS = 5000
 ;; Set the maximum number of lines allowed for a filepreview. (Set to -1 to disable limits; set to 0 to disable the feature)
 ;FILEPREVIEW_MAX_LINES = 50
 

docker/root/etc/s6/openssh/setup

@@ -31,21 +31,6 @@ if [ -e /data/ssh/ssh_host_ecdsa_cert ]; then
   SSH_ECDSA_CERT=${SSH_ECDSA_CERT:-"/data/ssh/ssh_host_ecdsa_cert"}
 fi
 
-# In case someone wants to sign the `{keyname}.pub` key by `ssh-keygen -s ca -I identity ...` to
-# make use of the ssh-key certificate authority feature (see ssh-keygen CERTIFICATES section),
-# the generated key file name is `{keyname}-cert.pub`
-if [ -e /data/ssh/ssh_host_ed25519_key-cert.pub ]; then
-  SSH_ED25519_CERT=${SSH_ED25519_CERT:-"/data/ssh/ssh_host_ed25519_key-cert.pub"}
-fi
-
-if [ -e /data/ssh/ssh_host_rsa_key-cert.pub ]; then
-  SSH_RSA_CERT=${SSH_RSA_CERT:-"/data/ssh/ssh_host_rsa_key-cert.pub"}
-fi
-
-if [ -e /data/ssh/ssh_host_ecdsa_key-cert.pub ]; then
-  SSH_ECDSA_CERT=${SSH_ECDSA_CERT:-"/data/ssh/ssh_host_ecdsa_key-cert.pub"}
-fi
-
 if [ -d /etc/ssh ]; then
     SSH_PORT=${SSH_PORT:-"22"} \
     SSH_LISTEN_PORT=${SSH_LISTEN_PORT:-"${SSH_PORT}"} \

docker/root/usr/bin/entrypoint

@@ -37,5 +37,5 @@ done
 if [ $# -gt 0 ]; then
     exec "$@"
 else
-    exec /usr/bin/s6-svscan /etc/s6
+    exec /bin/s6-svscan /etc/s6
 fi

eslint.config.mjs

@@ -14,7 +14,6 @@ import wc from 'eslint-plugin-wc';
 import globals from 'globals';
 import vue from 'eslint-plugin-vue';
 import vueScopedCss from 'eslint-plugin-vue-scoped-css';
-import toml from 'eslint-plugin-toml';
 import tseslint from 'typescript-eslint';
 
 export default tseslint.config(
@@ -29,13 +28,13 @@ export default tseslint.config(
       '@stylistic/js': stylisticEslintPluginJs,
       '@vitest': vitest,
       'array-func': arrayFunc,
+      'import-x': eslintPluginImportX,
       'no-jquery': noJquery,
       'no-use-extend-native': noUseExtendNative,
       regexp,
       sonarjs,
       unicorn,
       playwright,
-      toml,
       'vitest-globals': vitestGlobals,
       vue,
       'vue-scoped-css': vueScopedCss,
@@ -318,9 +317,8 @@ export default tseslint.config(
       'no-jquery/no-data': [0],
       'no-jquery/no-deferred': [2],
       'no-jquery/no-delegate': [2],
-      'no-jquery/no-done-fail': [2],
       'no-jquery/no-each-collection': [0],
-      'no-jquery/no-each-util': [2],
+      'no-jquery/no-each-util': [0],
       'no-jquery/no-each': [0],
       'no-jquery/no-error-shorthand': [2],
       'no-jquery/no-error': [2],
@@ -332,7 +330,6 @@ export default tseslint.config(
       'no-jquery/no-find-collection': [0],
       'no-jquery/no-find-util': [2],
       'no-jquery/no-find': [0],
-      'no-jquery/no-fx': [2],
       'no-jquery/no-fx-interval': [2],
       'no-jquery/no-global-eval': [2],
       'no-jquery/no-global-selector': [0],
@@ -352,7 +349,7 @@ export default tseslint.config(
       'no-jquery/no-live': [2],
       'no-jquery/no-load-shorthand': [2],
       'no-jquery/no-load': [2],
-      'no-jquery/no-map-collection': [2],
+      'no-jquery/no-map-collection': [0],
       'no-jquery/no-map-util': [2],
       'no-jquery/no-map': [2],
       'no-jquery/no-merge': [2],
@@ -376,12 +373,12 @@ export default tseslint.config(
       'no-jquery/no-selector-prop': [2],
       'no-jquery/no-serialize': [2],
       'no-jquery/no-size': [2],
-      'no-jquery/no-sizzle': [2],
+      'no-jquery/no-sizzle': [0],
       'no-jquery/no-slide': [2],
       'no-jquery/no-sub': [2],
       'no-jquery/no-support': [2],
       'no-jquery/no-text': [0],
-      'no-jquery/no-trigger': [2],
+      'no-jquery/no-trigger': [0],
       'no-jquery/no-trim': [2],
       'no-jquery/no-type': [2],
       'no-jquery/no-unique': [2],
@@ -724,8 +721,6 @@ export default tseslint.config(
       'unicode-bom': [2, 'never'],
       'unicorn/better-regex': [0],
       'unicorn/catch-error-name': [0],
-      'unicorn/consistent-assert': [0],
-      'unicorn/consistent-date-clone': [2],
       'unicorn/consistent-destructuring': [2],
       'unicorn/consistent-empty-array-spread': [2],
       'unicorn/consistent-existence-index-check': [2],
@@ -740,12 +735,12 @@ export default tseslint.config(
       'unicorn/import-index': [0],
       'unicorn/import-style': [0],
       'unicorn/new-for-builtins': [2],
-      'unicorn/no-accessor-recursion': [2],
       'unicorn/no-abusive-eslint-disable': [0],
       'unicorn/no-anonymous-default-export': [0],
       'unicorn/no-array-callback-reference': [0],
       'unicorn/no-array-for-each': [2],
       'unicorn/no-array-method-this-argument': [2],
+      'unicorn/no-array-push-push': [2],
       'unicorn/no-array-reduce': [2],
       'unicorn/no-await-expression-member': [0],
       'unicorn/no-await-in-promise-methods': [2],
@@ -754,13 +749,13 @@ export default tseslint.config(
       'unicorn/no-empty-file': [2],
       'unicorn/no-for-loop': [0],
       'unicorn/no-hex-escape': [0],
-      'unicorn/no-instanceof-builtins': [0],
+      'unicorn/no-instanceof-array': [0],
       'unicorn/no-invalid-fetch-options': [2],
       'unicorn/no-invalid-remove-event-listener': [2],
       'unicorn/no-keyword-prefix': [0],
+      'unicorn/no-length-as-slice-end': [2],
       'unicorn/no-lonely-if': [2],
       'unicorn/no-magic-array-flat-depth': [0],
-      'unicorn/no-named-default': [2],
       'unicorn/no-negated-condition': [0],
       'unicorn/no-negation-in-equality-check': [2],
       'unicorn/no-nested-ternary': [0],
@@ -774,11 +769,8 @@ export default tseslint.config(
       'unicorn/no-thenable': [2],
       'unicorn/no-this-assignment': [2],
       'unicorn/no-typeof-undefined': [2],
-      'unicorn/no-unnecessary-array-flat-depth': [2],
-      'unicorn/no-unnecessary-array-splice-count': [2],
       'unicorn/no-unnecessary-await': [2],
       'unicorn/no-unnecessary-polyfills': [2],
-      'unicorn/no-unnecessary-slice-end': [2],
       'unicorn/no-unreadable-array-destructuring': [0],
       'unicorn/no-unreadable-iife': [2],
       'unicorn/no-unused-properties': [2],
@@ -809,7 +801,6 @@ export default tseslint.config(
       'unicorn/prefer-event-target': [2],
       'unicorn/prefer-export-from': [0],
       'unicorn/prefer-global-this': [0],
-      'unicorn/prefer-import-meta-properties': [2],
       'unicorn/prefer-includes': [2],
       'unicorn/prefer-json-parse-buffer': [0],
       'unicorn/prefer-keyboard-event-key': [2],
@@ -832,7 +823,6 @@ export default tseslint.config(
       'unicorn/prefer-regexp-test': [2],
       'unicorn/prefer-set-has': [0],
       'unicorn/prefer-set-size': [2],
-      'unicorn/prefer-single-call': [2],
       'unicorn/prefer-spread': [0],
       'unicorn/prefer-string-raw': [0],
       'unicorn/prefer-string-replace-all': [0],
@@ -842,6 +832,7 @@ export default tseslint.config(
       'unicorn/prefer-structured-clone': [2],
       'unicorn/prefer-switch': [0],
       'unicorn/prefer-ternary': [0],
+      'unicorn/prefer-text-content': [2],
       'unicorn/prefer-top-level-await': [0],
       'unicorn/prefer-type-error': [0],
       'unicorn/prevent-abbreviations': [0],
@@ -1175,5 +1166,5 @@ export default tseslint.config(
       'vue-scoped-css/enforce-style-type': [0],
     },
   },
-  ...toml.configs['flat/recommended'],
+
 );

flake.nix

@@ -25,6 +25,10 @@
             # frontend
             nodejs_20
 
+            # linting
+            python312
+            poetry
+
             # backend
             gofumpt
             sqlite

go.mod

@@ -1,114 +1,115 @@
-module forgejo.org
+module code.gitea.io/gitea
 
-go 1.24
+go 1.23
 
-toolchain go1.24.3
+toolchain go1.23.4
 
 require (
-	code.forgejo.org/f3/gof3/v3 v3.10.8
+	code.forgejo.org/f3/gof3/v3 v3.10.2
 	code.forgejo.org/forgejo-contrib/go-libravatar v0.0.0-20191008002943-06d1c002b251
-	code.forgejo.org/forgejo/go-rpmutils v1.0.0
-	code.forgejo.org/forgejo/levelqueue v1.0.0
 	code.forgejo.org/forgejo/reply v1.0.2
-	code.forgejo.org/go-chi/binding v1.0.1
-	code.forgejo.org/go-chi/cache v1.0.1
-	code.forgejo.org/go-chi/captcha v1.0.2
-	code.forgejo.org/go-chi/session v1.0.2
+	code.forgejo.org/go-chi/binding v1.0.0
+	code.forgejo.org/go-chi/cache v1.0.0
+	code.forgejo.org/go-chi/captcha v1.0.1
+	code.forgejo.org/go-chi/session v1.0.1
 	code.gitea.io/actions-proto-go v0.4.0
-	code.gitea.io/sdk/gitea v0.21.0
+	code.gitea.io/sdk/gitea v0.17.1
 	codeberg.org/gusted/mcaptcha v0.0.0-20220723083913-4f3072e1d570
 	connectrpc.com/connect v1.17.0
-	github.com/42wim/httpsig v1.2.3
-	github.com/42wim/sshsig v0.0.0-20250502153856-5100632e8920
+	gitea.com/lunny/levelqueue v0.4.2-0.20230414023320-3c0159fe0fe4
+	github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358
-	github.com/ProtonMail/go-crypto v1.3.0
-	github.com/PuerkitoBio/goquery v1.10.3
+	github.com/ProtonMail/go-crypto v1.1.3
+	github.com/PuerkitoBio/goquery v1.10.0
 	github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.2
-	github.com/alecthomas/chroma/v2 v2.18.0
+	github.com/alecthomas/chroma/v2 v2.15.0
 	github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb
-	github.com/blevesearch/bleve/v2 v2.5.1
-	github.com/buildkite/terminal-to-html/v3 v3.16.8
-	github.com/caddyserver/certmagic v0.23.0
+	github.com/blevesearch/bleve/v2 v2.4.4
+	github.com/buildkite/terminal-to-html/v3 v3.16.4
+	github.com/caddyserver/certmagic v0.21.4
 	github.com/chi-middleware/proxy v1.1.1
 	github.com/djherbis/buffer v1.2.0
 	github.com/djherbis/nio/v3 v3.0.1
 	github.com/dsnet/compress v0.0.2-0.20230904184137-39efe44ab707
 	github.com/dustin/go-humanize v1.0.1
-	github.com/editorconfig/editorconfig-core-go/v2 v2.6.3
+	github.com/editorconfig/editorconfig-core-go/v2 v2.6.2
 	github.com/emersion/go-imap v1.2.1
 	github.com/felixge/fgprof v0.9.5
-	github.com/fsnotify/fsnotify v1.9.0
+	github.com/fsnotify/fsnotify v1.8.0
 	github.com/gliderlabs/ssh v0.3.8
 	github.com/go-ap/activitypub v0.0.0-20231114162308-e219254dc5c9
 	github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73
-	github.com/go-chi/chi/v5 v5.2.1
+	github.com/go-chi/chi/v5 v5.2.0
 	github.com/go-chi/cors v1.2.1
 	github.com/go-co-op/gocron v1.37.0
-	github.com/go-enry/go-enry/v2 v2.9.2
-	github.com/go-git/go-git/v5 v5.13.2
+	github.com/go-enry/go-enry/v2 v2.9.1
+	github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e
+	github.com/go-git/go-git/v5 v5.13.1
 	github.com/go-ldap/ldap/v3 v3.4.6
-	github.com/go-openapi/spec v0.21.0
-	github.com/go-sql-driver/mysql v1.9.2
-	github.com/go-webauthn/webauthn v0.13.0
+	github.com/go-openapi/spec v0.20.14
+	github.com/go-sql-driver/mysql v1.8.1
+	github.com/go-testfixtures/testfixtures/v3 v3.14.0
+	github.com/go-webauthn/webauthn v0.11.2
 	github.com/gobwas/glob v0.2.3
 	github.com/gogs/chardet v0.0.0-20211120154057-b7413eaefb8f
 	github.com/gogs/go-gogs-client v0.0.0-20210131175652-1d7215cd8d85
-	github.com/golang-jwt/jwt/v5 v5.2.2
+	github.com/golang-jwt/jwt/v5 v5.2.1
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0
 	github.com/google/go-github/v64 v64.0.0
-	github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e
+	github.com/google/pprof v0.0.0-20241017200806-017d972448fc
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/feeds v1.2.0
 	github.com/gorilla/sessions v1.4.0
-	github.com/hashicorp/go-version v1.7.0
+	github.com/hashicorp/go-version v1.6.0
 	github.com/hashicorp/golang-lru/v2 v2.0.7
 	github.com/huandu/xstrings v1.5.0
 	github.com/jaytaylor/html2text v0.0.0-20230321000545-74c2419ad056
-	github.com/jhillyerd/enmime/v2 v2.1.0
+	github.com/jhillyerd/enmime/v2 v2.0.0
 	github.com/json-iterator/go v1.1.12
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51
-	github.com/klauspost/compress v1.18.0
-	github.com/klauspost/cpuid/v2 v2.2.10
+	github.com/klauspost/compress v1.17.11
+	github.com/klauspost/cpuid/v2 v2.2.8
 	github.com/lib/pq v1.10.9
 	github.com/markbates/goth v1.80.0
 	github.com/mattn/go-isatty v0.0.20
-	github.com/mattn/go-sqlite3 v1.14.28
-	github.com/meilisearch/meilisearch-go v0.31.0
+	github.com/mattn/go-sqlite3 v1.14.24
+	github.com/meilisearch/meilisearch-go v0.29.0
 	github.com/mholt/archiver/v3 v3.5.1
 	github.com/microcosm-cc/bluemonday v1.0.27
-	github.com/minio/minio-go/v7 v7.0.91
-	github.com/msteinert/pam/v2 v2.1.0
+	github.com/minio/minio-go/v7 v7.0.78
+	github.com/msteinert/pam v1.2.0
 	github.com/nektos/act v0.2.52
-	github.com/niklasfasching/go-org v1.8.0
+	github.com/niklasfasching/go-org v1.7.0
 	github.com/olivere/elastic/v7 v7.0.32
 	github.com/opencontainers/go-digest v1.0.0
-	github.com/opencontainers/image-spec v1.1.1
+	github.com/opencontainers/image-spec v1.1.0
 	github.com/pquerna/otp v1.4.0
-	github.com/prometheus/client_golang v1.21.1
-	github.com/redis/go-redis/v9 v9.8.0
+	github.com/prometheus/client_golang v1.20.5
+	github.com/redis/go-redis/v9 v9.7.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/santhosh-tekuri/jsonschema/v6 v6.0.1
+	github.com/sassoftware/go-rpmutils v0.4.0
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3
 	github.com/shurcooL/vfsgen v0.0.0-20230704071429-0000e147ea92
 	github.com/stretchr/testify v1.10.0
 	github.com/syndtr/goleveldb v1.0.0
 	github.com/ulikunitz/xz v0.5.12
-	github.com/urfave/cli/v2 v2.27.6
-	github.com/urfave/cli/v3 v3.3.3
+	github.com/urfave/cli/v2 v2.27.5
 	github.com/valyala/fastjson v1.6.4
+	github.com/xanzy/go-gitlab v0.109.0
 	github.com/yohcop/openid-go v1.0.1
-	github.com/yuin/goldmark v1.7.12
+	github.com/yuin/goldmark v1.7.8
 	github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
-	gitlab.com/gitlab-org/api/client-go v0.129.0
-	go.uber.org/mock v0.5.2
-	golang.org/x/crypto v0.38.0
-	golang.org/x/image v0.27.0
-	golang.org/x/net v0.40.0
-	golang.org/x/oauth2 v0.30.0
-	golang.org/x/sync v0.14.0
-	golang.org/x/sys v0.33.0
-	golang.org/x/text v0.25.0
-	google.golang.org/protobuf v1.36.4
+	go.uber.org/mock v0.4.0
+	golang.org/x/crypto v0.31.0
+	golang.org/x/image v0.23.0
+	golang.org/x/net v0.33.0
+	golang.org/x/oauth2 v0.23.0
+	golang.org/x/sync v0.10.0
+	golang.org/x/sys v0.28.0
+	golang.org/x/text v0.21.0
+	google.golang.org/grpc v1.69.2
+	google.golang.org/protobuf v1.36.1
 	gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df
 	gopkg.in/ini.v1 v1.67.0
 	gopkg.in/yaml.v3 v3.0.1
@@ -118,71 +119,94 @@ require (
 )
 
 require (
-	cloud.google.com/go/compute/metadata v0.6.0 // indirect
+	cel.dev/expr v0.16.2 // indirect
+	cloud.google.com/go v0.116.0 // indirect
+	cloud.google.com/go/auth v0.9.9 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
+	cloud.google.com/go/compute/metadata v0.5.2 // indirect
+	cloud.google.com/go/iam v1.2.1 // indirect
+	cloud.google.com/go/longrunning v0.6.1 // indirect
+	cloud.google.com/go/monitoring v1.21.1 // indirect
+	cloud.google.com/go/spanner v1.73.0 // indirect
 	dario.cat/mergo v1.0.0 // indirect
 	filippo.io/edwards25519 v1.1.0 // indirect
 	git.sr.ht/~mariusor/go-xsd-duration v0.0.0-20220703122237-02e73435a078 // indirect
+	github.com/42wim/httpsig v1.2.2 // indirect
+	github.com/DataDog/zstd v1.5.5 // indirect
+	github.com/GoogleCloudPlatform/grpc-gcp-go/grpcgcp v1.5.0 // indirect
+	github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.24.2 // indirect
 	github.com/Microsoft/go-winio v0.6.2 // indirect
-	github.com/RoaringBitmap/roaring/v2 v2.4.5 // indirect
+	github.com/RoaringBitmap/roaring v1.9.3 // indirect
 	github.com/andybalholm/brotli v1.1.1 // indirect
-	github.com/andybalholm/cascadia v1.3.3 // indirect
+	github.com/andybalholm/cascadia v1.3.2 // indirect
 	github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/bits-and-blooms/bitset v1.22.0 // indirect
-	github.com/blevesearch/bleve_index_api v1.2.8 // indirect
-	github.com/blevesearch/geo v0.2.3 // indirect
-	github.com/blevesearch/go-faiss v1.0.25 // indirect
+	github.com/bits-and-blooms/bitset v1.13.0 // indirect
+	github.com/blevesearch/bleve_index_api v1.1.12 // indirect
+	github.com/blevesearch/geo v0.1.20 // indirect
+	github.com/blevesearch/go-faiss v1.0.24 // indirect
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
 	github.com/blevesearch/mmap-go v1.0.4 // indirect
-	github.com/blevesearch/scorch_segment_api/v2 v2.3.10 // indirect
+	github.com/blevesearch/scorch_segment_api/v2 v2.2.16 // indirect
 	github.com/blevesearch/segment v0.9.1 // indirect
 	github.com/blevesearch/snowballstem v0.9.0 // indirect
 	github.com/blevesearch/upsidedown_store_api v1.0.2 // indirect
-	github.com/blevesearch/vellum v1.1.0 // indirect
-	github.com/blevesearch/zapx/v11 v11.4.2 // indirect
-	github.com/blevesearch/zapx/v12 v12.4.2 // indirect
-	github.com/blevesearch/zapx/v13 v13.4.2 // indirect
-	github.com/blevesearch/zapx/v14 v14.4.2 // indirect
-	github.com/blevesearch/zapx/v15 v15.4.2 // indirect
-	github.com/blevesearch/zapx/v16 v16.2.3 // indirect
+	github.com/blevesearch/vellum v1.0.10 // indirect
+	github.com/blevesearch/zapx/v11 v11.3.10 // indirect
+	github.com/blevesearch/zapx/v12 v12.3.10 // indirect
+	github.com/blevesearch/zapx/v13 v13.3.10 // indirect
+	github.com/blevesearch/zapx/v14 v14.3.10 // indirect
+	github.com/blevesearch/zapx/v15 v15.3.16 // indirect
+	github.com/blevesearch/zapx/v16 v16.1.9-0.20241217210638-a0519e7caf3b // indirect
 	github.com/boombuler/barcode v1.0.1 // indirect
-	github.com/bradfitz/gomemcache v0.0.0-20250403215159-8d39553ac7cf // indirect
+	github.com/bradfitz/gomemcache v0.0.0-20230905024940-24af94b03874 // indirect
 	github.com/caddyserver/zerossl v0.1.3 // indirect
+	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
 	github.com/cention-sany/utf7 v0.0.0-20170124080048-26cad61bd60a // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/cloudflare/circl v1.6.1 // indirect
+	github.com/cloudflare/circl v1.3.8 // indirect
+	github.com/cncf/xds/go v0.0.0-20240905190251-b4127c9b8d78 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
 	github.com/cyphar/filepath-securejoin v0.3.6 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/davidmz/go-pageant v1.0.2 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
-	github.com/dlclark/regexp2 v1.11.5 // indirect
+	github.com/dlclark/regexp2 v1.11.4 // indirect
 	github.com/emersion/go-sasl v0.0.0-20231106173351-e73c9f7bad43 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
+	github.com/envoyproxy/go-control-plane v0.13.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v1.1.0 // indirect
 	github.com/fatih/color v1.16.0 // indirect
-	github.com/fxamacker/cbor/v2 v2.8.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
 	github.com/go-ap/errors v0.0.0-20231003111023-183eef4b31b7 // indirect
 	github.com/go-asn1-ber/asn1-ber v1.5.5 // indirect
 	github.com/go-enry/go-oniguruma v1.2.1 // indirect
-	github.com/go-fed/httpsig v1.1.0 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
-	github.com/go-git/go-billy/v5 v5.6.2 // indirect
+	github.com/go-git/go-billy/v5 v5.6.1 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
-	github.com/go-openapi/jsonpointer v0.21.1 // indirect
-	github.com/go-openapi/jsonreference v0.21.0 // indirect
-	github.com/go-openapi/swag v0.23.1 // indirect
-	github.com/go-webauthn/x v0.1.21 // indirect
-	github.com/goccy/go-json v0.10.5 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
+	github.com/go-openapi/jsonpointer v0.20.2 // indirect
+	github.com/go-openapi/jsonreference v0.20.4 // indirect
+	github.com/go-openapi/swag v0.22.7 // indirect
+	github.com/go-webauthn/x v0.1.14 // indirect
+	github.com/goccy/go-json v0.10.3 // indirect
+	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
+	github.com/golang/geo v0.0.0-20230421003525-6adc56603217 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/btree v1.1.2 // indirect
-	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
-	github.com/google/go-tpm v0.9.5 // indirect
+	github.com/google/go-tpm v0.9.1 // indirect
+	github.com/google/s2a-go v0.1.8 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
+	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
+	github.com/googleapis/go-sql-spanner v1.7.4 // indirect
 	github.com/gorilla/css v1.0.1 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/gorilla/securecookie v1.1.2 // indirect
@@ -192,14 +216,13 @@ require (
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/klauspost/pgzip v1.2.6 // indirect
-	github.com/libdns/libdns v1.0.0-beta.1 // indirect
-	github.com/mailru/easyjson v0.9.0 // indirect
+	github.com/libdns/libdns v0.2.2 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/markbates/going v1.0.3 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-runewidth v0.0.16 // indirect
-	github.com/mholt/acmez/v3 v3.1.2 // indirect
-	github.com/miekg/dns v1.1.63 // indirect
-	github.com/minio/crc64nvme v1.0.1 // indirect
+	github.com/mholt/acmez/v2 v2.0.3 // indirect
+	github.com/miekg/dns v1.1.62 // indirect
 	github.com/minio/md5-simd v1.1.2 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -211,15 +234,15 @@ require (
 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 	github.com/onsi/ginkgo v1.16.5 // indirect
 	github.com/pierrec/lz4/v4 v4.1.21 // indirect
-	github.com/pjbgf/sha1cd v0.3.2 // indirect
+	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.62.0 // indirect
+	github.com/prometheus/common v0.55.0 // indirect
 	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/rhysd/actionlint v1.6.27 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
-	github.com/rogpeppe/go-internal v1.13.1 // indirect
 	github.com/rs/xid v1.6.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/shurcooL/httpfs v0.0.0-20230704072500-f1e31cf0ba5c // indirect
@@ -230,16 +253,28 @@ require (
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
-	github.com/zeebo/assert v1.3.0 // indirect
 	github.com/zeebo/blake3 v0.2.4 // indirect
-	go.etcd.io/bbolt v1.4.0 // indirect
+	gitlab.com/gitlab-org/api/client-go v0.116.0 // indirect
+	go.etcd.io/bbolt v1.3.9 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	go.opentelemetry.io/contrib/detectors/gcp v1.31.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
+	go.opentelemetry.io/otel v1.31.0 // indirect
+	go.opentelemetry.io/otel/metric v1.31.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.31.0 // indirect
+	go.opentelemetry.io/otel/sdk/metric v1.31.0 // indirect
+	go.opentelemetry.io/otel/trace v1.31.0 // indirect
 	go.uber.org/atomic v1.11.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	go.uber.org/zap/exp v0.3.0 // indirect
-	golang.org/x/mod v0.24.0 // indirect
-	golang.org/x/time v0.11.0 // indirect
-	golang.org/x/tools v0.31.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
+	golang.org/x/time v0.7.0 // indirect
+	golang.org/x/tools v0.28.0 // indirect
+	google.golang.org/api v0.203.0 // indirect
+	google.golang.org/genproto v0.0.0-20241015192408-796eee8c2d53 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241015192408-796eee8c2d53 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241015192408-796eee8c2d53 // indirect
 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 )
@@ -248,10 +283,10 @@ replace github.com/hashicorp/go-version => github.com/6543/go-version v1.3.1
 
 replace github.com/shurcooL/vfsgen => github.com/lunny/vfsgen v0.0.0-20220105142115-2c99e1ffdfa0
 
-replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.26.0
+replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.22.0
 
 replace github.com/mholt/archiver/v3 => code.forgejo.org/forgejo/archiver/v3 v3.5.1
 
-replace github.com/gliderlabs/ssh => code.forgejo.org/forgejo/ssh v0.0.0-20241211213324-5fc306ca0616
+replace github.com/goccy/go-json => github.com/grafana/go-json v0.0.0-20241210211703-a119ee5a0a3b
 
-replace git.sr.ht/~mariusor/go-xsd-duration => code.forgejo.org/forgejo/go-xsd-duration v0.0.0-20220703122237-02e73435a078
+replace github.com/gliderlabs/ssh => code.forgejo.org/forgejo/ssh v0.0.0-20241211213324-5fc306ca0616