ホトモカさん

Signed-off-by: Shin'ya Minazuki <shinyoukai@laidback.moe>

.gitea/issue_template.md

@@ -1,42 +0,0 @@
-<!-- NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue -->
-
-<!--
-    1. Please speak English, this is the language all maintainers can speak and write.
-    2. Please ask questions or configuration/deploy problems on our Discord
-       server (https://discord.gg/gitea) or forum (https://forum.gitea.com).
-    3. Please take a moment to check that your issue doesn't already exist.
-    4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
-    5. Please give all relevant information below for bug reports, because
-       incomplete details will be handled as an invalid report.
--->
-
-- Gitea version (or commit ref):
-- Git version:
-- Operating system:
-  <!-- Please include information on whether you built gitea yourself, used one of our downloads or are using some other package -->
-  <!-- Please also tell us how you are running gitea, e.g. if it is being run from docker, a command-line, systemd etc. --->
-  <!-- If you are using a package or systemd tell us what distribution you are using -->
-- Database (use `[x]`):
-  - [ ] PostgreSQL
-  - [ ] MySQL
-  - [ ] MSSQL
-  - [ ] SQLite
-- Can you reproduce the bug at https://demo.gitea.com:
-  - [ ] Yes (provide example URL)
-  - [ ] No
-- Log gist:
-<!-- It really is important to provide pertinent logs -->
-<!-- Please read https://docs.gitea.com/administration/logging-config#collecting-logs-for-help -->
-<!-- In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini -->
-
-## Description
-<!-- If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please
-     disable the proxy/CDN fully and connect to gitea directly to confirm
-     the issue still persists without those services. -->
-
-...
-
-
-## Screenshots
-
-<!-- **If this issue involves the Web Interface, please include a screenshot** -->

.github/FUNDING.yml

@@ -1 +0,0 @@
-open_collective: gitea

.github/ISSUE_TEMPLATE/bug-report.yaml

@@ -1,91 +0,0 @@
-name: Bug Report
-description: Found something you weren't expecting? Report it here!
-labels: ["type/bug"]
-body:
-  - type: markdown
-    attributes:
-      value: |
-        NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue.
-  - type: markdown
-    attributes:
-      value: |
-        1. Please speak English, this is the language all maintainers can speak and write.
-        2. Please ask questions or configuration/deploy problems on our Discord
-           server (https://discord.gg/gitea) or forum (https://forum.gitea.com).
-        3. Make sure you are using the latest release and
-           take a moment to check that your issue hasn't been reported before.
-        4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
-        5. It's really important to provide pertinent details and logs (https://docs.gitea.com/help/support),
-           incomplete details will be handled as an invalid report.
-  - type: textarea
-    id: description
-    attributes:
-      label: Description
-      description: |
-        Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below)
-        If you are using a proxy or a CDN (e.g. Cloudflare) in front of Gitea, please disable the proxy/CDN fully and access Gitea directly to confirm the issue still persists without those services.
-  - type: input
-    id: gitea-ver
-    attributes:
-      label: Gitea Version
-      description: Gitea version (or commit reference) of your instance
-    validations:
-      required: true
-  - type: dropdown
-    id: can-reproduce
-    attributes:
-      label: Can you reproduce the bug on the Gitea demo site?
-      description: |
-        If so, please provide a URL in the Description field
-        URL of Gitea demo: https://demo.gitea.com
-      options:
-        - "Yes"
-        - "No"
-    validations:
-      required: true
-  - type: markdown
-    attributes:
-      value: |
-        It's really important to provide pertinent logs
-        Please read https://docs.gitea.com/administration/logging-config#collecting-logs-for-help
-        In addition, if your problem relates to git commands set `RUN_MODE=dev` at the top of app.ini
-  - type: input
-    id: logs
-    attributes:
-      label: Log Gist
-      description: Please provide a gist URL of your logs, with any sensitive information (e.g. API keys) removed/hidden
-  - type: textarea
-    id: screenshots
-    attributes:
-      label: Screenshots
-      description: If this issue involves the Web Interface, please provide one or more screenshots
-  - type: input
-    id: git-ver
-    attributes:
-      label: Git Version
-      description: The version of git running on the server
-  - type: input
-    id: os-ver
-    attributes:
-      label: Operating System
-      description: The operating system you are using to run Gitea
-  - type: textarea
-    id: run-info
-    attributes:
-      label: How are you running Gitea?
-      description: |
-        Please include information on whether you built Gitea yourself, used one of our downloads, are using https://demo.gitea.com or are using some other package
-        Please also tell us how you are running Gitea, e.g. if it is being run from docker, a command-line, systemd etc.
-        If you are using a package or systemd tell us what distribution you are using
-    validations:
-      required: true
-  - type: dropdown
-    id: database
-    attributes:
-      label: Database
-      description: What database system are you running?
-      options:
-        - PostgreSQL
-        - MySQL/MariaDB
-        - MSSQL
-        - SQLite

.github/ISSUE_TEMPLATE/config.yml

@@ -1,17 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: Security Concern
-    url: https://tinyurl.com/security-gitea
-    about: For security concerns, please send a mail to security@gitea.io instead of opening a public issue.
-  - name: Discord Server
-    url: https://discord.gg/Gitea
-    about: Please ask questions and discuss configuration or deployment problems here.
-  - name: Discourse Forum
-    url: https://forum.gitea.com
-    about: Questions and configuration or deployment problems can also be discussed on our forum.
-  - name: Frequently Asked Questions
-    url: https://docs.gitea.com/help/faq
-    about: Please check if your question isn't mentioned here.
-  - name: Crowdin Translations
-    url: https://translate.gitea.com
-    about: Translations are managed here.

.github/ISSUE_TEMPLATE/feature-request.yaml

@@ -1,24 +0,0 @@
-name: Feature Request
-description: Got an idea for a feature that Gitea doesn't have currently?  Submit your idea here!
-labels: ["type/proposal"]
-body:
-  - type: markdown
-    attributes:
-      value: |
-        1. Please speak English, this is the language all maintainers can speak and write.
-        2. Please ask questions or configuration/deploy problems on our Discord
-           server (https://discord.gg/gitea) or forum (https://forum.gitea.com).
-        3. Please take a moment to check that your feature hasn't already been suggested.
-  - type: textarea
-    id: description
-    attributes:
-      label: Feature Description
-      placeholder: |
-        I think it would be great if Gitea had...
-    validations:
-      required: true
-  - type: textarea
-    id: screenshots
-    attributes:
-      label: Screenshots
-      description: If you can, provide screenshots of an implementation on another site e.g. GitHub

.github/ISSUE_TEMPLATE/ui.bug-report.yaml

@@ -1,66 +0,0 @@
-name: Web Interface Bug Report
-description: Something doesn't look quite as it should?  Report it here!
-labels: ["type/bug", "topic/ui"]
-body:
-  - type: markdown
-    attributes:
-      value: |
-        NOTE: If your issue is a security concern, please send an email to security@gitea.io instead of opening a public issue.
-  - type: markdown
-    attributes:
-      value: |
-        1. Please speak English, this is the language all maintainers can speak and write.
-        2. Please ask questions or configuration/deploy problems on our Discord
-           server (https://discord.gg/gitea) or forum (https://forum.gitea.com).
-        3. Please take a moment to check that your issue doesn't already exist.
-        4. Make sure it's not mentioned in the FAQ (https://docs.gitea.com/help/faq)
-        5. Please give all relevant information below for bug reports, because
-           incomplete details will be handled as an invalid report.
-        6. In particular it's really important to provide pertinent logs. If you are certain that this is a javascript
-           error, show us the javascript console. If the error appears to relate to Gitea the server you must also give us
-           DEBUG level logs. (See https://docs.gitea.com/administration/logging-config#collecting-logs-for-help)
-  - type: textarea
-    id: description
-    attributes:
-      label: Description
-      description: |
-        Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below)
-        If using a proxy or a CDN (e.g. CloudFlare) in front of gitea, please disable the proxy/CDN fully and connect to gitea directly to confirm the issue still persists without those services.
-  - type: textarea
-    id: screenshots
-    attributes:
-      label: Screenshots
-      description: Please provide at least 1 screenshot showing the issue.
-    validations:
-      required: true
-  - type: input
-    id: gitea-ver
-    attributes:
-      label: Gitea Version
-      description: Gitea version (or commit reference) your instance is running
-    validations:
-      required: true
-  - type: dropdown
-    id: can-reproduce
-    attributes:
-      label: Can you reproduce the bug on the Gitea demo site?
-      description: |
-        If so, please provide a URL in the Description field
-        URL of Gitea demo: https://demo.gitea.com
-      options:
-        - "Yes"
-        - "No"
-    validations:
-      required: true
-  - type: input
-    id: os-ver
-    attributes:
-      label: Operating System
-      description: The operating system you are using to access Gitea
-  - type: input
-    id: browser-ver
-    attributes:
-      label: Browser Version
-      description: The browser and version that you are using to access Gitea
-    validations:
-      required: true

.github/actionlint.yaml

@@ -1,7 +0,0 @@
-self-hosted-runner:
-  labels:
-    - actuated-4cpu-8gb
-    - actuated-4cpu-16gb
-    - nscloud
-    - namespace-profile-gitea-release-docker
-    - namespace-profile-gitea-release-binary

.github/labeler.yml

@@ -1,93 +0,0 @@
-modifies/docs:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "**/*.md"
-          - "docs/**"
-
-modifies/templates:
-  - changed-files:
-      - all-globs-to-any-file:
-          - "templates/**"
-          - "!templates/swagger/v1_json.tmpl"
-
-modifies/api:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "routers/api/**"
-          - "templates/swagger/v1_json.tmpl"
-
-modifies/cli:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "cmd/**"
-
-modifies/translation:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "options/locale/*.ini"
-
-modifies/migrations:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "models/migrations/**"
-
-modifies/internal:
-  - changed-files:
-      - any-glob-to-any-file:
-          - ".air.toml"
-          - "Makefile"
-          - "Dockerfile"
-          - "Dockerfile.rootless"
-          - ".dockerignore"
-          - "docker/**"
-          - ".editorconfig"
-          - ".eslintrc.cjs"
-          - ".golangci.yml"
-          - ".gitpod.yml"
-          - ".markdownlint.yaml"
-          - ".spectral.yaml"
-          - "stylelint.config.js"
-          - ".yamllint.yaml"
-          - ".github/**"
-          - ".gitea/**"
-          - ".devcontainer/**"
-          - "build.go"
-          - "build/**"
-          - "contrib/**"
-
-modifies/dependencies:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "package.json"
-          - "pnpm-lock.yaml"
-          - "pyproject.toml"
-          - "uv.lock"
-          - "go.mod"
-          - "go.sum"
-
-modifies/go:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "**/*.go"
-
-modifies/frontend:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "*.js"
-          - "*.ts"
-          - "web_src/**"
-
-docs-update-needed:
-  - changed-files:
-      - any-glob-to-any-file:
-          - "custom/conf/app.example.ini"
-
-topic/code-linting:
-  - changed-files:
-      - any-glob-to-any-file:
-          - ".eslintrc.cjs"
-          - ".golangci.yml"
-          - ".markdownlint.yaml"
-          - ".spectral.yaml"
-          - ".yamllint.yaml"
-          - "stylelint.config.js"

.github/pull_request_template.md

@@ -1,10 +0,0 @@
-<!-- start tips -->
-Please check the following:
-1. Make sure you are targeting the `main` branch, pull requests on release branches are only allowed for backports.
-2. Make sure you have read contributing guidelines: https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md .
-3. For documentations contribution, please go to https://gitea.com/gitea/docs
-4. Describe what your pull request does and which issue you're targeting (if any).
-5. It is recommended to enable "Allow edits by maintainers", so maintainers can help more easily.
-6. Your input here will be included in the commit message when this PR has been merged. If you don't want some content to be included, please separate them with a line like `---`.
-7. Delete all these tips before posting.
-<!-- end tips -->

.github/workflows/cron-licenses.yml

@@ -1,29 +0,0 @@
-name: cron-licenses
-
-on:
-  # schedule:
-  #   - cron: "7 0 * * 1" # every Monday at 00:07 UTC
-  workflow_dispatch:
-
-jobs:
-  cron-licenses:
-    runs-on: ubuntu-latest
-    if: github.repository == 'go-gitea/gitea'
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make generate-gitignore
-        timeout-minutes: 40
-      - name: push translations to repo
-        uses: appleboy/git-push-action@v0.0.3
-        with:
-          author_email: "teabot@gitea.io"
-          author_name: GiteaBot
-          branch: main
-          commit: true
-          commit_message: "[skip ci] Updated licenses and gitignores"
-          remote: "git@github.com:go-gitea/gitea.git"
-          ssh_key: ${{ secrets.DEPLOY_KEY }}

.github/workflows/cron-translations.yml

@@ -1,38 +0,0 @@
-name: cron-translations
-
-on:
-  schedule:
-    - cron: "7 0 * * *" # every day at 00:07 UTC
-  workflow_dispatch:
-
-jobs:
-  crowdin-pull:
-    runs-on: ubuntu-latest
-    if: github.repository == 'go-gitea/gitea'
-    steps:
-      - uses: actions/checkout@v4
-      - uses: crowdin/github-action@v1
-        with:
-          upload_sources: true
-          upload_translations: false
-          download_sources: false
-          download_translations: true
-          push_translations: false
-          push_sources: false
-          create_pull_request: false
-          config: crowdin.yml
-        env:
-          CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
-          CROWDIN_KEY: ${{ secrets.CROWDIN_KEY }}
-      - name: update locales
-        run: ./build/update-locales.sh
-      - name: push translations to repo
-        uses: appleboy/git-push-action@v0.0.3
-        with:
-          author_email: "teabot@gitea.io"
-          author_name: GiteaBot
-          branch: main
-          commit: true
-          commit_message: "[skip ci] Updated translations via Crowdin"
-          remote: "git@github.com:go-gitea/gitea.git"
-          ssh_key: ${{ secrets.DEPLOY_KEY }}

.github/workflows/files-changed.yml

@@ -1,100 +0,0 @@
-name: files-changed
-
-on:
-  workflow_call:
-    outputs:
-      backend:
-        value: ${{ jobs.detect.outputs.backend }}
-      frontend:
-        value: ${{ jobs.detect.outputs.frontend }}
-      docs:
-        value: ${{ jobs.detect.outputs.docs }}
-      actions:
-        value: ${{ jobs.detect.outputs.actions }}
-      templates:
-        value: ${{ jobs.detect.outputs.templates }}
-      docker:
-        value: ${{ jobs.detect.outputs.docker }}
-      swagger:
-        value: ${{ jobs.detect.outputs.swagger }}
-      yaml:
-        value: ${{ jobs.detect.outputs.yaml }}
-
-jobs:
-  detect:
-    runs-on: ubuntu-latest
-    timeout-minutes: 3
-    outputs:
-      backend: ${{ steps.changes.outputs.backend }}
-      frontend: ${{ steps.changes.outputs.frontend }}
-      docs: ${{ steps.changes.outputs.docs }}
-      actions: ${{ steps.changes.outputs.actions }}
-      templates: ${{ steps.changes.outputs.templates }}
-      docker: ${{ steps.changes.outputs.docker }}
-      swagger: ${{ steps.changes.outputs.swagger }}
-      yaml: ${{ steps.changes.outputs.yaml }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: dorny/paths-filter@v3
-        id: changes
-        with:
-          filters: |
-            backend:
-              - "**/*.go"
-              - "templates/**/*.tmpl"
-              - "assets/emoji.json"
-              - "go.mod"
-              - "go.sum"
-              - "Makefile"
-              - ".golangci.yml"
-              - ".editorconfig"
-              - "options/locale/locale_en-US.ini"
-
-            frontend:
-              - "*.js"
-              - "*.ts"
-              - "web_src/**"
-              - "tools/*.js"
-              - "tools/*.ts"
-              - "assets/emoji.json"
-              - "package.json"
-              - "pnpm-lock.yaml"
-              - "Makefile"
-              - ".eslintrc.cjs"
-              - ".npmrc"
-
-            docs:
-              - "**/*.md"
-              - ".markdownlint.yaml"
-              - "package.json"
-              - "pnpm-lock.yaml"
-
-            actions:
-              - ".github/workflows/*"
-              - "Makefile"
-
-            templates:
-              - "tools/lint-templates-*.js"
-              - "templates/**/*.tmpl"
-              - "pyproject.toml"
-              - "uv.lock"
-
-            docker:
-              - "Dockerfile"
-              - "Dockerfile.rootless"
-              - "docker/**"
-              - "Makefile"
-
-            swagger:
-              - "templates/swagger/v1_json.tmpl"
-              - "templates/swagger/v1_input.json"
-              - "Makefile"
-              - "package.json"
-              - "pnpm-lock.yaml"
-              - ".spectral.yaml"
-
-            yaml:
-              - "**/*.yml"
-              - "**/*.yaml"
-              - ".yamllint.yaml"
-              - "pyproject.toml"

.github/workflows/pull-compliance.yml

@@ -1,197 +0,0 @@
-name: compliance
-
-on:
-  pull_request:
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  files-changed:
-    uses: ./.github/workflows/files-changed.yml
-
-  lint-backend:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make deps-backend deps-tools
-      - run: make lint-backend
-        env:
-          TAGS: bindata sqlite sqlite_unlock_notify
-
-  lint-templates:
-    if: needs.files-changed.outputs.templates == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: astral-sh/setup-uv@v6
-      - run: uv python install 3.12
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-py
-      - run: make deps-frontend
-      - run: make lint-templates
-
-  lint-yaml:
-    if: needs.files-changed.outputs.yaml == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: astral-sh/setup-uv@v6
-      - run: uv python install 3.12
-      - run: make deps-py
-      - run: make lint-yaml
-
-  lint-swagger:
-    if: needs.files-changed.outputs.swagger == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend
-      - run: make lint-swagger
-
-  lint-spell:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.templates == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make lint-spell
-
-  lint-go-windows:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make deps-backend deps-tools
-      - run: make lint-go-windows lint-go-gitea-vet
-        env:
-          TAGS: bindata sqlite sqlite_unlock_notify
-          GOOS: windows
-          GOARCH: amd64
-
-  lint-go-gogit:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make deps-backend deps-tools
-      - run: make lint-go
-        env:
-          TAGS: bindata gogit sqlite sqlite_unlock_notify
-
-  checks-backend:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make deps-backend deps-tools
-      - run: make --always-make checks-backend # ensure the "go-licenses" make target runs
-
-  frontend:
-    if: needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend
-      - run: make lint-frontend
-      - run: make checks-frontend
-      - run: make test-frontend
-      - run: make frontend
-
-  backend:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      # no frontend build here as backend should be able to build
-      # even without any frontend files
-      - run: make deps-backend
-      - run: go build -o gitea_no_gcc # test if build succeeds without the sqlite tag
-      - name: build-backend-arm64
-        run: make backend # test cross compile
-        env:
-          GOOS: linux
-          GOARCH: arm64
-          TAGS: bindata gogit
-      - name: build-backend-windows
-        run: go build -o gitea_windows
-        env:
-          GOOS: windows
-          GOARCH: amd64
-          TAGS: bindata gogit
-      - name: build-backend-386
-        run: go build -o gitea_linux_386 # test if compatible with 32 bit
-        env:
-          GOOS: linux
-          GOARCH: 386
-
-  docs:
-    if: needs.files-changed.outputs.docs == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend
-      - run: make lint-md
-
-  actions:
-    if: needs.files-changed.outputs.actions == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make lint-actions

.github/workflows/pull-db-tests.yml

@@ -1,237 +0,0 @@
-name: db-tests
-
-on:
-  pull_request:
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  files-changed:
-    uses: ./.github/workflows/files-changed.yml
-
-  test-pgsql:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    services:
-      pgsql:
-        image: postgres:14
-        env:
-          POSTGRES_DB: test
-          POSTGRES_PASSWORD: postgres
-        ports:
-          - "5432:5432"
-      ldap:
-        image: gitea/test-openldap:latest
-        ports:
-          - "389:389"
-          - "636:636"
-      minio:
-        # as github actions doesn't support "entrypoint", we need to use a non-official image
-        # that has a custom entrypoint set to "minio server /data"
-        image: bitnamilegacy/minio:2023.8.31
-        env:
-          MINIO_ROOT_USER: 123456
-          MINIO_ROOT_PASSWORD: 12345678
-        ports:
-          - "9000:9000"
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - name: Add hosts to /etc/hosts
-        run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 pgsql ldap minio" | sudo tee -a /etc/hosts'
-      - run: make deps-backend
-      - run: make backend
-        env:
-          TAGS: bindata
-      - name: run migration tests
-        run: make test-pgsql-migration
-      - name: run tests
-        run: make test-pgsql
-        timeout-minutes: 50
-        env:
-          TAGS: bindata gogit
-          RACE_ENABLED: true
-          TEST_TAGS: gogit
-          TEST_LDAP: 1
-          USE_REPO_TEST_DIR: 1
-
-  test-sqlite:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - run: make deps-backend
-      - run: make backend
-        env:
-          TAGS: bindata gogit sqlite sqlite_unlock_notify
-      - name: run migration tests
-        run: make test-sqlite-migration
-      - name: run tests
-        run: make test-sqlite
-        timeout-minutes: 50
-        env:
-          TAGS: bindata gogit sqlite sqlite_unlock_notify
-          RACE_ENABLED: true
-          TEST_TAGS: gogit sqlite sqlite_unlock_notify
-          USE_REPO_TEST_DIR: 1
-
-  test-unit:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    services:
-      elasticsearch:
-        image: elasticsearch:7.5.0
-        env:
-          discovery.type: single-node
-        ports:
-          - "9200:9200"
-      meilisearch:
-        image: getmeili/meilisearch:v1
-        env:
-          MEILI_ENV: development # disable auth
-        ports:
-          - "7700:7700"
-      redis:
-        image: redis
-        options: >- # wait until redis has started
-          --health-cmd "redis-cli ping"
-          --health-interval 5s
-          --health-timeout 3s
-          --health-retries 10
-        ports:
-          - 6379:6379
-      minio:
-        image: bitnamilegacy/minio:2021.3.17
-        env:
-          MINIO_ACCESS_KEY: 123456
-          MINIO_SECRET_KEY: 12345678
-        ports:
-          - "9000:9000"
-      devstoreaccount1.azurite.local: # https://github.com/Azure/Azurite/issues/1583
-        image: mcr.microsoft.com/azure-storage/azurite:latest
-        ports:
-          - 10000:10000
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - name: Add hosts to /etc/hosts
-        run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 minio devstoreaccount1.azurite.local mysql elasticsearch meilisearch smtpimap" | sudo tee -a /etc/hosts'
-      - run: make deps-backend
-      - run: make backend
-        env:
-          TAGS: bindata
-      - name: unit-tests
-        run: make unit-test-coverage test-check
-        env:
-          TAGS: bindata
-          RACE_ENABLED: true
-          GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
-      - name: unit-tests-gogit
-        run: make unit-test-coverage test-check
-        env:
-          TAGS: bindata gogit
-          RACE_ENABLED: true
-          GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
-
-  test-mysql:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    services:
-      mysql:
-        # the bitnami mysql image has more options than the official one, it's easier to customize
-        image: bitnamilegacy/mysql:8.0
-        env:
-          ALLOW_EMPTY_PASSWORD: true
-          MYSQL_DATABASE: testgitea
-        ports:
-          - "3306:3306"
-        options: >-
-          --mount type=tmpfs,destination=/bitnami/mysql/data
-      elasticsearch:
-        image: elasticsearch:7.5.0
-        env:
-          discovery.type: single-node
-        ports:
-          - "9200:9200"
-      smtpimap:
-        image: tabascoterrier/docker-imap-devel:latest
-        ports:
-          - "25:25"
-          - "143:143"
-          - "587:587"
-          - "993:993"
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - name: Add hosts to /etc/hosts
-        run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch smtpimap" | sudo tee -a /etc/hosts'
-      - run: make deps-backend
-      - run: make backend
-        env:
-          TAGS: bindata
-      - name: run migration tests
-        run: make test-mysql-migration
-      - name: run tests
-        # run: make integration-test-coverage (at the moment, no coverage is really handled)
-        run: make test-mysql
-        env:
-          TAGS: bindata
-          RACE_ENABLED: true
-          USE_REPO_TEST_DIR: 1
-          TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200"
-
-  test-mssql:
-    if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    services:
-      mssql:
-        image: mcr.microsoft.com/mssql/server:2019-latest
-        env:
-          ACCEPT_EULA: Y
-          MSSQL_PID: Standard
-          SA_PASSWORD: MwantsaSecurePassword1
-        ports:
-          - "1433:1433"
-      devstoreaccount1.azurite.local: # https://github.com/Azure/Azurite/issues/1583
-        image: mcr.microsoft.com/azure-storage/azurite:latest
-        ports:
-          - 10000:10000
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - name: Add hosts to /etc/hosts
-        run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mssql devstoreaccount1.azurite.local" | sudo tee -a /etc/hosts'
-      - run: make deps-backend
-      - run: make backend
-        env:
-          TAGS: bindata
-      - run: make test-mssql-migration
-      - name: run tests
-        run: make test-mssql
-        timeout-minutes: 50
-        env:
-          TAGS: bindata
-          USE_REPO_TEST_DIR: 1

.github/workflows/pull-docker-dryrun.yml

@@ -1,35 +0,0 @@
-name: docker-dryrun
-
-on:
-  pull_request:
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  files-changed:
-    uses: ./.github/workflows/files-changed.yml
-
-  regular:
-    if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/build-push-action@v5
-        with:
-          push: false
-          tags: gitea/gitea:linux-amd64
-
-  rootless:
-    if: needs.files-changed.outputs.docker == 'true' || needs.files-changed.outputs.actions == 'true'
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/build-push-action@v5
-        with:
-          push: false
-          file: Dockerfile.rootless
-          tags: gitea/gitea:linux-amd64

.github/workflows/pull-e2e-tests.yml

@@ -1,35 +0,0 @@
-name: e2e-tests
-
-on:
-  pull_request:
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  files-changed:
-    uses: ./.github/workflows/files-changed.yml
-
-  test-e2e:
-    # the "test-e2e" won't pass, and it seems that there is no useful test, so skip
-    # if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.frontend == 'true' || needs.files-changed.outputs.actions == 'true'
-    if: false
-    needs: files-changed
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend frontend deps-backend
-      - run: pnpm exec playwright install --with-deps
-      - run: make test-e2e-sqlite
-        timeout-minutes: 40
-        env:
-          USE_REPO_TEST_DIR: 1

.github/workflows/pull-labeler.yml

@@ -1,20 +0,0 @@
-name: labeler
-
-on:
-  pull_request_target:
-    types: [opened, synchronize, reopened]
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
-  cancel-in-progress: true
-
-jobs:
-  labeler:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
-    steps:
-      - uses: actions/labeler@v5
-        with:
-          sync-labels: true

.github/workflows/release-nightly.yml

@@ -1,143 +0,0 @@
-name: release-nightly
-
-on:
-  push:
-    branches: [main, release/v*]
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  nightly-binary:
-    runs-on: namespace-profile-gitea-release-binary
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend deps-backend
-      # xgo build
-      - run: make release
-        env:
-          TAGS: bindata sqlite sqlite_unlock_notify
-      - name: import gpg key
-        id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@v6
-        with:
-          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
-          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
-      - name: sign binaries
-        run: |
-          for f in dist/release/*; do
-            echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
-          done
-      # clean branch name to get the folder name in S3
-      - name: Get cleaned branch name
-        id: clean_name
-        run: |
-          REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
-          echo "Cleaned name is ${REF_NAME}"
-          echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
-      - name: configure aws
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ secrets.AWS_REGION }}
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      - name: upload binaries to s3
-        run: |
-          aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
-  nightly-docker-rootful:
-    runs-on: namespace-profile-gitea-release-docker
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - name: Get cleaned branch name
-        id: clean_name
-        run: |
-          REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
-          echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: fetch go modules
-        run: make vendor
-      - name: build rootful docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64,linux/riscv64
-          push: true
-          tags: |-
-            gitea/gitea:${{ steps.clean_name.outputs.branch }}
-            ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}
-  nightly-docker-rootless:
-    runs-on: namespace-profile-gitea-release-docker
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - name: Get cleaned branch name
-        id: clean_name
-        run: |
-          REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\///' -e 's/release\/v//')
-          echo "branch=${REF_NAME}-nightly" >> "$GITHUB_OUTPUT"
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: fetch go modules
-        run: make vendor
-      - name: build rootless docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64
-          push: true
-          file: Dockerfile.rootless
-          tags: |-
-            gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless
-            ghcr.io/go-gitea/gitea:${{ steps.clean_name.outputs.branch }}-rootless

.github/workflows/release-tag-rc.yml

@@ -1,153 +0,0 @@
-name: release-tag-rc
-
-on:
-  push:
-    tags:
-      - "v1*-rc*"
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: false
-
-jobs:
-  binary:
-    runs-on: namespace-profile-gitea-release-binary
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend deps-backend
-      # xgo build
-      - run: make release
-        env:
-          TAGS: bindata sqlite sqlite_unlock_notify
-      - name: import gpg key
-        id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@v6
-        with:
-          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
-          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
-      - name: sign binaries
-        run: |
-          for f in dist/release/*; do
-            echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
-          done
-      # clean branch name to get the folder name in S3
-      - name: Get cleaned branch name
-        id: clean_name
-        run: |
-          REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\/v//' -e 's/release\/v//')
-          echo "Cleaned name is ${REF_NAME}"
-          echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
-      - name: configure aws
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ secrets.AWS_REGION }}
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      - name: upload binaries to s3
-        run: |
-          aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
-      - name: Install GH CLI
-        uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
-        with:
-          gh-cli-version: 2.39.1
-      - name: create github release
-        run: |
-          gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --draft --notes-from-tag dist/release/*
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-  docker-rootful:
-    runs-on: namespace-profile-gitea-release-docker
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |-
-            gitea/gitea
-            ghcr.io/go-gitea/gitea
-          flavor: |
-            latest=false
-          # 1.2.3-rc0
-          tags: |
-            type=semver,pattern={{version}}
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: build rootful docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64,linux/riscv64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-  docker-rootless:
-    runs-on: namespace-profile-gitea-release-docker
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |-
-            gitea/gitea
-            ghcr.io/go-gitea/gitea
-          # each tag below will have the suffix of -rootless
-          flavor: |
-            latest=false
-            suffix=-rootless
-          # 1.2.3-rc0
-          tags: |
-            type=semver,pattern={{version}}
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: build rootless docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64,linux/riscv64
-          push: true
-          file: Dockerfile.rootless
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/release-tag-version.yml

@@ -1,164 +0,0 @@
-name: release-tag-version
-
-on:
-  push:
-    tags:
-      - "v1.*"
-      - "!v1*-rc*"
-      - "!v1*-dev"
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: false
-
-jobs:
-  binary:
-    runs-on: namespace-profile-gitea-release-binary
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: actions/setup-go@v6
-        with:
-          go-version-file: go.mod
-          check-latest: true
-      - uses: pnpm/action-setup@v4
-      - uses: actions/setup-node@v5
-        with:
-          node-version: 24
-      - run: make deps-frontend deps-backend
-      # xgo build
-      - run: make release
-        env:
-          TAGS: bindata sqlite sqlite_unlock_notify
-      - name: import gpg key
-        id: import_gpg
-        uses: crazy-max/ghaction-import-gpg@v6
-        with:
-          gpg_private_key: ${{ secrets.GPGSIGN_KEY }}
-          passphrase: ${{ secrets.GPGSIGN_PASSPHRASE }}
-      - name: sign binaries
-        run: |
-          for f in dist/release/*; do
-            echo '${{ secrets.GPGSIGN_PASSPHRASE }}' | gpg --pinentry-mode loopback --passphrase-fd 0 --batch --yes --detach-sign -u ${{ steps.import_gpg.outputs.fingerprint }} --output "$f.asc" "$f"
-          done
-      # clean branch name to get the folder name in S3
-      - name: Get cleaned branch name
-        id: clean_name
-        run: |
-          REF_NAME=$(echo "${{ github.ref }}" | sed -e 's/refs\/heads\///' -e 's/refs\/tags\/v//' -e 's/release\/v//')
-          echo "Cleaned name is ${REF_NAME}"
-          echo "branch=${REF_NAME}" >> "$GITHUB_OUTPUT"
-      - name: configure aws
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-region: ${{ secrets.AWS_REGION }}
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      - name: upload binaries to s3
-        run: |
-          aws s3 sync dist/release s3://${{ secrets.AWS_S3_BUCKET }}/gitea/${{ steps.clean_name.outputs.branch }} --no-progress
-      - name: Install GH CLI
-        uses: dev-hanz-ops/install-gh-cli-action@v0.1.0
-        with:
-          gh-cli-version: 2.39.1
-      - name: create github release
-        run: |
-          gh release create ${{ github.ref_name }} --title ${{ github.ref_name }} --notes-from-tag dist/release/*
-        env:
-          GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
-  docker-rootful:
-    runs-on: namespace-profile-gitea-release-docker
-    permissions:
-      packages: write # to publish to ghcr.io
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |-
-            gitea/gitea
-            ghcr.io/go-gitea/gitea
-          # this will generate tags in the following format:
-          # latest
-          # 1
-          # 1.2
-          # 1.2.3
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}
-            type=semver,pattern={{major}}.{{minor}}
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: build rootful docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64,linux/riscv64
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-  docker-rootless:
-    runs-on: namespace-profile-gitea-release-docker
-    steps:
-      - uses: actions/checkout@v4
-      # fetch all commits instead of only the last as some branches are long lived and could have many between versions
-      # fetch all tags to ensure that "git describe" reports expected Gitea version, eg. v1.21.0-dev-1-g1234567
-      - run: git fetch --unshallow --quiet --tags --force
-      - uses: docker/setup-qemu-action@v3
-      - uses: docker/setup-buildx-action@v3
-      - uses: docker/metadata-action@v5
-        id: meta
-        with:
-          images: |-
-            gitea/gitea
-            ghcr.io/go-gitea/gitea
-          # each tag below will have the suffix of -rootless
-          flavor: |
-            suffix=-rootless,onlatest=true
-          # this will generate tags in the following format (with -rootless suffix added):
-          # latest
-          # 1
-          # 1.2
-          # 1.2.3
-          tags: |
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}
-            type=semver,pattern={{major}}.{{minor}}
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to GHCR using PAT
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: build rootless docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          platforms: linux/amd64,linux/arm64,linux/riscv64
-          push: true
-          file: Dockerfile.rootless
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}

Dockerfile

@@ -1,5 +1,5 @@
 # Build stage
-FROM docker.io/library/golang:1.25-alpine3.22 AS build-env
+FROM docker.io/library/golang:1.25-alpine3.23 AS build-env
 
 ARG GOPROXY
 ENV GOPROXY=${GOPROXY:-direct}
@@ -41,7 +41,7 @@ RUN chmod 755 /tmp/local/usr/bin/entrypoint \
               /go/src/code.gitea.io/gitea/gitea \
               /go/src/code.gitea.io/gitea/environment-to-ini
 
-FROM docker.io/library/alpine:3.22
+FROM docker.io/library/alpine:3.23
 LABEL maintainer="maintainers@gitea.io"
 
 EXPOSE 22 3000

Dockerfile.rootless

@@ -1,5 +1,5 @@
 # Build stage
-FROM docker.io/library/golang:1.25-alpine3.22 AS build-env
+FROM docker.io/library/golang:1.25-alpine3.23 AS build-env
 
 ARG GOPROXY
 ENV GOPROXY=${GOPROXY:-direct}
@@ -39,7 +39,7 @@ RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \
               /go/src/code.gitea.io/gitea/gitea \
               /go/src/code.gitea.io/gitea/environment-to-ini
 
-FROM docker.io/library/alpine:3.22
+FROM docker.io/library/alpine:3.23
 LABEL maintainer="maintainers@gitea.io"
 
 EXPOSE 2222 3000

MAINTAINERS

@@ -1,3 +1,9 @@
+## Cocoa
+Shin'ya Minazuki <novaburst@kalli.st> (@shinyoukai)
+
+----
+
+## Gitea
 Alexey Makhov <amakhov@avito.ru> (@makhov)
 Bo-Yi Wu <appleboy.tw@gmail.com> (@appleboy)
 Ethan Koenig <ethantkoenig@gmail.com> (@ethantkoenig)

Makefile

@@ -98,7 +98,7 @@ GITHUB_REF_NAME ?= $(shell git rev-parse --abbrev-ref HEAD)
 
 # Enable typescript support in Node.js before 22.18
 # TODO: Remove this once we can raise the minimum Node.js version to 22.18 (alpine >= 3.23)
-NODE_VERSION := $(shell printf "%03d%03d%03d" $(shell node -v 2>/dev/null | cut -c2- | tr '.' ' '))
+NODE_VERSION := $(shell printf "%03d%03d%03d" $(shell node -v 2>/dev/null | cut -c2- | sed 's/-.*//' | tr '.' ' '))
 ifeq ($(shell test "$(NODE_VERSION)" -lt "022018000"; echo $$?),0)
 	NODE_VARS := NODE_OPTIONS="--experimental-strip-types"
 else
@@ -205,16 +205,6 @@ help: Makefile ## print Makefile help information.
 	@printf "  \033[36m%-46s\033[0m %s\n" "test[#TestSpecificName]" "run unit test"
 	@printf "  \033[36m%-46s\033[0m %s\n" "test-sqlite[#TestSpecificName]" "run integration test for sqlite"
 
-.PHONY: go-check
-go-check:
-	$(eval MIN_GO_VERSION_STR := $(shell grep -Eo '^go\s+[0-9]+\.[0-9]+' go.mod | cut -d' ' -f2))
-	$(eval MIN_GO_VERSION := $(shell printf "%03d%03d" $(shell echo '$(MIN_GO_VERSION_STR)' | tr '.' ' ')))
-	$(eval GO_VERSION := $(shell printf "%03d%03d" $(shell $(GO) version | grep -Eo '[0-9]+\.[0-9]+' | tr '.' ' ');))
-	@if [ "$(GO_VERSION)" -lt "$(MIN_GO_VERSION)" ]; then \
-		echo "Gitea requires Go $(MIN_GO_VERSION_STR) or greater to build. You can get it at https://go.dev/dl/"; \
-		exit 1; \
-	fi
-
 .PHONY: git-check
 git-check:
 	@if git lfs >/dev/null 2>&1 ; then : ; else \
@@ -222,20 +212,6 @@ git-check:
 		exit 1; \
 	fi
 
-.PHONY: node-check
-node-check:
-	$(eval MIN_NODE_VERSION_STR := $(shell grep -Eo '"node":.*[0-9.]+"' package.json | sed -n 's/.*[^0-9.]\([0-9.]*\)"/\1/p'))
-	$(eval MIN_NODE_VERSION := $(shell printf "%03d%03d%03d" $(shell echo '$(MIN_NODE_VERSION_STR)' | tr '.' ' ')))
-	$(eval PNPM_MISSING := $(shell hash pnpm > /dev/null 2>&1 || echo 1))
-	@if [ "$(NODE_VERSION)" -lt "$(MIN_NODE_VERSION)" ]; then \
-		echo "Gitea requires Node.js $(MIN_NODE_VERSION_STR) or greater to build. You can get it at https://nodejs.org/en/download/"; \
-		exit 1; \
-	fi
-	@if [ "$(PNPM_MISSING)" = "1" ]; then \
-		echo "Gitea requires pnpm to build. You can install it at https://pnpm.io/installation"; \
-		exit 1; \
-	fi
-
 .PHONY: clean-all
 clean-all: clean ## delete backend, frontend and integration files
 	rm -rf $(WEBPACK_DEST_ENTRIES) node_modules
@@ -427,12 +403,12 @@ watch: ## watch everything and continuously rebuild
 	@bash tools/watch.sh
 
 .PHONY: watch-frontend
-watch-frontend: node-check node_modules ## watch frontend files and continuously rebuild
+watch-frontend: node_modules ## watch frontend files and continuously rebuild
 	@rm -rf $(WEBPACK_DEST_ENTRIES)
 	NODE_ENV=development $(NODE_VARS) pnpm exec webpack --watch --progress --disable-interpret
 
 .PHONY: watch-backend
-watch-backend: go-check ## watch backend files and continuously rebuild
+watch-backend: ## watch backend files and continuously rebuild
 	GITEA_RUN_MODE=dev $(GO) run $(AIR_PACKAGE) -c .air.toml
 
 .PHONY: test
@@ -750,7 +726,7 @@ build: frontend backend ## build everything
 frontend: $(WEBPACK_DEST) ## build frontend files
 
 .PHONY: backend
-backend: go-check generate-backend $(EXECUTABLE) ## build backend files
+backend: generate-backend $(EXECUTABLE) ## build backend files
 
 # We generate the backend before the frontend in case we in future we want to generate things in the frontend from generated files in backend
 .PHONY: generate
@@ -863,7 +839,7 @@ node_modules: pnpm-lock.yaml
 update: update-js update-py ## update js and py dependencies
 
 .PHONY: update-js
-update-js: node-check | node_modules ## update js dependencies
+update-js: node_modules ## update js dependencies
 	$(NODE_VARS) pnpm exec updates -u -f package.json
 	rm -rf node_modules pnpm-lock.yaml
 	$(NODE_VARS) pnpm install
@@ -872,7 +848,7 @@ update-js: node-check | node_modules ## update js dependencies
 	@touch node_modules
 
 .PHONY: update-py
-update-py: node-check | node_modules ## update py dependencies
+update-py: node_modules ## update py dependencies
 	$(NODE_VARS) pnpm exec updates -u -f pyproject.toml
 	rm -rf .venv uv.lock
 	uv sync
@@ -882,14 +858,14 @@ update-py: node-check | node_modules ## update py dependencies
 webpack: $(WEBPACK_DEST) ## build webpack files
 
 $(WEBPACK_DEST): $(WEBPACK_SOURCES) $(WEBPACK_CONFIGS) pnpm-lock.yaml
-	@$(MAKE) -s node-check node_modules
+	@$(MAKE) -s node_modules
 	@rm -rf $(WEBPACK_DEST_ENTRIES)
 	@echo "Running webpack..."
 	@BROWSERSLIST_IGNORE_OLD_DATA=true $(NODE_VARS) pnpm exec webpack --disable-interpret
 	@touch $(WEBPACK_DEST)
 
 .PHONY: svg
-svg: node-check | node_modules ## build svg files
+svg: node_modules ## build svg files
 	rm -rf $(SVG_DEST_DIR)
 	node tools/generate-svg.ts
 

README.md

@@ -2,6 +2,8 @@
 
 # Cocoa (ココア)
 This is a fork of [Gitea](https://gitea.io) used within the scope of [Yakumo Laboratories](https://yakumolabs.privatedns.org).
+ 
+We cherry-pick and backport commits from upstream whenever possible and/or necessary.
 
 ## Building
 You'll need the latest stable version of [Go](https://go.dev) and at least the latest LTS release of [Node.js](https://nodejs.org), as well as GNU Make.

cmd/admin_auth_ldap_test.go

@@ -233,7 +233,7 @@ func TestAddLdapBindDn(t *testing.T) {
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
 				assert.FailNow(t, "getAuthSourceByID called", "case %d: should not call getAuthSourceByID", n)
-				return nil, nil
+				return nil, nil //nolint:nilnil // mock function covering improper behavior
 			},
 		}
 
@@ -463,7 +463,7 @@ func TestAddLdapSimpleAuth(t *testing.T) {
 			},
 			getAuthSourceByID: func(ctx context.Context, id int64) (*auth.Source, error) {
 				assert.FailNow(t, "getAuthSourceById called", "case %d: should not call getAuthSourceByID", n)
-				return nil, nil
+				return nil, nil //nolint:nilnil // mock function covering improper behavior
 			},
 		}
 

contrib/dinit/cocoa

@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: CDDL-1.0
 # vim: ft=confini
-command = /usr/local/bin/gitea web --config /etc/gitea/app.ini
+command = /usr/local/bin/cocoa web --config /etc/cocoa/app.ini
 # If using MariaDB
 # need = mariadb
 # If using PostgreSQL

contrib/init/centos/cocoa

@@ -1,21 +1,21 @@
 #!/bin/sh
 #
-#       /etc/rc.d/init.d/gitea
+#       /etc/rc.d/init.d/cocoa
 #
-#       Runs the Gitea Git with a cup of tea.
+#       Runs the Cocoa Git with a glass of hot mocha.
 #
 #
 # chkconfig:   - 85 15
 #
 
 ### BEGIN INIT INFO
-# Provides:          gitea
+# Provides:          cocoa
 # Required-Start:    $remote_fs $syslog
 # Required-Stop:     $remote_fs $syslog
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
-# Short-Description: Start gitea at boot time.
-# Description:       Control gitea.
+# Short-Description: Start cocoa at boot time.
+# Description:       Control cocoa.
 ### END INIT INFO
 
 # Source function library.
@@ -23,17 +23,17 @@
 
 # Default values
 
-NAME=gitea
+NAME=cocoa
 GITEA_HOME=/var/lib/${NAME}
 GITEA_PATH=/usr/local/bin/${NAME}
 GITEA_USER=git
-SERVICENAME="Gitea - Git with a cup of tea"
-LOCKFILE=/var/lock/subsys/gitea
+SERVICENAME="Cocoa - Git with a glass of hot mocha"
+LOCKFILE=/var/lock/subsys/cocoa
 LOGPATH=${GITEA_HOME}/log
-LOGFILE=${LOGPATH}/gitea.log
+LOGFILE=${LOGPATH}/cocoa.log
 RETVAL=0
 
-# Read configuration from /etc/sysconfig/gitea to override defaults
+# Read configuration from /etc/sysconfig/cocoa to override defaults
 [ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME
 
 # Don't do anything if nothing is installed

contrib/init/debian/cocoa

@@ -1,6 +1,6 @@
 #!/bin/sh
 ### BEGIN INIT INFO
-# Provides:          gitea
+# Provides:          cocoa
 # Required-Start:    $syslog $network
 # Required-Stop:     $syslog
 # Default-Start:     2 3 4 5
@@ -15,8 +15,8 @@
 
 # PATH should only include /usr/* if it runs after the mountnfs.sh script
 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
-DESC="Gitea - Git with a cup of tea"
-NAME=gitea
+DESC="Cocoa - Git with a glass of hot mocha"
+NAME=cocoa
 SERVICEVERBOSE=yes
 PIDFILE=/run/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME
@@ -25,7 +25,7 @@ DAEMON=/usr/local/bin/$NAME
 DAEMON_ARGS="web -c /etc/$NAME/app.ini"
 USER=git
 USERBIND=""
-# If you want to bind Gitea to a port below 1024 uncomment
+# If you want to bind Cocoa to a port below 1024 uncomment
 # the line below
 #USERBIND="setcap cap_net_bind_service=+ep"
 STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/1/KILL/5}"

contrib/init/freebsd/cocoa

@@ -0,0 +1,48 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+# PROVIDE: cocoa
+# REQUIRE: NETWORKING SYSLOG
+# KEYWORD: shutdown
+#
+# Add the following lines to /etc/rc.conf to enable cocoa:
+#
+#cocoa_enable="YES"
+
+. /etc/rc.subr
+
+name="cocoa"
+rcvar="cocoa_enable"
+
+load_rc_config $name
+
+: ${cocoa_user:="git"}
+: ${cocoa_enable:="NO"}
+: ${cocoa_directory:="/var/lib/cocoa"}
+
+command="/usr/local/bin/cocoa web -c /etc/cocoa/app.ini"
+procname="$(echo $command |cut -d' ' -f1)"
+
+pidfile="${cocoa_directory}/${name}.pid"
+
+start_cmd="${name}_start"
+stop_cmd="${name}_stop"
+
+cocoa_start() {
+	cd ${cocoa_directory}
+	export USER=${cocoa_user}
+	export HOME=/usr/home/${cocoa_user}
+	export GITEA_WORK_DIR=${cocoa_directory}
+	/usr/sbin/daemon -f -u ${cocoa_user} -p ${pidfile} $command
+}
+
+cocoa_stop() {
+	if [ ! -f $pidfile ]; then
+		echo "COCOA PID File not found. Maybe COCOA is not running?"
+	else
+		kill $(cat $pidfile)
+	fi
+}
+
+run_rc_command "$1"

contrib/init/freebsd/gitea

@@ -1,48 +0,0 @@
-#!/bin/sh
-#
-# $FreeBSD$
-#
-# PROVIDE: gitea
-# REQUIRE: NETWORKING SYSLOG
-# KEYWORD: shutdown
-#
-# Add the following lines to /etc/rc.conf to enable gitea:
-#
-#gitea_enable="YES"
-
-. /etc/rc.subr
-
-name="gitea"
-rcvar="gitea_enable"
-
-load_rc_config $name
-
-: ${gitea_user:="git"}
-: ${gitea_enable:="NO"}
-: ${gitea_directory:="/var/lib/gitea"}
-
-command="/usr/local/bin/gitea web -c /etc/gitea/app.ini"
-procname="$(echo $command |cut -d' ' -f1)"
-
-pidfile="${gitea_directory}/${name}.pid"
-
-start_cmd="${name}_start"
-stop_cmd="${name}_stop"
-
-gitea_start() {
-	cd ${gitea_directory}
-	export USER=${gitea_user}
-	export HOME=/usr/home/${gitea_user}
-	export GITEA_WORK_DIR=${gitea_directory}
-	/usr/sbin/daemon -f -u ${gitea_user} -p ${pidfile} $command
-}
-
-gitea_stop() {
-	if [ ! -f $pidfile ]; then
-		echo "GITEA PID File not found. Maybe GITEA is not running?"
-	else
-		kill $(cat $pidfile)
-	fi
-}
-
-run_rc_command "$1"

contrib/init/openbsd/cocoa

@@ -0,0 +1,19 @@
+#!/bin/sh
+#
+# $OpenBSD$
+
+daemon="/usr/local/bin/cocoa"
+daemon_user="git"
+daemon_flags="web -c /etc/cocoa/app.ini"
+
+cocoa_directory="/var/lib/cocoa"
+
+rc_bg=YES
+
+. /etc/rc.d/rc.subr
+
+rc_start() {
+	${rcexec} "cd ${cocoa_directory}; ${daemon} ${daemon_flags} ${_bg}"
+}
+
+rc_cmd $1

contrib/init/openbsd/gitea

@@ -1,19 +0,0 @@
-#!/bin/sh
-#
-# $OpenBSD$
-
-daemon="/usr/local/bin/gitea"
-daemon_user="git"
-daemon_flags="web -c /etc/gitea/app.ini"
-
-gitea_directory="/var/lib/gitea"
-
-rc_bg=YES
-
-. /etc/rc.d/rc.subr
-
-rc_start() {
-	${rcexec} "cd ${gitea_directory}; ${daemon} ${daemon_flags} ${_bg}"
-}
-
-rc_cmd $1

contrib/init/openwrt/cocoa

@@ -7,12 +7,12 @@ USE_PROCD=1
 START=90
 STOP=10
 
-PROG=/opt/gitea/gitea
-GITEA_WORK_DIR=/opt/gitea
+PROG=/opt/cocoa/cocoa
+GITEA_WORK_DIR=/opt/cocoa
 CONF_FILE=$GITEA_WORK_DIR/app.ini
 
 start_service(){
-    procd_open_instance gitea
+    procd_open_instance cocoa
     procd_set_param env GITEA_WORK_DIR=$GITEA_WORK_DIR
     procd_set_param env HOME=$GITEA_WORK_DIR
     procd_set_param command $PROG web -c $CONF_FILE

contrib/init/sunos/cocoa.xml

@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
 <service_bundle type="manifest" name="export">
-	<service name="gitea" type="service" version="1">
+	<service name="cocoa" type="service" version="1">
 		<create_default_instance enabled="false"/>
 
 		<dependency name="network" grouping="require_all" restart_on="refresh" type="service">
@@ -15,14 +15,14 @@
 		<exec_method
 		    type="method"
 		    name="start"
-		    exec="/opt/local/bin/gitea web"
+		    exec="/opt/local/bin/cocoa web"
 		    timeout_seconds="60">
 		  <method_context>
 		    <method_credential user="git" group="git" />
 		    <method_environment>
-		      <envvar name='GITEA_WORK_DIR' value='/opt/local/share/gitea'/>
-		      <envvar name='GITEA_CUSTOM' value='/opt/local/etc/gitea'/>
-		      <envvar name='HOME' value='/var/db/gitea'/>
+		      <envvar name='GITEA_WORK_DIR' value='/opt/local/share/cocoa'/>
+		      <envvar name='GITEA_CUSTOM' value='/opt/local/etc/cocoa'/>
+		      <envvar name='HOME' value='/var/db/cocoa'/>
 		      <envvar name='PATH' value='/opt/local/bin:${PATH}'/>
 		      <envvar name='USER' value='git'/>
 		    </method_environment>
@@ -38,7 +38,7 @@
 
 		<template>
 			<common_name>
-			  <loctext xml:lang="C">A painless, self-hosted Git service</loctext>
+			  <loctext xml:lang="C">Git with a glass of hot mocha</loctext>
 			</common_name>
 		</template>
 

contrib/init/ubuntu/gitea

@@ -1,6 +1,6 @@
 #!/bin/sh
 ### BEGIN INIT INFO
-# Provides:          gitea
+# Provides:          cocoa
 # Required-Start:    $syslog $network
 # Required-Stop:     $syslog
 # Default-Start:     2 3 4 5
@@ -13,8 +13,8 @@
 
 # PATH should only include /usr/* if it runs after the mountnfs.sh script
 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin
-DESC="Gitea - Git with a cup of tea"
-NAME=gitea
+DESC="Cocoa - Git with a glass of hot mocha"
+NAME=cocoa
 SERVICEVERBOSE=yes
 PIDFILE=/run/$NAME.pid
 SCRIPTNAME=/etc/init.d/$NAME

contrib/launchd/moe.laidback.cocoa-project.web.plist

@@ -3,8 +3,8 @@
 <plist version="1.0">
 	<dict>
 		<key>Label</key>
-		<string>io.gitea.web</string>
-		<!-- assumes Gitea is running under 'git' account -->
+		<string>moe.laidback.cocoa-project.web</string>
+		<!-- assumes Cocoa is running under 'git' account -->
 		<!-- modify below to reflect your settings -->
 		<key>UserName</key>
 		<string>git</string>
@@ -12,24 +12,24 @@
 		<string>git</string>
 		<key>ProgramArguments</key>
 		<array>
-			<!-- assumes Gitea is installed in /Users/git/gitea -->
+			<!-- assumes Cocoa is installed in /Users/git/cocoa -->
 			<!-- modify below to reflect your settings -->
-			<string>/Users/git/gitea/gitea</string>
+			<string>/Users/git/cocoa/cocoa</string>
 			<string>web</string>
 		</array>
 		<key>RunAtLoad</key>
 		<true/>
 		<key>KeepAlive</key>
 		<true/>
-		<!-- assumes Gitea is installed in /Users/git/gitea -->
+		<!-- assumes Cocoa is installed in /Users/git/cocoa -->
 		<!-- modify below to reflect your settings -->
 		<key>WorkingDirectory</key>
-		<string>/Users/git/gitea/</string>
+		<string>/Users/git/cocoa/</string>
 		<key>StandardOutPath</key>
-		<string>/Users/git/gitea/log/stdout.log</string>
+		<string>/Users/git/cocoa/log/stdout.log</string>
 		<key>StandardErrorPath</key>
-		<string>/Users/git/gitea/log/stderr.log</string>
-		<!-- default 256 is too low for Gitea needs using parallel pipes -->
+		<string>/Users/git/cocoa/log/stderr.log</string>
+		<!-- default 256 is too low for Cocoa needs using parallel pipes -->
 		<key>SoftResourceLimits</key>
 		<dict>
 			<key>NumberOfFiles</key>

contrib/supervisor/cocoa

@@ -0,0 +1,16 @@
+[program:cocoa]
+directory=/home/git/go/src/git.laidback.moe/cocoa-devel/cocoa/
+command=/home/git/go/src/git.laidback.moe/cocoa-devel/cocoa/cocoa web
+autostart=true
+autorestart=true
+startsecs=10
+stdout_logfile=/var/log/cocoa/stdout.log
+stdout_logfile_maxbytes=1MB
+stdout_logfile_backups=10
+stdout_capture_maxbytes=1MB
+stderr_logfile=/var/log/cocoa/stderr.log
+stderr_logfile_maxbytes=1MB
+stderr_logfile_backups=10
+stderr_capture_maxbytes=1MB
+user = git
+environment = HOME="/home/git", USER="git"

contrib/supervisor/gitea

@@ -1,16 +0,0 @@
-[program:gitea]
-directory=/home/git/go/src/github.com/go-gitea/gitea/
-command=/home/git/go/src/github.com/go-gitea/gitea/gitea web
-autostart=true
-autorestart=true
-startsecs=10
-stdout_logfile=/var/log/gitea/stdout.log
-stdout_logfile_maxbytes=1MB
-stdout_logfile_backups=10
-stdout_capture_maxbytes=1MB
-stderr_logfile=/var/log/gitea/stderr.log
-stderr_logfile_maxbytes=1MB
-stderr_logfile_backups=10
-stderr_capture_maxbytes=1MB
-user = git
-environment = HOME="/home/git", USER="git"

contrib/systemd/cocoa.service

@@ -1,5 +1,5 @@
 [Unit]
-Description=Gitea (Git with a cup of tea)
+Description=Cocoa (all-in-one software development service)
 After=network.target
 ###
 # Don't forget to add the database service dependencies
@@ -24,21 +24,21 @@ After=network.target
 # If using socket activation for main http/s
 ###
 #
-#After=gitea.main.socket
-#Requires=gitea.main.socket
+#After=cocoa.main.socket
+#Requires=cocoa.main.socket
 #
 ###
-# (You can also provide gitea an http fallback and/or ssh socket too)
+# (You can also provide cocoa an http fallback and/or ssh socket too)
 #
-# An example of /etc/systemd/system/gitea.main.socket
+# An example of /etc/systemd/system/cocoa.main.socket
 ###
 ##
 ## [Unit]
-## Description=Gitea Web Socket
-## PartOf=gitea.service
+## Description=Cocoa Web Socket
+## PartOf=cocoa.service
 ##
 ## [Socket]
-## Service=gitea.service
+## Service=cocoa.service
 ## ListenStream=<some_port>
 ## NoDelay=true
 ##
@@ -54,28 +54,28 @@ RestartSec=2s
 Type=simple
 User=git
 Group=git
-WorkingDirectory=/var/lib/gitea/
-# If using Unix socket: tells systemd to create the /run/gitea folder, which will contain the gitea.sock file
-# (manually creating /run/gitea doesn't work, because it would not persist across reboots)
-#RuntimeDirectory=gitea
-ExecStart=/usr/local/bin/gitea web --config /etc/gitea/app.ini
+WorkingDirectory=/var/lib/cocoa/
+# If using Unix socket: tells systemd to create the /run/cocoa folder, which will contain the cocoa.sock file
+# (manually creating /run/cocoa doesn't work, because it would not persist across reboots)
+#RuntimeDirectory=cocoa
+ExecStart=/usr/local/bin/cocoa web --config /etc/cocoa/app.ini
 Restart=always
-Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/gitea
+Environment=USER=git HOME=/home/git GITEA_WORK_DIR=/var/lib/cocoa
 # If you install Git to directory prefix other than default PATH (which happens
 # for example if you install other versions of Git side-to-side with
 # distribution version), uncomment below line and add that prefix to PATH
 # Don't forget to place git-lfs binary on the PATH below if you want to enable
 # Git LFS support
 #Environment=PATH=/path/to/git/bin:/bin:/sbin:/usr/bin:/usr/sbin
-# If you want to bind Gitea to a port below 1024, uncomment
-# the two values below, or use socket activation to pass Gitea its ports as above
+# If you want to bind Cocoa to a port below 1024, uncomment
+# the two values below, or use socket activation to pass Cocoa its ports as above
 ###
 #CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 #AmbientCapabilities=CAP_NET_BIND_SERVICE
 ###
 # In some cases, when using CapabilityBoundingSet and AmbientCapabilities option, you may want to
-# set the following value to false to allow capabilities to be applied on gitea process. The following
-# value if set to true sandboxes gitea service and prevent any processes from running with privileges
+# set the following value to false to allow capabilities to be applied on cocoa process. The following
+# value if set to true sandboxes cocoa service and prevent any processes from running with privileges
 # in the host user namespace.
 ###
 #PrivateUsers=false

modules/lfs/shared.go

@@ -66,6 +66,21 @@ type Link struct {
 	ExpiresAt *time.Time        `json:"expires_at,omitempty"`
 }
 
+func NewLink(href string) *Link {
+	return &Link{Href: href}
+}
+
+func (l *Link) WithHeader(k, v string) *Link {
+	if v == "" {
+		return l
+	}
+	if l.Header == nil {
+		l.Header = make(map[string]string)
+	}
+	l.Header[k] = v
+	return l
+}
+
 // ObjectError defines the JSON structure returned to the client in case of an error.
 type ObjectError struct {
 	Code    int    `json:"code"`

modules/setting/session.go

@@ -10,6 +10,7 @@ import (
 
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // SessionConfig defines Session settings
@@ -49,10 +50,8 @@ func loadSessionFrom(rootCfg ConfigProvider) {
 		checkOverlappedPath("[session].PROVIDER_CONFIG", SessionConfig.ProviderConfig)
 	}
 	SessionConfig.CookieName = sec.Key("COOKIE_NAME").MustString("i_like_gitea")
-	SessionConfig.CookiePath = AppSubURL
-	if SessionConfig.CookiePath == "" {
-		SessionConfig.CookiePath = "/"
-	}
+	// HINT: INSTALL-PAGE-COOKIE-INIT: the cookie system is not properly initialized on the Install page, so there is no CookiePath
+	SessionConfig.CookiePath = util.IfZero(AppSubURL, "/")
 	SessionConfig.Secure = sec.Key("COOKIE_SECURE").MustBool(strings.HasPrefix(strings.ToLower(AppURL), "https://"))
 	SessionConfig.Gclifetime = sec.Key("GC_INTERVAL_TIME").MustInt64(86400)
 	SessionConfig.Maxlifetime = sec.Key("SESSION_LIFE_TIME").MustInt64(86400)

modules/svg/svg.go

@@ -58,6 +58,9 @@ func MockIcon(icon string) func() {
 
 // RenderHTML renders icons - arguments icon name (string), size (int), class (string)
 func RenderHTML(icon string, others ...any) template.HTML {
+	if icon == "" {
+		return ""
+	}
 	size, class := gitea_html.ParseSizeAndClass(defaultSize, "", others...)
 	if svgStr, ok := svgIcons[icon]; ok {
 		// the code is somewhat hacky, but it just works, because the SVG contents are all normalized

modules/templates/helper.go

@@ -12,7 +12,6 @@ import (
 	"strings"
 	"time"
 
-	user_model "code.gitea.io/gitea/models/user"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/htmlutil"
 	"code.gitea.io/gitea/modules/markup"
@@ -21,7 +20,6 @@ import (
 	"code.gitea.io/gitea/modules/templates/eval"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/services/gitdiff"
-	"code.gitea.io/gitea/services/webtheme"
 )
 
 // NewFuncMap returns functions for injecting to templates
@@ -130,7 +128,6 @@ func NewFuncMap() template.FuncMap {
 		"DisableWebhooks": func() bool {
 			return setting.DisableWebhooks
 		},
-		"UserThemeName": userThemeName,
 		"NotificationSettings": func() map[string]any {
 			return map[string]any{
 				"MinTimeout":            int(setting.UI.Notification.MinTimeout / time.Millisecond),
@@ -217,16 +214,6 @@ func evalTokens(tokens ...any) (any, error) {
 	return n.Value, err
 }
 
-func userThemeName(user *user_model.User) string {
-	if user == nil || user.Theme == "" {
-		return setting.UI.DefaultTheme
-	}
-	if webtheme.IsThemeAvailable(user.Theme) {
-		return user.Theme
-	}
-	return setting.UI.DefaultTheme
-}
-
 func isQueryParamEmpty(v any) bool {
 	return v == nil || v == false || v == 0 || v == int64(0) || v == ""
 }

modules/templates/util_render.go

@@ -23,8 +23,10 @@ import (
 	"code.gitea.io/gitea/modules/markup/markdown"
 	"code.gitea.io/gitea/modules/reqctx"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/svg"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/services/webtheme"
 )
 
 type RenderUtils struct {
@@ -259,3 +261,18 @@ func (ut *RenderUtils) RenderLabels(labels []*issues_model.Label, repoLink strin
 	htmlCode += "</span>"
 	return template.HTML(htmlCode)
 }
+
+func (ut *RenderUtils) RenderThemeItem(info *webtheme.ThemeMetaInfo, iconSize int) template.HTML {
+	svgName := "octicon-paintbrush"
+	switch info.ColorScheme {
+	case "dark":
+		svgName = "octicon-moon"
+	case "light":
+		svgName = "octicon-sun"
+	case "auto":
+		svgName = "gitea-eclipse"
+	}
+	icon := svg.RenderHTML(svgName, iconSize)
+	extraIcon := svg.RenderHTML(info.GetExtraIconName(), iconSize)
+	return htmlutil.HTMLFormat(`<div class="theme-menu-item" data-tooltip-content="%s">%s %s %s</div>`, info.GetDescription(), icon, info.DisplayName, extraIcon)
+}

modules/web/middleware/cookie.go

@@ -11,6 +11,7 @@ import (
 
 	"code.gitea.io/gitea/modules/session"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/util"
 )
 
 // SetRedirectToCookie convenience function to set the RedirectTo cookie consistently
@@ -39,11 +40,13 @@ func SetSiteCookie(resp http.ResponseWriter, name, value string, maxAge int) {
 	// These are more specific than cookies without a trailing /, so
 	// we need to delete these if they exist.
 	deleteLegacySiteCookie(resp, name)
+
+	// HINT: INSTALL-PAGE-COOKIE-INIT: the cookie system is not properly initialized on the Install page, so there is no CookiePath
 	cookie := &http.Cookie{
 		Name:     name,
 		Value:    url.QueryEscape(value),
 		MaxAge:   maxAge,
-		Path:     setting.SessionConfig.CookiePath,
+		Path:     util.IfZero(setting.SessionConfig.CookiePath, "/"),
 		Domain:   setting.SessionConfig.Domain,
 		Secure:   setting.SessionConfig.Secure,
 		HttpOnly: true,

options/license/BSD-4-Clause

@@ -0,0 +1,33 @@
+
+Copyright (c) <copyright year> <copyright holder>.  All rights reserved.
+ 
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+ 
+3. All advertising materials mentioning features or use of this
+   software must display the following acknowledgement: This
+   product includes software developed by the <copyright holder> and its contributors.
+ 
+4. Neither the name of the <copyright holder> nor the names of its contributors
+    may be used to endorse or promote products derived from this software
+    without specific prior written permission.
+ 
+THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.

options/license/Beerware

@@ -0,0 +1,5 @@
+"THE BEER-WARE LICENSE" (Revision 42):
+
+<copyright holders> wrote this file. As long as you retain this notice you
+can do whatever you want with this stuff. If we meet some day, and you think
+this stuff is worth it, you can buy me a beer in return.

options/license/BlueOak-1.0.0

@@ -0,0 +1,55 @@
+# Blue Oak Model License
+
+Version 1.0.0
+
+## Purpose
+
+This license gives everyone as much permission to work with
+this software as possible, while protecting contributors
+from liability.
+
+## Acceptance
+
+In order to receive this license, you must agree to its
+rules.  The rules of this license are both obligations
+under that agreement and conditions to your license.
+You must not do anything with this software that triggers
+a rule that you cannot or will not follow.
+
+## Copyright
+
+Each contributor licenses you to do everything with this
+software that would otherwise infringe that contributor's
+copyright in it.
+
+## Notices
+
+You must ensure that everyone who gets a copy of
+any part of this software from you, with or without
+changes, also gets the text of this license or a link to
+<https://blueoakcouncil.org/license/1.0.0>.
+
+## Excuse
+
+If anyone notifies you in writing that you have not
+complied with [Notices](#notices), you can keep your
+license by taking all practical steps to comply within 30
+days after the notice.  If you do not do so, your license
+ends immediately.
+
+## Patent
+
+Each contributor licenses you to do everything with this
+software that would otherwise infringe any patent claims
+they can license or become able to license.
+
+## Reliability
+
+No contributor can revoke this license.
+
+## No Liability
+
+***As far as the law allows, this software comes as is,
+without any warranty or condition, and no contributor
+will be liable to anyone for any damages related to this
+software or this license, under any kind of legal claim.***

options/license/CDDL-1.0

@@ -0,0 +1,366 @@
+
+
+COMMON DEVELOPMENT AND DISTRIBUTION LICENSE Version 1.0
+
+1. Definitions.
+
+    1.1. "Contributor" means each individual or entity that creates
+         or contributes to the creation of Modifications.
+
+    1.2. "Contributor Version" means the combination of the Original
+         Software, prior Modifications used by a Contributor (if any),
+         and the Modifications made by that particular Contributor.
+
+    1.3. "Covered Software" means (a) the Original Software, or (b)
+         Modifications, or (c) the combination of files containing
+         Original Software with files containing Modifications, in
+         each case including portions thereof.
+
+    1.4. "Executable" means the Covered Software in any form other
+         than Source Code.
+
+    1.5. "Initial Developer" means the individual or entity that first
+         makes Original Software available under this License.
+
+    1.6. "Larger Work" means a work which combines Covered Software or
+         portions thereof with code not governed by the terms of this
+         License.
+
+    1.7. "License" means this document.
+
+    1.8. "Licensable" means having the right to grant, to the maximum
+         extent possible, whether at the time of the initial grant or
+         subsequently acquired, any and all of the rights conveyed
+         herein.
+
+    1.9. "Modifications" means the Source Code and Executable form of
+         any of the following:
+
+        A. Any file that results from an addition to, deletion from or
+           modification of the contents of a file containing Original
+           Software or previous Modifications;
+
+        B. Any new file that contains any part of the Original
+           Software or previous Modifications; or
+
+        C. Any new file that is contributed or otherwise made
+           available under the terms of this License.
+
+    1.10. "Original Software" means the Source Code and Executable
+          form of computer software code that is originally released
+          under this License.
+
+    1.11. "Patent Claims" means any patent claim(s), now owned or
+          hereafter acquired, including without limitation, method,
+          process, and apparatus claims, in any patent Licensable by
+          grantor.
+
+    1.12. "Source Code" means (a) the common form of computer software
+          code in which modifications are made and (b) associated
+          documentation included in or with such code.
+
+    1.13. "You" (or "Your") means an individual or a legal entity
+          exercising rights under, and complying with all of the terms
+          of, this License.  For legal entities, "You" includes any
+          entity which controls, is controlled by, or is under common
+          control with You.  For purposes of this definition,
+          "control" means (a) the power, direct or indirect, to cause
+          the direction or management of such entity, whether by
+          contract or otherwise, or (b) ownership of more than fifty
+          percent (50%) of the outstanding shares or beneficial
+          ownership of such entity.
+
+2. License Grants.
+
+    2.1. The Initial Developer Grant.
+
+    Conditioned upon Your compliance with Section 3.1 below and
+    subject to third party intellectual property claims, the Initial
+    Developer hereby grants You a world-wide, royalty-free,
+    non-exclusive license:
+
+        (a) under intellectual property rights (other than patent or
+            trademark) Licensable by Initial Developer, to use,
+            reproduce, modify, display, perform, sublicense and
+            distribute the Original Software (or portions thereof),
+            with or without Modifications, and/or as part of a Larger
+            Work; and
+
+        (b) under Patent Claims infringed by the making, using or
+            selling of Original Software, to make, have made, use,
+            practice, sell, and offer for sale, and/or otherwise
+            dispose of the Original Software (or portions thereof).
+
+        (c) The licenses granted in Sections 2.1(a) and (b) are
+            effective on the date Initial Developer first distributes
+            or otherwise makes the Original Software available to a
+            third party under the terms of this License.
+
+        (d) Notwithstanding Section 2.1(b) above, no patent license is
+            granted: (1) for code that You delete from the Original
+            Software, or (2) for infringements caused by: (i) the
+            modification of the Original Software, or (ii) the
+            combination of the Original Software with other software
+            or devices.
+
+    2.2. Contributor Grant.
+
+    Conditioned upon Your compliance with Section 3.1 below and
+    subject to third party intellectual property claims, each
+    Contributor hereby grants You a world-wide, royalty-free,
+    non-exclusive license:
+
+        (a) under intellectual property rights (other than patent or
+            trademark) Licensable by Contributor to use, reproduce,
+            modify, display, perform, sublicense and distribute the
+            Modifications created by such Contributor (or portions
+            thereof), either on an unmodified basis, with other
+            Modifications, as Covered Software and/or as part of a
+            Larger Work; and
+
+        (b) under Patent Claims infringed by the making, using, or
+            selling of Modifications made by that Contributor either
+            alone and/or in combination with its Contributor Version
+            (or portions of such combination), to make, use, sell,
+            offer for sale, have made, and/or otherwise dispose of:
+            (1) Modifications made by that Contributor (or portions
+            thereof); and (2) the combination of Modifications made by
+            that Contributor with its Contributor Version (or portions
+            of such combination).
+
+        (c) The licenses granted in Sections 2.2(a) and 2.2(b) are
+            effective on the date Contributor first distributes or
+            otherwise makes the Modifications available to a third
+            party.
+
+        (d) Notwithstanding Section 2.2(b) above, no patent license is
+            granted: (1) for any code that Contributor has deleted
+            from the Contributor Version; (2) for infringements caused
+            by: (i) third party modifications of Contributor Version,
+            or (ii) the combination of Modifications made by that
+            Contributor with other software (except as part of the
+            Contributor Version) or other devices; or (3) under Patent
+            Claims infringed by Covered Software in the absence of
+            Modifications made by that Contributor.
+
+3. Distribution Obligations.
+
+    3.1. Availability of Source Code.
+
+    Any Covered Software that You distribute or otherwise make
+    available in Executable form must also be made available in Source
+    Code form and that Source Code form must be distributed only under
+    the terms of this License.  You must include a copy of this
+    License with every copy of the Source Code form of the Covered
+    Software You distribute or otherwise make available.  You must
+    inform recipients of any such Covered Software in Executable form
+    as to how they can obtain such Covered Software in Source Code
+    form in a reasonable manner on or through a medium customarily
+    used for software exchange.
+
+    3.2. Modifications.
+
+    The Modifications that You create or to which You contribute are
+    governed by the terms of this License.  You represent that You
+    believe Your Modifications are Your original creation(s) and/or
+    You have sufficient rights to grant the rights conveyed by this
+    License.
+
+    3.3. Required Notices.
+
+    You must include a notice in each of Your Modifications that
+    identifies You as the Contributor of the Modification.  You may
+    not remove or alter any copyright, patent or trademark notices
+    contained within the Covered Software, or any notices of licensing
+    or any descriptive text giving attribution to any Contributor or
+    the Initial Developer.
+
+    3.4. Application of Additional Terms.
+
+    You may not offer or impose any terms on any Covered Software in
+    Source Code form that alters or restricts the applicable version
+    of this License or the recipients' rights hereunder.  You may
+    choose to offer, and to charge a fee for, warranty, support,
+    indemnity or liability obligations to one or more recipients of
+    Covered Software.  However, you may do so only on Your own behalf,
+    and not on behalf of the Initial Developer or any Contributor.
+    You must make it absolutely clear that any such warranty, support,
+    indemnity or liability obligation is offered by You alone, and You
+    hereby agree to indemnify the Initial Developer and every
+    Contributor for any liability incurred by the Initial Developer or
+    such Contributor as a result of warranty, support, indemnity or
+    liability terms You offer.
+
+    3.5. Distribution of Executable Versions.
+
+    You may distribute the Executable form of the Covered Software
+    under the terms of this License or under the terms of a license of
+    Your choice, which may contain terms different from this License,
+    provided that You are in compliance with the terms of this License
+    and that the license for the Executable form does not attempt to
+    limit or alter the recipient's rights in the Source Code form from
+    the rights set forth in this License.  If You distribute the
+    Covered Software in Executable form under a different license, You
+    must make it absolutely clear that any terms which differ from
+    this License are offered by You alone, not by the Initial
+    Developer or Contributor.  You hereby agree to indemnify the
+    Initial Developer and every Contributor for any liability incurred
+    by the Initial Developer or such Contributor as a result of any
+    such terms You offer.
+
+    3.6. Larger Works.
+
+    You may create a Larger Work by combining Covered Software with
+    other code not governed by the terms of this License and
+    distribute the Larger Work as a single product.  In such a case,
+    You must make sure the requirements of this License are fulfilled
+    for the Covered Software.
+
+4. Versions of the License.
+
+    4.1. New Versions.
+
+    Sun Microsystems, Inc. is the initial license steward and may
+    publish revised and/or new versions of this License from time to
+    time.  Each version will be given a distinguishing version number.
+    Except as provided in Section 4.3, no one other than the license
+    steward has the right to modify this License.
+
+    4.2. Effect of New Versions.
+
+    You may always continue to use, distribute or otherwise make the
+    Covered Software available under the terms of the version of the
+    License under which You originally received the Covered Software.
+    If the Initial Developer includes a notice in the Original
+    Software prohibiting it from being distributed or otherwise made
+    available under any subsequent version of the License, You must
+    distribute and make the Covered Software available under the terms
+    of the version of the License under which You originally received
+    the Covered Software.  Otherwise, You may also choose to use,
+    distribute or otherwise make the Covered Software available under
+    the terms of any subsequent version of the License published by
+    the license steward.
+
+    4.3. Modified Versions.
+
+    When You are an Initial Developer and You want to create a new
+    license for Your Original Software, You may create and use a
+    modified version of this License if You: (a) rename the license
+    and remove any references to the name of the license steward
+    (except to note that the license differs from this License); and
+    (b) otherwise make it clear that the license contains terms which
+    differ from this License.
+
+5. DISCLAIMER OF WARRANTY.
+
+    COVERED SOFTWARE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS"
+    BASIS, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
+    INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED
+    SOFTWARE IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR
+    PURPOSE OR NON-INFRINGING.  THE ENTIRE RISK AS TO THE QUALITY AND
+    PERFORMANCE OF THE COVERED SOFTWARE IS WITH YOU.  SHOULD ANY
+    COVERED SOFTWARE PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE
+    INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR) ASSUME THE COST OF ANY
+    NECESSARY SERVICING, REPAIR OR CORRECTION.  THIS DISCLAIMER OF
+    WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE.  NO USE OF
+    ANY COVERED SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS
+    DISCLAIMER.
+
+6. TERMINATION.
+
+    6.1. This License and the rights granted hereunder will terminate
+    automatically if You fail to comply with terms herein and fail to
+    cure such breach within 30 days of becoming aware of the breach.
+    Provisions which, by their nature, must remain in effect beyond
+    the termination of this License shall survive.
+
+    6.2. If You assert a patent infringement claim (excluding
+    declaratory judgment actions) against Initial Developer or a
+    Contributor (the Initial Developer or Contributor against whom You
+    assert such claim is referred to as "Participant") alleging that
+    the Participant Software (meaning the Contributor Version where
+    the Participant is a Contributor or the Original Software where
+    the Participant is the Initial Developer) directly or indirectly
+    infringes any patent, then any and all rights granted directly or
+    indirectly to You by such Participant, the Initial Developer (if
+    the Initial Developer is not the Participant) and all Contributors
+    under Sections 2.1 and/or 2.2 of this License shall, upon 60 days
+    notice from Participant terminate prospectively and automatically
+    at the expiration of such 60 day notice period, unless if within
+    such 60 day period You withdraw Your claim with respect to the
+    Participant Software against such Participant either unilaterally
+    or pursuant to a written agreement with Participant.
+
+    6.3. In the event of termination under Sections 6.1 or 6.2 above,
+    all end user licenses that have been validly granted by You or any
+    distributor hereunder prior to termination (excluding licenses
+    granted to You by any distributor) shall survive termination.
+
+7. LIMITATION OF LIABILITY.
+
+    UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT
+    (INCLUDING NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE
+    INITIAL DEVELOPER, ANY OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF
+    COVERED SOFTWARE, OR ANY SUPPLIER OF ANY OF SUCH PARTIES, BE
+    LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR
+    CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT
+    LIMITATION, DAMAGES FOR LOST PROFITS, LOSS OF GOODWILL, WORK
+    STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR ANY AND ALL OTHER
+    COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL HAVE BEEN
+    INFORMED OF THE POSSIBILITY OF SUCH DAMAGES.  THIS LIMITATION OF
+    LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL
+    INJURY RESULTING FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT
+    APPLICABLE LAW PROHIBITS SUCH LIMITATION.  SOME JURISDICTIONS DO
+    NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR
+    CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT
+    APPLY TO YOU.
+
+8. U.S. GOVERNMENT END USERS.
+
+    The Covered Software is a "commercial item," as that term is
+    defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of "commercial
+    computer software" (as that term is defined at 48
+    C.F.R. 252.227-7014(a)(1)) and "commercial computer software
+    documentation" as such terms are used in 48 C.F.R. 12.212
+    (Sept. 1995).  Consistent with 48 C.F.R. 12.212 and 48
+    C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all
+    U.S. Government End Users acquire Covered Software with only those
+    rights set forth herein.  This U.S. Government Rights clause is in
+    lieu of, and supersedes, any other FAR, DFAR, or other clause or
+    provision that addresses Government rights in computer software
+    under this License.
+
+9. MISCELLANEOUS.
+
+    This License represents the complete agreement concerning subject
+    matter hereof.  If any provision of this License is held to be
+    unenforceable, such provision shall be reformed only to the extent
+    necessary to make it enforceable.  This License shall be governed
+    by the law of the jurisdiction specified in a notice contained
+    within the Original Software (except to the extent applicable law,
+    if any, provides otherwise), excluding such jurisdiction's
+    conflict-of-law provisions.  Any litigation relating to this
+    License shall be subject to the jurisdiction of the courts located
+    in the jurisdiction and venue specified in a notice contained
+    within the Original Software, with the losing party responsible
+    for costs, including, without limitation, court costs and
+    reasonable attorneys' fees and expenses.  The application of the
+    United Nations Convention on Contracts for the International Sale
+    of Goods is expressly excluded.  Any law or regulation which
+    provides that the language of a contract shall be construed
+    against the drafter shall not apply to this License.  You agree
+    that You alone are responsible for compliance with the United
+    States export administration regulations (and the export control
+    laws and regulation of any other countries) when You use,
+    distribute or otherwise make available any Covered Software.
+
+10. RESPONSIBILITY FOR CLAIMS.
+
+    As between Initial Developer and the Contributors, each party is
+    responsible for claims and damages arising, directly or
+    indirectly, out of its utilization of rights under this License
+    and You agree to work with Initial Developer and Contributors to
+    distribute such responsibility on an equitable basis.  Nothing
+    herein is intended or shall be deemed to constitute any admission
+    of liability.
+

options/license/GLWTPL

@@ -0,0 +1,25 @@
+               GLWT(Good Luck With That) Public License
+                 Copyright (c) Everyone, except Author
+
+Everyone is permitted to copy, distribute, modify, merge, sell, publish,
+sublicense or whatever they want with this software but at their OWN RISK.
+
+                            Preamble
+
+The author has absolutely no clue what the code in this project does.
+It might just work or not, there is no third option.
+
+
+                GOOD LUCK WITH THAT PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION, AND MODIFICATION
+
+  0. You just DO WHATEVER YOU WANT TO as long as you NEVER LEAVE A
+TRACE TO TRACK THE AUTHOR of the original product to blame for or hold
+responsible.
+
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+
+Good luck and Godspeed.

options/license/Unlicense

@@ -1,10 +1,24 @@
 This is free and unencumbered software released into the public domain.
 
-Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means.
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
 
-In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and
-successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law.
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
 
-For more information, please refer to <http://unlicense.org/>
+For more information, please refer to <https://unlicense.org/>

public/assets/img/svg/gitea-colorblind-redgreen.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 40 40" class="svg gitea-colorblind-redgreen" width="16" height="16" aria-hidden="true"><g clip-path="url(#gitea-colorblind-redgreen__a)"><rect width="40" height="40" fill="#0000" rx="20"/><path fill="#0566d5" d="M34.284 34.284c7.81-7.81 7.81-20.474 0-28.284L6 34.284c7.81 7.81 20.474 7.81 28.284 0"/><path fill="#e7a100" d="M34.283 34.284c7.81-7.81 7.81-20.474 0-28.284L20.14 20.142z"/><circle cx="20" cy="20" r="18" fill="#0000" stroke="#aaa" stroke-width="4"/></g><defs><clipPath id="gitea-colorblind-redgreen__a"><rect width="40" height="40" fill="#0000" rx="20"/></clipPath></defs></svg>

public/assets/img/svg/gitea-eclipse.svg

@@ -0,0 +1 @@
+<svg viewBox="490 490 820 820" class="svg gitea-eclipse" xmlns="http://www.w3.org/2000/svg" width="16" height="16" aria-hidden="true"><path d="M866.7 582.1A321.3 321.3 0 0 0 738.6 623a317.3 317.3 0 0 0-109.1 108.5A418 418 0 0 0 609 772a335.3 335.3 0 0 0-19.6 71.5 205.2 205.2 0 0 0-2.8 45c0 25.8.2 29.3 2.8 45 4.1 25.4 9.9 46.4 19.6 71.5a314.2 314.2 0 0 0 111.6 137.3A306.8 306.8 0 0 0 893 1196a308.6 308.6 0 0 0 303.6-262.5c2.6-15.7 2.8-19.2 2.8-45s-.2-29.3-2.8-45A335.3 335.3 0 0 0 1177 772a314.2 314.2 0 0 0-111.6-137.3A308.3 308.3 0 0 0 918 582c-13-1.1-38.2-1.1-51.3.1M747 663.5l-2.4 16.7c-4 26.4-4.9 41.1-4.3 65.3a323.7 323.7 0 0 0 37.2 145c18.2 36 41.3 66.6 72 95.5a346.4 346.4 0 0 0 208.5 93.1l18 1.6 4.5.5-8.5 8a259.3 259.3 0 0 1-141.5 65.8 281 281 0 0 1-123.9-11.4 267.2 267.2 0 0 1-181.7-269.9c2-27.6 5.7-47.6 13.3-70.7a281.2 281.2 0 0 1 46.4-85c8-10.1 28-30.2 37.9-38.1 13.8-11.1 24.5-18.3 24.5-16.4"/></svg>

routers/api/v1/admin/runners.go

@@ -14,7 +14,7 @@ import (
 func GetRegistrationToken(ctx *context.APIContext) {
 	// swagger:operation GET /admin/runners/registration-token admin adminGetRunnerRegistrationToken
 	// ---
-	// summary: Get an global actions runner registration token
+	// summary: Get a global actions runner registration token
 	// produces:
 	// - application/json
 	// parameters:
@@ -29,7 +29,7 @@ func GetRegistrationToken(ctx *context.APIContext) {
 func CreateRegistrationToken(ctx *context.APIContext) {
 	// swagger:operation POST /admin/actions/runners/registration-token admin adminCreateRunnerRegistrationToken
 	// ---
-	// summary: Get an global actions runner registration token
+	// summary: Get a global actions runner registration token
 	// produces:
 	// - application/json
 	// parameters:
@@ -57,11 +57,11 @@ func ListRunners(ctx *context.APIContext) {
 	shared.ListRunners(ctx, 0, 0)
 }
 
-// GetRunner get an global runner
+// GetRunner get a global runner
 func GetRunner(ctx *context.APIContext) {
 	// swagger:operation GET /admin/actions/runners/{runner_id} admin getAdminRunner
 	// ---
-	// summary: Get an global runner
+	// summary: Get a global runner
 	// produces:
 	// - application/json
 	// parameters:
@@ -80,11 +80,11 @@ func GetRunner(ctx *context.APIContext) {
 	shared.GetRunner(ctx, 0, 0, ctx.PathParamInt64("runner_id"))
 }
 
-// DeleteRunner delete an global runner
+// DeleteRunner delete a global runner
 func DeleteRunner(ctx *context.APIContext) {
 	// swagger:operation DELETE /admin/actions/runners/{runner_id} admin deleteAdminRunner
 	// ---
-	// summary: Delete an global runner
+	// summary: Delete a global runner
 	// produces:
 	// - application/json
 	// parameters:

routers/common/errpage.go

@@ -35,7 +35,7 @@ func RenderPanicErrorPage(w http.ResponseWriter, req *http.Request, err any) {
 	httpcache.SetCacheControlInHeader(w.Header(), &httpcache.CacheControlOptions{NoTransform: true})
 	w.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
 
-	tmplCtx := context.TemplateContext{}
+	tmplCtx := context.NewTemplateContext(req.Context(), req)
 	tmplCtx["Locale"] = middleware.Locale(w, req)
 	ctxData := middleware.GetContextData(req.Context())
 

routers/common/qos.go

@@ -133,7 +133,7 @@ func renderServiceUnavailable(w http.ResponseWriter, req *http.Request) {
 		return
 	}
 
-	tmplCtx := giteacontext.TemplateContext{}
+	tmplCtx := giteacontext.NewTemplateContext(req.Context(), req)
 	tmplCtx["Locale"] = middleware.Locale(w, req)
 	ctxData := middleware.GetContextData(req.Context())
 	err := templates.HTMLRenderer().HTML(w, http.StatusServiceUnavailable, tplStatus503, ctxData, tmplCtx)

routers/install/routes.go

@@ -13,6 +13,7 @@ import (
 	"code.gitea.io/gitea/modules/web"
 	"code.gitea.io/gitea/routers/common"
 	"code.gitea.io/gitea/routers/web/healthcheck"
+	"code.gitea.io/gitea/routers/web/misc"
 	"code.gitea.io/gitea/services/forms"
 )
 
@@ -27,7 +28,11 @@ func Routes() *web.Router {
 	r.Get("/", Install) // it must be on the root, because the "install.js" use the window.location to replace the "localhost" AppURL
 	r.Post("/", web.Bind(forms.InstallForm{}), SubmitInstall)
 	r.Get("/post-install", InstallDone)
+
+	r.Get("/-/web-theme/list", misc.WebThemeList)
+	r.Post("/-/web-theme/apply", misc.WebThemeApply)
 	r.Get("/api/healthz", healthcheck.Check)
+
 	r.NotFound(installNotFound)
 
 	base.Mount("", r)

routers/web/misc/webtheme.go

@@ -0,0 +1,42 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package misc
+
+import (
+	"net/http"
+
+	"code.gitea.io/gitea/modules/optional"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/web/middleware"
+	"code.gitea.io/gitea/services/context"
+	user_service "code.gitea.io/gitea/services/user"
+	"code.gitea.io/gitea/services/webtheme"
+)
+
+func WebThemeList(ctx *context.Context) {
+	curWebTheme := ctx.TemplateContext.CurrentWebTheme()
+	renderUtils := templates.NewRenderUtils(ctx)
+	allThemes := webtheme.GetAvailableThemes()
+
+	var results []map[string]any
+	for _, theme := range allThemes {
+		results = append(results, map[string]any{
+			"name":  renderUtils.RenderThemeItem(theme, 14),
+			"value": theme.InternalName,
+			"class": "item js-aria-clickable" + util.Iif(theme.InternalName == curWebTheme.InternalName, " selected", ""),
+		})
+	}
+	ctx.JSON(http.StatusOK, map[string]any{"results": results})
+}
+
+func WebThemeApply(ctx *context.Context) {
+	themeName := ctx.FormString("theme")
+	if ctx.Doer != nil {
+		opts := &user_service.UpdateOptions{Theme: optional.Some(themeName)}
+		_ = user_service.UpdateUser(ctx, ctx.Doer, opts)
+	} else {
+		middleware.SetSiteCookie(ctx.Resp, "gitea_theme", themeName, 0)
+	}
+}

routers/web/user/setting/profile.go

@@ -369,7 +369,7 @@ func UpdateUIThemePost(ctx *context.Context) {
 		return
 	}
 
-	if !webtheme.IsThemeAvailable(form.Theme) {
+	if webtheme.GetThemeMetaInfo(form.Theme) == nil {
 		ctx.Flash.Error(ctx.Tr("settings.theme_update_error"))
 		ctx.Redirect(setting.AppSubURL + "/user/settings/appearance")
 		return

routers/web/web.go

@@ -488,6 +488,9 @@ func registerWebRoutes(m *web.Router) {
 
 	m.Post("/-/markup", reqSignIn, web.Bind(structs.MarkupOption{}), misc.Markup)
 
+	m.Get("/-/web-theme/list", misc.WebThemeList)
+	m.Post("/-/web-theme/apply", optSignInIgnoreCsrf, misc.WebThemeApply)
+
 	m.Group("/explore", func() {
 		m.Get("", func(ctx *context.Context) {
 			ctx.Redirect(setting.AppSubURL + "/explore/repos")

services/context/context.go

@@ -103,7 +103,7 @@ func GetValidateContext(req *http.Request) (ctx *ValidateContext) {
 }
 
 func NewTemplateContextForWeb(ctx *Context) TemplateContext {
-	tmplCtx := NewTemplateContext(ctx)
+	tmplCtx := NewTemplateContext(ctx, ctx.Req)
 	tmplCtx["Locale"] = ctx.Base.Locale
 	tmplCtx["AvatarUtils"] = templates.NewAvatarUtils(ctx)
 	tmplCtx["RenderUtils"] = templates.NewRenderUtils(ctx)

services/context/context_template.go

@@ -5,13 +5,16 @@ package context
 
 import (
 	"context"
+	"net/http"
 	"time"
+
+	"code.gitea.io/gitea/services/webtheme"
 )
 
 var _ context.Context = TemplateContext(nil)
 
-func NewTemplateContext(ctx context.Context) TemplateContext {
-	return TemplateContext{"_ctx": ctx}
+func NewTemplateContext(ctx context.Context, req *http.Request) TemplateContext {
+	return TemplateContext{"_ctx": ctx, "_req": req}
 }
 
 func (c TemplateContext) parentContext() context.Context {
@@ -33,3 +36,19 @@ func (c TemplateContext) Err() error {
 func (c TemplateContext) Value(key any) any {
 	return c.parentContext().Value(key)
 }
+
+func (c TemplateContext) CurrentWebTheme() *webtheme.ThemeMetaInfo {
+	req := c["_req"].(*http.Request)
+	var themeName string
+	if webCtx := GetWebContext(c); webCtx != nil {
+		if webCtx.Doer != nil {
+			themeName = webCtx.Doer.Theme
+		}
+	}
+	if themeName == "" {
+		if cookieTheme, _ := req.Cookie("gitea_theme"); cookieTheme != nil {
+			themeName = cookieTheme.Value
+		}
+	}
+	return webtheme.GuaranteeGetThemeMetaInfo(themeName)
+}

services/lfs/server.go

@@ -11,7 +11,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"maps"
 	"net/http"
 	"net/url"
 	"regexp"
@@ -488,40 +487,32 @@ func buildObjectResponse(rc *requestContext, pointer lfs_module.Pointer, downloa
 		rep.Error = err
 	} else {
 		rep.Actions = make(map[string]*lfs_module.Link)
-
-		header := make(map[string]string)
-
-		if len(rc.Authorization) > 0 {
-			header["Authorization"] = rc.Authorization
-		}
-
 		if download {
 			var link *lfs_module.Link
 			if setting.LFS.Storage.ServeDirect() {
 				// If we have a signed url (S3, object storage), redirect to this directly.
 				u, err := storage.LFS.URL(pointer.RelativePath(), pointer.Oid, rc.Method, nil)
 				if u != nil && err == nil {
-					// Presigned url does not need the Authorization header
-					// https://github.com/go-gitea/gitea/issues/21525
-					delete(header, "Authorization")
-					link = &lfs_module.Link{Href: u.String(), Header: header}
+					link = lfs_module.NewLink(u.String()) // Presigned url does not need the Authorization header
 				}
 			}
 			if link == nil {
-				link = &lfs_module.Link{Href: rc.DownloadLink(pointer), Header: header}
+				link = lfs_module.NewLink(rc.DownloadLink(pointer)).WithHeader("Authorization", rc.Authorization)
 			}
 			rep.Actions["download"] = link
 		}
 		if upload {
-			rep.Actions["upload"] = &lfs_module.Link{Href: rc.UploadLink(pointer), Header: header}
+			// Set Transfer-Encoding header to enable chunked uploads. Required by git-lfs client to do chunked transfer.
+			// See: https://github.com/git-lfs/git-lfs/blob/main/tq/basic_upload.go#L58-59
+			rep.Actions["upload"] = lfs_module.NewLink(rc.UploadLink(pointer)).
+				WithHeader("Authorization", rc.Authorization).
+				WithHeader("Transfer-Encoding", "chunked")
 
-			verifyHeader := make(map[string]string)
-			maps.Copy(verifyHeader, header)
-
-			// This is only needed to workaround https://github.com/git-lfs/git-lfs/issues/3662
-			verifyHeader["Accept"] = lfs_module.AcceptHeader
-
-			rep.Actions["verify"] = &lfs_module.Link{Href: rc.VerifyLink(pointer), Header: verifyHeader}
+			// "Accept" header is the workaround for git-lfs < 2.8.0 (before 2019).
+			// This workaround could be removed in the future: https://github.com/git-lfs/git-lfs/issues/3662
+			rep.Actions["verify"] = lfs_module.NewLink(rc.VerifyLink(pointer)).
+				WithHeader("Authorization", rc.Authorization).
+				WithHeader("Accept", lfs_module.AcceptHeader)
 		}
 	}
 	return rep

services/migrations/onedev.go

@@ -77,19 +77,19 @@ type OneDevDownloader struct {
 }
 
 // NewOneDevDownloader creates a new downloader
-func NewOneDevDownloader(_ context.Context, baseURL *url.URL, username, password, repoPath string) *OneDevDownloader {
+func NewOneDevDownloader(ctx context.Context, baseURL *url.URL, username, password, repoPath string) *OneDevDownloader {
+	httpTransport := NewMigrationHTTPTransport()
 	downloader := &OneDevDownloader{
 		baseURL:  baseURL,
 		repoPath: repoPath,
 		client: &http.Client{
-			Transport: &http.Transport{
-				Proxy: func(req *http.Request) (*url.URL, error) {
-					if len(username) > 0 && len(password) > 0 {
+			Transport: roundTripperFunc(
+				func(req *http.Request) (*http.Response, error) {
+					if username != "" && password != "" {
 						req.SetBasicAuth(username, password)
 					}
-					return nil, nil
-				},
-			},
+					return httpTransport.RoundTrip(req.WithContext(ctx))
+				}),
 		},
 		userMap:      make(map[int64]*onedevUser),
 		milestoneMap: make(map[int64]string),

services/webtheme/webtheme.go

@@ -17,9 +17,9 @@ import (
 )
 
 var (
-	availableThemes             []*ThemeMetaInfo
-	availableThemeInternalNames container.Set[string]
-	themeOnce                   sync.Once
+	availableThemes   []*ThemeMetaInfo
+	availableThemeMap map[string]*ThemeMetaInfo
+	themeOnce         sync.Once
 )
 
 const (
@@ -28,9 +28,25 @@ const (
 )
 
 type ThemeMetaInfo struct {
-	FileName     string
-	InternalName string
-	DisplayName  string
+	FileName       string
+	InternalName   string
+	DisplayName    string
+	ColorblindType string
+	ColorScheme    string
+}
+
+func (info *ThemeMetaInfo) GetDescription() string {
+	if info.ColorblindType == "red-green" {
+		return "Red-green colorblind friendly"
+	}
+	return ""
+}
+
+func (info *ThemeMetaInfo) GetExtraIconName() string {
+	if info.ColorblindType == "red-green" {
+		return "gitea-colorblind-redgreen"
+	}
+	return ""
 }
 
 func parseThemeMetaInfoToMap(cssContent string) map[string]string {
@@ -54,7 +70,7 @@ func parseThemeMetaInfoToMap(cssContent string) map[string]string {
 |('(\\'|[^'])*')
 |([^'";]+)
 )
-\s*;
+\s*;?
 \s*
 )
 `
@@ -102,17 +118,19 @@ func parseThemeMetaInfo(fileName, cssContent string) *ThemeMetaInfo {
 		return themeInfo
 	}
 	themeInfo.DisplayName = m["--theme-display-name"]
+	themeInfo.ColorblindType = m["--theme-colorblind-type"]
+	themeInfo.ColorScheme = m["--theme-color-scheme"]
 	return themeInfo
 }
 
 func initThemes() {
 	availableThemes = nil
 	defer func() {
-		availableThemeInternalNames = container.Set[string]{}
+		availableThemeMap = map[string]*ThemeMetaInfo{}
 		for _, theme := range availableThemes {
-			availableThemeInternalNames.Add(theme.InternalName)
+			availableThemeMap[theme.InternalName] = theme
 		}
-		if !availableThemeInternalNames.Contains(setting.UI.DefaultTheme) {
+		if availableThemeMap[setting.UI.DefaultTheme] == nil {
 			setting.LogStartupProblem(1, log.ERROR, "Default theme %q is not available, please correct the '[ui].DEFAULT_THEME' setting in the config file", setting.UI.DefaultTheme)
 		}
 	}()
@@ -147,6 +165,9 @@ func initThemes() {
 		if availableThemes[i].InternalName == setting.UI.DefaultTheme {
 			return true
 		}
+		if availableThemes[i].ColorblindType != availableThemes[j].ColorblindType {
+			return availableThemes[i].ColorblindType < availableThemes[j].ColorblindType
+		}
 		return availableThemes[i].DisplayName < availableThemes[j].DisplayName
 	})
 	if len(availableThemes) == 0 {
@@ -160,7 +181,21 @@ func GetAvailableThemes() []*ThemeMetaInfo {
 	return availableThemes
 }
 
-func IsThemeAvailable(internalName string) bool {
+func GetThemeMetaInfo(internalName string) *ThemeMetaInfo {
 	themeOnce.Do(initThemes)
-	return availableThemeInternalNames.Contains(internalName)
+	return availableThemeMap[internalName]
+}
+
+// GuaranteeGetThemeMetaInfo guarantees to return a non-nil ThemeMetaInfo,
+// to simplify the caller's logic, especially for templates.
+// There are already enough warnings messages if the default theme is not available.
+func GuaranteeGetThemeMetaInfo(internalName string) *ThemeMetaInfo {
+	info := GetThemeMetaInfo(internalName)
+	if info == nil {
+		info = GetThemeMetaInfo(setting.UI.DefaultTheme)
+	}
+	if info == nil {
+		info = &ThemeMetaInfo{DisplayName: "unavailable", InternalName: "unavailable", FileName: "unavailable"}
+	}
+	return info
 }

services/webtheme/webtheme_test.go

@@ -34,4 +34,10 @@ gitea-theme-meta-info {
 	--k2: real;
 }`)
 	assert.Equal(t, map[string]string{"--k2": "real"}, m)
+
+	// compressed CSS, no trailing semicolon
+	m = parseThemeMetaInfoToMap(`gitea-theme-meta-info{--k1:"v1"}`)
+	assert.Equal(t, map[string]string{"--k1": "v1"}, m)
+	m = parseThemeMetaInfoToMap(`gitea-theme-meta-info{--k1:"v1";--k2:"v2"}`)
+	assert.Equal(t, map[string]string{"--k1": "v1", "--k2": "v2"}, m)
 }

templates/base/footer_content.tmpl

@@ -17,6 +17,10 @@
 		{{end}}
 	</div>
 	<div class="right-links" role="group" aria-label="{{ctx.Locale.Tr "aria.footer.links"}}">
+		<div class="ui dropdown custom" id="footer-theme-selector">
+			<span class="default-text">{{ctx.RenderUtils.RenderThemeItem ctx.CurrentWebTheme 16}}</span>
+			<div class="menu theme-menu"></div>
+		</div>
 		<div class="ui dropdown upward">
 			<span class="flex-text-inline">{{svg "octicon-globe" 14}} {{ctx.Locale.LangName}}</span>
 			<div class="menu language-menu">

templates/base/head.tmpl

@@ -1,5 +1,5 @@
 <!DOCTYPE html>
-<html lang="{{ctx.Locale.Lang}}" data-theme="{{UserThemeName .SignedUser}}">
+<html lang="{{ctx.Locale.Lang}}" data-theme="{{ctx.CurrentWebTheme.InternalName}}">
 <head>
 	<meta name="viewport" content="width=device-width, initial-scale=1">
 	<title>{{if .Title}}{{.Title}} - {{end}}{{.PageTitleCommon}}</title>

templates/base/head_style.tmpl

@@ -1,2 +1,2 @@
 <link rel="stylesheet" href="{{AssetUrlPrefix}}/css/index.css?v={{AssetVersion}}">
-<link rel="stylesheet" href="{{AssetUrlPrefix}}/css/theme-{{UserThemeName .SignedUser | PathEscape}}.css?v={{AssetVersion}}">
+<link rel="stylesheet" href="{{AssetUrlPrefix}}/css/theme-{{ctx.CurrentWebTheme.InternalName | PathEscape}}.css?v={{AssetVersion}}">

templates/status/500.tmpl

@@ -1,12 +1,12 @@
 {{/* This page should only depend the minimal template functions/variables, to avoid triggering new panics.
-* base template functions: AppName, AssetUrlPrefix, AssetVersion, AppSubUrl, UserThemeName
+* base template functions: AppName, AssetUrlPrefix, AssetVersion, AppSubUrl
 * ctx.Locale
 * .Flash
 * .ErrorMsg
 * .SignedUser (optional)
 */}}
 <!DOCTYPE html>
-<html lang="{{ctx.Locale.Lang}}" data-theme="{{UserThemeName .SignedUser}}">
+<html lang="{{ctx.Locale.Lang}}" data-theme="{{ctx.CurrentWebTheme.InternalName}}">
 <head>
 	<meta name="viewport" content="width=device-width, initial-scale=1">
 	<title>Internal Server Error - {{AppName}}</title>

templates/swagger/v1_json.tmpl

@@ -149,7 +149,7 @@
         "tags": [
           "admin"
         ],
-        "summary": "Get an global actions runner registration token",
+        "summary": "Get a global actions runner registration token",
         "operationId": "adminCreateRunnerRegistrationToken",
         "responses": {
           "200": {
@@ -166,7 +166,7 @@
         "tags": [
           "admin"
         ],
-        "summary": "Get an global runner",
+        "summary": "Get a global runner",
         "operationId": "getAdminRunner",
         "parameters": [
           {
@@ -196,7 +196,7 @@
         "tags": [
           "admin"
         ],
-        "summary": "Delete an global runner",
+        "summary": "Delete a global runner",
         "operationId": "deleteAdminRunner",
         "parameters": [
           {
@@ -624,7 +624,7 @@
         "tags": [
           "admin"
         ],
-        "summary": "Get an global actions runner registration token",
+        "summary": "Get a global actions runner registration token",
         "operationId": "adminGetRunnerRegistrationToken",
         "responses": {
           "200": {

templates/user/settings/appearance.tmpl

@@ -15,12 +15,19 @@
 					</a>
 				</div>
 				<div class="field">
-					<label>{{ctx.Locale.Tr "settings.ui"}}</label>
-					<select name="theme" class="ui dropdown">
-						{{range $theme := .AllThemes}}
-						<option value="{{$theme.InternalName}}" {{Iif (eq $.SignedUser.Theme $theme.InternalName) "selected"}}>{{$theme.DisplayName}}</option>
-						{{end}}
-					</select>
+				  <label>{{ctx.Locale.Tr "settings.ui"}}</label>
+				  <input type="hidden" name="theme" value="{{$.SignedUser.Theme}}">
+				  <div class="text"></div> {{svg "octicon-triangle-down" 14 "dropdown icon"}}
+				  <div class="menu flex-items menu">
+					  {{range $theme := .AllThemes }}
+					     {{$extraIconName := $theme.GetExtraIconName}}
+					     <div class="item" data-value="{{$theme.InternalName}}">
+						     {{$theme.DisplayName}} {{svg $extraIconName}}
+						     <div class="description">{{$theme.GetDescription}}</div>
+					     </div>
+					  {{end}}
+				  </div>
+				</div>
 				</div>
 				<div class="field">
 					<button class="ui primary button">{{ctx.Locale.Tr "settings.update_theme"}}</button>

tests/integration/api_repo_lfs_test.go

@@ -316,6 +316,7 @@ func TestAPILFSBatch(t *testing.T) {
 			ul := br.Objects[0].Actions["upload"]
 			assert.NotNil(t, ul)
 			assert.NotEmpty(t, ul.Href)
+			assert.Equal(t, "chunked", ul.Header["Transfer-Encoding"], "git-lfs client needs Transfer-Encoding to do chunked transfer")
 			assert.Contains(t, br.Objects[0].Actions, "verify")
 			vl := br.Objects[0].Actions["verify"]
 			assert.NotNil(t, vl)

web_src/css/home.css

@@ -65,15 +65,34 @@
   flex-wrap: wrap;
   align-items: center;
   justify-content: center;
+  gap: 1em;
 }
 
 .page-footer .right-links > a {
   border-left: 1px solid var(--color-secondary-dark-1);
-  padding-left: 8px;
-  margin-left: 5px;
+  padding-left: 1em;
 }
 
-.page-footer .ui.dropdown .menu.language-menu {
+/* the theme item is also used for the menu's "default text" display */
+.page-footer .ui.dropdown .theme-menu-item {
+  display: flex;
+  align-items: center;
+  gap: 0.5em;
+}
+
+/* Fomantic UI dropdown "remote items by API" can't change parent "item" element,
+so we use "theme-menu-item" in the "item" and add tooltip to the inner one.
+Then the inner one needs to get padding and parent "item" padding needs to be removed */
+.page-footer .menu.theme-menu > .item {
+  padding: 0 !important;
+}
+
+.page-footer .menu.theme-menu > .item > .theme-menu-item {
+  padding: 11px 16px;
+}
+
+.page-footer .ui.dropdown .menu.language-menu,
+.page-footer .ui.dropdown .menu.theme-menu {
   max-height: min(500px, calc(100vh - 60px));
   overflow-y: auto;
   margin-bottom: 10px;

web_src/css/themes/theme-gitea-auto-protanopia-deuteranopia.css

@@ -2,5 +2,7 @@
 @import "./theme-gitea-dark-protanopia-deuteranopia.css" (prefers-color-scheme: dark);
 
 gitea-theme-meta-info {
-  --theme-display-name: "Auto (Red/Green Colorblind-friendly)";
+  --theme-display-name: "Auto";
+  --theme-colorblind-type: "red-green";
+  --theme-color-scheme: "auto";
 }

web_src/css/themes/theme-gitea-auto.css

@@ -3,4 +3,5 @@
 
 gitea-theme-meta-info {
   --theme-display-name: "Auto";
+  --theme-color-scheme: "auto";
 }

web_src/css/themes/theme-gitea-dark-protanopia-deuteranopia.css

@@ -1,7 +1,9 @@
 @import "./theme-gitea-dark.css";
 
 gitea-theme-meta-info {
-  --theme-display-name: "Dark (Red/Green Colorblind-friendly)";
+  --theme-display-name: "Dark";
+  --theme-colorblind-type: "red-green";
+  --theme-color-scheme: "dark";
 }
 
 /* red/green colorblind-friendly colors */

web_src/css/themes/theme-gitea-dark.css

@@ -3,6 +3,7 @@
 
 gitea-theme-meta-info {
   --theme-display-name: "Dark";
+  --theme-color-scheme: "dark";
 }
 
 :root {

web_src/css/themes/theme-gitea-light-protanopia-deuteranopia.css

@@ -1,7 +1,9 @@
 @import "./theme-gitea-light.css";
 
 gitea-theme-meta-info {
-  --theme-display-name: "Light (Red/Green Colorblind-friendly)";
+  --theme-display-name: "Light";
+  --theme-colorblind-type: "red-green";
+  --theme-color-scheme: "light";
 }
 
 /* red/green colorblind-friendly colors */

web_src/css/themes/theme-gitea-light.css

@@ -3,6 +3,7 @@
 
 gitea-theme-meta-info {
   --theme-display-name: "Light";
+  --theme-color-scheme: "light";
 }
 
 :root {

web_src/js/features/common-page.ts

@@ -1,14 +1,14 @@
-import {GET} from '../modules/fetch.ts';
+import {GET, POST} from '../modules/fetch.ts';
 import {showGlobalErrorMessage} from '../bootstrap.ts';
 import {fomanticQuery} from '../modules/fomantic/base.ts';
-import {queryElems} from '../utils/dom.ts';
+import {addDelegatedEventListener, queryElems} from '../utils/dom.ts';
 import {registerGlobalInitFunc, registerGlobalSelectorFunc} from '../modules/observer.ts';
 import {initAvatarUploaderWithCropper} from './comp/Cropper.ts';
 import {initCompSearchRepoBox} from './comp/SearchRepoBox.ts';
 
-const {appUrl} = window.config;
+const {appUrl, appSubUrl} = window.config;
 
-export function initHeadNavbarContentToggle() {
+function initHeadNavbarContentToggle() {
   const navbar = document.querySelector('#navbar');
   const btn = document.querySelector('#navbar-expand-toggle');
   if (!navbar || !btn) return;
@@ -20,7 +20,7 @@ export function initHeadNavbarContentToggle() {
   });
 }
 
-export function initFootLanguageMenu() {
+function initFooterLanguageMenu() {
   document.querySelector('.ui.dropdown .menu.language-menu')?.addEventListener('click', async (e) => {
     const item = (e.target as HTMLElement).closest('.item');
     if (!item) return;
@@ -30,6 +30,27 @@ export function initFootLanguageMenu() {
   });
 }
 
+function initFooterThemeSelector() {
+  const elDropdown = document.querySelector('#footer-theme-selector');
+  if (!elDropdown) return; // some pages don't have footer, for example: 500.tmpl
+  const $dropdown = fomanticQuery(elDropdown);
+  $dropdown.dropdown({
+    direction: 'upward',
+    apiSettings: {url: `${appSubUrl}/-/web-theme/list`, cache: false},
+  });
+  addDelegatedEventListener(elDropdown, 'click', '.menu > .item', async (el) => {
+    const themeName = el.getAttribute('data-value');
+    await POST(`${appSubUrl}/-/web-theme/apply?theme=${encodeURIComponent(themeName)}`);
+    window.location.reload();
+  });
+}
+
+export function initCommmPageComponents() {
+  initHeadNavbarContentToggle();
+  initFooterLanguageMenu();
+  initFooterThemeSelector();
+}
+
 export function initGlobalDropdown() {
   // do not init "custom" dropdowns, "custom" dropdowns are managed by their own code.
   registerGlobalSelectorFunc('.ui.dropdown:not(.custom)', (el) => {

web_src/js/index-domready.ts

@@ -59,7 +59,7 @@ import {initColorPickers} from './features/colorpicker.ts';
 import {initAdminSelfCheck} from './features/admin/selfcheck.ts';
 import {initOAuth2SettingsDisableCheckbox} from './features/oauth2-settings.ts';
 import {initGlobalFetchAction} from './features/common-fetch-action.ts';
-import {initFootLanguageMenu, initGlobalComponent, initGlobalDropdown, initGlobalInput, initHeadNavbarContentToggle} from './features/common-page.ts';
+import {initCommmPageComponents, initGlobalComponent, initGlobalDropdown, initGlobalInput} from './features/common-page.ts';
 import {initGlobalButtonClickOnEnter, initGlobalButtons, initGlobalDeleteButton} from './features/common-button.ts';
 import {initGlobalComboMarkdownEditor, initGlobalEnterQuickSubmit, initGlobalFormDirtyLeaveConfirm} from './features/common-form.ts';
 import {callInitFunctions} from './modules/init.ts';
@@ -92,8 +92,7 @@ const initPerformanceTracer = callInitFunctions([
 
   initInstall,
 
-  initHeadNavbarContentToggle,
-  initFootLanguageMenu,
+  initCommmPageComponents,
 
   initHeatmap,
   initImageDiff,

web_src/svg/gitea-colorblind-redgreen.svg

@@ -0,0 +1,13 @@
+<svg width="40" height="40" viewBox="0 0 40 40" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <g clip-path="url(#clip0)">
+    <rect width="40" height="40" rx="20" fill="#0000"/>
+    <path d="M34.2843 34.2842C42.0948 26.4737 42.0948 13.8104 34.2843 5.9999L6 34.2842C13.8105 42.0947 26.4738 42.0947 34.2843 34.2842Z" fill="#0566D5"/>
+    <path d="M34.2828 34.2842C42.0932 26.4737 42.0932 13.8104 34.2828 5.99995L20.1406 20.1421L34.2828 34.2842Z" fill="#E7A100"/>
+    <circle cx="20" cy="20" r="18" fill="#0000" stroke="#aaa" stroke-width="4"/>
+  </g>
+  <defs>
+    <clipPath id="clip0">
+      <rect width="40" height="40" rx="20" fill="#0000"/>
+    </clipPath>
+  </defs>
+</svg>

web_src/svg/gitea-eclipse.svg

@@ -0,0 +1 @@
+<svg viewBox="490 490 820 820"><path d="M866.7 582.1A321.3 321.3 0 0 0 738.6 623a317.3 317.3 0 0 0-109.1 108.5A418 418 0 0 0 609 772a335.3 335.3 0 0 0-19.6 71.5 205.2 205.2 0 0 0-2.8 45c0 25.8.2 29.3 2.8 45 4.1 25.4 9.9 46.4 19.6 71.5a314.2 314.2 0 0 0 111.6 137.3A306.8 306.8 0 0 0 893 1196a308.6 308.6 0 0 0 303.6-262.5c2.6-15.7 2.8-19.2 2.8-45s-.2-29.3-2.8-45A335.3 335.3 0 0 0 1177 772a314.2 314.2 0 0 0-111.6-137.3A308.3 308.3 0 0 0 918 582c-13-1.1-38.2-1.1-51.3.1zM747 663.5l-2.4 16.7c-4 26.4-4.9 41.1-4.3 65.3a323.7 323.7 0 0 0 37.2 145c18.2 36 41.3 66.6 72 95.5a346.4 346.4 0 0 0 208.5 93.1l18 1.6 4.5.5-8.5 8a259.3 259.3 0 0 1-141.5 65.8 281 281 0 0 1-123.9-11.4 267.2 267.2 0 0 1-181.7-269.9c2-27.6 5.7-47.6 13.3-70.7a281.2 281.2 0 0 1 46.4-85c8-10.1 28-30.2 37.9-38.1 13.8-11.1 24.5-18.3 24.5-16.4z"/></svg>